Manage Requirements in an Agile Environment

  • Buy Link or Shortcode: {j2store}522|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Requirements & Design
  • Parent Category Link: /requirements-and-design

The process of navigating from waterfall to Agile can be incredibly challenging. Even more problematic; how do you operate your requirements management practices once there? There traditionally isn’t a role for a business analyst, the traditional keeper of requirements. It isn’t like switching on a light.

You likely find yourself struggling to deliver high quality solutions and requirements in Agile. This is a challenge for many organizations, regardless of how long they’ve leveraged Agile.

But you aren’t here for assurances. You’re here for answers and help.

Our Advice

Critical Insight

Agile and requirements management are complementary, not competitors.

Impact and Result

Info-Tech’s advice? Why choose? Why have to pick between traditional waterfall and Agile delivery? If Agile without analysis is a recipe for disaster, Agile with analysis is the solution. How can you leverage the Info-Tech approach to align your Agile and requirements management efforts into a powerful combination?

Manage Requirements in an Agile Environment is your guide.

Use the contents and exercises of this blueprint to gain a shared understanding of the two disciplines, to find your balance in your approach, to define your thresholds, and ultimately, to prepare for new ways of working.

Manage Requirements in an Agile Environment Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Manage Requirements in an Agile Environment Blueprint – Agile and Requirements Management are complementary, not competitors

Provides support and guidance for organizations struggling with their requirements management practices in Agile environments.

  • Manage Requirements in an Agile Environment Storyboard

2. Agile Requirements Playbook – A practical playbook for aligning your teams, and articulating the guidelines for managing your requirements in Agile.

The Agile Requirements Playbook becomes THE artifact for your Agile requirements practices. Great for onboarding, reviewing progress, and ensuring a shared understanding of your ways of working.

  • Agile Requirements Playbook

3. Documentation Calculator – A tool for determining the right level of documentation for your organization, and whether you’re spending too much, or even not enough, on Agile Requirements documentation.

The Documentation Calculator can inform your documentation decison making, ensuring you're investing just the right amount of time, money, and effort.

  • Documentation Calculator

4. Agile Requirements Workbook – Supporting tools and templates in advancing your Agile Requirements practice, to be used in conjunction with the Agile Requirements Blueprint, and the Playbook.

This workbook is designed to capture the results of your exercises in the Manage Requirements in an Agile Environment Storyboard. Each worksheet corresponds to an exercise in the storyboard. This is a tool for you, so customize the content and layout to best suit your product. The workbook is also a living artifact that should be updated periodically as the needs of your team and organization change.

  • Agile Requirements Workbook

5. Agile Requirements Assessment – Establishes your current Agile requirements maturity, defines your target maturity, and supports planning to get there.

The Agile Requirements Assessment is a great tool for determining your current capabilities and maturity in Agile and Business Analysis. You can also articulate your target state, which enables the identification of capability gaps, the creation of improvement goals, and a roadmap for maturing your Agile Requirements practice.

  • Agile Requirements Assessment

Infographic

Workshop: Manage Requirements in an Agile Environment

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Framing Agile and Business Analysis

The Purpose

Sets the context for the organization, to ensure a shared understanding of the benefits of both Agile and business analysis/requirements management.

Key Benefits Achieved

Have a shared definition of Agile and business analysis / requirements.

Understand the current state of Agile and business analysis in your organization.

Activities

1.1 Define what Agile and business analysis mean in your organization.

1.2 Agile requirements assessment.

Outputs

Alignment on Agile and business analysis / requirements in your organization.

A current and target state assessment of Agile and business analysis in your organization.

2 Tailoring Your Approach

The Purpose

Confirm you’re going the right way for effective solution delivery.

Key Benefits Achieved

Confirm the appropriate delivery methodology.

Activities

2.1 Confirm your selected methodology.

Outputs

Confidence in your selected project delivery methodology.

3 Defining Your Requirements Thresholds

The Purpose

Provides the guardrails for your Agile requirements practice, to define a high-level process, roles and responsibilities, governance and decision-making, and how to deal with change.

Key Benefits Achieved

Clearly defined interactions between the BA and their partners

Define a plan for management and governance at the project team level

Activities

3.1 Define your agile requirements process.

3.2 Define your agile requirements RACI.

3.3 Define your governance.

3.4 Define your change and backlog refinement plan.

Outputs

Agile requirements process.

Agile requirements RACI.

A governance and documentation plan.

A change and backlog refinement approach.

4 Planning Your Next Steps

The Purpose

Provides the action plan to achieve your target state maturity

Key Benefits Achieved

Recognize and prepare for the new ways of working for communication, stakeholder engagement, within the team, and across the organization.

Establish a roadmap for next steps to mature your Agile requirements practice.

Activities

4.1 Define your stakeholder communication plan.

4.2 Identify your capability gaps.

4.3 Plan your agile requirements roadmap.

Outputs

A stakeholder communication plan.

A list of capability gaps to achieve your desired target state.

A prioritized roadmap to achieve the target state.

5 Agile Requirements Techniques (Optional)

The Purpose

To provide practical guidance on technique usage, which can enable an improved experience with technical elements of the blueprint.

Key Benefits Achieved

An opportunity to learn new tools to support your Agile requirements practice.

Activities

5.1 Managing requirements' traceability.

5.2 Creating and managing user stories.

5.3 Managing your requirements backlog.

5.4 Maintaining a requirements library.

Outputs

Support and advice for leveraging a given tool or technique.

Support and advice for leveraging a given tool or technique.

Support and advice for leveraging a given tool or technique.

Support and advice for leveraging a given tool or technique.

Further reading

Manage Requirements in an Agile Environment

Agile and requirements management are complementary, not competitors

Analyst's Perspective

The temptation when moving to Agile is to deemphasize good requirements practices in favor of perceived speed. If you're not delivering on the needs of the business then you have failed, regardless of how fast you've gone.

Delivery in Agile doesn't mean you stop needing solid business analysis. In fact, it's even more critical, to ensure your products and projects are adding value. With the rise of Agile, the role of the business analyst has been misunderstood.

As a result, we often throw out the analysis with the bathwater, thinking we'll be just fine without analysis, documentation, and deliberate action, as the speed and dexterity of Agile is enough.

Consequently, what we get is wasted time, money, and effort, with solutions that fail to deliver value, or need to be re-worked to get it right.

The best organizations find balance between these two forces, to align, and gain the benefits of both Agile and business analysis, working in tandem to manage requirements that bring solutions that are "just right".

This is a picture of Vincent Mirabelli

Vincent Mirabelli
Principal Research Director, Applications Delivery and Management
Info-Tech Research Group

EXECUTIVE BRIEF

Executive Summary

Your Challenge

The process of navigating from waterfall to Agile can be incredibly challenging. And even more problematic; how do you operate your requirements management practices once there? Since there traditionally isn't a role for a business analyst; the traditional keeper of requirements. it isn't like switching on a light.

You likely find yourself struggling to deliver high quality solutions and requirements in Agile. This is a challenge for many organizations, regardless of how long they've leveraged Agile.

But you aren't here for assurances. You're here for answers and help.

Common Obstacles

many organizations and teams face is that there are so busy doing Agile that they fail to be Agile.

Agile was supposed to be the saving grace of project delivery but is misguided in taking the short-term view of "going quickly" at the expense of important elements, such as team formation and interaction, stakeholder engagement and communication, the timing and sequencing of analysis work, decision-making, documentation, and dealing with change.

The idea that good requirements just happen because you have user stories is wrong. So, requirements remain superficial, as you "can iterate later"…but sometimes later never comes, or doesn't come fast enough.

Organizations need to be very deliberate when aligning their Agile and requirements management practices. The work is the same. How the work is done is what changes.

Info-Tech's Approach

Infotech's advice? Why choose? Why have to pick between traditional waterfall and Agile delivery? If Agile without analysis is a recipe for disaster, Agile with analysis is the solution. And how can you leverage the Info-Tech approach to align your Agile and requirements management efforts into a powerful combination?

Manage Requirements in an Agile Environment is your guide.

Use the contents and exercises of this blueprint to gain a shared understanding of the two disciplines, to find your balance in your approach, to define your thresholds, and ultimately, to prepare for new ways of working.

Info-Tech Insight

Agile and requirements management are complementary, not competitors.

The temptation when moving to Agile is to deemphasize good requirements practices in favor of perceived speed. If you're not delivering on the needs of the business, then you have failed, regardless of how fast you've gone.

Insight summary

Overarching insight

Agile and requirements management are complementary, not competitors.

The temptation when moving to Agile is to deemphasize good requirements practices in favor of perceived speed. If you're not delivering on the needs of the business, then you have failed, regardless of how fast you've gone

Phase 1 insight

  • The purpose of requirements in waterfall is for approval. The purpose in Agile is for knowledge management, as Agile has no memory.
  • When it comes to the Agile manifesto, "over" does not mean "instead of".
  • In Agile, the what of business analysis does doesn't change. What does change is the how and when that work happens.

Phase 2 insight

  • Understand your uncertainties; it's a great way to decide what level of Agile (if any) is needed.
  • Finding your "Goldilocks" zone will take time. Be patient.

Phase 3 insight

  • Right-size your governance, based on team dynamics and project complexity. A good referee knows when to step in, and when to let the game flow.
  • Agile creates a social contract amongst the team, and with their leaders and organization.
  • Documentation needs to be valuable. Do what is acceptable and necessary to move work to future steps. Not documenting also comes with a cost, but one you pay in the future. And that bill will come due, with interest (aka, technical debt, operational inefficiencies, etc.).
  • A lack of acceptable documentation makes it more difficult to have agility. You're constantly revalidating your current state (processes, practices and structure) and re-arguing decisions already made. This slows you down more than maintaining documentation ever would.

Phase 4 insight

  • Making Agile predictable is hard, because people are not predictable; people are prone to chaos.

There have been many challenges with waterfall delivery

It turns out waterfall is not that great at reducing risk and ensuring value delivery after all

  • Lack of flexibility
  • Difficulty in measuring progress
  • Difficulties with scope creep
  • Limited stakeholder involvement
  • Long feedback loops

48%
Had project deadlines more than double

85%
Exceeded their original budget by at least 20%

25%
At least doubled their original budget

This is an image of the waterfall project results

Source: PPM Express.

Agile was meant to address the shortcomings of waterfall

The wait for solutions was too long for our business partners. The idea of investing significant time, money, and resources upfront, building an exhaustive and complete vision of the desired state, and then waiting months or even years to get that solution, became unpalatable for them. And rightfully so. Once we cast a light on the pains, it became difficult to stay with the status quo. Given that organizations evolve at a rapid pace, what was a pain at the beginning of an initiative may not be so even 6 months later.

Agile became the answer.

Since its' first appearance nearly 20 years ago, Agile has become the methodology of choice for a many of organizations. According to the 15th Annual State of Agile report, Agile adoption within software development teams increased from 37% in 2020 to 86% in 2021.

Adopting Agile led to challenges with requirements

Requirements analysis, design maturity, and management are critical for a successful Agile transformation.

"One of the largest sources of failure we have seen on large projects is an immature Agile implementation in the context of poorly defined requirements."
– "Large Scale IT Projects – From Nightmare to Value Creation"

"Requirements maturity is more important to project outcomes than methodology."
– "Business Analysis Benchmark: Full Report"

"Mature Agile practices spend 28% of their time on analysis and design."
– "Quantitative Analysis of Agile Methods Study (2017): Twelve Major Findings"

"There exists a Requirements Premium… organizations using poor practices spent 62% more on similarly sized projects than organizations using the best requirements practices."
– "The Business Case for Agile Business Analysis" - Requirements Engineering Magazine

Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

This is an image of a bar graph comparing the percentage of respondents with high stakeholder satisfaction, to the percentage of respondents with low stakeholder satisfaction for four different categories.  these include: Availability of IT Capacity to Complete Projects; Overall IT Projects; IT Projects Meet Business Needs; Overall IT Satisfaction

N= 324 small organizations from Info-Tech Research Group's CIO Business Vision diagnostic.

Note: High satisfaction was classified as organizations with a score greater or equal to eight and low satisfaction was every organization that scored below eight on the same questions.

Info-Tech's Agile requirements framework

This is an image of Info-Tech's Agile requirements framework.  The three main categories are: Sprint N(-1); Sprint N; Sprint N(+1)

Agile requirements are a balancing act

Collaboration

Many subject matter experts are necessary to create accurate requirements, but their time is limited too.

Communication

Stakeholders should be kept informed throughout the requirements gathering process, but you need to get the right information to the right people.

Documentation

Recording, organizing, and presenting requirements are essential, but excessive documentation will slow time to delivery.

Control

Establishing control points in your requirements gathering process can help confirm, verify, and approve requirements accurately, but stage gates limit delivery.

What changes for the business analyst?

In Agile, the what of business analysis does not change.

What does change is the how and when that work happens.

Business analysts need to focus on six key elements when managing requirements in Agile.

  • Team formation and interaction
  • Stakeholder engagement and communication
  • The timing and sequencing of their work
  • Decision-making
  • Documentation
  • Dealing with change

Where does the business analysis function fit on an Agile team?

Team formation is key, as Agile is a team sport

A business analyst in an Agile team typically interacts with several different roles, including:

  • The product owner,
  • The Sponsor or Executive
  • The development team,
  • Other stakeholders such as customers, end-users, and subject matter experts
  • The Design team,
  • Security,
  • Testing,
  • Deployment.

This is an image the roles who typically interact with a Business Analyst.

How we do our requirements work will change

  • Team formation and interaction
  • Stakeholder engagement and communication
  • The timing and sequencing of their work
  • Decision-making
  • Documentation
  • Dealing with change

As a result, you'll need to focus on;

  • Emphasizing flexibility
  • Enabling continuous delivery
  • Enhancing collaboration and communication
  • Developing a user-centered approach

Get stakeholders on board with Agile requirements

  1. Stakeholder feedback and management support are key components of a successful Agile Requirements.
  2. Stakeholders can see a project's progression and provide critical feedback about its success at critical milestones.
  3. Management helps teams succeed by trusting them to complete projects with business value at top of mind and by removing impediments that are inhibiting their productivity.
  4. Agile will bring a new mindset and significant numbers of people, process, and technology changes that stakeholders and management may not be accustomed to. Working through these issues in requirements management enables a smoother rollout.
  5. Management will play a key role in ensuring long-term Agile requirements success and ultimately rolling it out to the rest of the organization.
  6. The value of leadership involvement has not changed even though responsibilities will. The day-to-day involvement in projects will change but continual feedback will ultimately dictate the success or failure of a project.

Measuring your success

Tracking metrics and measuring your progress

As you implement the actions from this Blueprint, you should see measurable improvements in;

  • Team and stakeholder satisfaction
  • Requirements quality
  • Documentation cost

Without sacrificing time to delivery

Metric Description and motivation
Team satisfaction (%) Expect team satisfaction to increase as a result of clearer role delineation and value contribution.
Stakeholder satisfaction (%) Expect Stakeholder satisfaction to similarly increase, as requirements quality increases, bringing increased value
Requirements rework Measures the quality of requirements from your Agile Projects. Expect that the Requirements Rework will decrease, in terms of volume/frequency.
Cost of documentation Quantifies the cost of documentation, including Elicitation, Analysis, Validation, Presentation, and Management
Time to delivery Balancing Metric. We don't want improvements in other at the expense of time to delivery

Info-Tech's methodology for Agile requirements

1. Framing Agile and Business Analysis

2. Tailoring Your Approach

3. Defining Your Requirements Thresholds

4. Planning Your Next Steps

Phase Activities

1.1 Understand the benefits and limitations of Agile and business analysis

1.2 Align Agile and business analysis within your organization

2.1 Decide the best-fit approach for delivery

2.2 Manage your requirements backlog

3.1 Define project roles and responsibilities

3.2 Define your level of acceptable documentation

3.3 Manage requirements as an asset

3.4 Define your requirements change management plan

4.1 Preparing new ways of working

4.2 Develop a roadmap for next steps

Phase Outcomes

Recognize the benefits and detriments of both Agile and BA.

Understand the current state of Agile and business analysis in your organization.

Confirm the appropriate delivery methodology.

Manage your requirements backlog.

Connect the business need to user story.

Clearly defined interactions between the BA and their partners.

Define a plan for management and governance at the project team level.

Documentation and tactics that are right-sized for the need.

Recognize and prepare for the new ways of working for communication, stakeholder engagement, within the team, and across the organization.

Establish a roadmap for next steps to mature your Agile requirements practice.

Blueprint tools and templates

Key deliverable:

This is a screenshot from the Agile Requirements Playbook

Agile Requirements Playbook

A practical playbook for aligning your teams and articulating the guidelines for managing your requirements in Agile

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

This is a screenshot from the Documentation Calculator

Documentation Calculator

A tool to help you answer the question: What is the right level of Agile requirements documentation for my organization?

This is a screenshot from the Agile Requirements Assessment

Agile Requirements Assessment

Establishes your current maturity level, defines your target state, and supports planning to get there.

This is a screenshot from the Agile Requirements Workbook

Agile Requirements Workbook

Supporting tools and templates in advancing your Agile requirements practice, to be used with the Agile Requirements Blueprint and Playbook.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Day 1 Day 2 Day 3 Day 4 Day 5
1. Framing Agile and Business Analysis / 2. Tailoring Your Approach 3. Defining Your Requirements
Thresholds
3. Defining Your Requirements Thresholds / 4. Planning Your Next Steps (OPTIONAL) Agile Requirements Techniques (a la carte) Next Steps and Wrap-Up (Offsite)

Activities

What does Agile mean in your organization? What do requirements mean in your organization?

Agile Requirements Assessment

Confirm your selected methodology

Define your Agile requirements process

Define your Agile requirements RACI (Optional)

Define your Agile requirements governance

Defining your change management plan

Define your

communication plan

Capability gap list

Planning your Agile requirements roadmap

Managing requirements traceability

Creating and managing user stories

Managing your requirements backlog

Maintaining a requirements library

Develop Agile Requirements Playbook

Complete in-progress deliverables from previous four days.

Set up review time for workshop deliverables and next steps

Outcomes

Shared definition of Agile and business analysis / requirements

Understand the current state of Agile and business analysis in your organization

Agile requirements process

Agile requirements RACI (Optional)

Defined Agile requirements governance and documentation plan

Change and backlog refinement plan

Stakeholder communication plan

Action plan and roadmap for maturing your Agile requirements practice

Practical knowledge and practice about various tactics and techniques in support of your Agile requirements efforts

Completed Agile Requirements Playbook

Guided Implementation

Phase 1 Phase 2 Phase 3 Phase 4

Call #1: Scope objectives, and your specific challenges.

Call #4: Define your approach to project delivery.

Call #6: Define your Agile requirements process.

Call #9: Identify gaps from current to target state maturity.

Call #2: Assess current maturity.

Call #5: Managing your requirements backlog.

Call #7: Define roles and responsibilities.

Call #10: Pprioritize next steps to mature your Agile requirements practice.

Call #3: Identify target-state capabilities.

Call #8: Define your change and backlog refinement approach.

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is 10 calls over the course of 4 to 6 months.

Framing Agile and Business Analysis

Phase 1

Framing Agile and Business Analysis

Phase 1Phase 2Phase 3Phase 4

1.1 Understand the benefits and limitations of Agile and business analysis

1.2 Align Agile and business analysis within your organization

2.1 Confirm the best-fit approach for delivery

2.2 manage your requirements backlog

3.1 Define project roles and responsibilities

3.2 define your level of acceptable documentation

3.3 Manage requirements as an asset

3.4 Define your requirements change management plan

4.1 Preparing new ways of working

4.2 Develop a roadmap for next steps

This phase will walk you through the following activities:

  • EXERCISE: What do Agile and requirements mean in your organization?
  • ASSESSMENT: Agile requirements assessment
  • KEY DELIVERABLE: Agile Requirements Playbook

This phase involves the following participants:

  • Business analyst and project team
  • Stakeholders
  • Sponsor/Executive

Managing Requirements in an Agile Environment

Step 1.1

Understand the benefits and limitations of Agile and business analysis

Activities

1.1.1 Define what Agile and business analysis mean in your organization

This step involves the following participants:

  • Business analyst and project team
  • Sponsor/Executive

Outcomes of this step

  • Recognize the benefits and detriments of both Agile and business analysis

Framing Agile and Business Analysis

There have been many challenges with waterfall delivery

It turns out waterfall is not that great at reducing risk and ensuring value delivery after all

  • Lack of flexibility
  • Difficulty in measuring progress
  • Difficulties with scope creep
  • Limited stakeholder involvement
  • Long feedback loops

48%
Had project deadlines more than double

85%
Exceeded their original budget by at least 20%

25%
At least doubled their original budget

This is an image of the Waterfall Project Results

Source: PPM Express.

Business analysis had a clear home in waterfall

Business analysts had historically been aligned to specific lines of business, in support of their partners in their respective domains. Somewhere along the way, the function was moved to IT. Conceptually this made sense, in that it allowed BAs to provide technical solutions to complex business problems. This had the unintended result of lost domain knowledge, and connection to the business.

It all starts with the business. IT enables business goals. The closer you can get to the business, the better.

Business analysts were the main drivers of helping to define the business requirements, or needs, and then decompose those into solution requirements, to develop the best option to solve those problems, or address those needs. And the case for good analysis was clear. The later a poor requirement was caught, the more expensive it was to fix. And if requirements were poor, there was no way to know until much later in the project lifecycle, when the cost to correct them was exponentially higher, to the tune of 10-100x the initial cost.

This is an image of a graph showing the cost multiplier for Formulating Requirements, Architecture Design, Development, Testing and, Operations

Adapted from PPM Express. "Why Projects Fail: Business Analysis is the Key".

Agile was meant to address the shortcomings of waterfall

The wait for solutions was too long for our business partners. The idea of investing significant time, money, and resources upfront, building an exhaustive and complete vision of the desired state, and then waiting months or even years to get that solution became unpalatable for them. And rightfully so. Once we cast a light on the pains, it became difficult to stand pat in the current state. And besides, organizations evolve at a rapid pace. What was a pain at the beginning of an initiative may not be so even six months later.

Agile became the answer.

Since its first appearance nearly 20 years ago, Agile has become the methodology of choice for a huge swathe of organizations. According to the 15th Annual State of Agile report, Agile adoption within software development teams increased from 37% in 2020 to 86% in 2021.

To say that's significant is an understatement.

The four core values of Agile helped shift focus

According to the Agile manifesto, "We value. . ."

This is an image of what is valued according to the Agile Manifesto.

"…while there is value in the items on the right, we value the items on the left more."

Source: Agilemanifesto, 2001

Agile has made significant inroads in IT and beyond

94% of respondents report using Agile practices in their organization

according to Digital.AI's "The 15th State of Agile Report"

That same report notes a steady expansion of Agile outside of IT, as other areas of the organization seek to benefit from increased agility and responsiveness, including Human Resources, Finance and Marketing.

While it addressed some problems…

This is an image of the Waterfall Project Results, compared to Agile Product Results.

"Agile projects are 37% faster to market than [the] industry average"

(Requirements Engineering Magazine, 2017)

  • Business requirements documents are massive and unreadable
  • Waterfall erects barriers and bottlenecks between the business and the development team
  • It's hard to define the solution at the outset of a project
  • There's a long turnaround between requirements work and solution delivery
  • Locking in requirements dictates an often-inflexible solution. And the costs to make changes tend to add up.

…Implementing Agile led to other challenges

This is an image of a series of thought bubbles, each containing a unique challenge resulting from implementing Agile.

Adopting Agile led to challenges with requirements

Requirements analysis, design maturity, and management are critical for a successful Agile transformation.

"One of the largest sources of failure we have seen on large projects is an immature Agile implementation in the context of poorly defined requirements."
– BCG, 2015

"Requirements maturity is more important to project outcomes than methodology."
– IAG Consulting, 2009.

"Mature Agile practices spend 28% of their time on analysis and design."
– InfoQ, 2017."

"There exists a Requirements Premium… organizations using poor practices spent 62% more on similarly sized projects than organizations using the best requirements practices."
– Requirements Engineering Magazine, 2017

Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

This is an image of a bar graph comparing the percentage of respondents with high stakeholder satisfaction, to the percentage of respondents with low stakeholder satisfaction for four different categories.  these include: Availability of IT Capacity to Complete Projects; Overall IT Projects; IT Projects Meet Business Needs; Overall IT Satisfaction

N= 324 small organizations from Info-Tech Research Group's CIO Business Vision diagnostic.

Note: High satisfaction was classified as organizations with a score greater or equal to eight and low satisfaction was every organization that scored below eight on the same questions.

Agile is being misinterpreted as an opportunity to bypass planning and analysis activities

Agile is a highly effective tool.

This isn't about discarding Agile. It is being used for things completely outside of what was originally intended. When developing products or code, it is in its element. However, outside of that realm, its being used to bypass business analysis activities, which help define the true customer and business need.

Business analysts were forced to adapt and shift focus. Overnight they morphed into product owners, or no longer had a place on the team. Requirements and analysis took a backseat.

The result?

Increased rework, decreased stakeholder satisfaction, and a lot of wasted money and effort.

"Too often, the process of two-week sprints becomes the thing, and the team never gets the time and space to step back and obsess over what is truly needed to delight customers."
Harvard Business Review, 9 April 2021.

Info-Tech Insight

Requirements in Agile are the same, but the purpose of requirements changes.

  • The purpose of requirements in waterfall is for stakeholder approval.
  • The purpose of requirements in Agile is knowledge management; to maintain a record of the current state.

Many have misinterpreted the spirit of Agile and waterfall

The stated principles of waterfall say nothing of how work is to be linear.

This is an image of a comparison between using Agile and Being Prescriptive.This is an image of Royce's 5 principles for success.

Source: Royce, Dr. Winston W., 1970.

For more on Agile methodology, check out Info-Tech's Agile Research Centre

How did the pendulum swing so far?

Shorter cycles of work made requirements management more difficult. But the answer isn't to stop doing it.

Organizations went from engaging business stakeholders up front, and then not until solution delivery, to forcing those partners to give up their resources to the project. From taking years to deliver a massive solution (which may or may not even still fit the need) to delivering in rapid cycles called sprints.

This tug-of-war is costing organizations significant time, money, and effort.

Your approach to requirements management needs to be centered. We can start to make that shift by better aligning our Agile and business analysis practices. Outside of the product space, Agile needs to be combined with other disciplines (Harvard Business Review, 2021) to be effective.

Agility is important. Though it is not a replacement for approach or strategy (RCG Global Services, 2022). In Agile, team constraints are leveraged because of time. There is a failure to develop new capabilities to address the business needs Harvard Business Review, 2021).

Agility needs analysis.

Agile requirements are a balancing act

Collaboration

Many subject matter experts are necessary to create accurate requirements, but their time is limited too.

Communication

Stakeholders should be kept informed throughout the requirements gathering process, but you need to get the right information to the right people.

Documentation

Recording, organizing, and presenting requirements are essential, but excessive documentation will slow time to delivery.

Control

Establishing control points in your requirements gathering process can help confirm, verify, and approve requirements accurately, but stage gates limit delivery.

Start by defining what the terms mean in your organization

We do this because there isn't even agreement by the experts on what the terms "Agile" and "business analysis" mean, so let's establish a definition within the context of your organization.

1.1.1 What do Agile and business analysis mean in your organization?

Estimated time: 30 Minutes

  1. Explore the motivations behind the need for aligning Agile with business analysis. Are there any current challenges related to outputs, outcomes, quality? How can the team and organization align the two more effectively for the purposes of requirements management?
  2. Gather the appropriate stakeholders to discuss their definition of the terms "Agile" and "business analysis" It can be related to their experience, practice, or things they've read or heard.
  3. Brainstorm and document all shared thoughts and perspectives.
  4. Synthesize those thoughts and perspectives into a shared definition of each term, of a sentence or two.
  5. Revisit this definition as needed, and as your Agile requirements efforts evolve.

Input

  • Challenges and experiences/perspectives related to Agile and business requirements

Output

  • A shared definition of Agile and business analysis, to help guide alignment on Agile requirements management

Materials

  • Agile Requirements Workbook

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Build your Agile Requirements Playbook

Keep the outcomes of this blueprint in a single document

Share at the beginning of a new project, as part of team member onboarding, and revisit as your practice matures.

This is a series of three screenshots from the Agile Requirements Playbook.

Your Agile Requirements Playbook will include

  • Your shared definition of Agile and business analysis for your organization
  • The Agile Requirements Maturity Assessment
  • A Methodology Selection Matrix
  • Agile requirements RACI
  • A defined Agile requirements process
  • Documentation Calculator
  • Your Requirements Repository Information
  • Capability Gap List (from current to target state)
  • Target State Improvement Roadmap and Action Plan

Step 1.2

Align Agile and Business Analysis Within Your Organization

Activities

1.2.1 Assess your Agile requirements maturity

This step involves the following participants:

  • Business Analyst and Project Team
  • Stakeholders
  • Sponsor/Executive

Outcomes of this step

  • Complete the Agile Requirements Maturity Assessment to establish your current and target states

Framing Agile and Business Analysis

Consider the question: "Why Agile?"

What is the driving force behind that decision?

There are many reasons to leverage the power of Agile within your organization, and specifically as part of your requirements management efforts. And it shouldn't just be to improve productivity. That's only one aspect.
Begin by asking, "Why Agile?" Are you looking to improve:

  • Time to market
  • Team engagement
  • Product quality
  • Customer satisfaction
  • Stakeholder engagement
  • Employee satisfaction
  • Consistency in delivery of value
  • Predictably of your releases

Or a combination of the above?

Info-Tech Insight

Project delivery methodologies aren't either/or. You don't have to be 100% waterfall or 100% Agile. Select the right approach for your project, product, or service.

In the end, your business partners don't want projects delivered faster, they want value faster!

For more on understanding Agile, check out the Implement Agile Practices That Work Blueprint

Responses to a 2019 KPMG survey:

13% said that their top management fully supports Agile transformation.

76% of organizations did not agree that their organization supports Agile culture.

62% of top management believe Agile has no implications for them.

What changes for the business analyst?

Business analysts need to focus on six key elements when managing requirements in Agile.

  • Team formation and interaction
  • Stakeholder engagement and communication
  • The timing and sequencing of their work
  • Decision-making
  • Documentation
  • Dealing with change

In Agile, the what of business analysis does not change.

What does change is the how and when that work happens.

1.2.1 Assess your Agile requirements maturity

This is a series of screenshots from the Agile Requirements Maturity Assessment.

1.2.1 Assess your Agile requirements maturity

Estimated time: 30 Minutes

    1. Using the Agile Requirements Maturity Assessment, gather all appropriate stakeholders, and discuss and score the current state of your practice. Scoring can be done by:
      1. Consensus: Generally better with a smaller group, where the group agrees the score and documents the result
      2. Average: Have everyone score individually, and aggregate the results into an average, which is then entered.
      3. Weighted Average: As above, but weight the individual scores by individual or line of business to get a weighted average.
    2. When current state is complete, revisit to establish target state (or hold as a separate session) using the same scoring approach as in current state.
      1. Recognize that there is a cost to maturity, so don't default to the highest score by default.
      2. Resist the urge at this early stage to generate ideas to navigate from current to target state. We will re-visit this exercise in Phase 4, once we've defined other pieces of our process and practice.

Input

  • Participant knowledge and experience

Output

  • A current and target state assessment of your Agile requirements practice

Materials

  • Agile Requirements Maturity Assessment

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Tailoring Your Approach

Phase 2

Phase 1Phase 2Phase 3Phase 4

1.1 Understand the benefits and limitations of Agile and business analysis

1.2 Align Agile and business analysis within your organization

2.1 Confirm the best-fit approach for delivery

2.2 manage your requirements backlog

3.1 Define project roles and responsibilities

3.2 define your level of acceptable documentation

3.3 Manage requirements as an asset

3.4 Define your requirements change management plan

4.1 Preparing new ways of working

4.2 Develop a roadmap for next steps

This phase will walk you through the following activities:

  • Selecting the appropriate delivery methodology
  • Managing your requirements backlog
  • Tracing from business need to user story

This phase involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Managing Requirements in an Agile Environment

Step 2.1

Confirm the Best-fit Approach for Delivery

Activities

2.1.1 Confirm your methodology

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Outcomes of this step

  • A review of potential delivery methodologies to select the appropriate, best-fit approach to your projects

Confirming you're using the best approach doesn't have be tricky

Selecting the right approach (or confirming you're on the right track) is easier when you assess two key inputs to your project; your level of certainty about the solution, and the level of complexity among the different variables and inputs to your project, such as team experience and training, the number of impacted stakeholders or context. lines of business, and the organizational

Solution certainty refers to the level of understanding of the problem and the solution at the start of the project. In projects with high solution certainty, the requirements and solutions are well defined, and the project scope is clear. In contrast, projects with low solution certainty have vague or changing requirements, and the solutions are not well understood.

Project complexity refers to the level of complexity of the project, including the number of stakeholders, the number of deliverables, and the level of technical complexity. In projects with high complexity, there are many stakeholders with different priorities, many deliverables, and high technical complexity. In contrast, projects with low complexity have fewer stakeholders, fewer deliverables, and lower technical complexity.

"Agile is a fantastic approach when you have no clue how you're going to solve a problem"

  • Ryan Folster, Consulting Services Manager, Business Analysis, Dimension Data

Use Info-Tech's methodology selection matrix

Waterfall methodology is best suited for projects with high solution certainty and high complexity. This is because the waterfall model follows a linear and sequential approach, where each phase of the project is completed before moving on to the next. This makes it ideal for projects where the requirements and solutions are well-defined, and the project scope is clear.

On the other hand, Agile methodology is best suited for projects with low solution certainty. Agile follows an iterative and incremental approach, where the requirements and solutions are detailed and refined throughout the project. This makes it ideal for projects where the requirements and solutions are vague or changing.

Note that there are other models that exist for determining which path to take, should this approach not fit within your organization.

Use info-tech's-methodology-selection-matrix

This is an image of Info-Tech’s methodology selection matrix

Adapted from The Chaos Report, 2015 (The Standish Group)

Download the Agile Requirements Workbook

2.1.1 Confirm your methodology

Estimated time: 30 Minutes

  1. Using the Agile Requirements Workbook, find the tab labelled "Methodology Assessment" and answer the questions to establish your complexity and certainty scores, where;

1 = Strongly disagree
2 = Disagree
3 = Neutral
4 = Agree
5 = Strongly agree.

  1. In the same workbook, plot the results in the grid on the tab labelled "Methodology Matrix".
  2. Projects falling into Green are good fits for Agile. Yellow are viable. And Red may not be a great fit for Agile.
  3. Note: Ultimately, the choice of methodology is yours. Recognize there may be additional challenges when a project is too complex, or uncertainty is high.

Input

  • Current project complexity and solution certainty

Output

  • A clear choice of delivery methodology

Materials

  • Agile Requirements Workbook

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Step 2.2

Manage Your Requirements Backlog

Activities

2.2.1 Create your user stories

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Outcomes of this step

  • Understand how to convert requirements into user stories, which populate the Requirements Backlog.

Tailoring Your Approach

There is a hierarchy to requirements

This is a pyramid, with the base being: Solution Requirements; The middle being: Stakeholder Requirements; and the Apex being: Business Requirements.
  • Higher-level statements of the goals, objectives, or needs of the enterprise.
  • Business requirements focus on the needs of the organization, and not the stakeholders within it.

Defines

Intended benefits and outcomes

  • Statements of the needs of a particular stakeholder or class of stakeholders, and how that stakeholder will interact with a solution.

Why it is needed, and by who

  • Describes the characteristics of a solution that meets business requirements and stakeholder requirements. Functional describes the behavior and information that the solution will manage. They describe capabilities the system will be able to perform in terms of behaviors or operations. Non-functional represents constraints on the ultimate solution and tends to be less negotiable.

What is needed, and how its going to be achieved

Connect the dots with a traceability matrix

Business requirements describe what a company needs in order to achieve its goals and objectives. Solution requirements describe how those needs will be met. User stories are a way to express the functionality that a solution will provide from the perspective of an end user.

A traceability matrix helps clearly connect and maintain your requirements.

To connect business requirements to solution requirements, you can start by identifying the specific needs that the business has and then determining how those needs can be met through technology or other solutions; or what the solution needs to do to meet the business need. So, if the business requirement is to increase online sales, a solution requirement might include implementing a shopping cart feature on your company website.

Once you have identified the solution requirements, you can then use those to create user stories. A user story describes a specific piece of functionality that the solution will provide from the perspective of a user.

For example, "As a customer, I want to be able to add items to my shopping cart so that I can purchase them." This user story is directly tied to the solution requirement of implementing a shopping cart feature.

Tracing from User Story back up to Business Requirement is essential in ensuring your solutions support your organization's strategic vison and objectives.

This is an image of a traceability matrix for Business Requirements.

Download the Info-Tech Requirements Traceability Matrix

Improve the quality of your solution requirements

A solution requirement is a statement that clearly outlines the functional capability that the business needs from a system or application.

There are several attributes to look for in requirements:

Verifiable

Unambiguous

Complete

Consistent

Achievable

Traceable

Unitary

Agnostic

Stated in a way that can be easily tested

Free of subjective terms and can only be interpreted in one way

Contains all relevant information

Does not conflict with other requirements

Possible to accomplish with budgetary and technological constraints

Trackable from inception through to testing

Addresses only one thing and cannot be decomposed into multiple requirements

Doesn't pre-suppose a specific vendor or product

For more on developing high quality requirements, check out the Improve Requirements Gathering Blueprint

Prioritize your requirements

When everything is a priority, nothing is a priority.

Prioritization is the process of ranking each requirement based on its importance to project success. Each requirement should be assigned a priority level. The delivery team will use these priority levels to ensure efforts are targeted toward the proper requirements as well as to plan features available on each release. Use the MoSCoW Model of Prioritization to effectively order your requirements.

The MoSCoW Model of Prioritization

This is an image of The MoSCoW Model of Prioritization

The MoSCoW model was introduced by Dai Clegg of Oracle UK in 1994

(Source: ProductPlan).

Base your prioritization on the right set of criteria

Criteria Description
Regulatory and legal compliance These requirements will be considered mandatory.
Policy compliance Unless an internal policy can be altered or an exception can be made, these requirements will be considered mandatory.
Business value significance Give a higher priority to high-value requirements.
Business risk Any requirement with the potential to jeopardize the entire project should be given a high priority and implemented early.
Likelihood of success Especially in proof-of-concept projects, it is recommended that requirements have good odds.
Implementation complexity Give a higher priority to low implementation difficulty requirements.
Alignment with strategy Give a higher priority to requirements that enable the corporate strategy.
Urgency Prioritize requirements based on time sensitivity.
Dependencies A requirement on its own may be low priority, but if it supports a high-priority requirement, then its priority must match it.

Info-Tech Insight

It is easier to prioritize requirements if they have already been collapsed, resolved, and rewritten. There is no point in prioritizing every requirement that is elicited up front when some of them will eventually be eliminated.

Manage solution requirements in a Product backlog

What is a backlog?

Agile teams are familiar with the use of a Sprint Backlog, but in Requirements Management, a Product Backlog is a more appropriate choice.

A product backlog and a Sprint backlog are similar in that they are both lists of items that need to be completed in order to deliver a product or project, but there are some key differences between the two.

A product backlog is a list of all the features, user stories, and requirements that are needed for a product or project. It is typically created and maintained by the business analyst or product owner and is used to prioritize and guide the development of the product.

A Sprint backlog, on the other hand, is a list of items specifically for an upcoming sprint, which is an iteration of work in Scrum. The Sprint backlog is created by the development team and is used to plan and guide the work that will be done during the sprint. The items in the Sprint backlog are typically taken from the product backlog and are prioritized based on their importance and readiness.

For more on building effective product backlogs, visit Deliver on Your Digital Product Vision

A backlog stores and organizes requirements at various stages

Your backlog must give you a holistic understanding of demand for change in the product.

A well-formed backlog can be thought of as a DEEP backlog

Detailed appropriately: Requirements are broken down and refined as necessary

Emergent: The backlog grows and evolves over time as requirements are added and removed.

Estimated: The effort to deliver a requirement is estimated at each tier.

Prioritized: A requirement's value and priority are determined at each tier.

This is an image of an inverted funnel, with the top being labeled: Ideas; The middle being labeled: Qualified; and the bottom being labeled: Ready.

Adapted from Essential Scrum

Ensure requests and requirements are ready for development

Clearly define what it means for a requirement, change, or maintenance request to be ready for development.

This will help ensure the value and scope of each functionality and change are clear and well understood by both developers and stakeholders before the start of the sprint. The definition of ready should be two-fold: ready for the backlog, and ready for coding.

  1. Create a checklist that indicates when a requirement or request is ready for the development backlog. Consider the following questions:
    1. Is the requirement or request in the correct format?
    2. Does the desired functionality or change have significant business value?
    3. Can the requirement or request be reasonably completed within defined release timelines under the current context?
    4. Does the development team agree with the budget and points estimates?
    5. Is there an understanding of what the requirement or request means from the stakeholder or user perspective?
  2. Create a checklist that indicates when a requirement or request is ready for development. Consider the following questions:
    1. Have the requirements and requests been prioritized in the backlog?
    2. Has the team sufficiently collaborated on how the desired functionality or change can be completed?
    3. Do the tasks in each requirement or request contain sufficient detail and direction to begin development?
    4. Can the requirement or request be broken down into smaller pieces?

Converting solution requirements into user stories

Define the user

Who will be interacting with the product or feature being developed? This will help to focus the user story on the user's needs and goals.

Create the story

Create the user story using the following template: "As a [user], I want [feature] so that [benefit]."
This helps articulate the user's need and the value that the requirement will provide.

Decompose

User stories are typically too large to be implemented in a single sprint, so they should be broken down into smaller, more manageable tasks.

Prioritize

User stories are typically too large to be implemented in a single sprint, so they should be broken down into smaller, more manageable tasks.

2.2.1 Create your user stories

Estimated time: 60 Minutes

  1. Gather the project team and relevant stakeholders. Have access to your current list of solution requirements.
  2. Leverage the approach on previous slide "Converting Solution Requirements into User Stories" to generate a collection of user stories.

NOTE: There is not a 1:1 relationship between requirements and user stories.
It is possible that a single requirement will have multiple user stories, and similarly, that a single user story will apply to multiple solution requirements.

Input

  • Requirements
  • Use Case Template

Output

  • A collection of user stories

Materials

  • Current Requirements

Participants

  • Business Analyst(s)
  • Project Team
  • Relevant Stakeholders

Use the INVEST model to create good user stories

At this point your requirements should be high-level stories. The goal is to refine your backlog items, so they are . . .

A vertical image of the Acronym: INVEST, taken from the first letter of each bolded word in the column to the right of the image.

Independent: Ideally your user stories can be built in any order (i.e. independent from each other). This allows you to prioritize based on value and not get caught up in sequencing and prerequisites.
Negotiable: As per the Agile principle, collaboration over contracts. Your user stories are meant to facilitate collaboration between the developer and the business. Therefore, they should be built to allow negotiation between all parties.
Valuable: A user story needs to state the value so it can be effectively prioritized, but also so developers know what they are building.
Estimable: As opposed to higher-level approximation given to epics, user stories need more accuracy in their estimates in order to, again, be effectively prioritized, but also so teams can know what can fit into a sprint or release plans.
Small: User stories should be small enough for a number of them to fit into a sprint. However, team size and velocity will impact how many can be completed. A general guideline is that your teams should be able to deliver multiple stories in a sprint.
Testable: Your stories need to be testable, which means they must have defined acceptance criteria and any related test cases as defined in your product quality standards.
Source: Agile For All

Defining Your Requirements Thresholds

Phase 3

Defining Your Requirements Thresholds

Phase 1Phase 2Phase 3Phase 4

1.1 Understand the benefits and limitations of Agile and business analysis

1.2 Align Agile and business analysis within your organization

2.1 Confirm the best-fit approach for delivery

2.2 manage your requirements backlog

3.1 Define project roles and responsibilities

3.2 define your level of acceptable documentation

3.3 Manage requirements as an asset

3.4 Define your requirements change management plan

4.1 Preparing new ways of working

4.2 Develop a roadmap for next steps

This phase will walk you through the following activities:

  • Assigning roles and responsibilities optional (Tool: RACI)
  • Define your Agile requirements process
  • Calculate the cost of your documentation (Tool: Documentation Calculator)
  • Define your backlog refinement plan

This phase involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Managing Requirements in an Agile Environment

Step 3.1

Define Project Roles and Responsibilities

Activities

3.1.1 Define your Agile requirements RACI (optional)

3.1.2 Define your Agile requirements process

Defining Your Requirements Thresholds

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Outcomes of this step

  • A defined register of roles and responsibilities, along with a defined process for how Agile requirements work is to be done.

Defining Your Requirements Thresholds

Where does the BA function fit on an Agile team?

Team formation is key, as Agile is a team sport

A business analyst in an Agile team typically interacts with several different roles, including the product owner, development team, and many other stakeholders throughout the organization.

This is an image the roles who typically interact with a Business Analyst.

  • The product owner, to set the priorities and direction of the project, and to gather requirements and ensure they are being met. Often, but not always, the BA and product owner are the same individual.
  • The development team, to provide clear and concise requirements that they can use to build and test the product.
  • Other stakeholders, such as customers, end-users, and subject matter experts to gather their requirements, feedback and validate the solution.
    • Design, to ensure that the product meets user needs. They may provide feedback and ensure that the design is aligned with requirements.
    • Security, to ensure that the solution meets all necessary security requirements and to identify potential risks and appropriate use of controls.
    • Testing, to ensure that the solution is thoroughly tested before it is deployed. They may create test cases or user scenarios that validate that everything is working as intended.
    • Deployment, to ensure that the necessary preparations have been made, including testing, security, and user acceptance.

Additionally, during the sprint retrospectives, the team will review their performance and find ways to improve for the next sprint. As a team member, the business analyst helps to identify areas where the team could improve how they are working with requirements and understand how the team can improve communication with stakeholders.

3.1.1 (Optional) Define Your Agile Requirements RACI

Estimated Time: 60 Minutes

  1. Identify the project deliverables: The first step is to understand the project deliverables and the tasks that are required to complete them. This will help you to identify the different roles and responsibilities that need to be assigned.
  2. Define the roles and responsibilities: Identify the different roles that will be involved in the project and their associated responsibilities. These roles may include project manager, product owner, development team, stakeholders, and any other relevant parties.
  3. Assign RACI roles: Assign a RACI role to each of the identified tasks. The RACI roles are:
    1. Responsible: the person or team who is responsible for completing the task
    2. Accountable: the person who is accountable for the task being completed on time and to the required standard
    3. Consulted: the people or teams who need to be consulted to ensure the task is completed successfully
    4. Informed: the people or teams who need to be informed of the task's progress and outcome
  4. Create the RACI chart: Use the information gathered in the previous steps to create a matrix or chart that shows the tasks, the roles, and the RACI roles assigned to each task.
  5. Review and refine: Review the RACI chart with the project team and stakeholders to ensure that it accurately reflects the roles and responsibilities of everyone involved. Make any necessary revisions and ensure that all parties understand their roles and responsibilities.
  6. Communicate and implement: Communicate the RACI chart to all relevant parties and ensure that it is used as a reference throughout the project. This will help to ensure that everyone understands their role and that tasks are completed on time and to the required standard.

Input

  • A list of required tasks and activities
  • A list of stakeholders

Output

  • A list of defined roles and responsibilities for your project

Materials

  • Agile Requirements Workbook

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

A Case Study in Team Formation

Industry: Anonymous Organization in the Energy sector
Source: Interview

Challenge

Agile teams were struggling to deliver within a defined sprint, as there were consistent delays in requirements meeting the definition of ready for development. As such, sprints were often delayed, or key requirements were descoped and deferred to a future sprint.

During a given two-week sprint cycle, the business analyst assigned to the team would be working along multiple horizons, completing elicitation, analysis, and validation, while concurrently supporting the sprint and dealing with stakeholder changes.

Solution

As a part of addressing this ongoing pain, a pilot program was run to add a second business analyst to the team.

The intent was, as one is engaged preparing requirements through elicitation, analysis, and validation for a future sprint, the second is supporting the current sprint cycle, and gaining insights from stakeholders to refine the requirements backlog.

Essentially, these two were leap-frogging each other in time. At all times, one BA was focused on the present, and one on the future.

Result

A happier team, more satisfied stakeholders, and consistent delivery of features and functions by the Agile teams. The pilot team outperformed all other Agile teams in the organization, and the "2 BA" approach was made the new standard.

Understanding the Agile requirements process

Shorter cycles make effective requirements management more necessary, not less

Short development cycles can make requirements management more difficult because they often result in a higher rate of change to the requirements. In a shorter timeframe, there is less time to gather and verify requirements, leading to a higher likelihood of poor or incomplete requirements. Additionally, there may be more pressure to make decisions quickly, which can lead to less thorough analysis and validation of requirements. This can make it more challenging to ensure that the final solution meets the needs of the stakeholders.
When planning your requirements cycles, it's important to consider;

  • Your sprint logistics (how long?)
  • Your release plan (at the end of every sprint, monthly, quarterly?)
  • How the backlog will be managed (as tickets, on a visual medium, such as a Kanban board?)
  • How will you manage communication?
  • How will you monitor progress?
  • How will future sprint planning happen?

Info-Tech's Agile requirements framework

Sprint N(-1)

Sprint N

Sprint N(+1)

An image of Sprint N(-1) An image of Sprint N An image of Sprint N(+1)

Changes from waterfall to Agile

Gathering and documenting requirements: Requirements are discovered and refined throughout the project, rather than being gathered and documented up front. This can be difficult for business analysts who are used to working in a waterfall environment where all requirements are gathered and documented before development begins.
Prioritization of requirements: Requirements are prioritized based on their value to the customer and the team's ability to deliver them. This can be difficult for business analysts who are used to prioritizing requirements based on the client's needs or their own understanding of what is important.

Defining acceptance criteria: Acceptance criteria are defined for each user story to ensure that the team understands what needs to be delivered. Business analysts need to understand how to write effective acceptance criteria and how to use them to ensure that the team delivers what the customer needs.
Supporting Testing and QA: The business analyst plays a role in ensuring that testing (and test cases) are completed and of proper quality, as defined in the requirements.

Managing changing requirements: It is expected that requirements will change throughout the project. Business analysts need to be able to adapt quickly to changing requirements and ensure that the team is aware of the changes and how they will impact the project.
Collaboration with stakeholders: Requirements are gathered from a variety of stakeholders, including customers, users, and team members. Business analysts need to be able to work effectively with all stakeholders to gather and refine requirements and ensure that the team is building the right product.

3.1.2 Define your Agile requirements process

Estimated time: 60 Minutes

  1. Gather all relevant stakeholders to discuss and define your process for requirements management.
  2. Have a team member facilitate the session to define the process. The sample in the Agile Requirements Workbook can be used optionally as a starting point. You can also use any existing processes and procedures as a baseline.
  3. Gain agreement on the process from all involved stakeholders.
  4. Revisit the process periodically to review its performance and make adjustments as needed.

NOTE: The process is intended to be at a high enough level to leave space and flexibility for team members to adapt and adjust, but at a sufficient depth that everyone understands the process and workflows. In other words, the process will be both flexible and rigid, and the two are not mutually exclusive.

Input

  • Project team and RACI
  • Existing Process (if available)

Output

  • A process for Agile requirements that is flexible yet rigid

Materials

  • Agile Requirements Workbook

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Establish the right level of governance and decision-making

Establishing the right level of governance and decision making is important in Agile requirements because there is a cost to decision making, as time plays an important factor. Even the failure to decide can have significant impacts.

Good governance and decision-making practices can help to minimize risks, ensure that requirements are well understood and managed, and that project progress is tracked and reported effectively.

In Agile environments, this often involves establishing clear roles and responsibilities, implementing effective communication and collaboration practices, and ensuring that decision-making processes are efficient and effective.

Good requirements management practices can help to ensure that projects are aligned with organizational goals and strategy, that stakeholders' needs are understood and addressed, and that deliverables are of high quality and meet the needs of the business.

By ensuring that governance and decision-making is effective, organizations can improve the chances of project success, and deliver value to the business. Risks and costs can be mitigated by staying small and nimble.

Check out Make Your IT Governance Adaptable

Develop an adaptive governance process

A pyramid, with the number 4 at the apex, and the number 1 at the base.  In order from base-apex, the following titles are found to the right of the pyramid: Ad-Hoc governance; Controlled Governance; Agile Governance; Embedded/Automated governance.

Maturing governance is a journey

Organizations should look to progress in their governance stages. Ad-hoc and controlled governance tends to be slow, expensive, and a poor fit for modern practices.

The goal as you progress through your stages is to delegate governance and empower teams to make optimal decisions in real-time, knowing that they are aligned with the understood best interests of the organization.

Automate governance for optimal velocity, while mitigating risks and driving value.

This puts your organization in the best position to be adaptive and able to react effectively to volatility and uncertainty.

A graph charting Trust and empowerment on the x-axis, and Progress Integration on the Y axis.

Five key principles for building an adaptive governance framework

Delegate and empower

Decision making must be delegated down within the organization, and all resources must be empowered and supported to make effective decisions.

Define outcomes

Outcomes and goals must be clearly articulated and understood across the organization to ensure decisions are in line and stay within reasonable boundaries.

Make risk- informed decisions

Integrated risk information must be available with sufficient data to support decision making and design approaches at all levels of the organization.

Embed / automate

Governance standards and activities need to be embedded in processes and practices. Optimal governance reduces its manual footprint while remaining viable. This also allows for more dynamic adaptation.

Establish standards and behavior

Standards and policies need to be defined as the foundation for embedding governance practices organizationally. These guardrails will create boundaries to reinforce delegated decision making.

Sufficient decision-making power should be given to your Agile teams

Push the decision-making process down to your pilot teams.

  • Bring your business stakeholders and subject matter experts together to identify the potential high-level risks.
  • Bring your business stakeholders and subject matter experts together to identify the potential high-level risks.
  • Discuss with the business the level of risk they are willing to accept.
  • Define the level of authority project teams have in making critical decisions.

"Push the decision making down as far as possible, down to the point where sprint teams completely coordinate all the integration, development, and design. What I push up the management chain is risk taking. [Management] decides what level of risk they are willing to take and [they] demonstrate that by the amount of decision making you push down."
– Senior Manager, Canadian P&C Insurance Company, Info-Tech Interview

Step 3.2

Define Your Level of Acceptable Documentation

Activities

3.2.1 Calculate the cost of documentation

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Relevant Stakeholders

Outcomes of this step

  • Quantified cost of documentation produced for your Agile project.

Defining Your Requirements Thresholds

Right-size Your Documentation

Why do we need it, and what purpose does it serve?

Before creating any documentation, consider why; why are you creating documentation, and what purpose is it expected to serve?
Is it:

  • … to gain approval?
  • … to facilitate decision-making?
  • .. to allow the team to think through a challenge or compare solution options?

Next, consider what level of documentation would be acceptable and 'enough' for your stakeholders. Recognize that 'enough' will depend on your stakeholder's personal definition and perspective.
There may also be considerations for maintaining documentation for the purposes of compliance, and auditability in some contexts and industries.
The point is not to eliminate all documentation, but rather, to question why we're producing it, so that we can create just enough to deliver value.

"What does the next person need to do their work well, to gain or create a shared understanding?"
- Filip Hendrickx, Innovating BA and Founder, altershape

Documentation comes at a cost

We need to quantify the cost of documentation, against the expected benefit

All things take time, and that would imply that all things have an inherent cost. We often don't think in these terms, as it's just the work we do, and costs are only associated with activities requiring additional capital expenditure. Documentation of requirements can come at a cost in terms of time and resources. Creating and maintaining detailed documentation requires effort from project team members, which could be spent on other aspects of the project such as development or testing. Additionally, there may be costs associated with storing and distributing the documentation.

When creating documentation, we are making a decision. There is an opportunity cost of investing time to create, and concurrently, not working on other activities. Documentation of requirements can come at a cost in terms of time and resources. Creating and maintaining detailed documentation requires effort from project team members, which could be spent on other aspects of the project such as development or testing. Additionally, there may be costs associated with storing and distributing the documentation.

In order to make better informed decisions about the types, quantity and even quality of the documentation we are producing, we need to capture that data. To ensure we are receiving good value for our documentation, we should compare the expected costs to the expected benefits of a sprint or project.

3.2.1 Calculate the cost of documentation

Estimated time: as needed

  1. Use this tool to quantify the cost of creating and maintaining current state documentation for your Agile requirements team. It provides an indication, via the Documentation Cost Index, of when your project is documenting excessively, relative to the expected benefits of the sprint or project.
  2. In Step 1, enter the hourly rate for the person (or persons) completing the business analysis function for your Agile team. NB: This does not have to be a person with the title of business analyst. If there are multiple people fulfilling this role, enter the average rate (if their rates are same or similar) or a weighted average (if there is a significant range in the hourly rate)
  3. In Step 2, enter the expected benefit (in $) for the sprint or project.
  4. In Step 3, enter the total number of hours spent on each task/activity during the sprint or project. Use blank spaces as needed to add tasks and activities not listed.
  5. In Step 4, you'll find the Documentation Cost Index, which compares your total documentation cost to the expected benefits. The cell will show green when the value is < 0.8, yellow between 0.8 and 1, and red when >1.
  6. Use the information to plan future sprints and documentation needs, identify opportunities for improvement in your requirements practice, and find balance in "just enough" documentation.

Input

  • Project team and RACI
  • Existing Process (if available)

Output

  • A process for Agile requirements that is flexible yet rigid

Materials

  • Agile Requirements Workbook

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Lack of documentation also comes at a cost

Lack of documentation can bring costs to Agile projects in a few different ways.

  • Onboarding new team members
  • Improving efficiency
  • Knowledge management
  • Auditing and compliance
  • Project visibility
  • Maintaining code

Info-Tech Insight

Re-using deliverables (documentation, process, product, etc.) is important in maintaining the velocity of work. If you find yourself constantly recreating your current state documentation at the start of a project, it's hard to deliver with agility.

Step 3.3

Manage Requirements as an Asset

Activities

3.3.1 Discuss your current perspectives on requirements as assets

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Relevant Stakeholders

Outcomes of this step

  • Awareness of the value in, and tactics for enabling effective management of requirements as assets

Defining Your Requirements Thresholds

What do we mean by "assets"?

And when do requirements become assets?

In order to delivery with agility, you need to maximize the re-usability of artifacts. These artifacts could take the form of current state documentation, user stories, test cases, and yes, even requirements for re-use.
Think of it like a library for understanding where your organization is today. Understanding the people, processes, and technology, in one convenient location. These artifacts become assets when we choose to retain them, rather than discard them at the end of a project, when we think they'll no longer be needed.
And just like finding a single book in a vast library, we need to ensure our assets can be found when we need them. And this means making them searchable.
We can do this by establishing criteria for requirements and artifact reuse;

  • What business need and benefit is it aligned to?
  • What metadata needs to be attached, related to source, status, subject, author, permissions, type, etc.?
  • Where will it be stored for ease of retrieval?

Info-Tech Insight

When writing requirements for products or services, write them for the need first, and not simply for what is changing.

The benefits of managing requirements as assets

Retention of knowledge in a knowledge base that allows the team to retain current business requirements, process documentation, business rules, and any other relevant information.
A clearly defined scope to reduce stakeholder, business, and compliance conflicts.
Impact analysis of changes to the current organizational assets.

Source: Requirement Engineering Magazine, 2017.

A case study in creating an asset repository

Industry: Anonymous Organization in the Government sector
Source: Interview

Challenge

A large government organization faced a challenge with managing requirements, processes, and project artifacts with any consistency.

Historically, their documentation was lacking, with multiple versions existing in email sent folders and manila folders no one could find. Confirming the current state at any given time meant the heavy lift of re-documenting and validating, so that effort was avoided for an excessive period.

Then there was a request for audit and compliance, to review their existing documentation practices. With nothing concrete to show, drastic recommendations were made to ensure this practice would end.

Solution

A small but effective team was created to compile and (if not available) document all existing project and product documentation, including processes, requirements, artifacts, business cases, etc.

A single repository was built and demonstrated to key stakeholders to ensure it would satisfy the needs of the audit and compliance group.

Result

A single source of truth for the organization, which was;

  • Accessible (view access to the entire organization).
  • Transparent (anyone could see and understand the process and requirements as intended).
  • A baseline for continuous improvement, as it was clear what the one defined "best way" was.
  • Current, where no one retained current documentation outside of this library.

3.3.1 Discuss your current perspectives on requirements as assets

Estimated time: 30 Minutes

  1. Gather all relevant stakeholder to share perspectives on the use of requirements as assets, historically in the organization.
  2. Have a team member facilitate the session. It is optional to document the findings.
  3. After looking at the historical use of requirements as assets, discuss the potential uses, benefits, and drawbacks of managing as assets in the target state.

Input

  • Participant knowledge and experience

Output

  • A shared perspective and history on requirements as assets

Materials

  • A method for data capture (optional)

Participants

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Apply changes to baseline documentation

Baseline + Release Changes = New Baseline

  • Start from baseline documentation dramatically to reduce cost and risk
  • Treat all scope as changes to baseline requirements
  • Sum of changes in the release scope
  • Sum of changes and original baseline becomes the new baseline
  • May take additional time and effort to maintain accurate baseline

What is the right tool?

While an Excel spreadsheet is great to start off, its limitations will become apparent as your product delivery process becomes more complex. Look at these solutions to continue your journey in managing your Agile requirements:

Step 3.4

Define Your Requirements Change Management Plan

Activities

3.4.1 Triage your requirements

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Relevant Stakeholders

Outcomes of this step

  • An approach for determining the appropriate level of governance over changes to requirements.

Expect and embrace change

In Agile development, change is expected and embraced. Instead of trying to rigidly follow a plan that may become outdated, Agile teams focus on regularly reassessing their priorities and adapting their plans accordingly. This means that the requirements can change often, and it's important for the team to have a process in place for managing these changes.

A common approach to managing change in Agile is to use a technique called "backlog refinement." Where previously we populated our backlog with requirements to get them ready for development and deployment, this involves regularly reviewing and updating the list of work to be done. The team will prioritize the items on the evolving backlog, and the prioritized items will be worked on during the next sprint. This allows the team to quickly respond to changes in requirements and stay focused on the most important work.

Another key aspect of managing change in Agile is effective communication. The team should have regular meetings, such as daily stand-up meetings or weekly sprint planning meetings, to discuss any changes in requirements and ensure that everyone is on the same page.

Best practices in change and backlog refinement

Communicate

Clearly communicate your change process, criteria, and any techniques, tools, and templates that are part of your approach.

Understand impacts/risks

Maintain consistent control and communication and ensure that an impact assessment is completed. This is key to managing risks.

Leverage tools

Leverage tools when you have them available. This could be a Requirements Management system, a defect/change log, or even by turning on "track changes" in your documents.

Cross-reference

For every change, define the source of the change, the reason for the change, key dates for decisions, and any supporting documentation.

Communicate the reason, and stay on message throughout the change

Leaders of successful change spend considerable time developing a powerful change message: a compelling narrative that articulates the desired end state and makes the change concrete and meaningful to staff. They create the change vision with staff to build ownership and commitment.

  • The change message should:
  • Explain why the change is needed.
  • Summarize the things that will stay the same.
  • Highlight the things that will be left behind.
  • Emphasize the things that are being changed.
  • Explain how the change will be implemented.
  • Address how the change will affect the various roles in the organization.
  • Discuss staff's role in making the change successful.

The five elements of communicating the reason for the change:

An image of a cycle, including the five elements for communicating the reason for change.  these include: What will the role be for each department and individual?; What is the change?; Why are we doing it?; How are we going to go about it?; How long will it take us?

How to make the management of changes more effective

Key decisions and considerations

How will changes to requirements be codified?
How will intake happen?

  • What is the submission process?
  • Who has approval to submit?
  • What information is needed to submit a request?

How will potential changes be triaged and evaluated?

  • What criteria will be used to assess the impact and urgency of the potential change?
  • How will you treat material and non-material changes?

What is the review and approval process?

  • How will acceptance or rejection status be communicated to the submitter?

3.4.1 Triage Your requirements

An image of an inverted triangle, with the top being labeled: No Material Impact, the middle being labeled: Material impact; and the bottom being labeled: Governance Impact.  To the right of the image, are text boxes elaborating on each heading.

If there's no material impact, update and move on

An image of an inverted triangle, with the top being labeled: No Material Impact, the middle being labeled: Material impact; and the bottom being labeled: Governance Impact. To the right of the image, is a cycle including the following terms: Validate change; Update requirements; Track change (log); Package and communicate

Material changes require oversight and approval

An image of an inverted triangle, with the top being labeled: No Material Impact, the middle being labeled: Material impact; and the bottom being labeled: Governance Impact. To the right of the image, is a cycle including the following terms: Define impact; Revise; Change control needed?; Implement change.

Planning Your Next Steps

Phase 4

Planning Your Next Steps

Phase 1Phase 2Phase 3Phase 4

1.1 Understand the benefits and limitations of Agile and business analysis

1.2 Align Agile and business analysis within your organization

2.1 Confirm the best-fit approach for delivery

2.2 manage your requirements backlog

3.1 Define project roles and responsibilities

3.2 define your level of acceptable documentation

3.3 Manage requirements as an asset

3.4 Define your requirements change management plan

4.1 Preparing new ways of working

4.2 Develop a roadmap for next steps

This phase will walk you through the following activities:

  • Completing Your Agile Requirements Playbook
  • EXERCISE: Capability Gap List

This phase involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Managing Requirements in an Agile Environment

Step 4.1

Preparing New Ways of Working

Activities

4.1.1 Define your communication plan

Planning Your Next Steps

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Outcomes of this step

  • Recognize the changes required on the team and within the broader organization, to bring stakeholders on board.

How we do requirements work will change

  • Team formation and interaction
  • Stakeholder engagement and communication
  • The timing and sequencing of their work
  • Decision-making
  • Documentation
  • Dealing with change

As a result, you'll need to focus on;

Emphasizing flexibility: In Agile organizations, there is a greater emphasis on flexibility and the ability to adapt to change. This means that requirements may evolve over time and may not be fully defined at the beginning of the project.
Enabling continuous delivery: Agile organizations often use continuous delivery methods, which means that new features and functionality are delivered to users on a regular basis. This requires a more iterative approach to requirements management, as new requirements may be identified and prioritized during the delivery process.
Enhancing collaboration and communication: Agile organizations place a greater emphasis on collaboration and communication between team members, stakeholders, and customers.
Developing a user-centered approach: Agile organizations often take a user-centered approach to requirements gathering, which means that the needs and goals of the end-user are prioritized.

Change within the team, and in the broader organization

How to build an effective blend Agile and requirements management

Within the team

  • Meetings should happen as needed
  • Handoffs should be clear and concise
  • Interactions should add value
  • Stand-ups should similarly add value, and shouldn't be for status updates

Within the organization

  • PMO inclusion, to ensure alignment across the organization
  • Business/Operating areas, to recognize what they are committing to for time, resources, etc.
  • Finance, for how your project or product is funded
  • Governance and oversight, to ensure velocity is maintained

"Whether in an Agile environment or not, collaboration and relationships are still required and important…how you collaborate, communicate, and how you build relationships are key."
- Paula Bell, CEO, Paula A. Bell Consulting

Get stakeholders on board with Agile requirements

  1. Stakeholder feedback and management support are key components of successful Agile requirements.
  2. Stakeholders can see a project's progression and provide critical feedback about its success at critical milestones.
  3. Management helps teams succeed by trusting them to complete projects with business value at top of mind and by removing impediments that are inhibiting their productivity.
  4. Agile will bring a new mindset and significant amounts of people, process, and technology changes that stakeholders and management may not be accustomed to. Working through these issues in requirements management enables a smoother rollout.
  5. Management will play a key role in ensuring long-term Agile requirements success and ultimately rolling it out to the rest of the organization.
  6. The value of leadership involvement has not changed even though responsibilities will. The day-to-day involvement in projects will change but continual feedback will ultimately dictate the success or failure of a project.

4.1.1 Define your communication plan

Estimated time: 60 Minutes

    1. Gather all relevant stakeholder to create a communication plan for project or product stakeholders.
    2. Have a team member facilitate the session.
    3. Identify
    4. ;
      1. Each stakeholder
      2. The nature of information they are interested in
      3. The channel or medium best to communicate with them
      4. The frequency of communication
    5. (Optional) Consider validating the results with the stakeholders, if not present.
    6. Document the results in the Agile Requirements Workbook and include in Agile Requirements Playbook.
    7. Revisit as needed, whether at the beginning of a new initiative, or over time, to ensure the content is still valid.

Input

  • Participant knowledge and experience

Output

  • A plan for communicating with stakeholders

Materials

  • Agile Requirements Workbook

Participants

  • Business Analyst(s)
  • Project Team

Step 4.2

Develop a Roadmap for Next Steps

Activities

4.2.1 Develop your Agile requirements action plan

4.2.2 Prioritize with now, next, later

This step involves the following participants:

  • Business Analyst(s)
  • Project Team
  • Sponsor/Executive
  • Relevant Stakeholders

Outcomes of this step

  • A comprehensive and prioritized list of opportunities and improvements to be made to mature the Agile requirements practice.

Planning Your Next Steps

Identify opportunities to improve and close gaps

Maturing at multiple levels

With a mindset of continuous improvement, there is always some way we can get better.

As you mature your Agile requirements practice, recognize that those gaps for improvement can come from multiple levels, from the organizational down to the individual.

Each level will bring challenges and opportunities.

The organization

  • Organizational culture
  • Organizational behavior
  • Political will
  • Unsupportive stakeholders

The team

  • Current ways of working
  • Team standards, norms and values

The individual

  • Practitioner skills
  • Practitioner experience
  • Level of training received

Make sure your organization is ready to transition to Agile requirements management

A cycle is depicted, with the following Terms: Learning; Automation; Integrated teams; Metrics and governance; Culture.

Learning:

Agile is a radical change in how people work
and think. Structured, facilitated learning is required throughout the transformation to
help leaders and practitioners go from

doing Agile to being Agile.

Automation:

While Agile is tool-agnostic at its roots, Agile work management tools and DevOps inspired SDLC tools that have become a key part of Agile practices.

Integrated Teams:


While temporary project teams can get some benefits from Agile, standing, self-organizing teams that cross business, delivery, and operations are essential to gain the full benefits of Agile.

Metrics and Governance:

Successful Agile implementations
require the disciplined use

of delivery and operations
metrics that support governance focused on developing better teams.

Culture:

Agile teams believe that value is best created by standing, self-organizing cross-functional teams who deliver sustainably in frequent,
short increments supported by leaders
who coach them through challenges.

Info-Tech Insight

Agile gaps may only have a short-term, perceived benefit. For example, coding without a team mindset can allow for maximum speed to market for a seasoned developer. Post-deployment maintenance initiatives, however, often lock the single developer as no one else understands the rationale for the decisions that were made.

4.2.1 Develop your Agile requirements action plan

Estimated time: 60 Minutes

  1. Gather all relevant stakeholder to create a road map and action plan for requirements management.
  2. Have a team member facilitate the session using the results of the Agile Requirements Maturity Assessment.
  3. Identify gaps from current to future state and brainstorm possible actions that can be taken to address those gaps. Resist the urge to analyze or discuss the feasibility of each idea at this stage. The intent is idea generation.
  4. When the group has exhausted all ideas, the facilitator should group like ideas together, with support from participants. Discuss any ideas that are unclear or ambiguous.
  5. Document the results in the Agile Requirements Workbook.

Note: the feasibility and timing of the ideas will happen in the following "Now, Next, Later" exercise.

Prioritize your roadmap

Taking steps to mature your Agile requirements practice.

An image of the Now; Next; Later technique.

The "Now, Next, Later" technique is a method for prioritizing and planning improvements or tasks. This involves breaking down a list of tasks or improvements into three categories:

  • "Now" tasks are those that must be completed immediately. These tasks are usually urgent or critical, and they must be completed to keep the project or organization running smoothly.
  • "Next" tasks are those that should be completed soon. These tasks are not as critical as "now" tasks, but they are still important and should be tackled relatively soon.
  • "Later" tasks are those that can be completed later. These tasks are less critical and can be deferred without causing major problems.

By using this technique, you can prioritize and plan the most important tasks first, while also allowing for flexibility and the ability to adjust plans as necessary.
This process also helps you get a clear picture on what needs to be done first and what can be done later. This way you can work on the most important things first, and keep track of what you need to do next, for keeping the development/improvement process smooth and efficient.

Monitor your progress

Monitoring progress is important in achieving your target state. Be deliberate with your actions, to continue to mature your Agile requirements practice.

As you navigate toward your target state, continue to monitor your progress, your successes, and your challenges. As your Agile requirements practice matures, you should see improvements in the stated metrics below.

Establish a cadence to review these metrics, as well as how you are progressing on your roadmap, against the plan.

This is not about adding work, but rather, about ensuring you're heading in the right direction; finding the balance in your Agile requirements practice.

Metric
Team satisfaction (%) Expect team satisfaction to increase as a result of clearer role delineation and value contribution.
Stakeholder satisfaction (%) Expect stakeholder satisfaction to similarly increase, as requirements quality increases, bringing increased value.
Requirements rework Measures the quality of requirements from your Agile projects. Expect that the requirements rework will decrease, in terms of volume/frequency.
Cost of documentation Quantifies the cost of documentation, including elicitation, analysis, validation, presentation, and management.
Time to delivery Balancing metric. We don't want improvements in other at the expense of time to delivery.

Appendix

Research Contributors and Experts

This is a picture of Emal Bariali

Emal Bariali
Business Architect & Business Analyst
Bariali Consulting

Emal Bariali is a Senior Business Analyst and Business Architect with 17 years of experience, executing nearly 20 projects. He has experience in both waterfall and Agile methodologies and has delivered solutions in a variety of forms, including custom builds and turnkey projects. He holds a Master's degree in Information Systems from the University of Toronto, a Bachelor's degree in Information Technology from York University, and a post-diploma in Software & Database Development from Seneca College.

This is a picture of Paula Bell

Paula Bell
Paula A. Bell Consulting, LLC

Paula Bell is the CEO of Paula A Bell Consulting, LLC. She is a Business Analyst, Leadership and Career Development coach, consultant, speaker, and author with 21+ years of experience in corporate America in project roles including business analyst, requirements manager, business initiatives manager, business process quality manager, technical writer, project manager, developer, test lead, and implementation lead. Paula has experience in a variety of industries including media, courts, manufacturing, and financial. Paula has led multiple highly-visible multi-million-dollar technology and business projects to create solutions to transform businesses as either a consultant, senior business analyst, or manager.

Currently she is Director of Operations for Bridging the Gap, where she oversees the entire operation and their main flagship certification program.

This is a picture of Ryan Folster

Ryan Folster
Consulting Services Manager, Business Analysis
Dimension Data

Ryan Folster is a Business Analyst Lead and Product Professional from Johannesburg, South Africa. His strong focus on innovation and his involvement in the business analysis community have seen Ryan develop professionally from a small company, serving a small number of users, to large multi-national organizations. Having merged into business analysis through the business domain, Ryan has developed a firm grounding and provides context to the methodologies applied to clients and projects he is working on. Ryan has gained exposure to the Human Resources, Asset Management, and Financial Services sectors, working on projects that span from Enterprise Line of Business Software to BI and Compliance.

Ryan is also heavily involved in the local chapter of IIBA®; having previously served as the chapter president, he currently serves as a non-executive board member. Ryan is passionate about the role a Business Analyst plays within an organization and is a firm believer that the role will develop further in the future and become a crucial aspect of any successful business.

This is a picture of Filip Hendrickx

Filip Hendrickx
Innovating BA, Visiting Professor @ VUB
altershape

Filip loves bridging business analysis and innovation and mixes both in his work as speaker, trainer, coach, and consultant.

As co-founder of the BA & Beyond Conference and IIBA Brussels Chapter president, Filip helps support the BA profession and grow the BA community in and around Belgium. For these activities, Filip received the 2022 IIBA® EMEA Region Volunteer of the Year Award.

Together with Ian Richards, Filip is the author ofBrainy Glue, a business novel on business analysis, innovation and change. Filip is also co-author of the BCS book Digital Product Management and Cycles, a book, method and toolkit enabling faster innovation.

This is a picture of Fabricio Laguna

Fabricio Laguna
Professional Speaker, Consultant, and Trainer
TheBrazilianBA.com

Fabrício Laguna, aka The Brazilian BA, is the main reference on business analysis in Brazil. Author and producer of videos, articles, classes, lectures, and playful content, he can explain complex things in a simple and easy-to-understand way. IIBA Brazil Chapter president between 2012-2022. CBAP, AAC, CPOA, PMP, MBA. Consultant and instructor for more than 25 years working with business analysis, methodology, solution development, systems analysis, project management, business architecture, and systems architecture. His online courses are approved by students from 65 countries.

This is a picture of Ryland Leyton

Ryland Leyton
Business Analyst and Agile Coach
Independent Consultant

Ryland Leyton, CBAP, PMP, CSM, is an avid Agile advocate and coach, business analyst, author, speaker, and educator. He has worked in the technology sector since 1998, starting off with database and web programming, gradually moving through project management and finding his passion in the BA and Agile fields. He has been a core team member of the IIBA Extension to the BABOK and the IIBA Agile Analysis Certification. Ryland has written popular books on agility, business analysis, and career. He can be reached at www.RylandLeyton.com.

This is a picture of Steve Jones

Steve Jones
Supervisor, Market Support Business Analysis
ISO New England

Steve is a passionate analyst and BA manager with more than 20 years of experience in improving processes, services and software, working across all areas of software development lifecycle, business change and business analysis. He rejoices in solving complex business problems and increasing process reproducibility and compliance through the application of business analysis tools and techniques.

Steve is currently serving as VP of Education for IIBA Hartford. He is a CBAP, certified SAFe Product Owner/Product Manager, Six Sigma Green Belt, and holds an MS in Information Management and Communications.

This is a picture of Angela Wick

Angela Wick
Founder
BA-Squared and BA-Cube

Founder of BA-Squared and BA-Cube.com, Angela is passionate about teaching practical, modern product ownership and BA skills. With over 20 years' experience she takes BA skills to the next level and into the future!
Angela is also a LinkedIn Learning instructor on Agile product ownership and business analysis, an IC-Agile Authorized Trainer, Product Owner and BA highly-rated trainer, highly-rated speaker, sought-after workshop facilitator, and contributor to many industry publications, including:

  • IIBA BABOK v3 Core Team, leading author on the BABOK v3
  • Expert Reviewer, IIBA Agile Extension to the BABOK
  • PMI BA Practice Guide – Expert Reviewer
  • PMI Requirements Management Practice Guide – Expert Reviewer
  • IIBA Competency Model – Lead Author and Team Lead, V1, V2, and V3.

This is a picture of Rachael Wilterdink

Rachael Wilterdink
Principal Consultant
Infotech Enterprises

Rachael Wilterdink is a Principal Consultant with Infotech Enterprises. With over 25 years of IT experience, she holds multiple business analysis and Agile certifications. As a consultant, Rachael has served clients in the financial, retail, manufacturing, healthcare, government, non-profit, and insurance industries. Giving back to the professional community, Ms. Wilterdink served on the boards of her local IIBA® and PMI® chapters. As a passionate public speaker, Rachael presents various topics at conferences and user groups across the country and the world. Rachael is also the author of the popular eBook "40 Agile Transformation Pain Points (and how to avoid or manage them)."

Bibliography

"2021 Business Agility Report: Rising to the Challenge." Business Agility, 2021. Accessed 13 June 2022.
Axure. "The Pitfalls of Agile and How We Got Here". Axure. Accessed 14 November 2022.
Beck, Kent, et al. "Manifesto for Agile Software Development." Agilemanifesto. 2001.
Brock, Jon, et al. "Large-Scale IT Projects: From Nightmare to Value Creation." BCG, 25 May 2015.
Bryar, Colin and Bill Carr. "Have We Taken Agile Too Far?" Harvard Business Review, 9 April 2021. Accessed 11 November, 2022.
Clarke, Thomas. "When Agile Isn't Responsive to Business Goals" RCG Global Services, Accessed 14 November 2022.
Digital.ai "The 15th State of Agile Report". Digital.ai. Accessed 21 November 2022.
Hackshall, Robin. "Product Backlog Refinement." Scrum Alliance. 9 Oct. 2014.
Hartman, Bob. "New to Agile? INVEST in good user stories." Agile For All.
IAG Consulting. "Business Analysis Benchmark: Full Report." IAG Consulting, 2009.
Karlsson, Johan. "Backlog Grooming: Must-Know Tips for High-Value Products." Perforce. 18 May 2018
KPMG. Agile Transformation (2019 Survey on Agility). KPMG. Accessed November 29.
Laguna, Fabricio "REQM guidance matrix: A framework to drive requirements management", Requirements Engineering Magazine. 12 September 2017. Accessed 10 November 2022.
Miller, G. J. (2013). Agile problems, challenges, & failures. Paper presented at PMI® Global Congress 2013—North America, New Orleans, LA. Newtown Square, PA: Project Management Institute.
Product Management: MoSCoW Prioritization." ProductPlan, n.d. Web.
Podeswa, Howard "The Business Case for Agile Business Analysis" Requirements Engineering Magazine. 21 February 2017. Accessed 7 November 2022.
PPM Express. "Why Projects Fail: Business Analysis is the Key". PPM Express. Accessed 16 November 2022.
Reifer, Donald J. "Quantitative Analysis of Agile Methods Study: Twelve Major Findings." InfoQ, 6 February, 2017.
Royce, Dr. Winston W. "Managing the Development of Large Software Systems." Scf.usc.edu. 1970. (royce1970.pdf (usc.edu))
Rubin, Kenneth S. Essential Scrum: A Practical Guide to the Most Popular Agile Process. Pearson Education. 2012.
Singer, Michael. "15+ Surprising Agile Statistics: Everything You Need To Know About Agile Management". Enterprise Apps Today. 22 August 2022.
The Standish Group. The Chaos Report, 2015. The Standish Group.

Where do I go next?

Improve Requirements Gathering

Back to basics: great products are built on great requirements.

Make the Case for Product Delivery

Align your organization on the practices to deliver what matters most.

Requirements for Small and Medium Enterprises

Right-size the guidelines of your requirements gathering process.

Implement Agile Practices that Work

Improve collaboration and transparency with the business to minimize project failure.

Create an Agile-Friendly Gating and Governance Model

Use Info-Tech's Agile Gating Framework as a guide to gating your Agile projects following a "trust but verify" approach.

Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

Deliver on Your Digital Product Vision

Build a product vision your organization can take from strategy through execution.

Innovation

  • Buy Link or Shortcode: {j2store}21|cart{/j2store}
  • Related Products: {j2store}21|crosssells{/j2store}
  • Teaser Video: Visit Website
  • Teaser Video Title: Digital Ethics = Data Equity
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • sidebar graphic: Visit Link
  • Parent Category Name: Strategy and Governance
  • Parent Category Link: /strategy-and-governance
Innovation is the at heart of every organization, especially in these fast moving times. It does not matter if you are in a supporting or "traditional" sector.  The company performing the service in a faster, better and more efficient way, wins.

innovation

Select and Implement a Web Experience Management Solution

  • Buy Link or Shortcode: {j2store}556|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Marketing Solutions
  • Parent Category Link: /marketing-solutions
  • A company’s web presence is its front face to the world. Ensuring you have the right suite of tools for web content management, experience design, and web analytics is critical to putting your best foot forward: failing to do so will result in customer attrition and lost revenue.
  • Web Experience Management (WEM) suites are a rapidly maturing and dynamic market, with a landscape full of vendors with cutting edge solutions and diverse offerings. As a result, finding a solution that is the best fit for your organization can be a complex process.

Our Advice

Critical Insight

  • WEM products are not a one-size-fits-all investment: unique evaluations and customization are required in order to deploy a solution that fits your organization.
  • WEM technology often complements core CRM and marketing management products – it does not supplant it, and must augment the rest of your customer experience management portfolio.
  • Phase your WEM implementation: Start with core capabilities such as content management, then add additional capabilities for site analytics and dynamic experience.

Impact and Result

  • Align marketing needs with identified functional requirements.
  • Implement a best-fit WEM that increases customer acquisition and retention, and provides in-depth capabilities for site analysis.
  • Optimize procurement and operations costs for the WEM platform.

Select and Implement a Web Experience Management Solution Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should select and implement a WEM solution, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Launch the WEM project and collect requirements

Conduct a market overview, structure the project, and gather requirements.

  • Select and Implement a Web Experience Management Solution – Phase 1: Launch the WEM Project and Collect Requirements
  • WEM Project Charter Template
  • WEM Use-Case Fit Assessment Tool

2. Select a WEM solution

Analyze and shortlist vendors in the space and select a WEM solution.

  • Select and Implement a Web Experience Management Solution – Phase 2: Select a WEM Solution
  • WEM Vendor Shortlist & Detailed Feature Analysis Tool
  • WEM Vendor Demo Script Template
  • WEM RFP Template

3. Plan the WEM implementation

Plan the implementation and evaluate project metrics.

  • Select and Implement a Web Experience Management Solution – Phase 3: Plan the WEM Implementation
  • WEM Work Breakdown Structure Template
[infographic]

Workshop: Select and Implement a Web Experience Management Solution

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Launch of the WEM Selection Project

The Purpose

Discuss the general project overview for the WEM selection.

Key Benefits Achieved

Launch of your WEM selection project.

Development of your organization’s WEM requirements.

Activities

1.1 Facilitation of activities from the Launch the WEM Project and Collect Requirements phase, including project scoping and resource planning.

1.2 Conduct overview of the WEM market landscape, trends, and vendors.

1.3 Conduct process mapping for selected marketing processes.

1.4 Interview business stakeholders.

1.5 Prioritize WEM functional requirements.

Outputs

WEM Procurement Project Charter

WEM Use-Case Fit Assessment

2 Plan the Procurement and Implementation Process

The Purpose

Plan the procurement and the implementation of the WEM solution.

Key Benefits Achieved

Selection of a WEM solution.

A plan for implementing the selected WEM solution.

Activities

2.1 Complete marketing process mapping with business stakeholders.

2.2 Interview IT staff and project team, identify technical requirements for the WEM suite, and document high-level solution requirements.

2.3 Perform a use-case scenario assessment, review use-case scenario results, identify use-case alignment, and review the WEM Vendor Landscape vendor profiles and performance.

2.4 Create a custom vendor shortlist and investigate additional vendors for exploration in the marketplace.

2.5 Meet with project manager to discuss results and action items.

Outputs

Vendor Shortlist

WEM RFP

Vendor Evaluations

Selection of a WEM Solution

WEM projected work break-down

Implementation plan

Framework for WEM deployment and CRM/Marketing Management Suite Integration

Transform Your Field Technical Support Services

  • Buy Link or Shortcode: {j2store}112|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Strategy and Organizational Design
  • Parent Category Link: /strategy-and-organizational-design
  • Redefine the role of deskside or field technicians as demand for service evolves and service teams are restructured.
  • Redefine the role of onsite technicians when the help desk is outsourced.
  • Define requirements when supplementing with outsourced field services teams.
  • Identify barriers to streamlining processes.
  • Look for opportunities to streamline processes and better use technical teams.
  • Communicate and manage change to support roles.

Our Advice

Critical Insight

  • Service needs to be defined in a way that considers the organizational need for local, hands-on technicians, the need for customer service, and the need to make the best use of resources that you have.
  • Service level agreements will need to be refined and metrics will need to be analyzed for capacity and skilled planning.
  • Organizational change management will be key to persuade users to engage with the technical team in a way that supports the new structure.

Impact and Result

  • Many IT teams are struggling to keep up with demand while trying to refocus on customer service. With more remote workers than ever, organizations who have traditionally provided desktop and field services have been revaluating the role of the field service technicians. Add in the price of fuel, and there is even more reason to assess the support model.
  • Often changes to the way IT does support, especially if moving centralized support to an outsourcer, is met with resistance by end users who don’t see the value of phoning someone else when their local technician is still available to problem solve. This speaks to the need to ensure the central group is providing value to end users as well as the technical team.
  • With the challenges of finding the right number of technicians with the right skills, it’s time to rethink remote support and how that can be used to train and upskill the people you have. And it’s time to think about how to use field services tools to make the best use of your technician’s time.

Transform Your Field Technical Support Services Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Transform Field Services Guide – A brief deck that outlines key migration steps to improve our remote client support services.

This blueprint will help you:

  • Transform Your Field Technical Services Storyboard

2. Transform Field Services Template – A template to create a transformation proposal.

This template will help you to build your proposal to transform your field services.

  • Proposal to Transform Field Technical Services Template
[infographic]

Further reading

Transform Your Field Technical Support Services

Improve service and reduce costs through digital transformation.

Analyst Perspective

Improve staffing challenges through digital transformation.

Many IT teams are struggling to keep up with demand while trying to refocus on customer service. With more remote workers than ever, organizations who have traditionally provided desktop and field services have been revaluating the role of the field service technicians. Add in the price of fuel, and there is even more reason to assess the support model. Often changes to the way IT does support, especially if moving centralized support to an outsourcer, is met with resistance by end users who don’t see the value of phoning someone else when their local technician is still available to problem solve. This speaks to the need to ensure the central group is providing value to end users as well as the technical team. With the challenges of finding the right number of technicians with the right skills, it’s time to rethink remote support and how that can be used to train and upskill the people you have. And it’s time to think about how to use field services tools to make the best use of your technician’s time.

The image contains a picture of Sandi Conrad.

Sandi Conrad

Principal Research Director

Infrastructure & Operations Practice

Info-Tech Research Group

Executive Summary

Your Challenge

With remote work becoming a normal employee offering for many organizations, self-serve/self-solve becoming more prominent, and a common call out to improve customer service, there is a need to re-examine the way many organizations are supplying onsite support. For organizations with a small number of offices, a central desk with remote tools may be enough or can be combined with a concierge service or technical center, but for organizations with multiple offices it becomes difficult to provide a consistent level of service for all customers unless there is a team onsite for each location. This may not be financially possible if there isn’t enough work to keep a technical team busy full-time.

Common Obstacles

Where people have a choice between calling a central phone number or talking to the technician down the hall, the in-person experience often wins out. End users may resist changes to in-person support as work is rerouted to a centralized group by choosing to wait for their favorite technician to show up onsite rather than reporting issues centrally. This can make the job of the onsite technician more challenging as they need to schedule time in every visit for unplanned work. And where technicians need to support multiple locations, travel needs to be calculated into lost technician time and costs.

Info-Tech’s Approach

  • Service needs to be defined in a way that considers the organizational need for local, hands-on technicians, the need for customer service, and the need to make the best use of resources that you have.
  • Service-level agreements will need to be refined and metrics will need to be analyzed for capacity and skilled planning.
  • Organizational change management will be key to persuade users to engage with the technical team in a way that supports the new structure.

Info-Tech Insight

Improving process will be helpful for smaller teams, but as teams expand or work gets more complicated, investment in appropriate tools to support field services technicians will enable them to be more efficient, reduce costs, and improve outcomes when visits are warranted.

Your challenge

This research is designed to help organizations who are looking to:

  • Redefine the role of deskside or field technicians as demand for service evolves and service teams are restructured.
  • Redefine the role of onsite technicians when the help desk is outsourced.
  • Define requirements when supplementing with outsourced field services teams.
  • Identify barriers to streamlining processes.
  • Look for opportunities to streamline processes and better use technical teams.
  • Communicate and manage change to support roles.

With many companies having new work arrangements for users, where remote work may be a permanent offering or if your digital transformation is well underway, this provides an opportunity to rethink how field support needs to be done.

What is field services?

Field services is in-person support delivered onsite at one or more locations. Management of field service technicians may include queue management, scheduling service and maintenance requests, triaging incidents, dispatching technicians, ordering parts, tracking job status, and billing.

The image contains a diagram to demonstrate what may be supported by field services and what should be supported by field services.

What challenges are you trying to solve within your field services offering?

Focus on the reasons for the change to ensure the outcome can be met. Common goals include improved customer service, better technician utilization, and increased response time and stability.

  • Discuss specific challenges the team feels are contributing to less-than-ideal customer service.
  • Does the team have the skills, knowledge, and tools they need to be successful? Technicians may be solving issues with the customer looking over their shoulder. Having quick access to knowledge articles or to subject matter experts who can provide deeper expertise remotely may be the difference between a single visit to resolve or multiple or extended visits.
  • What percentage of tickets would benefit from triage and troubleshooting done remotely before sending a technician onsite? Where there are a high number of no-fault-found visits, this may be imperative to improving technician availability.
  • Review method for distribution of tickets, including batching criteria and dispatching of technicians. Are tickets being dispatched efficiently? By location and/or priority? Is there an attempt to solve more tickets centrally? Should there be? What SLA adjustment is reasonable for onsite visits?
  • Has the support value been defined?
The image contains a graph to demonstrate Case Casuals in Field Services, where the highest at 55% is break/fix.

Field services will see the biggest improvements through technology updates

Customer Intake

Provide tools for scheduling technicians, self-serve and self- or assisted-solve through ITSM or CRM-based portal and visual remote tools.

The image contains a picture to demonstrate the different field services.

Triage and Troubleshoot

Upgrade remote tools to visual remote solutions to troubleshoot equipment as well as software. Eliminate no-fault-found visits and improve first-time fix rate by visually inspecting equipment before technician deployments.

Improve Communications

FSM GPS and SMS updates can be set to notify customers when a technician is close by and can be used for customer sign-off to immediately update service records and launch survey or customer billing where applicable.

Schedule Technicians

Field service management (FSM) ITSM modules will allow skills-based scheduling for remote technicians and determine best route for multi-site visits.

Enable Work From Anywhere

FSM mobile applications can provide technicians with daily schedules, turn-by-turn directions, access to inventory, knowledge articles, maintenance, and warranty and asset records. Visual remote captures service records and enables access to SMEs.

Manage Expectations

Know where technicians are for routing to emergency calls and managing workload using field service management solutions with GPS.

Digital transformation can dramatically improve customer and technician experience

The image contains an arrown that dips and rises dramatically to demonstrate how digital transformation can dramatically increase customer and technician experience.
Sources: 1 - TechSee, 2019; 2 - Glartek; 3 - Geoforce; 4 - TechSee, 2020

Improve technician utilization and scheduling with field services management software

Field services management (FSM) software is designed to improve scheduling of technicians by skills and location while reducing travel time and mileage. When integrated with ITSM software, the service record is transferred to the field technician for continuity and to prepare for the job. FSM mobile apps will enable technicians to receive schedule updates through the day and through GPS update the dispatcher as technicians move from site to site.

FSM solutions are designed to manage large teams of technicians, providing automated dispatch recommendations based on skills matching and proximity.

Routes can be mapped to reduce travel time and mileage and adjusted to respond to emergency requests by technician skills or proximity. Automation will provide suggestions for work allocation.

Spare parts management may be part of a field services solution, enabling technicians to easily identify parts needed and update real-time inventory as parts are deployed.

Push notifications in real-time streamline communications from the field to the office, and enable technicians to close service records while in the field.

Dispatchers can easily view availability, assign work orders, attach notes to work orders, and immediately receive updates if technicians acknowledge or reject a job.

Maintenance work can be built into online checklists and forms to provide a technician with step-by-step instructions and to ensure a complete review.

Skills and location-based routing allow dispatchers to be able to see closest tech for emergency deployments.

Improve time to resolve while cutting costs by using visual remote support tools

Visual remote support tools enable live video sessions to clearly see what the client or field service technician sees, enabling the experts to provide real-time assistance where the experts will provide guidance to the onsite person. Getting a view of the technology will reduce issues with getting the right parts, tools, and technicians onsite and dramatically reduce second visits.

Visual remote tools can provide secure connections through any smartphone, with no need for the client to install an application.

The technicians can take control of the camera to zoom in, turn on the flashlight for extra lighting, take photos, and save video directly to the tickets.

Optical character recognition allows automatic text capture to streamline process to check warranty, recalls, and asset history.

Visual, interactive workflows enhance break/fix and inspections, providing step-by-step guidance visual evidence and using AI and augmented reality to assess the images, and can provide next steps by connecting to a visual knowledgebase.

Integration with field service management tools will allow information to easily be captured and uploaded immediately into the service record.

Self-serve is available through many of these tools, providing step-by-step instructions using visual cues. These solutions are designed to work in low-bandwidth environments, using Wi-Fi or cellular service, and sessions can be started with a simple link sent through SMS.

Get the Most Out of Workday

  • Buy Link or Shortcode: {j2store}239|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: 20 Average Days Saved
  • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
  • Parent Category Name: Optimization
  • Parent Category Link: /optimization
  • Your Workday systems are critical to supporting the organization’s business processes.They are expensive. Direct benefits and ROI can be hard to measure.
  • Workday application portfolios are often behemoths to support. With complex integration points and unique business processes, stabilization is the norm.
  • Application optimization is essential to staying competitive and productive in today’s digital environment.

Our Advice

Critical Insight

Continuous assessment and optimization of your Workday enterprise resource planning (ERP) is critical to the success of your organization.

Impact and Result

  • Build an ongoing optimization team to conduct application improvements.
  • Assess your Workday application(s) and the environment in which they exist. Take a business first strategy to prioritize optimization efforts.
  • Validate Workday capabilities, user satisfaction, processes, issues around data, integrations, and vendor management to build out an optimization strategy
  • Pull this all together to develop a prioritized optimization roadmap.

Get the Most Out of Workday Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Get the Most Out of Workday – A guide to help the business leverages to accomplish its goals.

Enterprise resource planning (ERP) is a core tool that the business leverages to accomplish its goals. Take a proactive approach to optimize your enterprise applications. Strategically re-align business goals, identify business application capabilities, complete a process assessment, evaluate user satisfaction, measure module satisfaction, and vendor relations to create an optimization plan that will drive a cohesive technology strategy that delivers results.

  • Get the Most Out of Workday – Phases 1-4

2. Get the Most Out of Workday Workbook – A tool to document and assist with this project.

The Get the Most out of Workday Workbook serves as the holding document for the different elements of the Get the Most out Workday blueprint. Use each assigned tab to input the relevant information for the process of optimizing Workday.

  • Get the Most Out of Workday Workbook

3. Workday Application Inventory Tool – A tool to define applications and capabilities around ERP.

Use this tool provide Info-Tech with information surrounding your ERP application(s). This inventory will be used to create a custom Application Portfolio Assessment (APA) for your ERP. The template includes demographics, application inventory, departments to be surveyed and data quality inclusion.

  • Workday Application Inventory Tool

Infographic

Workshop: Get the Most Out of Workday

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Define Your Workday Application Vision

The Purpose

Define your workday application vision.

Key Benefits Achieved

Set the foundation for optimizing Workday by building a cross-functional team, aligning with organizational strategy, inventorying current system state, defining your timeframe, and exploring current costs.

Activities

1.1 Identify stakeholders and build your optimization team.

1.2 Build an ERP strategy model.

1.3 Inventory current system state.

1.4 Define optimization timeframe.

1.5 Understand Workday costs.

Outputs

Workday optimization team

Workday business model

Workday optimization goals

System inventory and data flow

Application and business capabilities list

Workday optimization timeline

2 Map Current-State Capabilities

The Purpose

Map current-state capabilities.

Key Benefits Achieved

Measure the state of your current Workday system to understand where it is not performing well.

Activities

2.1 Assess Workday capabilities.

2.2 Review your satisfaction with the vendor/product and willingness for change.

Outputs

Workday capability gap analysis

Workday user satisfaction (application portfolio assessment)

Workday SoftwareReviews survey results

Workday current costs

3 Assess Workday

The Purpose

Assess Workday.

Key Benefits Achieved

Explore underperforming areas to:

Uncover where user satisfaction is lacking and possible root causes.

Identify process and workflows that are creating issues for end users and identify improvement options.

Understand where data issues are occurring and explore how you can improve these.

Identify integration points and explore if there are any areas of improvement.

Investigate your relationship with the vendor and product, including that relative to others.

Identify any areas for cost optimization (optional).

Activities

3.1 Prioritize optimization opportunities.

3.2 Discover optimization initiatives.

Outputs

Product and vendor satisfaction opportunities

Capability and feature optimization opportunities

Process optimization opportunities

Integration optimization opportunities

Data optimization opportunities

Workday cost-saving opportunities

4 Build the Optimization Roadmap

The Purpose

Build the optimization roadmap.

Key Benefits Achieved

Understanding where you need to improve is the first step, now understand where to focus your optimization efforts, build out next steps and put a timeframe in place.

Activities

4.1 Build your optimization roadmap.

Outputs

Workday optimization roadmap

Further reading

Get the Most Out of Workday

In today’s connected world, the continuous optimization of enterprise applications to realize your digital strategy is key.

EXECUTIVE BRIEF

Analyst Perspective

Focus optimization on organizational value delivery.

HR, finance, and planning systems are the core foundation of enterprise resource systems (ERP) systems. These are core tools that the business leverages to accomplish its goals. An ERP that is doing its job well is invisible to the business. The challenges come when the tool is no longer invisible. It has become a source of friction in the functioning of the business.

Workday is expensive, benefits can be difficult to quantify, and optimization can be difficult to navigate. Over time, technology evolves, organizational goals change, and the health of these systems is often not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

Too often organizations jump into selecting replacement systems without understanding the health of their systems. We can do better than this.

IT leaders need to take a proactive approach to continually monitor and optimize their enterprise applications. Strategically realign business goals, identify business application capabilities, complete a process assessment, evaluate user satisfaction, measure module satisfaction, and improve vendor relations to create an optimization plan that will drive a cohesive technology strategy that delivers results.

Lisa Highfield

Research Director, Enterprise Applications

Info-Tech Research Group

Executive Summary

Your Challenge

Your Workday systems are critical to supporting the organization’s business processes. They are expensive. Direct benefits and ROI can be hard to measure.

Workday application portfolios are often behemoths to support. With complex integration points and unique business processes, stabilization is the norm.

Application optimization is essential to staying competitive and productive in today’s digital environment.

Common Obstacles

Balancing optimization with stabilization is one of the most difficult decisions for Workday application leaders.

Competing priorities and often unclear enterprise application strategies make it difficult to make decisions about what, how, and when to optimize.

Enterprise applications involve large numbers of processes, users, and evolving vendor roadmaps.

Teams do not have a framework to illustrate, communicate, and justify the optimization effort in the language your stakeholders understand.

Info-Tech's Approach

In today’s changing world, it is imperative to evaluate your applications for optimization and to look for opportunities to capitalize on rapidly expanding technologies, integrated data, and employee solutions that meet the needs of your organization.

Assess your Workday applications and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.

Validate capabilities, user satisfaction, and issues around data, vendor management, and costs to build out an overall roadmap and optimization strategy.

Pull this all together to prioritize optimization efforts and develop a concrete roadmap.

Info-Tech Insight

Workday is investing heavily in expanding and deepening its finance and expanded product offerings, but we cannot stand still on our optimization efforts. Understand your product(s), processes, user satisfaction, integration points, and the availability of data to business decision makers. Examine these areas to develop a personalized Workday optimization roadmap that fits the needs of your organization. Incorporate these methodologies into an ongoing optimization strategy aimed at enabling the business, increasing productivity, and reducing costs.

The image shows a graphic titled Get the Most Out of Your ERP. The centre of the graphic shows circular gears labelled with text such as Processes; User Satisfaction; Integrations; Data; and Vendor Relations. There is also text surrounding the central gears in concentric circles, and on either side, there are sets of arrows titled Service-centric capabilities and Product-centric capabilities.

Insight summary

Continuous assessment and optimization of your Workday ERP is critical to the success of your organization.

  • Applications and the environments in which they live are constantly evolving.
  • This blueprint provides business and application managers with a method to complete a health assessment of their Workday systems to identify areas for improvement and optimization.
  • Put optimization practices into effect by:
    • Aligning and prioritizing key business and technology drivers.
    • Identifying ERP process classification and performing a gap analysis.
    • Measuring user satisfaction across key departments.
    • Evaluating vendor relations.
    • Understanding how data plays into the mix.
    • Pulling it all together into an optimization roadmap.

Workday enterprise resource planning (ERP) facilitates the flow of information across business units. It allows for the seamless integration of data across financial and people systems to create a holistic view of the enterprise to support decision making.

In many organizations, Workday is considered the core people systems and is becoming more widely adopted for finance and a full ERP system.

ERP systems are considered the lifeblood of organizations. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

ERP implementation should not be a one-and-done exercise. There needs to be ongoing optimization to enable business processes and optimal organizational results.

Workday enterprise resource planning (ERP)

Workday

  • Finance
  • Human Resources Management
  • Talent and Performance
  • Payroll and Workforce Management
  • Employee Experience
  • Student Information Systems
  • Professional Services Automation
  • Analytics and Reporting
  • Spend Management
  • Enterprise Planning

What is Workday?

Workday has many modules that work together to facilitate the flow of information across the business. Workday’s unique data platform allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making.

In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

Workday operates in many industry verticals and performs well in service organizations.

An ERP system:

  • Automates processes, reducing the amount of manual, routine work.
  • Integrates with core modules, eliminating the fragmentation of systems.
  • Centralizes information for reporting from multiple parts of the value chain to a single point.

Workday Fast Facts

Product Description

  • Workday offers HR, Finance, planning systems, and extended offerings. Workday prides itself on rapidly expanding its product portfolio to meet the needs of organizations in a changing world.
  • The integrated cloud data model Workday has been built on allows for seamless end-to-end organizational data.
  • Offerings include Financial Management, Human Capital Management, Workday Adaptive Planning, Spend Management, Talent Management, Payroll & Workforce Management, Analytics & Reporting, Student, Professional Services Automation, Platform & Product Extensions, Workday Peakon Employee Voice, and most recently VNDLY (contract and vendor management).

Evolution of Workday

Workday HCM 2006

Workday Financial Management 2007

Workday 10 (Finance & HCM) 2010

Workday Student (Higher Education) 2011

Workday Cloud (PAAS) 2017

Acquisition of Adaptive Insights 2018

Acquisition of VNDLY 2021

Vendor Description

  • Workday was founded in 2005 by Aneel Bhusri and Dave Duffield (former PeopleSoft founder.)
  • The platform-as-a-service (PaaS) bundles and modules are sold in a subscription model to customers.
  • Workday has untaken several acquisitions in recent years to grow the product and invests in early-stage companies through Workday Ventures.
  • Workday is publicly traded (2012); Nasdaq: WDAY.

Employees: 12,500

Headquarters: Pleasanton, CA

Website: workday.com

Founded: 2005

Presence: Global, Publicly Traded

Workday by the numbers

77%

77% of clients were satisfied with the product’s business value created. 78% of clients were satisfied that the cost is fair relative to value, and 95% plan to renew. (SoftwareReviews, 2022)

50% of Fortune 500

Workday has seen steady growth working with over 50% of Fortune 500 companies. 4,100 of those are HCM and finance customers. It has seen great success in service industries and has a 95% gross retention rate. (Diginomica)

40%

Workday reported a 40% year-over-year increase in Workday Financial Management deployments for both new and existing customers, as accelerated demand for Workday cloud-based continues. (Workday, June 2021)

Workday Finance

A great opportunity for Workday

Workday continues to invest in Workday Finance

  • 35% of the Fortune 500 and 50% of the Fortune 50 use Workday HCM products (Seeking Alpha, 2019).
  • The customer base for Workday Financial Management has increased from 45 in 2014 to 530 in 2019 with 9 Fortune 500 companies in the mix. This infers that Financial Management is a product that will drive future growth for Workday.

Recent Finance-Related Acquisitions

  • Zimit - Quotation Management
  • Stories.bi - Augmented Analytics
  • Adaptive Insights - Business Planning
  • SkipFlag - Machine Learning (AI)
  • Platfora - Analytics
  • VNDLY - Contractor and Vendor Management

Workday challenges and dissatisfaction

Workday challenges and dissatisfaction

Organizational

  • Competing Priorities
  • Lack of Strategy
  • Budget Challenges

People and teams

  • Knowledgeable Staff/Turnover
  • Lack of Internal Skills
  • Ability to Manage New Products
  • Lack of Training

Technology

  • Integration Issues
  • Selecting Tools & Technology
  • Keeping Pace With Technology Changes
  • Update Challenges

Data

  • Access to Data
  • Data Literacy
  • Data Hygiene
  • One View of the Customer

Finance, IT, Sales, and other users of the ERP system can only optimize ERP with the full support of each other. The cooperation of the departments is crucial when trying to improve ERP technology capabilities and customer interaction.

Info-Tech Insight

While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for ERP.

Where are applications leaders focusing?

Big growth numbers

Year-over-year call topic requests

Enterprise Application Optimization - 124%

Product - 65%

Enterprise Application Selection - 76%

Agile - 79%

(Info-Tech case data, 2022; N=3,293)

We are seeing Applications leaders’ priorities change year over year, driven by a shift in their approach to problem solving. Leaders are moving from a process-centric approach to a collaborative approach that breaks down boundaries and brings teams together.

Other changes

Year-over-year call topic requests

Application Portfolio Management - 13%

Business Process Management - 4%

Software Development Lifecycle -25%

(Info-Tech case data, 2022; N=3,293)

Software development lifecycle topics are tactical point solutions. Organizations have been “shifting left” to tackle the strategic issues such as product vision and Agile mindset to optimize the whole organization.

Application optimization is risky without a plan

Avoid these common pitfalls:

  • Not considering how this pays into the short-, medium-, and long-term ERP strategy.
  • Not considering application optimization as a business and IT partnership, which requires the continuous formal engagement of all participants.
  • Not having a good understanding of your current state, including integration points and data.
  • Not adequately accommodating feedback and changes after digital applications are deployed and employed.
  • Not treating digital applications as a motivator for potential future IT optimization efforts and incorporating digital assets in strategic business planning.
  • Not involving department leads, management, and other subject-matter experts to facilitate the organizational change digital applications bring.

“A successful application optimization strategy starts with the business need in mind and not from a technological point of view. No matter from which angle you look at it, modernizing a legacy application is a considerable undertaking that can’t be taken lightly. Your best approach is to begin the journey with baby steps.” – Norelus, Pamidala, and Senti, 2020

Info-Tech’s methodology for getting the most out of your ERP

1. Map Current-State Capabilities 2. Assess Your Current State 3. Identify Key Optimization Areas 4. Build Your Optimization Roadmap
Phase Steps
  1. Identify Stakeholders and Build Your Workday Optimization Team
  2. Build an ERP Strategy Model
  3. Inventory Current System State
  4. Define Business Capabilities
  • Conduct a Gap Analysis for ERP Processes
  • Assess User Satisfaction
  • Review Your Satisfaction With the Vendor and Product
  1. Identify Key Optimization Areas
  2. Evaluate Product Sustainability Over the Short, Medium, and Long Term
  3. Identify Any Product Changes Anticipated Over Short, Medium, and Long Term
  1. Prioritize Optimization Opportunities
  2. Identify Key Optimization Areas
  3. Compile Optimization Assessment Results
Phase Outcomes
  1. Stakeholder map
  2. Workday optimization team
  3. Workday business model
  4. Strategy alignment
  5. Systems inventory and diagram
  6. Business capabilities map
  7. Key Workday processes list
  1. Gap analysis for Workday-related processes
  2. Understanding of user satisfaction across applications and processes
  3. Insight into Workday data quality
  4. Quantified satisfaction with the vendor and product
  5. Understanding Workday costs
  1. List of Workday optimization opportunities
  1. Workday optimization roadmap

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Get the Most Out of Your Workday Workbook

Identify and prioritize your Workday optimization goals.

Application Portfolio Assessment

Assess IT-enabled user satisfaction across your Workday portfolio.

Key deliverable:

Workday Optimization Roadmap

Complete an assessment of processes, user satisfaction, data quality, and vendor management.

Case Study

MANAGED AP AUTOMATION with OneSource Virtual

TripAdvisor + OneSource

INDUSTRY: Travel

SOURCE: OneSource Virtual, 2017

Challenge

TripAdvisor needed a solution that would decrease administrative labor from its accounting department.

“We needed something that was already compatible with our Workday tenant, that didn’t require a lot of customizations and would be an enhancement to our processes.” – Director of Accounting Operations, Scott Garner

Requirements included:

  • Easy implementation
  • Existing system compatibility
  • Enhancement to the company’s process
  • Competitive pricing
  • Secure

Solution

TripAdvisor chose to outsource its accounts payable services to OneSource Virtual (OSV).

OneSource Virtual offers the comprehensive finance and accounting outsourcing solutions needed to improve efficiency, eliminate paper processes, reduce errors, and improve cash flow.

Managed AP services include scanning and auditing all extracted invoice data for accuracy, transmitting AP files with line-item details from invoices, and creating full invoice images in Workday.

Results

  • Accurate and timely invoice processing for over 3,000 invoices per month.
  • Empowered employees to focus on higher-level tasks rather than day-to-day data entry.
  • 50+ hours saved per week on routine data entry.
  • Employees had 30% of their time freed up to focus on high-value tasks.
  • Allowed TripAdvisor to become more scalable across departments and as an organization.

Info-Tech offers various levels of support to suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

Phase 1

Call #1: Scope requirements, objectives, and your specific challenge.

Phase 2

Call #2:

  • Build the Workday team.
  • Align organizational goals.

Call #3:

  • Map current state.
  • Inventory Workday capabilities and processes.
  • Explore Workday-related costs.

Phase 3

Call #4: Understand product satisfaction and vendor management.

Call #5: Review APA results.

Call #6: Understand Workday optimization opportunities.

Call #7: Determine the right Workday path for your organization.

Phase 4

Call #8: Build out optimization roadmap and next steps.

Workshop Overview

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Day 1Day 2Day 3Day 4Day 5
Define Your Workday Application VisionMap Current StateAssess WorkdayBuild Your Optimization RoadmapNext Steps and

Wrap-Up (offsite)

Activities

1.1 Identify Stakeholders and Build Your Optimization Team

1.2 Build an ERP Strategy Model

1.3 Inventory Current System State

1.4 Define Optimization Timeframe

1.5 Understand Workday Costs

2.1 Assess Workday Capabilities

2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

3.1 Prioritize Optimization Opportunities

3.2 Discover Optimization Initiatives

4.1 Build Your Optimization Roadmap

5.1 Complete In-progress Deliverables From Previous Four Days.

5.2 Set Up Review Time for Workshop Deliverables and to Discuss Next Steps.

Deliverables
  1. Workday optimization team
  2. Workday business model
  3. Workday optimization goals
  4. System inventory and data flow
  5. Application and business capabilities list
  6. Workday optimization timeline
  1. Workday capability gap analysis
  2. Workday user satisfaction (application portfolio assessment)
  3. Workday SoftwareReviews survey results
  4. Workday current costs
  1. Product and vendor satisfaction opportunities
  2. Capability and feature optimization opportunities
  3. Process optimization opportunities
  4. Integration optimization opportunities
  5. Data optimization opportunities
  6. Workday cost-saving opportunities
  1. Workday optimization roadmap

Phase 1

Map Current-State Capabilities

Phase 1

1.1 Identify Stakeholders and Build Your Optimization Team

1.2 Build an ERP Strategy Model

1.3 Inventory Current System State

1.4 Define Optimization Timeframe

1.5 Understand Workday Costs

Phase 2

2.1 Assess Workday Capabilities

2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

Phase 3

3.1 Prioritize Optimization Opportunities

3.2 Discover Optimization Initiatives

Phase 4

4.1 Build Your Optimization Roadmap

This phase will guide you through the following activities:

  • Align your organizational goals
  • Gain a firm understanding of your current state
  • Inventory Workday and related applications
  • Confirm the organization’s capabilities

This phase involves the following participants:

  • CFO
  • Department Leads – Finance, Procurement, Asset Management
  • Applications Director
  • Senior Business Analyst
  • Senior Developer
  • Procurement Analysts

Step 1.1

Identify Stakeholders and Build Your Optimization Team

Activities

1.1.1 Identify Stakeholders Critical to Success

1.1.2 Map Your Workday Optimization Stakeholders

1.1.3 Determine Your Workday Optimization Team

Map Current State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

  • Identify ERP drivers and objectives
  • Explore ERP challenges and pain points
  • Discover ERP benefits and opportunities
  • Align the ERP foundation with your corporate strategy

This step involves the following participants:

  • Stakeholders
  • Project sponsors and leaders

Outcomes of this step

  • Stakeholder map
  • Workday optimization team

ERP optimization stakeholders

  • Understand the roles necessary to Get the Most Out of Your Workday.
  • Understand the role of each player within your project structure. Look for listed participants on the activities slides to determine when each player should be involved.
Title Role Within the Project Structure
Organizational Sponsor
  • Owns the project at the management/C-suite level
  • Responsible for breaking down barriers and ensuring alignment with your organizational strategy
  • CIO, CFO, COO, or similar
Project Manager
  • The IT individual(s) that oversee day-to-day project operations
  • Responsible for preparing and managing the project plan and monitoring the project team’s progress
  • Applications Manager or other IT Manager, Business Analyst, Business Process Owner, or similar
Business Unit Leaders
  • Works alongside the IT Project Manager to ensure the strategy is aligned with business needs
  • In this case, likely to be a marketing, sales, or customer service lead
  • Sales Director, Marketing Director, Customer Care Director, or similar
Optimization Team
  • Comprised of individuals whose knowledge and skills are crucial to project success
  • Responsible for driving day-to-day activities, coordinating communication, and making process and design decisions; can assist with persona and scenario development for ERP
  • Project Manager, Business Lead, ERP Manager, Integration Manager, Application SMEs, Developers, Business Process Architects, and/or similar SMEs
Steering Committee
  • Comprised of the C-suite/management-level individuals that act as the project’s decision makers
  • Responsible for validating goals and priorities, defining the project scope, enabling adequate resourcing, and managing change
  • Project Sponsor, Project Manager, Business Lead, CFO, Business Unit SMEs, or similar

Info-Tech Insight

Do not limit project input or participation. Include subject-matter experts and internal stakeholders at stages within the project. Such inputs can be solicited on a one-off basis as needed. This ensures you take a holistic approach to create your ERP optimization strategy.

1.1.1 Identify Workday optimization stakeholders

1 hour

  1. Hold a meeting to identify the Workday optimization stakeholders.
  2. Use the next slide as a guide.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Understand how to navigate the complex web of stakeholders in ERP

Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

Sponsor End User IT Business
Description An internal stakeholder who has final sign-off on the ERP project. Front-line users of the ERP technology. Back-end support staff who are tasked with project planning, execution, and eventual system maintenance. Additional stakeholders that will be impacted by any ERP technology changes.
Examples
  • CEO
  • CIO/CTO
  • COO
  • CFO
  • Warehouse personnel
  • Sales teams
  • HR admins
  • Applications manager
  • Vendor relationship manager(s)
  • Director, Procurement
  • VP, Marketing
  • Manager, HR
Values Executive buy-in and support is essential to the success of the project. Often, the sponsor controls funding and resource allocation. End users determine the success of the system through user adoption. If the end user does not adopt the system, the system is deemed useless and benefits realization is poor. IT is likely to be responsible for more in-depth requirements gathering. IT possesses critical knowledge around system compatibility, integration, and data. Involving business stakeholders in the requirements gathering will ensure alignment between HR and organizational objectives.

Large-scale ERP projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

The image shows a graph with dots on it, titled Example: Stakeholder Involvement during Selection.

Activity 1.1.2 Map your Workday optimization stakeholders

1 hour

  1. Use the list of Workday optimization stakeholders.
  2. Map each stakeholder on the quadrant based on their expected Influence and involvement in the project.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

The image shows a graph titled Map the Organization's Stakeholders, with stakeholders listed on the left, and arranged in quadrants. Along the bottom of the graph is the text: Involvement, with an arrow pointing to the right. Along the left side of the graph is the text: Influence, with an arrow pointing upwards.

Map the organization’s stakeholders

The image shows the same organization stakeholder map shown in the previous section.

The Workday optimization team

Consider the core team functions when putting together the project team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, and Operations) to create a well-aligned ERP optimization strategy.

Don’t let your project team become too large when trying to include all relevant stakeholders. Carefully limiting the size of the project team will enable effective decision making while still including functional business units such as Human Resources, Operations, Manufacturing, Marketing, Sales, Service, and Finance as well as IT.

Required Skills/Knowledge Suggested Project Team Members
Business
  • Department leads
  • Business process leads
  • Business analysts
  • Subject matter experts
  • SMEs/Business process leads across all functional areas, for example, Strategy, Sales, Marketing, Customer Service, Finance, HR
IT
  • Application development
  • Enterprise integration
  • Business processes
  • Data management
  • Product owner
  • ERP application manager
  • Business process manager
  • Integration manager
  • Application developer
  • Data stewards
Other
  • Operations
  • Administrative
  • Change management
  • COO
  • CFO
  • Change management officer

1.1.3 Determine your Workday optimization team

1 hour

  1. Have the project manager and other key stakeholders discuss and determine who will be involved in the Workday optimization project.
    • The size of the team will depend on the initiative and size of your organization.
    • Key business leaders in key areas and IT representatives should be involved.

Note: Depending on your initiative and size of your organization, the size of this team will vary.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Step 1.2

Build an ERP Strategy Model

Activities

1.2.1 Explore Organizational Goals and Business Needs

1.2.2 Discover Environmental Factors and Technology Drivers

1.2.3 Consider Potential Barriers to Achieving Workday Optimization

1.2.4 Set the Foundation for Success

1.2.5 Discuss Workday Strategy and Develop Your ERP Optimization Goals

Map Current State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

  • Identify ERP drivers and objectives
  • Explore ERP challenges and pain points
  • Discover ERP benefits and opportunities
  • Align the ERP foundation with the corporate strategy

This step involves the following participants:

  • Workday Optimization Team

Outcomes of this step

  • ERP business model
  • Strategy alignment

Align your Workday strategy with the corporate strategy

Corporate Strategy

Your corporate strategy:

  • Conveys the current state of the organization and the path it wants to take.
  • Identifies future goals and business aspirations.
  • Communicates the initiatives that are critical for getting the organization from its current state to the desired future state.

Unified ERP Strategy

  • The ideal ERP strategy is aligned with overarching organizational business goals and broader IT initiatives.
  • Include all affected business units and departments in these conversations.
  • The ERP optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.

IT Strategy

Your IT strategy:

  • Communicates the organization’s budget and spending on ERP.
  • Identifies IT initiatives that will support the business and key ERP objectives.
  • Outlines staffing and resourcing for ERP initiatives.

ERP projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with ERP capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just need to occur at the executive level but at each level of the organization.

ERP Business Model Template

The image shows a template of the ERP Business Model. At the top, there is a section for ERP Needs, then on the left and right, Environmental Factors and Organizational Goals. At the center, there is a box with text that reads Barriers, with empty space underneath it, then the text: ERP Strategy, and then the heading Enables with empty space beneath it. At the bottom are Technology Drivers. There are notes attached to sections. For ERP Needs, the note reads: What are your business drivers? What are your current ERP pains?. For the Environmental Factors section, the note reads: What factors impacting your strategy are out of your control?. For the Technology Drivers section, the note reads: Why do you need a new system? What is the purpose for becoming an integrated organization?.

Conduct interviews to elicit the business context

Stakeholder Interviews

Begin by conducting interviews of your executive team. Interview the following leaders:

  1. Chief Information Officer
  2. Chief Executive Officer
  3. Chief Financial Officer
  4. Chief Revenue Officer/Sales Leader
  5. Chief Operating Officer/Supply Chain & Logistics Leader
  6. Chief Technology Officer/Chief Product Officer

INTERVIEWS MUST UNCOVER:

  1. Your organization’s mission & vision
  2. Your organization’s top business goals
  3. Your organization’s top business initiatives
  4. The stakeholder’s top goals and initiatives
  5. Tools and systems needed to facilitate organizational and departmental goals

Understand the mission, vision, and goals of the organization and supporting departments

Business Needs Business Drivers
Definition A business need is a requirement associated with a particular business process. A business need is a requirement associated with a particular business process.
Examples
  • Audit tracking
  • Authorization levels
  • Business rules
  • Data quality
  • Customer satisfaction
  • Branding
  • Time-to-resolution

Info-Tech Insight

One of the biggest drivers for ERP adoption is the ability to make quicker decisions from timely information. This driver is a result of external considerations. Many industries today are highly competitive, uncertain, and rapidly changing. To succeed under these pressures, there needs to be timely information and visibility into all components of the organization.

1.2.1 Explore organizational goals and business needs

60 minutes

  1. Discuss organizational mission, vision, and goals. What are the top initiatives underway? Are you contracting, expanding, or innovating?
  2. Discuss business needs to support organizational goals. What are identified goals and initiatives at the departmental level? What tools and resources within the Workday system will help make this successful?
  3. Understand how the company is running today and what the organization’s future will look like. Envision the future system state.

Record this information in the Get the Most Out of Your Workday Workbook.

The image shows the same ERP Business Model Template from the previous section, zoomed in on the centre of the graphic.

Organizational Goals

  • Organization’s mission and vision
  • Top business goals
  • Initiatives underway

Business Needs

  • Departmental goals
  • Business drivers
  • Key initiatives
  • Key capabilities to support the organization
  • Requirements to support the business capability and process

Download the Get the Most Out of Your Workday Workbook

ERP Business Model

Organizational Goals

  • Organization’s mission and vision
  • Top business goals (~3)
  • Initiatives underway
  • KPIs and metrics that are important to the organization in achieving its goals and objectives

Business Needs

  • Departmental goals
  • Key initiatives
  • Key capabilities to support the organization
  • Tools and systems required to support business capability or process
  • KPIs and metrics that are important to the department/stakeholder in achieving its goals and objectives

Understand the technology drivers and environmental factors

Technology Drivers Environmental Factors
Definition Technology drivers are technological changes that have created the need for a new ERP enablement strategy. Many organizations turn to technology systems to help them obtain a competitive edge. These external considerations are factors that take place outside of the organization and impact the way business is conducted inside the organization. These are often outside the control of the business. Look three to five years ahead, what challenges will the business face? Where will you have to adapt and pivot? How can we prepare for this?
Examples
  • Deployment model (i.e. SaaS)
  • Integration
  • Reporting capabilities
  • Fragmented technologies
  • Economic and political factors
  • Competitive influencers
  • Compliance regulations

Info-Tech Insight

A comprehensive plan that takes into consideration organizational goals, departmental needs, technology drivers, and environmental factors will allow for a collaborative approach to defining your Workday strategy.

1.2.2 Discover environmental factors and technology drivers

30 minutes

  1. Identify business drivers that are contributing to the organization’s need for ERP.
  2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization. Use a whiteboard or flip charts and markers to capture key findings.
  3. Consider external considerations, organizational drivers, technology drivers, and key functional requirements.

Record this information in the Get the Most Out of Your Workday Workbook.

The image is the same ERP Business Model Template from previous sections. In this instance, it is zoomed into the centre of the graphic, with the environmental factors section circled.

External Considerations

  • Funding constraints
  • Regulations

Technology Considerations

  • Data accuracy
  • Data quality
  • Better reporting

Functional Requirements

  • Information availability
  • Integration between systems
  • Secure data

Download the Get the Most Out of Your Workday Workbook

Create a realistic ERP foundation by identifying the challenges and barriers the project will bestow

There are several different factors that may stifle the success of an ERP implementation. Organizations that are creating an ERP foundation must scan their current environment to identify internal barriers and challenges.

Common Internal Barriers

Management Support Organizational Culture Organizational Structure IT Readiness
Definition The degree of understanding and acceptance toward ERP systems. The collective shared values and beliefs. The functional relationships between people and departments in an organization. The degree to which the organization’s people and processes are prepared for a new ERP system.
Questions
  • Is an ERP project recognized as a top priority?
  • Will management commit time to the project?
  • Are employees resistant to change?
  • Is the organization highly individualized?
  • Is the organization centralized?
  • Is the organization highly formalized?
  • Is there strong technical expertise?
  • Is there strong infrastructure?
Impact
  • Funding
  • Resources
  • Knowledge sharing
  • User acceptance
  • Flow of knowledge
  • Quality of implementation
  • Need for reliance on consultants

1.2.3 Consider potential barriers to achieving Workday optimization

1-3 hours

  1. Open tab 1.2, “Strategy & Goals,” in the Get the Most Out of Your Workday Workbook.
  2. Identify barriers to ERP optimization success.
  3. Review the ERP critical success factors and how they relate to your optimization efforts.
  4. Discuss potential barriers to successful ERP optimization.

Record this information in the Get the Most Out of Your Workday Workbook.

The image is the same zoomed-in section of the ERP Strategy Business Model Template seen in previous sections. In this instance, the Barriers section is circled.

Functional Gaps

  • No online purchase order requisitions

Technical Gaps

  • Inconsistent reporting – data quality concerns

Process Gaps

  • Duplication of data
  • Lack of system integration

Barriers to Success

  • Cultural mindset
  • Resistance to change
  • Lack of training
  • Funding

Download the Get the Most Out of Your Workday Workbook

ERP Business Model

Organizational Goals

  • Efficiency
  • Effectiveness
  • Integrity
  • One source of truth for data
  • One team
  • Customer service, external and internal

Barriers

  • Organizational silos
  • Lack of formal process documentation
  • Funding availability
  • What goes first? Organizational priorities

What does success look like?

Top 15 Critical Success Factors for ERP System Implementation

The image shows a horizontal bar graph with the text: Frequency of Citation (n=127) at the top. Different implementation strategies are listed on the left, in descending order of frequency.

(Epizitone and Olugbara, 2019; CC BY 4.0)

Info-Tech Insight

Complement your ability to deliver on your critical success factors with the capabilities of your implementation partner to drive a successful ERP implementation.

“Implementation partners can play an important role in successful ERP implementations. They can work across the organizational departments and layers creating a synergy and a communications mechanism.” – Ayogeboh Epizitone, Durban University of Technology

1.2.3 Set the foundation for success

1-3 hours

  1. Open tab 1.2, “Strategy & Goals,” in the Get the Most Out of Your Workday Workbook.
  2. Identify barriers to ERP optimization success.
  3. Review the ERP critical success factors and how they relate to your optimization efforts.
  4. Discuss potential barriers to successful ERP optimization.

Record this information in the Get the Most Out of Your Workday Workbook.

The image is the same zoomed-in section of the ERP Strategy Business Model Template seen in previous sections. In this instance, the Enablers section is circled.

Business Benefits

  • Business-IT alignment

IT Benefits

  • Compliance
  • Scalability
  • Operational efficiency

Organizational Benefits

  • Data accuracy
  • Data quality
  • Better reporting

Enablers of Success

  • Change management
  • Training
  • Alignment with strategic objectives

Download the Get the Most Out of Your Workday Workbook

ERP Business Model

Organizational Goals

  • Efficiency
  • Effectiveness
  • Integrity
  • One source of truth for data
  • One team
  • Customer service, external and internal

Enablers

  • Cross-trained employees
  • Desire to focus on value-add activities
  • Collaborative
  • Top-level executive support
  • Effective change management process

The Business Value Matrix

Rationalizing and quantifying the value of Workday

Benefits can be realized internally and externally to the organization or department and have different drivers of value.

  • Financial benefits refer to the degree to which the value source can be measured through monetary metrics and are often quite tangible.
  • Human benefits refer to how an application can deliver value through a user’s experience.
  • Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.
  • Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

Organizational Goals

Increased Revenue

Application functions that are specifically related to the impact on your organization’s ability to generate revenue and deliver value to your customers.

Reduced Costs

Reduction of overhead. The ways in which an application limits the operational costs of business functions.

Enhanced Services

Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

Reach Customers

Application functions that enable and improve the interaction with customers or produce market information and insights.

Business Value Matrix

The image shows a matrix, with Human benefits and Financial Benefits on the horizontal axis, and Outward and Inward on the Vertical axis.

1.2.4 Define your Workday strategy and optimization goals

30 minutes

  1. Discuss the Workday business model exercises and ERP critical success factors.
  2. Through the lens of corporate goals and objectives think about the supporting ERP technology. How can the ERP system bring value to the organization? What are the top things that will make this initiative a success? What major themes are emerging?
  3. Develop five to ten optimization goals that will form the basis for the success of this initiative.
    • What is a strong statement that will help guide decision making throughout the life of the ERP project?
    • What are your overarching requirements for business processes?
    • What do you ultimately want to achieve?
    • What is a statement that will ensure all stakeholders are on the same page for the project?

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Workday strategy and optimization goals

Key Themes Emerging / Workday Strategy

  • Efficiency
  • Effectiveness
  • Integrity
  • One source of truth for data
  • One team
  • Customer service, external and internal

Optimization Goals

  • Support Business Agility: A flexible and adaptable integrated business system providing a seamless user experience.
  • Use ERP best practices: Do not recreate or replicate what we have today; focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
  • Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
  • Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
  • Strive for “One Source of Truth”: Unified data model and integrate processes where possible. Assess integration needs carefully.

Step 1.3

Inventory Current System State

Activities

1.3.1 Inventory Workday Applications and Interactions

1.3.2 Draw Your Workday System Diagram

1.3.3 Inventory Your Workday Modules and Business Capabilities (or Business Processes)

1.3.4 Define Your Key Workday Optimization Modules and Business Capabilities

Map Current-State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

  • Inventory of applications
  • Mapping interactions between systems

This step involves the following participants:

  • Workday Optimization Team
  • Enterprise Architect
  • Data Architect

Outcomes of this step

  • Systems inventory
  • Systems diagram

1.3.1 Inventory Workday applications and interfaces

1-3+ hours

  1. Enter your Workday systems, Workday extended applications, and integrated applications within scope.
  2. Include any abbreviated names or nicknames.
  3. List the application type or main function. List the modules the organization has licensed.
  4. List any integrations.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

ERP Data Flow

When assessing the current application portfolio that supports your ERP, the tendency will be to focus on the applications under the ERP umbrella. These relate mostly to marketing, sales, and customer service. Be sure to include systems that act as input to, or benefit due to outputs from, ERP or similar applications.

The image shows a flowchart, with example ERP Data. There is a colour-coded legend for the data, and at the bottom of the graphic, there is text that reads: Be sure to include enterprise applications that are not included in the ERP application portfolio. There are also definitions of abbreviated terms at the bottom of the graphic.

1.3.2 Draw your Workday system diagram (optional)

1-3+ hours

  1. From the Workday application inventory, diagram your network. Include:
    • Any internal or external systems
    • Integration points
    • Data flow

The image shows the flowchart section of th image that appears in the previous section.

Download the Get the Most Out of Your Workday Workbook

Sample Workday and integrations map

The image shows a sample map of Workday and integrations. There is a colour-coded legend at the bottom right.

Business capability map (Level 0)

In business architecture, the primary view of an organization is known as a business capability map.

A business capability defines what a business does to enable value creation, rather than how.

Business capabilities:

  • Represent stable business functions.
  • Are unique and independent of each other.
  • Will typically have a defined business outcome.

A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

The image shows a Business Capability Map, which is divided into 4 sections: Products and Services Development; Revenue Generation; Demand Fulfillment; and Enterprise Management and Planning

The value stream

Value stream defined:

Value Streams:

Design Product

  • Manufacturers work proactively to design products and services that will meet consumer demand.
  • Products are driven by consumer demand and government regulations.

Produce Product

  • Production processes and labor costs are constantly analyzed for efficiencies and accuracies.
  • Quality of product and services are highly regulated through all levels of the supply chain.

Sell Product

  • Sales networks and sales staff deliver the product from the organization to the end consumer.
  • Marketing plays a key role throughout the value stream connecting consumers’ wants and needs to the products and services offered.

Customer Service

  • Relationships with consumers continue after the sale of products and services.
  • Continued customer support and data mining is important to revenue streams.

Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates. There are two types of value streams: core value streams and support value streams.

  • Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
  • Support value streams are internally facing and provide the foundational support for an organization to operate.

Taking a value stream approach to process mapping allows you to move across departmental and system boundaries to understand the underlying business capability.

Some mistakes organizations make are over-customizing processes, or conversely, not customizing when required. Workday provides good baseline process that work for most organizations. However, if a process is broken or not working efficiently take the time to investigate it, including underlying policies, roles, workflows, and integrations.

Process frameworks

Help define your inventory of sales, marketing, and customer services processes.

Operating Processes
1. Develop vision and strategy 2. Develop and manage products and services 3. Market and sell products and services 4. Deliver physical products 5. Deliver services
Management and Support Processes
6. Manage customer service
7. Develop and manage human capital
8. Manage IT
9. Manage financial resources
10. Acquire, construct, and manage assets
11. Manage enterprise risk, compliance, remediation, and resiliency
12. Manage external relationships
13. Develop and manage business capabilities

(APQC)

If you do not have a documented process model, you can use the APQC Framework to help define your inventory of sales business processes.

APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

APQC’s Process Classification Framework

Process mapping hierarchy

A process classification framework is helpful for organizations to effectively define their processes and manage them appropriately.

Use Info-Tech’s related industry resources or publicly available process frameworks (such as APQC) to develop and map your business processes.

These processes can then be mapped to supporting applications and modules. Policies, roles, and workflows also play a role and should be considered in the overall functioning.

APQC’s Process Classification Framework

The image shows a chart, titled PCL Levels Explained, with each of the PCF Levels listed, and a brief description of each.

(APQC)

Focus on level-1 processes

Level 1 Level 2 Level 3 Level 4
Market and sell products and services Understand markets, customers, and capabilities Perform customer and market intelligence analysis Conduct customer and market research
Market and sell products and services Develop a sales strategy Develop a sales forecast Gather current and historic order information
Deliver services Manage service delivery resources Manage service delivery resource demand Develop baseline forecasts
? ? ? ?

Info-Tech Insight

Focus your initial assessment on the level-1 processes that matter to your organization. This allows you to target your scant resources on the areas of optimization that matter most to the organization and minimize the effort required from your business partners.

You may need to iterate the assessment as challenges are identified. This allows you to be adaptive and deal with emerging issues more readily and become a more responsive partner to the business.

Process mapping and supporting ERP modules

The operating model

An operating model is a framework that drives operating decisions. It helps to set the parameters for the scope of ERP and the processes that will be supported. The operating model will serve to group core operational processes. These groupings represent a set of interrelated, consecutive processes aimed at generating a common output.

From your developed processes and your Workday license agreements you will be able to pinpoint the scope for investigation, including the processes and modules.

The image shows three images, overlapping one another. At the back is a chart with three sections, and boxes beneath. In front of that is a graphic with Objectives, Value Streams, Capabilities, and Processes written down the left side, and descriptions on the right. Below that image is an arrow pointing downward to the text Supporting Workday Modules. In front is a circular graphic with the word Workday in the centre, and circles with text in them around it.

Workday modules and process enablement

Workday Finance

  • Accounts Receivable and Collections
  • Accounts Payable and Payments
  • Asset Management
  • Audit and Controls
  • Billing and Invoicing
  • Cash Management
  • Contracts
  • Financial Reporting and Analysis
  • [Global] Close and Consolidation
  • Multi-GAAP/Multi-book/Multi-chart of Accounts
  • Revenue Management

Spend Management

  • Strategic Sourcing
  • Procure to Pay
  • Inventory
  • Expenses

Professional Services Automation

  • Project and Resource Management
  • Project Financials
  • Project Billing
  • Expense Management
  • Time Tracking

Enterprise Planning

  • Financial planning
  • Reporting
  • Analytics
  • Budgets
  • Insights
  • Workforce planning
  • Sales planning
  • Operational planning

Analytics and Reporting

  • Financial Management Core Reporting
  • Human Capital Management Core Reporting
  • Benchmarking
  • Data Hub
  • Augmented Analytics

Student

  • Admissions
  • Financial Aid
  • Advising
  • Student Finance
  • Student Records

Human Capital Management (HCM)

  • Human Resource Management
  • Organization Management
  • Business Process Management
  • Reporting and Analytics
  • Employee and Manager Self-Service
  • Contingent Labor Management
  • Skills Cloud
  • Absence Management
  • Benefits Administration
  • ACA Management
  • Compensation
  • Talent Optimization

Payroll and Workforce Management

  • Scheduling and Labor Management
  • Time and Attendance
  • Absence
  • Payroll

Employee Experience

  • Employee Engagement Insights
  • Diversity, Inclusion, and Belonging Measurement
  • Health and Well-Being Metrics
  • Back-to-Workplace Readiness
  • Confidential Employee-Manager Conversations
  • Attrition Prediction
  • Continuous Industry Benchmarks

Talent and Performance

  • Talent Profile
  • Continuous Feedback
  • Survey Campaigns
  • Embedded Analytics
  • Goal Management
  • Performance Management
  • Talent Review
  • Calibration
  • Competencies
  • Career and Development Planning
  • Succession Planning
  • Talent Marketplace
  • Mobile
  • Expenses

1.3.3 Inventory your Workday modules and business capabilities

1-3+ hours

  1. Look at the major functions or processes within the scope of ERP.
  2. From the inventory of current systems, choose the submodules or processes that you want to investigate and are within scope for this optimization initiative.
  3. List the top modules, capabilities, or processes that will be within the scope of this optimization initiative.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

1.3.4 Define your key Workday optimization modules and business capabilities

1-3+ hours

  1. Look at the major functions or processes within the scope of ERP.
  2. From the inventory of current systems, choose the submodules or processes for this optimization initiative. Base this on those that are most critical to the business, those with the lowest levels of satisfaction, or those that perhaps need more knowledge around them.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Step 1.4

Define Optimization Timeframe

Activities

1.4.1 Define Workday Key Dates, and Workday Optimization Roadmap Timeframe and Structure

Map Current-State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

  • Defining key dates related to your optimization initiative
  • Identifying key building blocks for your optimization roadmap

This step involves the following participants:

  • Workday Optimization Team
  • Vendor Management

Outcomes of this step

  • Optimization Key Dates
  • Optimization Roadmap Timeframe and Structure

1.4.1 Optimization roadmap timeframe and structure

1-3+ hours

  1. Key items and dates relevant to your optimization initiatives, such as any products reaching end of life or end of contract, or budget proposal submission deadlines.
  2. Enter the expected Optimization Initiative Start Date.
  3. Enter the Roadmap Length. This is the total amount of time you expect to participate in the Workday Optimization Initiative. This includes short-, medium-, and long-term initiatives.
  4. Enter your Roadmap Date markers – how you want dates displayed on the roadmap.
  5. Enter column time values – what level of granularity will be helpful for this initiative?
  6. Enter the sprint or cycle timeframe – use this if following Agile.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Step 1.5

Understand Workday Costs

Activities

1.5.1 Document Costs Associated With Workday

Map Current-State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will walk you through the following activities:

  • Define your Workday direct and indirect costs
  • List your Workday expense line items

This step involves the following participants:

  • Finance representatives
  • Workday Optimization Team

Outcomes of this step

  • Current Workday and related costs

1.5.1 Document costs associated with Workday

1-3 hours

Before you can make changes and optimization decisions, you need to understand the high-level costs associated with your current application architecture. This activity will help you identify the types of technology and people costs associated with your current systems.

  1. Identify the types of technology costs associated with each current system:
    1. System Maintenance
    2. Annual Renewal
    3. Licensing
  2. Identify the cost of people associated with each current system:
    1. Full-Time Employees
    2. Application Support Staff
    3. Help Desk Tickets

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Phase 2

Assess Your Current State

Phase 1

1.1 Identify Stakeholders and Build Your Optimization Team

1.2 Build an ERP Strategy Model

1.3 Inventory Current System State

1.4 Define Optimization Timeframe

1.5 Understand Workday Costs

Phase 2

2.1 Assess Workday Capabilities

2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

Phase 3

3.1 Prioritize Optimization Opportunities

3.2 Discover Optimization Initiatives

Phase 4

4.1 Build Your Optimization Roadmap

This phase will guide you through the following activities:

  • Determine process relevance
  • Perform a gap analysis
  • Perform a user satisfaction survey
  • Assess software and vendor satisfaction

This phase involves the following participants:

  • Workday Optimization Team
  • Users across functional areas of your ERP and related technologies

Step 2.1

Assess Workday Capabilities

Activities

2.1.1 Rate Capability Relevance to Organizational Goals

2.1.2 Complete a Workday Application Portfolio Assessment

2.1.3 (Optional) Assess Workday Process Maturity

Assess Workday Capabilities

Step 2.1

Step 2.2

This step will guide you through the following activities:

  • Capability Relevance
  • Process Gap Analysis
  • Application Portfolio Assessment

This step involves the following participants:

  • Workday Users

Outcomes of this step

  • Workday Capability Assessment

Benefits of the Application Portfolio Assessment

Assess the health of the application portfolio

  • Get a full 360-degree view of the effectiveness, criticality, and prevalence of all relevant applications to get a comprehensive view of the health of the applications portfolio.
  • Identify opportunities to drive more value from effective applications, retire nonessential applications, and immediately address at-risk applications that are not meeting expectations.

Provide targeted department feedback

  • Share end-user satisfaction and importance ratings for core IT services, IT communications, and business enablement to focus on the right end-user groups or lines of business, and ramp up satisfaction and productivity.

Gain insight into the state of data quality

  • Data quality is one of the key issues causing poor ERP user satisfaction and business results. This can include the relevance, accuracy, timeliness, or usability of the organization’s data.
  • Targeted, open-ended feedback around data quality will provide insight into where optimization efforts should be focused.

2.1.1 Complete a current state assessment (via the Application Portfolio Assessment)

3 hours

Option 1: Use Info-Tech’s Application Portfolio Assessment to generate your user satisfaction score. This tool not only measures application satisfaction but also elicits great feedback from users regarding the support they receive from the IT team around Workday.

  1. Download the Workday Application Inventory Tool.
  2. Complete the “Demographics” tab (tab 2).
  3. Complete the “Inventory” tab (tab 3).
    1. Complete the inventory by treating each module within your Workday system as an application.
    2. Treat every department as a separate column in the department section. Feel free to add, remove, or modify department names to match your organization.
    3. Include data quality for all applications applicable.

Option 2: Create a survey manually.

  1. Use tab Reference 2.1 “APA Questions” as a guide for creating your survey.
  2. Send out surveys to end users.
  3. Modify tab 2.1 “Workday Assessment” if required.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Content for New section Tag Goes HereThe image shows a number of charts relating to applications, such as Overall Applications Portfolio Satisfaction and Most Critical Applications. Data is shown in each category relating to number of users, usability, data quality, status, and others.

2.1.2 Complete the Application Portfolio Assessment

3 hours

Option 1: Use Info-Tech’s Application Portfolio Assessment to generate your user satisfaction score. This tool not only measures application satisfaction but also elicits great feedback from users regarding the support they receive from the IT team around Workday.

  1. Download the Workday Application Inventory Tool.
  2. Complete the “Demographics” tab (tab 2).
  3. Complete the “Inventory” tab (tab 3).
    1. Complete the inventory by treating each module within your Workday system as an application.
    2. Treat every department as a separate column in the department section. Feel free to add, remove, or modify department names to match your organization.
    3. Include data quality for all applications applicable.

Option 2: Create a survey manually.

  1. Use tab Reference 2.1 “APA Questions” as a guide for creating your survey.
  2. Send out surveys to end users.
  3. Modify tab 2.1 “Workday Assessment” if required.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

2.1.3 (Optional) Assess Workday process maturity

  1. As with any ERP system, the issues encountered may not be related to the system itself but processes that have developed over time.
  2. Use this opportunity to interview key stakeholders to learn about deeper capability processes.
    1. Identify key stakeholders.
    2. Hold sessions to document deeper processes.
    3. Discuss processes and technical enablement in each area.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Process Maturity Assessment

Process Assessment

Strong

Moderate

Weak

1.1 Financial Planning and Analysis

1.2 Accounting and Financial Close

1.3 Treasury Management

1.4 Financial Operations

1.5 Governance, Risk & Compliance

2.1 Core HR

Description All aspects related to financial operations
Key Success Indicators Month-end reporting in 5 days AR at risk managing down (zero over 90 days) Weekly operating cash flow updates
Timely liquidity for claims payments Payroll audit reporting and insights reporting 90% of workflow tasks captured in ERP
EFT uptake Automated reconciliations Reduce audit hours required
Current Pain Points A lot of voided and re-issued checks NIDPP Integration with banks; can’t get the information back into existing ERP
There is no payroll integration No payroll automation and other processes Lack of integration with HUB
Not one true source of data Incentive payment processing Rewards program management
Audit process is onerous Reconcile AP and AR for dealers

Stakeholders Interviewed:

The process is formalized, documented, optimized, and audited.

The process is poorly documented. More than one person knows how to do it. Inefficient and error-prone.

The process is not documented. One person knows how to do it. The process is ad hoc, not formalized, inconsistent.

Capability Processes:

General Ledger

Accounts Receivable

Incentives Management

Accounts Payable

General Ledger Consolidation

Treasury Management

Cash Management

Subscription / recurring payments

Treasury Transactions

Step 2.2

Review Your Satisfaction With the Vendor/Product and Willingness for Change

Activities

2.2.1 Rate Your Vendor and Product Satisfaction

2.2.2 Review Workday Product Scores (if applicable)

2.2.3 Evaluate Your Product Satisfaction

2.2.4 Check Your Business Process Change Tolerance

Product Satisfaction

Step 2.1

Step 2.2

This step will guide you through the following activities:

  • Rate your vendor and product satisfaction
  • Compare with survey data from SoftwareReviews

This step involves the following participants:

  • Workday Product Owner(s)
  • Procurement Representative
  • Vendor Contracts Manager

Outcomes of this step

  • Quantified satisfaction with vendor and product

2.2.1 Rate your vendor and product satisfaction

30 minutes

Use Info-Tech’s vendor satisfaction survey to identify optimization areas with your ERP product(s) and vendor(s).

  1. Option 1 (recommended): Conduct a satisfaction survey using SoftwareReviews. This option allows you to see your results in the context of the vendor landscape.
  2. Option 2: Use the Get the Most Out of Your Workday Workbook to review your satisfaction with your Workday software.

Record this information in the Get the Most Out of Your Workday Workbook

SoftwareReviews’ Enterprise Resource Planning Category

Download the Get the Most Out of Your Workday Workbook

2.2.2 Review Workday product scores (if applicable)

30 minutes

  1. Download the scorecard for your Workday product from the SoftwareReviews website. (Note: Not all products are represented or have sufficient data, so a scorecard may not be available.)
  2. Use the Get the Most Out of Your Workday Workbook tab 2.3 to record the scorecard results.
  3. Use your Get the Most Out of Your Workday Workbook to flag areas where your score may be lower than the product scorecard. Brainstorm ideas for optimization.

Record this information in the Get the Most Out of Your Workday Workbook.

SoftwareReviews’ Enterprise Resource Planning Category

Download the Get the Most Out of Your Workday Workbook

2.2.3 How does your satisfaction compare with your peers?

Use SoftwareReviews to explore product features, vendor experience, and capability satisfaction.

The image shows two data quadrants, one titled Enterprise Resource Planning - Enterprise, and Enterprise Resource Planning - Midmarket.

(SoftwareReviews ERP Mid-Market, 2022; SoftwareReviews ERP Enterprise, 2022)

2.2.4 Check your business process change tolerance

1 hours

Input

  • Business process capability map

Output

  • Heat map of risk areas that require more attention to validate best practices or minimize customization

Materials

  • Whiteboard/flip charts
  • Get the Most Out of Your Workday Workbook

Participants

  • Implementation team
  • SMEs
  • Departmental Leaders
  1. As a group, list your level-0 and level-1 business capabilities. Sample on the next slide.
  2. Assess the department’s willingness for change and the risk of maintaining the status quo.
  3. Color-code the level-0 business capabilities based on:
    1. Green – Willing to follow best practices
    2. Yellow – May be challenging or unique business model
    3. Red – Low tolerance for change

Record this information in the Get the Most Out of Your Workday Workbook

Heat map representing desire for best practice or those having the least tolerance for change

Legend:

Willing to follow best practice

May be challenging or unique business model

Low tolerance for change

Out of Scope

Product-Centric Capabilities
R&D Production Supply Chain Distribution Asset Mgmt
Idea to Offering Plan to Produce Procure to Pay Forecast to Delivery Acquire to Dispose
Add/Remove Shop Floor Scheduling Add/Remove Add/Remove Add/Remove
Add/Remove Product Costing Add/Remove Add/Remove Add/Remove
Service-Centric Capabilities
Finance HR Marketing Sales Service
Record to Report Hire to Retire Market to Order Quote to Cash Issue to Resolution
Add/Remove Add/Remove Add/Remove Add/Remove Add/Remove
Add/Remove Add/Remove Add/Remove Add/Remove Add/Remove

Determine the areas of risk to conform to best practice and minimize customization. These will be areas needing focus from the vendor, supporting change and guiding best practice.

For example: Must be able to support our unique process manufacturing capabilities and enhance planning and visibility to detailed costing.

Phase 3

Identify Key Optimization Opportunities

Phase 1

1.1 Identify Stakeholders and Build Your Optimization Team

1.2 Build an ERP Strategy Model

1.3 Inventory Current System State

1.4 Define Optimization Timeframe

1.5 Understand Workday Costs

Phase 2

2.1 Assess Workday Capabilities

2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

Phase 3

3.1 Prioritize Optimization Opportunities

3.2 Discover Optimization Initiatives

Phase 4

4.1 Build Your Optimization Roadmap

This phase will walk you through the following activities:

  • Identify key optimization areas
  • Create an optimization roadmap

This phase involves the following participants:

  • Workday Optimization Team

Step 3.1

Prioritize optimization opportunities

Activities

3.1.1 Prioritize Optimization Capability Areas

Build Your Optimization Roadmap

Step 3.1

Step 3.2

This step will guide you through the following activities:

  • Explore existing process gaps
  • Identify the impact of processes on user satisfaction
  • Identify the impact of data quality on user satisfaction
  • Review your overall product satisfaction and vendor management

This step involves the following participants:

  • Workday Optimization Team

Outcomes of this step

  • Application optimization plan

Info-Tech Insight

Enabling a high-performing organization requires excellent management practices and continuous optimization efforts. Your technology portfolio and architecture are important, but we must go deeper. Taking a holistic view of ERP technologies in the environments in which they operate allows for the inclusion of people and process improvements – this is key to maximizing business results. Using a formal ERP optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

Address process gaps:

  • ERP and related technologies are invaluable to the goal of organizational enablement, but they must have supported processes driven by business goals.
  • Identify areas where capabilities need to be improved and work toward optimization.

Support user satisfaction:

  • The best technology in the world won’t deliver business results if it’s not working for the users who need it.
  • Understand concerns, communicate improvements, and support users in all roles.

Improve data quality:

  • Data quality is unique to each business unit and requires tolerance, not perfection.
  • Implement data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.

Proactively manage vendors:

  • Vendor management is a critical component of technology enablement and IT satisfaction.
  • Assess your current satisfaction against that of your peers and work toward building a process that is best fit for your organization.

Assessing application business value

The Business

Keepers of the organization’s mission, vision, and value statements that define IT success. The business maintains the overall ownership and evaluation of the applications.

Business Value of Applications

IT

Technical subject matter experts of the applications they deliver and maintain. Each IT function works together to ensure quality applications are delivered to stakeholder expectations.

First, the authorities on business value need to define and weigh their value drivers that describe the priorities of the organization. This will allow the applications team to apply a consistent, objective, and strategically aligned evaluation of applications across the organization.

In this context…

business value is

the value of the business outcome that the application produces. Additionally, it is how effective the application is at producing that outcome.

Business value IS NOT

the user’s experience or satisfaction with the application.

Brainstorm IT initiatives to enable high areas of opportunity to support the business

Create or Improve:

  • ERP Capabilities
  • Optimization Initiatives

Capabilities are what the system and business do that creates value for the organization.

Optimization initiatives are projects with a definitive start and end date, and they enhance, create, maintain, or remove capabilities with the goal of increasing value.

Brainstorm ERP optimization initiatives in each area. Ensure you are looking for all-encompassing opportunities within the context of IT, the business, and Workday systems.

  • Process
  • Technology
  • Organization

Discover the value drivers of your applications

Financial vs. Human Benefits

Financial benefits refer to the degree to which the value source can be measured through monetary metrics and are often quite tangible.

Human benefits refer to how an application can deliver value through a user’s experience.

Inward vs. Outward Orientation

Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.

Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

The image shows a business value matrix, with Human benefit and Financial benefit in the horizontal and Outward and Inward on the vertical. In the top left quadrant is Reach Customers; top right is Increase Revenue or Deliver Value; bottom left is Enhance Services, and bottom right is Reduce Costs.

The image shows a graph titled Perceived business benefits from using digital tools. It is a bar graph, showing percentages assigned to each perceived benefit. The source is Collins et al, 2017.

Increased Revenue

Application functions that are specifically related to the impact on your organization’s ability to generate revenue and deliver value to your customers.

Reduced Costs

Reduction of overhead. The ways in which an application limits the operational costs of business functions.

Enhanced Services

Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

Reach Customers

Application functions that enable and improve the interaction with customers or produce market information and insights.

Prioritize Workday optimization areas that will bring the most value to the organization

Review your ERP capability areas and rate them according to relevance to organizational goals. This will allow you to eliminate optimization ideas that may not bring value to the organization.

The image shows a graph, separated into quadrants. On the x-axis is Satisfaction, from low to high, and on the Y-axis is Relevant to Organizational Goals from Low to High. The top left quadrant is High Priority, top right is Maintain, and the two lower quadrants are both low priority.

Value vs. Effort

How important is it? vs. How difficult is it?

How important is it? How Difficult is it?

What is the value?

  • Increase revenue
  • Decrease costs
  • Enhanced services
  • Reach customers

What is the benefit?

  • How can it help us reach our goals?

What is the impact?

  • To organizational goals
  • To ERP goals
  • To departmental goals

What is the cost?

  • Hours x Rates ++ =

What is the level of effort?

  • Development effort
  • Operational effort
  • Implementation effort
  • Outside resource coordination

What is the risk of implementing/not implementing?

What is the complexity?

(Roadmunk)

RICE method

Measure the “total impact per time worked”

The image shows a graphic with the word Confidence at the top, then an arrow pointing upwards that reads Impact. Below that, there is an arrow pointing horizontally in both directions that reads Reach, and then a horizontal line, with the word Effort below it.

Reach Impact Confidence Effort

How many people will this improvement impact? Internal: # of users OR # of transactions per period

External: # of customers OR # of transactions per period

What is the scale of impact? How much will the improvement affect satisfaction?

Example Weighting:

1 = Massive Impact

2 = High Impact

1 = Medium Impact

0.5 = Low Impact

0.25 = Very Low Impact

How confident are we that the improvements are achievable and that they will meet the impact estimates?

Example Weighting:

1 = High Confidence

0.80 = Medium Confidence

0.50 = Low Confidence

How much investment will be required to implement the improvement initiative?

FTE hours x cost per hour

(Intercom)

3.1.1 Prioritize and rate optimization capability areas

1-3 hours

  1. Use tab 3.1 Optimization Priorities.
  2. From the Workday Key Capabilities (pulled from tab 1.3 Key Capabilities), discuss areas of scope for the Workday optimization initiative.
  3. Discuss the four areas of the business value matrix and identify how each module, along with organizational goals, can bring value to the organization.
  4. Rate each of your Workday capabilities for the level of importance to your organization. The levels of importance are:
    • Crucial
    • Important
    • Secondary
    • Unimportant
    • Not applicable

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Step 3.2

Discover Optimization Initiatives

Activities

3.2.1 Discover Product and Vendor Satisfaction Opportunities

3.2.2 Discover Capability and Feature Optimization Opportunities

3.2.3 Discover Process Optimization Opportunities

3.2.4 Discover Integration Optimization Opportunities

3.2.5 Discover Data Optimization Opportunities

3.2.6 Discover Workday Cost-Saving Opportunities

Build Your Optimization Roadmap

Step 3.1

Step 3.2

This step will guide you through the following activities:

  • Explore existing process gaps
  • Identify the impact of processes on user satisfaction
  • Identify the impact of data quality on user satisfaction
  • Review your overall product satisfaction and vendor management

This step involves the following participants:

  • Workday Optimization Team

Outcomes of this step

  • Application optimization plan
Content for New section Tag Goes HereThe image shows a graphic title Product Feature Satisfaction, showing features in rank order and data on each.
Content for New section Tag Goes HereThe image shows a graphic titled Vendor Capability Satisfaction, showing features in rank order with related data.

Workday’s partner landscape

Workday uses an extensive partner network to help deliver results.

ADVISORY PARTNERS

Workday Advisory Partners have in-depth knowledge to help customers determine what’s best for their needs and how to maximize business value. They guide you through digital acceleration strategy and planning, product selection, change management, and more.

SERVICES PARTNERS

Workday Services Partners represent a curated community of global systems integrators and regional firms that help companies deploy Workday and continually adopt new capabilities.

SOFTWARE PARTNERS

Workday Software Partners are a global ecosystem of application, content, and technology software companies that design, build, and deploy solution extensions to help customers enhance the capabilities of Workday.

Global payroll PARTNERS

Workday’s Global Payroll Cloud (GPC) program makes it easy to expand payroll (outside of the US, Canada, the UK, and France) to third-party payroll providers around the world using certified, prebuilt integrations from Workday Partners. Payroll partners provide solutions in more than 100 countries.

Adaptive planning PARTNERS

Adaptive planning partners guide you through all aspects of everything from integration to deployment.

With large-scale ERP and HCM systems, the success of the system can be as much about the SI (Systems Integrator) or vendor partners as it is about the core product.

In evaluating your Workday system, think about Workday’s extensive partner network to understand how you can capitalize on your installation.

You do not need to reinvent the system; you may just need an additional service partner or bolt-on solution to round out your product functionality.

Improving vendor management

Create a right-size, right-fit strategy for managing the vendors relevant to your organization.

The image shows a matrix, with strategic value on the x-axis from low to high, and Vendor Spend/Switching Costs on the y-axis, from low to high. In the top left is Operational, top right is Strategic; lower left is commodity; and lower right Tactical.

Info-Tech Insight

A vendor management initiative is an organization’s formalized process for evaluating, selecting, managing, and optimizing third-party providers of goods and services.

The amount of resources you assign to managing vendors depends on the number and value of your organization’s relationships. Before optimizing your vendor management program around the best practices presented in Info-Tech’s Jump Start Your Vendor Management Initiative blueprint, assess your current maturity and build the process around a model that reflects the needs of your organization.

Note: Info-Tech uses VMI interchangeably with the terms “vendor management office (VMO),” “vendor management function,” “vendor management process,” and “vendor management program.”

Jump Start Your Vendor Management Initiative

3.2.1 Discover product and vendor satisfaction

1-2 hours

  1. Review tab 2.2 Vend. & Prod. Sat. to review the overall Product (and Vendor) satisfaction of your Workday system.
  2. Use tab 3.2 Optimization Initiatives to answer the following questions in the Overall Product (and Vendor) Evaluation area.
    • Document overall product satisfaction.
    • How does your satisfaction compare with your peers?
    • Is the overall system fit for use?
    • Do you have a proactive vendor management strategy in place?
    • Is the product dissatisfaction at the point that you need to evaluate if it is time to replace the product?
    • Could your vendor or SI help you achieve better results?

Record this information in the Get the Most Out of Your Workday Workbook.

The image shows a box with text in it, titled 3.2.1 Overall Product (and Vendor) Evaluation.

Download the Get the Most Out of Your Workday Workbook

Content for New section Tag Goes HereThe image is a graphic, with the Five Most Critical Applications section at the top, with related data, and other sets of data included in smaller text at the bottom of the image.

3.2.2 Discover capability and feature optimization opportunities

1-2 hours

  1. Review tab 2.2 Vend. & Prod. Sat. and tab 3.1 Optimization Priorities to review the satisfaction with the capabilities and features of your Workday system.
  2. Use tab 3.2 Optimization Initiatives to answer the following questions in the Capabilities and Features Evaluation area to answer the following questions:
    • What capabilities and features are performing the worst?
    • Do other organizations and users struggle with these areas?
    • Why is it not performing well?
    • Is there an opportunity for improvement?
    • What are some optimization initiatives that could be undertaken?

Record this information in the Get the Most Out of Your Workday Workbook

The image is a box with text in it, titled 3.2.2 Capabilities and Features Evaluation.

Download the Get the Most Out of Your Workday Workbook

Process optimization: the hidden goldmine

Know your strategic goals and KPIs that will deliver results.

Goals of Process Improvement Process Improvement Sample Areas Improvement Possibilities
  • Optimize business and improve value drivers
  • Reduce TCO
  • Reduce process complexity
  • Eliminate manual processes
  • Increase efficiencies
  • Support digital transformation and enablement
  • Order to cash
  • Procure to pay
  • Order to replenish
  • Plan to produce
  • Request to settle
  • Make to order
  • Make to stock
  • Purchase to order
  • Increase number of process instances processed successfully end to end
  • Increase number of instances processed in time
  • Increase degree of process automation
  • Speed up cycle times of supply chain processes
  • Reduce number of process exceptions
  • Apply internal best practices across organizational units

3.2.3 Discover process optimization opportunities

1-2 hours

  1. Use tab 3.1 Optimization Priorities and tab 2.2 Bus Proc Change Tolerance to review process optimization opportunities.
  2. Use tab 3.2 Optimization Initiatives to answer the following questions in the Capabilities and Features Evaluation area to answer the following questions:
    • List underperforming capabilities around process.
    • Answer the following:
      • What is the state of the current processes?
      • Is there an opportunity for process improvement?
      • What are some optimization initiatives that could be undertaken in this area?

Record this information in the Get the Most Out of Your Workday Workbook.

The image shows a box with text in it, titled Processes Optimization.

Download the Get the Most Out of Your Workday Workbook

Integration provides long-term usability

Balance the need for secure, compliant data availability with organizational agility.

The benefits of integration

  • The largest benefit is the extended use of data. The ERP data can be used in the enterprise-level business intelligence suite rather than the application-specific analytics.
  • Enhanced data security. Integrated approaches lend themselves to auditable processes such as sign-on and limit the email movement of data.
  • Regulatory compliance. Large multi-site organizations have many layers of regulation. A clear understanding of where orders, deliveries, and payments were made streamlines the audit process.

The challenges of integration

  • Extending a single instance ERP to multiple sites. The challenge for data management is the same as any SaaS application. The connection and data replication present challenges.
  • Combining data from equally high-volume systems. For Workday it is recommended that one instance is set to primary and all other sites are read-only to maintain data integrity.
  • Incorporating data from the separate system(s). The proprietary and locked-in nature of the data collection and definitions for ERP systems often limit the movement of data between separate systems.

Common integration and consolidation scenarios

Financial Consolidation Data Backup Synchronization Across Sites Legacy Consolidation
  • Financial consolidation requires a holistic view of data format and accounting schedules
  • Problem: Controlling financial documentation across geographic regions. Most companies are required to report in each region where they maintain a presence. Stakeholders and senior management also need a holistic view. This leads to significant strain on the financial department to consolidate both revenue and budget allocations for cross-site projects across the various geographic locations on a regular basis.
  • Solution: For enterprises with a single vendor or Workday-only portfolios, Workday can offer integration tools. For those needing to integrate with other ERPs the use of a connector may be required to send financial data to the main system. The format and accounting calendar for transactions should match the primary ERP system to allow consolidation. The local specific format should be a role-based customization at the level of the site’s specific instance.
  • Use a data center as the main repository to ensure all geographic locations have equal access to the necessary data.
  • Problem: ERP systems generate high volumes of data. Most systems have a defined schedule of back-up during off-hours. Multi-instance brings additional issues through lack of defined off-hours, higher volume of data, and the potential for cross-site or instance data relationships. This leads to headaches for both the Database Administrator and Business Analysts.
  • Solution: The best solution is an offsite data center with high availability. This may include cloud storage or hosted data centers. Regardless of where the data is stored, centralize the data and replicate to each site. Ensure that the data center can mirror the database and Binary Large Object (BLOB) storage that exists for each site.
  • Set up synchronization schedules based on data usage, not site location.
  • Problem: Providing access to up-to-date transactions requires copying of both contextual information (permissions, timestamp, location, history) and the transaction itself across multiple sites to allow local copies to be used for analysis and audits. The sheer volume of information makes timely synchronization difficult.
  • Solution: Not all data needs to be synchronized in a timely fashion. In Workday, administrators can use NetWeaver to maintain and alter global data synchronization through the Master Data Management module. Permissions can be given to users to perform on-demand synchronization of data attached to that user.
  • Carefully define older transactions. Only active transactions should be brought in the ERP. Send older data to storage.
  • Problem: Subsidiaries and acquired companies often have a Tier 2 ERP product. Prior to fully consolidating the processes, many enterprises will want to migrate data to their ERP system to build compliance and audit trails. Migration of data often breaks historical linkages between transactions.
  • Solution: Workday offers tools to integrate data across applications that can be used as part of a data migration strategy. The process of data migration should be combined with data warehousing to ensure a cost-effective process. For most enterprises, the lack of experience in data migration will necessitate the use of consultants and Independent Software Vendors (ISV).

For more information: Implement a Multi-site ERP

3.2.4 Discover integration optimization opportunities

1-2 hours

  1. Use tab 3.2 Optimization Initiatives to answer the following questions in the Integration Evaluation area:
    1. Are there some areas where integration could be improved?
    2. Is there an opportunity for process improvement?
    3. What are some optimization initiatives that could be undertaken in this area?

Record this information in the Get the Most Out of Your Workday Workbook.

The image shows a box with text in it, titled Integration Evaluation.

Download the Get the Most Out of Your Workday Workbook

Use a data strategy that fixes the enterprise-wide data management issues

Your data management must allow for flexibility and scalability for future needs.

IT has several concerns around ERP data and wide dissemination of that data across sites. Large organizations can benefit from building a data warehouse or at least adopting some of the principles of data warehousing. The optimal way to deal with the issue of integration is to design a metadata-driven data warehouse that acts as a central repository for all ERP data. This serves as the storage facility for millions of transactions, formatted to allow analysis and comparison.

Key considerations:

  • Technical: At what stage does data move to the warehouse? Can processes be automated to dump data or to do a scheduled data movement?
  • Process: Data integration requires some level of historical context for all data. Ensure that all data has multiple metadata tags to future-proof the data.
  • People: Who will be accessing the data and what are the key items that users will need to adapt to the data warehouse process?

Info-Tech Insight

Data warehouse solutions can be expensive. See Info-Tech’s Build a Data Warehouse on a Solid Foundation for guidance on what options are available to meet your budget and data needs.

Optimizing Workday data, additional considerations

Data Quality Management Effective Data Governance Data-Centric Integration Strategy Extensible Data Warehousing
  • Prevention is 10x cheaper than remediation. Stop fixing data quality with band-aid solutions and start fixing at the source of the problem.
  • Data quality is unique to each business unit and requires tolerance, not perfection. If the data allows the business to operate at the desired level, don’t waste time fixing data that may not need to be fixed.
  • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.
  • Develop a prioritized data quality improvement project roadmap and long-term improvement strategy.
  • Build related practices with more confidence and less risk after achieving an appropriate level of data quality.
  • Data governance enables data-driven insight. Think of governance as a structure for making better use of data.
  • Collaboration is critical. The business may own the data, but IT understands the data. Data governance will not work unless the business and IT work together.
  • Data governance powers the organization up the data value chain through policies and procedures, master data management, data quality, and data architecture.
  • Create a roadmap to prioritize initiatives and delineate responsibilities among data stewards, data owners, and the data governance steering committee.
  • Ensure buy-in from business and IT stakeholders. Communicate initiatives to end users and executives to reduce resistance.
  • Every enterprise application involves data integration. Any change in the application and database ecosystem requires you to solve a data integration problem.
  • Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.
  • Build your data integration practice with a firm foundation in governance and a reference architecture. Ensure that your process is scalable and sustainable.
  • Support the flow of data through the organization and meet the organization’s requirements for data latency, availability, and relevancy.
  • Data availability must be frequently reviewed and repositioned to continue to grow with the business.
  • A data warehouse is a project, but successful data warehousing is a program. An effective data warehouse requires planning beyond the technology implementation.
  • Governance, not technology, needs to be the core support system for enabling a data warehouse program.
  • Leverage an approach that focuses on constructing a data warehouse foundation that can address a combination of operational, tactical, and ad hoc business needs.
  • Invest time and effort to put together pre-project governance to inform and guide your data warehouse implementation.
  • Select the most suitable architecture pattern to ensure the data warehouse is “built right” at the very beginning.

Build Your Data Quality Program

Establish Data Governance

Build a Data Integration Strategy

Build an Extensible Data Warehouse Foundation

3.2.5 Discover data optimization opportunities

1-2 hours

  1. Use your 2.1 APA survey and/or tab 2.2 Vendor & Prod Sat to better understand issues related to data.
  • Note: Data issues happen for a number of reasons:
    • Poor underlying data in the system
    • More than one source of truth
    • Inability to consolidate data
    • Inability to measure KPIs (key performance indicators) effectively
    • Reporting that is cumbersome or non-existent
  • Use tab 3.2 Optimization Initiatives to answer the following questions in the Data Evaluation area:
    • What are some underlying issues?
    • Is there an opportunity for data improvement?
    • What are some optimization initiatives that could be undertaken in this area?
  • Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled 3.2.5 Data Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Content for New section Tag Goes HereThe image shows a graphic, with a bar graph at the bottom, showing Primary Reason for Leaving Workday Human Capital Management.

    Info-Tech Insight

    The number one reason organizations leave Workday is because of cost. Do not be strong-armed into a contract you do not feel comfortable with. Do your homework, know your leverage points, be fully prepared for cost negotiations, use their competition to your advantage, and get support – such as Info-Tech’s vendor management resources and team.

    Approach contracts and pricing strategically

    Don’t go into contract negotiation blind.

    • Understand the vendor – year-end, market strategy, and competitive position.
    • Take the time to understand the contract. including contract details such as length of the contract, full-service equivalent (FSE, employee count,) innovation fees, modules included, and renewal clauses.
    • Be fully prepared to take a proactive approach to cost negotiations.
      • Use Info-Tech’s vendor management services to support you.
      • Go in prepared.
      • Use your leverage points – FSE count, Module Bundles, CPI & Innovation Fees.
      • Use competition to your advantage.

    Since 2007, Workday has been steadily growing its market share and footprint in human capital management, finance, and student information systems.

    Organizations considering additional modules or undergoing contract renewal need to gain insight into areas of leverage and other relevant vendor information.

    Key issues that occur include pricing transparency and contractual flexibility on terms and conditions. Adequate planning and communication need to be taken into consideration before entering into any agreement.

    3.2.6 Discover Workday cost-saving opportunities

    1-2 hours

    1. Use tab 1.5 Current Costs, as an input for this exercise. Another great resource is Info-Tech’s Workday vendor management resources which you can use to help understand cost-saving strategies.
    2. Use tab 3.2 Optimization Initiatives Costs Evaluation area to list cost savings initiatives and opportunities.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled 3.2.6 Costs Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Other optimization opportunities

    There are many opportunities to improve your Workday portfolio. Choose the ones that are right for your business.

    • Artificial intelligence (AI) (and management of the AI lifecycle)
    • Machine learning (ML)
    • Augment business interactions
    • Automatically execute sales pipelines
    • Process mining
    • Workday application monitoring
    • Be aware of the Workday product roadmap
    • Implement and take advantage of Workday tools and product offerings

    Phase 4

    Build Your Optimization Roadmap

    Phase 1

    1.1 Identify Stakeholders and Build Your Optimization Team

    1.2 Build an ERP Strategy Model

    1.3 Inventory Current System State

    1.4 Define Optimization Timeframe

    1.5 Understand Workday Costs

    Phase 2

    2.1 Assess Workday Capabilities

    2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

    Phase 3

    3.1 Prioritize Optimization Opportunities

    3.2 Discover Optimization Initiatives

    Phase 4

    4.1 Build Your Optimization Roadmap

    This phase will walk you through the following activities:

    • Review the different options to solve the identified pain points
    • Build out a roadmap showing how you will get to those solutions
    • Build a communication plan that includes the stakeholder presentation

    This phase involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Get the Most Out of Your Workday

    Step 4.1

    4.1 Build Your Optimization Roadmap

    Activities

    4.1.1 Evaluate Optimization Initiatives

    4.1.2 Prioritize Your Workday Initiatives

    4.1.3 Build a Roadmap

    4.1.4 Build a Visual Roadmap

    Next steps

    Step 4.1

    This step will walk you through the following activities:

    • Review the different options to solve the identified pain points then build out a roadmap of how to get to that solution.

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    • A strategic direction is set
    • An initial roadmap is laid out

    Evaluate your optimization initiatives and determine next steps to build out your optimization roadmap

    The image shows a chart titled Value Drivers, with specific categories and criteria listed along the top as headings. The rows below the headings are blank.

    Activity 4.1.1 Evaluate optimization Initiatives

    1 hour

    1. Evaluate your optimization initiatives from tab 3.2, Optimization Initiatives.
    2. Complete Value Drivers:
    • Relevance to Organizational Goals and Objectives
    • Applications Portfolio Assessment Survey:
      • Impact: Number of Users, Importance to Role
      • Current State: Satisfaction With Features, Usability, and Data Quality.
    • Value Drivers: Increase Revenue, Decrease Costs, Enhanced Services, or Reach Customers.
    • Additional Factors:
      • Current to Future Risk Profile
      • Number of Departments to Benefit
      • Importance to Stakeholder Relations
  • Complete Effort and Cost Estimations:
    • Resources: Do we have resources available and the skillset?
    • Cost
    • Overall Effort Rating
  • Gut Check: “Is it achievable? Have we done it or something similar before? Are we willing to invest in it?“
  • Decision to Proceed
  • Next Steps
  • Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Activity 4.1.2 Determine your optimization roadmap building blocks

    1 hour

    Optimization initiatives: Determine which if any to proceed with.

    1. Identify initiatives.
    2. For each item on your roadmap assign an owner who will be accountable to the completion of the roadmap item.
    3. Wherever possible, assign a start date, month, or quarter. The more specific you can be the better.
    4. Identify completion dates to create a sense of urgency. If you are struggling with start dates, it can help to start with a finish date and “back in” to a start date based on estimated efforts.
    5. Include periphery tasks such as communication strategy.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Note: Your roadmap should be treated as a living document that is updated and shared with the stakeholders on a regular schedule.

    Download the Get the Most Out of Your Workday Workbook

    Activity 4.1.3 – Build a visual Workday optimization roadmap (optional)

    1 hour

    For some, a visual representation of a roadmap is easier to comprehend.

    Consider taking the roadmap built in 4.1.2 and creating a visual roadmap.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a chart that tracks Initiative and Owner across multiple years.

    Download the Get the Most Out of Your Workday Workbook

    Summary of Accomplishment

    Get the Most Out of Your Workday

    ERP technology is critical to facilitating an organization’s flow of information across business units. It allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making. ERP implementation should not be a one-and-done exercise. There needs to be ongoing optimization to enable business processes and optimal organizational results.

    Get the Most Out of Your Workday allows organizations to proactively implement continuous assessment and optimization of their enterprise resource planning system, including:

    • Alignment and prioritization of key business and technology drivers.
    • Identification of processes, including classification and gap analysis.
    • Measurement of user satisfaction across key departments.
    • Improved vendor relations.
    • Data quality initiatives.

    This formal Workday optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Research Contributors

    Ben Dickie

    Research Practice Lead

    Info-Tech Research Group

    Ben Dickie is a Research Practice Lead at Info-Tech Research Group. His areas of expertise include customer experience management, CRM platforms, and digital marketing. He has also led projects pertaining to enterprise collaboration and unified communications.

    Scott Bickley

    Practice Lead and Principal Research

    Director Info-Tech Research Group

    Scott Bickley is a Practice Lead and Principal Research Director at Info-Tech Research Group focused on vendor management and contract review. He also has experience in the areas of IT asset management (ITAM), software asset management (SAM), and technology procurement along with a deep background in operations, engineering, and quality systems management.

    Andy Neil

    Practice Lead, Applications

    Info-Tech Research Group

    Andy is a Senior Research Director, Data Management and BI, at Info-Tech Research Group. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and the development of industry standard data models.

    Bibliography

    “9 product prioritization frameworks for product managers.” Roadmunk, n.d. Accessed 15 May 2022.

    Armel, Kate. "New Article: Data-Driven Estimation, Management Lead to High Quality." QSM: Quantitative Software Management, 14 May 2013. Accessed 4 Feb. 2021.

    Collins, George, et al., “Connecting Small Businesses in the US.” Deloitte Commissioned by Google, 2017. Web.

    Epizitone, Ayogeboh, and Oludayo O. Olugbara. "Critical Success Factors for ERP System Implementation to Support Financial Functions." Academy of Accounting and Financial Studies Journal, vol. 23, no. 6, 2019. Accessed 12 Oct. 2021

    Gheorghiu, Gabriel. "The ERP Buyer’s Profile for Growing Companies." Selecthub, 2018. Accessed 21 Feb. 2021.

    Karlsson, Johan. "Product Backlog Grooming Examples and Best Practices." Perforce, 18 May 2018. Accessed 4 Feb. 2021.

    Lauchlan, Stuart. “Workday accelerates into fiscal 2023 with a strong year end as cloud adoption gets a COVID-bounce.” diginomica, 1 March 2022. Web.

    "Maximizing the Emotional Economy: Behavioral Economics." Gallup, n.d. Accessed 21 Feb. 2021.

    Noble, Simon-Peter. “Workday: A High-Quality Business That's Fairly Valued.” Seeking Alpha, 8 Apr. 2019. Web.

    Norelus, Ernese, Sreeni Pamidala, and Oliver Senti. "An Approach to Application Modernization: Discovery and Assessment Phase," Medium, 24 Feb. 2020. Accessed 21 Feb. 2021.

    "Process Frameworks." APQC, n.d. Accessed 21 Feb. 2021.

    Saxena, Deepak, and Joe Mcdonagh. "Evaluating ERP Implementations: The Case for a Lifecycle-based Interpretive Approach." The Electronic Journal of Information Systems Evaluation, vol. 22, no. 1, 2019, pp. 29-37. Accessed 21 Feb. 2021.

    “Workday Enterprise Management Cloud Product Scorecard.” SoftwareReviews, May 2022. Web.

    “Workday Meets Growing Customer Demand with Record Number of Deployments and Industry-Leading Customer Satisfaction Score.” Workday, Inc., 7 June 2021. Web.

    Drive Business Value With Off-the-Shelf AI

    • Buy Link or Shortcode: {j2store}205|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy
    • Understanding the impact of the machine learning/AI component that is built into most of the enterprise products and tools and its role in the implementation of the solution.
    • Understanding the most important aspects that the organization needs to consider while planning the implementation of the AI-powered product.

    Our Advice

    Critical Insight

    • Organizations are faced with multiple challenges trying to adopt AI solutions. Challenges include data issues, ethics and compliance considerations, business process challenges, and misaligned leadership goals.
    • When choosing the right product to meet business needs, organizations need to know what questions to ask vendors to ensure they fully understand the implications of buying an AI/ML product.
    • To guarantee the success of your off-the-shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Impact and Result

    To guarantee success of the off-the-shelf AI implementation and deliver value, in addition to formulating a clear definition of the business case and understanding of data, organizations should also:

    • Know what questions to ask vendors while evaluating AI-powered products.
    • Measure the impact of the project on business and IT processes.

    Drive Business Value With Off-the-Shelf AI Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive Business Value With Off-the-Shelf AI Deck – A step-by-step approach that will help guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers business value

    Use this practical and actionable framework that will guide you through the planning of your Off-the-Shelf AI product implementation.

    • Drive Business Value With Off-the-Shelf AI Storyboard

    2. Off-the-Shelf AI Analysis – A tool that will guide the analysis and planning of the implementation

    Use this analysis tool to ensure the success of the implementation.

    • Off-the-Shelf AI Analysis

    Infographic

    Further reading

    Drive Business Value With Off-the-Shelf AI

    A practical guide to ensure return on your Off-the-Shelf AI investment

    Executive Summary

    Your Challenge
    • Understanding the impact of the machine learning/AI component that is built into most of the enterprise products and tools and its role in the implementation of the solution.
    • What are the most important aspects that organizations needs to consider while planning the implementation of the AI-powered product?
    Common Obstacles
    • Organizations are faced with multiple challenges trying to adopt an AI solution. Challenges include data issues, ethics and compliance considerations, business process challenges, and misaligned leadership goals.
    • When choosing the right product to meet business needs, organizations need to know what questions to ask vendors to ensure they fully understand the implications of buying an AI/ML product.
    Info-Tech’s Approach

    Info-Tech’s approach includes a framework that will guide organizations through the process of the Off-the-Shelf AI product selection.

    To guarantee success of the Off-the-Shelf AI implementation and deliver value, organization should start with clear definition of the business case and an understanding of data.

    Other steps include:

    • Knowing what questions to ask vendors to evaluate AI-powered products.
    • Measuring the impact of the project on your business and IT processes.
    • Assessing impact on the organization and ensure team readiness.

    Info-Tech Insight

    To guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Getting value out of AI and machine learning investments

    92.1%

    of companies say they are achieving returns on their data and AI investments

    91.7%

    said they were increasing investments in data and AI

    26.0%

    of companies have AI systems in widespread production
    However, CIO Magazine identified nine main hurdles to AI adoption based on the survey results:
    • Data issues
    • Business process challenges
    • Implementation challenges and skill shortages
    • Costs of tools and development
    • Misaligned leadership goals
    • Measuring and proving business value
    • Legal and regulatory risks
    • Cybersecurity
    • Ethics
    • (Source: CIO, 2019)
    “Data and AI initiatives are becoming well established, investments are paying off, and companies are getting more economic value from AI.” (Source: NewVantage, 2022.)

    67% of companies are currently using machine learning, and 97% are using or planning to use it in the next year.” (Source: Deloitte, 2020)

    AI vs. ML

    Machine learning systems learn from experience and without explicit instructions. They learn patterns from data then analyze and make predictions based on past behavior and the patterns learned.

    Artificial intelligence is a combination of technologies and can include machine learning. AI systems perform tasks mimicking human intelligence such as learning from experience and problem solving. Most importantly, AI is making its own decisions without human intervention.

    The AI system can make assumptions, test these assumptions, and learn from the results.

    (Level of decision making required increases from left to right)
    Statistical Reasoning
    Infer relationships between variables

    Statistical models are designed to find relationships between variables and the significance of those relationships.

    Machine Learning:
    Making accurate predictions

    Machine learning is a subset of AI that discovers patterns from data without being explicitly programmed to do so.

    Artificial Intelligence
    Dynamic adaptation to novelty

    AI systems choose the optimal combination of methods to solve a problem. They make assumptions, reassess the model, and reevaluate the data.

    “Machine learning is the study of computer algorithms that improve automatically through experience.” (Tom Mitchell, 1997)

    “At its simplest form, artificial intelligence is a field, which combines computer science and robust datasets, to enable problem-solving.” (IBM, “What is artificial intelligence?”)

    Types of Off-the-Shelf AI products and solutions

    ML/AI-Powered Products Off-the-Shelf Pre-built and Pre-trained AI/ML Models
    • AI/ML capabilities built into the product and might require training as part of the implementation.
    • Off-the-Shelf ML/AI Models, pre-built, pre-trained, and pre-optimized for a particular task. For example, language models or image recognition models that can be used to speed up and simplify ML/AI systems development.
    Examples of OTS tools/products: Examples of OTS models:

    The data inputs for these models are defined, the developer has to conform to the provided schema, and the data outputs are usually fixed due to the particular task the OTS model is built to solve.

    Insight summary

    Overarching insight:

    To guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Business Goals

    Question the value that AI adds to the tool you are evaluating. Don’t go after the tool simply because it has an AI label attached to it. AI/ML capabilities might add little value but increase implementation complexity. Define the problem you are solving and document business requirements for the tool or a model.

    Data

    Know your data. Determine data requirements to:

    • Train the model during the implementation and development.
    • Run the model in production.

    People/Skills

    Define the skills required for the implementation and assemble the team that will support the project from requirements to deployment and support, through its entire lifecycle. Don’t forget about production support and maintenance.

    Choosing an AI-Powered Tool

    No need to reinvent the wheel and build a product you can buy, but be prepared to work around tool limitations, and make sure you understand the data and the model the tool is built on.

    Choosing an AI/ML Model

    Using Off-the-Shelf-AI models enables an agile approach to system development. Faster POC and validation of ideas and approaches, but the model might not be customizable for your requirements.

    Guaranteeing Off-the-Shelf AI Implementation Success

    Info-Tech Insight

    To guarantee the success of your Off-the-Shelf AI implementation and ensure it delivers value, you must start with a clear definition of the business case and an understanding of your data.

    Why do you need AI in your toolset?
    Business Goals

    Clearly defined problem statement and business requirements for the tool or a model will help you select the right solution that will deliver business value even if it does not have all the latest bells and whistles.

    Small chevron pointing right.
    Do you know the data required for implementation?
    Data

    Expected business outcome defines data requirements for implementation. Do you have the right data required to train and run the model?

    Large chevron pointing right.
    Is your organization ready for AI?
    People/Team/ Skills

    New skills and expertise are required through all phases of the implementation: design, build, deployment, support, and maintenance, as well as post-production support, scaling, and adoption.

    Data Architecture/ Infrastructure

    New tool or model will impact your cloud and integration strategy. It will have to integrate with the existing infrastructure, in the cloud or on prem.

    Large chevron pointing right.
    What questions do you need to ask when choosing the solution?
    Product/ Tool or Model Selection

    Do you know what model powers the AI tool? What data was used to train the tool and what data is required to run it? Ask the right questions.

    Small chevron pointing right.
    Are you measuring impact on your processes?
    Business and IT Processes

    Business processes need to be defined or updated to incorporate the output of the tool back into the business processes to deliver value.

    IT governance and support processes need to accommodate the new AI-powered tool.

    Small chevron pointing right.
    Realize and measure business value of your AI investment
    Value

    Do you have a clear understanding of the value that AI will bring to your organization?Optimization?Increased revenue?Operational efficiency?

    Introduction of Off-the-Shelf AI Requires a Strategic Approach

    Business Goals and Value Data People/Team/ Skills Infrastructure Business and IT Processes
    AI/ML–powered tools
    • Define a business problem that can be solved with either an AI-powered tool or an AI/ML pre-built model that will become part of the solution.
    • Define expectations and assumptions around the value that AI can bring.
    • Document business requirements for the tool or model.
    • Define the scope for a prototype or POC.
    • Define data requirements.
    • Define data required for implementation.
    • Determine if the required data can be acquired or captured/generated.
    • Document internal and external sources of data.
    • Validate data quality (define requirements and criteria for data quality).
    • Define where and how the data is stored and will be stored. Does it have to be moved or consolidated?
    • Define all stakeholders involved in the implementation and support.
    • Define skills and expertise required through all phases of the implementation: design, build, deployment, support, and maintenance.
    • Define skills and expertise required to grow AI practice and achieve the next level of adoption, scaling, and development of the tool or model POC.
    • Define infrastructure requirements for either Cloud, Software-as-a-Service, or on-prem deployment of a tool or model.
    • Define how the tool is integrated with existing systems and into existing infrastructure.
    • Determine the cost to deploy and run the tool/model.
    • Define processes that need to be updated to accommodate new functionality.
    • Define how the outcome of the tool or a model (e.g. predictions) are incorporated back into the business processes.
    • Define new business and IT processes that need to be defined around the tool (e.g. chatbot maintenance; analysis of the data generated by the tool).
    Off-the-shelf AI/ML pre-built models
    • Define the business metrics and KPIs to measure success of the implementation against.
    • Determine if there are requirements for a specific data format required for the tool or a model.
    • Determine if there is a need to classify/label the data (supervised learning).
    • Define privacy and security requirements.
    • Define requirements for employee training. This can be vendor training for a tool or platform training in the case of a pre-built model or service.
    • Define if ML/AI expertise is required.
    • Is the organization ready for ML/AI? Conduct an AI literacy survey and understand team’s concerns, fears, and misconceptions and address them.
    • Define requirements for:
      • Data migration.
      • Security.
      • AI/ML pipeline deployment and maintenance.
    • Define requirements for operation and maintenance of the tool or model.
    • Confirm infrastructure readiness.
    • How AI and its output will be used across the organization.

    Define Business Goals and Objectives

    Why do you need AI in your toolset? What value will AI deliver? Have a clear understanding of business benefits and the value AI delivers through the tool.

    • Define a business problem that can be solved with either an AI-powered tool or AI/ML pre-built model.
    • Define expectations and assumptions around the value that AI can bring.
    • Document business requirements for a tool or model.
    • Start with the POC or a prototype to test assumptions, architecture, and components of the solution.
    • Define business metrics and KPIs to measure success of the implementation.

    Info-Tech Insight

    Question the value that AI adds to the tool you are evaluating. Don’t go after the tool simply because it has an AI label attached to it. AI/ML capabilities might add little value but increase implementation complexity. Define the problem you are solving and document business requirements for the tool or a model.

    Venn diagram of 'Applied Artificial Intelligence (AAI)' with a larger circle at the top, 'Machine Learning (ML)', and three smaller ovals intersecting, 'Computer Vision', 'Natural Language Processing (NLP)', and 'Robotic Process Automation (RPA)'.

    AAI solutions and technologies are helping organizations make faster decisions and predict future outcomes such as:

    • Business process automation
    • Intelligent integration
    • Intelligent insights
    • Operational efficiency improvement
    • Increase revenue
    • Improvement of existing products and services
    • Product and process innovation

    1. Use Info-Tech’s Off-the-Shelf AI Analysis Tool to define business drivers and document business requirements

    2-3 hours
    Screenshot of the Off-the-Shelf AI Analysis Tool's Business Drivers tab, a table with columns 'AI/ML Tool or Model', 'Use Case', 'Business problem / goal for AI/ML use case', 'Description', 'Business Owner (Primary Stakeholder)', 'Priority', 'Stakeholder Groups Impacted', 'Requirements Defined? Yes/No', 'Related Data Domains', and 'KPIs'. Use the Business Drivers tab to document:
    • Business objectives of the initiative that might drive the AI/ML use case.
    • The business owner or primary stakeholder who will help to define business value and requirements.
    • All stakeholders who will be involved or impacted.
    • KPIs that will be used to assess the success of the POC.
    • Data required for the implementation.
    • Use the Business Requirements tab to document high-level requirements for a tool or model.
    • These requirements will be used while defining criteria for a tool selection and to validate if the tool or model meets your business goals.
    • You can use either traditional BRD format or a user story to document requirements.
    Screenshot of the Off-the-Shelf AI Analysis Tool's Business Requirements tab, a table with columns 'Requirement ID', 'Requirement Description / user story', 'Requirement Category', 'Stakeholder / User Role', 'Requirement Priority', and 'Complexity (point estimates)'.

    Download the Off-the-Shelf AI Analysis Tool

    1. Define business drivers and document business requirements

    Input

    • Strategic plan of the organization
    • Data strategy that defines target data capabilities required to support enterprise strategic goals
    • Roadmap of business and data initiatives to support target state of data capabilities

    Output

    • Prioritized list of business use cases where an AI-powered tool or AI/ML can deliver business value
    • List of high-level requirements for the selected use case

    Materials

    • Whiteboard/Flip Charts
    • Off-the-Shelf-AI Analysis Tool, “Business Drivers” and “Business Requirements” tabs

    Participants

    • CIO
    • Senior business and IT stakeholders
    • Data owner(s)
    • Data steward(s)
    • Enterprise Architect
    • Data Architect
    • Data scientist/Data analyst

    Understand data required for implementation

    Do you have the right data to implement and run the AI-powered tool or AI/ML model?

    Info-Tech Insight

    Know your data. Determine data requirements to:

    • Train the model during the implementation and development, and
    • Run the model in production
    AvailabilityArrow pointing rightQualityArrow pointing rightPreparationArrow pointing rightBias, Privacy, SecurityArrow pointing rightData Architecture
    • Define what data is required for implementation, e.g. customer data, financial data, product sentiment.
    • If the data is not available, can it be acquired, gathered, or generated?
    • Define the volume of data required for implementation and production.
    • If the model has to be trained, do you have the data required for training (e.g. dictionary of terms)? Can it be created, gathered, or acquired?
    • Document internal and external sources of data.
    • Evaluate data quality for all data sources based on the requirements and criteria defined in the previous step.
    • For datasets with data quality issues, determine if the data issues can be resolved (e.g. missing values are inferred). If not, can this issue be resolved by using other data sources?
    • Engage a Data Governance organization to address any data quality concerns.
    • Determine if there are requirements for a specific data format required for the tool or model.
    • Determine if there is a need to classify/label or tag the data. What are the metadata requirements?
    • Define whether or not the implementation team needs to aggregate or transform the data before it can be used.
    • Define privacy requirements, as these might affect the availability of the data for ML/AI.
    • Define data bias concerns and considerations. Do you have datasheets for datasets that will be used in this project? What datasets cannot be used to prevent bias?
    • What are the security requirements and how will they affect data storage, product selection, and infrastructure requirements for the tool and overall solution?
    • Define where and how the data is currently stored and will be stored.
    • Does it have to be migrated or consolidated? Does it have to be moved to the cloud or between systems?
    • Is a data lake or data warehouse a requirement for this implementation as defined by the solution architecture?

    2. Use Info-Tech’s Off-the-Shelf AI Analysis Tool to document data requirements

    2-3 hours

    Use the Data tab to document the following for each data source or dataset:
    • Data Domain – e.g. Customer data
    • Data Concept – e.g. Customer
    • Data Internally Accessible – Identify datasets that are required for the implementation even if the data might not be available internally. Work on determining if the data ca be acquired externally or collected internally.
    • Source System – define the primary source system for the data, e.g. Salesforce
    • Target System (if applicable) – Define if the data needs to be migrated/transferred. For example, you might use a datalake or data warehouse for the AI/ML solution or migrate data to the cloud.
    • Classification/Taxonomy/Ontology
    • Data Steward
    • Data Owner
    • Data Quality – Data quality indicator
    • Refresh Rate – Frequency of data refresh. Indicate if the data can be accessed in real time or near-real time

    Screenshot of the Off-the-Shelf AI Analysis Tool's Data tab, a spreadsheet table with the columns listed to the left and below.
    • Retention – Retention policy requirements
    • Compliance Requirements – Define if data has to comply with any of the regulatory requirements, e.g. GDPR
    • Privacy, Bias, and Ethics Considerations – Privacy Act, PIPEDA, etc. Identify if the dataset contains sensitive information that should be excluded from the model, such as gender, age, race etc. Indicate fairness metrics, if applicable.

    Download the Off-the-Shelf AI Analysis Tool

    2. Document data requirements

    Input

    • Documented business use cases from Step 1.
    • High-level business requirements from Step 1.
    • Data catalog, data dictionaries, business glossary
    • Data flows and data architecture

    Output

    • High-level data requirements
    • List of data sources and datasets that can be used for the implementation
    • Datasets that need to be collected or acquired externally

    Materials

    • Whiteboard/Flip Charts
    • Off-the-Shelf AI Analysis Tool, “Data” tab

    Participants

    • CIO
    • Business and IT stakeholders
    • Data owner(s)
    • Data steward(s)
    • Enterprise Architect
    • Data Architect
    • Data scientist/Data analyst

    Is Your Organization Ready for AI?

    Assess organizational readiness and define stakeholders impacted by the implementation. Build the team with the right skillset to drive the solution.

    • Implementation of the AI/ML-powered Off-the-Shelf Tool or an AI/ML model will require a team with a combination of skills through all phases of the project, from design of the solution to build, production, deployment, and support.
    • Document the skillsets required and determine the skills gap. Before you start hiring, depending on the role, you might find talent within the organization to join the implementation team with little to no training.
    • AI/ML resources that may be needed on your team driving AI implementation (you might consider bringing part-time resources to fill the gaps or use vendor developers) are:
      • Data Scientist
      • Machine Learning Engineer
      • Data Engineer
      • Data Architect
      • AI/ML Ops engineer
    • Define training requirements. Consider vendor training for a tool or platform.
    • Plan for future scaling and the growing of the solution and AI practice. Assess the need to apply AI in other business areas. Work with the team to analyze use cases and prioritize AI initiatives. As the practice grows, grow your team expertise.
    • Identify the stakeholders who will be affected by the AI implementation.
    • Work with them to understand and address any concerns, fears, or misconceptions around the role of AI and the consequences of bringing AI into the organization.
    • Develop a communication and change management plan to educate everyone within the organization on the application and benefits of using AI and machine learning.

    Info-Tech Insight:

    Define the skills required for the implementation and assemble the team that will support the project through its entire lifecycle. Don’t forget about production, support, and maintenance.

    3. Build your implementation team

    1-2 hours

    Input: Solution conceptual design, Current resource availability

    Output: Roles required for the implementation of the solution, Resources gap analysis, Training and hiring plan

    Materials: Whiteboard/Flip charts, Off-the-Shelf AI Analysis Tool, “People and Team” tab

    Participants: Project lead, HR, Enterprise Architect

    1. Review your solution conceptual design and define implementation team roles.
    2. Document requirements for each role.
    3. Review current org chart and job descriptions and identify skillset gaps. Draft an action plan to fill in the roles.
    4. Use Info-Tech’s Off-the-Shelf AI Analysis Tool's People and Team tab to document team roles for the entire implementation, including design, build/implement, deployment, support and maintenance, and future development.

    Screenshot of the Off-the-Shelf AI Analysis Tool's People and Team tab, a table with columns 'Design', 'Implement', 'Deployment', 'Support and Maintenance', and 'Future Development'.

    Download the Off-the-Shelf AI Analysis Tool

    Cloud, SaaS or On Prem – what are my options and what is the impact?

    Depending on the architecture of the solution, define the impact on the current infrastructure, including system integration, AI/ML pipeline deployment, maintenance, and data storage

    • Data Architecture: use the current data architecture to design the architecture for an AI-powered solution. Assess changes to the data architecture with the introduction of a new tool to make sure it is scalable enough to support the change.
    • Define infrastructure requirements for either Cloud, Software-as-a-Service, or on-prem deployment of a tool or model.
    • Define how the tool will be integrated with existing systems and into existing infrastructure.
    • Define requirements for:
      • Data migration and data storage
      • Security
      • AI/ML pipeline deployment, production monitoring, and maintenance
    • Define requirements for operation and maintenance of the tool or model.
    • Work with your infrastructure architect and vendor to determine the cost of deploying and running the tool/model.
    • Make a decision on the preferred architecture of the system and confirm infrastructure readiness.

    Download the Create an Architecture for AI blueprint

    4. Use Info-Tech’s Off-the-Shelf AI Analysis Tool to document infrastructure decisions

    2-3 hours

    Input: Solution conceptual design

    Output: Infrastructure requirements, Infrastructure readiness assessment

    Materials: Whiteboard/Flip charts, Off-the-Shelf AI Analysis Tool, “Infrastructure” tab

    Participants: Infrastructure Architect, Solution Architect, Enterprise Architect, Data Architect, ML/AI Ops Engineer

    1. Work with Infrastructure, Data, Solution, and Enterprise Architects to define your conceptual solution architecture.
    2. Define integration and storage requirements.
    3. Document security requirements for the solution in general and the data specifically.
    4. Define MLOps requirements and tools required for ML/AI pipeline deployment and production monitoring.
    5. Use Info-Tech’s Off-the-Shelf AI Analysis Tool's Infrastructure tab to document requirements and decisions around Data and Infrastructure Architecture.

    Screenshot of the Off-the-Shelf AI Analysis Tool's Infrastructure tab, a table with columns 'Cloud, SaaS or On-Prem', 'Data Migration Requirements', 'Data Storage Requirements', 'Security Requirements', 'Integrations Required', and 'AI/ML Pipeline Deployment and Maintenance Requirements'.

    Download the Off-the-Shelf AI Analysis Tool

    What questions do you need to ask vendors when choosing the solution?

    Take advantage of Info-Tech’s Rapid Application Selection Framework (RASF) to guide tool selection, but ask vendors the right questions to understand implications of having AI/ML built into the tool or a model

    Data Model Implementation and Integration Deployment Security and Compliance
    • What data (attributes) were used to train the model?
    • Do you have datasheets for the data used?
    • How was data bias mitigated?
    • What are the data labeling/classification requirements for training the model?
    • What data is required for production? E.g. volume; type of data, etc.
    • Were there any open-source libraries used in the model? If yes, how were vulnerabilities and security concerns addressed?
    • What algorithms are implemented in the tool/model?
    • Can model parameters be configured?
    • What is model accuracy?
    • Level of customization required for the implementation to meet our requirements.
    • Does the model require training? If yes, can you provide details? Can you estimate the effort required?
    • Integration capabilities and requirements.
    • Data migration requirements for tool operation and development.
    • Administrator console – is this functionality available?
    • Implementation timeframe.
    • Is the model or tool deployable on premises or in the cloud? Do you support hybrid cloud and multi-cloud deployment?
    • What cloud platforms are your product/model integrated with (AWS, Azure, GCP)?
    • What are the infrastructure requirements?
    • Is the model containerized/ scalable?
    • What product support and product updates are available?
    • Regulatory compliance (GDPR, PIPEDA, HIPAA, PCI DSS, CCPA, SOX, etc.)?
    • How are data security risks addressed?

    Use Info-Tech’s Off-the-Shelf AI Analysis Tool, “Vendor Questionnaire” tab to track vendor responses to these questions.

    Are you measuring impact on your processes?

    Make sure that you understand the impact of the new technology on the existing business and IT processes.

    And make sure your business processes are ready to take advantage of the benefits and new capabilities enabled by AI/ML.

    Process automation, optimization, and improvement enabled by the technology and AI/ML-powered tools allow organizations to reduce manual work, streamline existing business processes, improve customer satisfaction, and get critical insights to assist decision making.

    To take full advantage of the benefits and new capabilities enabled by the technology, make sure that business and IT processes reflect these changes:

    • Processes that need to be updated.
    • How the outcome of the tool or a model (e.g. predictions) is incorporated into the existing business processes and the processes that will monitor the accuracy of the outcome and monitor performance of the tool or model.
    • New business and IT processes that need to be defined for the tool (e.g. chatbot maintenance, analysis of the data generated by the tool, etc.).

    5. Document the Impact on Business and IT Processes

    2-3 hours

    Input: Solution design, Existing business and IT processes

    Output: Documented updates to the existing processes, Documented new business and IT processes

    Materials: Whiteboard/Flip charts, Off-the-Shelf AI Analysis Tool, “Business and IT Processes” tab

    Participants: Project lead, Business stakeholders, Business analyst

    1. Review current business processes affected by the implementation of the AI/ML- powered tool or model. Define the changes that need to be made. The changes might include simplification of the process due to automation of some of the steps. Some processes will need to be redesigned and some processes might become obsolete.
    2. Document high-level steps for any new processes that need to be defined around the AI/ML-powered tool. An example of such a process would be defining new IT and business processes to support a new chatbot.
    3. Use Info-Tech’s Off-the-Shelf AI Analysis Tool's Business and IT Processes tab, to document process changes.

    Screenshot of the Off-the-Shelf AI Analysis Tool's Business and IT Processes tab, a table with columns 'Existing business process affected', 'New business process', 'Stakeholders involved', 'Changes to be made', and 'New Process High-Level Steps'.

    Download the Off-the-Shelf AI Analysis Tool

    AI-powered Tools – Considerations

    PROS:
    • Enhanced functionality, allows the power of AI without specialized skills (e.g., Mathematica – recognizing patterns in data).
    • Might be a cheaper option compared to building a solution in-house (chatbot, for ex.).

    Info-Tech Insight:

    No need to reinvent the wheel and build the product you can buy, but be prepared to work around tool limitations, and make sure you understand the data and the model the tool is built on.

    CONS:
    • Dependency on the service provider.
    • The tool might not meet all the business requirements without customization.
    • Bias can be built into the tool:
      • Work with the vendor to understand what data was used to train the model.
      • From the perspective of ethics and bias, learn what model is implemented in the tool and what data attributes the model uses.

    Pre-built/pre-trained models – what to keep in mind when choosing

    PROS:
    • Lower cost and less time to development compared to creating and training models from scratch (e.g. using image recognition models or pre-trained language models like BERT).
    • If the pre-trained and optimized model perfectly fits your needs, the model accuracy might be high and sufficient for your scenario.
    • Off-the-Shelf AI models are useful for creating prototypes or POCs, for testing a hypothesis, and for validating ideas and requirements.
    • Usage of Off-the-Shelf models shortens the development cycle and reduces investment risks.
    • Language models are particularly useful if you don’t have data to train your own model (a “small data” scenario).
    • Infrastructure and model training cost reduction.
    CONS:
    • Might be a challenge to deploy and maintain the system in production.
    • Lack of flexibility: you might not be able to configure input or output parameters to your requirements. For example, a pre-built sentiment analysis model might return four values (“positive,” “negative,” “neutral,” and “mixed”), but your solution will require only two or three values.
    • Might be a challenge to comply with security and privacy requirements.
    • Compliance with privacy and fairness requirements and considerations: what data was used to pretrain the model?
    • If open-source libraries were used to create the model, how will vulnerabilities, risks, and security concerns be addressed?

    Info-Tech Insight:

    Using Off-the-Shelf AI models enables an agile approach to system development – faster POC and validation of ideas and approaches, but the model might not be customizable for your requirements.

    Metrics

    Metrics and KPIs for this project will depend on the business goals and objectives that you will identify in Step 1 of the tool selection process.

    Metrics might include:

    • Reduction of time spent on a specific business process. If the tool is used to automate certain steps of a business process, this metric will measure how much time was saved, in minutes/hours, compared to the process time before the introduction of the tool.
    • Accuracy of prediction. This metric would measure the accuracy of estimations or predictions compared to the same estimations done before the implementation of the tool. It can be measured by generating the same prediction or estimation using the AI-powered tool or using any methods used before the introduction of the tool and comparing the results.
    • Accuracy of the search results. If the AI-powered tool is a search engine, compare a) how much time it would take a user to find an article or a piece of content they were searching for using new tool vs. previous techniques, b) how many steps it took the user to locate the required article in the search results, and c) the location of the correct piece of content in the search result list (at the top of the search result list or on the tenth page).
    • Time spent on manual tasks and activities. This metric will measure how much time, in minutes/hours, is spent by the employees or users on manual tasks if the tool automates some of these tasks.
    • Reduction of business process steps (if the steps are being automated). To derive this metric, create a map of the business process before the introduction of the AI-powered tool and after, and determine if the tool helped to simplify the process by reducing the number of process steps.

    Bibliography

    Adryan, Boris. “Is it all machine learning?” Badryan, Oct. 20, 2015. Accessed Feb. 2022.

    “AI-Powered Data Management Platform.” Informatica, N.d. Accessed Feb 2022.

    Amazon Rekognition. “Automate your image and video analysis with machine learning.” AWS. N.d. Accessed Feb 2022.

    “Artificial Intelligence (AI).” IBM Cloud Education, 3 June 2020. Accessed Feb 2022.

    “Artificial intelligence (AI) vs machine learning (ML).” Microsoft Azure Documentation. Accessed Feb. 2022.

    “Avante Garde in the Realm of AI” SearchUnify Cognitive Platform. Accessed Feb 2022.

    “Azure Cognitive Services.” Microsoft. N.d. Accessed Feb 2022.

    “Becoming an AI-fueled organization. State of AI in the enterprise, 4th edition,” Deloitte, 2020. Accessed Feb. 2022.

    “Coveo Predictive Search.” Coveo, N.d. Accessed Feb 2022.

    ”Data and AI Leadership. Executive Survey 2022. Executive Summary of Findings.” NewVantage Partners. Accessed Feb 2022.

    “Einstein Discovery in Tableau.” Tableau, N.d. Accessed Feb 2022.

    Korolov, Maria. “9 biggest hurdles to AI adoption.” CIO, Feb 26, 2019. Accessed Feb 2022.

    Meel, Vidushi. “What Is Deep Learning? An Easy to Understand Guide.” visio.ai. Accessed Feb. 2022.

    Mitchell, Tom. “Machine Learning,” McGraw Hill, 1997.

    Stewart, Matthew. “The Actual Difference Between Statistics and Machine Learning.” Towards Data Science, Mar 24, 2019. Accessed Feb 2022.

    “Sentiment analysis with Cognitive Services.” Microsoft Azure Documentation. Accessed February 2022.

    “Three Principles for Designing ML-Powered Products.” Spotify Blog. Oct 2019, Accessed Feb 2022.

    “Video Intelligence API.” Google Cloud Platform. N.d. Accessed Feb 2022

    Prevent Data Loss Across Cloud and Hybrid Environments

    • Buy Link or Shortcode: {j2store}377|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Organizations are often beholden to compliance obligations that require protection of sensitive data.
    • All stages of the data lifecycle exist in the cloud and all stages provide opportunity for data loss.
    • Organizations must find ways to mitigate insider threats without impacting legitimate business access.

    Our Advice

    Critical Insight

    • Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate, tools within your existing security program.
    • The journey to data loss prevention is complex and should be taken in small and manageable steps.

    Impact and Result

    • Organizations will achieve data comprehension.
    • Organizations will align DLP with their current security program and architecture.
    • A DLP strategy will be implemented with a distinct goal in mind.

    Prevent Data Loss Across Cloud and Hybrid Environments Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Prevent Data Loss Across Cloud and Hybrid Environments Storyboard – A guide to handling data loss prevention in cloud services.

    This research describes an approach to strategize and implement DLP solutions for cloud services.

    • Prevent Data Loss Across Cloud and Hybrid Environments Storyboard

    2. Data Loss Prevention Strategy Planner – A workbook designed to guide you through identifying and prioritizing your data and planning what DLP actions should be applied to protect that data.

    Use this tool to identify and prioritize your data, then use that information to make decisions on DLP strategies based on classification and data environment.

    • Data Loss Prevention Strategy Planner
    [infographic]

    Further reading

    Prevent Data Loss Across Cloud and Hybrid Environments

    Leverage existing tools and focus on the data that matters most to your organization.

    Analyst Perspective

    Data loss prevention is an additional layer of protection

    Driven by reduced operational costs and improved agility, the migration to cloud services continues to grow at a steady rate. A recent report by Palo Alto Networks indicates workload in the cloud increased by 13% last year, and companies are expecting to move an additional 11% of their workload to the cloud in the next 24 months1.

    However, moving to the cloud poses unique challenges for cyber security practitioners. Cloud services do not offer the same level of management and control over resources as traditional IT approaches. The result can be reduced visibility of data in cloud services and reduced ability to apply controls to that data, particularly data loss prevention (DLP) controls.

    It’s not unusual for organizations to approach DLP as a point solution. Many DLP solutions are marketed as such. The truth is, DLP is a complex program that uses many different parts of an organization’s security program and architecture. To successfully implement DLP for data in the cloud, an organization should leverage existing security controls and integrate DLP tools, whether newly acquired or available in cloud services, with its existing security program.

    Photo of Bob Wilson
    Bob Wilson
    CISSP
    Research Director, Security and Privacy
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Organizations must prevent the misuse and leakage of data, especially sensitive data, regardless of where it’s stored.

    Organizations often have compliance obligations requiring protection of sensitive data.

    All stages of the data lifecycle exist in the cloud and all stages provide opportunity for data loss.

    Organizations must find ways to mitigate insider threats without impacting legitimate business access.

    Common Obstacles

    Many organizations must handle a plethora of data in multiple varied environments.

    Organizations don’t know enough about the data they use or where it is located.

    Different systems offer differing visibility.

    Necessary privileges and access can be abused.

    Info-Tech’s Approach

    The path to data loss prevention is complex and should be taken in small and manageable steps.

    First, organizations must achieve data comprehension.

    Organizations must align DLP with their current security program and architecture.

    Organizations need to implement DLP with a distinct goal in mind.

    Once the components are in place it’s important to measure and improve.

    Info-Tech Insight

    Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate, tools within your existing security program.

    Your challenge

    Protecting data is a critical responsibility for organizations, no matter where it is located.

    45% of breaches occurred in the cloud (“Cost of a Data Breach 2022,” IBM Security, 2022).

    A diagram that shows the mean time to detect and contain.

    It can take upwards of 12 weeks to identify and contain a breach (“Cost of a Data Breach 2022,” IBM Security, 2022).

    • Compliance obligations will require organizations to protect certain data.
    • All data states can exist in the cloud, and each state provides a unique opportunity for data loss.
    • Insider threats, whether intentional or not, are especially challenging for organizations. It’s necessary to prevent illicit data use while still allowing work to happen.

    Info-Tech Insight

    Data loss prevention doesn’t depend on a single tool. Many of the leading cloud service providers offer DLP controls with their services and these controls should be considered.

    Common obstacles

    As organizations increasingly move data into the cloud, their environments become more complex and vulnerable to insider threats

    • It’s not uncommon for an organization not to know what data they use, where that data exists, or how they are supposed to protect it.
    • Cloud systems, especially software as a service (SaaS) applications, may not provide much visibility into how that data is stored or protected.
    • Insider threats are a primary concern, but employees must be able to access data to perform their duties. It isn’t always easy to strike a balance between adequate access and being too restrictive with controls.

    Insider threats are a significant concern

    53%

    53% of a study’s respondents think it is more difficult to detect insider threats in the cloud.

    Source: "2023 Insider Threat Report," Cybersecurity Insiders, 2023

    45%

    Only about 45% of organizations think native cloud app functionality is useful in detecting insider threats.

    Source: "2023 Insider Threat Report," Cybersecurity Insiders, 2023

    Info-Tech Insight

    An insider threat management (ITM) program focuses on the user. DLP programs focus on the data.

    Insight summary

    DLP is not just a single tool. It’s an additional layer of security that depends on different components of your security program, and it requires time and effort to mature.

    Organizations should leverage existing security architecture with the DLP controls available in the cloud services they use.

    Data loss prevention is not a point solution

    Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate tools within your existing security program.

    Prioritize data

    Start with the data that matters most to your organization.

    Define an objective

    Having a clearly defined objective will make implementing a DLP program much easier.

    DLP is a layer

    Data loss prevention is not foundational, and it depends on many other parts of a mature information security program.

    The low hanging fruit is sweet

    Start your DLP implementation with a quick win in mind and build on small successes.

    DLP is a work multiplier

    Your organization must be prepared to investigate alerts and respond to incidents.

    Prevent data loss across cloud or hybrid environments

    A diagram that shows preventing data loss across cloud or hybrid environments

    Data loss prevention is not a point solution.
    It’s the outcome of a well-designed strategy that incorporates multiple, sometimes disparate tools within your existing security program.

    Info-Tech Insight

    Leverage existing security tools where possible.

    Data loss prevention (DLP) overview

    DLP is an additional layer of security.

    DLP is a set of technologies and processes that provides additional data protection by identifying, monitoring, and preventing data from being illicitly used or transmitted.

    DLP depends on many components of a mature security program, including but not limited to:

    • Acceptable use policy
    • Data classification policy and data handling guidelines
    • Identity and access management

    DLP is achieved through some or all of the following tactics:

    • Identify: Data is detected using policies, rules, and patterns.
    • Monitor: Data is flagged and data activity is logged.
    • Prevent: Action is taken on data once it has been detected.

    Info-Tech Insight

    DLP is not foundational. Your information security program needs to be moderately mature to support a DLP strategy.

    DLP approaches and methods

    DLP uses a handful of techniques to achieve its tactics:

    • Policy and access rights: Limits access to data based on user permissions or other contextual attributes.
    • Isolation or virtualization: Data is isolated in an environment with channels for data leakage made unavailable.
    • Cryptographic approach: Data is encrypted.
    • Quantifying and limiting: Use or transfer of data is restricted by quantity.
    • Social and behavioral analysis: The DLP system detects anomalous activity, such as users accessing data outside of business hours.
    • Pattern matching: Data content is analyzed for specific patterns.
    • Data mining and text clustering: Large sets are analyzed, typically with machine learning (ML), to identify patterns.
    • Data fingerprinting: Data files are matched against a pre-calculated hash or based on file contents.
    • Statistical Analysis: Data content is analyzed for sensitive data. Usually involves machine learning.


    DLP has two primary approaches for applying techniques:

    • Content-based: Data is identified through inspecting its content. Fingerprinting and pattern matching are examples of content-based methods.
    • Context-based: Data is identified based on its situational or contextual attributes. Some factors that may be used are source, destination, and format.

    Some DLP tools use both approaches.

    Info-Tech Insight

    Different DLP products will support different methods. It is important to keep these in mind when choosing a DLP solution.

    Start by defining your data

    Define data by answering the 5 “W”s

    Who? Who owns the data? Who needs access? Who would be impacted if it was lost?
    What? What data do you have? What type of data is it? In what format does it exist?
    When? When is the data generated? When is it used? When is it destroyed?
    Where? Where is the data stored? Where is it generated? Where is it used?
    Why? Why is the data needed?

    Use what you discover about your data to create a data inventory!

    Compliance requirements

    Compliance requirements often dictate what must be done to manage and protect data and vary from industry to industry.

    Some examples of compliance requirements to consider:

    • Healthcare - Health Insurance Portability and Accountability Act (HIPAA)
    • Financial Services - Gramm-Leach-Bliley Act (GLBA)
    • Payment Card Industry Data Security Standards (PCI DSS)

    Info-Tech Insight

    Why is especially important. If you don’t need a specific piece of data, dispose of it to reduce risk and administrative overhead related to maintaining or protecting data.

    Classify your data

    Data classification facilitates making decisions about how data is treated.

    Data classification is a process by which data is categorized.

    • The classifications are often based on the sensitivity of the data or the impact a loss or breach of that data would have on the organization.
    • Data classification facilitates decisions about data handling and how information security controls are implemented. Instead of considering many different types of data individually, decisions are based on a handful of classification levels.
    • A mature data classification should include a formalized policy, handling standards, and a steering committee.

    Refer to our Discover and Classify Your Data blueprint for guidance on data classification.

    Sample data classification schema

    Label

    Category

    Top Secret Data that is mission critical and highly likely to negatively impact the organization if breached. The “crown jewels.”
    Examples: Trade secrets, military secrets
    Confidential Data that must not be disclosed, either because of a contractual or regulatory requirement or because of its value to the organization.
    Examples: Payment card data, private health information, personally identifiable information, passwords
    Internal Data that is intended for organizational use, which should be kept private.
    Examples: Internal memos, sales reports
    Limited Data that isn’t generally intended for public consumption but may be made public.
    Examples: Employee handbooks, internal policies
    Public Data that is meant for public consumption and anonymous access.
    Examples: Press releases, job listings, marketing material

    Info-Tech Insight

    Data classification should be implemented as a continuous program, not a one-time project.

    Understand data risk

    Knowing where and how your data is at risk will inform your DLP strategy.

    Data exists in three states, and each state presents different opportunities for risk. Different DLP methodologies will be appropriate for different states.

    Data states

    In use

    • End-user devices
    • Mobile devices
    • Servers

    In motion

    • Cloud services
    • Email
    • Web/web apps
    • Instant messaging
    • File transfers

    At rest

    • Cloud services
    • Databases
    • End-user devices
    • Email archives
    • Backups
    • Servers
    • Physical storage devices

    Causes of Risk

    The most common causes of data loss can be categorized by people, processes, and technology.

    A diagram that shows the categorization of causes of risk.

    Check out our Combine Security Risk Management Components Into One Program blueprint for guidance on risk management, including how to do a full risk assessment.

    Prioritize your data

    Know what data matters most to your organization.

    Prioritizing the data that most needs protection will help define your DLP goals.

    The prioritization of your data should be a business decision based on your comprehension of the data. Drivers for prioritizing data can include:

    • Compliance-driven: Noncompliance is a risk in itself and your organization may choose to prioritize data based on meeting compliance requirements.
    • Audit-driven: Data can be prioritized to prepare for a specific audit objective or in response to an audit finding.
    • Business-driven: Data could be prioritized based on how important it is to the organization’s business processes.

    Info-Tech Insight

    It’s not feasible for most organizations to apply DLP to all their data. Start with the most important data.

    Activity: Prioritize your data

    Input: Lists of data, data types, and data environments
    Output: A list of data types with an estimated priority
    Materials: Data Loss Prevention Strategy Planner worksheet
    Participants: Security leader, Data owners

    1-2 hours

    For this activity, you will use the Data Loss Prevention Strategy Planner workbook to prioritize your data.

    1. Start with tab “2. Setup” and fill in the columns. Each column features a short explanation of itself, and the following slides will provide more detail about the columns.
    2. On tab “3. Data Prioritization,” work through the rows by selecting a data type and moving left to right. This sheet features a set of instructions at the top explaining each column, and the following slides also provide some guidance. On this tab, you may use data types and data environments multiple times.

    Click to download the Data Loss Prevention Strategy Planner

    Activity: Prioritize your data

    In the Data Loss Prevention Strategy Planner tool, start with tab “2. Setup.”

    A diagram that shows tab 2 setup

    Next, move to tab “3. Data Prioritization.”

    A diagram that shows tab 3 Data Prioritization.

    Click to download the Data Loss Prevention Strategy Planner

    Determine DLP objectives

    Your DLP strategy should be able to function as a business case.

    DLP objectives should achieve one or more of the following:

    • Prevent disclosure or unauthorized use of data, regardless of its state.
    • Preserve usability while providing adequate security.
    • Improve security, privacy, and compliance capabilities.
    • Reduce overall risk for the enterprise.

    Example objectives:

    • Prevent users from emailing ePHI to addresses outside of the organization.
    • Detect when a user is uploading an unusually large amount of data to a cloud drive.

    Most common DLP use cases:

    • Protection of data, primarily from internal threats.
    • Meet compliance requirements to protect data.
    • Automate the discovery and classification of data.
    • Provide better data management and visibility across the enterprise.
    • Manage and protect data on mobile devices.

    Info-Tech Insight

    Having a clear idea of your objectives will make implementing a DLP program easier.

    Align DLP with your existing security program/architecture

    DLP depends on many different aspects of your security program.
    To the right are some components of your existing security program that will support DLP.


    1. Data handling standards or guidelines: These specify how your organization will handle data, usually based on its classification. Your data handling standards will inform the development of DLP rules, and your employees will have a clear idea of data handling expectations.

    2. Identity and access management (IAM): IAM will control the access users have to various resources and data and is integral to DLP processes.

    3. Incident response policy or plan: Be sure to consider your existing incident handling processes when implementing DLP. Modifying your incident response processes to accommodate alerts from DLP tools will help you efficiently process and respond to incidents.

    4. Existing security tools: Firewalls, email gateways, security information and event management (SIEM), and other controls should be considered or leveraged when implementing a DLP solution.

    5. Acceptable use policy: An organization must set expectations for acceptable/unacceptable use of data and IT resources.

    6. User education and awareness: Aside from baseline security awareness training, organizations should educate users about policies and communicate the risks of data leakage to reduce risk caused by user error.

    Info-Tech Insight

    Consider DLP as a secondary layer of protection; a safety net. Your existing security program should do most of the work to prevent data misuse.

    Cloud service models

    A fundamental challenge with implementing DLP with cloud services is the reduced flexibility that comes with managing less of the technology stack. Each cloud model offers varying levels of abstraction and control to the user.

    Infrastructure as a service (IaaS): This service model provides customers with virtualized technology resources, such as servers and networking infrastructure. IaaS allows users to have complete control over their virtualized infrastructure without needing to purchase and maintain hardware resources or server space. Popular examples include Amazon Web Servers, Google Cloud Engine, and Microsoft Azure.

    Platform as a service (PaaS): This service model provides users with an environment to develop and manage their own applications without needing to manage an underlying infrastructure. Popular examples include Google Cloud Engine, OpenShift, and SAP Cloud.

    Software as a service (SaaS): This service model provides customers with access to software that is hosted and maintained by the cloud provider. SaaS offers the least flexibility and control over the environment. Popular examples include Salesforce, Microsoft Office, and Google Workspace.

    A diagram that shows cloud models, including IaaS, PaaS, and SaaS.

    Info-Tech Insight

    Cloud service providers may include DLP controls and functionality for their environments with the subscription. These tools are usually well suited for DLP functions on that platform.

    Different DLP tools

    DLP products often fall into general categories defined by where those tools provide protection. Some tools fit into more than one category.

    Cloud DLP refers to DLP products that are designed to protect data in cloud environments.

    • Cloud access security broker (CASB): This system, either in-cloud or on-premises, sits between cloud service users and cloud service providers and acts as a point of control to enforce policies on cloud-based resources. CASBs act on data in motion, for the most part, but can detect and act on data at rest through APIs.
    • Existing tools integrated within a service: Many cloud services provide DLP tools to manage data loss in their service.

    Endpoint DLP: This DLP solution runs on an endpoint computing device and is suited to detecting and controlling data at rest on a computer as well as data being uploaded or downloaded. Endpoint DLP would be feasible for IaaS.

    Network DLP: Network DLP, deployed on-premises or as a cloud service, enforces policies on network flows between local infrastructure and the internet.

    • “Email DLP”: Detects and enforces security policies specifically on data in motion as emails.

    A diagram of CASB

    Choosing a DLP solution

    You will also find that some DLP solutions are better suited for some cloud service models than others.


    DLP solution types that are better suited for SaaS: CASB and Integrated Tools

    DLP solution types that are better suited for PaaS: CASB, Integrated Tools, Network DLP

    DLP solution types that are better suited for IaaS: CASB, Integrated Tools, Network DLP, and Endpoint DLP

    Your approach for DLP will vary depending on the data state you’ll be acting on and whether you are trying to detect or prevent.

    A diagram that shows DLP tactics by approach and data state

    Click to download the Data Loss Prevention Strategy Planner
    Check the tab labeled “6. DLP Features Reference” for a list of common DLP features.

    Activity: Plan DLP methods

    Input: Knowledge of data states for data types
    Output: A set of technical DLP policy rules for each data type by environment
    Materials: The same Data Loss Prevention Strategy Planner worksheet from the earlier activity
    Participants: Security leader, Data owners

    1-2 hours

    Continue with the same workbook used in the previous activity.

    1. On tab “4. DLP Methods,” indicate the expected data state the DLP control will act on. Then, select the type of DLP control your organization intends to use for that data type in that data environment.
    2. DLP actions are suggested based on the classification of the data type, but these may be overridden by manually selecting your preferred action.
    3. You will find more detail on this activity on the following slide, and you will find some additional guidance in the instructional text at the top of the worksheet.
    4. Once you have populated the columns on this worksheet, a summary of suggested DLP rules can be found on tab “5. Results.”

    Click to download the Data Loss Prevention Strategy Planner

    Activity: Plan DLP methods

    Use tab “4. DLP Methods” to plan DLP rules and technical policies.

    A diagram that shows tab 4 DLP Methods

    See tab “5. Results” for a summary of your DLP policies.

    A diagram that shows tab 5 Results.

    Click to download the Data Loss Prevention Strategy Planner

    Implement your DLP program

    Take the steps to properly implement your DLP program

    1. It’s important to shift the culture. You will need leadership’s support to implement controls and you’ll need stakeholders’ participation to ensure DLP controls don’t negatively affect business processes.
    2. Integrate DLP tools with your security program. Most cloud service providers, like Amazon, Microsoft, and Google provide DLP controls in their native environment. Many of your other security controls, such as firewalls and mail gateways, can be used to achieve DLP objectives.
    3. DLP is best implemented with a crawl, walk, then run approach. Following change management processes can reduce friction.
    4. Communicating controls to users will also reduce friction.

    A diagram of implementing DLP program

    Info-Tech Insight

    After a DLP program is implemented, alerts will need to be investigated and incidents will need a response. Be prepared for DLP to be a work multiplier!

    Measure and improve

    Metrics of effectiveness

    DLP attempts to tackle the challenge of promptly detecting and responding to an incident.
    To measure the effectiveness of your DLP program, compare the number of events, number of incidents, and mean time to respond to incidents from before and after DLP implementation.

    Metrics that indicate friction

    A high number of false positives and rule exceptions may indicate that the rules are not working well and may be interfering with legitimate use.
    It’s important to address these issues as the frustration felt by employees can undermine the DLP program.

    Tune DLP rules

    Establish a process for routinely using metrics to tune rules.
    This will improve performance and reduce friction.

    Info-Tech Insight

    Aside from performance-based tuning, it’s important to evaluate your DLP program periodically and after major system or business changes to maintain an awareness of your data environment.

    Related Info-Tech Research

    Photo of Discover and Classify Your Data

    Discover and Classify Your Data

    Understand where your data lives and who has access to it. This blueprint will help you develop an appropriate data classification system by conducting interviews with data owners and by incorporating vendor solutions to make the process more manageable and end-user friendly.

    Photo of Identify the Components of Your Cloud Security Architecture

    Identify the Components of Your Cloud Security Architecture

    This blueprint and associated tools are scalable for all types of organizations within various industry sectors. It allows them to know what types of risk they are facing and what security services are strongly recommended to mitigate those risks.

    Photo of Data Loss Prevention on SoftwareReviews

    Data Loss Prevention on SoftwareReviews

    Quickly evaluate top vendors in the category using our comprehensive market report. Compare product features, vendor strengths, user-satisfaction, and more.

    Don’t settle for just any vendor – find the one you can trust. Use the Emotional Footprint report to see which vendors treat their customers right.

    Research Contributors

    Andrew Amaro
    CSO and Founder
    Klavan Physical and Cyber Security Services

    Arshad Momin
    Cyber Security Architect
    Unicom Engineering, Inc.

    James Bishop
    Information Security Officer
    StructureFlow

    Michael Mitchell
    Information Security and Privacy Compliance Manager
    Unicom Engineering, Inc.

    One Anonymous Contributor

    Bibliography

    Alhindi, Hanan, Issa Traore, and Isaac Woungang. "Preventing Data Loss by Harnessing Semantic Similarity and Relevance." jisis.org Journal of Internet Services and Information Security, 31 May 2021. Accessed 2 March 2023. https://jisis.org/wp-content/uploads/2022/11/jisis-2021-vol11-no2-05.pdf

    Cash, Lauryn. "Why Modern DLP is More Important Than Ever." Armorblox, 10 June 2022. Accessed 10 February 2023. https://www.armorblox.com/blog/modern-dlp-use-cases/

    Chavali, Sai. "The Top 4 Use Cases for a Modern Approach to DLP." Proofpoint, 17 June 2021. Accessed 7 February 2023. https://www.proofpoint.com/us/blog/information-protection/top-4-use-cases-modern-approach-dlp

    Crowdstrike. "What is Data Loss Prevention?" Crowdstrike, 27 Sept. 2022. Accessed 6 Feb. 2023. https://www.crowdstrike.com/cybersecurity-101/data-loss-prevention-dlp/

    De Groot, Juliana. "What is Data Loss Prevention (DLP)? Definition, Types, and Tips." Digital Guardian, 8 February 2023. Accessed 9 Feb. 2023. https://digitalguardian.com/blog/what-data-loss-prevention-dlp-definition-data-loss-prevention

    Denise. "Learn More About DLP Key Use Cases." CISO Platform, 28 Nov. 2019. Accessed 10 February 2023. https://www.cisoplatform.com/profiles/blogs/learn-more-about-dlp-key-use-cases

    Google. "Cloud Data Loss Prevention." Google Cloud Google, n.d. Accessed 7 Feb. 2023. https://cloud.google.com/dlp#section-6

    Gurucul. "2023 Insider Threat Report." Cybersecurity Insiders, 13 Jan. 2023. Accessed 23 Feb. 2023. https://gurucul.com/2023-insider-threat-report

    IBM Security. "Cost of a Data Breach 2022." IBM Security, 1 Aug. 2022. Accessed 13 Feb. 2023. https://www.ibm.com/downloads/cas/3R8N1DZJ

    Mell, Peter & Grance, Tim. "The NIST Definition of Cloud Computing." NIST CSRC NIST, Sept. 2011. Accessed 7 Feb. 2023. https://csrc.nist.gov/publications/detail/sp/800-145/final

    Microsoft. "Plan for Data Loss Prevention (DLP)." Microsoft 365 Solutions and Architecture Microsoft, 6 Feb. 2023. Accessed 14 Feb. 2023. https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-overview-plan-for-dlp

    Nanchengwa, Christopher. "The Four Questions for Successful DLP Implementation." ISACA Journal ISACA, 1 Jan. 2019. Accessed 6 Feb. 2023. https://www.isaca.org/resources/isaca-journal/issues/2019/volume-1/the-four-questions-for-successful-dlp-implementation

    Palo Alto Networks. "The State of Cloud Native Security 2023." Palo Alto Networks, 2 March 2023. Accessed 23 March 2023. https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/state-of-cloud-native-security-2023.pdf

    Pritha. "Top Six Metrics for your Data Loss Prevention Program." CISO Platform, 27 Nov. 2019. Accessed 10 Feb. 2023. https://www.cisoplatform.com/profiles/blogs/top-6-metrics-for-your-data-loss-prevention-program

    Raghavarapu, Mounika. "Understand DLP Key Use Cases." Cymune, 12 June 2021. Accessed 7 Feb. 2023. https://www.cymune.com/blog-details/DLP-key-use-cases

    Sheela, G. P., & Kumar, N. "Data Leakage Prevention System: A Systematic Report." International Journal of Recent Technology and Engineering BEIESP, 30 Nov. 2019. Accessed 2 March 2023. https://www.ijrte.org/wp-content/uploads/papers/v8i4/D6904118419.pdf

    Sujir, Shiv. "What is Data Loss Prevention? Complete Guide [2022]." Pathlock, 15 Sep. 2022. Accessed 7 February 2023. https://pathlock.com/learn/what-is-data-loss-prevention-complete-guide-2022/

    Wlosinski, Larry G. "Data Loss Prevention - Next Steps." ISACA Journal, 16 Feb. 2018. Accessed 21 Feb. 2023. https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/data-loss-preventionnext-steps

    Security Strategy

    • Buy Link or Shortcode: {j2store}42|cart{/j2store}
    • Related Products: {j2store}42|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.4/10
    • member rating average dollars saved: $33,431
    • member rating average days saved: 29
    • Parent Category Name: Security and Risk
    • Parent Category Link: /security-and-risk

    The challenge

    You may be experiencing one or more of the following:

    • You may not have sufficient security resources to handle all the challenges.
    • Security threats are prevalent. Yet many businesses struggle to embed systemic security thinking into their culture.
    • The need to move towards strategic planning of your security landscape is evident. How to get there is another matter.

    Our advice

    Insight

    To have a successful information security strategy, take these three factors into account:

    • Holistic: your view must include people, processes, and technology.
    • Risk awareness: Base your strategy on the actual risk profile of your company. And then add the appropriate best practices.
    • Business-aligned: When your strategic security plan demonstrates alignment with the business goals and supports it, embedding will go much more straightforward.

    Impact and results 

    • We have developed a highly effective approach to creating your security strategy. We tested and refined this for more than seven years with hundreds of different organizations.
    • We ensure alignment with business objectives.
    • We assess organizational risk and stakeholder expectations.
    • We enable a comprehensive current state assessment.
    • And we prioritize initiatives and build out a right-sized security roadmap.

     

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get up to speed

    Read up on why you should build your customized information security strategy. Review our methodology and understand the four ways we can support you.

    Assess the security requirements

    It all starts with risk appetite, yes, but security is something you want to get right. Determine your organizations' security pressures and business goals, and then determine your security program's goals.

    • Build an Information Security Strategy – Phase 1: Assess Requirements
    • Information Security Requirements Gathering Tool (xls)
    • Information Security Pressure Analysis Tool (xls)

    Build your gap initiative

    Our best-of-breed security framework makes you perform a gap analysis between where you are and where you want to be (your target state). Once you know that, you can define your goals and duties.

    • Build an Information Security Strategy – Phase 2: Assess Gaps
    • Information Security Program Gap Analysis Tool (xls)

    Plan the implementation of your security strategy 

    With your design at this level, it is time to plan your roadmap.

    • Build an Information Security Strategy – Phase 3: Build the Roadmap

    Let it run and continuously improve. 

    Learn to use our methodology to manage security initiatives as you go. Identify the resources you need to execute the evolving strategy successfully.

    • Build an Information Security Strategy – Phase 4: Execute and Maintain
    • Information Security Strategy Communication Deck (ppt)
    • Information Security Charter (doc)

     

    Select a Marketing Management Suite

    • Buy Link or Shortcode: {j2store}533|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $6,560 Average $ Saved
    • member rating average days saved: 50 Average Days Saved
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Time, money, and effort are wasted on channels and campaigns that are not resonating with your customer base.
    • Email marketing, social marketing, and/or lead management alone are often not enough to meet more sophisticated marketing needs.
    • Many organizations struggle with taking a systematic approach to selection that pairs functional requirements with specific marketing workflows, and as a result they choose a marketing management suite (MMS) that is not well aligned to their needs, wasting resources and causing end-user frustration.
    • For IT managers or marketing professionals, the task to incorporate MMS technology into the organization requires not only receiving the buy-in for the MMS investment but also determining the vendor and solution that best fit the organization’s particular marketing management needs.

    Our Advice

    Critical Insight

    • An MMS enables complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.
    • Selecting an MMS has become increasingly difficult because the number of players in the marketplace has ballooned. Moreover, picking the wrong marketing solution has a direct impact on revenue.
    • Determine whether the investment in an MMS is worthwhile or the funds are better allocated elsewhere. For organizations with a large audience or varied product offerings, an MMS enables complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.

    Impact and Result

    • Maximize your success and credibility with a proposal that emphasizes the areas relevant to your situation.
    • Perform more effective customer targeting and campaign management. Having an MMS equips marketers with the tools they need to make informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention. This means more revenue.
    • Maximize marketing impact with analytics-based decision making. Understanding users’/customers’ behaviors and preferences will allow you to run effective marketing initiatives.

    Select a Marketing Management Suite Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to approach selecting an MMS, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch the MMS project and collect requirements

    Assess the organization’s fit for MMS technology and structure the MMS selection project.

    • Select a Marketing Management Suite – Phase 1: Launch the MMS Project and Collect Requirements
    • MMS Readiness Assessment Checklist

    2. Shortlist marketing management suites

    Produce a vendor shortlist for your MMS.

    • Select a Marketing Management Suite – Phase 2: Shortlist Marketing Management Suites

    3. Select vendor and communicate decision to stakeholders

    Evaluate RFPs, conduct vendor demonstrations, and select an MMS.

    • Select a Marketing Management Suite – Phase 3: Select Vendor and Communicate Decision to Stakeholders
    • MMS Requirements Picklist Tool
    • MMS Request for Proposal Template
    • MMS Vendor Demo Script
    • MMS Selection Executive Presentation Template
    [infographic]

    Workshop: Select a Marketing Management Suite

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the MMS Project and Collect Requirements

    The Purpose

    Determine a “right-size” approach to marketing enablement applications.

    Key Benefits Achieved

    Confirmation of the goals, objectives, and direction of the organization is marketing application strategy.

    Activities

    1.1 Assess the value and identify the organization’s fit for MMS technology.

    1.2 Understand the art of the possible.

    1.3 Understand CXM strategy and identify your fit for MMS technology.

    1.4 Build procurement team and project customer experience management (CXM) strategy.

    1.5 Identify your MMS requirements.

    Outputs

    Project team list.

    Preliminary requirements list.

    2 Shortlist Marketing Management Suites

    The Purpose

    Enumerate relevant marketing management suites and point solutions.

    Key Benefits Achieved

    List of marketing enablement applications based on requirements articulated in the preliminary requirements list strategy.

    Activities

    2.1 Identify relevant use cases.

    2.2 Discuss the vendor landscape.

    Outputs

    Vendor shortlist.

    3 Select Vendor and Communicate Decision to Stakeholders

    The Purpose

    Develop a rationale for selecting a specific MMS vendor.

    Key Benefits Achieved

    MMS Vendor decision.

    A template to communicate the decision to executives.

    Activities

    3.1 Create a procurement strategy.

    3.2 Discuss the executive presentation.

    3.3 Plan the procurement process.

    Outputs

    Executive/stakeholder PowerPoint presentation.

    Selection of an MMS.

    Further reading

    Select a Marketing Management Suite

    A best-fit solution balances needs, cost, and capability.

    Table of contents

    1. Project Rationale
    2. Execute the Project/DIY Guide
    3. Appendices

    ANALYST PERSPECTIVE

    Navigate the complexity of a vast ecosystem by taking a structured approach to marketing management suite (MMS) selection.

    Marketing applications are in high demand, but it is difficult to select a suite that is right for your organization. Market offerings have grown from 50 vendors to over 800 in the past five years. Much of the process of identifying an appropriate vendor is not about the vendor at all, but rather about having a comprehensive understanding of internal needs. There are instances where a smaller-point solution is necessary to satisfy requirements and a full marketing management suite is an overinvestment.

    Likewise, a partner with differentiating features such as AI-driven workflows and a mobile software development kit can act as a powerful extension of an overall customer experience management strategy. It is crucial to make the right decision; missing the mark on an MMS selection will have a direct impact on the business’ bottom line.

    Ben Dickie
    Research Director, Enterprise Applications
    Info-Tech Research Group

    Phase milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Stop! Are you ready for this project?

    This Research Is Designed For:
    • IT applications directors and business analysts supporting their marketing teams in selecting and implementing a robust marketing solution.
    • Any organization looking to procure an MMS tool that will allow it to automate its marketing processes or learn more about the MMS vendor landscape.
    This Research Will Help You:
    • Understand today’s MMS market, specific to marketing automation, marketing intelligence, and social marketing use-case scenarios.
    • Understand MMS functionality as well as marketing terminology.
    • Follow best practices to prepare for and execute on selection, including requirements gathering and vendor evaluation.
    This Research Will Also Assist:
    • Marketing managers, brand managers, and any marketing professional looking to build a cohesive marketing platform.
    • MMS project teams or working groups tasked with managing an RFP process for vendor selection.
    This Research Will Help Them
    • Assess organizational and project readiness for embarking on MMS selection.
    • Draft an RFP, manage the vendor and product review process, and select a vendor.

    Executive summary

    Situation

    The MMS market is a landscape of vendors offering campaign management, multichannel support, analytics, and publishing tools. Many vendors specialize in some of these areas but not all. Sometimes multiple products are necessary – but determining which feature sets the organization truly needs can be a challenging task. The right technology stack is critical in order to bring automation to marketing initiatives.

    Complication

    • The first challenge is deciding whether to implement a full marketing suite or a point solution.
    • The number of marketing suites and point solutions has increased from 50 to more than 800 just in the past five years.
    • IT is receiving a growing number of marketing analytics requests and must be prepared to speak intelligently about marketing management vendor selection.

    Resolution

    • Leverage Info-Tech’s comprehensive three-phase approach to MMS selection projects: assess your organization’s preparedness to go into the selection stage, move through technology selection, and present decisions to stakeholders.
    • Conduct an MMS project preparedness assessment to ensure you maximize the value of your time, effort, and spend.
    • Determine whether your organization’s needs will best be met by a marketing management suite or a point solution.
    • Determine which use case your organization fits into and review the relevant vendor landscape, common capability, and areas of product differentiation. Consult Info-Tech’s market analysis to shortlist vendors for your RFP process.
    • Take advantage of traceable and auditable selection tools to run an effective evaluation and selection process. Be prepared to answer the retroactive question “Why this MMS?” with documentation of your selection process and outputs.

    Info-Tech Insight

    1. The new MMS market. Selecting a marketing management solution has become increasingly difficult, with the number of players in the marketplace ballooning to meet buyer demand.
    2. Direct translation to revenue. Picking the wrong marketing solution has a direct impact on the bottom line. However, the right MMS can lead to a 7.3x greater year-over-year increase in annual revenue.
    3. Don’t buy best-of-breed; buy best-for-you. Base your vendor selection on your requirements and use case, not on the vendor’s overall performance.

    MMS is a key piece of the CRM puzzle

    In order to optimize cross-sell opportunities and marketing effectiveness, there needs to be a master customer database, which belongs in the customer relationship management (CRM) suite.

    When it comes to marketing automation capabilities, using CRM is like building a car from a kit. All the parts are there, but you need the time and skill to put it all together. Using marketing automation is like buying the car you want or need, with all the features you want already installed and some gas in the tank, ready to drive. In either case, you still need to know how to drive and where you want to go.” (Mac McIntosh, Marketo Inc.) 'CRM' surrounded by its components with 'MMS' highlighted. A master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for MMS success. This is particularly true for real-time capability effectiveness and to minimize customer fatigue.

    Understand what an MMS can do for you

    Take time to learn the capabilities of modern marketing applications. Understanding the “art of the possible” will help you to get the most out of your MMS.

    MMS helps marketers in two primary ways:
    1. It allows them to efficiently execute and manage campaigns across dozens of channels and products.
    2. It allows them to analyze the outcomes of campaigns.
    Marketing suites accomplish these tasks by:
    • Leveraging workflow automation to reduce the amount of time spent creating marketing campaigns
    • Using internal or third-party data to increase conversion effectiveness from customer databases across the organization
    A strong MMS provides marketers with the data they need for actionable insights about their customers.
    A marketing automation solution delivers essentially all the benefits of an email marketing solution along with integrated capabilities that would otherwise need to be cobbled together using various standalone technologies.” (Marketo Inc.)

    Review Info-Tech’s vendor profiles of the MMS market to identify vendors that meet your requirements

    Logos of multiple vendors including 'Hubspot', 'IBM', 'Salesforce marketing cloud', etc.

    Use Info-Tech’s MMS implementation methodology as a starting point for your organization’s MMS selection

    Info-Tech’s implementation methodology is not a step-by-step approach to vendor selection, but rather it highlights the pertinent considerations for MMS selection at each of the five steps outlined below.

    1

    2

    3

    4

    5

    Establish Resources Gather Requirements Write and Assemble RFP Exercise Due Diligence Evaluate Candidate Solutions
    • Determine work initiative dependencies and project milestones.
    • Establish the project timeline.
    • Designate project resources.
    • Prioritize rollout of functionality.
    • Link business goals with the MMS selection project.
    • Determine user roles and profiles.
    • Conduct stakeholder interviews.
    • Build communication and change management plan.
    • Draft an RFP.
    • Make a plan for soliciting feedback and publishing the RFP.
    • Customize a vendor demo script and scorecard.
    • Conduct vendor demos.
    • Speak with vendor references.
    • Evaluate nonfunctional requirements.
    • Understand upgrade schedules.
    • Define a vendor evaluation framework.
    • Prepare the final evaluation.
    • Prepare a presentation for management.

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Professional services provider engages Info-Tech to guide it through its MMS selection journey

    CASE STUDY

    Industry: Professional Services | Source: Info-Tech Consulting

    Challenge

    A large professional services firm specializing in knowledge development was looking to modernize an outdated marketing services stack.

    Previous investments in marketing tools ranging from email automation to marketing analytics led to system fragmentation. As a result, there was no 360-degree overview of marketing operations and no way to run campaigns at scale.

    To satisfy the organization’s aspirations, a comprehensive marketing management suite had to be selected that met needs for the foreseeable future.

    Solution

    The Info-Tech consulting team was brought in to assist in the MMS selection process.

    After meeting with several stakeholders, MMS requirements were developed and weighted. An RFP was then created from these requirements.

    Following a market scan, four vendors were selected to complete the organization’s RFP. Demonstration scripts were then developed as the RFPs were completed by vendors.

    Shortlisted vendors progressed to the demonstration phase.

    Results

    Vendor scorecards were utilized during the two-day demonstrations with the core project team to score each vendor.

    During the scoring process the team also identified the need to replace the organization’s core customer repository (a legacy CRM).

    The decision was made to select a CRM before finalizing the MMS selection. Doing so ensured uniform system architecture and strong interoperability between the firm’s MMS and its CRM.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Select a Marketing Management Suite – project overview

    1. Launch the MMS Project and Collect Requirements 2. Shortlist Marketing Management Suites 3. Select Vendor and Communicate Decision to Stakeholders
    Supporting Tool icon

    Best-Practice Toolkit

    1.1 Assess the value and identify your organization’s fit for MMS technology.

    1.2 Build your procurement team and project customer experience management (CXM) strategy.

    1.3 Identify your MMS requirements.

    2.1 Produce your shortlist

    3.1 Select your MMS

    3.2 Present selection

    Guided Implementations

    • Understand CXM strategy and identify your fit for MMS technology.
    • Identify staffing needs.
    • Plan requirements gathering steps.
    • Discuss use-case fit assessment results.
    • Discuss vendor landscape.
    • Create a procurement strategy.
    • Discuss executive presentation.
    • Conduct a proposal review.
    Associated Activity icon

    Onsite Workshop

    Module 1:
    Launch Your MMS Selection Project
    Module 2:
    Analyze MMS Requirements and Shortlist Vendors
    Module 3:
    Plan Your Procurement Process
    Phase 1 Outcome:
    • Launch of MMS selection project
    Phase 2 Outcome:
    • Shortlist of vendors
    Phase 3 Outcome:
    • Selection of MMS

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members who will come onsite to facilitate a workshop for your organization.

    A small monochrome icon depicting a descending bar graph.

    This icon denotes a slide that pertains directly to the Info-Tech vendor profiles on marketing management technology. Use these slides to support and guide your evaluation of the MMS vendors included in the research.

    Select a Marketing Management Suite

    PHASE 1

    Launch the MMS Project and Collect Requirements

    Phase 1 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Launch Your MMS Project and Collect Requirements

    Proposed Time to Completion: 3 weeks
    Step 1.2: Structure the Project Step 1.3: Gather Requirements
    Start with an analyst kick-off call:
    • Review readiness requirements for an MMS project.
    • Understand the work initiatives involved in MMS selection.
    Review findings with analyst:
    • Determine use case based on your organizational alignment.
    • Discuss core MMS requirements.
    Then complete these activities…
    • Conduct an organizational MMS readiness assessment.
    Then complete these activities…
    • Identify best-fit use case.
    • Elicit, capture, and prioritize requirements.
    With these tools & templates:
    • MMS Readiness Assessment Checklist
    With these tools & templates:
    • MMS Requirements Picklist Tool
    Phase 1 Results:
    • Completed readiness assessment.
    • Refined project plan to incorporate selection and implementation.

    Phase 1 milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Step 1.1: Understand the MMS market

    1.1

    1.2

    1.3

    Understand the MMS Market Structure the Project Gather MMS Requirements

    This step will walk you through the following activities:

    • MMS market overview

    This step involves the following participants:

    • Project team
    • Project manager
    • Project sponsor

    Outcomes of this step

    • An understanding of the evolution of the MMS market space and how it helps today’s organizations.
    • An evaluation of new and upcoming trends sought by MMS clients.
    • Verification of whether an MMS is a fit with your organization.

    Speak the same language as the marketing department to deliver the most business value

    Marketing Management Suite Glossary

    Analytics The practice of measuring marketing performance to improve return on investment (ROI). It is often carried out through the visualization of meaningful patterns in data as a result of marketing initiatives.
    Channels The different places where marketers can reach customers (e.g. social media, print mail, television).
    Click-through rate The percentage of individuals who proceed (click-through) from one part of a marketing campaign to the next.
    Content management Curating, creating, editing, and keeping track of content and client-facing assets.
    Customer relationship management (CRM) A core enterprise application that provides a broad feature set for supporting customer interaction processes. The CRM frequently serves as a core customer data repository.
    Customer experience management (CXM) The holistic management of customer interaction processes across marketing, sales, and customer service to create valuable, mutually beneficial customer experiences.
    Engagement rate A social media metric used to describe the amount of likes, comments, shares, etc., that a piece of content receives.
    Lead An individual or organization who has shown interest in the product or service being marketed.
    Omnichannel The portfolio of interaction channels you use.

    MMS is a key piece of the customer experience ecosystem

    Within the broader CXM ecosystem, an MMS typically lives within the CRM platform. Interfacing with the CRM’s master customer database allows an MMS to optimize cross-sell opportunities and marketing effectiveness.

    A master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for MMS success. This is particularly true for real-time capability effectiveness and to minimize customer fatigue.

    If you have customer records in multiple places, you risk missing customer opportunities and potentially upsetting clients. For example, if a client has communicated preferences or disinterest through one channel, and this is not effectively recorded throughout the organization, another representative is likely to contact them in the same method again – possibly alienating the customer for good.

    A master database requires automatic synchronization with all point solutions, POS, billing systems, agencies, etc. If you don’t have up-to-the-minute information, you can’t score prospects effectively and you lose out on the benefits of the MMS.

    'CRM' surrounded by its components with 'MMS' highlighted.
    Focus on the fundamentals before proceeding. Secure organizational readiness to reduce project risk using Info-Tech’s Build a Strong Technology Foundation for CXM and Select and Implement a CRM Platform blueprints.

    Understanding the “art of the possible”

    The world of marketing technology changes rapidly! Understand how modern marketing management suites are used in most organizations.

    An MMS helps marketers in two primary ways:

    1. It allows them to efficiently execute and manage campaigns across dozens of channels and products.
    2. It allows them to analyze the outcomes of campaigns.

    Marketing suites accomplish these tasks by:

    • Leveraging workflow automation to reduce the amount of time spent creating marketing campaigns.
    • Using internal or third-party data to increase conversion effectiveness from customer databases across the organization.

    A strong MMS provides marketers with the data they need for actionable insights about their customers.

    A marketing automation solution delivers essentially all the benefits of an email marketing solution along with integrated capabilities that would otherwise need to be cobbled together using various standalone technologies.” (Marketo Inc.)

    Inform your way of thinking by understanding the capabilities of modern marketing applications.

    A tree with icons related to knowledge.

    Expect the marketing department to drive suite adoption, but don’t count out the benefits MMS will also provide to IT

    MMS adoption is driven by the need for better campaign execution and marketing intelligence. MMS technologies are adopted to create faster, easier, more intelligent, and more measurable campaigns and make managing complex channels easy and repeatable.

    Top Drivers for Adopting Marketing Management Technologies

    Bar chart of top drivers for adopting marketing management technology. The first four bars are highlighted and the largest, they are labelled 'Campaign Measurement & Effectiveness', 'Execute Multi-channel Campaigns', 'Shorten Marketing Campaign Cycle', and 'Reduce Manual Campaign Creation'.
    (Source: Info-Tech Research Group; N=23)

    The key drivers for MMS are business-related, not IT-related. However, this does not mean that there are no benefits to IT. In fact, the IT department will see numerous benefits, including time and resource savings. Further, not having an MMS creates more work for your IT department. IT must serve as a valued partner for selection and implementation.

    Additional benefits to IT driven by MMS

    Marketing management suites are ideal for large organizations with multiple product lines in complex marketing environments. IT is often more centralized than its counterparts in the business, making it uniquely positioned to encourage greater coordination by helping the business units understand the shared goals and the benefits of working together to roll out suites for marketing workflow management, intelligence, and channel management.

    Cross-Segmentation Additional Revenue Generation Real-Time Capabilities Lead Growth/ Conversion Rate
    Business Value
    • Share resources between brands and product lines.
    • Increase database size with populated client data.
    • Track customer lifetime value.
    • Increase average deal size.
    • Decrease time to execute campaigns.
    • Decrease lead acquisition costs while collecting higher quality leads.
    • Improve retention rates.
    • Reduce cost to serve.
    • Increase customer retention due to effective service.
    • Higher campaign and response rates.
    • Track, measure, and prove the value of marketing activities.
    • Broaden reach through social channels.
    IT Value
    • Reduce reliance on IT for routine tasks such as list creation and data cleansing.
    • Free up IT resources for the sectors of the business where the ROI is greatest.
    • Reduce need for IT to cleanse, modify, or merge data lists because most suites include CRM connectors.
    • Reduce need for constant customization on status reports on lead value and campaign success.

    Info-Tech Insight

    Don’t forget that MMS technologies deliver on the overarching suite value proposition: a robust solution within one integrated offering. Without an MMS in play, organizations in need of this functionality are forced to piece together point solutions (or ad hoc management). This not only increases costs but also is an integration nightmare for IT.

    Step 1.2: Structure the project

    1.1

    1.2

    1.3

    Understand the MMS MarketStructure the ProjectGather MMS Requirements

    This step will walk you through the following activities:

    • Determine if you are ready to kick off the MMS selection project.
    • Align project goals with CXM strategy and business goals.

    This step involves the following participants:

    • Core project team
    • Project manager
    • Project sponsor

    Outcomes of this step

    • Assurance that you have completed adequate preparation, obtained stakeholder and sponsor buy-in, secured sufficient resources, and completed strategy and planning activities to move forward with selection.
    • An approach to remedy organizational readiness to prepare for MMS selection.
    • An understanding of stakeholder goals.

    Identify the scope and purpose of your MMS selection process

    Vendor Profiles icon

    Sample Project Overview

    [Organization] plans to select and implement a marketing management suite in order to introduce better campaign management to the business’ processes. This procurement and implementation of an MMS tool will enable the business to improve the efficiency and effectiveness of marketing campaign execution.

    This project will oversee the assessment and shortlisting of MMS vendors, selection of an MMS tool, the configuration of the solution, and the implementation of the technology into the business environment.

    Rationale Behind the Project

    Consider the business drivers behind the interest in MMS technology.

    Be specific to business units impacted and identify key considerations (both opportunities and risks).

    Business Drivers

    • Organizational productivity
    • Customer satisfaction
    • Marketing management costs
    • Risk management

    Info-Tech Insights

    Creating repeatable and streamlined marketing processes is a common overarching business objective that is driven by multiple factors. To ensure this objective is achieved, confirm that the primary drivers are following the implementation of the first automated marketing channels.

    Activity: Understand your business’ goals for MMS by parsing your formal CXM strategy

    Associated Activity icon 1.2.1 1 hour

    INPUT: Stakeholder user stories

    OUTPUT: Understanding of ideal outcomes from MMS implementation

    MATERIALS: Whiteboard and marker or sticky notes

    PARTICIPANTS: Project sponsor, Project stakeholders, Business analysts, Business unit reps

    Instructions

    1. Outline the purpose of the future MMS tool and the drivers behind this business decision with the project’s key stakeholders.
    2. Document plans to ensure that these drivers are taken into consideration and realized following implementation. Example:
      Improve Reduce/Eliminate KPIs
      Multichannel marketing Duplication of effort Number of customer interaction channels supported
      Social integration Process inefficiencies Number of social signals received (likes, shares, etc.)

    If you do not have a well-defined CXM strategy, leverage Info-Tech’s research to Build a Strong Technology Foundation for Customer Experience Management.

    Understanding marketing suites

    Vendor Profiles icon

    This blueprint focuses on complete, integrated marketing management suites

    An integrated suite is a single product that is designed to assist with multiple marketing processes. Information from these suites is deeply connected to the core CRM. Changing a piece of information for one process will update all affected.

    'MMS' surrounded by its integrated processes, including 'Marketing Operations Management', 'Breadth of Channel Support', 'Marketing Asset Management', etc.

    Understanding marketing point solutions

    Vendor Profiles icon

    A point solution typically interfaces with a single customer interaction channel with minimal CRM integration.

    Why use a marketing point solution?

    1. A marketing point solution is a standalone application used to manage a unique process.
    2. Point solutions can be implemented and updated relatively quickly.
    3. They cost less than full-feature, integrated marketing suites.
    4. Some point solutions integrate with CRM platforms or MMS platforms.

    Refer to Phase 2 for a bird’s-eye view of the point solution marketplace.

    Marketing Point Solutions

    • Twitter Analytics
    • Search Engine Optimization
    • Customer Portals
    • Livechat
    • Marketing Attribution
    • Demand Side Platform

    Determine if MMS is right for your organization

    Vendor Profiles icon

    Adopt an MMS if:

    1. Your organization is actively pursuing a multichannel marketing strategy, particularly if its marketing campaigns are complex and multifaceted, involving consumer-specific conditional messaging.
    2. Your enterprise serves a high volume of customers and marketing needs extend to formally managing budgets and resources, lead generation and segmentation, and measuring channel effectiveness.
    3. Your organizations has multiple product lines and is interested in increasing cross-sale opportunities.

    Bypass an MMS if:

    • Your organization does not participate in multichannel campaigns and is primarily using email or web channels to generate leads. You may find the advanced features and capabilities of an MMS to be overkill and should consider lead marketing automation (LMA) or email marketing services first.
    • You are a small to midsize business (SMB) with a limited budget or fewer than five marketing professionals. Don’t buy what you don’t need; organizations with fewer than five people in the marketing department are unlikely to need an MMS.
    • Sales generation is not a priority for the business or a primary goal for the marketing department.

    Info-Tech Insight

    Using an MMS is ideal for organizations with multiple brands and product portfolios (e.g. consumer packaged goods). Ad hoc management and email marketing services are best for small organizations with a client base that requires only bare bones engagement.

    Determine if you are ready to kick off your MMS selection and implementation project

    Supporting Tool icon 1.2.2 MMS Readiness Assessment Checklist
    Use Info-Tech’s MMS Readiness Assessment Checklist to determine if your organization has sufficient process and campaign maturity to warrant the investment in a consolidated marketing management suite.

    Sections of the Tool:

    1. Goals & Objectives
    2. Project Team
    3. Current State Understanding
    4. Future State Vision
    5. Business Process Improvement
    6. Project Metrics
    7. Executive Sponsorship
    8. Stakeholder Buy-In & Change Management
    9. Risk Management
    10. Cost & Budget

    INFO-TECH DELIVERABLE

    Sample of Info-Tech's MMS Readiness Assessment Checklist.

    Complete the MMS Readiness Assessment Checklist by following the instructions in Activity 1.2.3.

    Activity: Determine if you are ready to kick off your MMS selection project

    Associated Activity icon 1.2.3 30 minutes

    INPUT: MMS foundation, MMS strategy

    OUTPUT: Readiness remediation approach, Validation of MMS project readiness

    MATERIALS: Info-Tech’s MMS Readiness Assessment Checklist

    PARTICIPANTS: Project sponsor, Core project team

    Instructions

    1. Download the MMS Readiness Assessment Checklist.
    2. Review Section 1 of the checklist with the core project team and/or project sponsor, item by item. For completed items, tick the relative checkbox.
    3. Once the whole checklist has been reviewed, document all incomplete items in the table under Section 1 in the first table column (“Incomplete Readiness Item”).
    4. For each incomplete item, use your discretion to determine whether its completion is critical in preparation for MMS selection and implementation. This may vary given the complexity of your MMS project. If the item is critical to the project, indicate this with “Y” in the second column (“Criticality (Y/N)”).
    5. For each critical item, reflect on the barriers that have prevented or are preventing its completion. Possible barriers include incomplete task dependencies, low value-to-effort determination, lack of organizational knowledge or resources, pressure of deadlines, etc. Document these barriers in the third column (“Barriers to Completion”).
    6. Based on the barriers determined in Step 5, determine a remediation approach for each item. Document the approach in the fourth column (“Remediation Approach”).
    7. For each remediation activity, designate a due date and remediation owner. Document this in the fifth column (“Due Date & Owner”).
    8. Carry out the remediation of critical tasks and return to this blueprint to kickstart your selection and implementation project.

    Step 1.3: Gather MMS requirements

    1.1

    1.2

    1.3

    Understand the MMS MarketStructure the ProjectGather MMS Requirements

    This step will walk you through the following activities:

    • Understand your MMS use case.
    • Elicit and capture your MMS requirements.
    • Prioritize your solution requirements.

    This step involves the following participants:

    • Core project team
    • Project manager
    • Business analysts
    • Procurement subject-matter experts (SMEs)

    Outcomes of this step

    • Project alignment with MMS market use case.
    • Inventory of categorized and prioritized MMS business requirements.

    Understand the dominant use-case scenarios for MMS across organizations

    Vendor Profiles icon

    USE CASES

    While an organization may be product- or service-centric, most fall into one of the three use cases described on this slide.

    1) Marketing Automation

    Workflow Management

    Managing complex marketing campaigns and building and tracking marketing workflows are the mainstay responsibilities of brand managers and other senior marketing professionals. In this category, we evaluated vendors that provide marketers with comprehensive tools for marketing campaign automation, workflow building and tracking, lead management, and marketing resource planning for campaigns that need to reach a large segment of customers.

    Omnichannel Management

    The proliferation of marketing channels has created significant challenges for many organizations. In this use case, we executed a special evaluation of vendors that are well suited for the intricacies of juggling multiple channels, particularly mobile, social, and email marketing.

    2) Marketing Intelligence

    Sifting through data from a myriad of sources and coming up with actionable intelligence and insights remains a critical activity for marketing departments, particularly for market researchers. In this category, we evaluated solutions that aggregate, analyze, and visualize complex marketing data from multiple sources to allow decision makers to execute informed decisions.

    3) Social Marketing

    The proliferation of social networks, customer data, and use cases has made ad hoc social media management challenging. In this category we evaluated vendors that bring uniformity to an organization’s social media capabilities and contribute to a 360-degree customer view.

    Activity: Understand which type of MMS you need

    Associated Activity icon 1.3.1 30 minutes

    INPUT: Use-case breakdown

    OUTPUT: Project use-case alignments

    Materials: Whiteboard, markers

    Participants: Project manager, Core project team (optional)

    Instructions

    1. Familiarize your team with Info-Tech’s MMS use-case breakdown from the previous slide.
    2. Determine which use case is best aligned with your organization’s MMS project objectives. If you need assistance with this, consider the relevance of the cases studies and statements on the following slides.
    3. If your team agrees with most or all statements under a given use case, this indicates strong alignment towards that use case. It is possible for an organization to align with more than one use case. Your use-case alignment will guide you in creating a vendor shortlist later in this project.

    Use Info-Tech’s vendor research and use-case scenarios to support your organization’s vendor analysis

    The use-case view of vendor and product performance provides multiple opportunities for vendors to fit into your application architecture depending on their product and market performance. The use cases selected are based on market research and client demand.

    Determining your use case is crucial for:

    1. Selecting an application that is the right fit
    2. Establishing a business case for MMS

    The following slides illustrate how the three most common use cases (marketing automation, marketing intelligence, and social marketing) align with business needs. As shown by the case studies, the right MMS can result in great benefits to your organization.

    Use-case alignment and business need

    Vendor Profiles icon

    Marketing Automation

    Marketing Need Manage customer experience across multiple channels Manage multiple campaigns simultaneously Integrate web-enabled devices (IoT) into marketing campaigns Run and track email marketing campaigns
    A line of arrows pointing down.
    Corresponding Feature End-to-end management of email marketing Visual workflow editor Customer journey mapping Business rules engine A/B tracking

    The Portland Trail Blazers utilize an MMS to amplify their message with marketing automation technology

    CASE STUDY

    Industry: Entertainment | Source: Marketo

    Challenge

    The Portland Trail Blazers, an NBA franchise, were looking to expand their appeal beyond the city of Portland and into the greater Pacific Northwest Region.

    The team’s management group also wanted to showcase the full range of events that were hosted in the team’s multipurpose stadium.

    The Trail Blazers were looking to engage fans in a more targeted fashion than their CRM allowed for. Ultimately, they hoped to move from “batch and blast” email campaigns to an automated and targeted approach.

    Solution

    The Trail Blazers implemented an MMS that allowed it to rapidly build different types of campaigns. These campaigns could be executed across a variety of channels and target multiple demographics at various points in the fan journey.

    Contextual ads were implemented using the marketing suite’s automated customer journey mapping feature. Targeted ads were served based on a fan’s location in the journey and interactions with the Trail Blazers’ online collateral.

    Results

    The automated campaigns led to a 75% email open rate, which contributed to a 96% renewal rate for season ticket holders – a franchise record.

    Other benefits resulting from the improved conversion rate included an increased cohesion between the Trail Blazers’ marketing, analytics, and ticket sales operations.

    Use-case alignment and business need

    Vendor Profiles icon

    Marketing Intelligence

    Marketing Need Capture marketing- and customer-related data from multiple sources Analyze large quantities of marketing data Visualize marketing-related data in a manner that is easy for decision makers to consume Perform trend and predictive analysis
    A line of arrows pointing down.
    Corresponding Feature Integrate data across customer segments Analysis through machine learning Assign attributers to unstructured data Displays featuring data from external sources Create complex customer data visualizations

    Chico’s FAS uses marketing intelligence to drive customer loyalty

    CASE STUDY

    Industry: Retail | Source: SAS

    Challenge

    Women’s apparel retailer Chico’s FAS was looking to capitalize on customer data from in-store and online experiences.

    Chico’s hoped to consolidate customer data from multiple online and brick-and-mortar retail channels to get a complete view of the customer.

    Doing so would satisfy Chico’s need to create more highly segmented, cost-effective marketing campaigns

    Solution

    Chico’s selected an MMS with strong marketing intelligence, analysis, and data visualization capability.

    The MMS could consolidate and analyze customer and transactional information. The suite’s functionality enabled Chico’s marketing team to work directly with the data, without help from statisticians or IT staff.

    Results

    The approach to marketing indigence led to customers getting deals on products that were actually relevant to them, increasing sales and brand loyalty.

    Moreover, the time it took to perform data consolidation decreased dramatically, from 17 hours to two hours, allowing the process to be performed daily instead of weekly.

    Use-case alignment and business need

    Vendor Profiles icon

    Social Marketing

    Marketing Need Understand customers' likes and dislikes Manage and analyze social media channels like Facebook and Twitter Foster a conversation around specific products Engage international audiences through regional messaging apps
    A line of arrows pointing down.
    Corresponding Feature Social listening capabilities Tools for curating customer community content Ability to aggregate social data Integration with popular social networks Ability to conduct trend reporting

    Bayer leverages MMS technology to cultivate a social presence

    CASE STUDY

    Industry: Life Sciences | Source: Adobe

    Challenge

    Bayer, a Fortune 500 health and life sciences company, was looking for a new way to communicate its complex medical breakthroughs to the general public.

    The decision was made to share the science behind its products via social channels in order to generate excitement.

    Bayer needed tools to publish content across a variety of social media platforms while fostering conversations that were more focused on the science behind products.

    Solution

    Based on the requirements, Bayer decided that an MMS would be the best fit.

    After conducting a market scan, the company selected an MMS with a comprehensive social media suite.

    The suite included tools for social listening and moderation and tools to guide conversations initiated by both marketers and customers.

    Results

    The MMS provided Bayer with the toolkit to engage its audience.

    Bayer took control of the conversation about its products by serving potential customers with relevant video content on social media.

    Its social strategy coupled with advanced engagement tools resulted in new business opportunities and more than 65,000 views on YouTube and more than 87,000 Facebook views in a single month.

    Leverage Info-Tech’s requirements gathering framework to serve as the basis for capturing your MMS requirements

    An important step in selecting an MMS that will have widespread user adoption is creating archetypal customer personas. This will enable you to talk concretely about them as consumers of the application you select and allow you to build buyer scenarios around them.
    REQUIREMENTS GATHERING
    Info-Tech’s requirements gathering framework is a comprehensive approach to requirements management that can be scaled to any size of project or organization. This framework ensures that the application created will capture the needs of all stakeholders and deliver business value. Develop and right-size a proven standard operating procedure for requirements gathering with Info-Tech’s blueprint Build a Strong Approach to Business Requirements Gathering.
    Stock photo of a Jenga tower with title: Build a Strong Approach to Business Requirements Gathering
    KEY INPUTS TO MMS REQUIREMENTS GATHERING
    Requirements Gathering Methodology

    Sample of Requirements Gathering Blueprint.

    Requirements Gathering Blueprint Slide 25: Understand the best-practice framework for requirements gathering for enterprise applications projects.

    Requirements Gathering SOP

    Sample of Requirements Gathering Blueprint.

    Requirements Gathering Blueprint Activities 1.2.2-1.2.5, 2.1.1, 2.1.2, 3.1.1, 3.2.1, 4.1.1-4.1.3, 4.2.2: Consolidate outputs to right-size a best-practice SOP for your organization.

    Project Level Selection Tool

    Sample of Requirements Gathering Blueprint.

    Requirements Gathering Blueprint Activity 1.2.4: Determine project-level selection guidelines to inform the due diligence required in your MMS requirements gathering.

    Activity: Elicit and capture your MMS requirements

    Associated Activity icon 1.3.2 Varies

    INPUT: MMS tool user expertise, MMS Requirements Picklist Tool

    OUTPUT: A list of needs from the MMS tool user perspective

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: MMS users in the organization, MMS selection committee

    Instructions

    1. Identify stakeholders for the requirements gathering exercise. Consider holding one-on-one sessions or large focus groups with key stakeholders or the project sponsor to gather business requirements for an MMS.
    2. Use the MMS Requirements Picklist Tool as a starting point for conducting the requirements elicitation session(s).
    3. Begin by reading the instructions in the template and then move to the “Requirements” worksheet. Read each defined requirement in the worksheet and indicate in the “Requirement Status” column whether the requirement is a “Must,” “High,” or “Low.” Confirming the status is an important part of the exercise. The status will help filter vendors for final selection later on in the process.
    4. Decide whether additional requirements are necessary by asking the MMS tool users. If so, add the requirements to the bottom of the “Requirements” worksheet and indicate their “Requirement Status.”

    Download the MMS Requirements Picklist Tool to help with completing this activity.

    Show the measurable benefits of MMS with metrics

    The return on investment (ROI) and perceived value of the organization’s marketing solution will be a critical indication of the likelihood of success of the suite’s selection and implementation.

    EXAMPLE
    METRICS

    MMS and Technology Adoption

    Marketing Performance Metrics
    Average revenue gain per campaign Quantity and quality of marketing insights
    Average time to execute a campaign Customer acquisition rates
    Savings from automated processes Marketing cycle times
    User Adoption and Business Feedback Metrics
    User satisfaction feedback User satisfaction survey with the technology
    Business adoption rates Application overhead cost reduction

    Info-Tech Insight

    Even if marketing metrics are difficult to track right now, the implementation of an MMS brings access to valuable customer intelligence from data that was once kept in silos.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.2.1

    Sample of activity 1.2.1 'Understand your business' goals for MMS by parsing your formal CXM strategy'. Align the CXM strategy value proposition to MMS capabilities

    Our facilitator will help your team identify the IT CXM strategy and marketing goals. The analyst will then work with the team to map the strategy to technological drivers available in the MMS market.

    1.3.2

    Sample of activity 1.3.2 'Elicit and capture your MMS requirements'. Define the needs of MMS users

    Our facilitator will work with your team to identify user requirements for the MMS Requirements Picklist Tool. The analyst will facilitate a discussion with your team to prioritize identified requirements.

    Select a Marketing Management Suite

    PHASE 2

    Shortlist Marketing Management Suites

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Shortlist Marketing Management Suites

    Proposed Time to Completion: 1-3 months
    Step 2.1: Analyze and Shortlist MMS Vendors
    Start with an analyst kick-off call:
    • Review requirements gathering findings.
    • Review the MMS market space.
    Then complete these activities…
    • Review vendor profiles and analysis.
    • Weigh the evaluation criteria’s importance in product capabilities and vendor characteristics.
    • Shortlist MMS vendors.
    With these tools & templates:
    Phase 2 Results:
    • Shortlist of MMS tools

    Phase 2 milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Step 2.1: Analyze and shortlist MMS vendors

    2.1

    Analyze and Shortlist MMS Vendors

    This step will walk you through the following activities:

    • Review MMS vendor landscape.
    • Take note of relevant point solutions.
    • Shortlist vendors for the RFP process.

    This step involves the following participants:

    • Core project team

    Outcomes of this step

    • Understanding of Info-Tech’s use-case scenarios for MMS: marketing automation, marketing intelligence, and social marketing.
    • Familiarity with the MMS vendor landscape.
    • Shortlist of MMS vendors for RFP process.

    Familiarize yourself with the MMS market: How it got here

    Vendor Profiles icon

    Loosely Tied Together

    Originally the sales and marketing enterprise application space was highly fragmented, with disparate best-of-breed point solutions patched together. Soon after, vendors in the late 1990s started bundling automation technologies into a single suite offering. Marketing capabilities of CRM suites were minimal at best and often restricted to web and email only.

    Limited to Large Enterprises

    Many vendors started to combine all marketing tools into a single, comprehensive marketing suite, but cost and complexity limited them to large enterprises and marketing agencies.

    Best-of-breed solutions targeting new channels and new goals, like closed-loop sales and marketing, continued driving new marketing software genres, like dedicated lead management suites.

    In today’s volatile business environment, judgment built from past experience is increasingly unreliable. With consumer behaviors in flux, once-valid assumptions (e.g. ‘older consumers don’t use Facebook or send text messages’) can quickly become outdated.” (SAS Magazine)

    Info-Tech Insight

    As the market evolves, capabilities that were once cutting edge become default and new functionality becomes differentiating. Some features, like basic CRM integration, have become table stakes capabilities. Focus on advanced analytics features and omnichannel integration capabilities to get the best fit for your requirements.

    Familiarize yourself with the MMS market: Where it’s going

    Vendor Profiles icon

    AI and Machine Learning

    Vendors are beginning to offer AI capabilities across MMS for data-driven customer engagement scoring and social listening insights. Machine learning capability is being leveraged to determine optimal customer journey and suggest next steps to users.

    Marketplace Fragmentation

    The number of players in the marketing application space has grown exponentially. The majority of these new vendors offer point solutions rather than full-blown marketing suites. Fragmentation is leading to tougher choices when looking to augment an existing platform with specific functionality.

    Improving Application Integration

    MMS vendors are fostering deeper integrations between their marketing products and core CRM products, leading to improved data hygiene. At the same time, vendors are improving flexibility in the marketing suite so that new channels can be added easily.

    Greater Self-Service

    Vendors have an increased emphasis on application usability. Their goal is to enable marketers to execute campaigns without relying on specialists.

    There’s a firehose of customer data coming at marketers today, and with more interconnected devices emerging (wearables, smart watches, etc.), cultivating a seamless customer experience is likely to grow even more challenging.

    Building out a data-driven marketing strategy and technology stack that enables you to capture behaviors across channels is key.” (IBM, Ideas for Exceeding Customer Expectations)

    Review Info-Tech’s vendor profiles of the MMS market to identify vendors that meet your requirements

    Vendors & Products Evaluated

    Vendor logos including 'Adobe', 'ORACLE', and 'IBM'.

    VENDOR PROFILES

    Review the MMS Vendor Evaluation

    Large icon of a descending bar graph for vendor profiles title page.

    Table stakes are the minimum standard; without these, a product doesn’t even get reviewed

    Vendor Profiles icon

    TABLE STAKES

    Feature Table Stake Functionality
    Basic Workflow Automation Simple automation of common marketing tasks (e.g. handling inbound leads).
    Basic Channel Integration Integration with minimum two or more marketing channels (e.g. email and direct mail).
    Customizable User Interface A user interface that can be changed and optimized to users’ preferences. This includes customizable dashboards for displaying relevant marketing metrics.
    Basic Mobile UX Accessible from a mobile device in some fashion.
    Cloud Compatibility Able to offer integration within pre-existing or proprietary cloud server. Many vendors only have SaaS products.

    What does this mean?

    The products assessed in these vendor profiles meet, at the very least, the requirements outlined as table stakes.

    Many of the vendors go above and beyond the outlined table stakes; some even do so in multiple categories. This section aims to highlight the products’ capabilities in excess of the criteria listed here.

    Info-Tech Insight

    If table stakes are all you need from your MMS, determine whether your existing CRM platform already satisfies your requirements. Otherwise, dig deeper to find the best price-to-value ratio for your needs.

    Take a holistic approach to vendor and product evaluation

    Almost – or equally – as important as evaluating vendor feature capabilities is the need to evaluate vendor viability and non-functional aspects of the MMS. Include an evaluation of the following criteria in your vendor scoring methodology:

    Vendor Attribute Description
    Vendor Stability and Variability The vendor’s proven ability to execute on constant product improvement, deliberate strategic direction, and overall commitment to research and development efforts in responding to emerging trends.
    Security Model The potential to integrate the application to existing security models and the vendor's approach to handling customer data.
    Deployment Style The choice to deploy a single or multi-tenant SaaS environment via a perpetual license.
    Ease of Customization The relative ease with which a system can be customized to accommodate niche or industry-specific business or functional needs.
    Vendor Support Options The availability of vendor support options, including selection consulting, application development resources, implementation assistance, and ongoing support resources.
    Size of Partner Ecosystem The quantity of enterprise applications and third-party add-ons that can be linked to the MMS, as well as the number of system integrators available.
    Ease of Data Integration The relative ease with which the system can be integrated with an organization’s existing application environment, including legacy systems, point solutions, and other large enterprise applications.

    Info-Tech Insight

    Evaluate vendor capabilities, not just product capabilities. An MMS is typically a long-term commitment; ensure that your organization is teaming up with a vendor or provider that you feel you can work well with and depend on.

    Advanced features are the capabilities that allow for granular differentiation of market players and use-case performance

    Vendor Profiles icon

    Evaluation Methodology

    These product features were assessed as part of the classification of vendors into use cases. In determining use-case leaders and players, select features were considered based on best alignment with the use case.

    Feature Advanced Functionality
    Advanced Campaign Management End-to-end marketing campaign management: customer journey mapping, campaign initiation, monitoring, and dynamic reporting and adjustment.
    Marketing Asset Management Content repository functionality (or tight ECM integration) for marketing assets and campaign collateral (static, multimedia, e-commerce–related, etc.).
    Marketing Analytics
    • Predictive analytics; machine learning; capabilities for data ingestion and visualization across various marketing research/marketing intelligence categories (demographic, psychographic, etc.).
    • Data segmentation; drill-down ability to assign attributes to unstructured data; ability to construct complex customer/competitive data visualizations from segmented data.
    Breadth of Channel Support Ability to support and manage a wide range of marketing channels (e-commerce, SEO/SEM, paid advertising, email, traditional [print, multimedia], etc.).
    Marketing Workflow Management Visual workflow editors and business rules engine creation.

    Advanced features are the capabilities that allow for granular differentiation of market players and use-case performance

    Vendor Profiles icon

    Evaluation Methodology

    These product features were assessed as part of the classification of vendors into use cases. In determining use-case leaders and players, select features were considered based on best alignment with the use case.

    Feature Advanced Functionality
    Community Marketing Management Branded customer communities (e.g. community support forums) and DMB/DSP.
    Email Marketing Automation End-to-end management of email marketing: email templates, email previews, spam testing, A/B tracking, multivariate testing, and email metrics tracking.
    Social Marketing Ability to integrate with popular social media networks and manage social properties and to aggregate and analyze social data for trend reporting.
    Mobile Marketing Ability to manage SMS, push, and mobile application marketing.
    Marketing Operations Management Project management tools for marketers (timelines, performance indicators, budgeting/resourcing tools, etc.).

    Use the information in the MMS vendor profiles to streamline your vendor analysis process

    Vendor Profiles icon This section includes profiles of the vendors evaluated against the previously outlined framework.
    Review the use-case scenarios relevant to your organization’s use case to identify a vendor’s fit to your organization’s MMS needs.
    • L = Use-case leader
    • P = Use-case player
    Three column headers: 'Marketing Automation', 'Marketing Intelligence', and 'Social Media Marketing'.
    Understand your organization’s size and whether it falls within the product’s market focus.
    • Large enterprise: 2,000+ employees and revenue of $250M+
    • Small-medium enterprise: 30-2,000 employees and revenue of $25M-$250M
    Column header 'MARKET FOCUS' with row headers 'Small-Medium' and 'Large Enterprise'.
    Review the differentiating features to identify where the application performs best. A list of features.
    Colors signify a feature’s performance. A key for color-coding: Blue - 'Best of Breed', Green - 'Present: Competitive Strength', Yellow-Green - 'Present: Competitive Parity', Yellow - 'Semi-Present', Grey - 'Absent'.

    Adobe Marketing Cloud

    Vendor Profiles icon
    Logo for Adobe. FUNCTIONAL SPOTLIGHT

    Creative Cloud Integration: To make for a more seamless cross-product experience, projects can be sent between Marketing Cloud and Creative Cloud apps such as Photoshop and After Effects.

    Sensei: Adobe has revamped its machine learning and AI platform in an effort to integrate AI into all of its marketing applications. Sensei includes data from Microsoft in a new partnership program.

    Anomaly Detection: Adobe’s Anomaly Detection contextualizes data and provides a statistical method to determine how a given metric has changed in relation to previous metrics.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    L

    L

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Adobe’s goal with Marketing Cloud is to help businesses provide customers with cohesive, seamless experiences by surfacing customer profiles in relevant situations quickly. Adobe Marketing Cloud has traditionally been used in the B2C space but has seen an increase in B2C use cases driven by the finance and technology sectors. FEATURES
    Color-coded ranking of each feature for Adobe.
    Employees (2018): 17,000 Presence: Global Founded: 1982 NASDAQ: ADBE

    HubSpot

    Vendor Profiles icon

    Logo for Hubspot.FUNCTIONAL SPOTLIGHT

    Content Optimization System (COS): The fully integrated system stores assets and serves them to their designated channels at relevant times. The COS is integrated into HubSpot's marketing platform.

    Email Automation: HubSpot provides basic email that can be linked to a specific part of an organization’s marketing funnel. These emails can also be added to pre-existing automated workflows.

    Email Deliverability Tool: HubSpot identifies HTML or content that will be flagged by spam filters. It also validates links and minimizes email load times.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Hubspot’s primary focus has been on email marketing campaigns. It has put effort into developing solid “click not code” email marketing capabilities. Also, Hubspot has an official integration with Salesforce for expanded operations management and analytics capabilities. FEATURES
    Color-coded ranking of each feature for Hubspot.
    Employees (2018): 1,400 Presence: Global Founded: 2006 NYSE: HUBS

    IBM Marketing Cloud

    Vendor Profiles icon

    Logo for IBM.FUNCTIONAL SPOTLIGHT

    Watson: IBM is leveraging its popular Watson AI brand to generate marketing insights for automated campaigns.

    Weather Effects: Set campaign rules based on connections between weather conditions and customer behavior relative to zip code made by Watson.

    Real-Time Personalization: IBM has made efforts to remove campaign interaction latency and optimize live customer engagement by acting on information about what customers are doing in the current moment.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    L

    L

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    IBM has remained ahead of the curve by incorporating its well-known AI technology throughout Marketing Cloud. The application’s integration with the wide array of IBM products makes it a powerful tool for users already in the IBM ecosystem. FEATURES
    Color-coded ranking of each feature for IBM.
    Employees (2018): 380,000 Presence: Global Founded: 1911 NYSE: IBM

    Marketo

    Vendor Profiles icon

    Logo for Marketo.FUNCTIONAL SPOTLIGHT

    Content AI: Marketo has leveraged its investments in machine learning to intelligently fetch marketing assets and serve them to customers based on their interactions with a campaign.

    Email A/B Testing: To improve lead generation from email campaigns, Marketo features the ability to execute A/B testing for customized campaigns.

    Partnership with Google: Marketo is now hosted on Google’s cloud platform, enabling it to provide support for larger enterprise clients and improve GDPR compliance.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Marketo has strong capabilities for lead management but has recently bolstered its analytics capabilities. Marketo is hoping to capture some of the analytics application market share by offering tools with varying complexity and to cater to firms with a wide range of analytics needs. FEATURES
    Color-coded ranking of each feature for Marketo.
    Employees (2018): 1,000 Presence: Global Founded: 2006 Private Corporation

    Oracle Marketing Cloud

    Vendor Profiles icon

    Logo for Oracle.FUNCTIONAL SPOTLIGHT

    Data Visualization: To make for a more seamless cross-product experience, marketing projects can be sent between Marketing Cloud and Creative Cloud apps such as Dreamweaver.

    ID Graph: Use ID Graph to unite disparate data sources to form a singular profile of leads, making the personalization and contextualization of campaigns more efficient.

    Interest-Based Messaging: Pause a campaign to update a segment or content based on aggregated customer activity and interaction data.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Oracle Marketing Cloud is known for its balance between campaigns and analytics products. Oracle has taken the lead on expanding its marketing channel mix to include international options such as WeChat. Users already using Oracle’s CRM/CEM products will derive the most value from Marketing Cloud. FEATURES
    Color-coded ranking of each feature for Oracle.
    Employees (2018): 138,000 Presence: Global Founded: 1977 NYSE: ORCL

    Salesforce Marketing Cloud

    Vendor Profiles icon

    Logo for Salesforce Marketing Cloud.FUNCTIONAL SPOTLIGHT

    Einstein: Salesforce is putting effort into integrating AI into all of its applications. The Einstein AI platform provides marketers with predictive analytics and insights into customer behavior.

    Mobile Studio: Salesforce has a robust mobile marketing offering that encompasses SMS/MMS, in-app engagement, and group messaging platforms.

    Journey Builder: Salesforce created Journey Builder, which is a workflow automation tool. Its user-friendly drag-and-drop interface makes it easy to automate responses to customer actions.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    L

    P

    L

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Salesforce Marketing Cloud is primarily used by organizations in the B2C space. It has strong Sales Cloud CRM integration. Pardot is positioning itself as a tool for sales teams in addition to marketers. FEATURES
    Color-coded ranking of each feature for Salesforce Marketing Cloud.
    Employees (2018): 1,800 Presence: Global Founded: 2000 NYSE: CRM

    Salesforce Pardot

    Vendor Profiles icon

    Logo for Salesforce Pardot.FUNCTIONAL SPOTLIGHT

    Engagement Studio: Salesforce is putting marketing capabilities in the hands of sales reps by giving them access to a team email engagement platform.

    Einstein: Salesforce’s Einstein AI platform helps marketers and sales reps identify the right accounts to target with predictive lead scoring.

    Program Steps: Salesforce developed a distinct own workflow building tool for Pardot. Workflows are made of “Program Steps” that have the functionality to initiate campaigns based on insights from Einstein.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    -

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Pardot is Salesforce’s B2B marketing solution. Pardot has focused on developing tools that enable sales teams and marketers to work in lockstep in order to achieve lead-generation goals. Pardot has deep integration with Salesforce’s CRM and customer service management products. FEATURES
    Color-coded ranking of each feature for Salesforce Pardot.
    Employees (2018): 1,800 Presence: Global Founded: 2000 NYSE: CRM

    SAP Hybris Marketing

    Vendor Profiles icon

    Logo for SAP.FUNCTIONAL SPOTLIGHT

    CMO Dashboard: The specialized dashboard is aimed at providing overviews for the executive level. It includes the ability to coordinate marketing activities and project budgets, KPIs, and timelines.

    Loyalty Management: SAP features in-app tools to manage campaigns specifically geared toward customer loyalty with digital coupons and iBeacons.

    Customer Segmentation: SAP’s predictive capabilities dynamically suggest relevant customer profiles for new campaigns.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    L

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    SAP Hybris Marketing Cloud optimizes marketing strategies in real time with accurate attribution and measurements. SAP’s operations management capabilities are robust, including the ability to view consolidated data streams from ongoing marketing plans, performance targets, and budgets. FEATURES
    Color-coded ranking of each feature for SAP.
    Employees (2018): 84,000 Presence: Global Founded: 1972 NYSE: SAP

    SAS Marketing Intelligence

    Vendor Profiles icon

    Logo for SAS.FUNCTIONAL SPOTLIGHT

    Activity Map: A user-friendly workflow builder that can be used to execute campaigns. Multiple activities can be simultaneously A/B tested within the Activity Map UI. The outcome of the test can automatically adjust the workflow.

    Spots: A native digital asset manager that can store property that is part of existing and future campaigns.

    Viya: A framework for fully integrating third-party data sources into SAS Marketing Intelligence. Viya assists with pairing on-premises databases with a cloud platform for use with the SAS suite.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    L

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    SAS has been a leading BI and analytics provider for more than 35 years. Rooted in statistical analysis of data, SAS products provide forward-looking strategic insights. Organizations that require extensive customer intelligence capabilities and the ability to “slice and dice” segments should have SAS on their shortlist. FEATURES
    Color-coded ranking of each feature for SAS.
    Employees (2018): 14,000 Presence: Global Founded: 1976 Private Corporation

    Consider alternative MMS vendors not included in Info-Tech’s vendor profiles

    Info-Tech evaluated only a portion of vendors in the MMS market. In order for a vendor to be included in this landscape, the company needed to meet three baseline criteria:
    1. Our clients must be talking about the solution.
    2. Our analysts must believe the solution will play well within the evaluation.
    3. The vendor must meet table stakes criteria.
    Below is a list of notable vendors in the space that did not meet all of Info-Tech’s inclusion requirements.

    Additional vendors in the MMS market:

    Logo for act-on. Logo for SharpSpring.

    See the next slides for suggested point solutions.

    Leverage Info-Tech’s WXM and SMMP vendor landscapes to select platforms that fit with your CXM strategy

    Web experience management (WXM) and social media management platforms (SMMP) act in concert with your MMS to execute complex campaigns.

    Social Media Management

    Info-Tech’s SMMP selection guide enables you to find a solution that satisfies your objectives across marketing, sales, public relations, HR, and customer service. Create a unified framework for driving successful implementation and adoption of your SMMP that fully addresses CRM and marketing automation integration, end-user adoption, and social analytics with Info-Tech’s blueprint Select and Implement a Social Media Management Platform.

    Stock image with the title Select and Implement a Social Media Management Platform.
    Web Experience Management

    Info-Tech’s approach to WXM ensures you have the right suite of tools for web content management, experience design, and web analytics. Put your best foot forward by conducting due diligence as the selection project advances. Ensure that your organization will see quick results with Info-Tech’s blueprint Select and Implement a Web Experience Management Solution.

    Stock image with the title Select and Implement a Web Experience Management Solution.

    POINT SOLUTION PROFILES

    Review this cursory list of point solutions by use case

    Consider point solutions if a full suite is not required

    Large icon of a target for point solution profiles title page.

    Consider point solutions if a full suite is not required

    Email Marketing

    Logos of companies for Email Marketing including MailChimp and emma.

    Consider point solutions if a full suite is not required

    Search Engine Optimization (SEO)

    Logos of companies for Search Engine Optimization including SpyFu and SerpStat.

    Consider point solutions if a full suite is not required

    Demand-Side Platform (DSP)

    Logos of companies for Demand-Side Platform including MediaMath and rocketfuel.

    Consider point solutions if a full suite is not required

    Customer Portal Software

    Logos of companies for Customer Portal Software including LifeRay and lithium.

    Select a Marketing Management Suite

    PHASE 3

    Select Vendor and Communicate Decision to Stakeholders

    Phase 3 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Plan Your MMS Implementation

    Proposed Time to Completion: 2 weeks
    Step 3.1: Select Your MMS Step 3.2: Communicate the Decision to Stakeholders
    Start with an analyst kick-off call:
    • Review the MMS shortlist.
    • Discuss how to link RFP questions and demo script scenarios to gathered requirements.
    Review findings with analyst:
    • Review the alignment between MMS capability and the business’ CXM strategy.
    • Discuss how to present the decision to stakeholders.
    Then complete these activities…
    • Build a vendor response template.
    • Evaluate RFP responses from vendors.
    • Build demo scripts and set up product demonstrations.
    • Establish evaluation criteria.
    • Select MMS product and vendor.
    Then complete these activities…
    • Present decision rationale to stakeholders.
    With these tools & templates:
    • MMS Request for Proposal Template
    • MMS Vendor Demo Script
    With these tools & templates:
    • MMS Selection Executive Presentation Template
    Phase 3 Results
    • Select an MMS that meets requirements and is approved by stakeholders.

    Phase 3 milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Step 2.1: Analyze and shortlist MMS vendors

    3.1

    3.2

    Select Your MMS Communicate Decision to Stakeholders

    This step will walk you through the following activities:

    • Build a response template to standardize potential vendor responses and streamline your evaluation process.
    • Evaluate the RFPs you receive with a clear scoring process and evaluation framework.
    • Build a demo script to evaluate product demonstrations by vendors.
    • Select your solution.

    This step involves the following participants:

    • Core project team
    • Procurement SMEs
    • Project sponsor

    Outcomes of this step

    • Completed MMS RFP vendor response template
    • Completed MMS demo script(s)
    • Established product and vendor evaluation criteria
    • Final MMS selection

    Activity: Shortlist vendors for the RFP process

    Associated Activity icon 3.1.1 30 minutes

    INPUT: Organizational use-case fit

    OUTPUT: MMS vendor shortlist

    Materials: Info-Tech’s MMS use cases, Info-Tech’s vendor profiles, Whiteboard, markers

    Participants: Core project team

    Instructions

    1. Collectively with the core project team, determine any knock-out criteria for shortlisting MMS vendors. For example, if your team is executing on a strategy that favors mobile deployment, vendors who do not have a mobile offering may be off the table.
    2. Based on the results in Activity 1.3.2, write a longlist of vendors. In most cases, this list will consist of all the vendors that fall into your organization’s use-case scenario. If your organization fits into more than one use case (e.g. your organization has both product-centric and service-centric MMS needs), look for the overlap of vendors between the use cases.
    3. Review the profiles of the vendors that fall into your use-case scenario. Based on your knock-out criteria established in Step 1, eliminate any vendors as applicable.
    4. Finalize and record your shortlist of MMS vendors.

    Use Info-Tech’s MMS Request for Proposal Template to document and communicate your requirements to vendors

    Supporting Tool icon 3.1.2 MMS Request for Proposal Template

    Use the MMS Request for Proposal Template as a step-by-step guide on how to request interested vendors to submit written proposals that meet your set of requirements.

    If interested in bidding for your project, vendors will respond with a description of the techniques they would employ to address your organizational challenges and meet your requirements, along with a plan of work and detailed budget for the project.

    The RFP is an important piece of setting and aligning your expectations with the vendors’ product offerings. Make sure to address the following elements in the RFP:

    Sections of the Tool:

    1. Statement of work
    2. General information
    3. Proposal preparation instructions
    4. Scope of work, specifications, and requirements
    5. Vendor qualifications and references
    6. Budget and estimated pricing
    7. Additional terms and conditions
    8. Vendor certification

    INFO-TECH DELIVERABLE

    Sample of Info-Tech's MMS Request Proposal Template.

    Complete the MMS Request for Proposal Template by following the instructions in Activity 3.1.3.

    Activity: Create an RFP to submit to MMS vendors

    Associated Activity icon 3.1.3 1-2 hours

    INPUT: Business requirements document, Procurement procedures

    OUTPUT: MMS RFP

    Materials: Internal RFP tools or templates (if available), Info-Tech’s MMS Request for Proposal Template (optional)

    Participants: Procurement SMEs, Project manager, Core project team (optional)

    Instructions

    1. Download Info-Tech’s MMS Request for Proposal Template or prepare internal best-practice RFP tools.
    2. Build your RFP:
      1. Complete the statement of work and general information sections to provide organizational context to your longlisted vendors.
      2. Outline the organization’s procurement instructions for vendors, including due diligence, assessment criteria, and dates.
      3. Input the business requirements document as created in Activity 1.3.2.
      4. Create a scenario overview to provide vendors with an opportunity to give an estimate price.
    3. Obtain approval for your RFP. Each organization has a unique procurement process; follow your own organization’s process as you submit your RFPs to vendors. Ensure compliance with your organization’s standards and gain approval for submitting your RFP.

    Establish vendor evaluation criteria

    Vendor demonstrations are an integral part of the selection process. Having clearly defined selection criteria will help with setting up relevant demos as well as inform the vendor scorecards.

    EXAMPLE EVALUATION CRITERIAPie chart indicating the weight of each 'Vendor Evaluation Criteria': 'Functionality, 30%', 'Ease of Use, 25%', 'Cost, 15%', 'Vendor, 15%', and 'Technology, 15%'.
    Functionality (30%)
    • Breadth of capability
    • Tactical capability
    • Operational capability
    Ease of Use (25%)
    • End-user usability
    • Administrative usability
    • UI attractiveness
    • Self-service options
    Cost (15%)
    • Maintenance
    • Support
    • Licensing
    • Implementation (internal and external costs)
    Vendor (15%)
    • Support model
    • Customer base
    • Sustainability
    • Product roadmap
    • Proof of concept
    • Implementation model
    Technology (15%)
    • Configurability options
    • Customization requirements
    • Deployment options
    • Security and authentication
    • Integration environment
    • Ubiquity of access (mobile)

    Info-Tech Insight

    Base your vendor evaluations not on the capabilities of the solutions but instead on how the solutions align with your organization’s process automation requirements and considerations.

    Vendor demonstrations

    Examine how the vendor’s solution performs against your evaluation framework.

    What is the value of a vendor demonstration?

    Vendor demonstrations create a valuable opportunity for your organization to confirm that the vendor’s claims in the RFP are actually true.

    A display of the vendor’s functional capabilities and its execution of the scenarios given in your demo script will help to support your assessment of whether a vendor aligns with your MMS requirements.

    What should be included in a vendor demonstration?

    1. Vendor’s display of its solution for the scenarios provided in the demo script.
    2. Display of functional capabilities of the tool.
    3. Briefing on integration capabilities.

    Activity: Invite top performing vendors for product demonstrations

    Associated Activity icon 3.1.4 1-2 hours

    INPUT: Business requirements document, Logistical considerations, Usage scenarios by functional area

    OUTPUT: MMS demo script

    Materials: Info-Tech’s MMS Vendor Demo Script

    Participants: Procurement SMEs, Core project team

    Instructions

    1. Have your evaluation team (selected at the onset of the project) present to evaluate each vendor’s presentation. In some cases you may choose to bring in a subject matter expert (SME) to evaluate a specific area of the tool.
    2. Outline the logistics of the demonstration in the Introduction section of the template. Be sure to outline the total length of the demo and the amount of time that should be dedicated to the following:
      • Product demonstration in response to the demo script
      • Showcase of unique product elements, not reflective of the demo script
      • Question and answer session
      • Breaks and other potential interruptions
    3. Provide prompts for the vendor to display the capabilities by listing and describing usage scenarios by functional area. For example, when asking a vendor to demo financial and accounting management capabilities, you may break scenarios out by task (e.g. general ledger, accounts payable) or user role (e.g. finance manager, administrator).

    Info-Tech Insight

    Challenge vendor project teams during product demonstrations. Asking the vendor to make adjustments or customizations on the fly will allow you to get an authentic feel of product capability and flexibility, as well as of the degree of adaptability of the vendor project team. Ask the vendor to demonstrate how to do things not listed in your user scenarios, such as change system visualizations or design, change underlying data, add additional datasets, demonstrate analytics capabilities, or channel specific automation.

    Use Info-Tech’s MMS Vendor Demo Script template to set expectations for vendor product demonstration

    Vendor Profiles icon MMS Vendor Demo Script

    Customize and use Info-Tech’s MMS Vendor Demo Script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

    This tool assists with outlining logistical considerations for the demo itself and the scenarios with which the vendors should script their demonstration.

    Sections of the Tool:

    1. Introduction
    2. Demo scenarios by functional area

    Info-Tech Best Practice

    Avoid providing vendors with a rigid script for product demonstration; instead, provide user scenarios. Part of the value of a vendor demonstration is the opportunity to assess whether or not the vendor project team has a solid understanding of your organization’s MMS challenges and requirements and can work with your team to determine the best solution possible. A rigid script may result in your inability to assess whether the vendor will adjust for and scale with your project and organization as a technology partner.

    INFO-TECH DELIVERABLE

    Sample of Info-Tech's MMS Vendor Demo Script.

    Use the MMS Vendor Demo Script by following the instructions in Activity 3.1.4.

    Leverage Info-Tech’s vendor selection and negotiation models as the basis for a streamlined MMS selection process

    Design a procurement process that is robust, ruthless, and reasonable. Rooting out bias during negotiation is vital to making unbiased vendor selections.

    Vendor Selection

    Info-Tech’s approach to vendor selection gets you to design a procurement process that is robust, ruthless, and reasonable. This approach enables you to take control of vendor communications. Implement formal processes with an engaged team to achieve the right price, the right functionality, and the right fit for the organization with Info-Tech's blueprint Implement a Proactive and Consistent Vendor Selection Process.

    Stock image with the title Implement a Proactive and Consistent Vendor Selection Process.
    Vendor Negotiation

    Info-Tech’s SaaS negotiation strategy focuses on taking control of implementation from the beginning. The strategy allows you to work with your internal stakeholders to make sure they do not team up with the vendor instead of you. Reach an agreement with your vendor that takes into account both parties’ best interests with Info-Tech’s blueprint Negotiate SaaS Agreements That Are Built to Last.

    Stock image with the title Negotiate SaaS Agreements That Are Built to Last.

    Step 3.2: Communicate decision to stakeholders

    3.1

    3.2

    Select Your MMS Communicate Decision to Stakeholders

    This step will walk you through the following activities:

    • Collect project rationale documentation.
    • Create a presentation to communicate your selection decision to stakeholders.

    This step involves the following participants:

    • Core project team
    • Procurement SMEs
    • Project sponsor
    • Business stakeholders
    • Relevant management

    Outcomes of this step

    • Completed MMS Selection Executive Presentation Template
    • Affirmation of MMS selection by stakeholders

    Inform internal stakeholders of the final decision

    Ensure traceability from the selected tool to the needs identified in the first phase. Internal stakeholders must understand the reasoning behind the final selection and see the alignment to their defined requirements and needs.

    Document the selection process to show how the selected tool aligns to stakeholder needs:

    A large arrow labelled 'Application Benefits', underlaid beneath two smaller arrows labelled 'MMS stakeholder needs' and 'MMS technology needs', all pointing to the right.

    Documentation will assist with:

    1. Adopting the selected MMS.
    2. Demonstrating that proper due diligence was performed during the selection process.
    3. Providing direct traceability between the selected applications and internal stakeholder needs.

    Activity: Prepare a presentation deck to communicate the selection process and decision to internal stakeholders

    Associated Activity icon 3.2.1 1 week

    INPUT: MMS tool selection committee expertise

    OUTPUT: Decision to invest or not invest in an MMS tool

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: MMS tool selection committee

    Instructions

    1. Download Info-Tech’s MMS Selection Executive Presentation Template.
    2. Read the instructions on slide 2 of the template. Then, on slide 3, decide if any portion of the selection process should be removed from the communication. Discuss with the team and make adjustments to slide 3 as necessary.
    3. Work with the MMS selection committee to populate the slides that remain after the adjustments. Follow the instructions on each slide to help complete the content.
    4. Refer to the square brackets on each slide (e.g. [X.X]) to identify the activity numbers in this storyboard that correspond to the slide in the MMS Selection Executive Presentation Template. Use the outputs produced from the corresponding activities in this deck and populate each slide in the MMS Selection Executive Presentation Template.
    5. Use the completed template to present to internal stakeholders.

    Info-Tech Insight

    Documenting the process of how the selection decision was made will avoid major headaches down the road. Without a documented process, internal stakeholders and even vendors can challenge and discredit the selection process.

    Vendor participation

    Vendors Who Briefed with Info-Tech Research Group

    Logos of vendors who participated in this blueprint: Salesforce Pardot, SAS, Adobe, Marketo, and Salesforce Marketing Cloud.

    Professionals Who Contributed to Our Evaluation and Research

    • Sara Camden, Digital Change Agent, Equifax
    • Caren Carrasco, Lifecycle Marketing and Automation, Benjamin David Group
    • 10 anonymous contributors participated in the vendor briefings

    Works cited

    Adobe Systems Incorporated. “Bayer builds understanding, socially.” Adobe.com, 2017. Web.

    IBM Corporation, “10 Key Marketing Trends for 2017.” IBM.com, 2017. Web.

    Marketo, Inc. “The Definitive Guide to Marketing Automation.” Marketo.com, 2013. Web.

    Marketo, Inc. “NBA franchise amplifies its message with help from Marketo’s marketing automation technology.” Marketo.com, 2017. Web.

    Salesforce Pardot. “Marketing Automation & Your CRM: The Dynamic Duo.” Pardot.com, 2017. Web.

    SAS Institute Inc. “Marketing Analytics: How, why and what’s next.” SAS Magazine, 2013. Web.

    SAS Institute Inc. “Give shoppers offers they’ll love.” SAS.com, 2017. Web.

    Re-Envision Enterprise Printing

    • Buy Link or Shortcode: {j2store}165|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $9,000 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: End-User Computing Devices
    • Parent Category Link: /end-user-computing-devices
    • Enterprises may be overspending on printing, but this spend is often unknown and untracked.
    • You are locked into a traditional printer lease and outdated document management practices, hampering digital transformation.

    Our Advice

    Critical Insight

    Don’t just settle for printer consolidation: Seek to eliminate print and enlist your managed print services vendor to help you achieve that goal.

    Impact and Result

    • Identify reduction opportunities via a thorough inventory and requirements-gathering process, and educate others on the financial and non-financial benefits. Enforce reduced printing through policies.
    • Change your printing financial model to print as a service by building an RFP and scoring tool for managed print services that makes the vendor a partner in continuous innovation.
    • Leverage durable print management software to achieve vendor-agnostic governance and visibility.

    Re-Envision Enterprise Printing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Re-Envision Enterprise Printing – A step-by-step document to help plan and execute a printer reduction project.

    This storyboard will help you plan the project, assess your current state and requirements, build a managed print services RFP and scoring process, and build continuous improvement of business processes into your operations.

    • Re-Envision Enterprise Printing – Phases 1-3

    2. Planning tools

    Use these templates and tools to plan the printer reduction project, document your inventory, assess current printer usage, and gather information on current and future requirements.

    • Enterprise Printing Project Charter
    • Enterprise Printing Roles and Responsibilities RACI Guide
    • Printer Reduction Tool
    • End-User Print Requirements Survey

    3. RFP tools

    Use these templates and tools to create an RFP for managed print services that can easily score and compare vendors.

    • Managed Print Services Vendor Assessment Questions
    • Managed Print Services RFP Vendor Proposal Scoring Tool
    • Managed Print Services RFP Template

    4. Printer policy

    Update the printer policy to express the new focus on reducing unsupported printer use.

    • Printer Policy Template

    Infographic

    Further reading

    Re-Envision Enterprise Printing

    Don't settle for printer consolidation; seek the elimination of print

    Analystperspective

    You're likely not in the printing business.
    Prepare your organization for the future by reducing print.

    Initiatives to reduce printers are often met with end-user resistance. Don't focus on the idea of taking something away from end users. Instead, focus on how print reduction fits into larger goals of business process improvement, and on opportunities to turn the vendor into a partner who drives business process improvement through ongoing innovation and print reduction.

    What are your true print use cases? Except in some legitimate use cases, printing often introduces friction and does not lead to efficiencies. Companies investing in digital transformation and document management initiatives must take a hard look at business processes still reliant on hard copies. Assess your current state to identify what the current print volume and costs are and where there are opportunities to consolidate and reduce.

    Change your financial model. The managed print services industry allows you to use a pay-as-you-go approach and right-size your print spend to the organization's needs. However, in order to do printing-as-a-service right, you will need to develop a good RFP and RFP evaluation process to make sure your needs are covered by the vendor, while also baking in assurances the vendor will partner with you for continuous print reduction.

    This is a picture of Emily Sugerman

    Emily Sugerman
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Darin Stahl
    Principal Research Advisor, Infrastructure & Operations
    Info-Tech Research Group

    Executive summary

    Your Challenge

    IT directors and business operations managers face several challenges:

    • Too many known unknowns: Enterprises may be overspending on printing, but this spend is often unknown and untracked.
    • Opportunity costs: By locking into conventional printer leases and outdated document management, you are locking yourself out of the opportunity to improve business processes.

    Common Obstacles

    Printer reduction initiatives are stymied by:

    • End-user resistance: Though sometimes the use of paper remains necessary, end users often cling to paper processes out of concern about change.
    • Lack of governance: You lack insight into legitimate print use cases and lack full control over procurement of devices and consumables.
    • Overly generic RFP: Print requirements are not tailored to your organization, and your managed print services RFP does not ask enough of the vendor.

    Info-Tech's Approach

    Follow these steps to excise superfluous, costly printing:

    • Identify reduction opportunities via a thorough inventory and requirements-gathering process, and educate others on the financial and non-financial benefits. Enforce reduced printing through policies.
    • Change your printing financial model to print-as-a-service by building an RFP and scoring tool for managed print services that makes the vendor a partner in continuous innovation.
    • Leverage durable print management software to achieve vendor-agnostic governance and visibility.

    Info-Tech Insight

    Don't settle for printer consolidation: seek to eliminate print and enlist your managed print services vendor to help you achieve that goal.

    Your challenge

    This research is designed to help organizations that aim to reduce printing long term

    • Finally understand aggregate printing costs: Not surprisingly, printing has become a large hidden expense in IT. Enterprises may be overspending on printing, but this spend is often unknown and untracked. Printer consumables are purchased independently by each department, non-networked desktop printers are everywhere, and everyone seems to be printing in color.
    • Walk the walk when it comes to digital transformation: Outdated document management practices that rely on unnecessary printing are not the foundation upon which the organization can improve business processes.
    • Get out of the printing business: Hire a managed print provider and manage that vendor well.

    "There will be neither a V-shaped nor U-shaped recovery in demand for printing paper . . . We are braced for a long L-shaped decline."
    –Toru Nozawa, President, Nippon Paper Industries (qtd. in Nikkei Asia, 2020).

    Weight of paper and paperboard generated in the U.S.*

    This is an image of a graph plotting the total weight of paper and paperboard generated in the US, bu thousands of US tons.

    *Comprises nondurable goods (including office paper), containers, and packaging.

    **2020 data not available.

    Source: EPA, 2020.

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Cost-saving opportunities are unclear: In most cases, nobody is accountable for controlling printing costs, so there's a lack of incentive to do so.
    • End-user attachment to paper-based processes: For end users who have been relying on paper processes, switching to a new way of working can feel like a big ask, particularly if an optimized alternative has not been provided and socialized.
    • Legitimate print use cases are undefined: Print does still have a role in some business processes (e.g. for regulatory reasons). However, these business processes have not been analyzed to determine which print use cases are still legitimate. The WFH experience during the COVID-19 pandemic demonstrated that many workflows that previously incorporated printing could be digitized. Indeed, the overall attachment to office paper is declining (see chart).
    • Immature RFP and RFP scoring methods: Outsourcing print to a managed service provider necessitates careful attention to RFP building and scoring. If your print requirements are not properly tailored to your organization and your managed print services RFP does not ask enough of the vendor, it will be harder to hold your vendor to account.

    How important is paper in your office?

    87% 77%

    Quocirca, a printer industry market research firm, found that the number of organizations for whom paper is "fairly or very important to their business" has dropped 10 percentage points between 2019 and 2021.

    Source: Quocirca, 2021.

    Info-Tech's approach

    Permanently change your company's print culture

    1. Plan your Project
    • Create your project charter, investigate end user printer behavior and reduction opportunities, gather requirements and calculate printer costs
  • Find the right managed print vendor
    • Protect yourself by building the right requirements into your RFP, evaluating candidates and negotiating from a strong position
  • Implement the new printer strategy
    • Identify printers to consolidate and eliminate, install them, and communicate updated printer policy
  • Operate
    • Track the usage metrics, service requests, and printing trends, support the printers and educate users to print wisely and sparingly
  • The Info-Tech difference:

    1. Use Info-Tech's tracking tools to finally track data on printer inventory and usage.
    2. Get to an RFP for managed print services faster through Info-Tech's requirement selection activity, and use Info-Tech's scoring tool template to more quickly compare candidates and identify frontrunners and knockouts.
    3. Use Info-Tech's guidance on print management software to decouple your need to govern the fleet from any specific vendor.

    Info-Tech's methodology for Re-Envision Enterprise Printing

    1. Strategy & planning 2. Vendor selection, evaluation, acquisition 3. Implementation & operation
    Phase steps
    1. Create project charter and assign roles
    2. Assess current state of enterprise print environments
    3. Gather current and future printer requirements
    1. Understand managed print services model
    2. Create RFP documents and score vendors
    3. Understand continuous innovation & print management software
    1. Modify printer policies
    2. Measure project success
    3. Training & adoption
    4. Plan persuasive communication
    5. Prepare for continuous improvement
    Phase outcomes
    • Documentation of project roles, scope, objectives, success metrics
    • Accurate printer inventory
    • Documentation of requirements based on end-user feedback, existing usage, and future goals
    • Finalized requirements
    • Completed RFP and vendor scoring tool
    • Managed print vendor selected, if necessary
    • Updated printer policies that reinforce print reduction focus
    • Assessment of project success

    Insight summary

    Keep an eye on the long-term goal of eliminating print

    Don't settle for printer consolidation: seek to eliminate print and enlist your managed print services vendor to help you achieve that goal.

    Persuading leaders is key

    Good metrics and visible improvement are important to strengthen executive support for a long-term printer reduction strategy.

    Tie printer reduction into business process improvement

    Achieve long-lasting reductions in print through document management and improved workflow processes.

    Maintain clarity on what types of printer use are and aren't supported by IT

    Modifying and enforcing printing policies can help reduce use of printers.

    Print management software allows for vendor-agnostic continuity

    Print management software should be vendor-agnostic and allow you to manage devices even if you change vendors or print services.

    Secure a better financial model from the provider

    Simply changing your managed print services pay model to "pay-per-click" can result in large cost savings.

    Blueprint deliverables

    Key deliverable:

    Managed Print Services RFP

    This blueprint's key deliverable is a completed RFP for enterprise managed print services, which feeds into a scoring tool that accelerates the requirements selection and vendor evaluation process.

    Managed Print Services Vendor Assessment Questions

    This is a screenshot from the Managed Print Services Vendor Assessment Questions

    Managed Print Services RFP Template

    This is a screenshot from the Managed Print Services RFP Template

    Managed Print Services RFP Vendor Proposal Scoring Tool

    This is a screenshot from the Managed Print Services RFP Vendor Proposal Scoring Tool

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Enterprise Printing Project Charter

    This is a screenshot from the Enterprise Printing Project Charter

    Document the parameters of the print reduction project, your goals, desired business benefits, metrics.

    Enterprise Printing Roles and Responsibilities RACI Guide

    This is a screenshot from the Enterprise Printing Project Charter

    Assign key tasks for the project across strategy & planning, vendor selection, implementation, and operation.

    Printer Policy

    This is a screenshot from the Printer Policy

    Start with a policy template that emphasizes reduction in print usage and adjust as needed for your organization.

    Printer Reduction Tool

    This is a screenshot from the Printer Reduction Tool

    Track the printer inventory and calculate total printing costs.

    End-User Print Requirements Survey

    This is a screenshot from the End-User Print Requirements Survey

    Base your requirements in end user needs and feedback.

    Blueprint benefits

    IT benefits

    • Make the project charter for printer reduction and estimate cost savings
    • Determine your organization's current printing costs, usage, and capabilities
    • Define your organization's printing requirements and select a solution
    • Develop a printer policy and implement the policy

    Business benefits

    • Understand the challenges involved in reducing printers
    • Understand the potential of this initiative to reduce costs
    • Accelerate existing plans for modernization of paper-based business processes by reducing printer usage
    • Contribute to organizational environmental sustainability targets

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #4: Review requirements.
    Weigh the benefits of managed print services.

    Call #6: Measure project success.

    Call #2: Review your printer inventory.
    Understand your current printing costs and usage.

    Call #5: Review completed scoring tool and RFP.

    Call #5: Review vendor responses to RFP.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    Strategy and Planning

    Strategy & planning

    Vendor selection, evaluation, acquisition

    Implementation & Operation

    1.1 Create project charter and assign roles

    1.2 Assess current state

    1.3 Gather requirements

    2.1 Understand managed print services model

    2.2 Create RFP materials

    2.3 Leverage print management software

    3.1 Modify printer policies

    3.2 Measure project success

    3.3 Training & adoption

    3.4 Plan communication

    3.5 Prepare for continuous improvement

    Re-Envision Enterprise Printing

    • This phase will walk you through the following activities:
    • Create a list of enterprise print roles and responsibilities
    • Create project charter
    • Inventory printer fleet and calculate printing costs
    • Examine current printing behavior and identify candidates for device elimination
    • Gather requirements, including through end user survey

    This phase involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Step 1.1

    Create project charter and assign roles

    Outcomes of this step

    Completed Project Charter with RACI chart

    Phase 1: Strategy and Planning

    • Step 1.1 Create project charter and assign roles
    • Step 1.2 Assess current state
    • Step 1.3 Gather requirements

    This step involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Activities in this step

    • Create a list of enterprise print roles and responsibilities
    • Create project charter

    1.1 Create project charter

    Use the project charter to clearly define the scope and avoid scope creep

    Identify project purpose

    • Why is the organization taking on this project? What are you trying to achieve?
    • What is the important background you need to document? How old is the fleet? What kinds of printer complaints do you get? What percentage of the IT budget does printing occupy?
    • What specific goals should this project achieve? What measurable financial and non-financial benefits do these goals achieve?

    Identify project scope

    • What functional requirements do you have?
    • What outputs are expected?
    • What constraints will affect this project?
    • What is out of scope for this project?

    What are the main roles and responsibilities?

    • Who is doing what for this project?

    How will you measure success?

    • What are the project's success metrics and KPIs?

    Enterprise Printing Project Charter

    This is a screenshot from the Enterprise Printing Project Charter

    Anticipate stakeholder resistance

    Getting management buy-in for printer reduction is often one of the biggest challenges of the project.

    Challenge Resolution
    Printer reduction is not typically high on the priority list of strategic IT initiatives. It is often a project that regularly gets deferred. The lack of an aggregate view of the total cost of printing in the environment could be one root cause, and what can't be measured usually isn't being managed. Educate and communicate the benefits of printer reduction to executives. In particular, spend time getting buy-in from the COO and/or CFO. Use Info-Tech's Printer Reduction Tool to show executives the waste that is currently being generated.
    Printers are a sensitive and therefore unpopular topic of discussion. Executives often see a trade-off: cost savings versus end-user satisfaction. Make a strong financial and non-financial case for the project. Show examples of other organizations that have successfully consolidated their printers.

    Info-Tech Insight

    If printer reduction is not driven and enforced from the top down, employees will find ways to work around your policies and changes. Do not attempt to undertake printer reduction initiatives without alerting executives. Ensure visible executive support to achieve higher cost savings.

    Align the printer reduction project to org goals to achieve buy-in

    A successful IT project demonstrates clear connections to business goals

    Which business and organizational goals and drivers are supported by IT's intention to transform its printing ecosystem? For example,

    Legislation: In 2009, the Washington House of Representatives passed a bill requiring state agencies to implement a plan to reduce paper consumption by 30% (State of Washington, 2009). The University of Washington cites this directive as one of the drivers for their plans to switch fully to electronic records by 2022 (University of Washington, n.d.).

    Health care modernization: Implementing electronic health records; reducing paper charts.

    Supply chain risk reduction: In 2021, an Ontario district school board experienced photocopier toner shortages and were forced to request schools to reduce printing and photocopying: "We have recommended to all locations that the use of printing be minimized as much as possible and priority given to the printing of sensitive and confidential documentation" (CBC, 2021).

    Identify overall organizational goals in the following places:

    • Company mission statements
    • Corporate website
    • Business strategy documents
    • Other IT strategy documents
    • Executives

    Document financial and non-financial benefits

    Financial benefits: Printer reduction can reduce your printing costs and improve printing capabilities.

    • Printer reduction creates a controlled print environment; poorly controlled print environments breed unnecessary costs.
    • Cost savings can be realized through:
      • Elimination of cost-efficient inkjet desktop printers.
      • Elimination of high-cost, inefficient, or underutilized printers.
      • Sharing of workshop printers between an optimal number of end users.
      • Replacing separate printers, scanners, copiers, and fax machines with. multi-function devices.
    • Cost savings can be achieved through a move to managed print services, if you negotiate the contract well and manage the vendor properly. The University of Washington estimated a 20-25% cost reduction under a managed print services model compared to the existing lease (University of Washington, "What is MPS").

    Non-financial benefits: Although the main motivation behind printer reduction is usually cost savings, there are also non-financial benefits to the project.

    • Printer reduction decreases physical space required for printers
    • Printer reduction meets employee and client environmental demands
      • Printer reduction can reduce the electricity and consumables used
      • Reduction in consumables means reduced hazardous waste from consumables and devices
    • Printer reduction can result in better printing capabilities
      • Moving to a managed print services model can provide you with better printing capabilities with higher availability

    Assign responsibility to track print device costs to IT

    Problem:
    Managers in many organizations wrongly assume that since IT manages the printer devices, they also already manage costs.

    However, end users typically order printer devices and supplies through the supplies/facilities department, bypassing any budget approval process, or through IT, which does not have any authority or incentive to restrict requests (when they're not measured against the controlling of printer costs).

    Organization-wide printer usage policies are rarely enforced with any strictness.

    Without systematic policy enforcement, end-user print behavior becomes frivolous and generates massive printing costs.

    Solution:
    Recommend all print device costs be allocated to IT.

    • Aggregate responsibility: Recommend that all printer costs be aggregated under IT's budget and tracked by IT staff.
    • Assign accountability: Although supplies may continually be procured by the organization's supplies/facilities department, IT should track monthly usage and costs by department.
    • Enforce policy: Empower IT with the ability to enforce a strict procurement policy that ensures all devices in the print environment are approved models under IT's control. This eliminates having unknown devices in the printer fleet and allows for economies of scale to be realized from purchasing standardized printing supplies.
    • Track metrics: IT should establish metrics to measure and control each department's printer usage and flat departments that exceed their acceptable usage amounts.

    Assign accountability for the initiative

    Someone needs to have accountability for both the printer reduction tasks and the ongoing operation tasks, or the initiative will quickly lose momentum.

    Customize Info-Tech's Enterprise Printing Roles and Responsibilities RACI Guide RACI chart to designate project roles and responsibilities to participants both inside and outside IT.

    These tasks fall under the categories of:

    • Strategy and planning
    • Vendor selection, evaluation, and acquisition
    • Implementation
    • Operate

    Assign a RACI: Remember the meaning of the different roles

    • Responsible (does the work on a day-to-day basis)
    • Accountable (reviews, signs off on, and is held accountable for outcomes)
    • Consulted (input is sought to feed into decision making)
    • Informed (is given notification of outcomes)

    As a best practice, no more than one person should be responsible or accountable for any given process. The same person can be both responsible and accountable for a given process, or it could be two different people.

    Avoid making someone accountable for a process if they do not have full visibility into the process for appropriate oversight, or do not have time to give the process sufficient attention.

    The Enterprise Printing Roles and Responsibilities RACI Guide can be used to organize and manage these tasks.

    This is a screenshot from the Enterprise Printing Roles and Responsibilities RACI Guide

    Define metrics to measure success

    Track your project success by developing and tracking success metrics

    Ensure your metrics relate both to business value and customer satisfaction. "Reduction of print" is a business metric, not an experience metric.

    Frame metrics around experience level agreements (XLAs) and experience level objectives (XLOs): What are the outcomes the customer wants to achieve and the benefits they want to achieve? Tie the net promoter score into the reporting from the IT service management system, since SLAs are still needed to tactically manage the achievement of the XLOs.

    Use the Metrics Development Workbook from Info-Tech's Develop Meaningful Service Metrics to define:

    • Relevant stakeholders
    • Their goals and pain points
    • The success criteria that must be met to achieve these goals
    • The key indicators that must be measured to achieve these goals from an IT perspective
    • What the appropriate IT metrics are, based on all of the above

    Metrics could include

    • User satisfaction
    • Print services net promoter model
    • Total printing costs
    • Printer availability (uptime)
    • Printer reliability (mean time between failures)
    • Total number of reported incidents
    • Mean time for vendor to respond and repair

    Info-Tech Insight:

    Good metrics and visible improvement are important to strengthen executive support for a long-term printer reduction strategy.

    Step 1.2

    Assess current state

    Outcomes of this step

    • Aggregate view of your printer usage and costs

    Strategy and Planning

    This step involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Activities in this step

    • 1.2. Inventory your printer fleet: Office walk-around
    • 1.2 Inventory your printer fleet: Collect purchase receipts/statements/service records
    • 1.3 Calculate printing costs

    Create an aggregate view of your printer usage and costs

    Problem: Lack of visibility

    • Most organizations are unaware of the savings potential in reducing print due to a lack of data.
    • Additionally, organizations may have inappropriately sized devices for their workloads.
    • Often, nobody is responsible for managing the printers collectively, resulting in a lack of visibility into printing activity. Without this visibility, it is difficult to muster executive commitment and support for printer reduction efforts.
    • The first step to eliminating your printers is to inventory all the printers in the organization and look at an aggregate view of the costs. Without understanding the cost saving potential, management will likely continue to avoid printer changes due to the idea's unpopularity with end users.
    • Valid use cases for printers will likely still remain, but these use cases should be based on a requirements analysis.
    This is a screenshot from the Printer Reduction Tool. It includes the Printer Inventory, and a table with the following column headings: Device Type; Specific Device; Networked; Manufacturer; Model; Serial #; Office Location; Device Owner; # users Supported; Monthly Duty; Page Count to; Device Age; Remaining Useful; # Pages printer/month; % Utilization

    Create visibility through by following these steps:

    1. Office walk-around: Most organizations have no idea how many printers they have until they walk around the office and physically count them. This is especially true in cases where management is allowed to purchase personal printers and keep them at their desks. An office walk-around is often necessary to accurately capture all the printers in your inventory.
    2. Collect purchase receipts/statements/service records: Double-check your printer inventory by referring to purchase receipts, statements, and service records.
    3. Identify other sources of costs: Printer purchases only make up a small fraction of total printing costs. Operating costs typically account for 95% of total printer costs. Make sure to factor in paper, ink/toner, electricity, and maintenance costs.

    1.2.1 Inventory your printer fleet: part 1

    Office walk-around

    1. Methodically walk around the office and determine the following for each printer:
      • Device type
      • Make, model, serial number
      • Location
      • Number of users supported
      • Device owner
      • Type of users supported (department, employee position)
    2. Record printer details in Tab 1 of Info-Tech's Printer Reduction Tool. Collaborate with the accounting or purchasing department to determine the following for each printer recorded:
      • Purchase price/date
      • Monthly duty cycle
      • Estimated remaining useful life
      • Page count to date

    Input

    Output
    • Existing inventory lists
    • Visual observation
    • Inventory of office printers, including their printer details

    Materials

    Participants

    • Notepad
    • Pen
    • Printer Reduction Tool
    • IT director
    • IT staff

    Download the Printer Reduction Tool

    1.2.2 Inventory your printer fleet:
    part 2

    Collect purchase receipts/statements/service records

    1. Ask your purchasing manager for purchase receipts, statements, and service records relating to printing.
    2. For documents found, match the printer with your physical inventory. Add any printers found that were not captured in the physical inventory count. Record the following:
      1. Device type
      2. Make, model, serial number
      3. Location
      4. Number of users supported
      5. Device owner
      6. Type of users supported (department, employee position)
    3. 3. Collaborate with the accounting or purchasing department to determine the following for each printer recorded:
      1. Purchase price/date
      2. Monthly duty cycle
      3. Estimated remaining useful life
      4. Page count to date
    4. Enter the data in Tab 1 of the Printer Reduction Tool

    Input

    Output
    • Purchase receipts
    • Statements
    • Service records
    • Printer inventory cross-checked with paperwork

    Materials

    Participants

    • Printer inventory from previous activity
    • IT director
    • IT staff
    • Purchasing manager

    Download the Printer Reduction Tool

    1.2.3 Calculate your printing costs

    Collect purchase receipts/statements/service records

    • Collect invoices, receipts, and service records to sum up the costs of paper, ink or toner, and maintenance for each machine. Estimate electricity costs.
    • Record your costs in Tab 2 of the Printer Reduction Tool.
    • Review the costs per page and per user to look for particularly expensive printers and understand the main drivers of the cost.
    • Review your average monthly cost and annual cost per user. Do these costs surprise you?

    Input

    Output
    • Invoices, receipts, service records for
    • Cost per page and user
    • Average monthly and annual cost

    Materials

    Participants

    • Printer Reduction Tool
    • IT director
    • IT staff

    Step 1.3

    Gather printing requirements

    Outcomes of this step

    • Understanding of the organization's current printing behavior and habits
    • Identification of how industry context and digitization of business processes have impacted current and future requirements

    This step involves the following participants:

    • IT director
    • IT staff
    • Rest of organization

    Activities in this step

    • Examine current printing behavior and habits
    • Administer end-user survey
    • Identify current requirements
    • Identify future requirements

    Requirements Gathering Overview

    1. Identify opportunities to go paperless
      • Determine where business process automation is occurring
      • Align with environmental and sustainability campaigns
    2. Identify current requirements
      • Review the types of document being printed and the corresponding features needed
      • Administer end-user survey to understand user needs and current printer performance
    3. Identify future requirements
    • Identify future requirements to avoid prematurely refreshing your printer fleet
  • Examine industry-specific/ workflow printing
    • Some industries have specific printing requirements such as barcode printing accuracy. Examine your industry-specific printing requirements
  • Stop: Do not click "Print"

    The most effective way to achieve durable printing cost reduction is simply to print less.

    • Consolidating devices and removing cost-inefficient individual printers is a good first step to yielding savings.
    • However, more sustainable success is achieved by working with the printer vendor(s) and the business on continuous innovation via proposals and initiatives that combine hardware, software, and services.
    • Sustained print reduction depends on separate but related business process automation and digital innovation initiatives.

    Info-Tech Insight:

    Achieve long-lasting reductions in print through document management and improved workflow processes.

    Leverage Info-Tech research to support your business' digital transformation

    This is an image of the title page from Info-Tech's Define your Digital Business Strategy blueprint.

    Define how changes to enterprise printing fit into digital transformation plans

    Identify opportunities to go paperless

    The "paperless office" has been discussed since the 1970s. The IT director alone does not have authority to change business processes. Ensure the print reduction effort is tied to other strategies and initiatives around digital transformation. Working on analog pieces of paper is not digital and may be eroding digital transformation process.

    Leverage Info-Tech's Assert IT's Relevance During Digital Transformations to remind others that modernization of the enterprise print environment belongs to the discussion around increasing digitized support capabilities.

    1. Digital Marketing

    2. Digital Channels

    3. Digitized Support Capabilities

    4. Digitally Enabled Products

    5. Business Model Innovation

    Manage Websites

    E-Channel Operations

    Workforce Management

    Product Design

    Innovation Lab Management

    Brand Management

    Product Inventory Management

    Digital Workplace Management

    Portfolio Product Administration

    Data Sandbox Management

    SEO

    Interactive Help

    Document Management

    Product Performance Measurement

    Innovation Compensation Management

    Campaign Execution

    Party Authentication

    Eliminate business process friction caused by print

    Analyze workflows for where they are still using paper. Ask probing questions about where paper still adds value and where the business process is a candidate for paperless digital transformation

    • Is this piece of paper only being used to transfer information from one application to another?
    • What kind of digitalization efforts have happened in the business as a result of the COVID-19 pandemic? Which workflows have digitized on their own?
    • Where has e-signature been adopted?
    • Is this use of paper non-negotiable (e.g. an ER triage that requires a small printer for forms; the need for bank tellers to provide receipts to customers)?
    • Do we have compliance obligations that require us to retain a paper process?
    • What is getting printed? Who is printing the most? Identify if there are recurring system-generated reports being printed daily/weekly/quarterly that are adding to the volume. Are reports going directly from staff mailboxes to a recycling bin?
    • Does our print financial model incentivize the transformation of business processes, or does it reinforce old habits?
    • What services, software, and solutions for document management and business process analysis does our managed print services vendor offer? Can we involve the vendor in the business transformation conversation by including an innovation clause in the next contract (re)negotiation to push the vendor to offer proposals for projects that reduce print?

    Develop short-term and long-term print reduction strategies

    Short-term strategies

    • Consolidate the number of printers you have.
    • Determine whether to outsource printing to a managed services provider and make the move.
    • Enable print roaming and IT verification.
    • Require user-queued print jobs to be authenticated at a printer to prevent print jobs that are lost or not picked up.
    • Set up user quotas.
    • Provide usage records to business managers so they can understand the true cost of printing.
    • User quotas may create initial pushback, but they lead users to ask themselves whether a particular print job is necessary.
    • Renegotiate print service contracts.
    • Revisit contracts and shop around to ensure pricing is competitive.
    • Leverage size and centralization by consolidating to a single vendor, and use the printing needs of the entire enterprise to decrease pricing and limit future contractual obligations.
    • Train users on self-support.
    • Train users to remedy paper jams and move paper in and out of paper trays.

    Long-term strategies

    • Promote a paperless culture by convincing employees of its benefits (greater cost savings, better security, easier access, centralized repository, greener).
    • Educate users to use print area wisely.
    • Develop campaigns to promote black and white printing or a paperless culture.

    Info-Tech Insight:

    One-time consolidation initiatives leave money on the table. The extra savings results from changes in printing culture and end-user behavior.

    Examine current printing behavior and habits

    It's natural for printer usage and printing costs to vary based on office, department, and type of employee. Certain jobs simply require more printing than others.

    However, the printing culture within your organization likely also varies based on

    • office
    • department
    • type of employee

    Examine the printing behaviors of your employees based on these factors and determine whether their printing behavior aligns with the nature of their job.

    Excessive printing costs attributed to departments or groups of employees that don't require much printing for their jobs could indicate poor printing culture and potentially more employee pushback.

    Examine current printing behavior and habits, and identify candidates for elimination

    1. Go to Tab 3 of your Printer Reduction Tool ("Usage Dashboard Refresh"). Right-click each table and press "Refresh."
    2. Go to Tab 4 of your Printer Reduction Tool ("Usage Dashboard") to understand the following:
      1. Average printer utilization by department
      2. Pages printed per month by department
      3. Cost per user by department
    3. Take note of the outliers and expensive departments.
    4. Review printer inventory and printer use rates on Tab 5.
    5. Decide which printers are candidates for elimination and which require more research.
    6. If already working in a managed print services model, review the vendor's recommendations for printer elimination and consolidation.
    7. Mark printers that could be eliminated or consolidated.

    Input

    Output
    • Discussion
    • Understanding of expensive departments and other outliers

    Materials

    Participants

    • Printer Reduction Tool
    • IT director/ business operations
    • Business managers

    Administer end-user survey

    Understand end-user printing requirements and current printer performance through an end-user survey

    1. Customize Info-Tech's End-User Print Requirements Survey to help you understand your users' needs and the current performance of your printer fleet.
    2. Send the survey to all printer users in the organization.
    3. Collect the surveys and aggregate the requirements of users in each department.
    4. Record the survey results in the "Survey Results" tab.

    Input

    Output
    • End-user feedback
    • Identification of outliers and expensive departments

    Materials

    Participants

    • End-User Print Requirements Survey template
    • IT director
    • IT staff
    • Rest of organization

    Download the End-User Print Requirements Survey

    Info-Tech Insight:

    Use an end-user printer satisfaction survey before and after any reduction efforts or vendor implementation, both as a requirement-gathering user input and to measure/manage the vendor.

    Identify your current requirements

    Collect all the surveys and aggregate user requirements. Input the requirements into your Printer Reduction Tool.

    Discussion activity:

    • Review the requirements for each department and discuss:
    • What is this device being used for (e.g. internal documents, external documents, high-quality graphics/color)?
    • Based on its use case, what kinds of features are needed (e.g. color printing, scanning to email, stapling)?
    • Is this the right type of device for its purpose? Do we need this device, or can it be eliminated?
    • Based on its use case, what kinds of security features are needed (e.g. secure print release)?
    • Are there any compliance requirements that need to be satisfied (e.g. PCI, ITAR, HIPAA)?
    • Based on its use case, what's the criticality of uptime?
    • What is this device's place in the organization's workflow? What are its dependencies?
    • With which systems is the device compatible? Is it compatible with the newer operating system versions? If not, determine whether the device is a refresh candidate.

    Input

    Output
    • Survey results and department requirements
    • List of current requirements

    Materials

    Participants

    • N/A
    • IT director
    • IT staff

    Identify your future requirements

    Prepare your printer fleet for future needs to avoid premature printer refreshes.

    Discussion activity:

    • Review the current requirements for each department's printers and discuss whether the requirements will meet the department's printing needs over the next 10 years.
    • What is this device going to be used for in the next 10 years?
    • Will use of this device be reduced by plans to increase workflow digitization?
    • Based on its use case, what kinds of features are needed?
    • Is this the right type of device for its purpose?
    • Based on its use case, what kinds of security features are needed?
    • Based on its use case, what is the criticality of uptime?
    • Is this device's place in the organization's workflow going to change? What are its dependencies?
    • Reassess your current requirements and make any changes necessary to accommodate for future requirements.

    Input

    Output
    • Discussion
    • List of future requirements

    Materials

    Participants

    • N/A
    • IT director
    • IT staff

    Examine requirements specific to your industry and workflow

    Some common examples of industries with specific printing requirements:

    • Healthcare
      • Ability to comply with HIPAA requirements
      • High availability and reliability with on-demand support and quick response times
      • Built-in accounting software for billing purposes
      • Barcode printing for hospital wristbands
      • Fax requirements
    • Manufacturing
      • Barcoding technology
      • Ability to meet regulations such as FDA requirements for the pharmaceutical industry
      • Ability to integrate with ERP systems
    • Education
      • Password protection for sensitive student information
      • Test grading solutions
      • Paper tests for accessibility needs

    Phase 2

    Vendor Selection, Evaluation, Acquisition

    Strategy & planning

    Vendor selection, evaluation, acquisition

    Implementation & Operation

    1.1 Create project charter and assign roles

    1.2 Assess current state

    1.3 Gather requirements

    2.1 Understand managed print services model

    2.2 Create RFP materials

    2.3 Leverage print management software

    3.1 Modify printer policies

    3.2 Measure project success

    3.3 Training & adoption

    3.4 Plan communication

    3.5 Prepare for continuous improvement

    Re-Envision Enterprise Printing

    • This phase will walk you through the following activities:
    • Define managed print services RFP requirement questions
    • Create managed print services RFP and scoring tool
    • Score the RFP responses

    This phase involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Change your financial model

    The managed print services industry allows you to use a pay-as-you-go approach and right-size your print spend to the organization's needs.

    Avoid being locked into a long lease where the organization pays a fixed monthly fee whether the printer runs or not.

    Instead, treat enterprise printing as a service, like the soda pop machine in the break room, where the vendor is paid when the device is used. If the vending machine is broken, the vendor is not paid until the technician restores it to operability. Printers can work the same way.

    By moving to a per click/page financial model, the vendor installs and supports the devices and is paid whenever a user prints. Though the organization pays more on a per-click/page basis compared to a lease, the vendor is incentivized to right-size the printer footprint to the organization, and the organization saves on monthly recurring lease costs and maintenance costs.

    Right-size commitments: If the organization remains on a lease instead of pay-per-click model, it should right-size the commitment if printing drops below a certain volume. In the agreement, include a business downturn clause that allows the organization to right-size and protect itself in the event of negative growth.

    Understand the managed print services model and its cost savings

    Outsourcing print services can monitor and balance your printers and optimize your fleet for efficiency. Managed print services are most appropriate for:

    • Organizations engaging in high-volume, high-quality print jobs with growing levels of output.
    • Organizations with many customer-facing print jobs.

    There are three main managed printing service models. Sometimes, an easy switch from a level pay model to a pay-per-click model can result in substantial savings:

    Level Pay

    • Flat rate per month based on estimates.
    • Attempts to flatten IT's budgeting so printing costs are consistent every month or every year (for budgeting purposes). At the end of the year, the amount of supplies used is added up and compared with the initial estimates and adjusted accordingly.
    • The customer pays the same predictable fee each month every year, even if you don't meet the maximum print quantity for the pay. Increased upcharge for quantities exceeding maximum print quantity.

    Base Plus Click

    • Fixed base payment (lease or rental) + pay-per-sheet for services.
    • In addition to the monthly recurring base cost, you pay for what you use. This contract may be executed with or without a minimum monthly page commitment. Page count through remote monitoring technologies is typically required.

    Pay Per Click

    • Payment is solely based on printing usage.
    • Printing costs will likely be the lowest with this option, but also the most variable.
    • This option requires a minimum monthly page commitment and/or minimum term.

    Info-Tech Insight:

    Vendors typically do not like the pay-per-click option and will steer businesses away from it. However, this option holds the vendor accountable for the availability and reliability of your printers, and Info-Tech generally recommends this option.

    Compare financials of each managed print services option

    Your printing costs with a pay-per-click model are most reflective of your actual printer usage. Level pay tends to be more expensive, where you need to pay for overages but don't benefit from printing less than the maximum allocated.

    See the below cost comparison example with level pay set at a maximum of 120,000 impressions per month. In the level pay model, the organization was paying for 120,000 sheets in the month it only used 60,000 impressions, whereas it would have been able to pay just for the 60,000 sheets in the pay-per-click model.

    This image contains tables with the column headings: Impressions per month; Total Cost; Average Cost per Impression; for each of the following categories: Level Pay; Base Plus Click; Pay Per Click

    Financial comparison case study

    This organization compared estimated costs over a 36-month period for the base-plus-click and pay-per-page models for Toshiba E Studio 3515 AC Digital Color Systems.

    Base-plus-click model

    Monthly recurring cost

    Avg. impressions per month

    Monthly cost

    Monthly cost

    "Net pay per click"

    Cost over 36-month period

    A fixed lease cost each month, with an additional per click/page charge

    $924.00

    12,000 (B&W)

    $0.02 (B&W)

    $1,164.00 (B&W)

    $0.097 (B&W)

    $41,904 (B&W)

    5,500 (Color)

    $0.09 (Color)

    $495.00 (Color)

    $0.090 (Color)

    $17,820 (Color)

    Base-plus-click model

    Monthly recurring cost

    Avg. impressions per month

    Monthly cost

    Monthly cost

    "Net pay per click"

    Cost over 36-month period

    No monthly lease cost, only per-image charges

    0.00

    12,000 (B&W)

    $0.06 (B&W)

    $720.00 (B&W)

    $0.060 (B&W)

    $25,920 (B&W)

    5,500 (Color)

    $0.12 (Color)

    $660.00 (Color)

    $0.120 (Color)

    $23,760 (Color)

    Results

    Though the per-image cost for each image is lower in the base-plus-click model, the added monthly recurring costs for the lease means the "net pay per click" is higher.

    Overall, the pay-per-page estimate saved $10,044 over a 36-month period for this device.

    Bake continuing innovation into your requirements

    Once you are in the operation phase, you will need to monitor and analyze trends in company printing in order to make recommendations for the future and to identify areas for possible savings and/or asset optimization.

    Avoid a scenario where the vendor drops the printer in your environment and returns only for repairs. Engage the vendor in this continuous innovation work:

    In the managed services agreement, include a proviso for continuous innovation where the vendor has a contractual obligation to continually look at the business process flow and bring yearly proposals to show innovation (e.g. cost reductions; opportunities to reduce print, which allows the vendor to propose document management services and record keeping services). Leverage vendors who are building up capabilities to transform business processes to help with the heavy lifting.

    Establish a vision for the relationship that goes beyond devices and toner. The vendor can make a commitment to continuous management and constant improvement, instead of installing the devices and leaving. Ideally, this produces a mutually beneficial situation: The client asks the vendor to sell them ways to mature and innovate the business processes, while the vendor retains the business and potentially sells new services. In order to retain your business, the vendor must continue to learn and know about your business.

    The metric of success for your organization is the simple reduction in printed copies overall. The vendor success metric would be proposals that may combine hardware, software, and services that provide cost-effective reductions in print through document management and workflow processes. The vendors should be keen to build this into the relationship since the services delivery has a higher margin for them.

    Sample requirement wording:

    "Continuing innovation: The contractor initiates at least one (1) project each year of the contract that shows leadership and innovation in solutions and services for print, document management, and electronic recordkeeping. Bidders must describe a sample project in their response, planning for an annual investment of approximately 50 consulting hours and $10,000 in hardware and/or software."

    Reward the vendor for performance instead of "punishing" them for service failures

    Problem: Printer downtime and poor service is causing friction with your managed service provider (MSP).

    MSPs often offer clients credit requests (service credits) for their service failures, which are applied to the previous month's monthly recurring charge. They are applied to the last month's MRC (monthly reoccurring charges) at the end of term and then the vendor pays out the residual.

    However, while common, service credits are not always perceived to be a strong incentive for the provider to continually focus on improvement of mean time to respond or mean time to repair.

    Solution: Turn your vendor into a true partner by including an "earn back" condition in the contract.

    • Engage the vendor as a true partner within a relationship based upon service credits.
    • Suggest that the vendor include a minor change to the non-performance processes within the final agreement: the vendor implements an "earn back" condition in the agreement.
    • Where a bank of service credits exists because of non-performance, if the provider exceeds the SLA performance metrics for a number of consecutive months (two is common), then a given number of prior credits received by the client are returned to the provider as a reward for improved performance.
    • This can be a useful mechanism to drive improved performance.

    Leverage enterprise print management software

    Printers are commoditized and can come and go, but print management software enables the governance, compliance, savings and visibility necessary for the transformation

    • Printer management solutions range from tools bundled with ink-jet printers that track consumables' status, to software suites that track data for thousands of print devices.
    • Typically, these solutions arrive in enterprises as part of larger managed services printing engagements, bundled with hardware, financing, maintenance, and "services."
    • Bundling print management software means that customers very rarely seek to acquire printing management software alone.
    • Owing to the level of customization (billing, reporting, quotas, accounts, etc.) switching print management software solutions is also rare. The work you put into this software will remain with IT regardless of your hardware.
    • Durability of print management software is also influenced by the hardware- and technology-agnostic nature of the solutions (e.g. swapping one vendor's devices for another does not trigger anything more than a configuration change in print management software.)

    Include enterprise print management requirements in the RFP

    Ask respondents to describe their managed services capabilities and an optional on-premises, financed solution with these high-level capabilities.

    Select the appropriate type of print management software

    Vendor-provided solutions are adequate control for small organizations with simple print environments

    • Suitable for small organizations (<100 users).
    • Software included with print devices can pool print jobs, secure access, and centralize job administration.
    • Dealing with complex sales channels for third-party vendors is likely a waste of resources.

    SMBs with greater print control needs can leverage mid-level solutions to manage behavior

    • Suitable for mid-size organizations (<500 users).
    • Mid-level software can track costs, generate reports, and centralize management.
    • Solutions start at $500 but require additional per-device costs.

    Full control solutions will only attract large organizations with a mature print strategy

    • Full control solutions tend to be suitable for large organizations (>500 users) with complex print environments and advanced needs.
    • Full control software allows for absolute enforcement of printing policies and full control of printing.
    • Expect to spend thousands for a tailored solution that will save time and guide cost savings.

    Enterprise print management software features

    The feature set for these tools is long and comprehensive. The feature list below is not exhaustive, as specific tools may have additional product capabilities.

    Print Management Software Features

    Hardware-neutral support of all major printer types and operating systems (e.g. direct IP to any IPP-enabled printer along with typical endpoint devices) Tracking of all printing activity by user, client account, printer, and document metadata
    Secure print on demand (Secure print controls: User Authenticated Print Release, Pull Printing) Granular print cost/charging, allowing costs to be assigned on a per-printer basis with advanced options to charge different amounts based on document type (e.g. color, grayscale or duplex), page size, user or group
    Managed and secured mobile printing (iOS/Android), BYOD, and guest printing DaaS/VDI print support
    Printer installation discovery/enablement, device inventory/management Auditing/reporting, print audit trail using document attributes to manage costs/savings, enforce security and compliance with regulations and policies
    Monitoring print devices, print queues, provide notification of conditions Watermarking and/or timestamping to ensure integrity and confidentially/classification of printed documents some solutions support micro font adding print date, time, user id and other metadata values discreetly to a page preventing data leakage
    Active Directory integration or synchronization with LDAP user accounts Per-user quotas or group account budgets
    Ability to govern default print settings policies (B&W, double-sided, no color, etc.)

    Get to the managed print services RFP quicker

    Jumpstart your requirements process using these tools and exercises

    Vendor Assessment Questions

    Use Info-Tech's catalog of commonly used questions and requirements in successful acquisition processes for managed print services. Ask the right questions to secure an agreement that meets your needs. If you are already in a contract with managed print services, take the opportunity of contract renewal to improve the contract and service.

    RFP Template and "Schedule 1" Attachment

    Add your finalized assessment questions into this table, which you will attach to your RFP. The vendor answers questions in this "Schedule 1" attachment and returns it to you.

    RFP Scoring Tool

    Aggregate the RFP responses into this scoring tool to identify the frontrunners and candidates for elimination. Since the vendors are asked to respond in a standard format, it is easier to bring together all the responses to create a complete view of your options.

    Define RFP requirement questions

    Include the right requirements for your organization, and avoid leaving out important requirements that might have been overlooked.

    1. Download the Managed Print Services Vendor Assessment Questions tool. Use this document as a "shopping list" to jumpstart an initial draft of the RFP and, more importantly, scoring requirements.
    2. Review the questions in the context of your near- and long-term printer outsourcing needs. Consider your environment, your requirements, and goals. Include other viewpoints from the RACI chart from Phase 1.
    3. Place an 'X' in the first column to retain the question. Edit the wording of the question if required, based on your organizational needs.
    4. Use the second column to indicate which section of the RFP to include the question in.

    Input

    Output
    • Requirements from Phase 1.3
    • Completed list of requirement questions

    Materials

    Participants

    • Managed Print Services Vendor Assessment Questions tool
    • IT director/business operations
    • Other roles from the RACI chart completed in Phase 1

    Download the Managed Print Services Vendor Assessment Questions tool

    Create RFP scoring tool and RFP

    1. Enter the requirements questions into the scoring tool on Tabs 2 and 4.
    2. Tab 2: Create scoring column for each vendor. You will paste in their responses here.
    3. Edit Tabs 3 and 4 so they align with what you want the vendor to see. Copy and paste Tab 3 and Tab 4 into a new document, which will serve as a "Schedule 1" attachment to the RFP package the vendor receives.
    4. Complete the RFP template. Describe your current state and current printer hardware (documented in the earlier current-state assessment). Explain the rules of how to respond and how to fill out the Schedule 1 document. Instruct each vendor to fill in their responses to each question along with any notes, and to reply with a zip file that includes the completed RFP package along with any marketing material needed to support their response.
    5. Send a copy of the RFP and Schedule 1 to each vendor under consideration.

    Input

    Output
    • Completed list of requirement questions from previous activity
    • RFP Scoring tool
    • Completed RFP and schedule 1 attachment

    Materials

    Participants

    • Managed Print Services RFP Vendor Proposal Scoring Tool
    • Managed Print Services RFP
    • IT director/business operations

    Download the Managed Print Services RFP Vendor Proposal Scoring Tool

    Download the Managed Print Services RFP template

    Score RFP responses

    1. When the responses are returned, copy and paste each vendor's results from Schedule 1 into Tab 2 of the main scoring tool.
    2. Evaluate each RFP response against the RFP criteria based on the scoring scale.
    3. Send the completed scoring tool to the CIO.
    4. Set up a meeting to discuss the scores and generate shortlist of vendors.
    5. Conduct further interviews with shortlisted vendors for due diligence, pricing, and negotiation discussions.
    6. Once a vendor is selected, review the SLAs and contract and develop a transition plan.

    Input

    Output
    • Completed Managed Print Services RFP Vendor Proposal Scoring Tool
    • Shortlist or final decision on vendor

    Materials

    Participants

    • N/A
    • IT director/business operations

    Info-Tech Insight:

    The responses from the low-scoring vendors still have value: these providers will likely provide ideas that you can then leverage with your frontrunner, even if their overall proposal did not score highly.

    Phase 3

    Implementation & Operation

    Strategy & planning

    Vendor selection, evaluation, acquisition

    Implementation & Operation

    1.1 Create project charter and assign roles

    1.2 Assess current state

    1.3 Gather requirements

    2.1 Understand managed print services model

    2.2 Create RFP materials

    2.3 Leverage print management software

    3.1 Modify printer policies

    3.2 Measure project success

    3.3 Training & adoption

    3.4 Plan communication

    3.5 Prepare for continuous improvement

    Re-Envision Enterprise Printing

    This phase will walk you through the following activities:

    • Update your enterprise printer policies
    • Readminister end-user survey to measure project success

    This phase involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Modify your printer policies

    Review and modify Info-Tech's Printer Policy Template to support your print reduction goals

    Consider that your goal is to achieve printer reduction. Discuss with your team how strict it needs to be to truly reset behavior with printers. Many organizations struggle with policy enforcement. Firm language in the policy may be required to achieve this goal. For example,

    • IT only supports the printers acquired through the managed print service. Personal desktop printers are not supported by IT. Expense statements will not be accepted for non-supported printers.
    • Create a procurement policy where all device requests need justification and approval by department managers and IT. Have a debate over what the extreme exceptions would be. Legitimate exceptions must go through a review and approval process.
    • Restrict color printing to external or customer-facing use cases.
    • Encourage digital or electronic solutions in lieu of hard copies (e.g. e-signatures and approval workflows; scanning; use of integrated enterprise applications like SharePoint).
    This is a screenshot of the Printer Policy Page Template

    Download the Printer Policy template

    Readminister the end-user survey

    You have already run this survey during the requirements-gathering phase. Run it again to measure success.

    The survey was run once prior to the changes being implemented to establish a baseline of user satisfaction and to gain insights into additional requirements.

    Several months after the initial rollout (90 days is typical to let the dust settle), resurvey the end users and publish or report to the administration success metrics (the current costs vs. the actual costs prior to the change).

    User satisfaction survey can be used to manage the vendor, especially if the users are less happy after the vendor touched their environment. Use this feedback to hold the provider to account for improvement.

    Input

    Output
    • Previous survey results
    • Changes to baseline satisfaction metrics

    Materials

    Participants

    • End-user survey from Phase 1
    • IT director
    • IT staff
    • Rest of organization

    Measure project success

    Revisit the pre-project metrics and goals and compare with your current metrics

    • Identify printers to consolidate or eliminate.
    • Update asset management system (enter software and hardware serial numbers or identification tags into configuration management system).
    • Reallocate/install printers across the organization.
    • Develop ongoing printer usage and cost reports for each department.
    • Review the end-user survey and compare against baseline.
    • Operate, validate, and distribute usage metrics/chargeback to stakeholders.
    • Audit and report on environmental performance and sustainability performance to internal and external bodies, as required.
    • Write and manage knowledgebase articles.
    • Monitor and analyze trends in company printing in order to make recommendations for the future and to identify areas for possible savings and/or asset optimization.

    Metrics could include

    • User satisfaction
    • Print services net promoter model
    • Total printing costs
    • Printer availability (uptime)
    • Printer reliability (mean time between failures)
    • Total number of reported incidents
    • Mean time for vendor to respond and repair

    Support training and adoption

    Train users on self-support

    Prepare troubleshooting guides and step-by-step visual aid posters for the print areas that guide users to print, release, and find their print jobs and fix common incidents on their own. These may include:

    • The name of this printer location and the names of the others on that floor.
    • How to enter a PIN to release a print job.
    • How to fix a paper jam.
    • How to empty the paper tray.
    • How to log a service ticket if all other steps are exhausted.

    Educate users to use print area wisely

    • Inform users what to do if other print jobs appear to be left behind in the printer area.
    • Display guidelines on printer location alternatives in case of a long line.
    • Display suggestions on maximum recommended time to spend on a job in the event other users are waiting.

    Develop campaign to promote paperless culture

    Ensure business leadership and end users remain committed to thinking before they print.

    • Help your users avoid backsliding by soliciting feedback on the new printer areas.
    • Ensure timely escalation of service tickets to the vendor.
    • Support efforts by the business to seek out business process modernization opportunities whenever possible.

    Plan persuasive communication strategies

    Identify cost-saving opportunities and minimize complaints through persuasive communication

    Solicit the input of end users through surveys and review comments.

    Common complaints Response

    Consider the input of end users when making elimination and consolidation decisions and communicate IT's justification for each end user's argument to keep their desktop printers.

    "I don't trust network storage. I want physical copies." Explain the security and benefits of content management systems.
    "I use my desktop a lot. I need it." Explain the cost benefits of printing on cheaper network MFPs, especially if they print in large quantities.
    "I don't use it a lot, so it's not costly." It's a waste of money to maintain and power underused devices.
    "I need security and confidentiality." MFPs have biometric and password-release functions, which add an increased layer of security.
    "I need to be able to print from home." Print drivers and networked home printers can be insecure devices and attack vectors.
    "I don't have time to wait." Print jobs in queue can be released when users are at the device.
    "I don't want to walk that far." Tell the end user how many feet the device will be within (e.g. 50 feet). It is not usually very far.

    Implement a continual improvement plan to achieve long-term enterprise print goals

    Implement a continual improvement plan for enterprise printing:

    • Develop a vendor management plan:
      • In order to govern SLAs and manage the vendor, ensure that you can track printer-related tickets even if the device is now supported by managed print services.
      • Ensure that printer service tickets sent from the device to the vendor are also reconciled in your ITSM tool. Require the MSP to e-bond the ticket created within their own device and ticketing system back to you so you can track it in your own ITSM tool.
      • Every two months, validate service credits that can be returned to the vendor for exceeding SLA performance metrics.
      • Monitor the impact of their digital transformation strategies. Develop a cadence to review the vendor's suggestions for innovation opportunities.
    • Operate, validate, and distribute usage and experience metrics/chargeback to stakeholders.
    • Monitor and analyze trends in company printing.
    This is a graph which demonstrates the process of continual improvement through Standardization. It depicts a graph with Time as the X axis, and Quality Management as the Y axis. A grey circle with the words: ACT; PLAN; CHECK; DO, moving from the lower left part of the graph to the upper right, showing that standardization improves Quality Management.

    Summary of Accomplishment

    Problem Solved

    You have now re-envisioned your enterprise print environment by documenting your current printer inventory and current cost and usage. You also have hard inventory and usage data benchmarks that you can use to measure the success of future initiatives around digitalization, going paperless, and reducing print cost.

    You have also developed a plan to go to market and become a consumer of managed print services, rather than a provider yourself. You have established a reusable RFP and requirements framework to engage a managed print services vendor who will work with you to support your continuous improvement plans.

    Return to the deliverables and advice in this blueprint to reinforce the organization's message to end users on when, where, and how to print. Ideally, this project has helped you go beyond a printer refresh – but rather served as a means to change the printing culture at your organization.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Bibliography

    Fernandes, Louella. "Quocirca Managed Services Print Market, 2021." Quocirca, 25 Mar. 2021. Accessed 12 Oct. 2021.

    McInnes, Angela. "No More Photocopies, No More Ink: Thames Valley Schools Run Out of Toner." CBC, 21 Oct. 2021. Web.

    "Paper and Paperboard: Material-Specific Data." EPA, 15 Dec. 2020. Accessed 15 Oct. 2021.

    State of Washington, House of Representatives. "State Agencies – Paper Conservation and Recycling." 61st Legislature, Substitute House Bill 2287, Passed 20 April 2009.

    Sugihara, Azusa. "Pandemic Shreds Office Paper Demand as Global Telework Unfolds." Nikkei Asia, 18 July 2020. Accessed 29 Sept. 2021.

    "Paper Reduction." University of Washington, n.d. Accessed 28 Oct. 2021.

    "What is MPS?" University of Washington, n.d. Accessed 16 Mar. 2022.

    Research contributors

    Jarrod Brumm
    Senior Digital Transformation Consultant

    Jacques Lirette
    President, Ditech Testing

    3 anonymous contributors

    Info-Tech Research Group Experts

    Allison Kinnaird, Research Director & Research Lead
    Frank Trovato, Research Director

    Explore the Secrets of IBM Software Contracts to Optimize Spend and Reduce Compliance Risk

    • Buy Link or Shortcode: {j2store}141|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • IBM customers want to make effective use of their paid-up licenses to avoid overspending and stay compliant with agreements.
    • Each IBM software product is subject to different rules.
    • Clients control and have responsibility for aligning usage and payments. Over time, the usage of the software may be out of sync with what the client has paid for, resulting in either overspending or violation of the licensing agreement.
    • IBM audits software usage in order to generate revenue from non-compliant customers.

    Our Advice

    Critical Insight

    • You have a lot of work to do if you haven’t been paying attention to your IBM software.
    • Focus on needs first. Conduct and document a thorough requirements assessment. Well-documented needs will be your core asset in negotiation.
    • Know what’s in IBM’s terms and conditions. Failure to understand these can lead to major penalties after an audit.
    • Review your agreements and entitlements quarterly. IBM may have changed the rules, and you have almost certainly changed your usage.

    Impact and Result

    • Establish clear licensing requirements.
    • Maintain an effective process for managing your IBM license usage and compliance.
    • Identify any cost-reduction opportunities.
    • Prepare for penalty-free IBM audits.

    Explore the Secrets of IBM Software Contracts to Optimize Spend and Reduce Compliance Risk Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why you need to invest effort in managing usage and licensing of your IBM software.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review terms and conditions for your IT contract

    Use Info-Tech’s licensing best practices to avoid the common mistakes of overspending on IBM licensing or failing an IBM audit.

    • IBM Passport Advantage Software RFQ Template
    • IBM 3-Year Bundled Price Analysis Tool
    [infographic]

    Make the Case for Legacy Application Modernization

    • Buy Link or Shortcode: {j2store}613|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Organizations are under continual pressure to deliver faster, with shorter time-to-market, while introducing new products and services at the same time.
    • You and your team have concerns that your existing portfolio of applications is not up to the task.
    • While you understand the need for more investments to modernize your portfolio, your leadership does not appreciate what is required.

    Our Advice

    Critical Insight

    • Legacy modernization is a process, not a single event.
    • Your modernization approach requires you to understand your landscape and decide on a path that minimizes business continuity risks, keeps the investments under control, and is prepared for surprises but always has your final state in mind.

    Impact and Result

    • Evaluate the current state, develop a legacy application strategy, and execute in an agile manner.
    • When coupled with a business case and communications strategy, this approach gives the organization a clear decision-making framework that will maximize business outcomes and deliver value where needed.

    Make the Case for Legacy Application Modernization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Make the Case for Legacy Application Modernization Storyboard – Understand legacy application modernization in the context of your organization, assess your landscape of applications, and define prioritization and disposition.

    This blueprint provides the steps necessary to build your own enterprise application implementation playbook that can be deployed and leveraged by your implementation teams.

    • Make the Case for Legacy Application Modernization Storyboard

    2. Make the Case for Legacy Application Modernization Presentation Template – The key output from leveraging this research is a presentation to pitch the modernization process.

    Build a proposal deck to make the case for legacy application modernization for your stakeholders. This will contain a definition of what a legacy application is in the context of your organization, a list of candidate applications to modernize, and a disposition strategy for each selected application.

    • Make the Case for Legacy Application Modernization Presentation Template
    [infographic]

    Further reading

    Make the Case for Legacy Application Modernization

    Revamp your business potential to improve agility, security, and user experience while reducing costs.

    Analyst Perspective

    An old application may have served us reliably, but it can prevent us from pursuing future business needs.

    Legacy systems remain well-embedded in the fabric of many organizations' application portfolios. They were often custom-built to meet the needs of the business. Typically, these are core tools that the business leverages to accomplish its goals.

    A legacy application becomes something we need to address when it no longer supports our business goals, is no longer supportable, bears an unsustainable ownership cost, or poses a threat to the organization's cybersecurity or compliance.

    When approaching your legacy application strategy, you must navigate a complex web of business, stakeholder, software, hardware, resourcing, and financial decisions. To complicate matters, the full scope of required effort is not immediately clear. Years of development are embedded in these legacy applications, which must be uncovered and dealt with appropriately.

    IT leaders require a proactive approach for evaluating the current state, developing a legacy application strategy, and executing in an agile manner. When coupled with a business case and communications strategy, the organization will have a clear decision-making framework that will maximize business outcomes and deliver value where needed.

    Ricardo de Oliveira, Research Director, Enterprise Applications

    Ricardo de Oliveira
    Research Director, Enterprise Applications
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech's Approach
    • Organizations face continual pressure to decrease time-to-market while also introducing new products and services.
    • You and your team have concerns that the existing application portfolio is not up to the task.
    • While you may understand the need for greater investment to modernize your portfolio, leadership does not appreciate what is required.
    • For well-established organizations, applications can have a long lifespan. Employees who are used to existing tools and processes often resist change.
    • Modernization plans can be substantial, but budget and resources are limited.
    • Poor documentation of legacy applications can make it challenging to know what to modernize and how to do it effectively.
    • There are concerns that any changes will have material impacts on business continuity.
    • Info-Tech will enable you to build a proposal deck to make the case for legacy application modernization for your stakeholders. This will assist with:
      • Defining what a legacy application is in the context of your organization.
      • Creating a list of candidate applications for modernization.
      • Articulating the right disposition strategy for each selected applications.
      • Laying out what is next on your modernization journey.

    Info-Tech Insight
    Legacy modernization is a process, not a single event. Your modernization approach requires you to understand your landscape and decide on a path that minimizes business continuity risks, keeps investments under control, and is prepared for surprises but always has your final state in mind.

    An approach to making the case for legacy application modernization

    Understand
    Assess the challenges, lay out the reasons, define your legacy, and prepare to remove the barriers to modernization.
    Assess
    Determine the benefits by business capability. Leverage APM foundations to select the candidate applications and prioritize.
    Legacy Application Modernization
    Define
    Use the prioritized application list to drive the next steps to modernization.

    Legacy application modernization is perceived as necessary to remain competitive

    The 2022 State CIO Survey by NASCIO shows that legacy application modernization jumped from fifth to second in state CIO priorities.

    "Be patient and also impatient. Patient because all states have a lot of legacy tech they are inheriting and government is NOT easy. But also, impatient because there is a lot to do - make your priorities clear but also find out what the CIO needs to accomplish those priorities."

    Source: NASCIO, 2022

    State CIO Priorities

    US government agencies feel pressured to deal with legacy applications

    In fiscal year 2021, the US government planned to spend over $100 billion on information technology. Most of that was to be used to operate and maintain existing systems, including legacy applications, which can be both more expensive to maintain and more vulnerable to hackers. The Government Accountability Office (GAO) identified:

    • 10 critical federal IT legacy systems
    • In operation between 8 and 51 years
    • Collectively cost $337 million per year to operate and maintain

    Source: U.S. Government Accountability Office, 2021

    Example: In banking, modern platforms are essential

    Increasing competition from fintech 73% of financial services executives perceive retail banking as being the most susceptible to fintech disruption (PwC, 2016)
    Growing number of neo-banks The International Monetary Fund (IMF) notes the fast growth of fintech in financial services is creating systemic risk to global financial stability (IMF, 2022)
    Access to data and advanced analytics Estimated global bank revenue lost due to poor data is 15% to 25% (MIT, 2017)
    Shifting client expectations/demographics 50% of Gen X, millennials, and Gen Z use a digital bank to provide their primary checking account (Finextra, 2022)
    Generational transfer of wealth It is estimated that up to US$68 trillion in wealth will be transferred from baby boomers (Forbes, 2021)

    Case Study

    Delta takes off with a modernized blend of mainframes and cloud

    INDUSTRY: Transportation
    SOURCE: CIO Magazine, 2023

    Challenge
    The airline has hundreds of applications in the process of moving to the cloud, but most main capabilities are underpinned by workloads on the mainframe and will remain so for the foreseeable future.
    Some of those workloads include travel reservation systems and crew scheduling systems - mission-critical, 24/7 applications that are never turned off.
    Solution
    Delta has shifted to a hybrid architecture, with a customer experience transformation that makes the most of the cloud's agility and the mainframe's dependability.
    Delta's foray into the cloud began about two years ago as the pandemic brought travel to a virtual halt. The airline started migrating many front-end and distributed applications to the cloud while retaining traditional back-end workloads on the mainframe.
    Results
    Hybrid infrastructures are expected to remain in complex industries such as airlines and banking, where high availability and maximum reliability are non-negotiable.
    While some CIOs are sharpening their mainframe exit strategies by opting for a steep journey to the cloud, mainframes remain ideal for certain workloads.

    Phase 1: Make the Case for Legacy Application Modernization

    Phase 1
    1.1 Understand your challenges
    1.2 Define legacy applications
    1.3 Assess your barriers
    1.4 Find the impacted capabilities
    1.5 Define candidate applications
    1.6 Now, Next, Later

    This phase will walk you through the following activities:

    • Understand your challenges with modernization
    • Define legacy applications in your context
    • Assess your barriers to modernization
    • Find the impacted capabilities and their benefits
    • Define candidate applications and dispositions

    This phase involves the following participants:

    • Application group leaders
    • Individual application owners

    Select an Enterprise Application

    • Buy Link or Shortcode: {j2store}588|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Enterprise Applications
    • Parent Category Link: /enterprise-applications
    • Organizations rarely have both the sufficient knowledge and resources to properly evaluate, select, and implement an enterprise application software (EAS), forcing them to turn to external partnerships.
    • Inadequate and incomplete requirements skew the EAS selection in one direction or another. Many EAS projects fail due to a lack of clear description and specification of functional requirements.
    • The EAS technology market is so vast that it becomes nearly impossible to know where to start or how to differentiate between vendors and products.

    Our Advice

    Critical Insight

    • Accountability for EAS success is shared between IT and the business. There is no single owner of an EAS. A unified approach to building your strategy promotes an integrated roadmap so all stakeholders have clear direction on the future state.
    • While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for enterprise applications.
    • EAS projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with EAS capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just occur at the executive level but at each level of the organization.

    Impact and Result

    • Conduct an EAS project preparedness assessment as a means to ensure you maximize the value of your time, effort, and spending.
    • Gather the necessary resources to form the team to conduct the EAS selection.
    • Gett the proper EAS requirement landscape by mapping out business capabilities and processes, translating into prioritized EAS requirements.
    • Review SoftwareReviews vendor reports to shortlist vendors for your RFP process.
    • Use Info-Tech’s templates and tools to gather your EAS requirements, build your RFP and evaluation scorecard, and build a foundational EAS selection framework.

    Select an Enterprise Application Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select an Enterprise Application Software Storyboard - A blueprint which prepares you for a proper and better enterprise application selection outcome.

    Properly selecting and implementing an enterprise application requires a proper structure. This blueprint guides you with a framework to help in such project, including steps such as assessing readiness, plan for the right resources, requirements gathering, shortlisting, obtaining and evaluating vendor responses, and preparing for implementation.

    • Select an Enterprise Application Software Storyboard

    2. Select an Enterprise Application Readiness Assessment Checklist – a checklist to assess your readiness towards moving ahead with the selection process.

    The EAS Readiness Checklist includes a list of essential tasks to be completed prior to the enterprise application selection and implementation project.

    • EAS Readiness Assessment Checklist

    3. ERP/HRIS/CRM Requirements Templates – a set of templates to help build a list of requirements and features for the selection process.

    These templates are specific to either ERP, HRIS, or CRM. Each template lists out a set of modules and features allowing you to easily build your requirements.

    • ERP Requirements Template
    • HRIS Requirements Template
    • CRM Requirements Template

    4. Vendor Solicitation (RFP) to Evaluation Suite of Tools – Use Info-Tech’s RFP, vendor response and evaluation tools and templates to increase your efficiency in your RFP and evaluation process.

    Configure this time-saving suite of tools to your organizational culture, needs, and most importantly the desired outcome of your RFP initiative.

    • EAS Request for Proposal Template
    • EAS Vendor Response Template
    • ERP Vendor Demonstration Script Template
    • HRIS Vendor Demonstration Script Template
    • CRM Vendor Demonstration Script Template
    • EAS RFP and Demonstration Scoring Tool
    [infographic]

    Workshop: Select an Enterprise Application

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Workshop debrief – Prepare for implementation

    The Purpose

    Review evaluation framework.

    Prepare for implementation.

    Key Benefits Achieved

    Activities

    1.1 Support the project team in establishing the evaluation framework.

    1.2 Discuss demo scripts scenarios.

    1.3 Discuss next steps and key items in preparation for the implementation.

    Outputs

    Evaluation framework considerations.

    Demo script considerations.

    RFP considerations.

    2 Workshop Preparation

    The Purpose

    The facilitator works with the team to verify organizational readiness for EAS project and form the EAS project team.

    Key Benefits Achieved

    Level-set on organizational readiness for EAS

    Organizational project alignment

    Activities

    2.1 Introduce the workshop and complete an overview of activities.

    2.2 Complete organizational context assessment to level-set understanding.

    2.3 Complete EAS readiness assessment.

    2.4 Form EAS selection team.

    Outputs

    EAS readiness assessment

    Structured EAS selection team

    3 Mapping Capabilities to Prioritizing Requirements

    The Purpose

    Determine the business capabilities and process impacted by the EAS.

    Determine what the business needs to get out of the EAS solution.

    Build the selection roadmap and project plan.

    Key Benefits Achieved

    Business and ERP solution alignment

    Activities

    3.1 Map business capabilities/processes.

    3.2 Inventory application and data flow.

    3.3 List EAS requirements.

    3.4 Prioritize EAS requirements.

    Outputs

    Business capability/process map

    List or map of application + data flow

    Prioritized EAS requirements

    4 Vendor Landscape and your RFP

    The Purpose

    Understand EAS market product offerings.

    Readying key RFP aspects and expected vendor responses.

    Key Benefits Achieved

    Shortlist of vendors to elicit RFP response.

    Translated EAS requirements into RFP.

    Activities

    4.1 Build RFP.

    4.2 Build vendor response template.

    Outputs

    Draft of RFP template.

    Draft of vendor response template.

    5 How to Evaluate Vendors

    The Purpose

    Prepare for demonstration and evaluation.

    Establish evaluation criteria.

    Key Benefits Achieved

    Narrow your options for ERP selection to best-fit vendors.

    Activities

    5.1 Run an RFP evaluation simulation.

    5.2 Establish evaluation criteria.

    5.3 Customize the RFP and Demonstration and Scoring Tool.

    Outputs

    Draft of demo script template.

    Draft of evaluation criteria.

    Draft of RFP and Demonstration and Scoring Tool.

    Further reading

    Select an Enterprise Application

    Selecting a best-fit solution requires balancing needs, cost, and vendor capability.

    Analyst Perspective

    A foundational EAS strategy is critical to decision-making.

    Enterprise application software (EAS) is a core tool that a business leverages to accomplish its goals. An EAS that is doing its job well is invisible to the business. The challenges come when the tool is no longer invisible. It has become a source of friction in the functioning of the business.

    EAS systems are expensive, their benefits are difficult to quantify, and they often suffer from poor user satisfaction. Post-implementation, technology evolves, organizational goals change, and the health of the system is not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

    Too often organizations jump into selecting replacement systems without understanding the needs of the organization. Alignment between business and IT is just one part of the overall strategy. Identifying key pain points and opportunities, assessed in the light of organizational strategy, will provide a strong foundation to the transformation of the EAS system. Learning about different vendor product offerings with a rigorous approach and evaluation framework will pave way for a better selection outcome.

    Hong Kwok, Research Director

    Hong Kwok
    Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach
    Selecting and implementing an EAS is one of the most expensive and time-consuming technology transformations an organization can undertake. EAS projects are notorious for time and budget overruns, with only a margin of the anticipated benefits being realized. Making the wrong technology selection or failing to plan for an EAS implementation has significant – and possibly career-ending – implications.

    The EAS technology market is so vast that it is nearly impossible to know where to start or how to differentiate between vendors and products.

    Inadequate and incomplete requirements skew the EAS selection in one direction to another. Many EAS projects fail due to a lack of clear description and specification of functional requirements.

    Organizations rarely have both the sufficient knowledge and resources to properly evaluate, select, and implement an EAS, forcing them to turn to external partnerships.

    EAS selection must be driven by your organization’s overall strategy. Ensure you are ready to embark on this journey with the right resources.

    Determine what EAS solution fits your organization through a structured requirement gathering process to a vendor evaluation framework.

    Ensure strong points of integration between EAS and other software such as ERP to HRIS. No EAS should live in isolation.

    Info-Tech Insight
    Accountability for EAS success is shared between IT and the business. There is no single owner of an EAS. A unified approach to building your strategy promotes an integrated roadmap so all stakeholders have clear direction on the future state.

    You are not just picking a piece of software, you are choosing a long-term technology partner

    Reasons for Selectin Chosen Software

    Decision making in selection often stands on functional fit; don’t forget to consider vendor fit.

    As the ERP technology market becomes increasingly saturated and difficult to decode, vendors are trying to get ahead by focusing on building a partnership, not just making a sale.

    68 % of organizations are satisfied with the overall ERP vendor experience, up from 54% in 2017.

    Panorama Consulting Solutions, “Report,” 2018

    What is an Enterprise Application?

    Our Definition: Enterprise Application Software (EAS) is a large software system that provides a broad and integrated set of features which supports a range of business operations and processes across an organization. The system is broadly deployed, provides a unified interface and data structure, allowing for higher business productivity and reporting efficiencies. Best known EAS solutions include Enterprise Resource Planning (ERP), Human Resource Information System (HRIS), and Customer Relationship Management (CRM).

    More focused EAS solutions may also bring benefits to your organization, depending on the scale of operations, complexity of operations, and functions. Here are some examples:

    PSA: Professional Services Automation
    SCMS: Supply Chain Management System
    WMS: Warehouse Management System
    EAM: Enterprise Asset Management
    PIMS: Product Information Management System
    MES: Manufacturing Execution System
    MA: Marketing Automation

    Our other Selection Framework

    When selecting personal or commodity applications, or mid-tier applications with spend below $100,000, use our Rapid Application Selection Framework.

    Download this tool

    Enterprise Applications Lifecycle Advisory Services

    Enterprise Resource Planning (ERP)

    Enterprise Resource Planning (ERP)

    What is EPR

    Enterprise resource planning (ERP) systems facilitate the flow of information across business units. They allow for the seamless integration of systems and create a holistic view of the enterprise to support decision making.

    In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

    An ERP system:

    • Automates processes, reducing the amount of manual, routine work.
    • Integrates with core modules, eliminating the fragmentation of systems.
    • Centralizes information for reporting from multiple parts of the value chain to a single point.
    ERP use cases: Product-centric
    Suitable for organizations that manufacture, assemble, distribute, or manage material goods.
    Service-centric
    Suitable for organizations that provide and manage field services and/or professional services.

    Human Resource Information System (HRIS)

    What is HRIS?

    An HRIS is used to acquire, store, manipulate, analyze, retrieve, and distribute information regarding an organization’s human resources. HRIS covers the entire employee lifecycle from recruit to retire.

    An HRIS:

    • Retains employee data in a single repository.
    • Enhances employee engagement through self-service and visibility into their records.
    • Enhances data security through role-based access control.
    • Eliminates manual processes and enables workflow automation.
    • Reduces transaction processing time and HR administrative tasks.
    • Presents an end-to-end, comprehensive view of all HR processes.
    • Reduces exposure to risk with compliance to rules and regulations.
    • Enhances the business’s reporting capability on various aspects of human capital.

    Human Resource Information System

    Customer relationship management (CRM)

    What is CRM?

    A CRM platform (or suite) is a core enterprise application that provides a broad feature set for supporting customer interaction processes, typically across marketing, sales and customer service. These suites supplant more basic applications for customer interaction management (such as the contact management module of an ERP or office productivity suite).

    A CRM suite provides many key capabilities, including but not limited to:

    • Account management
    • Order history tracking
    • Pipeline management
    • Case management
    • Campaign management
    • Reports and analytics
    • Customer journey execution

    A CRM provides a host of native capabilities, but many organizations elect to tightly integrate their CRM solution with other parts of their customer experience ecosystem to provide a 360-degree view of their customers.

    Customer relationship management

    The good EAS numbers

    There are many good reasons to support EAS implementation and use.

    92% of organizations report that CRM use is important for accomplishing revenue objectives.
    Source: Validity, 2020

    Almost 26% of companies implement HRIS is to obtain greater functionalities, while other main reasons are to increase efficiencies, support growth, and consolidate systems.
    Source: SoftwarePath, 2022

    Functionality of an ERP is believed to be the most important aspect by almost 40% of companies.
    Source: SelectHub, 2022

    The ugly EAS numbers

    Risks are high in EAS projects.

    Statistical analysis of ERP projects indicates rates of failure vary from 50 to 70 percent. Taking the low end of those analyst reports, one in two ERP projects is considered a failure.
    Source: Electric Journal of Information Systems Evaluation.

    46% of HR technology projects exceed their planned timelines.
    Source: Unleash, 2020

    Almost 70% of all CRM implementation projects do not meet expected objectives.
    Source: Future Computing and Informatics Journal

    Enterprise Application dissatisfaction

    Finance, IT, Sales, HR, and other users of the Enterprise Application system can only optimize with the full support of each other. Cooperation between departments is crucial when trying to improve the technology capabilities and customer interaction.

    Drivers of Dissatisfaction
    Business Data People and teams Technology
    • Misaligned objectives
    • Product fit
    • Changing priorities
    • Lack of metrics
    • Access to data
    • Data hygiene
    • Data literacy
    • One view of the customer
    • User adoption
    • Lack of IT support
    • Training (use of data and system)
    • Vendor relations
    • Systems integration
    • Multi-channel complexity
    • Capability shortfall
    • Lack of product support

    Info-Tech Insight
    While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for Enterprise Applications.

    Case Study

    Align strategy and technology to meet consumer demand.

    NETFLIX

    INDUSTRY
    Entertainment

    SOURCE
    Forbes, 2017

    Challenge
    Beginning as a mail-out service, Netflix offered subscribers a catalog of videos to select from and have mailed to them directly. Customers no longer had to go to a retail store to rent a video. However, the lack of immediacy of direct mail as the distribution channel resulted in slow adoption.

    Blockbuster was the industry leader in video retail but was lagging in its response to industry, consumer, and technology trends around customer experience.

    Solution
    In response to the increasing presence of tech-savvy consumers on the internet, Netflix invested in developing an online platform as its primary distribution channel. The benefit of doing so was two-fold: passive brand advertising (by being present on the internet) and meeting customer demands for immediacy and convenience. Netflix also recognized the rising demand for personalized service and created an unprecedented, tailored customer experience.

    Results
    Netflix’s disruptive innovation is built on the foundation of great customer experience management. Netflix is now a $28 billion company, which is ten times what Blockbuster was worth.

    Netflix used disruptive technologies to innovatively build a customer experience that put it ahead of the long-time video rental industry leader, Blockbuster.

    Info-Tech’s methodology for selecting an Enterprise Application

    1. Build alignment and assemble the team 2. Define your EAS 3. Engage, evaluate, and select 4. Next steps
    Phase steps
    1. Aligning business and IT
    2. Readiness and resourcing
    1. Map capabilities
    2. List Requirements
    3. Prioritize requirements
    1. Know the products
    2. Engage the vendors
    3. Select properly
    1. Plan for implementation
    Phase outcomes Discuss organizational goals and how to advance those using the EA system. Identify gaps and remediation steps in preparation of the selection. Assemble the EA selection team. List and review business capabilities and translate into EAS requirements. Prioritize requirements for selection. Gain an understanding of the product offerings on the market. Engage the vendors through RFPs and conduct a proper evaluation with an objective evaluation criteria and framework. Review and discuss the different elements required in preparation for the implementation project.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    ERP/HRIS/CRM Requirements Template

    ERP Requirements Template

    Accelerate your requirement gathering with a pre-compiled list of common requirements.

    RFx Demo Scoring Tool

    RFx Demo Scoring Tool

    Quickly compare the vendors who respond to the RFx to identify the best fit for your needs.

    Key deliverable:

    RFx templates

    Use one of our templates to build a ready-for-distribution implementation partner RFx tailored to the unique success factors of your implementation.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to his the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between six to ten calls over the course of four to six months.

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4

    Call #1: Scoping call to understand the current situation.

    Call #2: Discuss readiness and resourcing needs.

    Call #3: Discuss the capabilities and application inventory.

    Call #4: Discuss requirement gathering and prioritization.

    Call #5: Go over SoftwareReviews and review draft RFx.

    Call #6: Discuss evaluation tool and evaluation process.

    Call #7: Discuss preparation for implementation.

    Workshop Overview

    Day 1 Day 2 Day 3 Day 4 Day 5
    Activities

    Organizational Strategic Needs

    1.1 Review the business context.

    1.2 Overview of the EAS Landscape

    1.2 Assess EAS project readiness

    1.3 Determine the members of the EAS selection team

    From Capabilities to Requirements

    2.1 Map business capabilities

    2.2 Inventory application and interactions

    2.3 Gather requirements

    2.4 Prioritize requirements

    Vendor Landscape and Your RFP

    3.1 Understanding product offerings

    3.2 Build a list of targeted vendors

    3.3 Build RFP

    3.4 Build vendor response template

    How to Evaluate Vendors

    4.1 Run a RFP evaluation simulation

    4.2 Build demo script

    4.3 Establish evaluation criteria

    Next Steps and Wrap-Up (offsite)

    5.1 Clean up in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables
    1. EAS Readiness Checklist and remediation plan
    2. List of members in EAS selection team
    1. List of key business processes
    2. Inventory application and data flow map
    3. Prioritized EAS requirements
    1. Draft RFP template
    2. Draft vendor response template
    1. Draft demo script template
    2. Draft vendor evaluation tool
    1. Completed RFP template
    2. Completed vendor response template
    3. Completed demo script template
    4. Vendor evaluation plan

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 1

    Build alignment and assemble the Team

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    1.1 Capability Mapping
    1.2 Requirements Gathering Data Mapping
    1.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation
    Select and Negotiate

    Phase 4
    4.1 Prepare for Implementation

    This phase will walk you through the following activities:

    Gain an understanding of recent EAS technology.

    Validate readiness before starting EAS selection.

    Assemble EAS selection team through identification of key players.

    This phase involves the following participants:

    Key stakeholders from the various areas of the business that will support the project, including:

    • CxO (e.g. CIO, CFO)
    • Departmental leaders
    • Project management team
    • Subject matter experts

    Select an Enterprise Application

    Create a compelling case that addresses strategic business objectives

    When someone at the organization asks you WHY, you need to deliver a compelling case. The ERP project will receive pushback, doubt, and resistance; if you can’t answer the question WHY, you will be left back-peddling.

    When faced with a challenge, prepare for the WHY.

    • Why do we need this?
    • Why are we spending all this money?
    • Why are we bothering?
    • Why is this important?
    • Why did we do it this way?
    • Why did we choose this vendor?

    Most organizations can answer “What?”

    Some organizations can answer “How?”

    Very few organizations have an answer for “Why?”

    Each stage of the project will be difficult and present its own unique challenges and failure points. Re-evaluate if you lose sight of WHY at any stage in the project.

    Ensure you have completed the necessary prerequisites for EAS selection

    Prior to embarking on selection, ensure you have set the right building blocks and completed the necessary prerequisites: your strategy and roadmap, and business case.

    STRATEGY & ROADMAP
    Whatever EAS is required, take the time to align your strategy and roadmap to business priorities. Right-size a technology strategy by assessing deployment model alternatives and future-state options with your EAS vision, operating model, and current-state assessment as inputs. Put your strategy to action with a living roadmap by following Info-Tech’s blueprint, Develop an Actionable Strategy and Roadmap.

    EAS BUSINESS CASE
    Use a business case to justify the business need for your EAS project and secure funding for moving forward with the proposal. A business case will further provide executive decision makers with the tools to compare and prioritize initiatives. Drive a consistent approach to promoting successful initiatives and holding the organization accountable to the projected benefits with Info-Tech’s blueprint, Reduce Time to Consensus With an Accelerated Business Case.

    Align the EAS strategy with the corporate strategy

    Corporate strategy Unified strategy EAS strategy
    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and business aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the future state.
    • EAS optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.
    • Communicates the organization’s budget and spending on EAS.
    • Identifies IT initiatives that will support the business and key EAS objectives.
    • Outlines staffing and resourcing for EAS initiatives.

    Info-Tech Insight
    EAS projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with EAS capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just to occur at the executive level alone, but at each level of the organization.

    Understand how EAS fits into your wider IT organization

    Identify the IT drivers and opportunities to take advantage of when embarking on your EAS project.

    Greenfield or brownfield: Do you currently have an EAS? Do you have multiple EASs? What is the history of your EAS deployment? How customized is it?

    End of life: What lifecycle stage is it in?

    Utilization: Are there point solutions in your application portfolio that support some EAS capabilities? Is functionality duplicated and/or underutilized?

    Reason for change: What are your organizational drivers for this EAS project (e.g. acquisition/merger)?

    APPLICATION PORTFOLIO STRATEGY

    Business leaders need application managers to do more than support business operations. Applications must drive business growth, and application managers need their portfolios to be current and effective and to evolve continuously to support the business or risk being marginalized. Rationalize your applications with a roadmap that propels the business forward.

    Go to this link

    Before switching vendors, evaluate your existing EAS to see if it’s being underutilized or could use an upgrade

    The cost of switching vendors can be challenging, but it will depend entirely on the quality of data and whether it makes sense to keep it.

    • Achieving success when switching vendors first requires reflection. We need to ask why we are dissatisfied with our incumbent software.
    • If the product is old and inflexible, the answer may be obvious, but don’t be afraid to include your incumbent in your evaluation if your issues might be solved with an upgrade.
    • Look at your use-case requirements to see where you want to take the EAS solution and compare them to your incumbent’s roadmap. If they don’t match, switching vendors may be the only solution. If your roadmaps align, see if you’re fully leveraging the solution or will be able to start working through process improvements

    Fully leveraging your current software now will have two benefits:

    1 It may turn out that poor leveraging of your incumbent software was the problem all along; switching vendors won’t solve the problem by itself. As the data to the right shows, a fifth of SMEs and a quarter of large enterprises do not fully leverage their incumbent software.
    2 If you still decide to switch, you’ll be in a good negotiating position. If vendors can see you are engaged and fully leveraging your software, they will be less complacent during negotiations to win you over.
    20%
    Small/Medium
    Enterprises
    25%
    Large
    Enterprises
    only occasionally or rarely/never use their software

    Source: SoftwareReviews, 2020; N=45,027

    Info-Tech Insight
    Switching vendors won’t improve poor internal processes. To be fully successful and meet the goals of the business case, new software implementations must be accompanied by process review and improvement.

    Familiarize yourself with the EAS market

    How it got here Where it’s going
    • Acquisition and consolidation: The major vendors in the industry have grown over time through acquisition, particularly focusing on expanding products in industrial verticals.
    • Product stack: What it means is having to navigate complexity related to the product stack when thinking about EAS, which turns the conversation from EAS as a single product to EAS as a package of multiple products.
    • Modularity and interoperability: The benefit of the stack is that it often means modularity and the ability to implement parts of a solution or in an order that aligns to the customer’s needs. On the other hand, the stack is not always understood by or well communicated to the customer, and the interdependence of components often means they must be licensed together.
    • Customizable cloud: Software-as-a-Service in multitenant environments offers a hands-off value proposition, but increasingly customers are looking to customize their instances beyond the capability offered through configurability.
    • Best-of-breed consolidation: EAS vendors are continuing to consolidate functionality to increase interoperability and increase ease of integration. The market is rife with acquisitions and mergers, making the strong players even stronger.
    • Client experience: While most vendors now offer products that will meet the wide gamut of EAS business requirements, vendors are now paying extra attention to the client experience from partnership perspective.

    Info-Tech Insight
    Evaluating the EAS vendor landscape is becoming increasingly difficult as the playing field evens out in terms of functionality offerings. As such, it is becoming increasingly important to more meticulously evaluate vendors themselves as part of the selection process. This is especially important in EAS projects, as they tend to be multi-year in nature and result in long-term vendor partnerships.

    What types of Enterprise solutions are at my disposal?

    IT leaders typically compare EAS on-premises with SaaS options, but there are actually four different deployment scenarios.

    1. On Premises 3. Proprietary Cloud 4. White-Label Cloud 2. SaaS
    • The traditional model for EAS deployment.
    • Upfront licensing term plus annual maintenance/ support fee.
    • Requires local server, database, and authentication.
    • Good support for industry modules.
    • Customizable.
    • EAS vendor hosts an instance of the EAS system in its own data center.
    • Patches may or may not be applied automatically.
    • Monthly per-user or traditional billing.
    • Otherwise, as with on premises.
    • EAS VAR or reseller hosts an instance of the EAS system in its own data center or in a public IaaS provider’s (e.g. Rackspace, Amazon EC2).
    • Otherwise, as with proprietary cloud.
    • Common model for cloud EAS.
    • All users share a single instance.
    • Patches and updates are applied automatically.
    • Monthly per-user fee.
    • Poor industry support.
    • Configurable but not customizable.

    Info-Tech Insight
    Cloud may apply in other ways to the EAS implementation. Most vendors offer particular EAS services delivered via the cloud. For example, some vendors offers CRM, project management, and payroll self-service as cloud-based options to augment on-premises ERP solutions.

    Know when to adopt and when to bypass cloud EAS

    Use the following guidelines to determine if your organization will benefit from the cloud, or if you should stick to a more traditional delivery model.

    Adopt a cloud-based EAS platform if you have: Do not adopt a cloud-based EAS platform if you have:
    Standard processes – Businesses that have standard, repeatable processes can benefit greatly from the cost savings that cloud provides, as the need for expensive customizations is greatly minimized. Highly regulated industry – Although there is no hard evidence that says cloud-based solutions are not able to support security or compliance needs, in certain industries such as banking or insurance, cloud is not the norm and may be a tough sell for IT.
    Lean IT operations – Organizations with lean IT or no formal IT departments supporting them will find SaaS EAS particularly appealing. Those with IT that can support day-to-day operations but are not prepared for disaster recovery should also consider cloud EAS, either hosted or SaaS-based. Unreliable network – If the business regularly faces network outages or remote employees have unreliable internet connections, a cloud-based solution may not be the best option. IT would face many complaints from disgruntled workers unable to access data.
    Mobile workforce – Telecommuting is becoming more common, as is the requirement for data to be readily available for those on the road. Using cloud is a good way to provide this functionality. Unsavvy workforce – Organizations that prefer to be late adopters of technology may face strong resistance to taking their software to the cloud. Some employees may not like the idea of using a browser to connect to the system.

    Info-Tech Insight
    Knowing when to choose a cloud EAS deployment comes down to two main factors: knowing the level of complexity required by the business, and knowing the available IT resources that can be dedicated to support and manage EAS.

    Consider 3 classic scenarios when evaluating cloud EAS

    Cloud EAS should be considered by all organizations, but these scenarios present the strongest opportunity.

    The Startup The Spinoff The Modernizer
    • There is no greenfield in ERP, but if you’re a startup, you’re quite close.
    • Given the virtually nonexistent IT department in startups, having an on-premises ERP can be daunting. A SaaS delivery model is usually the best choice in these scenarios. Even if the resources are available, they are better spent driving business growth.
    • Startups typically have less stringent industry requirements, making SaaS a more attractive option.
    • Though not entirely new companies, spinoffs or subsidiaries often have needs similar to those of startups but with an added integration requirement.
    • When it comes to ERP, the deployment type will depend on how resources are split with the parent company. If there is little to no IT support, then SaaS is ideal.
    • If the parent company is already using cloud ERP, whether SaaS, hosted, or an internal cloud, then it is often easy for the spinoff to gain access as well.
    • Companies with legacy systems that are not salvageable, or out-of-date point solutions that do not scale, have the opportunity to start from scratch.
    • Those looking at reducing capital expenses should consider SaaS and hosted ERP deployments.
    • Those looking at having state-of-the-art technology in-house should consider building an internal private cloud that supports their ERP deployment.

    Make sure you are ready to proceed with selection

    Organizational readiness is essential for maximizing the benefits realized from your ERP. Cover all critical elements of pre-work, resources, buy-in, and strategy and planning before embarking on ERP selection and/or implementation.

    Pre-work
    Current State Understanding
    Business Process Improvement
    Future State Vision

    Resources
    Project Team
    Governance Structures
    Third-Party Partners
    Cost and Budget

    Buy-in
    Goals and Objectives
    Exec Business Sponsorship
    Stakeholder Engagement
    Change Management

    STRATEGY and PLANNING
    ERP Strategy & Roadmap
    Risk Management
    Project Metrics

    Without a preparedness assessment, organizations end up wasting a lot of time on resolving gaps in planning that could have been mitigated upfront, which ultimately makes the implementation project more challenging.
    – Suanne McGrath-Kelly, President & Principal Consultant, Plan in Motion Inc., interviewed by Info-Tech, 2019.

    Assess your EAS readiness before moving forward

    To avoid common project pitfalls, complete the necessary prerequisites before proceeding with EAS. Consider whether the risks of proceeding unprepared fall within your organization’s risk tolerance. If they do not, pivot back to strategy.

    Preceding tasks Risks of proceeding unprepared
    Project Vision
    Project Scope
    EAS Business Case
    Current State Map
    Improvement Opportunity Analysis
    Future State Considerations
    Strategic Requirements
    Project Metrics and Benchmarks
    Risk Assessment
    EAS Strategic Roadmap
    EAS Project Work Initiatives
    Misalignment of project objectives
    Time and cost overruns
    Lack of executive buy-in or support
    Over- or under-investment in systems
    Unknown and unmet system requirements
    Product selection misfit
    Misalignment of requirements to needs
    Inability to measure project success
    Inability to proactively mitigate risk impact
    Lack of decision-making traceability
    Unclear expectations of tasks and roles

    1.2.1 Assess EAS selection readiness

    1 – 2 hours

    1. As a group, review Section 1 of the EAS Readiness Assessment Checklist with the core project team and/or project sponsor, item by item. For completed items, tick the corresponding checkbox. Document all incomplete items in the Readiness Remediation Plan table in the first column (“Incomplete Readiness Item”).
    2. For each incomplete item, use your discretion to determine whether the completion is critical in preparation for EAS selection and implementation. This may vary given the complexity of your EAS project. If the item is critical to the project, indicate this with “Y” in the second column (“Criticality (Y/N)”).
    3. For each critical item, reflect on the barriers that have prevented or are preventing its completion. Possible barriers include incomplete task dependencies, low value to effort determination, lack of organizational knowledge or resources, pressure of deadlines, etc. Document these barriers in the third column (“Barriers to Completion”).
    4. Determine a remediation approach for each barrier identified. Document the approach in the fourth column (“Remediation Approach”).
      1. For each remediation activity, designate a due date and remediation owner. Document this in the fifth column (“Due Date and Owner”).
      2. Carry out the remediation of critical tasks and return to this blueprint to kick-start your selection and implementation project.
    Input Output
    • EAS Foundation
    • EAS Strategy
    • Readiness remediation approach
    • Validation of ERP project readiness
    Materials Participants
    • EAS Readiness Assessment Checklist
    • Project sponsor
    • Core project team

    Download the EAS Readiness Assessment Checklist

    Build a well-balanced core team to see the project through

    Have a cross-departmental team define goals and objectives in order to significantly increase EAS success and improve communication.

    • Hold a meeting with Finance, Operations, and IT stakeholders. The overall objective of the meeting is to confirm that all parties agree on the goals and metrics that gauge success of the EAS project.
    • The kick-off process will significantly improve internal communications. Invite all impacted internal groups to work as a team to address any significant issues before the application process is formally activated.
    • Set up a quarterly review process to understand changing needs. This will change the way the EAS system will be utilized.

    “Each individual should understand at least one business area and have a hand in another.”
    – Mark Earley
    Senior Research Director,
    Info-Tech Research Group

    Info-Tech Insight
    An EAS selection and implementation requires more than just a procurement team. The core EAS project team should be cross-functional. .

    Be ready with a resourcing strategy for your EAS project

    EAS selection and implementation is a giant undertaking that can rarely be supported by internal resources alone.

    It is important to understand where your organization’s resourcing gaps are when embarking on a selection and implementation project. Once gaps are identified, the amount of external support needed from vendor(s), consultants, or system integrators can be determined.

    Select from the three most commonly used resourcing strategies for EAS selection and implementation projects:

    • Implement in-house using your own staff.
    • Implement using a combination of your own staff and professional services from the vendor(s) and/or system integrator (SI).
    • Implement using professional services.

    Build your implementation team

    Prioritize members from your core selection team. They will have strong insight into the tool and its envisioned position in the organization.

    General Roles

    1. Integration Specialists
    2. Solution or Enterprise Architects
    3. QA Engineer
    4. IT Service Management Team

    External Roles

    1. Vendor’s Implementation Team or Professional Services
    2. Systems Integrator (SI)

    Right-size the EAS selection team to ensure you get the right information but are still able to move ahead quickly

    Full-Time Resourcing: At least one member of these five team members must be allocated to the selection initiative as a full-time resource.

    IT Leader Technical Lead Business Analyst/
    Project Manager
    Business Lead Process Expert(s)
    This team member is an IT director or CIO who will provide sponsorship and oversight from the IT perspective. This team member will focus on application security, integration, and enterprise architecture. This team member elicits business needs and translates them into technology requirements. This team member will provide sponsorship from the business needs perspective. Typically, a CXO or SVP of a business function. These team members are the business process owners who will help steer the requirements and direction.

    Info-Tech Insight
    It is critical for the selection team to determine who has decision rights. Organizational culture will play the largest role in dictating which team member holds the final say for selection decisions. For more information on stakeholder management and involvement, see this guide.

    Complete the project timeline required during your selection phase

    Include as many steps as necessary to understand, validate, and compare vendor solutions so you can make a confident, well-informed decision.

    Use Info-Tech’s 15-Step Selection Process:

    1. Initiate procurement.
    2. Select procurement manager.
    3. Prepare for procurement; check that prerequisites are met.
    4. Select appropriate procurement vehicle (RFI, RFP, RFQ, etc.).
    5. Assemble procurement teams.
    6. Create procurement project plan.
    7. Identify and notify vendors about procurement.
    8. Configure procurement process.
    9. Gather requirements.
    10. Prioritize requirements.
    11. Build the procurement documentation package.
    12. Issue the procurement.
    13. Evaluate proposals.
    14. Evaluate vendor demos and reference checks.
    15. Recommend a vendor.

    Strengthen your procurement. If your organization lacks a clear selection process, refer to Info-Tech's Implement a Proactive and Consistent Vendor Selection Process research to help construct a formal process for procuring application technology.

    Download the Implement a Proactive and Consistent Vendor Selection Process

    Visualize what success looks like

    Understand how success metrics are relevant at each stage of strategy formation by keeping the end in mind. Apply a similar thought model to your other success metrics for a holistic evaluation of your strategy.

    Implementation
    Pre-Implementation Post-Implementation
    Baseline measure Strategic insight Strategic action Success measure End result
    Use data you already have. Any given pain point can act as your pre-implementation baseline. Previously, this measure may have been evaluated by asking “what?” or “how much?” Move away from looking at your baseline measure as transactional data, and incorporate the ability to generate strategic insight with your EAS. Change the questions you are asking to drive insights: “who?” “why?” and “how does it affect the business?” Support the business by putting your strategic analytics into action. Ensure there are capabilities built into your ERP to strategically address your baseline measure. Leverage these functions to act on your strategic insights. In the interest of IT and business alignment, speak the same language when measuring success. Use a business success measurement to determine the contribution made by your EAS strategy. Visualize your success in the context of the business as a whole. Projecting success in the interest of your stakeholders will gain and maintain buy-in, allowing you to leverage the strategic functionality of your new EAS.
    Example Time to Procure Delay in time to procure caused by bottleneck in requisition processing ERP used to create advanced workflows to streamline requisition approval process Time efficiencies gained free up employee time to focus on more strategic efforts Contributed to strategic operational innovation

    Prove the value of your EAS through metrics

    Establish baseline metrics early and measure throughout the project can iteratively prove the value of your EAS.

    Functional processes IT resource efficiency
    Functional benefits and efficiencies gained through effectively diagnosing and meeting business needs. Benefits enabled through reductions in IT system, network, and resource usage.
    Example metrics Record to report
    • Days to close month-end
    • Time to produce statements
    Market to order
    • Customer retention rate
    • Conversion/Cost per lead
    • Number of help desk requests
    • Number of active users
    • Time to resolution
    Quote to cash
    • Sales cycle duration
    • Cash conversion cycle
    Issue to resolution
    • # of returns
    • # of customer complaints
    • Time to resolve complaints
    Procure to pay
    • Average time to procure
    • Cycle time of purchase order
    Forecast to delivery
    • Variance of demand plan
    • Time to replenish inventory
    Plan to perform
    • Time to complete plan
    • Variance of plan to actual
    Hire to retire
    • Training $ per employee
    • Total overtime cost

    Improve baseline metrics through…

    1. Increased help desk efficiency. Through training of personnel and increased efficiency of processes.
    2. Increased level of self-service for end users. Implementation of functionality that matches business needs will increase the efficiency of functional business tasks.
    3. Decreased time to escalation. Knowing when to escalate tasks sooner can decrease wasted effort by tier-one workers.
    4. Automation of simple, repetitive tasks. Automation frees time for more important tasks.

    1.3.1 Assemble EAS selection team

    1 hour

    1. Working as a group, list key players in the organization that should be in EAS selection team.
    2. Determine the role of each member.
    3. Define the level of commitment each member can have on the EAS selection team. Keep in mind their availabilities during the selection process.
    4. Determine who has decision rights.
    Input Output
    • Knowledge of the team, governance structure, and organizational culture
    • List members in EAS selection team
    Materials Participants
    • Sticky notes
    • Markers
    • Executive sponsor
    • Core project team

    Phase 2

    Define your EAS

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    2.1 Capability Mapping
    2.2 Requirements Gathering Data Mapping
    2.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation
    Select and Negotiate

    Phase 4
    4.1 Prepare for
    Implementation

    This phase will walk you through the following activities:

    Identifying business processes , inventory applications and data flows, gathering requirements and prioritizing them.

    This phase involves the following participants:

    Key stakeholders from the various areas of the business that will support the project including:

    • CxO (e.g. CIO, CFO)
    • Departmental leaders
    • Project management team
    • Subject matter experts
    • Core project team

    Select an Enterprise Application

    Leverage Info-Tech’s requirements gathering framework to serve as the basis for capturing your CRM requirements

    Requirements Gathering Framework

    Info-Tech’s Requirements Gathering Framework is a comprehensive approach to requirements management that can be scaled to any size of project or organization. This framework ensures that the application created will capture the needs of all stakeholders and deliver business value. Don’t treat elicitation, analysis, and validation in isolation: planning, monitoring, communicating, and managing must permeate all three stages in order to avoid makeshift solutions.

    Capability vs. process vs. feature

    Understanding the difference

    When examining HRMS optimization it is important to approach it from the appropriate layer.

    Capability:

    • The ability of an entity (e.g. organization or department) to achieve its objectives (APQC, 2017).
    • An ability that an organization, person, or system possesses. They are typically expressed in general and high-level terms and typically require a combination of organization, people, processes, and technology to achieve (TOGAF).

    Process:

    • Processes can be manual or technology enabled. A process is a series of interrelated activities that convert inputs into results (outputs).
    • Processes consume resources, require standards for repeatable performance, and respond to control systems that direct the quality, rate, and cost of performance. The same process can be highly effective in one circumstance and poorly effective in another with different systems, tools, knowledge, and people (APQC, 2017).

    Feature:

    • A distinguishing characteristic of a software item (e.g. performance, portability, or functionality) (IEEE, 2005).

    In today’s complex organizations, it can be difficult to understand where inefficiencies stem from and how performance can be enhanced.

    To fix problems and maximize efficiencies, organizations must examine business capabilities and processes to determine gaps and areas of lagging performance.

    Info-Tech’s HRIS framework and industry tools such as the APQC’s Process Classification Framework can help make sense of this.

    Process inventory

    Business capability map (Level 0)

    Business Capability Map

    If you do not have a documented process model, you can use the APQC Framework to help define your inventory of business processes.
    APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

    In business architecture, the primary view of an organization is known as a business capability map.

    A business capability defines what a business does to enable value creation rather than how.

    Business capabilities:

    • Represent stable business functions.
    • Are unique and independent of each other.
    • Will typically have a defined business outcome.

    A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

    EAS process mapping

    Objectives The organization’s objectives are typically outcomes that the organization is looking to achieve as a result of the business strategy.
    Value Streams Value streams are external/internal processes that help the organization realize its goals.
    Capabilities The what: Business capabilities support value streams in the creation and capture of value.
    Processes The how: Business processes define how they will fulfill a given capability.

    The operating model

    An operating model is a framework that drives operating decisions. It helps to set the parameters for the scope of EAS and the processes that will be supported. The operating model will serve to group core operational processes. These groupings represent a set of interrelated, consecutive processes aimed at generating a common output.

    The value stream

    Value stream defined:

    Value Streams Design Product Produce Product Sell Product Customer Service
    • Manufacturers work proactively to design products and services that will meet consumer demand.
    • Products are driven by consumer demand and governmental regulations.
    • Production processes and labor costs are constantly analyzed for efficiencies and accuracies.
    • Quality of product and services are highly regulated through all levels of the supply chain.
    • Sales networks and sales staff deliver the product from the organization to the end consumer.
    • Marketing plays a key role throughout the value stream, connecting consumers’ wants and needs to the products and services offered.
    • Relationships with consumers continue after the sale of products and services.
    • Continued customer support and data mining is important to revenue streams.

    Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

    There are two types of value streams: core and support.

    • Core value streams are mostly external-facing. They deliver value to either external or internal customers and they tie to the customer perspective of the strategy map.
    • Support value streams are internal-facing and provide the foundational support for an organization to operate.

    An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

    2.1.1 List your key processes

    1-3 hours

    1. As a group, discuss the business capabilities, value streams, and business processes.
    2. For each capability determine the following:
      1. Is this capability applicable to our organization?
      2. What application, if any, supports this capability?
    3. Are there any missing capabilities to add?
    Input Output
    • Current systems
    • Key processes
    • APQC Framework
    • Organizational process map
    • List of key business processes
    Materials Participants
    • APQC Framework
    • Whiteboard, PowerPoint, or flip charts and markers
    • Primary stakeholders in each value stream supported by the EAS
    • Core project team

    Activity 2.1.1 – Process inventory

    Core finance Core HR Workforce management Talent Management Warehouse management Enterprise asset management
    Process Technology Process Technology Process Technology Process Technology Process Technology Process Technology
    • General ledger
    • Accounts payable
    • Accounts receivable
    • GL consolidation
    • Cash management
    • Billing and invoicing
    • Expenses
    • Payroll accounting
    • Tax management
    • Reporting
    • Payroll administration
    • Benefits administration
    • Position management
    • Organizational structure
    • Core HR records
    • Time and attendance
    • Leave management
    • Scheduling
    • Performance management
    • Talent acquisition
    • Offboarding & onboarding
    • Plan layout
    • Manage inventory
    • Manage loading docks
    • Pick, pack, ship
    • Plan and manage workforce
    • Manage returns
    • Transfer product cross-dock
    • Asset lifecycle management
    • Supply chain management
    • Maintenance planning and scheduling
    Planning and budgeting Strategic HR Procurement Customer relationship management Facilities management Project management
    Process Technology Process Technology Process Technology Process Technology Process Technology Process Technology
    • Budget reporting
    • Variance analysis
    • Multi-year operating plan
    • Monthly forecasting
    • Annual operating plan
    • Compensation planning
    • Workforce planning
    • Succession planning
    • Supplier management
    • Purchase order management
    • Workflow approvals
    • Contract / tender management
    • Contact management
    • Activity management
    • Analytics
    • Plan and acquire
    • Asset maintenance
    • Disposal
    • Project management
    • Project costing
    • Budget control
    • Document management

    Gaining Enterprise Architecture Oversight during application selection yields better user satisfaction results

    Procurement/Legal Oversight and
    Low satisfaction with software selection High satisfaction with software selection
    Process % Used % Used Process
    Used ROI/Cost Benefit Analysis 42% 43% Used ROI/Cost-Benefit Analysis
    Used Formal Decision Criteria 39% 41% Used Formal Decision Criteria
    Approval 33% 37% Enterprise Architecture Oversight and Approval
    Security Oversight and Approval 27% 36% Security Oversight and Approval
    Used Third-Party Data Reports 26% 28% Procurement/Legal Oversight and Approval
    Enterprise Architecture Oversight and Approval 26% 28% Used Third-Party Data Reports
    Used a Consultant 21% 17% Used a Consultant

    High satisfaction was defined as a response of 8, 9, or 10 from the overall recommendation question. Low satisfaction was 7 or less.

    Source: SoftwareReviews, 2018

    Map data flow

    Example ERP data flow

    Example ERP data flow

    When assessing the current application portfolio that supports your EAS, the tendency will be to focus on the applications under the EAS umbrella. These relate mostly to marketing, sales, and customer service. Be sure to include systems that act as input to, or benefit due to outputs from EAS or similar applications.

    Be sure to include enterprise applications that are not included in the EAS application portfolio. Popular systems to consider for POIs include billing, directory services, content management, and collaboration tools.

    Integration is paramount: your EAS application often integrates with other applications within the organization. Create an integration map to reflect a system of record and the exchange of data. To increase customer engagement, channel integration is a must (i.e. with robust links to unified communications solutions, email, and VoIP telephony systems).

    Enterprise application landscape

    Enterprise application landscape

    2.1.2 Inventory applications and interactions

    1-3 hours

    1. Individually list all electronic systems involved in the EAS function of the organization.
    2. Document data flows into and out of each system to the EAS. Refer to the example on the previous slides (ERP data flow) and sample Enterprise Application map.
    3. Review the processes in place (look at each functional area, including data moving into and out of systems.) Document manual processes. Identify integration points. If flow charts exist for these processes, it may be useful to provide these to the participants.
    4. If possible, diagram the system. Include information direction flow.
    Input Output
    • Business process inventory
    • List of applications (if available)
    • Current systems
    • Data flow map
    Materials Participants
    • Whiteboard, markers
    • Internal requirements documentation tools (if available)
    • Business analyst(s)
    • Subject matter experts
    • Core project team (optional)

    Understand how to navigate the complex web of stakeholders in ERP requirements gathering

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Sponsor End user IT Business
    Description An internal stakeholder who has final sign-off on the ERP project. Frontline users of the ERP technology. Back-end support staff who are tasked with project planning, execution, and eventual system maintenance. Additional stakeholders who will be impacted by any ERP technology changes.
    Examples
    • CEO
    • CIO/CTO
    • COO
    • CFO
    • Warehouse personnel
    • Sales teams
    • HR admins
    • Applications manager
    • Vendor relationship manager(s)
    • Director, Procurement
    • VP, Marketing
    • Manager, HR
    Value Executive buy-in and support is essential to the success of the project. Often, the sponsor controls funding and resource allocation. End users determine the success of the system through user adoption. If the end user does not adopt the system, the system is deemed useless and benefits realization is poor. IT is likely to be responsible for more in-depth requirements gathering. IT possesses critical knowledge concerning system compatibility, integration, and data. Involving business stakeholders in the requirements gathering will ensure alignment between HR and organizational objectives.

    Stakeholder influence vs. interest

    Large-scale EAS projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    Chart of Stakeholder Involvement during selection

    Extract functional and non-functional requirements from the customer interaction business process diagrams

    Once the most significant processes have been mapped, the business requirements must be extracted from the maps and transformed into functional and non-functional requirements. The example below illustrates how to extract requirements from an insurance claim process for the Record Claim step.

    Task Input Output Risks Opportunities Condition Sample requirements
    Record customer service claim Customer email Case record
    • Agent accidentally misses the email and case is not submitted
    • Reduce time to populate customer’s claim information into the case
    • Automation of data capture and routing
    • Pre-population of the case with the email contents
    • Suggested routing based on nature of case
    • Multi-language support

    Business:

    • System requires email-to-case functionality

    Non-functional:

    • The cases must be supported in multiple languages

    Functional:

    • The case must support the following information:
      • Title
      • Customer
      • Subject
      • Case origin
      • Case type

    Example claims process

    2.2.1 Capture your EAS requirements

    Time required varies

    1. Focus groups of 10-20 individuals may be the best way to ensure complete coverage of business requirements for EAS. This group should be cross-functional, with manager- or director-level representation from the departments that have a vested interest in the EAS project.
    2. Use your organization’s standard internal tools or download Info-Tech’s ERP Requirements Template, HRIS Requirements Template, or CRM Requirements Template.
    3. Document the requirements from the elicitation sessions.
    • The core team of business analysts should be present throughout, and the sessions should be led by an experienced facilitator (such as a senior business analyst).
    • Requirements for EAS should focus on achieving the future state rather than replicating the current state.
    • The facilitator should steer the team toward requirements that are solution-agnostic (i.e. not coached in terms of a particular vendor or product). Focus on customer and internal personas to help drive requirements.
    Input Output
    • Business unit functional requirements
    • Business process inventory
    • Data flow map
    • Inventory of business requirements
    Materials Participants
    • Whiteboard, markers
    • Internal requirements documentation tools (if available)
    • Info-Tech’s ERP Requirements Template, HRIS Requirements Template, or CRM Requirements Template (optional)
    • Business analyst(s)
    • Project manager
    • Subject matter experts
    • Core project team (optional)

    Prioritize your EAS requirements to assist with the selection

    Requirements prioritization ensures that the ERP selection project team focuses on the right requirements when putting together the RFP.

    Prioritization is the process of ranking each requirement based on its importance to project success. Hold a meeting for the domain SMEs, implementation SMEs, project managers, and project sponsors to prioritize the requirements list. At the conclusion of the meeting, each requirement should be assigned a priority level. The implementation SMEs will use these priority levels to ensure efforts are targeted toward the proper requirements and to plan features available on each release.

    Use the MoSCoW Model of Prioritization to effectively order requirements.

    The MoSCoW Model of Prioritization
    Must have Requirements must be implemented for the solution to be considered successful.
    Should have Requirements that are high priority should be included in the solution if possible.
    Could have Requirements are desirable but not necessary and could be included if resources are available.
    Won't have Requirements won’t be in the next release, but will be considered for the future releases.

    The MoSCoW model was introduced by Dai Clegg of Oracle UK in 1994. MindTools.

    Base your prioritization on the right set of criteria

    Effective prioritization criteria

    Criteria Description
    Regulatory and legal compliance These requirements will be considered mandatory.
    Policy compliance Unless an internal policy can be altered or an exception can be made, these requirements will be considered mandatory.
    Business value significance Give a higher priority to high-value requirements.
    Business risk Any requirement with the potential to jeopardize the entire project should be given a high priority and implemented early.
    Likelihood of success Especially in “proof of concept” projects, it is recommended that requirements have good odds.
    Implementation complexity Give a higher priority to low implementation difficulty requirements.
    Alignment with strategy Give a higher priority to requirements that enable the corporate strategy.
    Urgency Prioritize requirements based on time sensitivity.
    Dependencies A requirement on its own may be low priority, but if it supports a high-priority requirement, then its priority must match it.

    2.3.1 Prioritize your solution requirements

    Time required varies

    1. Consolidate all duplicate requirements to form a mutually exclusive and collectively exhaustive list of functional and non-functional requirements.
    2. Identify the significance of each requirement for your solution evaluation according to the MoSCoW model. Control the number of mandatory requirements you document. Too many mandatory requirements could create an unrealistic framework for evaluating solutions.
    3. Categorize your requirements and delineate between functional (i.e. capabilities the system will be able to perform) and non-functional (i.e. environmental conditions of the system, such as technical and security requirements).
    InputOutput
    • Inventory of business requirements
    • Inventory of business requirements with priorities
    MaterialsParticipants
    • Whiteboard, markers
    • Internal requirements documentation tools (if available)
    • Info-Tech’s ERP Requirements Template, HRIS Requirements Template, or CRM Requirements Template (optional)
    • Business analyst(s)
    • Project manager
    • Subject matter experts
    • Core project team

    Identify which vendors’ product and capabilities meet your must-have requirements

    Highlight must-haves in the RFP

    • Once you have prioritized your business requirements for the EAS initiative, it is time to package them into an RFP.
    • It is critical to highlight must-have requirements in the RFP document. Doing so immediately eliminates vendors who do not feel that their products are suitable for your needs.

    WATCH OUT!

    Many vendors will try to stretch their capabilities to fit your must-have requirements. Leverage vendor demos in the next stage of selection to quickly rule out products that do not cover your critical requirements.

    Identify key process areas where you require vendor knowledge

    Example of Key process areas

    Completing a process inventory and a list of EAS requirements often shows process areas that need updates and improvement. Take this opportunity to highlight areas where you would benefit from knowing about most recent best practices and technologies.

    Inquire about these when engaging the vendor to know their level of knowledge and how their products work best in your industry.

    General product knowledge requests are not enough. Be specific.

    Determine the product knowledge areas that are specific to your implementation.

    Product Knowledge Proof of Concept Development Customer Service Warehousing Core HR Other Overall
    Data Security *
    Process Improvements * *
    Configuration
    Data Architecture *
    Integration
    On premise Infrastructure
    Cloud Infrastructure *
    Other

    Identify the product knowledge that is required in relation to your implementation. This can include core product knowledge and should be related to larger infrastructure and organizational requirements.

    More than just functional requirements

    What to include What to look at What is differentiating
    • Remember to include must-have conditions that do not directly relate to the behavior or functionality of the EAS product, but rather describe environmental conditions under which the solution must remain effective or qualities that the systems must have.
    • These can include requirements related to capacity, speed, security, availability, and the information architecture and presentation of the user interface.
    • Consider the vendor’s overall ability to execute.
      • Are they financially stable?
      • Do they have the resources to execute?
      • Do they have the skills to execute?
      • Are they able to provide post-implementation support?
    • Vendors understand that SaaS isn’t for everyone. Deployment models are one way they will continue to differentiate themselves.
    • Some vendors choose to compete on breadth and others on depth of expertise in public, private, and hosted cloud offerings.

    Info-Tech Insight
    Be wary of sunsetting products! Selecting the EAS based on a good knowledge of the vendor’s roadmap allows for business operations to continue without having to repeat a selection and implementation project in the near future.

    Dominant use-case scenarios for potential ERP solutions

    While an organization may be both product- and service-centric, most organizations fall into one of the two categories.

    Use case: Public sector

    The service-centric ERP use case is suitable for most organizations in the public sector. With that in mind, consider ERP solutions that offer grant disbursements, fleet management, and staffing/resourcing capabilities.

    Product-centric ERP Service-centric ERP
    What it is The product-centric ERP is suitable for organizations that manufacture, assemble, distribute, or manage material goods throughout a product lifecycle. ERP vendors and/or products that align to this use case usually cater to industries such as manufacturing, retail, aerospace and defense, distribution, and food and beverage. The service-centric ERP use case is suitable for organizations that provide and manage field services and/or professional services throughout a project lifecycle. ERP vendors and/or products that align to this use case usually cater to industries such as utilities, maintenance and repair, government, education, and professional services (i.e. consulting, legal).
    How it works Product-centric ERP has strong functionality in supply chain management, manufacturing, procurement management, and material job and project management. Service-centric ERP has strong functionality in resource job and project management, service management, and customer relationship management.

    EAS table stakes vs differentiating features

    Make sure features align with your objectives first.

    What are table stakes / standard features?

    • For every type of EAS, such as ERP, HRIS, and CRM, certain features are standard, but that doesn’t mean they are all equal.
    • The existence of features doesn’t guarantee quality or functionality to the standards you need. Never assume that yes in a features list means you don’t need to ask for a demo.

    What is differentiating/additional feature?

    • Differentiating features take two forms:
      • Some platforms offer differentiating features that are vertical specific.
      • Other platforms offer differentiating features that are considered cutting edge. These cutting-edge features may become table stakes over time.
    • These features may increase productivity but also require process changes.

    Info-Tech Insight
    If table stakes are all you need from your EAS solution, the only true differentiator for the organization is price. Otherwise, dig deeper to find the best price to value for your needs. Remove the product from your shortlist if table stakes are not met!

    Reign-In Ballooning Scope for EAS Selection Projects

    Stretching the EAS beyond its core capabilities is a short-term solution for a long-term problem. Educate stakeholders about the limits of EAS technology.

    Common pitfalls for EAS selection

    • Tangential capabilities may require separate solutions. It is common for stakeholders to list features such as content management as part of the new EAS platform. While content management goes hand in hand with the EAS’s ability to manage customer interactions, document management is best handled by a standalone platform.

    Keeping stakeholders engaged and in line

    • Ballooning scope leads to stakeholder dissatisfaction. Appeasing stakeholders by over customizing the platform will lead to integration and headaches down the road.
    • Make sure stakeholders feel heard. Do not turn down ideas in the midst of an elicitation session. Once the requirements gathering sessions are completed, the project team has the opportunity to mark requirements as “out of scope”, and communicate the reasoning behind the decision.
    • Educate stakeholders on the core functionality of EAS. Many stakeholders do not know the best-fit use cases for EAS platforms. Help end users understand what EAS is good at, and where additional technologies will be needed.

    Phase 3

    Engage, Evaluate, and Finalize Selection

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    2.1 Capability Mapping
    2.2 Requirements Gathering Data Mapping
    2.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation Select and Negotiate

    Phase 4
    4.1 Prepare for Implementation

    This phase will walk you through the following activities:

    In this phase of the project, you will review your RFx and build an initial list of vendors/implementors to reach out to. The final step is to build your evaluation checklist for rating the incoming responses.

    This phase involves the following participants:

    Key stakeholders from the various areas of the business that will support the project including:

    • Evaluation team
    • Vendor management team
    • Project management team
    • Core project team

    Select an Enterprise Application

    Products and vendors demystified

    Knowing who can provide the solution will shorten the selection process and provide the most suitable set of features.

    The Product The Vendor The VAR
    A product is the software, hardware, add-ins, and any value-added services or tools that are bundled together, e.g. SAP Rise (see What is RISE with SAP), SAP S4/HANA, etc. A vendor can carry and sell multiple products or lines of products (e.g. Oracle sells Oracle Fusion and NetSuite, etc.). The Value-added reseller (VAR) can sell a pre-packaged / pre-configured product. VARs are usually partners of the vendor and typically provide other packaged services including system hosting, customization, implementation, and integrations.

    Info-Tech Insight
    Selecting an Enterprise Application is much more than just selecting a software or product; it is selecting a long-term platform and partner to help achieve long-term strategic goals. Refer to our blueprint Select an ERP Implementation Partner.

    Consolidating the vendor shortlist up-front reduces downstream effort

    Put the “short” back in shortlist!

    • Radically reduce effort by narrowing the field of potential vendors earlier in the selection process. Too many organizations don’t funnel their vendor shortlist until near the end of the selection process. The result is wasted time and effort evaluating options that are patently not a good fit.
    • Leverage external data (such as SoftwareReviews) and expert opinion to consolidate your shortlist into a smaller number of viable vendors before the investigative interview stage, and eliminate time spent evaluating dozens of RFP responses.
    • Having fewer RFP responses to evaluate means you will have more time to do greater due diligence.

    Review your use cases to start your shortlist

    Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

    Next steps will include:

    1. Reviewing your requirements.
    2. Checking out SoftwareReviews.
    3. Creating the RFP.
    4. Conducting demos and detailed proposal reviews.
    5. Selecting and contracting with a finalist!

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    Fact-based reviews of business software from IT professionals.

    Product and category reports with state-of-the-art data visualization.

    Top-tier data quality backed by a rigorous quality assurance process.

    User-experience insight that reveals the intangibles of working with a vendor.

    SoftwareReviews is powered by Info-Tech.

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today’s technology. The insights of our expert analysts provide unparalleled support to our members at every step of their buying journey.

    CLICK HERE to access SoftwareReviews

    Comprehensive software reviews to make better IT decisions.

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Case Study

    Manufacturer and retailer utilizes Info-Tech for goal of unifying four separate ERP systems

    INDUSTRY
    Manufacturing

    SOURCE
    Info-Tech Consulting

    Challenge Solution Results

    An amalgamation of eight different manufacturing, retail, and supply brands that operated four separate ERP systems and processes across the United States had poor visibility into operations.

    The organization had plans to unify the brands from a systems perspective and accommodate the company’s growth in a scalable and repeatable way.

    Info-Tech was previously engaged to perform an Establish a Concrete ERP Foundation workshop to set the groundwork for the eventual ERP selection.

    The organization engaged Info-Tech’s consulting group to assist in requirements gathering and RFP development.

    Info-Tech consultants traveled to five different states to gather ERP requirements from stakeholders and identify solution requirements.

    Info-Tech developed an ERP requirements matrix from the organization’s processes, including technical requirements and operations/support services.

    Info-Tech matched the organization with a use case and weighted requirements to assist in future scoring.

    An RFP was constructed using the organization’s requirements. and distributed to 10 qualified vendors for completion.

    Strengthen your RFP process with a thorough review

    Drive better sourcing outcomes.

    A quality SOW is the result of a quality RFI/RFP (RFx).

    Use Info-Tech’s RFP Review as a Service to review key items and ensure your RFP will generate quality responses and SOWs.

    • Is it well structured, with a consistent use of fonts and bullets?
    • Is it laid out in sections that are easily identifiable and that progress from high-level to more detailed information?
    • Can a vendor quickly identify the ten (or fewer) things that are most important to you?

    Contact Us

    3.2.1 Prepare the RFP

    1-2 hours

    1. Download Info-Tech’s ERP Request for Proposal Template or prepare internal best-practice RFP tools.
    2. Build your RFP.
      1. Complete the statement of work and general information sections to provide organizational context to your long-listed vendors.
      2. Outline the organization’s procurement instructions for vendors, including due diligence, assessment criteria, and dates.
      3. Input the business requirements document as created in Activity 1.3.1.
      4. Create a scenario overview to provide vendors with an opportunity to give an estimated price.
    3. Obtain approval for your RFP. Each organization has a unique procurement process; follow your own organization’s process as you submit your RFPs to vendors. Ensure compliance with your organization’s standard and gain approval for submitting your RFP.
    Input Output
    • Business requirements document
    • Procurement procedures
    • EAS RFP
    Materials Participants
    • Internal RFP tools/ templates (if available)
    • Info-Tech’s ERP RFP Template (optional)
    • Procurement SMEs
    • Project manager
    • Core project team (optional)

    Download the ERP Request for Proposal Template

    Streamline your evaluation of vendor responses

    Use Info-Tech’s ERP Vendor Response Template to standardize vendor responses.

    • Vendors tend to use their own standard templates when responding, which complicates evaluations.
    • Customize Info-Tech’s ERP Vendor Response Template to adjust for the scope and content of your project; input your organization’s procurement process and ERP requirements.
    • The template is meant to streamline the evaluation of vendor responses by ensuring you achieve comprehensiveness and consistency across all vendor responses. The template requires vendors to prove their organizational viability, understanding of the problem, and tested technology and implementation methodologies.

    Sections of the tool:

    1 Executive Summary

    2 About the Vendor

    3 Understanding of the Challenge

    4 Methodology

    5 Proposed Solution

    6 Project Plan and Timeline

    7 Vendor Qualifications

    8 References

    9 Additional Value-Added Services

    10 Additional Value-Added Goods

    For an explanation of how advanced features are determined, see Information Presentation – Feature Ranks (Stoplights) in the Appendix.

    What to look in vendor responses

    Vendor responses to an RFP can be very revealing about whether their product offering aligns with your EAS roadmap.

    Validate the vendor responses so that there are no misunderstandings with their offer. Here are key items to validate.

    Key items Why is this important?
    About the Vendor This is where the vendor will describe itself and prove its organizational viability.
    Understanding of the Challenge Demonstrating understanding of the problem is the first step in being able to provide a solution.
    Methodology Shows the vendor has a proven methodology to approach and solve the challenge.
    Proposed Solution Describes how the vendor will address the challenge. This is a very important section as it will articulate what you will receive from the vendor as a solution.
    Project Plan and Timeline Provides an overview of the project management methodology, phases of the project, and what will be delivered and when.
    Vendor Qualifications Provides evidence of prior experience with delivering similar projects for similar clients.
    References Provides contact information for individuals or organizations for which the vendor has worked and who can vouch for the experience and success of working with this vendor.
    Value-Added Services and Goods Allows vendors an opportunity to set themselves apart from the competition with additional services and/or goods applicable to your project but not covered elsewhere in the template.

    3.2.2 Build a vendor response template

    1-2 hours

    1. Download Info-Tech’s ERP Vendor Response Template.
    2. Validate that the provided template is comprehensive and will collect the information necessary for your organization to effectively evaluate the product and vendor and will inform a decision to invite the vendor in for a demonstration.
    3. Make the small customizations necessary to tailor the template to your organization (i.e. swap out “[Company X]” for your organization’s name).

    Download the ERP Vendor Response Template

    InputOutput
    • EAS RFP
    • ERP Vendor Response Template
    MaterialsParticipants
    • Info-Tech’s ERP Vendor Response Template
    • Procurement SMEs
    • Project manager
    • Core project team

    3.2.3 Evaluate RFP responses

    Varies

    1. Customize Info-Tech’s EAS RFP and Demonstration Scoring Tool to build a vendor and product evaluation framework for your EAS selection team.
    2. Review all RFP responses together with the core project team and stakeholders from procurement (if necessary).
    3. Input vendor solution information into the EAS RFP and Demonstration Scoring Tool.
    4. Analyze the vendors against your evaluation framework by paying specific attention to costing, overall score, and evaluation notes and comments.
    5. Identify vendors with whom you wish to arrange vendor demonstration.
    6. Contact vendors and arrange briefings.
    InputOutput
    • EAS RFP
    • ERP Vendor Response Template
    MaterialsParticipants
    • Info-Tech’s ERP Vendor Response Template
    • Procurement SMEs
    • Project manager
    • Core project team

    Download the EAS RFP and Demonstration Scoring Tool

    Identify specific use cases and develop demonstration scenarios

    These techniques can be used to gather requirements now and for vendor demos during the evaluation stage.

    Describe use cases to indicate how the various processes will operate. This technique can help end-users describe what the solution must do without needing to know how to describe requirements. Outline scenarios based on these use cases for vendors to demonstrate how their solution can fulfill business requirements.

    Define
    Define objectives for each specific use case.

    Explore
    Explore the various process paths and alternate outcomes for each use case.

    Build
    Build the details of the scenarios to describe the roles of the people involved and the detailed process steps to be accomplished.

    Use
    For each scenario, outline the expected outputs and variations.

    Info-Tech Insight
    Do not exceed three vendors when selecting participants for a product demonstration. Each vendor demonstration should last between one day and one week, depending on the scope of the project. Exceeding the threshold of three vendors can be massively time consuming and yield diminishing returns.

    Conduct vendor demos that extend beyond baseline requirements

    • Demo scripts should focus on differentiating vendor processes and capabilities that contribute to achieving your business’ strategic objectives.
    • You want vendors to show you what differentiates them and what can they do that is specific to your industry.
    • Avoid focusing on baseline EAS capabilities. While this may drive consistency across demonstrations, you will not get a clear picture of how one vendor may align with your unique business needs.
    • Ask the vendor questions pertaining to the differentiating factors listed below. Consider if the differentiating factors are worthwhile over the baseline capabilities shown.
    Adhere to this framework when crafting your scenarios:
    Simple and straightforward Series of steps
    • A straightforward narrative of what you need the product to do.
    • Once written, scenarios should be circulated to key stakeholders in the organization for validation.
    • Demonstrate how a user would interact with the system.
    • Should not be an explanation of specific features/functions.
    Specific Suitable for your business
    • Demonstrate exactly what you need the system to do, but don’t get into implementation details – don’t go too far into the how.
    • Select only critical functions that must be demonstrated.
    • Scenarios should reflect current realities within the organization, while still allowing processes to be improved.

    Add your scenarios to Info-Tech’s sample EAS demo script

    Take a holistic approach to vendor and product evaluation

    Almost – or equally – as important as evaluating vendor feature capabilities is the need to evaluate vendor viability and non-functional aspects of the EAS solution. Include an evaluation of the following criteria in your vendor scoring methodology.

    Vendor capability Description
    Usability and Intuitiveness The degree to which the system interface is easy to use and intuitive to end users.
    Ease of IT Administration The degree to which the IT administrative interface is easy to use and intuitive to IT administrators.
    Ease of Data Integration The relative ease with which the system can be integrated with an organization’s existing application environment including legacy systems, point solutions, and other large enterprise applications.
    Ease of Customization The relative ease with which a system can be customized to accommodate niche or industry-specific business or functional needs.
    Vendor Support Options The availability of vendor support options including selection consulting, application development resources, implementation assistance, and ongoing support resources.
    Availability and Quality of Training The availability of quality training services and materials that will enable users to get the most out of the product selected.
    Product Strategy, Direction, and Rate of Improvement The vendor’s proven ability for constant product improvement, deliberate strategic direction, and overall commitment to research and development efforts in responding to emerging trends.

    Info-Tech Insight
    Evaluating the vendor capabilities, not just product capabilities, is particularly important with EAS solutions. EAS solutions are typically long-term commitments; ensure that your organization is teaming up with a vendor or provider that you feel you can work well with and depend on.

    Case Study

    Structured RFP and demo processes ease the pain of vendor evaluations during the selection phase.

    INDUSTRY
    Automotive

    SOURCE
    Research Interview

    Challenge Solution Results

    This company is one of the largest automotive manufacturers worldwide and has various manufacturing facilities and distribution centers across Canada.

    With over 8,000 employees, the company has a multifaceted health and safety program. While head office enabled and used the health and safety module within the existing HRIS, some divisions within the company found the system complex and were still relying heavily on manual entry spreadsheets for incident investigations. As a result, the company decided to explore other options.

    A project team was created, led by a project manager from head office’s IT department. The team also included health and safety specialists from across the organization, who served as subject matter experts.

    The team put together a project outline, a roadmap for required functionality, and a business case to present to senior leadership, highlighting benefits and potential payback.

    After acquiring executive sponsorship, the team developed a Request for Proposal that was sent to 11 vendors.

    Among the evaluation criteria set in the RFP, injury cost analysis and analytics on safety were identified as the most critical requirements. Based on this criteria, the team narrowed down the options to four RFP responses, which were opened to 16 different sites to ensure consensus across the company.

    The team developed demo scripts to guide the product demonstrations. They also built evaluation scorecards that were used to narrow down the selection to two vendors. Ultimately, the final selection decision came down to how well the vendors’ teams knew the business, and the vendor that demonstrated greater industry expertise was selected.

    3.2.4 Build a demo script for product demonstration evaluation

    1-2 hours

    1. With the EAS selection team, use Info-Tech’s ERP Vendor Demonstration Script, HRIS Vendor Demonstration Script, or CRM Vendor Demonstration Script to write a demo script that reflects your organization’s EAS needs.
    2. Outline the logistics of the demonstration in the Introduction section of the template. Be sure to outline the total length of the demo and the amount of time that should be dedicated to the following:
      1. Product demonstration in response to the demo script.
      2. Showcase of unique product elements, not reflective of the demo script.
      3. Question and answer session.
      4. Breaks and other potential interruptions.
    3. Provide prompts for the vendor to display the capabilities by listing and describing usage scenarios by functional area. For example, when asking a vendor to demonstrate financial and accounting management capabilities, you may break scenarios out by task (e.g. general ledger, accounts payable) or user role (e.g. finance manager, administrator).

    Info-Tech Insight
    Challenge vendor project teams during product demonstrations. Asking the vendor to make adjustments or customizations on the fly will allow you to get an authentic feel for product capability and flexibility and for the degree of adaptability of the vendor project team. Ask the vendor to demonstrate how to do things not listed in your user scenarios, such as change system visualizations or design, change underlying data, add additional data sets, demonstrate collaboration capabilities, or trace an audit trail.

    3.2.4 Build a demo script for product demonstration evaluation

    Before the actual demonstrations, remember to communicate to the team the scenarios to be covered. Distribute the scripts ahead of the demonstrations so that the evaluation team know what is expected from the vendors.

    Input Output
    • Business requirements document
    • Logistical considerations
    • Usage scenarios by functional area
    • EAS demo script
    Materials Participants
    • Info-Tech’s ERP Vendor Demonstration Script, HRIS Vendor Demonstration Script, or CRM Vendor Demonstration Script
    • Business analyst(s)
    • Core project team

    A vendor scoring model provides a clear anchor point for your evaluation of EAS vendors based on a variety of inputs

    A vendor scoring model is a systematic method for effectively assessing competing vendors. A weighted-average scoring model is an approach that strikes a strong balance between rigor and evaluation speed.

    How do I build a scoring model? What are some of the best practices?
    • Start by shortlisting the key criteria you will use to evaluate your vendors. Functional capabilities should always be a critical category, but you’ll also want to look at criteria such as affordability, architectural fit, and vendor viability.
    • Depending on the complexity of the project, you may break down some criteria into sub-categories to assist with evaluation (for example, breaking down functional capabilities into constituent use cases so you can score each one).
    • One you’ve developed the key criteria for your project, the next step is weighting each criteria. Your weightings should reflect the priorities for the project at hand. For example, some projects may put more emphasis on affordability, others on vendor partnership.
    • Using the information collected in the subsequent phases of this blueprint, score each criteria from 1-100, then multiply by the weighting factor. Add up the weighted scores to arrive at the aggregate evaluation score for each vendor on your shortlist.
    • While the criteria for each project may vary, it’s helpful to have an inventory of repeatable criteria that can be used across application selection projects. The next slide contains an example that you can add or subtract from.
    • Don’t go overboard on the number of criteria: five to ten weighted criteria should be the norm for most projects. The more criteria (and sub-criteria) you must score against, the longer it will take to conduct your evaluation. Always remember – link the level of rigor to the size and complexity of your project! It’s possible to create a convoluted scoring model that takes significant time to fill out but yields little additional value.
    • Creation of the scoring model should be a consensus-driven activity between IT, procurement, and the key business stakeholders – it should not be built in isolation. Everyone should agree on the fundamental criteria and weights that are employed.
    • Consider using not just the outputs of investigative interviews and RFP responses to score vendors, but also third-party review services like SoftwareReviews.

    Info-Tech Insight
    Even the best scoring model will still involve some “art” rather than science – scoring categories such as vendor viability always entail a degree of subjective interpretation.

    Establish vendor evaluation criteria

    Vendor demonstrations are an integral part of the selection process. Having clearly defined selection criteria will help with setting up relevant demos and informing the vendor scorecards.

    Vendor evaluation criteria (weight)

    Functionality (30%) Ease of Use (25%)
    • Breadth of capability
    • Tactical capability
    • Operational capability
    • End-user usability
    • Administrative usability
    • UI attractiveness
    • Self-service options
    Cost (15%) Vendor (15%)
    • Maintenance
    • Support
    • Licensing
    • Implementation (internal and external costs)
    • Support model
    • Customer base
    • Sustainability
    • Product roadmap
    • Proof of concept
    • Implementation model
    Technology (15%)
    • Configurability options
    • Customization requirements
    • Deployment options
    • Security and authentication
    • Integration environment
    • Ubiquity of access (mobile)

    Info-Tech Insight
    Do not buy something that does not fit your functional needs just because it is the cheapest. ERP is a massive, long-term investment. If you purchase a system that does not contain the functionality that meets the organization’s business needs, not only will you face issues with user adoption, but you may also face having to revisit your ERP project down the road. In the end, this will cost you more than it will save you.

    Conduct client reference interviews to identify how other organizations have successfully used the vendor’s solution

    Request references from the vendors. Make sure the vendors deliver what they promise.

    Vendors are inevitably going to provide references that will give positive feedback, but don’t be afraid to dig into the interviews to understand some of the limitations related to the solution.

    • Even if a vendor is great for one client doesn’t necessarily mean it will fit for you. Ask the vendor to provide references from organizations in your own or a similar industry or from someone who has automated similar business processes or outlined similar expectations.
    • Use these reference calls as an opportunity to gain a more accurate understanding of the quality of the vendor’s service support and professional services.
    • If you are looking to include a high level of customization in your EAS solution, pay particular attention to this step and the client responses, as these will help you understand how easy a vendor is to work with.
    • Make the most of your client reference interviews by preparing your questions in advance and following a specific script.

    Sample Reference Check Questions

    Use Info-Tech’s Sample Reference Check Questions to provide a framework and starting point for your interviews with a vendor’s previous clients. Review the questions and customize to fit your needs.

    Determine costs of the solution

    Ensure the business case includes both internal and external costs related to the new EAS platform, allocating costs of project managers to improve accuracy of overall costs and level of success.

    EAS solutions include application costs and costs to design processes, install, and configure. These start-up costs can be a significant factor in whether the initial purchase is feasible.

    EAS vendor costs Internal costs
    • Application licensing
    • Implementation and configuration
    • Professional services
    • Maintenance and support
    • Training
    • Third-party add-ons
    • Data transformation
    • Integration
    • Project management
    • Business readiness
    • Change management
    • Resourcing (user groups, design/consulting, testing)
    • Training
    • Auditors (if regulatory requirements need vetting)
    When thinking about vendor costs, also consider the matching internal cost associated with the vendor activity (e.g. data cleansing, internal support). Project management is a top-five critical success factor at all stages of an enterprise application initiative from planning to post-implementation (Information Systems Frontiers). Ensuring that costs for such critical areas are accurately represented will contribute to success.

    Bring in the right resources to guarantee success. Work with the PMO or project manager to get creating the SOW.

    60% of IT projects are not finished “mostly or always” on time (Wellingtone, 2018).

    55% of IT personnel feel that the business objectives of their software projects are clear to them (Geneca, 2017).

    Download the blueprint Improve Your Statements of Work to Hold Your Vendors Accountable to define requirements for installation and configuration.

    3.3.1 Establish your evaluation criteria

    Time required varies

    Customize Info-Tech’s RFP and Demonstration Scoring Tool to build an evaluation framework for vendor responses based on set criteria rather than relative comparisons.

    This tool allows you to evaluate whether your organization’s requirements have been met by the vendor RFP response and provides a location for comprehensive documentation of the RFP response and demonstration details, including costing and availability/quality of product features, architecture, and vendor support.

    Finally, the tool gives you the ability to evaluate your shortlisted vendors’ demonstrations.

    InputOutput
    • Business requirements document
    • Logistical considerations
    • Usage scenarios by functional area
    • EAS evaluation criteria
    MaterialsParticipants
    • Info-Tech’s EAS RFP and Demonstration Scoring Tool
    • Procurement SMEs
    • Core project team

    3.3.1 Establish your evaluation criteria

    Time required varies

    1. With the EAS selection team, brainstorm a list of criteria against which you are going to evaluate each vendor and product.
    2. Categorize each criteria into four to eight groups.
    3. Assign ranked weightings to each category of evaluation criteria. The weightings should add up to 100%. Be sure to identify which criteria are most important to your team by assigning higher weightings to those criteria. If you are having trouble assigning ranked weightings to criteria, take your team through an exercise of ranking pairs. For example, if deciding on the ranked importance of cost, ease of use, and vendor support, break down the discussion by addressing just two criteria at a time: “Between cost and ease of use, which is more important?” If cost is selected… “Between cost and vendor support, which is more important?” If cost is selected again, decide on your second and third rankings by addressing the remaining two criteria… “Between vendor support and ease of use, which is more important?”
    4. Document the final output from this activity as an input to your EAS selection. Optionally, record it in Info-Tech’s EAS RFP and Demonstration Scoring Tool.

    Download the EAS RFP and Demonstration Scoring Tool

    Info-Tech Insight
    Do not reveal your evaluation criteria to vendors. Allowing vendors to see what matters most to your organization may sway their response and/or demo. Avoid this by keeping your decided evaluation criteria and weightings among your selection team only.

    3.3.2 Evaluate vendor product demonstrations

    Time required varies

    1. Using the demonstration script and vendor criteria previously established, customize Info-Tech’s EAS RFP and Demonstration Scoring Tool to build a scorecard that quickly evaluates vendor product demonstrations.
    2. Distribute the scorecard to every member of the team who is evaluating a particular demonstration.
    3. Evaluate each vendor product demonstration using the tool.
    4. Average all scores from each vendor demonstration to inform your selection decision. Note that the vendor with the highest overall score may not necessarily be the best fit for your organization.
    Input Output
    • Demonstration script
    • Evaluation criteria
    • ERP demonstration vendor scores
    Materials Participants
    • Info-Tech’s EAS RFP and Demonstration Scoring Tool
    • Core project team

    Download the EAS RFP and Demonstration Scoring Tool

    Decision Point: Select the Finalist

    After reviewing all vendor responses to your RFP, conducting vendor demos, and running a pilot project (if applicable) – the time has arrived to select your finalist.

    All core selection team members should hold a session to score each shortlisted vendor against the criteria enumerated on the previous slide, based on an in-depth review of proposals, the demo sessions, and any pilots or technical assessments.

    The vendor that scores the highest in aggregate is your finalist.

    Congratulations – you are now ready to proceed to final negotiation and inking a contract. This blueprint provides a detailed approach on the mechanics of a major vendor negotiation.

    Get the best value out from your EAS vendor. Negotiate on your own terms.

    Here are a few tips common to EAS vendors and its offerings.

    Vendors will give time-limited discounts to obtain your buy-in.

    • Depending on your procurement process, it is good practice to have at least two competing vendors in the running to obtain the best value.
    • Make sure that the package offered is coherent – that there are no gaps in the product offering.
    • Ask for access to a higher level of customer care or even developers to obtain quicker, specific support
    • Inquire about specific support and patching service, especially if you have customizations.
    • Ask for additional hours for training and support, pre- and post- implementation.
    • Think long-term – you want to have a good working relationship over the long haul, with a vendor that fits with your overall strategy, and not have to repeat and negotiate often.

    Use Info-Tech’s vendor services

    Info-Tech’s vendor management services has price benchmarks as well knowledgeable advisors who can help evaluate proposals to obtain the best value

    Speak to a vendor management services’ advisor today.

    Contact Us

    Communicate to the vendor whether they were accepted or rejected

    Communicate with each vendor following the demonstration and product evaluation. Ask follow-up questions, highlight areas of concern, and inform them of their status in the selection process.

    The RFP process is a standard business practice. As a customer, you are not under any obligation to educate the vendor as to the details of acceptance or rejection. However, consider every point of contact as an opportunity to build a strong network of potential vendors to help you acquire the best products for your organization.

    Use Info-Tech’s Vendor Communication Set template to communicate with the vendor following the demonstration and product evaluations. This set includes:

    Rejection Notice: Inform the vendor that they are no longer under consideration and highlight opportunities for future debrief.

    Approval Notice: Inform the vendor of its progress to the next stage of selection and identify next steps.

    Go to this link

    Phase 4

    Prepare for Implementation

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    2.1 Capability Mapping
    2.2 Requirements Gathering Data Mapping
    2.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation Select and Negotiate

    Phase 4
    4.1 Prepare for Implementation

    This phase will walk you through the following activities:

    Discussion on what it takes to transition to a proper implementation.

    Key stakeholders from the various areas of the business that will support the project including:

    • Project management team
    • Core project team

    Select an Enterprise Application

    Leverage Info-Tech’s research to plan and execute your EAS implementation

    Use Info-Tech Research Group’s three-phase implementation process to guide your own planning.

    Assess

    Prepare

    Govern and course correct

    Establish and execute an end-to-end, agile framework to succeed with the implementation of a major enterprise application.

    Visit this link

    External resources are available for implementations

    Organizations rarely have sufficient internal staffing to resource an EAS project on their own. Consider the options for closing the gap in internal resource availability.

    The most common project resourcing structures for enterprise projects are:

    Your own staff +

    1 Management Consultant

    2 Vendor Consultant

    3 System Integrator

    Consider the following:

    Internal vs. External Roles and Responsibilities

    Clearly delineate between internal and external team responsibilities and accountabilities, and communicate this to your technology partner upfront.

    Internal vs. External Accountabilities

    Accountability is different than responsibility. Your vendor or SI partner may be responsible for completing certain tasks, but be careful not to outsource accountability for the implementation – ultimately, the internal team will be accountable.

    Partner Implementation Methodologies

    Often vendors and/or SIs will have their own preferred implementation methodology. Consider the use of your partner's implementation methodology; however, you know what will work for your organization.

    Info-Tech Insight
    When contemplating a resourcing structure, consider:

    • Availability of in-house implementation competencies and resources.
    • Timeline and constraints.
    • Integration environment complexity.

    Review your options for external resources

    Narrow your search for a management consultant, vendor consultant, or system integrator partner by understanding under which circumstances each would be most appropriate.

    When to choose… Management consultant Vendor consultant System integrators
    • There is an existing and trusted relationship.
    • Scope of work includes consideration of internal IT operations, costing, etc.
    • Organization requires external industry expertise for strategy formulation.
    • They will have a role in overall change management within the enterprise.
    • There are no concerns with overall IT processes or capabilities.
    • The project scope is restricted to a single technology or application.
    • There is minimal integration with other systems.
    • The consultant has no role in business process change.
    • They will be a specialist reporting to other consultants.
    • Project includes products from different vendors or multiple add-ons.
    • Extensive integration is required with legacy or other applications.
    • They will be responsible for outsourced operational support or development following implementation.

    Info-Tech Insight
    Depending on your internal resourcing constraints and IT maturity, you may need to work with multiple partners. If this is the case, just be aware that working with multiple partners can complicate vendor relationship management and makes having a dedicated vendor or partner relationship manager even more important.

    4.1.1 Establish team composition

    1 – 2 hours

    Utilize Info-Tech’s Governance and Management of Enterprise Software Implementation to establish your team composition. Within that blueprint:

    1. Assess the skills necessary for an implementation. Inventory the competencies required for the implementation project team. Map your internal resources to each competency as applicable.
    2. Select your internal implementation team. Determine who needs to be involved closely with the implementation. Key stakeholders should also be considered as members of your implementation team.
    3. Identify the number of external consultants/support required for implementation. Consider your in-house skills, timeline considerations, integration environment complexity, and cost constraints as you make your team composition plan. Be sure to dedicate an internal resource to managing the vendor and partner relationships.
    4. Document the roles and responsibilities, accountabilities, and other expectations of your team as they relate to each step of the implementation.
    Input Output
    • Skills assessment
    • Stakeholder analysis
    • Vendor partner selection
    • Team composition
    Materials Participants
    • Sticky notes
    • Whiteboard
    • Markers
    • Project Team

    Governance and Management of Enterprise Software Implementation

    Follow our iterative methodology with a task list focused on the business must-have functionality to achieve rapid execution and to allow staff to return to their daily work sooner.

    Visit this link

    Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication Proximity Trust
    Teams must have some type of communication strategy. This can be broken into:
    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value can encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.
    Distributed teams create complexity as communication can break down. This can be mitigated by:
    • Location: Placing teams in proximity can close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication tools: Having the right technology (e.g. video conference) can help bring teams closer together virtually.
    Members should trust that other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:
    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role clarity: Having a clear definition of what everyone’s role is.

    Create a formal communication process throughout the EAS implementation

    Establish a comprehensive communication process around the EAS enterprise roll-out to ensure that end users stay informed.

    The EAS kick-off meeting(s) should encompass:

    • Target business-user requirements
    • Target quality of service (QoS) metrics
    • Other IT department needs
    • Special consideration needs
    • Tangible business benefits of application
    • The high-level application overview

    The overall objective for inter-departmental EAS kick-off meetings is to confirm that all parties agree on certain key points and understand platform rationale and functionality.

    The kick-off process will significantly improve internal communications by inviting all affected internal IT groups, including business units, to work together to address significant issues before the application process is formally activated.

    Department groups or designated trainers should take the lead and implement a process for:

    • Scheduling EAS platform roll-out/kick-off meetings.
    • Soliciting preliminary input from the attending groups to develop further training plans.
    • Establishing communication paths and the key communication agents from each department who are responsible for keeping lines open moving forward.

    Plan for your implementation of EAS based on deployment model

    Place your EAS solution into your IT landscape by configuring and adjusting the tool based on your specific deployment method.

    On-Premises SaaS-based
    1. Identify custom features and configuration items
    2. Train developers and IT staff on new software investment
    3. Install software
    4. Configure software
    5. Test installation and configuration
    6. Test functionality
    1. Train developers and IT staff on new software investment
    2. Set up connectivity
    3. Identify VPN or internal solution
    4. Check firewalls
    5. Validate bandwidth regulations

    Integration is a top IT challenge and critical to the success of the EAS solution

    EAS solutions are most effective when they are integrated with ERP, HRIS, and CRM solutions.

    Data interchange between the EAS solution and other data sources is necessary Formulate a comprehensive map of the systems, hardware, and software with which the EAS solution must be able to integrate. Master data needs to constantly be synchronized; without this, you lose out on one of the primary benefits of integration. These connections should be bidirectional for maximum value (i.e. marketing data to the CRM, customer data to MMS).
    Specialized projects that include an intricate prospect or customer list and complex rules may need to be built by IT The more custom fields you have in your EAS and point solutions, the more schema mapping you will have to do. Include this information in the RFP to receive guidance from vendors regarding the ease with which integration can be achieved.
    Pay attention to legacy apps and databases If you have a legacy EAS and databases, more custom code will be required. Many vendors claim that custom integrations can be performed for most systems, but custom comes at a cost. Don’t just ask if they can integrate; ask how long it will take and for references from organizations which have been successful in this.

    Scenario: Failure to address EAS data integration will cost you in the long run

    A company spent $15 million implementing a new CRM system in the cloud and decided NOT to spend an additional $1.5 million to do a proper cloud DI tool procurement. The mounting costs followed.

    Cost element – Custom Data Integration $
    2 FTEs for double entry of sales order data $ 100,000/year
    One-time migration of product data to CRM $ 240,000 otc
    Product data maintenance $ 60,000/year
    Customer data synchronization interface build $ 60,000 otc
    Customer data interface maintenance $ 10,000/year
    Data quality issues $ 100,000/year
    New SaaS integration built in year 3 $ 300,000 otc
    New SaaS integration maintenance $ 150,000/year
    Cost element – Data Integration Tool $
    DI strategy and platform implementation $1,500,000 otc
    DI tool maintenance $ 15,000/year
    New SaaS integration point in year 3 $ 300,000 otc

    Comparison of Solution TCOs Chart

    Custom integration is costing this organization $300,000/year for one SaaS solution.

    The proposed integration solution would have paid for itself in 3-4 years and saved exponential costs in the long run.

    Proactively address data quality in the EAS during implementation

    Data quality is a make-or-break issue in an EAS platform; garbage in is garbage out.

    • EAS solutions are one of the leading offenders for generating poor quality data. As such, it’s important to have a plan in place for structuring your data architecture in such a way that poor data quality is minimized from the get-go.
    • Having a plan for data quality should precede data migration efforts; some types of poor data quality can be mitigated prior to migration.
    • There are five main types of poor-quality data found in EAS platforms.
      • Duplicate data: Duplicate records can be a major issue. Leverage dedicated de-dupe tools to eliminate them.
      • Stale data: Out-of-date customer information can reduce the usefulness of the platform. Use automated social listening tools to help keep data fresh.
      • Incomplete data: Records with missing info limit platform value. Specify data validation parameters to mandate that all fields are filled in.
      • Invalid and conflicting data: Can create cascading errors. Establishing conflict resolution rules in ETL tools for data integration can reduce issues.

    Info-Tech Insight
    If you have a complex EAS environment, appoint data stewards for each major domain and procure a de-dupe tool. As the complexity of EAS system-to-system integrations increase, so will the chance that data quality errors will crop up – for example, bi-directional POI with other sources of customer information dramatically increase the chances of conflicting/duplicate data.

    Profile data, eliminate dead weight, and enforce standards to protect data

    Identify and eliminate dead weight Poor data can originate in the firm’s EAS system. Custom queries, stored procedures, or profiling tools can be used to assess the key problem areas.
    Loose rules in the EAS system lead to records of no significant value in the database. Those rules need to be fixed, but if changes are made before the data is fixed, users could encounter database or application errors, which will reduce user confidence in the system.
    • Conduct a data flow analysis: map the path that data takes through the organization.
    • Use a mass cleanup to identify and destroy dead weight data. Merge duplicates either manually or with the aid of software tools. Delete incomplete data, taking care to reassign related data.
    • COTS packages typically allow power users to merge records without creating orphaned records in related tables, but custom-built applications typically require IT expertise.
    Create and enforce standards and policies Now that the data has been cleaned, it’s important to protect the system from relapsing.
    Work with business users to find out what types of data require validation and which fields should have changes audited. Whenever possible, implement drop-down lists to standardize values and make programming changes to ensure that truncation ceases.
    • Truncated data is usually caused by mismatches in data structures during either one-time data loads or ongoing data integrations.
    • Don’t go overboard on assigning required fields; users will just put key data in note fields.
    • Discourage the use of unstructured note fields: the data is effectively lost except if it gets subpoenaed.

    Info-Tech Insight
    Data quality concerns proliferate with the customization level of your platform. The more extensive the custom integration points and module/database extensions that you have made, the more you will need to have a plan in place for managing data quality from a reactive and proactive standpoint.

    Ensure requirements are met with robust user acceptance testing

    User acceptance testing (UAT) is a test procedure that helps to ensure end-user requirements are met. Test cases can reveal bugs before the suite is implemented.

    Five secrets of UAT success

    1 Create the plan With the information collected from requirements gathering, create the plan. Make sure this information is added to the main project plan documentation.
    2 Set the agenda The time allotted will vary depending on the functionality being tested. Ensure that the test schedule allows for the resolution of issues and discussion.
    3 Determine who will participate Work with relevant stakeholders to identify the people who can best contribute to system testing. Look for experienced power users who have been involved in earlier decision making about the system.
    4 Highlight acceptance criteria With the UAT group, pinpoint the criteria to determine system acceptability. Refer to requirements specified in use cases in the initial requirements-gathering stages of the project.
    5 Collect end user feedback Weaknesses in resolution workflow design, technical architecture, and existing customer service processes can be highlighted and improved with ongoing surveys and targeted interviews.

    Calculate post-deployment metrics to assess measurable value of the project

    Track the post-deployment results from the project and compare the metrics to the current state and target state.

    EAS selection and implementation metrics
    Description Formula Current or estimated Target Post-deployment
    End-user satisfaction # of satisfied users
    # of end users
    70% 90% 85%
    Percentage over/under estimated budget Amount spent – 100%
    Budget
    5% 0% 2%
    Percentage over/under estimated timeline Project length – 100%
    Estimated timeline
    10% -5% -10%
    EAS strategy metrics
    Description Formula Current or estimated Target Post-deployment
    Number of leads generated (per month) # of leads generated 150 200 250
    Average time to resolution (in minutes) Time spent on resolution
    # of resolutions
    30 minutes 10 minutes 15 minutes
    Cost per interaction by campaign Total campaign spending
    # of customer interactions
    $17.00 $12.00 $12.00

    Continue to adapt your governance model

    Your EAS and applications environment will continue to evolve. Make sure your governance model is always ready to capture the everchanging needs.

    Business needs will not stop changing whether you have an ongoing EAS or other application project. It is thus important to keep your governance efficient and streamlined to capture these needs to then make the EAS continue deliver value and remain aligned to long-term corporate objectives.

    Visit this link

    Summary of Accomplishment

    Select an Enterprise Application

    EAS technology is critical to facilitating an organization’s flow of information across business units. It allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making. Having a structured approach to gathering the necessary resources, defining key requirements, and engaging with the right shortlist of vendors to pick the best finalist is crucial.

    This selection guide allows organizations to execute a structured methodology for picking an EAS that aligns with their needs. This includes:

    • Alignment and prioritization of key business and technology drivers for an EAS selection.
    • Identification and prioritization of the EAS requirements.
    • Construction of a robust EAS RFP.
    • A strong market scan of key players.
    • A survey of crucial implementation considerations.

    This formal EAS selection initiative will drive business-IT alignment, identify data and integration priorities, and allow for the rollout of a platform that’s highly likely to satisfy all stakeholder needs.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Research Contributors

    Name Title Organization
    Anonymous Anonymous Telecommunications industry
    Anonymous Anonymous Construction material industry
    Anonymous Anonymous Automotive industry
    Corey Tenenbaum Head of IT Taiga Motors
    Mark Earley Director, Consulting Info-Tech Research Group
    Ricardo di Olivera Research Director, Enterprise Applications Info-Tech Research Group

    Bibliography

    “2016 Report on ERP Systems and Enterprise Software.” Panorama Consulting Solutions, 2016. Web.

    “2018 Report on ERP Systems and Enterprise Software.” Panorama Consulting Solutions, 2018. Web.

    “2022 HRIS Software Report.” SoftwarePath, 2022 . Web

    Cross-Industry Process Classification Framework (PCF) Version 7.2.1. APQC, 26 Sept. 2019. Web.

    “Doomed From the Start? Why a Majority of Business and IT Teams Anticipate Their Software Development Projects Will Fail.” Geneca, 25 Jan. 2017. Web.

    Farhan, Marwa Salah, et al. “A Systematic Review for the Determination and Classification of the CRM Critical Success Factors Supporting with Their Metrics.” Future Computing and Informatics Journal, vol. 3, no. 2, Dec. 2018, pp. 398–416.

    Gheorghiu, Gabriel. “ERP Buyer’s Profile for Growing Companies.” SelectHub, 23 Sept. 2022. Web

    “Process Frameworks.” APQC, 4 Nov. 2020. Web.

    “Process vs. Capability: Understanding the Difference.” APCQ, 2017. Web.

    Savolainen, Juha, et al. “Transitioning from Product Line Requirements to Product Line Architecture.” 29th Annual International Computer Software and Applications Conference (COMPSAC'05), IEEE, vol. 1, 2005, pp. 186-195, doi: 10.1109/COMPSAC.2005.160

    Saxena, Deepak, and Joe McDonagh. "Evaluating ERP Implementations: The Case for a Lifecycle based Interpretive Approach." Electronic Journal of Information Systems Evaluation 22.1 (2019): pp29-37.

    “SOA Reference Architecture – Capabilities and the SOA RA.” The Open Group, TOGAF, n.d. Web.

    Smith, Anthony. “How To Create A Customer-Obsessed Company Like Netflix.” Forbes, 12 Dec. 2017. Web.

    "The Moscow Method", MindTools. Web.

    “The State of CRM Data Management 2020.” Validity, 2020. Web.

    “The State of Project Management Annual Survey 2018.” Wellingtone, 2018. Web.

    “Why HR Projects Fail.” Unleash, 2021. Web

    Implement and Optimize Application Integration Governance

    • Buy Link or Shortcode: {j2store}361|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • Enterprises begin integrating their applications without recognizing the need for a managed and documented governance model.
    • Application Integration (AI) is an inherently complex concept, involving the communication among multiple applications, groups, and even organizations; thus developing a governance model can be overwhelming.
    • The options for AI Governance are numerous and will vary depending on the size, type, and maturity of the organization, adding yet another layer of complexity.

    Our Advice

    Critical Insight

    • Governance is essential with integrated applications. If you are planning to integrate your applications, you should already be considering a governance model.
    • Proper governance requires oversight into chains of responsibility, policy, control mechanisms, measurement, and communication.
    • People and process are key. Technology options to aid in governance of integrated apps exist, but will not greatly contribute to the success of AI.

    Impact and Result

    • Assess your capabilities and determine which area of governance requires the most attention to achieve success in AI.
    • Form an Integration Center of Competency to oversee AI governance to ensure compliance and increase success.
    • Conduct ongoing training with your personnel to ensure up-to-date skills and end user understanding.
    • Frequently revisit your AI governance strategy to ensure alignment with business goals.

    Implement and Optimize Application Integration Governance Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Implement and optimize Application Integration Governance

    Know where to start and where to focus your attention in the implementation of an AI governance strategy.

    • Storyboard: Implement and Optimize Application Integration Governance

    2. Assess the organization's capabilities in AI Governance

    Assess your current and target states in AI Governance.

    • Application Integration Governance Gap Analysis Tool

    3. Create an Integration Center of Competency

    Have a governing body to oversee AI Governance.

    • Integration Center of Competency Charter Template

    4. Establish AI Governance principles and guidelines

    Create a basis for the organization’s AI governance model.

    • Application Integration Policy and Principles Template

    5. Create an AI service catalog

    Keep record of services and interfaces to reduce waste.

    • Integration Service Catalog Template
    [infographic]

    Simplify Remote Deployment With Zero-Touch Provisioning

    • Buy Link or Shortcode: {j2store}310|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $5,199 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: End-User Computing Strategy
    • Parent Category Link: /end-user-computing-strategy

    Provide better end-user device support to a remote workforce:

    • Remain compliant while purchasing, deploying, supporting, and decommissioning devices.
    • Save time and resources during device deployment while providing a high-quality experience to remote end users.
    • Build a set of capabilities that will let you support different use cases.

    Our Advice

    Critical Insight

    • Zero-touch is more than just deployment. This is more difficult than turning on a tool and provisioning new devices to end users.
    • Consider the entire user experience and device lifecycle to show value to the organization. Don’t forget that you will eventually need to touch the device.

    Impact and Result

    Approach zero-touch provisioning and patching from the end user’s experience:

    • Align your zero-touch approach with stakeholder priorities and larger IT strategies.
    • Build your zero-touch provisioning and patching plan from both the asset lifecycle and the end-user perspective to take a holistic approach that emphasizes customer service.
    • Tailor deployment plans to more easily scope and resource deployment projects.

    Simplify Remote Deployment With Zero-Touch Provisioning Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should adopt zero-touch provisioning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Design the zero-touch experience

    Design the user’s experience and build a vision to direct your zero-touch provisioning project. Update your ITAM practices to reflect the new experience.

    • Zero-Touch Provisioning and Support Plan
    • HAM Process Workflows (Visio)
    • HAM Process Workflows (PDF)
    • End-User Device Management Standard Operating Procedure

    2. Update device management, provisioning, and patching

    Leverage new tools to manage remote endpoints, keep those devices patched, and allow users to get the apps they need to work.

    • End-User Device Build Book Template

    3. Build a roadmap and communication plan

    Create a roadmap for migrating to zero-touch provisioning.

    • Roadmap Tool
    • Communication Plan Template
    [infographic]

    Analyze Your Service Desk Ticket Data

    • Buy Link or Shortcode: {j2store}483|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $6,499 Average $ Saved
    • member rating average days saved: 3 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Leverage your service desk ticket data to gain insights for your service desk strategy.

    Our Advice

    Critical Insight

    • Properly analyzing ticket data is challenging for the following reasons:
      • Poor ticket hygiene and unclear ticket handling means the data is often inaccurate or incomplete.
      • Service desk personnel are not sure where to start with analysis.
      • Too many metrics are tracked to parse actionable data from the noise.
    • Ticket data won’t give you a silver bullet, but it can help point you in the right direction.

    Impact and Result

    • Create an iterative framework for tracking metrics, keeping data clean, and actioning your data on day-to-day and month-to-month timelines.

    Analyze Your Service Desk Ticket Data Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should analyze your service desk ticket data, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Import your ticket data

    Enter your data into our tool. Compare your own ITSM ticket fields to improve ticket data moving forward.

    • Service Desk Ticket Analysis Tool

    2. Analyze your ticket data

    Use the ticket analysis tool as a guide to build your own operational dashboards to measure metrics over time. Gain actionable insights from your data.

    • Ticket Analysis Report

    3. Action your ticket data

    Use the data to communicate your findings to the business and leadership using the Ticket Analysis Report.

    [infographic]

    Further reading

    INFO-TECH RESEARCH GROUP

    Analyze Your Service Desk Ticket Data

    Take a data-driven approach to service desk optimization.

    EXECUTIVE BRIEF

    Analyst Perspective

    Photo of Benedict Chang, Research Analyst, Infrastructure & Operations, Info-Tech Research Group

    Benedict Chang
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Photo of Ken Weston ITIL MP, PMP, Cert.APM, SMC, Research Director, Infrastructure & Operations, Info-Tech Research Group

    Ken Weston ITIL MP, PMP, Cert.APM, SMC
    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    The perfect time to start analyzing your ticket data is now

    Service desks improve their services by leveraging ticket data to inform their actions. However, many organizations don’t know where to start. It’s tempting to wait for perfect data, but there’s a lot of value in analyzing your ticket data as it exists today.

    Start small. Track key tension metrics based on the out-of-the-box functionality in your tool. Review the metrics regularly to stay on track.

    By reviewing your ticket data, you’re going to get better organically. You’re going to learn about the state of your environment, the health of your processes, and the quality of your services. Regularly analyze your data to drive improvements.

    Make ticket analysis a weekly habit. Every week, you should be evaluating how the past week went. Every month, you should be looking for patterns and trends.

    Executive Summary

    Your Situation

    Leverage your service desk ticket data to gain insights for improving your operations:

    1. Use a data-based approach to allocate service desk resources.
    2. Design appropriate SLOs and SLAs to better service end users.
    3. Gain efficiencies for your shift-left strategy.
    4. Communicate the current and future value of the service desk to the business.

    Common Obstacles

    Properly analyzing ticket data is challenging for the following reasons:

    • Poor ticket hygiene and unclear ticket handling guidelines can lead to untrustworthy results.
    • Undocumented tickets from various intake channels prevents you from seeing the whole picture.
    • Service desk personnel are not sure where to start with analysis and are too busy to find time.
    • Too many metrics are tracked to parse actionable insights from the noise.

    Info-Tech’s Approach

    Info-Tech’s approach to improvement:

    • To reduce the noise, standardize your ticket data in a format that will ease analysis.
    • Start with common analyses using the cleaned data set.
    • Identify action items based on your ticket data.

    Analyze your ticket data to help continually improve your service desk.

    Slow down. Give yourself time.

    Give yourself time to observe the new metrics and draw enough insights to make recommendations for improvement. Then, execute on those recommendations. Slow and steady improvement of the service desk only adds business value and will have a positive impact on customer satisfaction.

    Your challenge

    This research is designed to help service desk managers analyze their ticket data

    Analyzing ticket data involves:

    • Collecting ticket data and keeping it clean. Based on the metrics you’re analyzing, define ticket expectations and keep the data up to date.
    • Showing the value of the service desk. SLAs are meaningless if they are not met consistently. The prerequisite to implementing proper SLAs is fully understanding the workload of the service desk.
    • Understanding – and improving – the user experience. You cannot improve the user experience without meaningful metrics that allow you to understand the user experience. Different user groups will have different needs and different expectations of the level of service. Your metrics should reflect those needs and expectations.

    36% of organizations are prioritizing ticket handling in IT for 2021 (Source: SDI, 2021)

    12% of organizations are focusing directly on service desk improvement (Source: SDI, 2021)

    Common obstacles

    Many organizations face these barriers to analyzing their ticket data:

    • Finding time to properly analyze ticket data is a challenge. Not knowing where to start can lead to not analyzing the proper data. Service desks end up either tracking too much data or not tracking the proper metrics.
    • Data, even if clean, can be housed in various tools and databases. It’s difficult to aggregate data if the data is stored throughout various tools. Comparisons may also be difficult if the data sets aren’t consistent.
    • Shifting left to move tickets toward self-service is difficult when there is no visibility into which tickets should be shifted left.

    What your peers are saying about why they can’t start analyzing their ticket data:

    • “My technicians do not consistently update and close tickets.”
    • “My ITSM doesn’t have the capabilities I need to make informed decisions on shifting tickets left.”
    • “My tickets are always missing data”
    • “I’m constantly firefighting. I have no time for ticket data analysis.”
    • “I have no idea where to start with the amount of data I have.”
    (Source: Info-Tech survey, 2021; N=20.)

    Common obstacles that prevent effective ticket analysis

    We asked IT service desk managers and teams about their biggest hurdles

    Missing or Inaccurate Information
    • Lack of information in the ticket
    • Categories are too general/specific to draw insights
    • Poor ticket hygiene
    Missing Updates
    • Tickets aren’t updated while being resolved
    Correlating Tickets to Identify Trends
    • Not sure where to start with all the data at hand
    No Time
    • No time to figure out the tool or analyze the data properly
    Ineffective Categorization Schemes
    • Reduces the power of ticket data
    Tool Limitations
    • Can’t be easily customized
    • Too customized to be effective
    • Desired dashboards unavailable
    (Source: Info-Tech survey, 2021; N=20)

    Info-Tech’s approach

    Repeat this analysis every business cycle:

    • Gather Your Data
      Collect your ticket data OR start measuring the right metrics.
    • Extract & Analyze
      Organize and visualize your data to extract insights
    • Action the Results
      Implement low-effort improvements and celebrate quick successes.
    • Implement Larger Changes
      Reference your ticket data while implementing process, tooling, and other changes.
    • Communicate the Results
      Use your data to show the value of your effort.

    Measure the value of this blueprint

    Track these metrics as you improve

    Use the data to tell you which aspects of IT need to be shifted left and which need to be automated

    Your data will show you where you can improve.

    As you act on your data, you should see:

    • Lower costs per ticket
    • Decreased average time to resolve
    • Increased end-user satisfaction
    • Fewer tickets escalated beyond Tier 1

    An illustration of the 'Shift Left Strategy' using three line graphs arranged in a table with the same axes but representing different metrics. The header row is 'Metrics,' then values of the x-axes are 'Auto-Fix,' 'User,' 'Tier 1,' 'Tier2/Tier3,' and 'Vendor.' Under 'Metrics' we see 'Cost,' 'Time,' and 'Satisfaction.' The 'Cost' graph begins 'Low' at 'Auto-Fix' and gradually moves to 'High' at 'Vendor.' The 'Time' graph begins 'Low' at 'Auto-Fix' and gradually moves to 'High' at 'Vendor.' The 'Satisfaction' graph begins 'High' at 'Auto-Fix' and gradually moves to 'Low' at 'Vendor.' Below is an arrow directing us away from the 'Vendor' option and toward the 'Auto-Fix' option, 'Shift Ticket Resolution Left.'

    See Info-Tech’s blueprint Optimize the Service Desk With a Shift-Left Strategy.

    Info-Tech’s methodology for analyzing service desk tickets

    1. Import Your Ticket Data 2. Analyze Your Ticket Data 3. Communicate Your Insights
    Phase Steps
    1. Import Your Ticket Data
    1. Analyze High-Level Ticket Data
    2. Analyze Incidents, Service Requests, and Ticket Categories
    1. Build Recommendations
    2. Action and Communicate Your Ticket Data
    Phase Outcomes Enter your data into our tool. Compare your own ITSM ticket fields to improve ticket data moving forward. Use the Service Desk Ticket Analysis Tool as a guide to build your own operational dashboards to measure metrics over time. Gain actionable insights from your data. Use the data to communicate your findings to the business and leadership using the Ticket Analysis Report.

    Insight summary

    Slow down. Give yourself time.

    Give yourself time to observe the new metrics and draw enough insights to make recommendations for improvement. Then, execute on those recommendations. Slow and steady improvement of the service desk only adds business value and will have a positive impact on customer satisfaction.

    Iterate on what to track rather than trying to get it right the first time.

    Tracking the right data in your ticket can be challenging if you don’t know what you’re looking for. Start with standardized fields and iterate on your data analysis to figure out your gaps and needs.

    If you don’t know where to go, ticket data can point you in the right direction.

    If you have service desk challenges, you will need to allocate time to process improvement. However, prioritizing your initiatives is easier if you have the ticket data to point you in the right direction.

    Start with data from one business cycle.

    Service desks don’t need three years’ worth of data. Focus on gathering data for one business cycle (e.g. three months). That will give you enough information to start generating value.

    Let the data do the talking.

    Leverage the data to drive organizational and process change in your organization by tracking meaningful metrics. Choose those metrics using business-aligned goals.

    Paint the whole picture.

    Single metrics in isolation, even if measured over time, may not tell the whole story. Make sure you design tension metrics where necessary to get a holistic view of your service desk.

    Blueprint deliverables

    This blueprint’s key deliverable is a ticket analysis tool. Many of the activities throughout this blueprint will direct you to complete and interpret this tool. The other main deliverable is a stakeholder presentation template to help you document the outcomes of the project.
    Service Desk Ticket Analysis Tool Ticket Analysis Report
    Use this tool to identify trends and patterns in your ticket data to action improvement initiatives.

    Sample of the Service Desk Ticket Analysis Tool blueprint deliverable.

    Use this template to document the justification for addressing service desk improvement, the results of your analysis, and your next steps.

    Sample of the Ticket Analysis Report blueprint deliverable.

    Blueprint benefits

    IT Benefits

    • Discover and implement the proper metrics to improve your service desk
    • Use a data-based approach to improve your customer service and operational goals
    • Increase visibility with the business and other IT departments using a structured presentation

    Business Benefits

    • Quicker resolutions to incidents and service requests
    • Better expectations for the service desk and IT
    • Better visibility into the current state, challenges, and goals of the service desk
    • More effective support when contacting the service desk

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 3-4 calls over the course of 2-3 months.

    What does a typical GI on this topic look like?

      Phase 1

    • Call #1: Scope requirements, objectives, and your specific challenges. Enter your data into the tool.
    • Phase 2

    • Call #2: Assess the current state across the different dashboards.
    • Phase 3

    • Call #3: Identify improvements and insights to include in the communication report.
    • Call #4: Review the service desk ticket analysis report.

    PHASE 1

    Import Your Ticket Data

    This phase will walk you through the following activities:

    • 1.1.1 Define your objectives for analyzing ticket data
    • 1.1.2 Identify success metrics
    • 1.1.3 Import your ticket data into the tool
    • 1.1.4 Update your ticket fields for future analysis

    This phase involves the following participants:

    • Service Desk Manager
    • ITSM Manager
    • Service Desk Technician

    1.1.1 Define your objectives for analyzing ticket data

    Input: Understanding of current service desk process and ticket routing

    Output: Defined objectives for the project

    Materials: Whiteboard/flip charts, Ticket Analysis Report

    Participants: Service Desk Staff, Service Desk Manager, IT Director, CIO

    Use the discussion questions below as a guide
    1. Identify your main objective for analyzing ticket data. Use these three sample objectives as a starting point:
      • Demonstrate value to the business by improving customer service.
      • Improve service desk operations.
      • Reduce the number of recurring incidents.
    2. Answer the following questions as a group:
      • What challenges do you have getting accurate data for this objective?
      • What data is missing for supporting this objective?
      • What kind of issues must be solved for us to make progress on achieving this objective?
      • What decisions are held up from a lack of data?
      • How can better ticket data help us to more effectively manage our services and operations?

    Document in the Ticket Analysis Report.

    1.1.2 Identify success metrics

    Select metrics that will track your progress on meeting the objective identified in Activity 1.1.1.

    Input: Understanding of current service desk process and ticket routing

    Output: Defined objectives for the project

    Materials: Whiteboard/flip charts, Ticket Analysis Report

    Participants: Service Desk Manager, IT Director, CIO

    Use these sample metrics as a starting point:
    Demonstrate value to the business by improving customer service
    Ticket trends by category by month # tickets by business department % SLAs met by IT teams
    Average customer satisfaction rating % incident tickets closed in one day Service request SLAs met by % Annual IT satisfaction survey result
    Improve service desk operations
    Incident tickets assigned, sorted by age and priority Scheduled requests for today and tomorrow Knowledgebase articles due for renewal this month Top 5-10 tickets for the quarter
    Unassigned tickets by age # incident tickets assigned by tech Open tickets by category Backlog summary by age
    Reducing the number of recurring incidents
    # incidents by category and resolution code Number of problem tickets opened and resolved Correlation of ticket volume trends to events Reduction of volume of recurring tickets
    Use of knowledgebase by users Use of self-service for ticket creation Use of service catalog Use of automated features (e.g. password resets)
    Average call hold time % calls abandoned Average resolution time Number of tickets reopened

    Document in the Ticket Analysis Report.

    Inefficient ticket-handling processes lead to SLA breaches and unplanned downtime

    Analyze the ticket data to catch mismanaged or lost tickets that lead to unnecessary escalations and impact business profitability

    • Ticket Category – Are your tickets categorized by type of asset? By service?
    • Average Ticket Times – How long does it take to resolve or fulfill tickets?
    • Ticket Priority – What is the impact and urgency of the ticket?
    • SLA/OLA Violations – Did we meet our SLA objectives? If not, why?
    • Ticket Channel – How was the issue reported or ticket received?
    • Response and Fulfillment – Did we complete first contact resolution? How many times was it transferred?
    • Associated Tasks and Tickets – Is this incident associated with any other tasks like change tickets or problem tickets?

    Encourage proper ticket-handling procedures to enable data quality

    Ensure everyone understands the expectations and the value created from having ticket data that follows these expectations

    • Create and update tickets, but not at the expense of good customer service. Agents can start the ticket but shouldn’t spend five minutes creating the ticket when they should be troubleshooting the problem.
    • Update the ticket when the issue is resolved or needs to be escalated. If agents are escalating, they should make sure all relevant information is passed along within the ticket to the next technician.
    • Update user of ETA if issue cannot be resolved quickly.
    • Ticket templates for common incidents can lead to fast creation, data input, and categorizations. Templates can reduce the time it takes to create tickets from two minutes to 30 seconds.
    • Update categories to reflect the actual issue and resolution.
    • Reference or link to the knowledgebase article as the documented steps taken to resolve the incident.
    • Validate with the client that the incident is resolved; automate this process with ticket closure after a certain time.
    • Close or resolve the ticket on time.

    Info-Tech Insight

    Ticket handling ensures clean handovers, whether it is to higher tiers or back to the customer. When filling the ticket out with information intended for another party, ensure the information is written for their benefit and from their point of view.

    Service Desk Ticket Analysis Tool overview

    The Service Desk Ticket Analysis Tool will help you standardize your ticket data in a meaningful format that will allow you to apply common analyses to identify the actions you need to take to improve service desk operations

    TABS 1 & 2
    INSTRUCTIONS & DATA ENTRY
    TAB 3 : TICKET SUMMARY
    TICKET SUMMARY DASHBOARDS
    TABS 4 to 8: DASHBOARDS
    INCIDENT SERVICE REQUEST CATEGORY
    Sample of the Service Desk Ticket Analysis Tool, tabs 1 & 2.
    Input at least three months of your exported ticket data into the corresponding columns in the tool to feed into the common analysis graphs in the other tabs.
    Sample of the Service Desk Ticket Analysis Tool, tab 3.
    This tab contains multiple dashboards analyzing how tickets come in, who requests them, who resolves them, and how long it takes to resolve them.
    Sample of the Service Desk Ticket Analysis Tool, tabs 4 to 8.
    These tabs each have dashboards outlining analysis on incidents and service requests. The category tab will allow you to dive deeper on commonly reported issues.

    1.1.3 Import your data into our Service Desk Ticket Analysis Tool

    You can still leverage your current data, but use this opportunity to improve your service desk ticket fields down the line

    Input: ITSM data log

    Output: Populated Service Desk Ticket Data Analysis Tool

    Materials: Whiteboard/flip charts, Service Desk Ticket Analysis Tool

    Participants: Service Desk Manager, Service Desk Technicians

    Start here:

    • Extract your ticket data from your ITSM tool in an Excel or text format.
    • Look at the fields on the data entry tab of the Service Desk Ticket Analysis Tool.
    • Fill the fields with your ticket data by copying and pasting relevant sections. It is okay if you don’t have all the fields, but take note of the fields you are missing.
    • With the list of the fields you are missing, run through the following activity to decide if you will need to adopt or add fields to your own service desk ticket tool.
    Fields Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    When entering your data, pay close attention to the following fields:

    • Time to Resolve: This is automatically calculated using data in the Open Date, Open Time, Close Date, and Close Time fields. You have three options for entering your data in these fields:
      1. Enter your data as the fields describe. Ensure your data contain only the field description (e.g. Open Date separated from Open Time). If your data contain Open Date AND Open Time, Excel will not show both.
      2. Enter your data only in Open Date and Close Date. If your ITSM does not separate date and time, you can keep the data in a single cell and enter it in the column. The formula in Time to Resolve will still be accurate.
      3. If your ITSM outputs Time to Resolve, overwrite the formula in the Time to Resolve column.
    • SLA: If your ITSM outputs SLA fulfilled: Y/N, enter that directly into the SLA Fulfilled column.
    • Blank Columns: If you do not have data for all the columns, that is okay. Continue with the following activity. Note that some stock dashboards will be empty if that is the case.
    • Incidents vs. Service Requests: If you separate incidents and service requests, be sure to capture that in the SR/Incident for Tabs 4 and 5. If you do not separate the two, then you will only need to analyze Tab 3.
    Fields Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    Use Info-Tech’s tool instead of building your own. Download the Service Desk Ticket Analysis Tool.

    1.1.4 Update your ticket fields for future analysis

    Input: Populated Service Desk Ticket Data Analysis Tool

    Output: New ticket fields to track

    Materials: Whiteboard/flip charts, Service Desk Ticket Analysis Tool

    Participants: Service Desk Manager, Service Desk Technicians

    As a group, pay attention to the ticket fields populated in the tool as well as the ticket fields that you were not able to populate. Use the example “Fields Captured” table to the right, which lists all fields present in the ticket analysis tool.

    Discuss the following questions:

    1. Consider the fields not captured. Would it be valuable to start capturing that data for future analysis?
    2. If so, does your ITSM support that field?
    3. Can you make the change in-house or do you have to bring in an external ITSM administrator to make the change?
    4. Capture the results in the Ticket Analysis Report.
    Example: Fields Captured - Fields Not Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    Document in the Ticket Analysis Report.

    Info-Tech Insight

    Don’t wait for your ticket quality to be perfect. You can still draw actions from your ticket data. They will likely be process improvements initially, but the exercise of pulling the data is a necessary first step.

    Common ticket fields tracked by your peers

    Which of these metrics do you track and action?

    • Remember you don’t have to track every metric. Only track metrics that are actionable.

    For each metric that you end up tracking:

    • Look for trends over time.
    • Brainstorm reasons why the metric could rise or fall.

    Associate a metric with each improvement you execute.

    • Performing this step will allow you to better see the value from your team’s efforts.
    • It will also give you a quicker response than waiting for spikes in your data.

    A bar chart of 'Metrics tracked by other organizations' with the x-axis populated by different metrics and the y-axis as '% organizations who track the metric'. The highest percentage of businesses track 'Ticket volume', then 'Ticket trends by category', then 'Tickets by business units'. The lowest three shown are 'Reopened tickets', 'Cost per ticket', and 'Other'.(Source: Info-Tech survey, 2021; N=20)

    PHASE 2

    Analyze Your Ticket Data

    This phase will walk you through the following activities:

    • 2.1.1 Review high-level ticket dashboards
    • 2.2.1 Review incident, service request, and ticket category dashboards

    This phase involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Visualize your ticket data as a first step to analysis

    Identifying trends is easier when looking at diagrams, graphs, and figures

    Start your analysis with common visuals employed by other service desk professionals

    • Phase 2 will walk you through visualizing your data to get a better understanding of your ticket intake, incident management, and service request management.
    • Each step will walk you through:
      • Common visualizations used by service desks
      • Patterns to look for in your visualizations
      • Actions to take to address negative patterns and to continue positive trends
    • Share diagrams that underscore both the value being provided by the service desk as well as the scope of the pain points. Use Info-Tech’s Ticket Analysis Report template as a starting point.

    “Being able to tell stories with data is a skill that’s becoming ever more important in our world of increasing data and desire for data-driven decision making. An effective data visualization can mean the difference between success and failure when it comes to communicating the findings of your study, raising money for your nonprofit, presenting to your board, or simply getting your point across to your audience.” - Cole Knaflic, Founder and CEO, Storytelling with Data: A Data Visualization Guide for Business Professionals

    Use the detailed dashboards to determine the next steps for improvement

    A single number doesn’t tell the whole picture

    Analyze trends over time:

    • Analyze trends by day, by week, by month, and by year to determine:
      • When are the busy periods? (E.g. Do tickets tend to spike every morning, every Monday, or every September?)
      • When are the slow periods? (E.g. Do tickets drop at the end of the day, at midday, on Fridays, or over the summer?)
    • Are spikes or drops in volume consistent trends or one-time anomalies?

    Then build a plan to address them:

    • How will you handle volume spikes, if they’re consistent?
    • What can your resources work on during slow times, if they are consistent?
    • If you assume no shrinkage, can you handle the peaks in volume if you make all FTEs available to work on tickets at a certain time of day?

    Sample of a bar chart comparing tickets that were 'Backlog versus Closed by Month Opened'.

    Look for seasonal trends. In this example, we see high ticket volumes in May and January, with lower ticket volumes in June and July when many staff are taking holidays. However, also be careful to look at the big picture of how you pulled the data. August through October sees a high volume of open tickets because the data set is pulled in November, not because there’s a seasonal spike on tickets not closing at the end of the fiscal year.

    Track ticket data over time

    Make low-effort adjustments before major changes

    Don’t rush to a decision based off the first numbers you see

    Review ticket summary dashboard

    Ideally, you should track ticket patterns over an entire year to get a full sense of trends within each month of the year. At minimum, track for 30 days, then 60, then 90, and see if anything changes. The longer you can track ticket patterns, the more accurate your picture will be.

    Review additional dashboards

    If you separate incidents and service requests, and you have accurate ticket categories, then you can use these dashboards to further break down the data to identify ticket trends.

    The output of the ticket analysis will only be as accurate as its input.
    To get the most accurate results, first ensure your data is accurate, then analyze it over as much time as possible. Aggregating with accurate data will give you a better picture of the trends in demand that your service desk sees.

    Not separating incidents and service requests? Need to fix your ticket categories? Visit Standardize the Service Desk to get started.

    Analyze incidents and requests separately

    Each type has its own set of customer experiences and expectations

    • Different ticket types are associated with radically different prioritization, routing, and service levels. For instance, most incidents are resolved within a business day, but requests take longer to implement.
    • If you fail to distinguish between ticket types, your metrics will obscure service desk performance.
    • From a ticket analysis standpoint, separating ticket types prior to analysis or, better yet, at intake allows for cleaner data. In turn, this means more structured analyses, better insights, and more meaningful actions. Not separating ticket types may still get you to the same conclusions, but it will be much more difficult to sift through the data.

    Incident

    An unanticipated interruption of a service.
    The goal of incident management is to restore the service as soon as possible, even if the resolution involves a workaround.

    Request

    A generic description for a small change or service access.
    Requests are small, frequent, and low risk. They are best handled by a process distinct from incident, change, and project management.

    Not separating incidents and service requests? Need to fix your ticket categories? Visit Standardize the Service Desk to get started.

    Step 2.1

    Analyze Your High-Level Ticket Data

    Dashboards
    • Ticket Volume
    • Ticket Intake
    • Ticket Handling and Resolution
    • Ticket Categorization

    This step will walk you through the following activities:

    Visualize the current state of your service desk.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Build your metrics baseline to compare with future metric results.

    Dashboards: Ticket Volume

    Example of a dashboard for ticket volume with two bar charts, one breaking down volume by month, and the other marking certain days or weeks in each month.

    Analyze your data for insights

    • Analyze volume trends by day, by week, by month, and by year to determine:
      • When are the busy periods? (E.g. Do tickets tend to spike every morning, every Monday, or every September?)
      • When are slow periods? (E.g. Do tickets drop at the end of the day, at midday, on Fridays, or over the summer?)
    • Are spikes or drops in volume consistent trends or one-time anomalies?
    • What can your resources be working on during slow times? Are you able to address ticket backlog?

    Dashboards: Ticket Intake

    Example of a dashboard for ticket intake with three bar charts, one breaking it down by 'Intake Channel', one by 'Requestor/Department', and one by 'Location'.

    Analyze your data for insights

    • Determine how to drive intake to the most appropriate solution for your organization:
      • A web portal is the most efficient intake method, but it must be user friendly to increase its adoption.
      • The phone should be available for urgent requests or incidents. Encourage those who call with a request to submit a ticket through the portal.
      • Discourage use of email if it is unstructured, as users don’t provide enough detail, and often two or three transactions are required for triage.
      • If walk-ups are encouraged, structure and formalize the support so it can be resourced and managed rather than interrupt-driven.

    Dashboard: Ticket Handling and Resolution

    Example of a dashboard for ticket handling and resolution with three bar charts, one breaking down 'Tickets Resolved by Technician', one by 'Tier', and one by 'Average Time to Resolve (Hours)'.

    Analyze your data for insights

    • Look at your ticket load by technician and by tier. This is an essential step to set your baseline to measure your shift-left initiatives. If you are focusing on self-service or Tier 1 training, the ticket load from higher tiers should decrease over time.
    • If Tiers 2 and 3 are handling the majority of the tickets, this could be a red flag indicating tickets are inappropriately escalated or Tier 1 could use more training and support.
    • For average time to resolve and average time to resolve by tier, are you meeting your SLAs? If not, are your SLAs too aggressive? Are tickets left open and not properly closed?

    Dashboard: Ticket Categorization

    Analyze your data for insights

    • Ticket categorization is critical to clean data. Having a categorization scheme with categories that are miscellaneous, too specific, or too general easily leads to inaccurate reporting or confusing workflows for technicians.
    • When looking at your ticket categories, first look for duplicate categories that could be collapsed into one.
    • Also look at your top five to seven categories and see if they make sense. Are these good candidates in your organization for automation or shift-left?
    • Compare your Tier 1 categories. The level of specificity for these categories should be comparable to easily run reports. If they are not, assess the need for a category redesign.

    Example of a dashboard for ticket categorization with one horizontal bar chart, 'Incident Ticket Volume by Level 1 Category'.

    Step 2.2

    Analyze Incidents, Service Requests, and Ticket Categories

    Dashboards
    • Incidents
    • Service Requests
    • Volume by Ticket Category
    • Resolution Times by Priority and/or Category
    • Tabs for More Granular Investigation and Reporting

    This step will walk you through the following activities:

    Visualize your incident and service request ticket load and analyze trends. Use this information and cross reference data sets to gain a holistic view of how the service desk interacts with IT and the business.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Gain actionable, data-driven improvements based on your incident and service request data. Show the value of the service desk and highlight improvements needed.

    Incident and Service Requests Dashboard: Priority and SLA

    Example of an Incident and Service Requests dashboard for priority and SLA with three charts, one breaking down 'Incident Priority', one 'Average time to resolve (in hours) by priority', and one '% of SLA met'.

    Analyze your data for insights

    • Your ticket priority distribution for overall load and time to resolve (TTR) should look something like above with low-priority tickets having higher load and TTR and high/critical-priority tickets having a lower load and lower TTR. If it is reversed, that is a good indication that the service desk is too reactive or isn’t properly prioritizing its work.
    • If your SLA has a high failure rate, consider reassessing your targets with SLOs that you can meet before publishing them as achievable SLAs.

    Incident and Service Requests Dashboard: Priority and SLA

    Example of an Incident and Service Requests dashboard for resolution and close with three bar charts, one breaking down 'Incident Volume by Resolution Code', one 'Incidents Resolved by Tier', and one 'Average time to resolve (in hours) by Resolution Code'.

    Analyze your data for insights

    • Examine your ticket handling by looking at ticket status and resolution codes.
      • If you have a lot of blanks, then tickets are not properly handled. Consider reinforcing your standards for close codes and statuses.
      • Alternatively, if tickets are left open, you may have to build follow-ups on stale tickets into your process or introduce proper auto-close processes.

    Category, Resolution Time, and Resolution Code Dashboards

    These PivotCharts allow you to dig deeper

    Investigate whether there are trends in ticket volume and resolution times within specific categories and subcategories

    Tab 6, Category Dashboard; tab 7, Resolution Time Dashboard; and tab 8, Resolution Code Dashboard are PivotCharts. Use these tabs to investigate whether there are trends in ticket volume, resolution times, and resolution codes within specific categories and subcategories.

    Start with the charts that are available. The +/- buttons will allow you to show more granular information. By default, this granularity will be into the levels of the ticket categorization scheme.

    For most categorization schemes, there will be too many categories to properly graph. You can apply a filter to investigate specific categories by clicking on the drop-down buttons.

    Example of dashboards featured on next slide

    Use these tabs for more granular investigation and reporting

    TAB 6
    CATEGORY DASHBOARD
    TAB 7
    RESOLUTION TIME DASHBOARD
    TAB 8
    RESOLUTION TIME DASHBOARD
    Sample of the 'Ticket Volume by Second, Third Level Category' dashboard tab.
    Investigate ticket distributions in first, second, and third levels. Are certain categories overcrowded, suggesting they can be split? Are certain categories not being used?
    Sample of the 'Average Resolution Times' dashboard tab.
    Do average resolution times match your service level agreements? Do certain categories have significantly different resolution times? Are there areas that can benefit from shift-left?
    Sample of the 'Volume of Resolution Codes' dashboard tab.
    Are resolution codes being accurately used? Are there trends in resolution codes? Are these codes providing sufficient information for problem management?

    PHASE 3

    Communicate Your Insights

    This phase will walk you through the following activities:

    • 3.1.1 Review common recommendations
    • 3.2.1 Review ticket reports daily
    • 3.2.2 Incorporate ticket data into retrospectives and team updates
    • 3.2.3 Regularly review trends with business leaders
    • 3.2.4 Tell a story with your data

    This phase involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Step 3.1

    Build Recommendations Based on Your Ticket Data

    Activities
    • 3.1.1 Review common recommendations

    This step will walk you through the following activities:

    Review common recommendations as a first step to extracting insights from your own data.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians

    Outcomes of this step

    You will gain an understanding of the common challenges with service desks and ticket analysis in general. See which ones apply to you to inform your ticket data analysis moving forward.

    Review these common recommendations

    1. Fix your ticket categories
      Organize your ticket categorization scheme for proper routing and reporting.
    2. Focus more on self-service
      Self-service is essential to enable shift-left strategies. Focus on knowledgebase processes and portal ease of use.
    3. Update your service catalog
      Improve your service catalog, if necessary, to make it easy for end users to request services and for the service desk to provide those services.
    4. Direct volume toward other channels
      Walk-ups make it more difficult to properly log tickets and assign service desk resources. Drive volume to other channels to improve your ticket quality.
    5. Crosstrain Tier 1 on certain topics
      Tier 1 breadth of knowledge is essential to drive up first contact resolution.
    6. Build more automation
      Identify bottlenecks and challenges with your ticket data to streamline ticket handling and resolution.
    7. Revisit service level agreements
      Update your SLAs and/or SLOs to prioritize expectation management for your end users.
    8. Improve your data quality
      You can only analyze data that exists. Revisit your ticket-handling guidelines and more regularly check tickets to ensure they comply with those standards.

    Optimize your processes and look for opportunities for automation

    Leverage Info-Tech research to improve service desk processes

    Review your service desk processes and tools for optimization opportunities:

    • Clearly establish ticket-handling guidelines.
    • Use ticket templates to reduce time spent entering tickets.
    • Document incident management and service request fulfillment workflows and eliminate any unnecessary steps.
    • Automate manual tasks wherever possible.
    • Build or improve a self-service portal with a knowledgebase to allow users to resolve their own issues, reducing incoming ticket volume to the service desk.
    • Optimize your internal knowledgebase to reduce time spent troubleshooting recurring issues.
    • Leverage AI capabilities to speed up ticket processing and resolution.

    Standardize the Service Desk

    This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management.

    Optimize the Service Desk With a Shift-Left Strategy

    This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.

    Step 3.2

    Action and Communicate Your Ticket Data

    Activities
    • 3.2.1 Review your ticket queues daily
    • 3.2.2 Incorporate ticket data into retrospectives and team status updates
    • 3.2.3 Regularly review trends with business leaders
    • 3.2.4 Tell a story with your data

    This step will walk you through the following activities:

    Organize your scrums to report on the metrics that will inform daily and monthly operations.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Use the dashboards and data to inform your daily and monthly scrums.

    3.2.1 Review your ticket queues daily

    Clean data is still useless if not used properly

    • The metrics you’ve chosen to measure and visualize in the previous step are useful for informing your day-to-day, week-to-week, and month-to-month strategies for the service desk and IT. Conduct scrums daily to action your dashboard data to help clear ticket queues.
    • Reference your dashboards daily with each IT team.
    • You need to have a dashboard of open tickets assigned to each team.

    Review Daily

    • Ticket volume over the last day (look for spikes)
    • SLA breach risks/SLA breaches
    • Recurring incidents
    • Tickets open
    • Tickets handed over (confirmation of handover)

    3.2.2 Incorporate ticket data into retrospectives and team status updates

    Explain your metric spikes and trends

    • Hold weekly or monthly meetings to review the ticket trends selected during Phases 1 and 2 of this blueprint.
    • Review ticket spikes, identify seasonal trends, and discuss root causes (e.g. projects/changes going live, onboarding blitz).
    • Discuss any actions associated with spikes and seasonal trends (e.g. resource allocation, hiring, training).
    • You can incorporate other IT leaders or departments in this meeting as needed to discuss action items for improvement, quality assurance concerns, customer service concerns, and/or operating level agreement concerns.

    Review Weekly/Monthly

    • Ticket volume
    • Ticket category by priority level over time
    • Tickets from different business groups, VIP groups, and different vertical levels
    • Tickets escalated, tickets that didn’t need to be escalated, tickets that were incorrectly escalated
    • Ticket priority levels over time
    • Most requested services
    • Tickets resolved by which group over time
    • Ability to meet SLAs and OLAs over time by different groups

    3.2.3 Regularly review trends with business leaders

    Use your data to help improve business relationships

    Review the following with business leaders:

    • Volume of work done this past time cycle for the leader’s group
    • Trends and spikes in the data and possible explanations for them (note: get their input on the potential causes of trends)
    • Improvements you plan to execute within the service desk
    • Action items you need from the business leader

    Use your data to show the value you provide to the group. Schedule quarterly meetings with the heads of different business groups to discuss the work that the service desk does for each group.

    Show trends in incidents and service requests: “I see you have a spike in CRM tickets. I’ve been working with the CRM team to address this issue.”

    3.2.4 Tell a story with your data

    Effectively communicate with the business and leadership

    • With your visualized metrics, organize your story into a presentation for different stakeholder groups. You can use the Ticket Analysis Report as a starting point to provide data about:
      • Value provided by the service desk
      • Successes
      • Opportunities for Improvements
      • Current state of KPIs
    • Include information about the causes of data trends and actions you will take in response to the data.
    • For each of these themes, look at the metrics you’ve chosen to track and see which ones fit to tell the story. Let the data do the talking.
    • Consider supplementing the ticket data with data from other systems. For example, you can include data on transactional customer satisfaction surveys, knowledgebase utilization, and self-service utilization.

    Sample of the Ticket Analysis Report.

    Download the Ticket Analysis Report.

    Ticket Analysis Report

    Include the following information as you build your ticket analysis report:

    • Value Provided by the Service Desk
      Start with the value provided by the service desk to different areas of the business. Include information about first contact resolution, average resolution times, ticket volume (e.g. by category, priority, location, requestor).
    • Successes
      Successes is a general field that can include how process improvements have impacted the service desk or how initiatives have enhanced shift-left opportunities. Highlight any positive trends over time.
    • Opportunities for Improvement
      Let the data guide the conversation to where improvements can be made. Day-to-day ops, self-service tools, shifting work left from Tier 2, Tier 3, standardizing a non-standard service, and staffing adjustments are possibilities for this section.
    • Current State of KPIs
      Mean time to resolve, FCR, ticket volume, and end-user satisfaction are great KPIs to include as a starting point.

    Sample of the Ticket Analysis Report.

    Download the Ticket Analysis Report.

    Summary of Accomplishment

    Problem Solved

    You now have a better understanding of how to action your service desk ticket data, including improvements to your current ticket templates for incidents and service requests.

    You also have the data to craft a story to different stakeholder groups to celebrate the successes of the service desk and highlight possible improvements. Continue this exercise iteratively to continue improving the service desk.

    Remember, ticket analysis is not a single event but an ongoing initiative. As you track, analyze, and action more data, you will find more improvements.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Photo of Benedict Chang.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team. Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Sample of dashboards we saw earlier. Sample of the 'Ticket Analysis Report'.
    Analyze your dashboards
    An analyst will walk through the ticket data and dashboards with you and your team to help interpret the data and tailor improvements
    Populate your ticket data report
    Given the action items from this solution set, an analyst will help you craft a report to celebrate the successes and highlight needed improvements in the service desk.

    Related Info-Tech Research

    Optimize the Service Desk With a Shift-Left Strategy

    The best type of service desk ticket is the one that doesn’t exist.

    Incident & Problem Management

    Don’t let persistent problems govern your department.

    Design & Build a User-Facing Service Catalog

    Improve user satisfaction with IT with a convenient menu-like catalog.

    Bibliography

    Bayes, Scarlett. “ITSM: 2021 & Beyond.” Service Desk Institute, 2021. Web.

    “Benchmarking Report v.9.” Service Desk Institute, 17 Jan. 2020. Web.

    Bennett, Micah. “The 9 Help Desk Metrics That Should Guide Your Customer Support.” Zapier, 3 Dec. 2015. Web.

    “Global State of Customer Service: The transformation of customer service from 2015 to present day.” Microsoft Dynamics 365, Microsoft, 2020. Web.

    Goodey, Ben. “How to Manually Analyze Support Tickets.” SentiSum, 26 July 2021. Web.

    Jadhav, Megha. “Four Metrics to Analyze When Using Ticketing Software.” Vision Helpdesk Blog, 21 Mar. 2016. Web.

    Knaflic, Cole Nussbaumer. Storytelling with Data: A Data Visualization Guide for Business Professionals. Wiley, 2015.

    Li, Ta Hsin, et al. “Incident Ticket Analytics for IT Application Management Services.” 2014 IEEE International Conference on Services Computing, 2014. Web.

    Olson, Sarah. “10 Help Desk Metrics for Service Desks and Internal Help Desks.” Zendesk Blog, Sept. 2021. Web.

    Paramesh, S.P., et al. “Classifying the Unstructured IT Service Desk Tickets Using Ensemble of Classifiers.” 2018 3rd International Conference on Computational Systems and Information Technology for Sustainable Solutions (CSITSS), 2018. Web.

    Volini, Erica, et al. “2021 Global Human Capital Trends: Special Report.” Deloitte Insights, 21 July 2021. Web.

    “What Kind of Analysis You Can Perform on a Ticket Management System.” Commence, 3 Dec. 2019. Web.

    INFO-TECH RESEARCH GROUP

    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    • Buy Link or Shortcode: {j2store}76|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • Amid the pandemic-fueled surge in online services, organizations require secure solutions to safeguard digital interactions. These solutions must be uniform, interoperable, and fortified against security threats.
    • Although the digital identity ecosystem has garnered significant attention and investment, many organizations remain uncertain about its potential for authentication and the authorization required for B2B and B2C transactions, and in turn reducing their cost of operations and transferring their data risks.

    Our Advice

    Critical Insight

    • Limited / lack of understanding of the global digital ID ecosystem and its varying approaches across countries handicaps businesses in defining the benefits digital ID can bring to customer interactions and overall business management.
    • In addition, key obstacles exist in balancing customer privacy, data security, and regulatory requirements while pursuing excellent end-user experience and high customer adoption.
    • Info-Tech Insight: Focusing on customer touchpoints and transforming them are key to excellent experience and increasing their life-time value (LTV) to them and to your organization. Digital ID is that tool of transformation.

    Impact and Result

    • Digital ID has many dimensions, and its ecosystem's sustainability lies in the key principles it is built on. Understanding the digital identity ecosystem and its responsibilities is crucial to formulating an approach to adopt it. Also, focusing on key success factors drives digital ID adoption.
    • Before embarking on the digital identity adoption journey, it is essential to assess your readiness. It is also necessary to understand the risks and challenges. Specific steps to digital ID adoption can help realize the potential of digital identity and enhance the customers' experience.

    Navigate the Digital ID Ecosystem to Enhance Customer Experience Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Navigate the Digital ID Ecosystem to Enhance Customer Experience Storyboard – Learn how to adopt Digital ID to drive benefits, enhance customer experience, improve efficiency, manage data risks, and uncover new opportunities.

    This research focuses on verified digital identity ecosystems and explores risks, opportunities, and challenges of relying on verified digital IDs and also how adopting digital identity initiatives can improve customer experience and operational efficiency. It covers:

  • Definition and dimensions of digital identity
  • Key responsibilities and principles of digital identity ecosystem
  • Success factors for digital identity adoption
  • Global evolution and unique approaches in Estonia, India, Canada, UK, and Australia
  • Industries that benefit most from digital ID development
  • Key use cases of digital ID
  • Benefits to governments, ID providers, ID consumers, and end users
  • Readiness checklist and ten steps to digital ID adoption
  • Risks and challenges of digital identity adoption
  • Key recommendations to realize potential of digital identity
  • Taxonomy and definitions of terms in the digital identity ecosystem
    • Navigate the Digital ID Ecosystem to Enhance Customer Experience Storyboard
    • Familiarize Yourself With the Digital ID Ecosystem Taxonomy
    • Assess Your Digital ID Adoption Readiness

    Infographic

    Further reading

    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    Beyond the hype: How it can help you become more customer-focused?

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    Amid the pandemic-fueled surge of online services, organizations require secure solutions to safeguard digital interactions. These solutions must be uniform, interoperable, and fortified against security threats.

    Although the digital identity ecosystem has garnered significant attention and investment, many organizations remain uncertain about its potential for authentication and authorization required for B2B and B2C transactions.

    They still wonder if digital ID can help reduce cost of operations and transfer data risks.

    Limited or lack of understanding of the global Digital ID ecosystem and its varying approaches across countries handicap businesses in defining the potential benefits Digital ID can bring to customer interactions and overall business management.

    In addition, key obstacles exist in balancing customer privacy (including the right to be forgotten), data security, and regulatory requirements while pursuing desired end-user experience and high customer adoption.

    Digital ID has many dimensions, and its ecosystem's sustainability lies in the key principles it is built on. Understanding the digital identity ecosystem and its responsibilities is crucial to formulate an approach to adopt it. Also, focusing on key success factors drives digital ID adoption.

    Before embarking on the digital identity adoption journey, it is essential to assess your readiness. It is also necessary to understand the risks and challenges. Specific steps to digital ID adoption can help realize the potential of digital identity and enhance the customers' experience.

    Info-Tech Insight

    Focusing on customer touchpoints and transforming them is key to excellent user experience and increasing their lifetime value (LTV) to them and to your organization. Digital ID is that tool of transformation.

    Analyst Perspective

    Manish Jain.

    Manish Jain

    Principal Research Director

    Analyst Profile

    “I just believed. I believed that the technology would change people's lives. I believed putting real identity online - putting technology behind real identity - was the missing link.”

    - Sheryl Sandberg (Brockes, Emma. “Facebook’s Sheryl Sandberg: who are you calling bossy?” The Guardian, 5 April 2014)

    Sometimes dismissed as mere marketing gimmicks, digital identity initiatives are anything but. While some argue that any online credential is a "Digital ID," rendering the hype around it pointless, the truth is that a properly built digital ID ecosystem has the power to transform laggard economies into global digital powerhouses. Moreover, digital IDs can help businesses transfer some of their cybersecurity risks and unlock new revenue channels by enabling a foundation for secure and efficient value delivery.

    In addition, digital identity is crucial for digital and financial inclusion, simplifying onboarding processes and opening up new opportunities for previously underserved populations. For example, in India, the Aadhaar digital ID ecosystem brought over 481 million1 people into the formal economy by enabling access to financial services. Similarly, in Indonesia, the e-KIP digital ID program paved the way for 10 million new bank accounts, 94% of which were for women2.

    However, digital identity initiatives also come with valid concerns, such as the risk of a single point of failure and the potential to widen the digital divide.

    This research focuses on the verified digital identity ecosystem, exploring the risks, opportunities, and challenges organizations face relying on these verified digital IDs to know their customers before delivering value. By understanding and adopting digital identity initiatives, organizations can unlock their full potential and provide a seamless customer experience while ensuring operational efficiency.

    1 India Aadhaar PMJDY (https://pmjdy.gov.in/account)
    2 Women’s World Banking, 2020.

    Digital Identity Ecosystem and vital ingredients of adoption

    Digital Identity Ecosystem.

    What is digital identity?

    Definitions may vary, depending on the focus.

    “Digital identity (ID) is a set of attributes that links a physical person with their online interactions. Digital ID refers to one’s online persona - an online footprint. It touches important aspects of one’s everyday life, from financial services to health care and beyond.” - DIACC Canada

    “Digital identity is a digital representation of a person. It enables them to prove who they are during interactions and transactions. They can use it online or in person.” - UK Digital Identity and Attributes Trust Framework

    “Digital identity is an electronic representation of an entity (person or other entity such as a business) and it allows people and other entities to be recognized online.” - Australia Trusted Digital Identity Framework

    A digital identity is primarily an electronic form of identity representing an entity uniquely , while abstracting all other identity attributes of the entity. In addition to an electronic form, it may also exist in a physical form (identity certificate), linked through an identifier representing the same entity.

    Digital identity has many dimensions*, and in turn categories

    Trust

    • Verified (Govt. issued IDs)
    • Unverified (Email Id)

    Subject

    • Individual
    • Organization
    • Device
    • Service

    Usability

    • Single-purpose (Disposable)
    • Multi-purpose (Reusable)

    Provider

    • Sovereign Government
    • Provincial Government
    • Local Government
    • Public Organization
    • Private Organization
    • Self

    Jurisdiction

    • Global (Passport)
    • National (DL)
    • State/Provincial (Health Card)
    • Local (Voting Card)
    • Private (Social)

    Form

    • Physical Card
    • Virtual Identifier
    • Online/App Account
    • PKI Keys
    • Tokens

    Governance

    • Sovereign
    • Federated
    • Decentralized
    • Trust Framework -based
    • Self-sovereign

    Expiry

    • Permanent (Lifetime, Years)
    • Temporary (Minutes, Hours)
    • Revocable

    Usage Mode

    • online only
    • offline only
    • Online/offline

    Purpose

    • Authorization (driver’s license, passport, employment)
    • Authentication (birth certificate, social security number)
    • Activity Linking (preferences, habits, and priorities)
    • Historical Record (Resume, educational financial, health history)
    • Social Interactions (Social Media)
    • Machine Connectivity

    Info-Tech Insight

    Digital ID has taken different meanings for different people, serving different purposes in different environments. Based on various aspects of Digital Identification, it can be categorized in several types. However, most of the time when people refer to a form of identification as Digital ID, they refer to a verified id with built-in trust either from the government OR the eco-system.

    * Please refer to Taxonomy for the definition of each of the dimensions

    Understanding a digital identity ecosystem is key to formulating your approach to adopt it

    The image contains a screenshot of a digital identity ecosystem diagram.

    Info-Tech Insight

    Digital identity ecosystems comprise many entities playing different roles, and sometimes more than one. In addition, variations in approach by jurisdictions drive how many active players are in the ecosystem for that jurisdiction.

    For example, in countries like Estonia and India, government plays the role of trust and governance authority as well as ID provider, but didn’t start with any Digital ID wallet. In contrast, in Ukraine, Diia App is primarily a Digital ID Wallet. Similarly, in the US, different states are adopting private Digital ID Wallet providers like Apple.

    Digital ID ecosystem’s sustainability lies in the key principles it is built on

    Social, economic, and legal alignment with target stakeholders
    Transparent governance and operation
    Legally auditable and enforceable
    Robust and Resilient – High availability
    Security – At rest, in progress, and in transit
    Privacy and Control with users
    Omni-channel Convenience – User and Operations
    Minimum data transfer between entities
    Technical interoperability enabled through open standards and protocol
    Scalable and interoperable at policy level
    Cost effective – User and operations
    Inclusive and accessible

    Info-Tech Insight

    A transparent, resilient, and auditable digital ID system must be aligned with socio-economic realities of the target stakeholders. It not only respects their privacy and security of their data by minimizing the data transfer between entities, but also drives desired customer experience by providing an omni-channel, interoperable, scalable, and inclusive ecosystem while still being cost-effective for the collaborators.

    Source: Adapted from Canada PCTF, UK Trust framework, European Commission, Australia TDIF, and others

    Focus on key success factors to drive the digital ID adoption

    Digital ID success factors

    Legislative regulatory framework – Removes uncertainty
    Security & Privacy Assurance- builds trust
    Smooth user experience – Drives preferences
    Transparent ecosystem – Drives inclusivity
    Multi-channel – Drive consistent experience online / offline
    Inter-operability thorough open standards
    Digital literacy – Education and awareness
    Multi-purpose & reusable – Reduce consumer burden
    Collaborative ecosystem –Build network effect

    Source: Adapted from Canada PCTF, UK digital identity & attributes trust framework , European eIDAS, and others

    Info-Tech Insight

    Driving adoption of Digital ID requires affirmative actions from all ecosystem players including governing authorities, identity providers, and identity consumers (relying parties).

    These nine success factors can help drive sustainable adoption of the Digital ID.

    Among many responsibilities the ecosystem players have, identity governance is the key to sustainability

    • Digital identity provision
      • Creating identity attributes
      • Create a reusable identity and attribute service
      • Create a digital identity
      • Assess and manage quality of an identity and attributes
      • Making identity provision inclusive and accessible
    • Digital identity resolution
      • Enabling inclusive access to products and services through digital identity
      • Authenticate and authorize identity subjects before permitting access to their identity and attributes
    • Digital identity governance
      • Manage digital identity and attributes
      • Make Identity service interoperable, and sharable
      • Recover digital identity and attribute accounts
      • Notifying users on accessing identity or making changes on more attributes
      • Report and audit – exclusion, accessibility
      • Retiring an identity or attribute service
      • Respond to complaints and disputes
    • Enterprise risk management and governance
    The image contains a screenshot of a diagram to demonstrate how identity governance is the key to sustainability.
    • Privacy and security
      • Use encryption
      • Privacy compliance framework
      • Consumer Privacy Protection laws (CPPA, GDPR etc.)
      • Acquiring and managing user consents & agreements
      • Prohibited processing of personal data
      • Security controls and governance
    • Information management
      • Record management
      • Archival
      • Disposal (on expiry or to comply with regulations)
      • CIA (confidentiality, integrity, availability)
    • Fraud management
      • Fraud monitoring and reporting
      • Fraud intelligence and analysis
      • Sharing threat indicators
      • Legal, policies and procedures for fraud management
    • Incident response
      • Respond to fraud incidents
      • Respond to a service delivery incident
      • Responding to data breaches
      • Performing and participating in investigation

    Global evolution of digital ID is following the socio-economic aspirations of countries

    The image contains a screenshot of a graph that demonstrates global evolution of digital ID.

    Source: Adapted from the book: Identification Revolution: Can Digital ID be harnessed for Development? (Gelb & Metz), 2018

    Info-Tech Insight

    The world became global a long time ago; however, it sustained economic progress without digital IDs for most of the world's population.

    With the pandemic, when political rhetoric pointed to the demand for localized supply chains, economies became irreversibly digital. In this digital economy, the digital ID ecosystem is the fulcrum of sustainable growth.

    At a time in overlapping jurisdictions, multiple digital IDs can exist. For example, one is issued by a local municipality, one by the province, and another by the national government.

    Global footprint of digital ID is evolving rapidly, but varies in approach

    The image contains a screenshot of a Global footprint of digital ID.

    Info-Tech Insight

    Countries’ approach to the digital ID is rooted in their socio-economic environment and global aspirations.

    Emerging economies with large underserved populations prioritize fast implementation of digital ID through centralized systems.

    Developed economies with smaller populations, low trust in government, and established ID systems prioritize developing trust frameworks to drive decentralized full-scale implementation.

    There is no right way except the one which follows Digital ID principles and aligns with a country’s and its people’s aspirations.

    Estonia's e-identity is the key to its digital agenda 2030

    • Regulatory Body and Operational Governance: Estonian Information System Authority (RIA).
    • Identity Providers: Government of Estonia; Private sector doesn’t issue IDs but can leverage Digital ID ecosystem.
    • Decentralized Approach: Permissioned Blockchain Architecture with built-in data traceability implemented on KSI (Keyless Signature Infrastructure).
    • X-Road – Secure, interoperable open-source data exchange platform between collection point where Data is stored.
    • Digital Identity Form: e-ID
    • Key Use cases:
      • Financial, Telecom: e-KYC, e-Banking
      • Digital Authentication: ID Card, Mobile ID, Smart ID, Digital Signatures
      • E-governance: e-Voting, e-Residency, e-Services Registries, e-Business Register
      • Smart City and mobility: Freight Transportation, Passenger Mobility
      • Healthcare: e-Health Record, e-Prescription, e-Ambulance
    • ID-card
    • Smart ID
    • Mobile ID
    • e-Residency

    Uniqueness

    Estonia pioneered the digital ID implementation with a centralized approach and later transitioned to a decentralized ecosystem driving trust to attract non-citizens into Estonia’s digital economy.

    99% Of Estonian residents have an ID card enabling use of electronic ID

    1.4 B Digital signatures given (2021)

    99% Public Services available as e-Services

    17K+ Productive years saved (five working days/citizen/year saved accessing public services)

    25K E-resident companies contributed more than €32 million in tax

    *Source: https://e-estonia.com/wp-content/uploads/e-estonia-211022_eng.pdf ;

    https://www.e-resident.gov.ee/dashboard

    The image contains a timeline of events from 2001-2020 for Estonia..

    India’s Aadhaar is the foundation of its digital journey through “India stack”

    • Regulatory Accountability and Operational Governance: Unique Identification Authority of India (UIDAI).
    • Identity Provider: Govt. of India.
    • Digital Identity Form: Physical and electronic ID Card; Online (Identifier + OTP), and offline (identifier + biometric) usage; mAadhaar App & Web Portal
    • India Stack: a set of open APIs and digital assets to leverage Aadhaar in identity, data, and payments at scale.
    • Key Use cases:
      • Financial, Telecom: eKYC, Unified Payments Interface (UPI)
      • Digital Wallet: Digi Locker
      • Digital Authentication: eSign, and Aadhaar Auth.
      • Public Welfare: Public Distribution of Service, Social Pension, Employment Guarantee
      • Public service access: Enrollment to School, Healthcare

    1.36B People enrolled

    80% Beneficiaries feel Aadhaar has made PDS, employment guarantee and social pensions more reliable

    91.6% Are very satisfied or somewhat satisfied with Aadhaar

    14B eKYC transactions done by 218 eKYC authentication agencies (KUA)

    Source: https://uidai.gov.in/aadhaar_dashboard/india.php; https://www.stateofaadhaar.in/

    World Bank Report on Private Sector Impacts from ID

    Uniqueness

    “The Aadhaar digital identity system could reduce onboarding costs for Indian firms from 1,500 rupees to as low as an estimated 10 rupees.”

    -World Bank Report on Private Sector Impacts from ID

    With lack of public trust in private sector, government brought in private sector executives in public ecosystem to lead the largest identity program globally and build the India stack to leverage the power of Digital Identity.

    The image contains a screenshot of India's Aadhaar timeline from 2009-2022.

    Ukraine’s Diia is a resilient act to preserve their identities during threat to their existence

    Regulatory Accountability and Operational Governance: Ministry of Digital Transformation.

    Identity provider: Federated govt. agencies.

    Digital identity form: Diia App & Portal as a digital wallet for all IDs including digital driving license.

    • Key use cases:
      • eGovernance – Issuing license and permits, business registration, vaccine certificates.
      • Public communication: air-raid alerts, notifications, court decisions and fines.
      • Financial, Telecom: KYC compliance, mobile donations.
      • eBusiness: Diia City legal framework for IT industry, Diia Business Portal for small and medium businesses.
      • Digital sharing and authentication: Diia signature and Diia QR.
      • Public service access: Diia Education Portal for digital education and digital skills development, healthcare.

    18.5M People downloaded the Diia app.

    14 Digital IDs provided by other ID providers are available through Diia.

    70 Government services are available through Diia.

    ~1M Private Entrepreneurs used Diia to register their companies.

    1300 Tons of paper estimated to be saved by reducing paper applications for new IDs and replacements.

    Source:

    • Ukraine Govt. Website for Invest and trade
    • Diia Case study prepared for the office of Canadian senator colin deacon.

    Uniqueness

    “One of the reasons for the Diia App's popularity is its focus on user experience. In September 2022, the Diia App simplified 25 public services and digitized 16 documents. The Ministry of Digital Transformation aims to make 100% of all public services available online by 2024.”

    - Vladyslava Aleksenko

    Project Lead—digital Identity, Ukraine

    The image contains a screenshot of the timeline for Diia.

    Canada’s PCTF (Pan Canadian Trust Framework) driving the federated digital identity ecosystem

    • Regulatory Accountability: Treasury Board of Canada Secretariat (TBS); Canadian Digital Service (CDS); Office of CIO
    • Standard Setting: Digital Identification and Authentication Council of Canada (DIACC)
    • Frameworks:
      • Treasury Board Directive on Identity Management
      • Pan Canadian Trust Framework (PCTF)
      • Voilà Verified Trustmark Program: ISO aligned compliance certification program on PCTF
      • Governing / Certificate Authority: Trustmark Oversight Board (TOB) and DIACC accredited assessor
      • Operational Governance: Federated between identity providers and identity consumers
      • Identity Providers: Public and Private Sector
      • Other entities involved: Digital ID Lab (Voila Verified Auditor); Kuma (Accredited Assessor)
    The image contains a screenshot of PCTF Components.

    82% People supportive of Digital ID.

    2/3 Canadians prefer public-private partnership for Pan-Canadian digital ID framework.

    >40% Canadians prefer completing various tasks and transactions digitally.

    75% Canadians are willing to share personal information for better experience.

    >80% Trust government, healthcare providers, and financial institutions with their personal information.

    Source: DIACC Survey 2021

    Uniqueness

    Although a few provinces in Canada started their Digital ID journey already, federally, Canada lacked an approach.

    Now Canada is developing a federated Digital ID ecosystem driven through the Pan-Canadian Trust Framework (PCTF) led by a non-profit (DIACC) formed with public and private partnership.

    The image contains a screenshot of Canada's PCTF timeline from 2002-2025.

    Australia’s digital id is pivotal to its vision to become one of the Top-3 digital governments globally by 2025*

    * Australia Digital Government Strategy 2021
    • Regulatory responsibility and standard: Digital Transformation Agency (DTA)’s Digital Identity
    • Operational support and oversight: Service Australia, Interim Oversight Authority (IOA).
    • Accredited identity providers (by 2022): Australian Taxation Office (ATO)’s myGovID, Australia Post’s Digital ID, MasterCard’s ID, OCR Labs App
    • Framework: Trusted Digital Identity Framework (TDIF)
      • Digital Identity Exchange
      • Identity Service Providers and Attribute Verification Service
      • Attribute Service Providers
      • Credential Service Providers
      • Relying Parties
    • Others: States such as NSW, Victoria, and Queensland have their own digital identity programs

    8.6M People using myGovID by Jun-2022

    117 Services accessible through Digital Id System

    The image contains a screenshot diagram of Digital Identity.

    Uniqueness

    Australia started its journey of Digital ID with a centralized Digital ID ecosystem.

    However, now it preparing to transition to a centrally governed Trust framework-based ecosystem expanding to private sector.

    The image contains a screenshot of Australia's Digital id timeline from 2014-2022.

    UK switches gear to the Trust Framework approach to build a public-private digital ID ecosystem

    • Government: Ministry of Digital Infrastructure / Department of Digital, Culture, Media, and Sport
    • Governing Body / Certificate Authority / Operational Governance: TBD
    • Approach: Trust Framework-based UK Digital Identity and attributes trust framework (UKDIATF)
    • Identity providers: Transitioning from “GOV.UK Verify” to a federated digital identity system aligned with “Trust Framework” – enabling both government (“One Login for Government”) and private sector identity providers.
    The image contains a screenshot of the Trust Framework.

    Uniqueness

    UK embarked its Digital ID journey through Gov.UK Verify but decided to scrap it recently.

    It is now preparing to build a trust framework-based federated digital ID ecosystem with roles like schema-owners and orchestration service providers for private sector and drive the collaboration between industry players.

    The image contains a screenshot of UK timeline from 2011-2023.

    Digital ID will transform all industries, though financial services and e-governance will gain most

    Cross Industry

    Financial Services

    Insurance

    E-governance

    Healthcare & Lifesciences

    Travel and Tourism

    E-Commerce

    • Onboarding (customer, employee, patient, etc.)
    • Fraud-prevention (identity theft)
    • Availing restricted services (buying liquor)
    • Secure-sharing of credentials and qualifications (education, experience, gig worker)
    • For businesses, customer 360
    • For businesses, reliable data-driven decision making with lower frequency of ‘astroturfing’ (false identities) and ‘ballot-stuffing’ (duplicate identities)
    • Account opening
    • Asset transfer
    • Payments
    • For businesses, risk management - know your customer (KYC), anti-money laundering (AML), customer due diligence (CDD)
    • Insurance history
    • Insurance claim
    • Public distribution schemes (PDS)
    • Subsidy payments (direct to consumer)
    • Obtain government benefits (maternity, pension, employment guarantee / insurance payments)
    • Tax filing
    • Issuing credentials (birth certificate, passport)
    • Voting
    • For businesses, availing governments supports
    • For SMB businesses, easier regulatory compliance
    • Digital health
    • Out of state public healthcare
    • Secure access to health and diagnostic records
    • For businesses, data sharing between providers and with payers
    • Travel booking
    • Cross-border travel
    • Car rental
    • Secure peer-to-peer sales
    • Secure peer-to-peer sales

    USE CASE

    Car rental

    INDUSTRY: Travel & Tourism

    Source: Info-Tech Research Group

    Challenge

    Solution

    Results

    Verifying the driver’s license (DL) is the first step a car rental company takes before handing over the keys.

    While the rental company only need to know the validity of the DL and if it belongs to the presenter, is bears the liability of much more data presented to them through the DL.

    For customers, it is impossible to rent a car if they forget their DL. If the customer has their driver’s license, they compromise their privacy and security as they hand over their license to the representative.

    The process is not only time consuming, it also creates unnecessary risks to both the business and the renter.

    A digital id-based rental process allows the renter to present the digital id online or in person.

    As the customer approaches the car rental they present their digital id on the mobile app, which has already authenticated the presenter though the biometrics or other credentials.

    The customer selects the purpose of the business as “Car Rental”, and only the customer’s name, photo, and validity of the DL appear on the screen for the representative to see (selective disclosures).

    If the car pick-up is online, only this information is shared with the car rental company, which in turn shares the car and key location with the renter.

    A digital identity-based identity verification can ensure a rental company has access to the minimum data it needs to comply with local laws, which in turn reduces its data leak risk.

    It also reduces customer risks linked to forgetting the DL, and data privacy.

    Digital identity also reduces the risk originated from identity fraud leading to stolen cars.

    USE CASE

    e-Governance public distribution service

    INDUSTRY: Government

    Source: Info-Tech Research Group

    Challenge

    Solution

    Results

    In both emerging and developed economies, public distribution of resources – food, subsidies, or cash – is a critical process through which many people (especially from marginalized sections) survive on.

    They often either don’t have required valid proof of identity or fall prey to low-level corruption when someone defrauds them by claiming the benefit.

    As a result, they either completely miss out on claiming government-provided social benefits OR only receive a part of what they are eligible for.

    A Digital ID based public distribution can help created a Direct Benefit Transfer ecosystem.

    Here beneficiaries register (manually OR automatically from other government records) for the benefits they are eligible for.

    On the specific schedule, they receive their benefit – monetary benefit in their bank accounts, and non-cash benefits, in person from authorized points-of-sales (POS), without any middleman with discretionary decision powers on the distribution.

    India launched its Financial Inclusion Program (Prime Minister's Public Finance Scheme) in 2014.

    The program was linked with India’s Digital Id Aadhaar to smoothen the otherwise bureaucratic and discretionary process for opening a bank account.

    In last eight years, ~481M (Source: PMJDY) beneficiaries have opened a bank account and deposited ~ ₹1.9Trillion (USD$24B), a part of which came as social benefits directly deposited to these accounts from the government of India.

    USE CASE

    Real-estate investment and sale

    INDUSTRY: Asset Management

    Source: Info-Tech Research Group

    Challenge

    Solution

    Results

    “Impersonators posing as homeowners linked to 32 property fraud cases in Ontario and B.C.” – Global News Canada1

    “The level of fraud in the UK is such that it is now a national security threat” – UK Finance Lobby Group2

    Real estate is the most expensive investment people make in their lives. However, lately it has become a soft target for title fraud. Fraudsters steal the title to one’s home and sell it or apply for a new mortgage against it.

    At the root cause of these fraud are usually identity theft when a fraudster steals someone’s identity and impersonates them as the title owner.

    Digital identity tagged to the home ownership / title record can reduce the identity fraud in title transfer.

    When a person wants to sell their house OR apply for a new mortgage on house, multiple notifications will be triggered to their contact attributes on digital ID – phone, email, postal address, and digital ID Wallet, if applicable.

    The homeowner will be mandated to authorize the transaction on at least two channels they had set as preferred, to ensure that the transaction has the consent of the registered homeowner.

    This process will stop any fraud transactions until at least two modes are compromised.

    Even if two modes are compromised, the real homeowner will receive the notification on offline communication modes, and they can then alert the institution or lawyer to block the transaction.

    It will especially help elderly people, who are more prone to fall prey to identity frauds when somebody uses their IDs to impersonate them.

    1 Global News (https://globalnews.ca/news/9437913/homeowner-impersonators-lined-32-fraud-cases-ontario-bc/)

    2 UK Finance Lobby Group (https://www.ukfinance.org.uk/system/files/Half-year-fraud-update-2021-FINAL.pdf)

    Adopting digital ID benefits everybody – governments, id providers, id consumers, and end users

    Governments & identity providers

    (public & private)

    Customers and end users

    (subjects)

    Identity consumer

    (relying parties)

    • Growth in GDP
    • Save costs of providing identity
    • Unlock new revenue source by economic expansion
    • Choice and convenience
    • Control of what data is shared
    • Experience driven by simplicity and data minimalization
    • Reduced cost of availing services
    • Operational efficiency
    • Overall cost efficiency of delivering service and products
    • Reduce risk of potential litigation
    • Reduce risk of fraud
    • Enhanced customer experience leading to increased lifetime value
    • Streamlined storage and access
    • Encourage innovation

    Digital ID will transform all industries, though financial services and e-governance will gain most

    Governments and identity providers (public and private)

    • Growth in GDP by reducing bureaucracy and discretion from the governance processes.
      • As per a McKinsey report, digital ID could unlock the economic value equivalent of 3%-13% of GDP across seven focus countries (Brazil, Ethiopia, India, Nigeria, China, UK, USA) in 2030.
      • “Estonia saves two percent of GDP by signing things digitally; imagine if it could go global.” - aavi Rõivas, Prime Minister of the Republic of Estonia (International Peace Institute)
    • Unlock new revenue source by economic expansion.
      • Estonia earned €32 million in tax revenue from e-resident companies (e-Estonia).
    • Save costs of providing identity in collaboration with 3rd parties and reduce fraud.
      • Canada estimates savings of $482 million for provincial and federal governments, and $4.5 billion for private sector organizations through digital id adoption (2022 Budget Statement).

    Digital ID brings end users choice, convenience, control, and cost-saving, driving overall experience

    Customers and end users (subjects)

    • Choice: Citizens have the choice and convenience to interact safely and conveniently online and offline.
    • Convenience: No compulsion to make physical trips to access service, as end users can identify themselves safely and reliably online, as they do offline.
    • Control: A decentralized, privacy enhancing solution – neither government nor private companies control your digital ID. How and when you use digital ID is entirely up to you.
    • Cost Saving: Save costs of availing service by reducing the offline documentation.
    • Experience: Improved experience while availing service without a need to present multiple documents every time.

    Digital id benefits identity consumers by enhancing multiple dimensions of their value streams

    Identity consumer (relying parties)

    • Operational efficiency: Eliminating unnecessary steps and irrelevant data from the value stream increases overall operational efficiency.
    • Cost efficiency: Helps businesses to reduce overall cost of operations like regulatory requirements.
      • World Bank estimated that the Aadhaar could reduce onboarding costs for Indian firms from ₹1,500/- ($23) to as low as an estimated ₹10/- ($0.15) (*World Bank ID4D)
    • Reduce risk of potential litigation issues: Encourage data minimization.
    • Privacy and security: Businesses can reduce the risk of fraud to organizations and users and can significantly boost the privacy and security of their IT assets.
    • Enhanced customer experience: The decrease in the number of touchpoints and faster turnaround.
    • Streamlined storage and access: Store all available data in a single place, and when required.
    • Encourage innovation: Reduce efforts required in authentication and authorization of users.

    Before embarking on the digital identity adoption journey, assess your readiness

    Legislative coverage

    Does your target jurisdiction have adequate legislative framework to enable uses of digital identities in your industry?

    Trust framework

    If the Digital ID ecosystem in your target jurisdiction is trust framework-based, do you have adequate understanding of it?

    Customer touch-points

    Do you have exact understanding of value stream and customer touch-points where you interact with user identity?

    Relevant identity attributes

    Do you have exact understanding of the identity attributes that your business processes need to deliver customer value?

    Regulatory compliance

    Do you have required systems to ensure your compliance with industry regulations around customer PII and identity?

    Interoperability with IMS

    Is your existing identity management system interoperable with Open-source Digital Identity ecosystem?

    Enterprise governance

    Have you established an integrated enterprise governance framework covering business processes, technical systems, and risk management?

    Communication strategy

    Do have a clear strategy (mode, method, means) to communicate with your target customer and persuade them to adopt digital identity?

    Security operations center

    Do you have security operations center coordinating detection, response, resolution, and communication of potential data breaches?

    Ten steps to adopt to enhance the customer experience

    Considering the complexity of digital identity adoption, and its impact on customer experience, it is vital to assess the ecosystem and adopt an MVP approach before a big-bang launch.

    Diagram to help assess the ecosystem.

    1. Define the use case and identify the customer touchpoint in the value stream which can be improved with a verified digital identity.
    2. Ensure your organization is ready to adopt digital identity (Refer to Digital identity adoption readiness),
    3. Identify an Identity Service Provider (Government, private sector), if there are options.
    4. Understand its technical requirements and assess, to the finer detail, your technical landscape for interoperability.
    5. Set-up a business contract for terms of usages and liabilities.
    6. Create and execute a Minimum Viable Program (MVP) of integration which can be tested with real customers.
    7. Extend MVP to the complete solution and define key success metrics.
    8. Canary-launch with a segment of target customers before a full launch.
    9. Educate customers on the usages and benefits, and adapt your communication plan taking feedback
    10. Monitor and continuously improve the solution based on the feedback from ecosystem partners and end-customers, and regulatory changes.

    Understand and manage the risks and challenges of digital identity adoption

    Digital ID adoption is a major change for everyone in the ecosystem.

    Manage associated risks to avoid the derailing of integration with your business processes and a negative impact on customer experience.

    Manage Risks.

    1. Privacy and security risks – Customer’s sensitive data may get centralized with the identity provider.
    2. Single point of failure while relying a specific IDs; it also increases the impact of identity theft and fraud risk.
    3. Centralization and control risks – Identity provider or identity service broker / orchestrator may control who can participate.
    4. Not universal, interoperability risks – if purpose-specific.
    5. Impact omni-channel experience - Not always available (legal / printable) for offline use.
    6. Exclusion and discrimination risks – Specific data requirements may exclude a group of people.
    7. Scope for misuse and misinterpretation if compromised and not reclaimed in timely manner.
    8. Adoption and usability risks – Subjects / relying parties may not see benefit due to lack of awareness or suspicion.
    9. Liability Agreement gaps between identity provider and identity consumer (relying party).

    Recommendations to help you realize the potential of digital identity into your value streams

    1

    Customer-centricity

    Digital identity initiative should prioritize customer experience when evaluating its fit in the value stream. Adopting it should not sacrifice end-user experience to gain a few brownie points.

    See Info-Tech’s Adopt Design Thinking in Your Organization blueprint, to ensure customer remains at the center of your Digital Adoption initiative.

    2

    Privacy and security

    Adopting digital identity reduces data risk by minimizing data transfer between providers and consumers. However, securing identity attributes in value streams still requires strengthening enterprise security systems and processes.

    See Info-Tech’s Assess and Govern Identity Security blueprint for the actions you may take to secure and govern digital identity.

    3

    Inclusion and awareness

    Adopting digital identity may alter customer interaction with an organization. To avoid excluding target customer segments, design digital identity accordingly. Educating and informing customers about the changes can facilitate faster adoption.

    See Info-Tech’s Social Media blueprint and IT Diversity & Inclusion Tactics to make inclusion and awareness part of digital adoption

    4

    Quantitative success metrics

    To measure the success of a digital ID adoption program, it's essential to use quantitative metrics that align with business KPIs. Some measurable KPIs may include:

    • Reduction in number of IDs business used to serve 90% of customers
    • Reduction in overall cost of operation
      • Reduction in cost of user authentication
    • Reduction in process cycle time (less time required to complete a task – e.g. KYC)

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues..

    Attributes: An identity attribute is a statement or information about a specific aspect of entity’s identity ,substantiating they are who they claim to be, own, or have.

    Attribute (or Credential) provider: An attribute or credential provider could be an organization which issues the primary attribute or credential to a subject or entity. They are also responsible for identity-attribute binding, credential maintenance, suspension, recovery, and authentication.

    Attribute (or Credential) service provider: An attribute service provider could be an organization which originally vetted user’s credentials and certified a specific attribute of their identity. It could also be a software, such as digital wallet, which can store and share a user’s attribute with a third party once consented by the user. (Source: UK Govt. Trust Framework)

    Attribute binding: This is a process an attribute service providers uses to link the attributes they created to a person or an organization through an identifier. This process makes attributes useful and valuable for other entities using these attributes. For example, when a new employee joins a company, they are given a unique employee number (an identifier), which links the person with their job title and other aspects (attributes) of his job. (Source: UK Govt. Trust Framework)

    Authentication service provider: An organization which is responsible for creating and managing authenticators and their lifecycle (issuance, suspension, recovery, maintenance, revocation, and destruction of authenticators). (Source: DIACC)

    Authenticator: Information or biometric characteristics under the control of an individual that is a specific instance of something the subject has, knows, or does. E.g. private signing keys, user passwords, or biometrics like face, fingerprints. (Source: Canada PCTF)

    Authentication (identity verification): The process of confirming or denying that the identity presented relates to the subject who is making the claim by comparing the credentials presented with the ones presented during identity proofing.

    Authorization: The process of validating if the authenticated entity has permission to access a resource (service or product).

    Biometrics attributes: Human attributes like retina (iris), fingerprint, heartbeat, facial, handprint, thumbprint, voice print.

    Centralized identity: Digital identities which are fully governed by a centralized government entity. It may have enrollment or registration agencies, private or public sector, to issue the identities, and the technical system may still be decentralized to keep data federated.

    Certificate Authority (CA or accredited assessors): An organization or an entity that conducts assessments to validate the framework compliance of identity or attribute providers (such as websites, email addresses, companies, or individual persons) serving other users, and binding them to cryptographic keys through the issuance of electronic documents known as digital certificates.

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues..

    Collective (non-resolvable) attributes: Nationality, domicile, citizenship, immigration status, age group, disability, income group, membership, (outstanding) credit limit, credit score range.

    Contextual identity: A type of identity which establishes an entity’s existence in a specific context – real or virtual. These can be issued by public or private identity providers and are governed by the organizational policies. E.g. employee ID, membership ID, social media ID, machine ID.

    Credentials: A physical or a digital representation of something that establishes an entity’s eligibility to do something for which it is seeking permission, or an association/affiliation with another, generally well-known entity. E.g. Passport, DL, password. In the context of Digital Identity, every identity needs to be attached with a credential to ensure that the subject of the identity can control how and by whom that identity can be used.

    Cryptographic hash function: A hash function is a one-directional mathematical operation performed on a message of any length to get a unique, deterministic, and fixed size numerical string (the hash) which can’t be reverse engineered to get the input data without deploying disproportionate resources. It is the foundation of modern security solutions in DLT / blockchain as they help in verifying the integrity and authenticity of the message.

    Decentralized identity (DID) or self-sovereign identity: This is a way to give back the control of identity to the subject whose identity it is, using an identity wallet in which they collect verified information about themselves from certified issuers (such as the government). By controlling what information is shared from the wallet to requesting third parties (e.g. when registering for a new online service), the user can better manage their privacy, such as only presenting proof that they’re over 18 without needing to reveal their date of birth. Source: (https://www.gsma.com/identity/decentralised-identity)

    Digital identity wallet: A type of digital wallet refers to a secure, trusted software applications (native mobile app, mobile web apps, or Rivas-hosted web applications) based on common standards, allowing a user to store and use their identity attributes, identifiers, and other credentials without loosing or sharing control of them. This is different than Digital Payment Wallets used for financial transactions. (Source: https://www.worldbank.org/content/dam/photos/1440x300/2022/feb/eID_WB_presentation_BS.pdf)

    Digital identity: A digital identity is primarily an electronic form of identity representing an entity uniquely , while abstracting all other identity attributes of the entity. In addition to an electronic form, it may also exist in a physical form (identity certificate), linked through an identifier representing the same entity. E.g. Estonia eID , India Aadhar, digital citizenship ID.

    Digital object architecture: DOA is an open architecture for interoperability among various information systems, including ID wallets, identity providers, and consumers. It focuses on digital objects and comprises three core components: the identifier/resolution system, the repository system, and the registry system. There are also two protocols that connect these components. (Source: dona.net)

    Digital signature: A digital signature is an electronic, encrypted stamp of authentication on digital information such as email messages, macros, or electronic documents. A signature confirms that the information originated from the signer and has not been altered. (Source: Microsoft)

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues..

    Entity (or Subject): In the context of identity, an entity is a person, group, object, or a machine whose claims need to be ascertained and identity needs to be established before his request for a service or products can be fulfilled. An entity can also be referred to as a subject whose identity needs to be ascertained before delivering a service.

    Expiry: This is another dimension of an identity and determines the validity of an ID. Most of the identities are longer term, but there can be a few like digital tokens and URLs which can be issued for a few hours or even minutes. There are some which can be revoked after a pre-condition is met.

    Federated identity: Federated identity is an agreement between two organizations about the definition and use of identity attributes and identifiers of a consumer entity requesting a service. If successful, it allows a consumer entity to get authenticated by one organization (identity provider) and then authorized by another organization. E.g. accessing a third-party website using Google credentials.

    Foundational identity: A type of identity which establishes an entity’s existence in the real world. These are generally issued by public sector / government agencies, governed by a legal farmwork within a jurisdiction, and are widely accepted at least in that jurisdiction. E.g. birth certificate, citizenship certificate.

    Governance: This is a dimension of identity that covers the governance model for a digital ID ecosystem. While traditionally it has been under the sovereign government or a federated structure, in recent times, it has been decentralized through DLT technologies or trust-framework based. It can also be self-sovereign, where individuals fully control their data and ID attributes.

    Identifier: A digital identifier is a string of characters that uniquely represents an entity’s identity in a specific context and scope even if one or more identity attributes of the subject change over time. E.g. driver’s license, SSN, SIN, email ID, digital token, user ID, device ID, cookie ID.

    Identity: An identity is an instrument used by an entity to provide the required information about itself to another entity in order to avail a service, access a resource, or exercise a privilege. An identity formed by 1-n identity attributes and a unique identifier.

    Identity and access management (IAM): IAM is a set of frameworks, technologies, and processes to enable the creation, maintenance, and use of digital identity, ensuring that the right people gain access to the right materials and records at the right time. (Source: https://iam.harvard.edu/)

    Identity consumer (Relying party): An organization, or an entity relying on identity provider to mitigate IT risks around knowing its customers before delivering the end-user value (product/service) without deteriorating end-user experience. E.g. Canada Revenue Agency using SecureKey service and relying on Banking institutions to authenticate users; Telecom service providers in India relying on Aadhaar identity system to authenticate the customer's identity.

    Identity form: A dimension of identity that defines its forms depending on the scope it wants to serve. It can be a physical card for offline uses, a virtual identifier like a number, or an app/account with multiple identity attributes. Cryptographic keys and tokens can also be forms of identity.

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues...

    Identity infrastructure provider: Organizations involved in creating and maintaining technological infrastructure required to manage the lifecycle of digital identities, attributes, and credentials. They implement functions like security, privacy, resiliency, and user experience as specified in the digital identity policy and trust framework.

    Identity proofing: A process of asserting the identification of a subject at a useful identity assurance level when the subject provides evidence to a credential service provider (CSP), reliably identifying themselves. (Source: NIST Special Publication 800-63A)

    Identity provider (Attestation authority): An organization or an entity validating the foundation or contextual claims of a subject and establishing identifier(s) for a subject. E.g. DMV (US) and MTA (Canada) issuing drivers’ licenses; Google / Facebook issuing authentication tokens for their users logging in on other websites.

    Identity validation: The process of confirming or denying the accuracy of identity information of a subject as established by an authorized party. It doesn’t ensure that the presenter is using their own identity.

    Identity verification (Authentication): The process of confirming or denying that the identity presented relates to the subject who is making the claim by comparing the credentials presented with the ones presented during identity proofing.

    Internationalized resource identifier (IRI): IRIs are equivalent to URIs except that IRIs also allow non-ascii characters in the address space, while URIs only allow us-ascii encoding. (Source: w3.org)

    Jurisdiction: A dimension of identity that covers the physical area or virtual space where an identity is legally acceptable for the purpose defined under law. It can be global, like it is for passport, or it can be local within a municipality for specific services. For unverified digital IDs, it can be the social network.

    Multi-factor Authentication (MFA): Multi-factor authentication is a layered approach to securing digital assets (data and applications), where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. These factors can be a combination of (i) something you know like a password/PIN; (ii) something you have like a token on mobile device; and (iii) something you are like a biometric. (Adapted from https://www.cisa.gov/publication/multi-factor-authentication-mfa)

    Oauth (Open authorization): OAuth is a standard authorization protocol and used for access delegation. It allows internet users to access websites by using credentials managed by a third-party authorization server / Identity Provider. It is designed for HTTP and allows access tokens to be issued by an authorization server to third-party websites. E.g. Google, Facebook, Twitter, LinkedIn use Oauth to delegate access.

    OpenID: OpenID is a Web Authentication Protocol and implements reliance authentication mechanism. It facilitates the functioning of federated identity by allowing a user to use an existing account (e.g. Google, Facebook, Yahoo) to sign into third-party websites without needing to create new credentials. (Source: https://openid.net/).

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues...

    Personally identifiable information (PII): PII is a set of attributes which can be used, through direct or indirect means, to infer the real-world identity of the individual whose information is input. E.g. National ID (SSN/SIN/Aadhar) DL, name, date of birth, age, address, age, identifier, university credentials, health condition, email, domain name, website URI (web resolvable) , phone number, credit card number, username/password, public key / private key. (Source: https://www.dol.gov)

    Predicates: The mathematical or logical operations such as equality or greater than on attributes (e.g. prove your salary is greater than x or your age is greater than y) to prove a claim without sharing the actual values.

    Purpose: This dimension of a digital id defines for what purpose digital id can be used. It can be one or many of these – authentication, authorization, activity linking, historical record keeping, social interactions, and machine connectivity for IoT use cases.

    Reliance authentication: Relying on a third-party authentication before providing a service. It is a method followed in a federated entity system.

    Risk-based authentication: A mechanism to protect against account compromise or identity theft. It correlates an authentication request with transitional facts like requester’s location, past frequency of login, etc. to reduce the risk of potential fraud.

    Scheme in trust framework: A specific set of rules (standard and custom) around the use of digital identities and attributes as agreed by one or more organizations. It is useful when those organizations have similar products, services, business processes. (Source: UK Govt. Trust Framework). E.g. Many credit unions agree on how they will use the identity in loan origination and servicing.

    Selective disclosure (Assertion): A way to present one’s identity by sharing only a limited amount information that is critical to make an authentication / authorization decision. E.g. when presenting your credentials, you could share something proving you are 18 years or above, but not share your name, exact age, address, etc.

    Trust: A dimension of an identity, which essentially is a belief in the reliability, truth, ability, or strength of that identity. While in the physical world all acceptable form of identities come with a verified trust, in online domain, it can be unverified. Also, where an identity is only acceptable as per the contract between two entities, but not widely.

    Trust framework: The trust framework is a set of rules that different organizations agree to follow to deliver one or more of their services. This includes legislation, standards, guidance, and the rules in this document. By following these rules, all services and organizations using the trust framework can describe digital identities and attributes they’ve created in a consistent way. This should make it easier for organizations and users to complete interactions and transactions or share information with other trust framework participants. (Source: UK Govt. Trust Framework)

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues...

    Uniform resource identifier (URI): A universal name in registered name spaces and addresses referring to registered protocols or name spaces.

    Uniform resource locator (URL): A type of URI which expresses an address which maps onto an access algorithm using network protocols. (Source: https://www.w3.org/)

    Uniform resource name (URN): A type of URI that includes a name within a given namespace but may not be accessible on the internet.

    Usability: A dimension of identity that defines how many times it can be used. While most of the identities are multi-use, a few digital identities are in token form and can be used only once to authenticate oneself.

    Usage mode: A dimension of identity that defines the service mode in which a digital ID can be used. While all digital IDs are made for online usage, many can also be used in offline interactions.

    Verifiable credentials: This W3C standard specification provides a standard way to express credentials on the Web in a way that is cryptographically secure, privacy-respecting, and machine-verifiable. (Source: https://www.w3.org/TR/vc-data-model/)

    X.509 Certificates: X.509 certificates are standard digital documents that represent an entity providing a service to another entity. They're issued by a certification authority (CA), subordinate CA, or registration authority. These certificates play an important role in ascertaining the validity of an identity provider and in turn the identities issued by it. (Source: https://learn.microsoft.com/en-us/azure/iot-hub/reference-x509-certificates)

    Zero-knowledge proofs: A method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true. (Source: 1989 SIAM Paper)

    Zero-trust security: A cybersecurity paradigm focused on resource protection and the premise that trust is never granted implicitly but must be continually evaluated. It evaluates each access request as if it is a fraud attempt, and grants access only if it passes the authentication and authorization test. (Source: Adapted from NIST, SP 800-207: Zero Trust Architecture, 2020)

    Related Info-Tech Research

    Build a Zero Trust Roadmap
    Leverage an iterative and repeatable process to apply zero trust to your organization.

    Assess and Govern Identity Security
    Strong identity security and governance are the keys to the zero-trust future.

    Adopt Design Thinking in Your Organization
    Innovation needs design thinking to ensure customer remains at the center of everything the organization does.

    Social Media
    Leveraging Social Media to connect with your customers and educate them to drive the value proposition of your efforts.

    IT Diversity & Inclusion Tactics
    Equip your teams to create an inclusive environment and mobilize inclusion efforts across the organization.


    Research Contributors and Experts

    David Wallace

    David Wallace
    Executive Counselor

    Erik Avakian

    Erik Avakian
    Technical Counselor, Data Architecture and Governance

    Matthew Bourne

    Matthew Bourne
    Managing Partner, Public Sector Global Services

    Mike Tweedie

    Mike Tweedie
    Practice Lead, CIO Research Development

    Aaron Shum

    Aaron Shum
    Vice President, Security & Privacy

    Works Cited

    India Aadhaar PMJDY (https://pmjdy.gov.in/account)
    Theis, S., Rusconi, G., Panggabean, E., Kelly, S. (2020). Delivering on the Potential of Digitized G2P: Driving Women’s Financial Inclusion and Empowerment through Indonesia’s Program Keluarga Harapan. Women’s World Banking.
    DIACC Canada (https://diacc.ca/the-diacc/)
    UK digital identity & attributes trust framework alpha v2 (0.2) - GOV.UK (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    Australia Trusted Digital Identity Framework (https://www.digitalidentity.gov.au/tdif#changes)
    eIDAS (https://digital-strategy.ec.europa.eu/en/policies/eidas-regulation)
    Europe Digital Wallet – POTENTIAL (https://www.digital-identity-wallet.eu/)
    Canada PCTF (https://diacc.ca/trust-framework/)
    Identification Revolution: Can Digital ID be harnessed for Development? (Gelb & Metz), 2018
    e-Estonia website (https://e-estonia.com/solutions/e-identity/id-card/)
    Aadhaar Dashboard (https://uidai.gov.in/)
    DIACC Website (https://diacc.ca/the-diacc/)
    Australia Digital ID website (https://www.digitalidentity.gov.au/tdif#changes)
    UK Policy paper - digital identity & attributes trust framework (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    Ukraine Govt. website (https://ukraine.ua/invest-trade/digitalization/)
    Singapore SingPass Website (https://www.tech.gov.sg/products-and-services/singpass/)
    Norway BankID Website (https://www.bankid.no/en/private/about-us/)
    Brazil National ID Card website (https://www.gov.br/casacivil/pt-br/assuntos/noticias/2022/julho/nova-carteira-de-identidade-nacional-modelo-unico-a-partir-de-agosto)
    Indonesia Coverage in Professional Security Magazine (https://www.professionalsecurity.co.uk/products/id-cards/indonesian-cards/)
    Philippine ID System (PhilSys) website (https://www.philsys.gov.ph/)
    China coverage on eGovReview (https://www.egovreview.com/article/news/559/china-announces-plans-national-digital-ids)
    Thales Group Website - DHS’s Automated Biometric Identification System IDENT (https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/customer-cases/ident-automated-biometric-identification-system)
    FranceConnect (https://franceconnect.gouv.fr/)
    Germany: Office for authorization cert. (https://www.personalausweisportal.de/Webs/PA/DE/startseite/startseite-node.html)
    Italian Digital Services Authority (https://www.spid.gov.it/en/)
    Monacco Mconnect (https://mconnect.gouv.mc/en)
    Estonia eID (https://e-estonia.com/wp-content/uploads/e-estonia-211022_eng.pdf)
    E-Residency Dashboard (https://www.e-resident.gov.ee/dashboard)
    Unique ID authority of India (https://uidai.gov.in/aadhaar_dashboard/india.php)
    State of Aadhaar (https://www.stateofaadhaar.in/)
    World Bank (https://documents1.worldbank.org/curated/en/219201522848336907/pdf/Private-Sector-Economic-Impacts-from-Identification-Systems.pdf)
    WorldBank - ID4D 2022 Annual Report (https://documents.worldbank.org/en/publication/documents-reports/documentdetail/099437402012317995/idu00fd54093061a70475b0a3b50dd7e6cdfe147)
    Ukraine Govt. Website for Invest and trade (https://ukraine.ua/invest-trade/digitalization/)
    Diia Case study prepared for the office of Canadian senator colin deacon (https://static1.squarespace.com/static/63851cbda1515c69b8a9a2b9/t/6398f63a9d78ae73d2fd5725/1670968891441/2022-case-study-report-diia-mobile-application.pdf)
    Canadian Digital Identity Research (https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Report-ENG.pdf)
    Voilà Verified Trustmark (https://diacc.ca/voila-verified/)
    Digital Identity, 06A Federation Onboarding Guidance paper, March 2022 (https://www.digitalidentity.gov.au/sites/default/files/2022-04/TDIF%2006A%20Federation%20Onboarding%20Guidance%20-%20Release%204.6%20%28Doc%20Version%201.2%29.pdf)
    UK digital identity & attributes trust framework alpha v2 (0.2) - GOV.UK (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    A United Nations Estimate of KYC/AML (https://www.imf.org/Publications/fandd/issues/2018/12/imf-anti-money-laundering-and-economic-stability-straight)
    India Aadhaar PMJDY (https://pmjdy.gov.in/account)
    Global News (https://globalnews.ca/news/9437913/homeowner-impersonators-lined-32-fraud-cases-ontario-bc/)
    UK Finance Lobby Group (https://www.ukfinance.org.uk/system/files/Half-year-fraud-update-2021-FINAL.pdf) McKinsey Digital ID report ( https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/digital-identification-a-key-to-inclusive-growth) International Peace Institute ( https://www.ipinst.org/2016/05/information-technology-and-governance-estonia#7)
    E-Estonia Report (https://e-estonia.com/wp-content/uploads/e-estonia-211022_eng.pdf)
    2022 Budget Statement (https://diacc.ca/2022/04/07/2022-budget-statement/)
    World Bank ID4D - Private Sector Economic Impacts from Identification Systems 2018 (https://documents1.worldbank.org/curated/en/219201522848336907/Private-Sector-Economic-Impacts-from-Identification-Systems.pdf)
    DIACC Canada (https://diacc.ca/the-diacc/)
    UK digital identity & attributes trust framework alpha v2 (0.2) - GOV.UK (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    https://www.gsma.com/identity/decentralised-identity
    https://www.worldbank.org/content/dam/photos/1440x300/2022/feb/eID_WB_presentation_BS.pdf
    Microsoft Digital signatures and certificates (https://support.microsoft.com/en-us/office/digital-signatures-and-certificates-8186cd15-e7ac-4a16-8597-22bd163e8e96)
    https://www.worldbank.org/content/dam/photos/1440x300/2022/feb/eID_WB_presentation_BS.pdf
    https://www.dona.net/digitalobjectarchitecture
    IAM (https://iam.harvard.edu/)
    NIST Special Publication 800-63A (https://pages.nist.gov/800-63-3/sp800-63a.html)
    https://www.cisa.gov/publication/multi-factor-authentication-mfa
    https://openid.net/
    U.S. DEPARTMENT OF LABOR (https://www.dol.gov/)
    UK govt. trust framework (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    https://www.w3.org/
    Verifiable Credentials Data Model v1.1 (https://www.w3.org/TR/vc-data-model/)
    https://learn.microsoft.com/en-us/azure/iot-hub/reference-x509-certificates

    The latest burning platform: Exit Plans in a shifting world

    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A

    The current global situation, marked by significant trade tensions and retaliatory measures between major economic powers, has elevated the importance of more detailed, robust, and executable exit plans for businesses in nearly all industries. The current geopolitical headwinds create an unpredictable environment that can severely impact supply chains, technology partnerships, and overall business operations. What was once a prudent measure is now a critical necessity – a “burning platform” – for ensuring business continuity and resilience.

    Here I will delve deeper into the essential components of an effective exit plan, outline the practical steps for its implementation, and explain the crucial role of testing in validating its readiness.

    exit plan

    Continue reading

    Sustain and Grow the Maturity of Innovation in Your Enterprise

    • Buy Link or Shortcode: {j2store}91|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • Customers are not waiting – they are insisting on change now. The recent litany of business failures and the ongoing demand for improved services means that “not in my backyard” will mean no backyard.
    • Positive innovation is about achieving tomorrow’s success today, where everyone is a leader and ideas and people can flourish – in every sector.

    Our Advice

    Critical Insight

    • Many innovation programs are not delivering value at a time when change is constant and is impacting both public and private sector organizations.
    • Organizations are not well-positioned in terms of leadership skills to advance their innovation programs.
    • Unlock your innovation potential by looking at your innovation projects on both a macro and micro level.
    • Innovation capacity is directly linked with creativity; allow your employees' creativity to flourish using Info-Tech’s positive innovation techniques.
    • Innovations need to be re-harvested each year in order to maximize your return on investment.

    Impact and Result

    • From an opportunity perspective, create an effective innovation program that spawns more innovations, realizes benefits from existing assets not fully being leveraged, and lays the groundwork for enhanced products and services.
    • This complementary toolkit and method (to existing blueprints/research) guides you to assess the “aspiration level” of innovations and the innovation program, assess the resources/capabilities that an entity has to date employed in its innovation program, and position IT for success to achieve the strategic objectives of the enterprise.

    Sustain and Grow the Maturity of Innovation in Your Enterprise Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should formalize processes to improve your innovation program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Scope and define

    Understand your current innovation capabilities and create a mandate for the future of your innovation program.

    • Sustain and Grow the Maturity of Innovation in Your Enterprise – Phase 1: Scope and Define
    • Innovation Program Mandate and Terms of Reference Template
    • Innovation Program Overview Presentation Template
    • Innovation Assessment Tool

    2. Assess and aspire

    Assess opportunities for your innovation program on a personnel and project level, and provide direction on how to improve along these dimensions.

    • Sustain and Grow the Maturity of Innovation in Your Enterprise – Phase 2: Assess and Aspire
    • Appreciative Inquiry Questionnaire

    3. Implement and inspire

    Formalize the innovation improvements you identified earlier in the blueprint by mapping them to your IT strategy.

    • Sustain and Grow the Maturity of Innovation in Your Enterprise – Phase 3: Implement and Inspire
    • Innovation Planning Tool
    [infographic]

    Workshop: Sustain and Grow the Maturity of Innovation in Your Enterprise

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Pre-Work

    The Purpose

    Gather data that will be analyzed in the workshop.

    Key Benefits Achieved

    Information gathered with which analysis can be performed.

    Activities

    1.1 Do an inventory of innovations/prototypes underway.

    1.2 High-level overview of all existing project charters, and documentation of innovation program.

    1.3 Poll working group or key stakeholders in regards to scope of innovation program.

    Outputs

    Up-to-date inventory of innovations/prototypes

    Document review of innovation program and its results to date

    Draft scope of the innovation program and understanding of the timelines

    2 Scope and Define

    The Purpose

    Scope the innovation program and gain buy-in from major stakeholders.

    Key Benefits Achieved

    Buy-in from IT steering committee for innovation program improvements.

    Activities

    2.1 Establish or re-affirm values for the program.

    2.2 Run an initial assessment of the organization’s innovation potential (macro level).

    2.3 Set/reaffirm scope and budget for the program.

    2.4 Define or refine goals and outcomes for the program.

    2.5 Confirm/re-confirm risk tolerance of organization.

    2.6 Update/document innovation program.

    2.7 Create presentation to gain support from the IT steering committee.

    Outputs

    Innovation program and terms of reference

    Presentation on organization innovation program for IT steering committee

    3 Assess and Aspire

    The Purpose

    Analyze the current performance of the innovation program and identify areas for improvement.

    Key Benefits Achieved

    Identify actionable items that can be undertaken in order to improve the performance of the innovation program.

    Activities

    3.1 Assess your level of innovation per innovation project (micro level).

    3.2 Update the risk tolerance level of the program.

    3.3 Determine if your blend of innovation projects is ideal.

    3.4 Re-prioritize your innovation projects (if needed).

    3.5 Plan update to IT steering committee.

    3.6 Assess positive innovation assessment of team.

    3.7 Opportunity analysis of innovation program and team.

    Outputs

    Positive innovation assessment

    Re-prioritized innovation projects

    Updated presentation for IT steering committee

    4 Implement and Inspire

    The Purpose

    Formalize the innovation program by tying it into the IT strategy.

    Key Benefits Achieved

    A formalized innovation program that is closely tied to the IT strategy.

    Activities

    4.1 Update business context in terms of impact on IT implications.

    4.2 Update IT strategy in terms of impact and benefits of innovation program.

    4.3 Update/create innovation program implementation plan.

    4.4 Plan update for IT steering committee.

    Outputs

    Updated business context

    Updated IT strategy

    Innovation implementation plan, including roadmap

    Updated presentation given to IT steering committee

    Secure Your Hybrid Workforce

    • Buy Link or Shortcode: {j2store}271|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Secure Cloud & Network Architecture
    • Parent Category Link: /secure-cloud-network-architecture
    • Many IT and security leaders struggle to cope with the challenges associated with an hybrid workforce and how best to secure it.
    • Understanding the main principles of zero trust: never trust, always verify, assume breach, and verify explicitly.
    • How to go about achieving a zero trust framework.
    • Understanding the premise of SASE as it pertains to a hybrid workforce.

    Our Advice

    Critical Insight

    Securing your hybrid workforce should be an opportunity to get started on the zero trust journey. Realizing the core features needed to achieve this will assist you determine which of the options is a good fit for your organization.

    Impact and Result

    Every organization's strategy to secure their hybrid workforce should include introducing zero trust principles in certain areas. Our unique approach:

    • Assess the suitability of SASE/SSE and zero trust.
    • Present capabilities and feature benefits.
    • Procure SASE product and/or build a zero trust roadmap.

    Secure Your Hybrid Workforce Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Secure Your Hybrid Workforce Deck – The purpose of the storyboard is to provide a detailed description of the steps involved in securing your hybrid workforce with zero trust.

    The storyboard contains two easy-to-follow steps on securing your hybrid workforce with zero trust, from assessing the suitability of SASE/SSE to taking a step in building a zero trust roadmap.

    • Secure Your Hybrid Workforce – Phases 1-2

    2. Suitability Assessment Tool – A tool to identify whether SASE/SSE or a zero trust roadmap is a better fit for your organization.

    Use this tool to identify your next line of action in securing your hybrid workforce by assessing key components that conforms to the ideals and principles of Zero Trust.

    • Zero Trust - SASE Suitability Assessment Tool

    3. RFP Template – A document to guide you through requesting proposals from vendors.

    Use this document to request proposals from select vendors.

    • Request for Proposal (RFP) Template
    [infographic]

    Further reading

    Secure Your Hybrid Workforce

    SASE as a driver to zero trust.

    Analyst Perspective

    Consolidate your security and network.

    Remote connections like VPNs were not designed to be security tools or to have the capacity to handle a large hybrid workforce; hence, organizations are burdened with implementing controls that are perceived to be "security solutions." The COVID-19 pandemic forced a wave of remote work for employees that were not taken into consideration for most VPN implementations, and as a result, the understanding of the traditional network perimeter as we always knew it has shifted to include devices, applications, edges, and the internet. Additionally, remote work is here to stay as recruiting talent in the current market means you must make yourself attractive to potential hires.

    The shift in the network perimeter increases the risks associated with traditional VPN solutions as well as exposing the limitations of the solution. This is where zero trust as a principle introduces a more security-focused strategy that not only mitigates most (if not all) of the risks, but also eliminates limitations, which would enhance the business and improve customer/employee experience.

    There are several ways of achieving zero trust maturity, and one of those is SASE, which consolidates security and networking to better secure your hybrid workforce as implied trust is thrown out of the window and verification of everything becomes the new normal to defend the business.

    This is a picture of Victor Okorie

    Victor Okorie
    Senior Research Analyst, Security and Privacy
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    CISOs are looking to zero trust to fill the gaps associated with their traditional remote setup as well as to build an adaptable security strategy. Some challenges faced include:

    • Understanding the main principles of zero trust: never trust, always verify, assume breach, and verify explicitly.
    • Understanding how to achieve a zero trust framework.
    • Understanding the premise of SASE as it pertains to a hybrid workforce.

    Common Obstacles

    The zero trust journey may seem tedious because of a few obstacles like:

    • Knowing what the principle is all about and the components that align with it.
    • Knowing where to start. Due to the lack of a standardized path for the zero trust journey, going about the journey can be confusing.
    • Not having a uniform definition of what makes up a SASE solution as it is heavily dependent on vendors.

    Info-Tech's Approach

    Info-Tech provides a three-service approach to helping organizations better secure their hybrid workforce.

    • Understand your current, existing technological capabilities and challenges with your hybrid infrastructure, and prioritize those challenges.
    • Gain insight into zero trust and SASE as a mitigation/control/tool to those challenges.
    • Identify the SASE features that are relevant to your needs and a source guide for a SASE vendor.

    Info-Tech Insight

    Securing your hybrid workforce should be an opportunity to get started on the zero trust journey. Realizing the core features needed to achieve this will assist you in determining which of the options is a good fit for your organization.

    Turn your challenges into opportunities

    Hybrid workforce is the new normal

    The pandemic has shown there is no going back to full on-prem work, and as such, security should be looked at differently with various considerations in mind.

    Understand that current hybrid solutions are susceptible to various forms of attack as the threat attack surface area has now expanded with users, devices, applications, locations, and data. The traditional perimeter as we know it has expanded beyond just the corporate network, and as such, it needs a more mature security strategy.

    Onboarding and offboarding have been done remotely, and with some growth recorded, the size of companies has also increased, leading to a scaling issue.

    Employees are now demanding remote work capabilities as part of contract negotiation before accepting a job.

    Attacks have increased far more quickly during the pandemic, and all indications point to them increasing even more.

    Scarce available security personnel in the job market for hire.

    Reality Today

    This image is a circle graph and 67% of it is coloured with the number 67% in the middle of the graph

    The number of breach incidents by identity theft.
    Source: Security Magazine, 2022.

    This image is a circle graph and 78% of it is coloured with the number 78% in the middle of the graph

    IT security teams want to adopt zero trust.
    Source: Cybersecurity Insiders, 2019.

    Reduce the risks of remote work by using zero trust

    $1.07m

    $1.76m

    235

    Increase in breaches related to remote work

    Cost difference in a breach where zero trust is deployed

    Days to identify a breach

    The average cost of a data breach where remote work was a factor rose by $1.07 million in 2021. COVID-19 brought about rapid changes in organizations, and digital transformation changes curbed some of its excesses. Organizations that did not make any digital transformation changes reported a $750,000 higher costs compared to global average.

    The average cost of a breach in an organization with no zero trust deployed was $5.04 million in 2021 compared to the average cost of a breach in an organization with zero trust deployed of $3.28 million. With a difference of $1.76 million, zero trust makes a significant difference.

    Organizations with a remote work adoption rate of 50% took 235 days to identify a breach and 81 days to contain that breach – this is in comparison to the average of 212 days to identify a breach and 75 days to contain that breach.

    Source: IBM, 2021.

    Network + Security = SASE

    What exactly is a SASE product?

    The convergence and consolidation of security and network brought about the formation of secure access service edge (SASE – pronounced like "sassy"). Digital transformation, hybrid workforce, high demand of availability, uninterrupted access for employees, and a host of other factors influenced the need for this convergence that is delivered as a cloud service.

    The capabilities of a SASE solution being delivered are based on certain criteria, such as the identity of the entity (users, devices, applications, data, services, location), real-time context, continuous assessment and verification of risk and "trust" throughout the lifetime of a session, and the security and compliance policies of the organization.

    SASE continuously identifies users and devices, applies security based on policy, and provides secure access to the appropriate and requested application or data regardless of location.

    image contains a list of the SASE Network Features and Security Features. the network Features are: WAN optimization; SD WAN; CDN; Network-as-a-service. The Security Features are: CASB; IDPS; ZTNA/VPN; FWaaS; Browser isolation; DLP; UEBA; Secure web gateway; Sandboxing

    Current Approach

    The traditional perimeter security using the castle and moat approach is depicted in the image here. The security shields valuable resources from external attack; however, it isn't foolproof for all kinds of external attacks. Furthermore, it does not protect those valuable resources from insider threat.

    This security perimeter also allows for lateral movement when it has been breached. Access to these resources is now considered "trusted" solely because it is now behind the wall/perimeter.

    This approach is no longer feasible in our world today where both external and internal threats pose continuous risk and need to be contained.

    Determine the suitability of SASE and zero trust

    The Challenge:

    Complications facing traditional infrastructure

    • Increased hybrid workforce
    • Regulatory compliance
    • Limited Infosec personnel
    • Poor threat detection
    • Increased attack surface

    Common vulnerabilities in traditional infrastructure

    • MITM attack
    • XSS attack
    • Session hijacking
    • Trust-based model
    • IP spoofing
    • Brute force attack
    • Distributed denial of service
    • DNS hijacking
    • Latency issues
    • Lateral movement once connection is established

    TRADITIONAL INFRASTRUCTURE

    NETWORK

    SECURITY

    AUTHENTICATION

    IDENTITY

    ACCESS

    • MPLS
    • Corporate Network
    • Antivirus installed
    • Traditional Firewall
    • Intrusion Detection and Prevention System
    • Allow and Deny rules
    • Businesses must respond to consumer requests to:
    • LDAP
    • AAA
    • Immature password complexity
    • Trusted device with improperly managed endpoint protection.
    • Little or no DNS security
    • Web portal (captive)
    • VPN client

    Candidate Solutions

    Proposed benefits of SASE

    • Access is only granted to the requested resource
    • Consolidated network and security as a service
    • Micro-segmentation on application and gateway
    • Adopts a zero trust security posture for all access
    • Managed detection and response
    • Uniform enforcement of policy
    • Distributed denial of service shield

    SASE

    NETWORK

    SECURITY

    AUTHENTICATION

    IDENTITY

    ACCESS

    • Software defined – WAN
    • Content delivery network
    • WAN optimization
    • Network-as-a-service
    • Firewall-as-a-service/NGFW
    • Zero trust network access
    • Endpoint detection & response
    • Secure web gateway
    • Cloud access security broker
    • Data loss prevention
    • Remote browser isolation
    • Multifactor authentication
    • Context-based security policy for authentication
    • Authorization managed with situational awareness and real-time risk analytics
    • Continuous verification throughout an access request lifecycle
    • Zero trust identity on users, devices, applications, and data.
    • Strong password complexity enforced
    • Privilege access management
    • Secure internet access
    • SASE client

    ZERO TRUST

    TENETS OF ZERO TRUST

    ZERO TRUST PILLARS

    • Continuous, dynamic authentication and verification
    • Principle of least privilege
    • Always assume a breach
    • Implement the tenets of zero trust across the following domains of your environment:
      • IDENTITY
      • APPLICATION
      • NETWORK
      • DEVICES
      • DATA

    Proposed benefits of zero trust

    • Identify and protect critical and non-critical resources in accordance with business objectives.
    • Produce initiatives that conform to the ideals of zero trust and are aligned with the corresponding pillars above.
    • Formulate policies to protect resources and aid segmentation.

    Info-Tech Insight

    Securing your hybrid workforce should be an opportunity to get started on the zero trust journey. Realizing the core features needed to achieve this will help you determine which of the options is a good fit for your organization.

    Measure the value of using Info-Tech's approach

    IT and business value

    PHASE 1

    PHASE 2

    Assess the benefits of adopting SASE or zero trust

    Vendors will try to control the narrative in terms of what they can do for you, but it's time for you to control the narrative and identify pain points to IT and the business, and with that, to understand and define what the vendor solution can do for you.

    PHASE 2

    Assess the benefits of adopting SASE or zero trust

    Vendors will try to control the narrative in terms of what they can do for you, but it's time for you to control the narrative and identify pain points to IT and the business, and with that, to understand and define what the vendor solution can do for you.

    Short-term benefits

    • Gain awareness of your zero trust readiness.
    • Embed a zero trust mindset across your architecture.
    • Control the narrative of what SASE brings to your organization.

    Long-term benefits

    • Identified controls to mitigate risks with current architecture while on a zero trust journey.
    • Improved security posture that reduces risk by increasing visibility into threats and user connections.
    • Reduced CapEx and OpEx due to the scalability, low staffing requirements, and improved time to respond to threats using a SASE or SSE solution.

    Determine SASE cost factors

    IT and business value

    Info-Tech Insight

    IT leaders need to examine different areas of their budget and determine how the adoption of a SASE solution could influence several areas of their budget breakdown.

    Determining the SASE cost factors early could accelerate the justification the business needs to move forward in making an informed decision.

    01- Infrastructure

    • Physical security
    • Cabling
    • Power supply and HVAC
    • Hosting

    02- Administration

    • Human hours to analyze logs and threats
    • Human hours to secure infrastructure
    • Fees associated with maintenance

    03- Inbound

    • DPI
    • DDoS
    • Web application firewall
    • VPN concentrators

    04- Outbound

    • IDPS
    • DLP on-prem
    • QoS
    • Sandbox & URL filtering

    04- Data Protection

    • Real-time URL
      insights
    • Threat hunting
    • Data loss prevention

    06- Monitoring

    • Log storage
    • Logging engine
    • Dashboards
    • Managed detection
      and response

    Info-Tech's methodology for securing your hybrid workforce

    1. Current state and future mitigation

    2. Assess the benefits of moving to SASE/zero trust

    Phase Steps

    1.1 Limitations of legacy infrastructure

    1.2 Zero trust principle as a control

    1.3 SASE as a driver of zero trust

    2.1 Sourcing out a SASE/SSE vendor

    2.2 Build a zero trust roadmap

    Phase Outcomes

    Identify and prioritize risks of current infrastructure and several ways to mitigate them.

    RFP template and build a zero trust roadmap.

    Consider several factors needed to protect your growing hybrid workforce and assess your current resource capabilities, solutions, and desire for a more mature security program. The outcome should either address a quick pain point or a long-term roadmap.

    The internet is the new corporate network

    The internet is the new corporate network, which opens the organization up to more risks not protected by the current security stack. Using Info-Tech's methodology of zero trust adoption is a sure way to reduce the attack surface, and SASE is one useful tool to take you on the zero trust journey.

    Current-state risks and future mitigation

    Securing your hybrid workforce via zero trust will inevitably include (but is not limited to) technological products/solutions.

    SASE and SSE features sit as an overlay here as technological solutions that will help on the zero trust journey by aggregating all the disparate solutions required for you to meet zero trust requirements into a single interface. The knowledge and implementation of this helps put things into perspective of where and what our target state is.

    The right solution for the right problem

    It is critical to choose a solution that addresses the security problems you are actually trying to solve.

    Don't allow the solution provider to tell you what you need – rather, start by understanding your capability gaps and then go to market to find the right partner.

    Take advantage of the RFP template to source a SASE or SSE vendor. Additionally, build a zero trust roadmap to develop and strategize initiatives and tasks.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Zero Trust and SASE Suitability Tool
    Identify critical and vulnerable DAAS elements to protect and align them to business goals.

    Zero Trust Program Gap Analysis Tool
    Perform a gap analysis between current and target states to build a zero trust roadmap.

    Key deliverable:

    Secure Your Hybrid Workforce With Zero Trust Communication deck
    Present your zero trust strategy in a prepopulated document that summarizes the work you have completed as a part of this blueprint.

    Phase 1

    Current state and future mitigation

    Phase 1

    Phase 2

    1.1 Limitations of legacy infrastructure

    1.2 Zero trust principle as a control

    1.3 SASE as a driver of zero trust

    2.1 Sourcing out a SASE/SSE vendor

    2.2 Build a zero trust roadmap

    This phase will walk you through the following activities:

    • Introduction to the tool, how to use the input tabs to identify current challenges, technologies being used, and to prioritize the challenges. The prioritized list will highlight existing gaps and eventually be mapped to recommended mitigations in the following phase.

    This phase involves the following participants:

    • CIO
    • CISO
    • CSO
    • IT security team
    • IT network team

    Secure Your Hybrid Workforce

    1.1 Limitations of legacy infrastructure

    Traditional security & remote access solutions must be modernized

    Info-Tech Insight
    Traditional security is architected with a perimeter in mind and is poorly suited to the threats in hybrid or distributed environments.

    Ensure you minimize or eliminate weak points on all layers.

    • SECURITY
      • DDoS
      • DNS hijacking
      • Weak VPN protocols
    • IDENTITY
      • One-time verification allowing lateral movement
    • NETWORK
      • Risk perimeter stops at corporate network edge
      • Split tunneling
    • AUTHENTICATION
      • Weak authentication
      • Weak passwords
    • ACCESS
      • Man-in-the-middle attack
      • Cross-site scripting
      • Session hijacking

    1.1.1 For example: traditional VPNs are poorly suited to a hybrid workforce

    There are many limitations that make it difficult for traditional VPNs to adapt to an ever-growing hybrid workforce.

    The listed limitations are tied to associated risks of legacy infrastructure as well as security components that are almost non-existent in a VPN implementation today.

    Scaling

    VPNs were designed for small-scale remote access to corporate network. An increase in the remote workforce will require expensive hardware investment.

    Visibility

    Users and attackers are not restricted to specific network resources, and with an absence of activity logs, they can go undetected.

    Managed detection & response

    Due to the reduction in or lack of visibility, threat detections are poorly managed, and responses are already too late.

    Hardware

    Limited number of locations for VPN hardware to be situated as it can be expensive.

    Hybrid workforce

    The increase in the hybrid workforce requires the risk perimeter to be expanded from the corporate network to devices and applications. VPNs are built for privacy, not security.

    Info-Tech Insight

    Hybrid workforces are here to stay, and adopting a strategy that is adaptable, flexible, simple, and cost-effective is a recommended road to take on the journey to bettering your security and network.

    1.1 Identify risk from legacy infrastructure

    Estimated Time: 1-2 hours

    1. Ensure all vulnerabilities described on slide 17 are removed.
    2. Note any forecasted challenge you think you might have down the line with your current hybrid setup.
    3. Identify any trend that may be of interest to you with regards to your hybrid setup.

    This is a screenshot of the organizational profile table found in the Zero Trust - SASE Suitability Assessment Tool

    Download the Zero Trust - SASE Suitability Assessment Tool

    Input

    • List of key pain points and challenges
    • List of forecasted challenges and trends of interest

    Output

    • Prioritized list of pain points and/or challenges

    Materials

    • Excel tool
    • Whiteboard

    Participants

    • CISO
    • InfoSec team
    • IT manager
    • CIO
    • Infrastructure team

    1.2 Zero trust principle as a control

    A zero trust implementation comes with benefits/initiatives that mitigate the challenges identified in earlier activities.

    Info-Tech Insight

    Zero trust/"always verify" is applied to identity, workloads, devices, networks, and data to provide a greater control for risks associated with traditional network architecture.

    Improve IAM maturity

    Zero trust identity and access will lead to a mature IAM process in an organization with the removal of implicit trust.

    Secure your remote access

    With a zero trust network architecture (ZTNA), both the remote and on-prem network access are more secure than the traditional network deployment. The software-defined parameter ensures security on each network access.

    Reduce threat surface area

    With zero trust principle applied on identity, workload, devices, network, and data, the threat surface area which births some of the risks identified earlier will be significantly reduced.

    Improve hybrid workforce

    Scaling, visibility, network throughput, secure connection from anywhere, micro-segmentation, and a host of other benefits to improve your hybrid workforce.

    1.2 SASE as an overlay to zero trust

    Security and network initiatives of a zero trust roadmap converged into a single pane of glass.

    Info-Tech Insight

    Security and network converged into a single pane of glass giving you some of the benefits and initiatives of a zero trust implemented architecture in one package.

    Improve IAM maturity

    The identity-centric nature of SASE solutions helps to improve your IAM maturity as it applies the principle of least privilege. The removal of implicit trust and continuous verification helps foster this more.

    Secure your remote access

    With ZTNA, both the remote and on-prem network access are more secure than the traditional network deployment. The software defined parameter ensures security on each network access.

    Reduce threat surface area

    Secure web gateway, cloud access security broker, domain name system, next-generation firewall, data loss prevention, and ZTNA protect against data leaks, prevent lateral movement, and prevent malicious actors from coming in.

    Improve hybrid workforce

    Reduced costs and complexity of IT, faster user experience, and reduced risk as a result of the scalability, visibility, ease of IT administration, network throughput, secure connection from anywhere, micro-segmentation, and a host of other benefits will surely improve your hybrid workforce.

    Align SASE features to zero trust core capabilities

    Verify Identity

    • Authentication & verification are enforced for each app request or session.
    • Use of multifactor authentication.
    • RBAC/ABAC and principle of least privilege are applied on the identity regardless of user, device, or location.

    Verify Device

    • Device health is checked to ensure device is not compromised or vulnerable.
    • No admin permissions on user devices.
    • Device-based risk assessment is enforced as part of UEBA.

    Verify Access

    • Micro-segmentation built around network, user, device, location and roles.
    • Use of context and content-based policy enforced to the user, application, and device identity.
    • Network access only granted to specified application request and not to the entire network.

    Verify Services

    • Applications and services are checked before access is granted.
    • Connections to the application and services are inspected with the security controls built into the SASE solution.

    Info-Tech Insight

    These features of SASE and zero trust mitigate the risks associated with a traditional VPN and reduce the threat surface area. With security at the core, network optimization is not compromised.

    Security components of SASE

    Otherwise known as security service edge (SSE)

    Security service edge is the convergence of all security services typically found in SASE. At its core, SSE consists of three services which include:

    • Secure web gateway – secure access to the internet and web.
    • Cloud access security broker – secure access to SaaS and cloud applications.
    • Zero trust network access – secure remote access to private applications.

    SSE components are also mitigations or initiatives that make up a zero trust roadmap as they comply with the zero trust principle, and as a result, they sit up there with SASE as an overlay/driver of a zero trust implementation. SSE's benefits are identical to SASE's in that it provides zero trust access, risk reduction, low costs and complexity, and a better user experience. The difference is SSE's sole focus on security services and not the network component.

    SASE

    NETWORK FEATURES

    SECURITY FEATURES

    • WAN optimization
    • SD WAN
    • CDN
    • Network-as-a-service
    • CASB
    • IDPS
    • ZTNA/VPN
    • FWaaS
    • Browser isolation
    • DLP
    • UEBA
    • Secure web gateway
    • Sandboxing

    1.3 Pros & cons of zero trust and SASE

    Zero Trust

    SASE

    Pros

    Cons

    Pros

    Cons

    • Robust IAM process and technologies with role-based access control.
    • Strong and continuous verification of identity of user accounts, devices, data, location, and principle of least privilege applied.
    • Micro-segmentation applied around users, network, devices, roles, and applications to prevent lateral movement.
    • Threat attack surface eliminated, which reduces organizational risks.
    • Protection of data strengthened based on sensitivity and micro-segmentation.
    • Difficult to identify the scope of the zero trust initiative.
    • Requires continuous and ongoing update of access controls.
    • Zero trust journey/process could take years and is prone to being abandoned without commitment from executives.
    • Legacy systems can be hard to replace, which would require all stakeholders to prioritize resource allocation.
    • Can be expensive to implement.
    • Adopts a zero trust security posture for all access requests.
    • Converged and consolidated network and security delivered as a cloud service to the user rather than a single point of enforcement.
    • Centralized visibility of devices, data in transit and at rest, user activities, and threats.
    • Cheaper than a zero trust roadmap implementation.
    • Managed detection and response.
    • The limited knowledge of SASE.
    • No universally agreed upon SASE definition.
    • SASE products are still being developed and are open to vendors' interpretation.
    • Existing vendor relationships could be a hinderance to deployment.
    • Hard to manage MSSPs.

    Understand SASE and zero trust suitability for your needs

    Estimated Time: 1 hour

    Use the dashboard to understand the value assessment of adopting a SASE product or building a zero trust roadmap.

    This is an image of the SASE Suitability Assessment

    This is the image of the Zero Trust Suitability Assessment

    Info-Tech Insight

    This tool will help steer you on a path to take as a form of mitigation/control to some or all the identified challenges.

    Phase 2

    Make a decision and next steps

    Phase 1

    Phase 2

    1.1 Limitations of legacy infrastructure

    1.2 Zero trust principle as a control

    1.3 SASE as a driver of zero trust

    2.1 Sourcing out a SASE/SSE vendor

    2.2 Build a zero trust roadmap

    This phase will walk you through the following activities:

    • Introduction to the tool activity, how to use the input tabs and considerations to generate an output that could help understand the current state of your hybrid infrastructure and what direction is to be followed next to improve.

    This phase involves the following participants:

    • CIO
    • CISO
    • CSO
    • IT security
    • IT network team

    Secure Your Hybrid Workforce

    Step 2.1

    Sourcing out a SASE/SSE vendor

    Activities

    2.1.1 Use the RFP template to request proposal from vendors

    2.1.2 Use SoftwareReviews to compare vendors

    This step involves the following participants:

    • CIO, CISO, IT manager, Infosec team, executives.

    Outcomes of this step

    • Zero Trust Roadmap

    2.1.1 Use the RFP template to request proposal from vendors

    Estimated Time: 1-3 hours

    1. As a group, use the RFP Template to include technical capabilities of your desired SASE product and to request proposals from vendors.
    2. The features that are most important to your organization generated from phase one should be highlighted in the RFP.

    Input

    • List of SASE features
    • Technical capabilities

    Output

    • RFP

    Materials

    • RFP Template

    Participants

    • Security team
    • IT leadership

    Download the RFP Template

    2.1.2 Use SoftwareReviews to compare vendors

    SoftwareReviews

    • The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.
    • Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.
    • The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.
    • Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Step 2.2

    Zero trust readiness and roadmap

    Activities

    2.2.1 Assess the maturity of your current zero trust implementation

    2.2.2 Understand business needs and current security projects

    2.2.3 Set target maturity state with timeframe

    This step involves the following participants:

    CIO, CISO, IT manager, Infosec team, executives.

    Outcomes of this step

    Zero Trust Roadmap

    2.2.1 Assess the maturity of your current zero trust implementation

    Estimated Time: 1-3 hours

    • Realizing that zero trust is a journey helps create a better roadmap and implementation. Identify the current controls or solutions in your organization that align with the principle of zero trust.
    • Break down these controls or solutions into different silos (e.g. identity, security, network, data, device, applications, etc.).
    • Determine your zero trust readiness.

    Input

    • List of zero trust controls/solutions
    • Siloed list of zero trust controls/solutions
    • Current state of zero trust maturity

    Output

    • Zero trust readiness and current maturity state

    Materials

    • Zero Trust Security Benefit Assessment tool

    Participants

    • Security team
    • IT leadership

    Download the Zero Trust Security Benefit Assessment tool

    2.2.2 Understand business needs and current security projects

    Estimated Time: 1-3 hours

    1. Identify the business and IT executives, application owners, and board members whose vision aligns with the zero trust journey.
    2. Identify existing projects within security, IT, and the business and highlight interdependencies or how they fit with the zero trust journey.
    3. Build a rough sketch of the roadmap that fits the business needs, current projects and the zero trust journey.

    Input

    • Meetings with stakeholders
    • List of current and future projects

    Output

    • Sketch of zero trust roadmap

    Materials

    • Whiteboard activity

    Participants

    • Security team
    • IT leadership
    • IT ops team
    • Business executives
    • Board members

    Download Zero Trust Protect Surface Mapping Tool

    2.2.3 Set target maturity state with a given timeframe

    Estimated Time: 1-3 hours

    1. With the zero trust readiness, current business, IT and security projects, current maturity state, and sketch of the roadmap, setting a target maturity state within some timeframe is at the top of the list. The target maturity state will include a list of initiatives that could be siloed and confined to a timeframe.
    2. A Gantt chart or graph could be used to complete this task.

    Input

    • Results from previous activity slides

    Output

    • Current state and target state assessment for gap analysis
    • List of initiatives and timeframe

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security team
    • IT leadership
    • IT ops team
    • Business executives
    • Board members

    Download the Zero Trust Program Gap Analysis Tool

    Summary of Accomplishment

    Insights Gained

    • Difference between zero trust as a principle and SASE as a framework
    • Difference between SASE and SSE platforms.
    • Assessment of which path to take in securing your hybrid workforce

    Deliverables Completed

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    This is a screenshot from the Zero Trust - SASE Suitability Assessment Tool

    Zero Trust - SASE Suitability Assessment Tool

    Assess current security capabilities and build a roadmap of tasks and initiatives that close maturity gaps.

    Research Contributors

    • Aaron Shum, Vice President, Security & Privacy
    • Cameron Smith, Research Lead, Security & Privacy
    • Brad Mateski, Zones, Solutions Architect for CyberSecurity
    • Bob Smock, Info-Tech Research Group, Vice President of Consulting
    • Dr. Chase Cunningham, Ericom Software, Chief Strategy Officer
    • John Kindervag, ON2IT Cybersecurity, Senior Vice President, Cybersecurity Strategy and ON2IT Group Fellow
    • John Zhao, Fonterra, Enterprise Security Architect
    • Rongxing Lu, University of New Brunswick, Associate Professor
    • Sumanta Sarkar, University of Warwick, Assistant Professor
    • Tim Malone, J.B. Hunt Transport, Senior Director Information Security
    • Vana Matte, J.B. Hunt Transport, Senior Vice President of Technology Services

    Related Info-Tech Research

    This is a screenshot from Info-Tech's Security Strategy Model

    Build an Information Security Strategy

    Info-Tech has developed a highly effective approach to building an information security strategy – an approach that has been successfully tested and refined for over seven years with hundreds of organizations. This unique approach includes tools for ensuring alignment with business objectives, assessing organizational risk and stakeholder expectations, enabling a comprehensive current state assessment, prioritizing initiatives, and building out a security roadmap.

    This is a screenshot from Info-Tech's research: Determine Your Zero Trust Readiness

    Determine Your Zero Trust Readiness

    IT security was typified by perimeter security. However, the way the world does business has mandated a change to IT security. In response, zero trust is a set of principles that can add flexibility to planning your IT security strategy.

    Use this blueprint to determine your zero trust readiness and understand how zero trust can benefit both security and the business.

    This is a screenshot from Info-Tech's research: Mature Your Identity and Access Management Program

    Mature Your Identity and Access Management Program

    Many organizations are looking to improve their identity and access management (IAM) practices but struggle with where to start and whether all areas of IAM have been considered. This blueprint will help you improve the organization's IAM practices by following our three-phase methodology:

    • Assess identity and access requirements.
    • Identify initiatives using the identity lifecycle.
    • Prioritize initiatives and build a roadmap.

    Bibliography

    "2021 Data Breach Investigations Report." Verizon, 2021. Web.
    "Fortinet Brings Networking and Security to the Cloud" Fortinet, 2 Mar. 2021. Web.
    "A Zero Trust Strategy Has 3 Needs – Identify, Authenticate, and Monitor Users and Devices on and off the Network." Fortinet, 15 July 2021. Web.
    "Applying Zero Trust Principles to Enterprise Mobility." CISA, Mar. 2022. Web.
    "CISA Zero Trust Maturity Model." CISA, Cybersecurity Division, June 2021. Web.
    "Continuous Diagnostics and Mitigation Program Overview." CISA, Jan. 2022. Web.
    "Cost of a Data Breach Report 2021 | IBM." IBM, July 2021. Web.
    English, Melanie. "5 Stats That Show The Cost Saving Effect of Zero Trust." Teramind, 29 Sept. 2021. Web.
    Hunter, Steve. "The Five Business Benefits of a Zero Trust Approach to Security." Security Brief - Australia, 19 Aug. 2020. Web.
    "Improve Application Access and Security With Fortinet Zero Trust Network Access." Fortinet, 2 Mar. 2021. Web.
    "Incorporating zero trust Strategies for Secure Network and Application Access." Fortinet, 21 Jul. 2021. Web.
    Jakkal, Vasu. "Zero Trust Adoption Report: How Does Your Organization Compare?" Microsoft, 28 July 2021. Web.
    "Jericho Forum™ Commandments." The Open Group, Jericho Forum, May 2007. Web.
    Schulze, Holger. "2019 Zero Trust Adoption Report." Cybersecurity Insiders, 2019. Web.
    "67% of Organizations Had Identity-Related Data Breaches Last Year." Security Magazine, 22 Aug. 2022. Web.
    United States, Executive Office of the President Joseph R. Biden, Jr. "Executive Order on Improving the Nation's Cybersecurity." The White House, 12 May 2021. Web.

    Build Your Data Quality Program

    • Buy Link or Shortcode: {j2store}127|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $40,241 Average $ Saved
    • member rating average days saved: 33 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Experiencing the pitfalls of poor data quality and failing to benefit from good data quality, including:
      • Unreliable data and unfavorable output.
      • Inefficiencies and costly remedies.
      • Dissatisfied stakeholders.
    • The chances of successful decision-making capabilities are hindered with poor data quality.

    Our Advice

    Critical Insight

    • Address the root causes of your data quality issues and form a viable data quality program.
      • Be familiar with your organization’s data environment and business landscape.
      • Prioritize business use cases for data quality fixes.
      • Fix data quality issues at the root cause to ensure proper foundation for your data to flow.
    • It is important to sustain best practices and grow your data quality program.

    Impact and Result

    • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.
    • Develop a prioritized data quality improvement project roadmap and long-term improvement strategy.
    • Build related practices such as artificial intelligence and analytics with more confidence and less risk after achieving an appropriate level of data quality.

    Build Your Data Quality Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should establish a data quality program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your organization’s data environment and business landscape

    Learn about what causes data quality issues, how to measure data quality, what makes a good data quality practice in relation to your data and business environments.

    • Business Capability Map Template

    2. Analyze your priorities for data quality fixes

    Determine your business unit priorities to create data quality improvement projects.

    • Data Quality Problem Statement Template
    • Data Quality Practice Assessment and Project Planning Tool

    3. Establish your organization’s data quality program

    Revisit the root causes of data quality issues and identify the relevant root causes to the highest priority business unit, then determine a strategy for fixing those issues.

    • Data Lineage Diagram Template
    • Data Quality Improvement Plan Template

    4. Grow and sustain your data quality practices

    Identify strategies for continuously monitoring and improving data quality at the organization.

    Infographic

    Workshop: Build Your Data Quality Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Organization’s Data Environment and Business Landscape

    The Purpose

    Evaluate the maturity of the existing data quality practice and activities.

    Assess how data quality is embedded into related data management practices.

    Envision a target state for the data quality practice.

    Key Benefits Achieved

    Understanding of the current data quality landscape

    Gaps, inefficiencies, and opportunities in the data quality practice are identified

    Target state for the data quality practice is defined

    Activities

    1.1 Explain approach and value proposition

    1.2 Detail business vision, objectives, and drivers

    1.3 Discuss data quality barriers, needs, and principles

    1.4 Assess current enterprise-wide data quality capabilities

    1.5 Identify data quality practice future state

    1.6 Analyze gaps in data quality practice

    Outputs

    Data Quality Management Primer

    Business Capability Map Template

    Data Culture Diagnostic

    Data Quality Diagnostic

    Data Quality Problem Statement Template

    2 Create a Strategy for Data Quality Project 1

    The Purpose

    Define improvement initiatives

    Define a data quality improvement strategy and roadmap

    Key Benefits Achieved

    Improvement initiatives are defined

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy

    A roadmap is defined to depict when and how to tackle the improvement initiatives

    Activities

    2.1 Create business unit prioritization roadmap

    2.2 Develop subject areas project scope

    2.3 By subject area 1 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Business Unit Prioritization Roadmap

    Subject area scope

    Data Lineage Diagram

    3 Create a Strategy for Data Quality Project 2

    The Purpose

    Define improvement initiatives

    Define a data quality improvement strategy and roadmap

    Key Benefits Achieved

    Improvement initiatives are defined

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy

    A roadmap is defined to depict when and how to tackle the improvement initiatives

    Activities

    3.1 Understand how data quality management fits in with the organization’s data governance and data management programs

    3.2 By subject area 2 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Data Lineage Diagram

    Root Cause Analysis

    Impact Analysis

    4 Create a Strategy for Data Quality Project 3

    The Purpose

    Determine a strategy for fixing data quality issues for the highest priority business unit

    Key Benefits Achieved

    Strategy defined for fixing data quality issues for highest priority business unit

    Activities

    4.1 Formulate strategies and actions to achieve data quality practice future state

    4.2 Formulate a data quality resolution plan for the defined subject area

    4.3 By subject area 3 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Data Quality Improvement Plan

    Data Lineage Diagram

    5 Create a Plan for Sustaining Data Quality

    The Purpose

    Plan for continuous improvement in data quality

    Incorporate data quality management into the organization’s existing data management and governance programs

    Key Benefits Achieved

    Sustained and communicated data quality program

    Activities

    5.1 Formulate metrics for continuous tracking of data quality and monitoring the success of the data quality improvement initiative

    5.2 Workshop Debrief with Project Sponsor

    5.3 Meet with project sponsor/manager to discuss results and action items

    5.4 Wrap up outstanding items from the workshop, deliverables expectations, GIs

    Outputs

    Data Quality Practice Improvement Roadmap

    Data Quality Improvement Plan (for defined subject areas)

    Further reading

    Build Your Data Quality Program

    Quality Data Drives Quality Business Decisions

    Executive Brief

    Analyst Perspective

    Get ahead of the data curve by conquering data quality challenges.

    Regardless of the driving business strategy or focus, organizations are turning to data to leverage key insights and help improve the organization’s ability to realize its vision, key goals, and objectives.

    Poor quality data, however, can negatively affect time-to-insight and can undermine an organization’s customer experience efforts, product or service innovation, operational efficiency, or risk and compliance management. If you are looking to draw insights from your data for decision making, the quality of those insights is only as good as the quality of the data feeding or fueling them.

    Improving data quality means having a data quality management practice that is sustainably successful and appropriate to the use of the data, while evolving to keep pace with or get ahead of changing business and data landscapes. It is not a matter of fixing one data set at a time, which is resource and time intensive, but instead identifying where data quality consistently goes off the rails, and creating a program to improve the data processes at the source.

    Crystal Singh

    Research Director, Data and Analytics

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization is experiencing the pitfalls of poor data quality, including:

    • Unreliable data and unfavorable output.
    • Inefficiencies and costly remedies.
    • Dissatisfied stakeholders.

    Poor data quality hinders successful decision making.

    Common Obstacles

    Not understanding the purpose and execution of data quality causes some disorientation with your data.

    • Failure to realize the importance/value of data quality.
    • Unsure of where to start with data quality.
    • Lack of investment in data quality.

    Organizations tend to adopt a project mentality when it comes to data quality instead of taking the strategic approach that would be all-around more beneficial in the long term.

    Info-Tech’s Approach

    Address the root causes of your data quality issues by forming a viable data quality program.

    • Be familiar with your organization’s data environment and business landscape.
    • Prioritize business use cases for data quality fixes.
    • Fixing data quality issues at the root cause to ensure a proper foundation for your data to flow.

    It is important to sustain best practices and grow your data quality program.

    Info-Tech Insight

    Fix data quality issues as close as possible to the source of data while understanding that business use cases will each have different requirements and expectations from data quality.

    Data is the foundation of your organization’s knowledge

    Data enables your organization to make decisions.

    Reliable data is needed to facilitate data consumers at all levels of the enterprise.

    Insights, knowledge, and information are needed to inform operational, tactical, and strategic decision-making processes. Data and information are needed to manage the business and empower business processes such as billing, customer touchpoints, and fulfillment.

    Raw Data

    Business Information

    Actionable Insights

    Data should be at the foundation of your organization’s evolution. The transformational insights that executives are constantly seeking can be uncovered with a data quality practice that makes high-quality, trustworthy information readily available to the business users who need it.

    98% of companies use data to improve customer experience. (Experian Data Quality, 2019)

    High-Level Data Architecture

    The image is a graphic, which at the top shows different stages of data, and in the lower part of the graphic shows the data processes.

    Build Your Data Quality Program

    1. Data Quality & Data Culture Diagnostics Business Landscape Exercise
    2. Business Strategy & Use Cases
    3. Prioritize Use Cases With Poor Quality

    Info-Tech Insight

    As data is ingested, integrated, and maintained in the various streams of the organization's system and application architecture, there are multiple points where the quality of the data can degrade.

    1. Understand the organization's data culture and data quality environment across the business landscape.
    2. Prioritize business use cases with poor data quality.
    3. For each use case, identify data quality issues and requirements throughout the data pipeline.
    4. Fix data quality issues at the root cause.
    5. As data flow through quality assurance monitoring checkpoints, monitor data to ensure good quality output.

    Insight:

    Proper application of data quality dimensions throughout the data pipeline will result in superior business decisions.

    Data quality issues can occur at any stage of the data flow.

    The image shows the flow of data through various stages: Data Creation; Data Ingestion; Data Accumulation and Engineering; Data Delivery; and Reporting & Analytics. At the bottom, there are two bars: the left one labelled Fix data quality root causes here...; and the right reads: ...to prevent expensive cures here.

    The image is a legend that accompanies the data flow graphic. It indicates that a white and green square icon indicates Data quality dimensions; a red cube indicates a potential point of data quality degradation; the pink square indicates Root cause of poor data quality; and a green flag indicates Quality Assurance Monitoring.

    Prevent the domino effect of poor data quality

    Data is the foundation of decisions made at data-driven organizations.

    Therefore, if there are problems with the organization’s underlying data, this can have a domino effect on many downstream business functions.

    Let’s use an example to illustrate the domino effect of poor data quality.

    Organization X is looking to migrate their data to a single platform, System Y. After the migration, it has become apparent that reports generated from this platform are inconsistent and often seem wrong. What is the effect of this?

    1. Time must be spent on identifying the data quality issues, and often manual data quality fixes are employed. This will extend the time to deliver the project that depends on system Y by X months.
    2. To repair these issues, the business needs to contract two additional resources to complete the unforeseen work. The new resources cost $X each, as well as additional infrastructure and hardware costs.
    3. Now, the strategic objectives of the business are at risk and there is a feeling of mistrust in the new system Y.

    Three key challenges impacting the ability to deliver excellent customer experience

    30% Poor data quality

    30% Method of interaction changing

    30% Legacy systems or lack of new technology

    95% Of organizations indicated that poor data quality undermines business performance.

    (Source: Experian Data Quality, 2019)

    Maintaining quality data will support more informed decisions and strategic insight

    Improving your organization’s data quality will help the business realize the following benefits:

    Data-Driven Decision Making

    Business decisions should be made with a strong rationale. Data can provide insight into key business questions, such as, “How can I provide better customer satisfaction?”

    89% Of CIOs surveyed say lack of quality data is an obstacle to good decision making. (Larry Dignan, CIOs juggling digital transformation pace, bad data, cloud lock0in and business alignment, 2020)

    Customer Intimacy

    Improve marketing and the customer experience by using the right data from the system of record to analyze complete customer views of transactions, sentiments, and interactions.

    94% Percentage of senior IT leaders who say that poor data quality impinges business outcomes. (Clint Boulton, Disconnect between CIOs and LOB managers weakens data quality, 2016)

    Innovation Leadership

    Gain insights on your products, services, usage trends, industry directions, and competitor results to support decisions on innovations, new products, services, and pricing.

    20% Businesses lose as much as 20% of revenue due to poor data quality. (RingLead Data Management Solutions, 10 Stats About Data Quality I Bet You Didn’t Know)

    Operational Excellence

    Make sure the right solution is delivered rapidly and consistently to the right parties for the right price and cost structure. Automate processes by using the right data to drive process improvements.

    10-20% The implementation of data quality initiatives can lead to reductions in corporate budget of up to 20%. (HaloBI, 2015)

    However, maintaining data quality is difficult

    Avoid these pitfalls to get the true value out of your data.

    1. Data debt drags down ROI – a high degree of data debt will hinder you from attaining the ROI you’re expecting.
    2. Lack of trust means lack of usage – a lack of confidence in data results in a lack of data usage in your organization, which negatively effects strategic planning, KPIs, and business outcomes.
    3. Strategic assets become a liability – bad data puts your business at risk of failing compliance standards, which could result in you paying millions in fines.
    4. Increased costs and inefficiency – time spent fixing bad data means less workload capacity for your important initiatives and the inability to make data-based decisions.
    5. Barrier to adopting data-driven tech – emerging technologies, such as predictive analytics and artificial intelligence, rely on quality data. Inaccurate, incomplete, or irrelevant data will result in delays or a lack of ROI.
    6. Bad customer experience – Running your business on bad data can hinder your ability to deliver to your customers, growing their frustration, which negatively impacts your ability to maintain your customer base.

    Info-Tech Insight

    Data quality suffers most at the point of entry. This is one of the causes of the domino effect of data quality – and can be one of the most costly forms of data quality errors due to the error propagation. In other words, fix data ingestion, whether through improving your application and database design or improving your data ingestion policy, and you will fix a large majority of data quality issues.

    Follow Our Data & Analytics Journey

    Data Quality is laced into Data Strategy, Data Management, and Data Governance.

    • Data Strategy
      • Data Management
        • Data Quality
        • Data Governance
          • Data Architecture
            • MDM
            • Data Integration
            • Enterprise Content Management
            • Information Lifecycle Management
              • Data Warehouse/Lake/Lakehouse
                • Reporting and Analytics
                • AI

    Data quality is rooted in data management

    Extract Maximum Benefit Out of Your Data Quality Management.

    • Data management is the planning, execution, and oversight of policies, practices, and projects that acquire, control, protect, deliver, and enhance the value of data and information assets (DAMA, 2009).
    • In other words, getting the right information, to the right people, at the right time.
    • Data quality management exists within each of the data practices, information dimensions, business resources, and subject areas that comprise the data management framework.
    • Within this framework, an effective data quality practice will replace ad hoc processes with standardized practices.
    • An effective data quality practice cannot succeed without proper alignment and collaboration across this framework.
    • Alignment ensures that the data quality practice is fit for purpose to the business.

    The DAMA DMBOK2 Data Management Framework

    • Data Governance
      • Data Quality
      • Data Architecture
      • Data Modeling & Design
      • Data Storage & Operations
      • Data Security
      • Data Integration & Interoperability
      • Documents & Content
      • Reference & Master Data
      • Data Warehousing & Business Intelligence
      • Meta-data

    (Source: DAMA International)

    Related Info-Tech Research

    Build a Robust and Comprehensive Data Strategy

    • People often think that the main problems they need to fix first are related to data quality when the issues transpire at a much larger level. This blueprint is the key to building and fostering a data-driven culture.

    Create a Data Management Roadmap

    • Refer to this blueprint to understand data quality in the context of data disciplines and methods for improving your data management capabilities.

    Establish Data Governance

    • Define an effective data governance strategy and ensure the strategy integrates well with data quality with this blueprint.

    Info-Tech’s methodology for Data Quality

    Phase Steps 1. Define Your Organization’s Data Environment and Business Landscape 2. Analyze Your Priorities for Data Quality Fixes 3. Establish Your Organization’s Data Quality Program 4. Grow and Sustain Your Data Quality Practice
    Phase Outcomes This step identifies the foundational understanding of your data and business landscape, the essential concepts around data quality, as well as the core capabilities and competencies that IT needs to effectively improve data quality. To begin addressing specific, business-driven data quality projects, you must identify and prioritize the data-driven business units. This will ensure that data improvement initiatives are aligned to business goals and priorities. After determining whose data is going to be fixed based on priority, determine the specific problems that they are facing with data quality, and implement an improvement plan to fix it. Now that you have put an improvement plan into action, make sure that the data quality issues don’t keep cropping up. Integrate data quality management with data governance practices into your organization and look to grow your organization’s overall data maturity.

    Info-Tech Insight

    “Data Quality is in the eyes of the beholder.”– Igor Ikonnikov, Research Director

    Data quality means tolerance, not perfection

    Data from Info-Tech’s CIO Business Vision Diagnostic, which represents over 400 business stakeholders, shows that data quality is very important when satisfaction with data quality is low.

    However, when data quality satisfaction hit a threshold, it became less important.

    The image is a line graph, with the X-axis labelled Satisfaction with Data Quality, and the Y axis labelled Rated Importance for Data Quality. The line begins high, and then descends. There is text inside the graph, which is transcribed below.

    Respondents were asked “How satisfied are you with the quality, reliability, and effectiveness of the data you use to manage your group?” as well as to rank how important data quality was to their organization.

    When the business satisfaction of data quality reached a threshold value of 71-80%, the rated importance reached its lowest value.

    Info-Tech Insight

    Data needs to be good, but truly spectacular data may go unnoticed.

    Provide the right level of data quality, with the appropriate effort, for the correct usage. This blueprint will help you to determine what “the right level of data quality” means, as well as create a plan to achieve that goal for the business.

    Data Roles and Responsibilities

    Data quality occurs through three main layers across the data lifecycle

    Data Strategy

    Data Strategy should contain Data Quality as a standard component.

    ← Data Quality issues can occur throughout at any stage of the data flow →

    DQ Dimensions

    Timeliness – Representation – Usability – Consistency – Completeness – Uniqueness – Entry Quality – Validity – Confidence – Importance

    Source System Layer

    • Data Resource Manager/Collector: Enters data into a database and ensures that data collection sources are accurate

    Data Transformation Layer

    • ETL Developer: Designs data storage systems
    • Data Engineer: Oversees data integrations, data warehouses and data lakes, data pipelines
    • Database Administrator: Manages database systems, ensures they meet SLAs, performances, backups
    • Data Quality Engineer: Finds and cleanses bad data in data sources, creates processes to prevent data quality problems

    Consumption Layer

    • Data Scientist: Gathers and analyses data from databases and other sources, runs models, and creates data visualizations for users
    • BI Analyst: Evaluates and mines complex data and transforms it into insights that drive business value. Uses BI software and tools to analyze industry trends and create visualizations for business users
    • Data Analyst: Extracts data from business systems, analyzes it, and creates reports and dashboards for users
    • BI Engineer: Documents business needs on data analysis and reporting and develops BI systems, reports, and dashboards to support them
    Data Creation → [SLA] Data Ingestion [ QA] →Data Accumulation & Engineering → [SLA] Data Delivery [QA] →Reporting & Analytics
    Fix Data Quality root causes here… to prevent expensive cures here.

    Executive Brief Case Study

    Industry: Healthcare

    Source: Primary Info-Tech Research

    Align source systems to maximize business output.

    A healthcare insurance agency faced data quality issues in which a key business use case was impacted negatively. Business rules were not well defined, and default values instead of real value caused a concern. When dealing with multiple addresses, data was coming from different source systems.

    The challenge was to identify the most accurate address, as some were incomplete, and some lacked currency and were not up to date. This especially challenged a key business unit, marketing, to derive business value in performing key activities by being unable to reach out to existing customers to advertise any additional products.

    For this initiative, this insurance agency took an economic approach by addressing those data quality issues using internal resources.

    Results

    Without having any MDM tools or having a master record or any specific technology relating to data quality, this insurance agency used in-house development to tackle those particular issues at the source system. Data quality capabilities such as data profiling were used to uncover those issues and address them.

    “Data quality is subjective; you have to be selective in terms of targeting the data that matters the most. When getting business tools right, most issues will be fixed and lead to achieving the most value.” – Asif Mumtaz, Data & Solution Architect

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4
    • Call #1: Learn about the concepts of data quality and the common root causes of poor data quality.
    • Call #2: Identify the core capabilities of IT for improving data quality on an enterprise scale.
    • Call #3: Determine which business units use data and require data quality remediation.
    • Call #4: Create a plan for addressing business unit data quality issues according to priority of the business units based on value and impact of data.
    • Call #5: Revisit the root causes of data quality issues and identify the relevant root causes to the highest priority business unit.
    • Call #6: Determine a strategy for fixing data quality issues for the highest priority business unit.
    • Call #7: Identify strategies for continuously monitoring and improving data quality at the organization.
    • Call #8: Learn how to incorporate data quality practices in the organization’s larger data management and data governance frameworks.
    • Call #9: Summarize results and plan next steps on how to evolve your data landscape.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between eight to twelve calls over the course of four to six months.

    Workshop Overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Define Your Organization’s Data Environment and Business Landscape Create a Strategy for Data Quality Project 1 Create a Strategy for Data Quality Project 2 Create a Strategy for Data Quality Project 3 Create a Plan for Sustaining Data Quality
    Activities
    1. Explain approach and value proposition.
    2. Detail business vision, objectives, and drivers.
    3. Discuss data quality barriers, needs, and principles.
    4. Assess current enterprise-wide data quality capabilities.
    5. Identify data quality practice future state.
    6. Analyze gaps in data quality practice.
    1. Create business unit prioritization roadmap.
    2. Develop subject areas project scope.
    3. By subject area 1:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Understand how data quality management fits in with the organization’s data governance and data management programs.
    2. By subject area 2:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Formulate strategies and actions to achieve data quality practice future state.
    2. Formulate data quality resolution plan for defined subject area.
    3. By subject area 3:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Formulate metrics for continuous tracking of data quality and monitoring the success of the data quality improvement initiative.
    2. Workshop Debrief with Project Sponsor.
    • Meet with project sponsor/manager to discuss results and action items.
    • Wrap up outstanding items from the workshop, deliverables expectations, GIs.
    Deliverables
    1. Data Quality Management Primer
    2. Business Capability Map Template
    3. Data Culture Diagnostic
    4. Data Quality Diagnostic
    5. Data Quality Problem Statement Template
    1. Business Unit Prioritization Roadmap
    2. Subject area scope
    3. Data Lineage Diagram
    1. Data Lineage Diagram
    2. Root Cause Analysis
    3. Impact Analysis
    1. Data Lineage Diagram
    2. Data Quality Improvement Plan
    1. Data Quality Practice Improvement Roadmap
    2. Data Quality Improvement Plan (for defined subject areas)

    Phase 1

    Define Your Organization’s Data Environment and Business Landscape

    Build Your Data Quality Program

    Data quality is a methodology and must be treated as such

    A comprehensive data quality practice includes appropriate business requirements gathering, planning, governance, and oversight capabilities, as well as empowering technologies for properly trained staff, and ongoing development processes.

    Some common examples of appropriate data management methodologies for data quality are:

    • The data quality team has the necessary competencies and resources to perform the outlined workload.
    • There are processes that exist for continuously evaluating data quality performance capabilities.
    • Improvement strategies are designed to increase data quality performance capabilities.
    • Policies and procedures that govern data quality are well-documented, communicated, followed, and updated.
    • Change controls exist for revising policies and procedures, including communication of updates and changes.
    • Self-auditing techniques are used to ensure business-IT alignment when designing or recalibrating strategies.

    Effective data quality practices coordinate with other overarching data disciplines, related data practices, and strategic business objectives.

    “You don’t solve data quality with a Band-Aid; you solve it with a methodology.” – Diraj Goel, Growth Advisor, BC Tech

    Data quality can be defined by four key quality indicators

    Similar to measuring the acidity of a substance with a litmus test, the quality of your data can be measured using a simple indicator test. As you learn about common root causes of data quality problems in the following slides, think about these four quality indicators to assess the quality of your data:

    • Completeness – Closeness to the correct value. Encompasses accuracy, consistency, and comparability to other databases.
    • Usability – The degree to which data meets current user needs. To measure this, you must determine if the user is satisfied with the data they are using to complete their business functions.
    • Timeliness – Length of time between creation and availability of data.
    • Accessibility – How easily a user can access and understand the data (including data definitions and context). Interpretability can also be used to describe this indicator.

    Info-Tech Insight

    Quality is a relative term. Data quality is measured in terms of tolerance. Perfect data quality is both impossible and a waste of time and effort.

    How to get investment for your data quality program

    Follow these steps to convince leadership of the value of data quality:

    “You have to level with people, you cannot just start talking with the language of data and expect them to understand when the other language is money and numbers.” – Izabela Edmunds, Information Architect at Mott MacDonald

    1. Perform Phases 0 & 1 of this blueprint as this will offer value in carrying out the following steps.
    2. Build credibility. Show them your understanding of data and how it aligns to the business.
    3. Provide tangible evidence of how significant business use cases are impacted by poor quality data.
    4. Present the ROI of fixing the data quality issues you have prioritized.
    5. Explain how the data quality program will be established, implemented, and sustained.
    6. Prove the importance of fixing data quality issues at the source and how it is the most efficient, effective, and cost-friendly solution.

    Phase 1 deliverables

    Each of these deliverables serve as inputs to detect key outcomes about your organization and to help complete this blueprint:

    1. Data Culture Diagnostic

    Use this report to understand where your organization lies across areas relating to data culture.

    While the Quality & Trust area of the report might be most prevalent to this blueprint, this diagnostic may point out other areas demanding more attention.

    Please speak to your account manager for access

    2. Business Capability Map Template

    Perform this process to understand the capabilities that enable specific value streams. The output of this deliverable is a high-level view of your organization’s defined business capabilities.

    Download this tool

    Info-Tech Insight

    Understanding your data culture and business capabilities are foundational to starting the journey of data quality improvement.

    Key deliverable:

    3. Data Quality Diagnostic

    The Data Quality Report is designed to help you understand, assess, and improve key organizational data quality issues. This is where respondents across various areas in the organization can assess Data Quality across various dimensions.

    Download this tool

    Data Quality Diagnostic Value

    Prioritize business use cases with our data quality dimensions.

    • Complete this diagnostic for each major business use case. The output from the Data Culture Diagnostic and the Business Capability Map should help you understand which use cases to address.
    • Involve all key stakeholders involved in the business use case. There may be multiple business units involved in a single use case.
    • Prioritize the business use cases that need the most attention pertaining to data quality by comparing the scores of the Importance and Confidence data quality dimensions.

    If there are data elements that are considered of high importance and low confidence, then they must be prioritized.

    Sample Scorecard

    The image shows a screen capture of a scorecard, with sample information filled in.

    The image shows a screen capture of a scorecard, with sample information filled in.

    Poor data quality develops due to multiple root causes

    After you get to know the properties of good quality data, understand the underlying causes of why those indicators can point to poor data quality.

    If you notice that the usability, completeness, timeliness, or accessibility of the organization’s data is suffering, one or more of the following root causes are likely plaguing your data:

    Common root causes of poor data quality, through the lens of Info-Tech’s Five-Tier Data Architecture:

    The image shows a graphic of Info-Tech's Five-Tier Data Architecture, with root causes of poor data quality identified. In the data creation and ingestion stages, the root causes are identified as Poor system/application design, Poor database design, Inadequate enterprise integration. The root causes identified in the latter stages are: Absence of data quality policies, procedures, and standards, and Incomplete/suboptimal business processes

    These root causes of poor data quality are difficult to avoid, not only because they are often generated at an organization’s beginning stages, but also because change can be difficult. This means that the root causes are often propagated through stale or outdated business processes.

    Data quality problems root cause #1:

    Poor system or application design

    Application design plays one of the largest roles in the quality of the organization’s data. The proper design of applications can prevent data quality issues that can snowball into larger issues downstream.

    Proper ingestion is 90% of the battle. An ounce of prevention is worth a pound of cure. This is true in many different topics, and data quality is one of them. Designing an application so that data gets entered properly, whether by internal staff or external customers, is the single most effective way to prevent data quality issues.

    Some common causes of data quality problems at the application/system level include:

    • Too many open fields (free-form text fields that accept a variety of inputs).
    • There are no lookup capabilities present. Reference data should be looked up instead of entered.
    • Mandatory fields are not defined, resulting in blank fields.
    • No validation of data entries before writing to the underlying database.
    • Manual data entry encourages human error. This can be compounded by poor application design that facilitates the incorrect data entry.

    Data quality problems root cause #2:

    Poor database design

    Database design also affects data quality. How a database is designed to handle incoming data, including the schema and key identification, can impact the integrity of the data used for reporting and analytics.

    The most common type of database is the relational database. Therefore, we will focus on this type of database.

    When working with and designing relational databases, there are some important concepts that must be considered.

    Referential integrity is a term that is important for the design of relational database schema, and indicates that table relationships must always be consistent.

    For table relationships to be consistent, primary keys (unique value for each row) must uniquely identify entities in columns of the table. Foreign keys (field that is defined in a second table but refers to the primary key in the first table) must agree with the primary key that is referenced by the foreign key. To maintain referential integrity, any updates must be propagated to the primary parent key.

    Info-Tech Insight

    Other types of databases, including databases with unstructured data, need data quality consideration. However, unstructured data may have different levels of quality tolerance.

    At the database level, some common root causes include:

    1. Lack of referential integrity.
    2. Lack of unique keys.
    3. Don’t have restricted data range.
    4. Incorrect datatype, string fields that can hold too many characters.
    5. Orphaned records.

    Databases and People:

    Even though database design is a technology issue, don’t forget about the people.

    A lack of training employees on database permissions for updating/entering data into the physical databases is a common problem for data quality.

    Data quality problems root cause #3:

    Improper integration and synchronization of enterprise data

    Data ingestion is another category of data-quality-issue root causes. When moving data in Tier 2, whether it is through ETL, ESB, point-to-point integration, etc., the integrity of the data during movement and/or transformation needs to be maintained.

    Tier 2 (the data ingestion layer) serves to move data for one of two main purposes:

    • To move data from originating systems to downstream systems to support integrated business processes.
    • To move data to Tier 3 where data rests for other purposes. This movement of data in its purest form means we move raw data to storage locations in an overall data warehouse environment reflecting any security, compliance and other standards in our choices for how to store. Also, it is where data is transformed for unique business purpose that will also be moved to a place of rest or a place of specific use. Data cleansing and matching and other data-related blending tasks occur at this layer.

    This ensures the data is pristine throughout the process and improves trustworthiness of outcomes and speed to task completion.

    At the integration layer, some common root causes of data quality problems include:

    1. No data mask. For example, zip code should have a mask of five numeric characters.
    2. Questionable aggregation, transformation process, or incorrect logic.
    3. Unsynchronized data refresh process in an integrated environment.
    4. Lack of a data matching tool.
    5. Lack of a data quality tool.
    6. Don’t have data profiling capability.
    7. Errors with data conversion or migration processes – when migrating, decommissioning, or converting systems – movement of data sets.
    8. Incorrect data mapping between data sources and targets.

    Data quality problems root cause #4:

    Insufficient and ineffective data quality policies and procedures

    Data policies and procedures are necessary for establishing standards around data and represent another category of data-quality-issue root causes. This issue spans across all five of the 5 Tier Architecture.

    Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organizations, depending on your specific data needs.

    • Policies describe what to do, while standards and procedures describe how to do something.
    • There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organization’s data needs.
    • The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

    Some common root causes of data quality issues related to policies and procedures include:

    1. Policies are absent or out of date.
    2. Employees are largely unaware of policies in effect.
    3. Policies are unmonitored and unenforced.
    4. Policies are in multiple locations.
    5. Multiple versions of the same policy exist.
    6. Policies are managed inconsistently across different silos.
    7. Policies are written poorly by untrained authors.
    8. Inadequate policy training program.
    9. Draft policies stall and lose momentum.
    10. Weak policy support from senior management.

    Data quality problems root cause #5:

    Inefficient or ineffective business processes

    Some common root causes of data quality issues related to business processes include:

    1. Multiple entries of the same record leads to duplicate records proliferating in the database.
    2. Many business definitions of data.
    3. Failure to document data manipulations when presenting data.
    4. Failure to train people on how to understand data.
    5. Manually intensive processes can result in duplication of effort (creates room for errors).
    6. No clear delineation of dependencies of business processes within or between departments, which leads to a siloed approach to business processes, rather than a coordinated and aligned approach.

    Business processes can impact data quality. How data is entered into systems, as well as employee training and knowledge about the correct data definitions, can impact the quality of your organization’s data.

    These problematic business process root causes can lead to:

    Duplicate records

    Incomplete data

    Improper use of data

    Wrong data entered into fields

    These data quality issues will result in costly and inefficient manual fixes, wasting valuable time and resources.

    Phase 1 Summary

    1. Data Quality Understanding

    • Understanding that data quality is a methodology and should be treated as such.
    • Data quality can be defined by four key indicators which are completeness, usability, timeliness, and accessibility.
    • Explained how to get investment for your data quality program and showcasing its value to leadership.

    2. Phase 0 Deliverables

    Introduced foundational tools to help you throughout this blueprint:

    • Complete the Data Culture Diagnostic and Business Capability Map Template as they are foundational in understanding your data culture and business capabilities to start the journey of data quality improvement.
    • Involve key relevant stakeholders when completing the Data Quality Diagnostic for each major business use case. Use the Importance and Confidence dimensions to help you prioritize which use case to address.

    3. Common Root Causes

    Addressed where multiple root causes can occur throughout the flow of your data.

    Analyzed the following common root causes of data quality:

    1. Poor system or application design
    2. Poor database design
    3. Improper integration and synchronization of enterprise data
    4. Insufficient and ineffective data quality policies and procedures
    5. Inefficient or ineffective business processes

    Phase 2

    Analyze Your Priorities for Data Quality Fixes

    Build Your Data Quality Program

    Business Context & Data Quality

    Establish the business context of data quality improvement projects at the business unit level to find common goals.

    • To ensure the data improvement strategy is business driven, start your data quality project evaluation by understanding the business context. You will then determine which business units use data and create a roadmap for prioritizing business units for data quality repairs.
    • Your business context is represented by your corporate business vision, mission, goals and objectives, differentiators, and drivers. Collectively, they provide essential information on what is important to your organization, and some hints on how to achieve that. In this step, you will gather important information about your business view and interpret the business view to establish a data view.

    Business Vision

    Business Goals

    Business Drivers

    Business Differentiators

    Not every business unit uses data to the same extent

    A data flow diagram can provide value by allowing an organization to adopt a proactive approach to data quality. Save time by knowing where the entry points are and where to look for data flaws.

    Understanding where data lives can be challenging as it is often in motion and rarely resides in one place. There are multiple benefits that come from taking the time to create a data flow diagram.

    • Mapping out the flow of data can help provide clarity on where the data lives and how it moves through the enterprise systems.
    • Having a visual of where and when data moves helps to understand who is using data and how it is being manipulated at different points.
    • A data flow diagram will allow you to elicit how data is used in a different use case.

    Info-Tech’s Four-Column Model of Data will help you to identify the essential aspects of your data:

    Business Use Case →Used by→Business Unit →Housed in→Systems→Used for→Usage of the Data

    Not every business unit requires the same standard of data quality

    To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

    Business Value of Data

    Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

    The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

    • Loss of Revenue
    • Loss of Productivity
    • Increased Operating Costs

    Business Impact of Data

    Business impact of data should take into account the effects of poor data on both internal and external parties.

    The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

    • Impact on Customers
    • Impact on Internal Staff
    • Impact on Business Partners

    Value + Impact = Data Priority Score

    Ensure that the project starts on the right foot by completing Info-Tech’s Data Quality Problem Statement Template

    Before you can identify a solution, you must identify the problem with the business unit’s data.

    Download this tool

    Use Info-Tech’s Data Quality Problem Statement Template to identify the symptoms of poor data quality and articulate the problem.

    Info-Tech’s Data Quality Problem Statement Template will walk you through a step-by-step approach to identifying and describing the problems that the business unit feels regarding its data quality.

    Before articulating the problem, it helps to identify the symptoms of the problem. The following W’s will help you to describe the symptoms of the data quality issues:

    What

    Define the symptoms and feelings produced by poor data quality in the business unit.

    Where

    Define the location of the data that are causing data quality issues.

    When

    Define how severe the data quality issues are in frequency and duration.

    Who

    Define who is affected by the data quality problems and who works with the data.

    Info-Tech Best Practice

    Symptoms vs. Problems. Often, people will identify a list of symptoms of a problem and mistake those for the problem. Identifying the symptoms helps to define the problem, but symptoms do not help to identify the solution. The problem statement helps you to create solutions.

    Define the project problem to articulate the purpose

    1 hour

    Input

    • Symptoms of data quality issues in the business unit

    Output

    • Refined problem description

    Materials

    • Data Quality Problem Statement Template

    Participants

    • Data Quality Improvement Project team
    • Business line representatives

    A defined problem helps you to create clear goals, as well as lead your thinking to determine solutions to the problem.

    A problem statement consists of one or two sentences that summarize a condition or issue that a quality improvement team is meant to address. For the improvement team to fix the problem, the problem statement therefore has to be specific and concise.

    Instructions

    1. Gather the Data Quality Improvement Project Team in a room and start with an issue that is believed to be related to data quality.
    2. Ask what are the attributes and symptoms of that reality today; do this with the people impacted by the issue. This should be an IT and business collaboration.
    3. Draw your conclusions of what it all means: what have you collectively learned?
    4. Consider the implications of your conclusions and other considerations that must be taken into account such as regulatory needs, compliance, policy, and targets.
    5. Develop solutions – Contain the problem to something that can be solved in a realistic timeframe, such as three months.

    Download the Data Quality Problem Statement Template

    Case Study

    A strategic roadmap rooted in business requirements primes a data quality improvement plan for success.

    MathWorks

    Industry

    Software Development

    Source

    Primary Info-Tech Research

    As part of moving to a formalized data quality practice, MathWorks leveraged an incremental approach that took its time investigating business cases to support improvement actions. Establishing realistic goals for improvement in the form of a roadmap was a central component for gaining executive approval to push the project forward.

    Roadmap Creation

    In constructing a comprehensive roadmap that incorporated findings from business process and data analyses, MathWorks opted to document five-year and three-year overall goals, with one-year objectives that supported each goal. This approach ensured that the tactical actions taken were directed by long-term strategic objectives.

    Results – Business Alignment

    In presenting their roadmap for executive approval, MathWorks placed emphasis on communicating the progression and impact of their initiatives in terms that would engage business users. They focused on maintaining continual lines of communication with business stakeholders to demonstrate the value of the initiatives and also to gradually shift the corporate culture to one that is invested in an effective data quality practice.

    “Don’t jump at the first opportunity, because you may be putting out a fire with a cup of water where a fire truck is needed.” – Executive Advisor, IT Research and Advisory Firm

    Use Info-Tech’s Practice Assessment and Project Planning Tool to create your strategy for improving data quality

    Assess IT’s capabilities and competencies around data quality and plan to build these as the organization’s data quality practice develops. Before you can fix data quality, make sure you have the necessary skills and abilities to fix data quality correctly.

    The following IT capabilities are developed on an ongoing basis and are necessary for standardizing and structuring a data quality practice:

    • Meeting Business Needs
    • Services and Projects
    • Policies, Procedures, and Standards
    • Roles and Organizational Structure
    • Oversight and Communication
    • Data Quality of Different Data Types

    Download this Tool

    Data Handling and Remediation Competencies:

    • Data Standardization: Formatting values into consistent standards based on industry standards and business rules.
    • Data Cleansing: Modification of values to meet domain restrictions, integrity constraints, or other business rules for sufficient data quality for the organization.
    • Data Matching: Identification, linking, and merging related entries in or across sets of data.
    • Data Validation: Checking for correctness of the data.

    After these capabilities and competencies are assessed for a current and desired target state, the Data Quality Practice Assessment and Project Planning Tool will suggest improvement actions that should be followed in order to build your data quality practice. In addition, a roadmap will be generated after target dates are set to create your data quality practice development strategy.

    Benchmark current and identify target capabilities for your data quality practice

    1 hour

    Input

    • Current and desired data quality practices in the organization

    Output

    • Assessment of where the gaps lie in your data quality practice

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality Project Lead
    • Business Line Representatives
    • Business Architects

    Use the Data Quality Practice Assessment and Project Planning Tool to evaluate the baseline and target capabilities of your practice in terms of how data quality is approached and executed.

    Download this Tool

    Instructions

    1. Invite the appropriate stakeholders to participate in this exercise. Examples:
      1. Business executives will have input in Tab 2
      2. Unique stakeholders: communications expert or executive advisors may have input
    2. On Tab 2: Practice Components, assess the current and target states of each capability on a scale of 1–5. Note: “Ad hoc” implies a capability is completed, but randomly, informally, and without a standardized method.

    These results will set the baseline against which you will monitor performance progress and keep track of improvements over time.

    Info-Tech Insight

    Focus on early alignment. Assessing capabilities within specific people’s job functions can naturally result in disagreement or debate, especially between business and IT people. Remind everyone that data quality should ultimately serve business needs wherever possible.

    Visualization improves the holistic understanding of where gaps exist in your data quality practice

    To enable deeper analysis on the results of your practice assessment, Tab 3: Data Quality Practice Scorecard in the Data Quality Practice Assessment and Project Planning Tool creates visualizations of the gaps identified in each of your practice capabilities and related data management practices. These diagrams serve as analysis summaries.

    Gap assessment of “Meeting Business Needs” capabilities

    The image shows a screen capture of the Gap assessment of 
“Meeting Business Needs” capabilities, with sample information filled in.

    Visualization of gap assessment of data quality practice capabilities

    The image shows a bar graph titled Data Quality Capabilities.

    1. Enhance your gap analyses by forming a relative comparison of total gaps in key practice capability areas, which will help in determining priorities.
    • Example: In Tab 2 compare your capabilities within “Policies, Procedures, and Standards.” Then in Tab 3, compare your overall capabilities in “Policies, Procedures, and Standards” versus “Empowering Technologies.”
  • Put these up on display to improve discussion in the gap analyses and prioritization sessions.
  • Improve the clarity and flow of your strategy template, final presentations, and summary documents by copying and pasting the gap assessment diagrams.
  • Before engaging in the data quality improvement project plan, receive signoff from IT regarding feasibility

    The final piece of the puzzle is to gain sign-off from IT.

    Hofstadter's law: It always takes longer than you expect, even when you take into account Hofstadter’s Law.

    This means that before engaging IT in data quality projects to fix the business units’ data in Phase 2, IT must assess feasibility of the data quality improvement plan. A feasibility analysis is typically used to review the strengths and weaknesses of the projects, as well as the availability of required skills and technologies needed to complete them. Use the following workflow to guide you in performing a feasibility analysis:

    Project evaluation process:

    Present capabilities

    • Operational Capabilities
    • System Capabilities
    • Schedule Capabilities
      • Summary of Evaluation Results
        • Recommendations/ modifications to the project plan

    Info-Tech Best Practice

    While the PMO identifies and coordinates projects, IT must determine how long and for how much.

    Conduct gap analysis sessions to review and prioritize the capability gaps

    1 hour

    Input

    • Current and Target State Assessment

    Output

    • Documented initiatives to help you get to the target state

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality team
    • IT representatives

    Instructions

    • Analyze Gap Analysis Results – As a group, discuss the high-level results on Tab 3: Data Quality Practice Score. Discuss the implications of the gaps identified.
    • Do a line-item review of the gaps between current and target levels for each assessed capability by using Tab 2: Practice Components.
    • Brainstorm Alignment Strategies – Brainstorm the effort and activities that will be necessary to support the practice in building its capabilities to the desired target level. Ask the following questions:
      • What activities must occur to enable this capability?
      • What changes/additions to resources, process, technology, business involvement, and communication must occur?
    • Document Data Quality Initiatives – Turn activities into initiatives by documenting them in Tab 4. Data Quality Practice Roadmap. Review the initiatives and estimate the start and end dates of each one.
    • Continue to evaluate the assessment results in order to create a comprehensive set of data quality initiatives that support your practice in building capabilities.

    Download this Tool

    Create the organization’s data quality improvement strategy roadmap

    1 hour

    Input

    • Data quality practice gaps and improvement actions

    Output

    • Data quality practice improvement roadmap

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality Project Lead
    • Business Executives
    • IT Executives
    • Business Architects

    Generating Your Roadmap

    1. Plan the sequence, starting time, and length of each initiative in the Data Quality Practice Assessment and Project Planning Tool.
    2. The tool will generate a Gantt chart based on the start and length of your initiatives.
    3. The Gantt chart is generated in Tab 4: Data Quality Practice Roadmap, and can be used to organize and ensure that all of the essential aspects of data quality are addressed.

    Use the Practice Roadmap to plan and improve data quality capabilities

    Download this Tool

    Info-Tech Best Practice

    To help get you started, Info-Tech has provided an extensive list of data quality improvement initiatives that are commonly undertaken by organizations looking to improve their data quality.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    2 hours

    Create practice-level metrics to monitor your data quality practice.

    Instructions:

    1. Establish metrics for both the business and IT that will be used to determine if the data quality practice development is effective.
    2. Set targets for each metric.
    3. Collect current data to calculate the metrics and establish a baseline.
    4. Assign an owner for tracking each metric to be accountable for performance.
    Metric Current Goal
    Usage (% of trained users using the data warehouse)
    Performance (response time)
    Performance (response time)
    Resource utilization (memory usage, number of machine cycles)
    User satisfaction (quarterly user surveys)
    Data quality (% values outside valid values, % fields missing, wrong data type, data outside acceptable range, data that violates business rules. Some aspects of data quality can be automatically tracked and reported)
    Costs (initial installation and ongoing, Total Cost of Ownership including servers, software licenses, support staff)
    Security (security violations detected, where violations are coming from, breaches)
    Patterns that are used
    Reduction in time to market for the data
    Completeness of data that is available
    How many "standard" data models are being used
    What is the extra business value from the data governance program?
    How much time is spent for data prep by BI & analytics team?

    Phase 2 summary

    As you improve your data quality practice and move from reactive to stable, don’t rest and assume that you can let data quality keep going by itself. Rapidly changing consumer requirements or other pains will catch up to your organization and you will fall behind again. By moving to the proactive and predictive end of the maturity scale, you can stay ahead of the curve. By following the methodology laid out in Phase 1, the data quality practices at your organization will improve over time, leading to the following results:

    Chaotic

    Before Data Quality Practice Improvements

    • No standards to data quality

    Reactive

    Year 1

    • Processes defined
    • Data cleansing approach to data quality

    Stable

    Year 2

    • Business rules/ stewardship in place
    • Education and training

    Proactive

    Year 3

    • Data quality practices fully in place and embedded in the culture
    • Trusted and intelligent enterprise

    (Global Data Excellence, Data Excellence Maturity Model)

    Phase 3

    Establish Your Organization’s Data Quality Program

    Build Your Data Quality Program

    Create a data lineage diagram to map the data journey and identify the data subject areas to be targeted for fixes

    It is important to understand the various data that exist in the business unit, as well as which data are essential to business function and require the highest degree of quality efforts.

    Visualize your databases and the flow of data. A data lineage diagram can help you and the Data Quality Improvement Team visualize where data issues lie. Keeping the five-tier architecture in mind, build your data lineage diagram.

    Reminder: Five-Tier Architecture

    The image shows the Five-Tier Architecture graphic.

    Use the following icons to represent your various data systems and databases.

    The image shows four icons. They are: the image of a square and a computer monitor, labelled Application; the image of two sheets of paper, labelled Desktop documents; the image of a green circle next to a computer monitor, labelled Web Application; and a blue cylinder labelled Database.

    Use Info-Tech’s Data Lineage Diagram to document the data sources and applications used by the business unit

    2 hours

    Input

    • Data sources and applications used by the business unit

    Output

    • Data lineage diagram

    Materials

    • Data Lineage Diagram Template

    Participants

    • Business Unit Head/Data Owner
    • Business Unit SMEs
    • Data Analysts/Architects

    Map the flow and location of data within a business unit by creating a system context diagram.

    Gain an accurate view of data locations and uses: Engage business users and representatives with a wide breadth of knowledge-related business processes and the use of data by related business operations.

    1. Sit down with key business representatives of the business unit.
    2. Document the sources of data and processes in which they’re involved, and get IT confirmation that the sources of the data are correct.
    3. Map out the sources and processes in a system context diagram.

    Download this Tool

    Sample Data Lineage Diagram

    The image shows a sample data lineage diagram, split into External Applications and Internal Applications, and showing the processes involved in each.

    Leverage Info-Tech’s Data Quality Practice Assessment and Project Planning Tool to document business context

    1 hour

    Input

    • Business vision, goals, and drivers

    Output

    • Business context for the data quality improvement project

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality project lead
    • Business line representatives
    • IT executives

    Develop goals and align them with specific objectives to set the framework for your data quality initiatives.

    In the context of achieving business vision, mission, goals, and objectives and sustaining differentiators and key drivers, think about where and how data quality is a barrier. Then brainstorm data quality improvement objectives that map to these barriers. Document your list of objectives in Tab 5. Prioritize business units of the Data Quality Practice Assessment and Project Planning Tool.

    Establishing Business Context Example

    Healthcare Industry

    Vision To improve member services and make service provider experience more effective through improving data quality and data collection, aggregation, and accessibility for all the members.
    Goals

    Establish meaningful metrics that guide to the improvement of healthcare for member effectiveness of health care providers:

    • Data collection
    • Data harmonization
    • Data accessibility and trust by all constituents.
    Differentiator Connect service consumers with service providers, that comply with established regulations by delivering data that is accurate, trusted, timely, and easy to understand to connect service providers and eliminate bureaucracy and save money and time.
    Key Driver Seamlessly provide a healthcare for members.

    Download this Tool

    Document the identified business units and their associated data

    30 minutes

    Input

    • Business units

    Output

    • Documented business units to begin prioritization

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager

    Instructions

    1. Using Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, document the business units that use data in the organization. This will likely be all business units in the organization.
    2. Next, document the primary data used by those business units.
    3. These inputs will then be used to assess business unit priority to generate a data quality improvement project roadmap.

    The image shows a screen capture of Tab 5: Prioritize Business Units, with sample information inputted.

    Reminder – Not every business unit requires the same standard of data quality

    To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

    Business Value of Data

    Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

    The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

    • Loss of Revenue
    • Loss of Productivity
    • Increased Operating Costs

    Business Impact of Data

    Business impact of data should take into account the effects of poor data on both internal and external parties.

    The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

    • Impact on Customers
    • Impact on Internal Staff
    • Impact on Business Partners

    Value + Impact = Data Priority Score

    Assess the business unit priority order for data quality improvements

    2 hours

    Input

    • Assessment of value and impact of business unit data

    Output

    • Prioritization list for data quality improvement projects

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager
    • Data owners

    Instructions

    Instructions In Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, assess business value and business impact of the data within each documented business unit.

    Use the ratings High, Medium, and Low to measure the financial, productivity, and efficiency value and impact of each business unit’s data.

    In addition to these ratings, assess the number of help desk tickets that are submitted to IT regarding data quality issues. This parameter is an indicator that the business unit’s data is high priority for data quality fixes.

    Download this Tool

    Create a business unit order roadmap for your data quality improvement projects

    1 hour

    Input

    • Rating of importance of data for each business unit

    Output

    • Roadmap for data quality improvement projects

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager
    • Product Manager
    • Business line representatives

    Instructions

    After assessing the business units for the business value and business impact of their data, the Data Quality Practice Assessment and Project Planning Tool automatically assesses the prioritization of the business units based on your ratings. These prioritizations are then summarized in a roadmap on Tab 6: Data Quality Project Roadmap. The following is an example of a project roadmap:

    The image shows an example of a project roadmap, with three business units listed vertically along the left hand side, and a Gantt chart showing the time periods in which each Business Unit would work. At the bottom, a table shows the Length of the Project in days (100), and the start date for the first project.

    On Tab 6, insert the timeline for your data quality improvement projects, as well as the starting date of your first data quality project. The roadmap will automatically update with the chosen timing and dates.

    Download this Tool

    Identify metrics at the business unit level to track data quality improvements

    As you improve the data quality for specific business units, measuring the benefits of data quality improvements will help you demonstrate the value of the projects to the business.

    Use the following table to guide you in creating business-aligned metrics:

    Business Unit Driver Metrics Goal
    Sales Customer Intimacy Accuracy of customer data. Percent of missing or incomplete records. 10% decrease in customer record errors.

    Marketing

    Customer Intimacy Accuracy of customer data. Percent of missing or incomplete records. 10% decrease in customer record errors.
    Finance Operational Excellence Relevance of financial reports. Decrease in report inaccuracy complaints.
    HR Risk Management Accuracy of employee data. 10% decrease in employee record errors.
    Shipping Operational Excellence Timeliness of invoice data. 10% decrease in time to report.

    Info-Tech Insight

    Relating data governance success metrics to overall business benefits keeps executive management and executive sponsors engaged because they are seeing actionable results. Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

    Case Study

    Address data quality with the right approach to maximize the ROI

    EDC

    Industry: Government

    Source: Environment Development of Canada (EDC)

    Challenge

    Environment Development Canada (EDC) would initially identify data elements that are important to the business purely based on their business instinct.

    Leadership attempted to tackle the enterprise’s data issues by bringing a set of different tools into the organization.

    It didn’t work out because the fundamental foundational layer, which is the data and infrastructure, was not right – they didn't have the foundational capabilities to enable those tools.

    Solution

    Leadership listened to the need for one single team to be responsible for the data persistence.

    Therefore, the data platform team was granted that mandate to extensively execute the data quality program across the enterprise.

    A data quality team was formed under the Data & Analytics COE. They had the mandate to profile the data and to understand what quality of data needed to be achieved. They worked constantly with the business to build the data quality rules.

    Results

    EDC tackled the source of their data quality issues through initially performing a data quality management assessment with business stakeholders.

    From then on, EDC was able to establish their data quality program and carry out other key initiatives that prove the ROI on data quality.

    Begin your data quality improvement project starting with the highest priority business unit

    Now that you have a prioritized list for your data quality improvement projects, identify the highest priority business unit. This is the business unit you will work through Phase 3 with to fix their data quality issues.

    Once you have initiated and identified solutions for the first business unit, tackle data quality for the next business unit in the prioritized list.

    The image is a graphic labelled as Phase 2. On the left, there is a vertical arrow pointing upward labelled Priority of Business Units. Next to it, there are three boxes, with downward pointing arrows between them, each box labelled as each Business Unit's Data Quality Improvement Project. From there an arrow points right to a circle. Inside the circle are the steps necessary to complete the data quality improvement project.

    Create and document your data quality improvement team

    1 hour

    Input

    • Individuals who fit the data quality improvement plan team roles

    Output

    • Project team

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Data owner
    • Project Manager
    • Product Manager

    The Data Quality Improvement Plan is a concise document that should be created for each data quality project (i.e. for each business unit) to keep track of the project.

    Instructions

    1. Meet with the data owner of the business unit identified for the data quality improvement project.
    2. Identify individuals who fit the data quality improvement plan team roles.
    3. Using the Data Quality Improvement Plan Template to document the roles and individuals who will fit those roles.
    4. Have an introductory meeting with the Improvement team to clarify roles and responsibilities for the project.

    Download this Tool

    Team role Assigned to
    Data Owner [Name]
    Project Manager [Name]
    Business Analyst/BRM [Name]
    Data Steward [Name]
    Data Analyst [Name]

    Document the business context of the Data Quality Improvement Plan

    1 hour

    Input

    • Project team
    • Identified data attributes

    Output

    • Business context for the data quality improvement plan

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Data owner
    • Project Sponsor
    • Product owner

    Data quality initiatives have to be relevant to the business, and the business context will be used to provide inputs to the data improvement strategy. The context can then be used to determine exactly where the root causes of data quality issues are, which will inform your solutions.

    Instructions

    The business context of the data quality improvement plan includes documenting from previous activities:

    1. The Data Quality Improvement Team.
    2. Your Data Lineage Diagram.
    3. Your Data Quality Problem Statement.

    Info-Tech Best Practice

    While many organizations adopt data quality principles, not all organizations express them along the same terms. Have multiple perspectives within your organization outline principles that fit your unique data quality agenda. Anyone interested in resolving the day-to-day data quality issues that they face can be helpful for creating the context around the project.

    Download this tool

    Now that you have a defined problem, revisit the root causes of poor data quality

    You previously fleshed out the problem with data quality present in the business unit chosen as highest priority. Now it is time to figure out what is causing those problems.

    In the table below, you will find some of the common categories of causes of data quality issues, as well as some specific root causes.

    Category Description
    1. System/Application Design Ineffective, insufficient, or even incorrect system/application design accepts incorrect and missing data elements to the source applications and databases. The data records in those source systems may propagate into systems in tiers 2, 3, 4, and 5 of the 5-tier architecture, creating domino and ripple effects.
    2. Database design Database is created and modeled in an incorrect manner so that the management of the data records is incorrect, resulting in duplicated and orphaned records, and records that are missing data elements or records that contain incorrect data elements. Poor operational data in databases often leads to issues in tiers 2, 3, 4, and 5.
    3. Enterprise Integration Data or information is improperly integrated, transformed, masked, and aggregated in tier 2. In addition, some data integration tasks might not be timely, resulting in out-of-date data or even data that contradicts with other data. Enterprise integration is a precursor of loading a data warehouse and data marts. Issues in this layer affect tier 3, 4 and 5 on the 5-tier architecture.
    4. Policies and Procedures Policies and procedures are not effectively used to reinforce data quality. In some situations, policy gaps are found. In others, policies are overlapped and duplicated. Policies may also be out-of-date or too complex, affecting the users’ ability to interpret the policy objectives. Policies affect all tiers in the 5-tier architecture.
    5. Business Processes Improper business process design introduces poor data into the data systems. Failure to create processes around approving data changes, failure to document key data elements, and failure to train employees on the proper uses of data make data quality a burning problem.

    Leverage a root cause analysis approach to pinpoint the origins of your data issues

    A root cause analysis is a systematic approach to decompose a problem into its components. Use fishbone diagrams to help reveal the root causes of data issues.

    The image shows a fishbone diagram on the left, which starts with Process on the left, and then leads to Application and Integration, and then Database and Policies. This section is titled Root causes. The right hand section is titled Lead to problems with data... and includes 4 circles with the word or in between each. The circles are labelled: Completeness; Usability; Timeliness; Accessibility.

    Info-Tech recommends five root cause categories for assessing data quality issues:

    Application Design. Is the issue caused by human error at the application level? Consider internal employees, external partners/suppliers, and customers.

    Database Design. Is the issue caused by a particular database and stems from inadequacies in its design?

    Integration. Data integration tools may not be fully leveraged, or data matching rules may be poorly designed.

    Policies and Procedures. Do the issues take place because of lack of governance?

    Business Processes. Do the issues take place due to insufficient processes?

    For Example:

    When performing a deeper analysis of your data issues related to the accuracy of the business unit’s data, you would perform a root cause analysis by assessing the contribution of each of the five categories of data quality problem root causes:

    The image shows another fishbone diagram, with example information filled in. The first section on the left is titled Application Design, and includes the text: Data entry problems lead to incorrect accounting entries. The second is Integration, and includes the text: Data integration tools are not fully leveraged. The third section is Policies, and includes the text: No policy on standardizing name and address. The last section is Database design, with text that reads: Databases do not contain unique keys. The diagram ends with an arrow pointing right to a blue circle with Accuracy in it.

    Leverage a combination of data analysis techniques to identify and quantify root causes

    Info-Tech Insight

    Including all attributes of the key subject area in your data profiling activities may produce too much information to make sense of. Conduct data profiling primarily at the table level and undergo attribute profiling only if you are able to narrow down your scope sufficiently.

    Data Profiling Tool

    Data profiling extracts a sample of the target data set and runs it through multiple levels of analysis. The end result is a detailed report of statistics about a variety of data quality criteria (duplicate data, incomplete data, stale data, etc.).

    Many data profiling tools have built-in templates and reports to help you uncover data issues. In addition, they quantify the occurrences of the data issues.

    E-Discovery Tool

    This supplements a profiling tool. For Example, use a BI tool to create a custom grouping of all the invalid states (e.g. “CAL,” “AZN,” etc.) and visualize the percentage of invalid states compared to all states.

    SQL Queries

    This supplements a profiling tool. For example, use a SQL statement to group the customer data by customer segment and then by state to identify which segment–state combinations contain poor data.

    Identify the data issues for the particular business unit under consideration

    2 hours

    Input

    • Issues with data quality felt by the business unit
    • Data lineage diagram

    Output

    • Categorized data quality issues

    Materials

    • Whiteboard, markers, sticky notes
    • Data Quality Improvement Plan Template

    Participants

    • Data quality improvement project team
    • Business line representatives

    Instructions

    1. Gather the data quality improvement project team in a room, along with sticky notes and a whiteboard.
    2. Display your previously created data lineage diagram on the whiteboard.
    3. Using color-coded sticky notes, attach issues to each component of the data lineage diagram that team members can identify. Use different colors for the four quality attributes: Completeness, Usability, Timeliness, and Accessibility.

    Example:

    The image shows the data lineage diagram that has been shown in previous sections. In addition, the image shows 4 post-its arranges around the diagram, labelled: Usability; Completeness; Timeliness; and Accessibility.

    Map the data issues on fishbone diagrams to identify root causes

    1 hour

    Input

    • Categorized data quality issues

    Output

    • Completed fishbone diagrams

    Materials

    • Whiteboard, markers, sticky notes
    • Data Quality Improvement Plan Template

    Participants

    • Data quality improvement project team

    Now that you have data quality issues classified according to the data quality attributes, map these issues onto four fishbone diagrams.

    The image shows a fishbone diagram, which is titled Example: Root cause analysis diagram for data accuracy.

    Download this Tool

    Get to know the root causes behind system/application design mistakes

    Suboptimal system/application design provides entry points for bad data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Insufficient data mask No data mask is defined for a free-form text field in a user interface. E.g. North American phone number should have 4 masks – country code (1-digit), area code (3-digit), and local number (7-digit). X X
    Too many free-form text fields Incorrect use of free-form text fields (fields that accept a variety of inputs). E.g. Use a free-form text field for zip code instead of a backend look up. X X
    Lack of value lookup Reference data is not looked up from a reference list. E.g. State abbreviation is entered instead of being looked up from a standard list of states. X X
    Lack of mandatory field definitions Mandatory fields are not identified and reinforced. Resulting data records with many missing data elements. E.g. Some users may fill up 2 or 3 fields in a UI that has 20 non-mandatory fields. X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Application Design section is highlighted.

    Get to know the root causes behind common database design mistakes

    Improper database design allows incorrect data to be stored and propagated.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Incorrect referential integrity Referential integrity constraints are absent or incorrectly implemented, resulting in child records without parent records, or related records are updated or deleted in a cascading manner. E.g. An invoice line item is created before an invoice is created. X X
    Lack of unique keys Lack of unique keys creating scenarios where record uniqueness cannot be guaranteed. E.g. Customer records with the same customer_ID. X X
    Data range Fail to define a data range for incoming data, resulting in data values that are out of range. E.g. The age field is able to store an age of 999. X X
    Incorrect data type Incorrect data types are used to store data fields. E.g. A string field is used to store zip codes. Some users use that to store phone numbers, birthdays, etc. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Database Design section is highlighted

    Get to know the root causes behind enterprise integration mistakes

    Improper data integration or synchronization may create poor analytical data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Incorrect transformation Transformation is done incorrectly. A wrong formula may have been used, transformation is done at the wrong data granularity, or aggregation logic is incorrect. E.g. Aggregation is done for all customers instead of just active customers. X X
    Data refresh is out of sync Data is synchronized at different intervals, resulting in a data warehouse where data domains are out of sync. E.g. Customer transactions are refreshed to reflect the latest activities but the account balance is not yet refreshed. X X
    Data is matched incorrectly Fail to match records from disparate systems, resulting in duplications and unmatched records. E.g. Unable to match customers from different systems because they have different cust_ID. X X
    Incorrect data mapping Fields from source systems are not properly matched with data warehouse fields. E.g. Status fields from different systems are mixed into one field. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Integration section is highlighted

    Get to know the root causes behind policy and procedure mistakes

    Suboptimal policies and procedures undermine the effect of best practices.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Policy Gaps There are gaps in the policy landscape in terms of some missing key policies or policies that are not refreshed to reflect the latest changes. E.g. A data entry policy is absent, leading to inconsistent data entry practices. X X
    Policy Communications Policies are in place but the policies are not communicated effectively to the organization, resulting in misinterpretation of policies and under-enforcement of policies. E.g. The data standard is created but very few developers are aware of its existence. X X
    Policy Enforcement Policies are in place but not proactively re-enforced and that leads to inconsistent application of policies and policy adoption. E.g. Policy adoption is dropping over time due to lack of reinforcement. X X
    Policy Quality Policies are written by untrained authors and they do not communicate the messages. E.g. A non-technical data user may find a policy that is loaded with technical terms confusing. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Policies section is highlighted

    Get to know the root causes behind common business process mistakes

    Ineffective and inefficient business processes create entry points for poor data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Lack of training Key data personnel and business analysts are not trained in data quality and data governance, leading to lack of accountability. E.g. A data steward is not aware of downstream impact of a duplicated financial statement. X X
    Ineffective business process The same piece of information is entered into data systems two or more times. Or a piece of data is stalled in a data system for too long. E.g. A paper form is scanned multiple times to extract data into different data systems. X X
    Lack of documentation Fail to document the work flows of the key business processes. A lack of work flow results in sub-optimal use of data. E.g. Data is modeled incorrectly due to undocumented business logic. X X
    Lack of integration between business silos Business silos hold on to their own datasets resulting in data silos in which data is not shared and/or data is transferred with errors. E.g. Data from a unit is extracted as a data file and stored in a shared drive with little access. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Processes section is highlighted

    Phase 3 Summary

    1. Data Lineage Diagram
    • Creating the data lineage diagram is recommended to help visualize the flow of your data and to map the data journey and identify the data subject areas to be targeted for fixes.
    • The data lineage diagram was leveraged multiple times throughout this Phase. For example, the data lineage diagram was used to document the data sources and applications used by the business unit
  • Business Context
    • Business context was documented through the Data Quality Practice Assessment and Project Planning Tool.
    • The same tool was used to document identified business units and their associated data.
    • Metrics were also identified at the business unit level to track data quality improvements.
  • Common Root Causes
    • Leverage a root cause analysis approach to pinpoint the origins of your data quality issues.
    • Analyzed and got to know the root causes behind the following:
      1. System/application design mistakes
      2. Common database design mistakes
      3. Enterprise integration mistakes
      4. Policies and procedures mistakes
      5. Common business processes mistakes
  • Phase 4

    Grow and Sustain Your Data Quality Program

    Build Your Data Quality Program

    For the identified root causes, determine the solutions for the problem

    As you worked through the previous step, you identified the root causes of your data quality problems within the business unit. Now, it is time to identify solutions.

    The following slides provide an overview of the solutions to common data quality issues. As you identify solutions that apply to the business unit being addressed, insert the solution tables in Section 4: Proposed Solutions of the Data Quality Improvement Plan Template.

    All data quality solutions have two components to them:

    • Technology
    • People

    For the next five data quality solution slides, look for the slider for the contributions of each category to the solution. Use this scale to guide you in creating solutions.

    When designing solutions, keep in mind that solutions to data quality problems are not mutually exclusive. In other words, an identified root cause may have multiple solutions that apply to it.

    For example, if an application is plagued with inaccurate data, the application design may be suboptimal, but also the process that leads to data being entered may need fixing.

    Data quality improvement strategy #1:

    Fix data quality issues by improving system/application design.

    Technology

    Application Interface Design

    Restrict field length – Capture only the characters you need for your application.

    Leverage data masks – Use data masks in standardized fields like zip code and phone number.

    Restrict the use of open text fields and use reference tables – Only present open text fields when there is a need. Use reference tables to limit data values.

    Provide options – Use radio buttons, drop-down lists, and multi-select instead of using open text fields.

    Data Validation at the Application Level

    Validate data before committing – Use simple validation to ensure the data entered is not random numbers and letters.

    Track history – Keep track of who entered what fields.

    Cannot submit twice – Only design for one-time submission.

    People

    Training

    Data-entry training – Training that is related to data entry, creating, or updating data records.

    Data resolution training – Training data stewards or other dedicated data personnel on how to resolve data records that are not entered properly.

    Continuous Improvement

    Standards – Develop application design principles and standards.

    Field testing – Field data entry with a few people to look for abnormalities and discrepancies.

    Detection and resolution – Abnormal data records should be isolated and resolved ASAP.

    Application Testing

    Thorough testing – Application design is your first line of defence against poor data. Test to ensure bad data is kept out of the systems.

    Case Study

    HMS

    Industry: Healthcare

    Source: Informatica

    Improve your data quality ingestion procedures to provide better customer intimacy for your users

    Healthcare Management Systems (HMS) provides cost containment services for healthcare sponsors and payers, and coordinates benefits services. This is to ensure that healthcare claims are paid correctly to both government agencies and individuals. To do so, HMS relies on data, and this data needs to be of high quality to ensure the correct decisions are made, the right people get the correct claims, and the appropriate parties pay out.

    To improve the integrity of HMS’s customer data, HMS put in place a framework that helped to standardize the collection of high volume and highly variable data.

    Results

    Working with a data quality platform vendor to establish a framework for data standardization, HMS was able to streamline data analysis and reduce new customer implementations from months to weeks.

    HMS data was plagued with a lack of standardization of data ingestion procedures.

    Before improving data quality processes After improving data quality processes
    Data Ingestion Data Ingestion
    Many standards of ingestion. Standardized data ingestion
    Data Storage Data Storage
    Lack of ability to match data, creating data quality errors.
    Data Analysis Data Analysis
    = =
    Slow Customer Implementation Time 50% Reduction in Customer Implementation Time

    Data quality improvement strategy #2:

    Fix data quality issues using proper database design.

    Technology

    Database Design Best Practices

    Referential integrity – Ensure parent/child relationships are maintained in terms of cascade creation, update, and deletion.

    Primary key definition – Ensure there is at least one key to guarantee the uniqueness of the data records, and primary key should not allow null.

    Validate data domain – Create triggers to check the data values entered in the database fields.

    Field type and length – Define the most suitable data type and length to hold field values.

    One-Time Data Fix (more on the next slide)

    Explore solutions – Where to fix the data issues? Is there a case to fix the issues?

    Running profiling tools to catch errors – Run scans on the database with defined criteria to identify occurrences of questionable data.

    Fix a sample before fixing all records – Use a proof-of-concept approach to explore fix options and evaluate impacts before fixing the full set.

    People

    The DBA Team

    Perform key tasks in pairs – Take a pair approach to perform key tasks so that validation and cross-check can happen.

    Skilled DBAs – DBAs should be certified and accredited.

    Competence – Assess DBA competency on an ongoing basis.

    Preparedness – Develop drills to stimulate data issues and train DBAs.

    Cross train – Cross train team members so that one DBA can cover another DBA.

    Data quality improvement strategy #3:

    Improve integration and synchronization of enterprise data.

    Technology

    Integration Architecture

    Info-Tech’s 5-Tier Architecture – When doing transformations, it is good practice to persist the integration results in tier 3 before the data is further refined and presented in tier 4.

    Timing, timing, and timing – Think of the sequence of events. You may need to perform some ETL tasks before other tasks to achieve synchronization and consistence.

    Historical changes – Ensure your tier 3 is robust enough to include historical data. You need to enable type 2 slowly, changing dimension to recreate the data at a point in time.

    Data Cleansing

    Standardize – Leverage data standardization to standardize name and address fields to improve matching and integration.

    Fuzzy matching – When there are no common keys between datasets. The datasets can only be matched by fuzzy matching. Fuzzy matching is not hard science; define a confidence level and think about a mechanism to deal with the unmatched.

    People

    Reporting and Documentations

    Business data glossary and data lineage – Define a business data glossary to enhance findability of key data elements. Document data mappings and ETL logics.

    Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

    Code Review

    Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

    ARB (architectural review board) – All ETL codes should be approved by the architectural review board to ensure alignment with the overall integration strategy.

    Data quality improvement strategy #4:

    Improve data quality policies and procedures.

    Technology

    Policy Reporting

    Data quality reports – Leverage canned data quality reports from the ETL platforms to monitor data quality on an on-going basis. When abnormalities are found, provoke the right policies to deal with the issues.

    Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralized website.

    Make the repository searchable and easily navigable. myPolicies helps you do all this and more.

    myPolicies helps you do all this and more.

    Go to this link

    People

    Policy Review and Training

    Policy review – Create a schedule for reviewing policies on a regular basis – invite professional writers to ensure polices are understandable.

    Policy training – Policies are often unread and misread. Training users and stakeholders on policies is an effective way to make sure those users and stakeholders understand the rationale of the policies. It is also a good practice to include a few scenarios that are handled by the policies.

    Policy hotline/mailbox – To avoid misinterpretation of the policies, a policy hotline/mailbox should be set up to answer any data policy questions from the end users/stakeholders.

    Policy Communications

    Simplified communications – Create handy one-pagers and infographic posters to communicate the key messages of the polices.

    Policy briefing – Whenever a new data project is initiated, a briefing of data policies should be given to ensure the project team follows the policies from the very beginning.

    Data quality improvement strategy #5:

    Streamline and optimize business processes.

    Technology

    Requirements Gathering

    Data Lineage – Leverage a metadata management tool to construct and document data lineage for future reference.

    Documentations Repository – It is a best practice to document key project information and share that knowledge across the project team and with the stakeholder. An improvement understanding of the project helps to identify data quality issues early on in the project.

    “Automating creation of data would help data quality most. You have to look at existing processes and create data signatures. You can then derive data off those data codes.” – Patrick Bossey, Manager of Business Intelligence, Crawford and Company

    People

    Requirements Gathering

    Info-Tech’s 4-Column Model – The datasets may exist but the business units do not have an effective way of communicating the quality needs. Use our four-column model and the eleven supporting questions to better understand the quality needs. See subsequent slides.

    I don’t know what the data means so I think the quality is poor – It is not uncommon to see that the right data presented to the business but the business does not trust the data. They also do not understand the business logic done on the data. See our Business Data Glossary in subsequent slides.

    Understand the business workflow – Know the business workflow to understand the manual steps associated with the workflow. You may find steps in which data is entered, manipulated, or consumed inappropriately.

    “Do a shadow data exercise where you identify the human workflows of how data gets entered, and then you can identify where data entry can be automated.” – Diraj Goel, Growth Advisor, BC Tech

    Brainstorm solutions to your data quality issues

    4 hours

    Input

    • Data profiling results
    • Preliminary root cause analyses

    Output

    • Proposals for data fix
    • Fixed issues

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Business and Data Analysts
    • Data experts and stewards

    After walking through the best-practice solutions to data quality issues, propose solutions to fix your identified issues.

    Instructions

    1. Review Root Cause Analyses: Revisit the root cause analysis and data lineage diagram you have generated in Step 3.2. to understand the issues in greater details.
    2. Characterize Each Issue: You may need to generate a data profiling report to characterize the issue. The report can be generated by using data quality suites, BI platforms, or even SQL statements.
    3. Brainstorm the Solutions: As a group, discuss potential ways to fix the issue. You can tackle the issues by approaching from these areas:
    Solution Approaches
    Technology Approach
    People Approach

    X crossover with

    Problematic Areas
    Application/System Design
    Database Design
    Data Integration and Synchronization
    Policies and Procedures
    Business Processes
    1. Document and Communicate: Document the solutions to your data issues. You may need to reuse or refer to the solutions. Also brainstorm some ideas on how to communicate the results back to the business.

    Download this Tool

    Sustaining your data quality requires continuous oversight through a data governance practice

    Quality data is the ultimate outcome of data governance and data quality management. Data governance enables data quality by providing the necessary oversight and controls for business processes in order to maintain data quality. There are three primary groups (at right) that are involved in a mature governance practice. Data quality should be tightly integrated with all of them.

    Define an effective data governance strategy and ensure the strategy integrates well with data quality with Info-Tech’s Establish Data Governance blueprint.

    Visit this link

    Data Governance Council

    This council establishes data management practices that span across the organization. This should be comprised of senior management or C-suite executives that can represent the various departments and lines of business within the organization. The data governance council can help to promote the value of data governance, facilitate a culture that nurtures data quality, and ensure that the goals of the data governance program are well aligned with business objectives.

    Data Owners

    Identifying the data owner role within an organization helps to create a greater degree of accountability for data issues. They often oversee how the data is being generated as well as how it is being consumed. Data owners come from the business side and have legal rights and defined control over a data set. They ensure data is available to the right people within the organization.

    Data Stewards

    Conflict can occur within an organization’s data governance program when a data steward’s role is confused with that of the steering committee’s role. Data stewards exist to enforce decisions made about data governance and data management. Data stewards are often business analysts or power users of a particular system/dataset. Where a data owner is primarily responsible for access, a data steward is responsible for the quality of a dataset.

    Integrate the data quality management strategy with existing data governance committees

    Ongoing and regular data quality management is the responsibility of the data governance bodies of the organization.

    The oversight of ongoing data quality activities rests on the shoulders of the data governance committees that exist in the organization.

    There is no one-size-fits-all data governance structure. However, most organizations follow a similar pattern when establishing committees, councils, and cross-functional groups. They strive to identify roles and responsibilities at a strategic, tactical, and operational level:

    The image shows a pyramid, with Executive Sponsors at the top, with the following roles in descending order: DG Council; Steering Committee; Working Groups; Data Owners and Data Stewards; and Data Users. Along the left side of the pyramid, there are three labels, in ascending order: Operational, Tactical, and Strategic.

    The image is a flow chart showing project roles, in two sections: the top section is labelled Governing Bodies, and the lower section is labelled Data Quality Improvement Team. There is a note indicating that the Data Owner reports to and provides updates regarding the state of data quality and data quality initiatives.

    Create and update the organization’s Business Data Glossary to keep up with current data definitions

    2 hours

    Input

    • Metrics and goals for data quality

    Output

    • Regularly scheduled data quality checkups

    Materials

    • Business Data Glossary Template
    • Data Quality Dashboard

    Participants

    • Data steward

    A crucial aspect of data quality and governance is the Business Data Glossary. The Business Data Glossary helps to align the terminology of the business with the organization’s data assets. It allows the people who interact with the data to quickly identify the applications, processes, and stewardship associated with it, which will enhance the accuracy and efficiency of searches for organization data definitions and attributes, enabling better access to the data. This will, in turn, enhance the quality of the organization’s data because it will be more accurate, relevant, and accessible.

    Use the Business Data Glossary Template to document key aspects of the data, such as:

    • Definition
    • Source System
    • Possible Values
    • Data Steward
    • Data Sensitivity
    • Data Availability
    • Batch or Live
    • Retention

    Data Element

    • Mkt-Product
    • Fin-Product

    Info-Tech Insight

    The Business Data Glossary ensures that the crucial data that has key business use by key business systems and users is appropriately owned and defined. It also establishes rules that lead to proper data management and quality to be enforced by the data owners.

    Download this Tool

    Data Steward(s): Use the Data Quality Improvement Plan of the business unit for ongoing quality monitoring

    Integrating your data quality strategy into the organization’s data governance program requires passing the strategy over to members of the data governance program. The data steward role is responsible for data quality at the business unit level, and should have been involved with the creation and implementation of the data quality improvement project. After the data quality repairs have been made, it is the responsibility of the data steward to regularly monitor the quality of the business unit’s data.

    Create Improvement Plan ↓
    • Data Quality Improvement Team identifies root cause issues.
    • Brainstorm solutions.
    Implement Improvement Plan ↓
    • Data Quality Improvement Team works with IT.
    Sustain Improvement Plan
    • Data Steward should regularly monitor data quality.

    Download this tool

    See Info-Tech’s Data Steward Job Description Template for a detailed understanding of the roles and responsibilities of the data steward.

    Responsible for sustaining

    The image shows a screen capture of a document entitled Business Context & Subject Area Selection.

    Develop a business-facing data quality dashboard to show improvements or a sudden dip in data quality

    One tool that the data steward can take advantage of is the data quality dashboard. Initiatives that are implemented to address data quality must have metrics defined by business objectives in order to demonstrate the value of the data quality improvement projects. In addition, the data steward should have tools for tracking data quality in the business unit to report issues to the data owner and data governance steering committee.

    • Example 1: Marketing uses data for direct mail and e-marketing campaigns. They care about customer data in particular. Specifically, they require high data quality in attributes such as customer name, address, and product profile.
    • Example 2: Alternatively, Finance places emphasis on financial data, focusing on attributes like account balance, latency in payment, credit score, and billing date.

    The image is Business dashboard on Data Quality for Marketing. It features Data Quality metrics, listed in the left column, and numbers for each quarter over the course of one year, on the right.

    Notes on chart:

    General improvement in billing address quality

    Sudden drop in touchpoint accuracy may prompt business to ask for explanations

    Approach to creating a business-facing data quality dashboard:

    1. Schedule a meeting with the functional unit to discuss what key data quality metrics are essential to their business operations. You should consider the business context, functional area, and subject area analyses you completed in Phase 1 as a starting point.
    2. Discuss how to gather data for the key metrics and their associated calculations.
    3. Discuss and decide the reporting intervals.
    4. Discuss and decide the unit of measurement.
    5. Generate a dashboard similar to the example. Consider using a BI or analytics tool to develop the dashboard.

    Data quality management must be sustained for ongoing improvements to the organization’s data

    • Data quality is never truly complete; it is a set of ongoing processes and disciplines that requires a permanent plan for monitoring practices, reviewing processes, and maintaining consistent data standards.
    • Setting the expectation to stakeholders that a long-term commitment is required to maintain quality data within the organization is critical to the success of the program.
    • A data quality maintenance program will continually revise and fine-tune ongoing practices, processes, and procedures employed for organizational data management.

    Data quality is a program that requires continual care:

    →Maintain→Good Data →

    Data quality management is a long-term commitment that shifts how an organization views, manages, and utilizes its corporate data assets. Long-term buy-in from all involved is critical.

    “Data quality is a process. We are trying to constantly improve the quality over time. It is not a one-time fix.” – Akin Akinwumi, Manager of Data Governance, Startech.com

    Define a data quality review agenda for data quality sustainment

    2 hours

    Input

    • Metrics and goals for data quality

    Output

    • Regularly scheduled data quality checkups

    Materials

    • Data Quality Diagnostic
    • Data Quality Dashboard

    Participants

    • Data Steward

    As a data steward, you are responsible for ongoing data quality checks of the business unit’s data. Define an improvement agenda to organize the improvement activities. Organize the activities yearly and quarterly to ensure improvement is done year-round.

    Quarterly

    • Measure data quality metrics against milestones. Perform a regular data quality health check with Info-Tech’s Data Quality Diagnostic.
    • Review the business unit’s Business Data Glossary to ensure that it is up to date and comprehensive.
    • Assess progress of practice area initiatives (time, milestones, budget, benefits delivered).
    • Analyze overall data quality and report progress on key improvement projects and corrective actions in the executive dashboard.
    • Communicate overall status of data quality to oversight body.

    Annually

    • Calculate your current baseline and measure progress by comparing it to previous years.
    • Set/revise quality objectives for each practice area and inter-practice hand-off processes.
    • Re-evaluate/re-establish data quality objectives.
    • Set/review data quality metrics and tracking mechanisms.
    • Set data quality review milestones and timelines.
    • Revisit data quality training from an end-user perspective and from a practitioner perspective.

    Info-Tech Insight

    Do data quality diagnostic at the beginning of any improvement plan, then recheck health with the diagnostic at regular intervals to see if symptoms are coming back. This should be a monitoring activity, not a data quality fixing activity. If symptoms are bad enough, repeat the improvement plan process.

    Take the next step in your Data & Analytics Journey

    After establishing your data quality program, look to increase your data & analytics maturity.

    • Artificial Intelligence (AI) is a concept that many organizations strive to implement. AI can really help in areas such as data preparation. However, implementing AI solutions requires a level of maturity that many organizations are not at.
    • While a solid data quality foundation is essential for AI initiatives being successful, AI can also ensure high data quality.
    • An AI analytics solution can address data integrity issues at the earliest point of data processing, rapidly transforming these vast volumes of data into trusted business information. This can be done through Anomaly detection, which flags “bad” data, identifying suspicious anomalies that can impact data quality. By tracking and evaluating data, anomaly detection gives critical insights into data quality as data is processed. (Ira Cohen, The End to a Never-Ending Story? Improve Data Quality with AI Analytics, anodot, 2020)

    Consider… “Garbage in, garbage out.”

    Lay a solid foundation by addressing your data quality issues prior to investing heavily in an AI solution.

    Related Info-Tech Research

    Are You Ready for AI?

    • Use AI as a compelling event to expedite funding, resources, and project plans for your data-related initiatives. Check out this note to understand what it takes to be ready to implement AI solutions.

    Get Started With Artificial Intelligence

    • Current AI technology is data-enabled, automated, adaptive decision support. Once you believe you are ready for AI, check out this blueprint on how to get started.

    Build a Data Architecture Roadmap

    • The data lineage diagram was a key tool used in establishing your data quality program. Check out this blueprint and learn how to optimize your data architecture to provide greatest value from data.

    Create an Architecture for AI

    • Build your target state architecture from predefined best practice building blocks. This blueprint assists members first to assess if they have the maturity to embrace AI in their organization, and if so, which AI acquisition model fits them best.

    Phase 4 Summary

    1. Data Quality Improvement Strategy
    • Brainstorm solutions to your data quality issues using the following data quality improvement strategies as a guide:
      1. Fix data quality issues by improving system/application design
      2. Fix data quality issues using proper database design
      3. Improve integration and synchronization of enterprise data
      4. Improve data quality policies and procedures
      5. Streamline and optimize business processes
  • Sustain Your Data Quality Program
    • Quality data is the ultimate outcome of data governance and data quality management.
    • Sustaining your data quality requires continuous oversight through a data governance practice.
    • There are three primary groups (Data Governance Council, Data Owners, and Data Stewards) that are involved in a mature governance practice.
  • Grow Your Data & Analytics Maturity
    • After establishing your data quality program, take the next step in increasing your data & analytics maturity.
    • Good data quality is the foundation of pursuing different ways of maximizing the value of your data such as implementing AI solutions.
    • Continue your data & analytics journey by referring to Info-Tech’s quality research.
  • Research Contributors and Experts

    Izabela Edmunds

    Information Architect Mott MacDonald

    Akin Akinwumi

    Manager of Data Governance Startech.com

    Diraj Goel

    Growth Advisor BC Tech

    Sujay Deb

    Director of Data Analytics Technology and Platforms Export Development Canada

    Asif Mumtaz

    Data & Solution Architect Blue Cross Blue Shield Association

    Patrick Bossey

    Manager of Business Intelligence Crawford and Company

    Anonymous Contributors

    Ibrahim Abdel-Kader

    Research Specialist Info-Tech Research Group

    Ibrahim is a Research Specialist at Info-Tech Research Group. In his career to date he has assisted many clients using his knowledge in process design, knowledge management, SharePoint for ECM, and more. He is expanding his familiarity in many areas such as data and analytics, enterprise architecture, and CIO-related topics.

    Reddy Doddipalli

    Senior Workshop Director Info-Tech Research Group

    Reddy is a Senior Workshop Director at Info-Tech Research Group, focused on data management and specialized analytics applications. He has over 25 years of strong industry experience in IT leading and managing analytics suite of solutions, enterprise data management, enterprise architecture, and artificial intelligence–based complex expert systems.

    Andy Neill

    Practice Lead, Data & Analytics and Enterprise Architecture Info-Tech Research Group

    Andy leads the data and analytics and enterprise architecture practices at ITRG. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and development of industry standard data models.

    Crystal Singh

    Research Director, Data & Analytics Info-Tech Research Group

    Crystal is a Research Director at Info-Tech Research Group. She brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

    Igor Ikonnikov

    Research Director, Data & Analytics Info-Tech Research Group

    Igor is a Research Director at Info-Tech Research Group. He has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.

    Andrea Malick

    Research Director, Data & Analytics Info-Tech Research Group

    Andrea Malick is a Research Director at Info-Tech Research Group, focused on building best practices knowledge in the enterprise information management domain, with corporate and consulting leadership in enterprise architecture and content management (ECM).

    Natalia Modjeska

    Research Director, Data & Analytics Info-Tech Research Group

    Natalia Modjeska is a Research Director at Info-Tech Research Group. She advises members on topics related to AI, machine learning, advanced analytics, and data science, including ethics and governance. Natalia has over 15 years of experience in developing, selling, and implementing analytical solutions.

    Rajesh Parab

    Research Director, Data & Analytics Info-Tech Research Group

    Rajesh Parab is a Research Director at Info-Tech Research Group. He has over 20 years of global experience and brings a unique mix of technology and business acumen. He has worked on many data-driven business applications. In his previous architecture roles, Rajesh created a number of product roadmaps, technology strategies, and models.

    Bibliography

    Amidon, Kirk. "Case Study: How Data Quality Has Evolved at MathWorks." The Fifth MIT Information Quality Industry Symposium. 13 July 2011. Web. 19 Aug. 2015.

    Boulton, Clint. “Disconnect between CIOs and LOB managers weakens data quality.” CIO. 05 February 2016. Accessed June 2020.

    COBIT 5: Enabling Information. Rolling Meadows, IL: ISACA, 2013. Web.

    Cohen, Ira. “The End to a Never-Ending Story? Improve Data Quality with AI Analytics.” anodot. 2020.

    “DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK Guide).” First Edition. DAMA International. 2009. Digital. April 2014.

    "Data Profiling: Underpinning Data Quality Management." Pitney Bowes. Pitney Bowes - Group 1 Software, 2007. Web. 18 Aug. 2015.

    Data.com. “Data.com Clean.” Salesforce. 2016. Web. 18 Aug. 2015.

    “Dawn of the CDO." Experian Data Quality. 2015. Web. 18 Aug. 2015.

    Demirkan, Haluk, and Bulent Dal. "Why Do So Many Analytics Projects Fail?" The Data Economy: Why Do so Many Analytics Projects Fail? Analytics Magazine. July-Aug. 2014. Web.

    Dignan, Larry. “CIOs juggling digital transformation pace, bad data, cloud lock-in and business alignment.” ZDNet. 11 March 2020. Accessed July.

    Dumbleton, Janani, and Derek Munro. "Global Data Quality Research - Discussion Paper 2015." Experian Data Quality. 2015. Web. 18 Aug. 2015.

    Eckerson, Wayne W. "Data Quality and the Bottom Line - Achieving Business Success through a Commitment to High Quality Data." The Data Warehouse Institute. 2002. Web. 18 Aug. 2015.

    “Infographic: Data Quality in BI the Costs and Benefits.” HaloBI. 2015 Web.

    Lee, Y.W. and Strong, D.M. “Knowing-Why About Data Processes and Data Quality.” Journal of Management Information Systems. 2004.

    “Making Data Quality a Way of Life.” Cognizant. 2014. Web. 18 Aug. 2015.

    "Merck Serono Achieves Single Source of Truth with Comprehensive RIM Solutions." www.productlifegroup.com. ProductLife Group. 15 Apr. 2015. Web. 23 Nov. 2015.

    Myers, Dan. “List of Conformed Dimensions of Data Quality.” Conformed Dimensions of Data Quality (CDDQ). 2019. Web.

    Redman, Thomas C. “Make the Case for Better Data Quality.” Harvard Business Review. 24 Aug. 2012. Web. 19 Aug. 2015.

    RingLead Data Management Solutions. “10 Stats About Data Quality I Bet You Didn’t Know.” RingLead. Accessed 7 July 2020.

    Schwartzrock, Todd. "Chrysler's Data Quality Management Case Study." Online video clip. YouTube. 21 April. 2011. Web. 18 Aug. 2015

    “Taking control in the digital age.” Experian Data Quality. Jan 2019. Web.

    “The data-driven organization, a transformation in progress.” Experian Data Quality. 2020. Web.

    "The Data Quality Benchmark Report." Experian Data Quality. Jan. 2015. Web. 18 Aug. 2015.

    “The state of data quality.” Experian Data Quality. Sept. 2013. Web. 17 Aug. 2015.

    Vincent, Lanny. “Differentiating Competence, Capability and Capacity.” Innovation Management Services. Web. June 2008.

    “7 ways poor data quality is costing your business.” Experian Data Quality. July 2020. Web.

    First 30 Days Pandemic Response Plan

    • Buy Link or Shortcode: {j2store}418|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • Given the speed and scope of the spread of the pandemic, governments are responding with changes almost daily as to what organizations and people can and can’t do. This volatility and uncertainty challenges organizations to respond, particularly in the absence of a business continuity or crisis management plan.

    Our Advice

    Critical Insight

    • Assess the risk to and viability of your organization in order to create appropriate action and communication plans quickly.

    Impact and Result

    • HR departments must be directly involved in developing the organization’s pandemic response plan. Use Info-Tech's Risk and Viability Matrix and uncover the crucial next steps to take during the first 30 days of the COVID-19 pandemic.

    First 30 Days Pandemic Response Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a response plan for the first 30 days of a pandemic

    Manage organizational risk and viability during the first 30 days of a crisis.

    • First 30 Days Pandemic Response Plan Storyboard
    • Crisis Matrix Communications Template: Business As Usual
    • Crisis Matrix Communications Template: Organization Closing
    • Crisis Matrix Communications Template: Manage Risk and Leverage Resilience
    • Crisis Matrix Communications Template: Reduce Labor and Mitigate Risk
    [infographic]

    Develop a Targeted Flexible Work Program for IT

    • Buy Link or Shortcode: {j2store}542|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $18,909 Average $ Saved
    • member rating average days saved: 13 Average Days Saved
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select
    • Workplace flexibility continues to be top priority for IT employees. Organizations who fail to offer flexibility will have a difficult time attracting, recruiting, and retaining talent.
    • When the benefits of remote work are not available to everyone, this raises fairness and equity concerns.

    Our Advice

    Critical Insight

    IT excels at hybrid location work and is more effective as a business function when location flexibility is an option for its employees. But hybrid work is just a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent.

    Impact and Result

    • Uncover the needs of unique employee segments to shortlist flexible work options that employees want and will use.
    • Assess the feasibility of various flexible work options and select ones that meet employee needs and are feasible for the organization.
    • Equip leaders with the information and tools needed to implement and sustain a flexible work program.

    Develop a Targeted Flexible Work Program for IT Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess employee and organizational flexibility needs

    Identify prioritized employee segments, flexibility challenges, and the desired state to inform program goals.

    • Develop a Targeted Flexible Work Program for IT – Phases 1-3
    • Talent Metrics Library
    • Targeted Flexible Work Program Workbook
    • Fast-Track Hybrid Work Program Workbook

    2. Identify potential flex options and assess feasibility

    Review, shortlist, and assess the feasibility of common types of flexible work. Identify implementation issues and cultural barriers.

    • Flexible Work Focus Group Guide
    • Flexible Work Options Catalog

    3. Implement selected option(s)

    Equip managers and employees to adopt flexible work options while addressing implementation issues and cultural barriers and aligning HR programs.

    • Guide to Flexible Work for Managers and Employees
    • Flexible Work Time Policy
    • Flexible Work Time Off Policy
    • Flexible Work Location Policy

    Infographic

    Workshop: Develop a Targeted Flexible Work Program for IT

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Prepare to Assess Flex Work Feasibility

    The Purpose

    Gather information on organizational and employee flexibility needs.

    Key Benefits Achieved

    Understand the flexibility needs of the organization and its employees to inform a targeted flex work program.

    Activities

    1.1 Identify employee and organizational needs.

    1.2 Identify employee segments.

    1.3 Establish program goals and metrics.

    1.4 Shortlist flexible work options.

    Outputs

    Organizational context summary

    List of shortlisted flex work options

    2 Assess Flex Work Feasibility

    The Purpose

    Perform a data-driven feasibility analysis on shortlisted work options.

    Key Benefits Achieved

    A data-driven feasibility analysis ensures your flex work program meets its goals.

    Activities

    2.1 Conduct employee/manager focus groups to assess feasibility of flex work options.

    Outputs

    Summary of flex work options feasibility per employee segment

    3 Finalize Flex Work Options

    The Purpose

    Select the most impactful flex work options and create a plan for addressing implementation challenge

    Key Benefits Achieved

    A data-driven selection process ensures decisions and exceptions can be communicated with full transparency.

    Activities

    3.1 Finalize list of approved flex work options.

    3.2 Brainstorm solutions to implementation issues.

    3.3 Identify how to overcome cultural barriers.

    Outputs

    Final list of flex work options

    Implementation barriers and solutions summary

    4 Prepare for Implementation

    The Purpose

    Create supporting materials to ensure program implementation proceeds smoothly.

    Key Benefits Achieved

    Employee- and manager-facing guides and policies ensure the program is clearly documented and communicated.

    Activities

    4.1 Design employee and manager guide prototype.

    4.2 Align HR programs and policies to support flexible work.

    4.3 Create a communication plan.

    Outputs

    Employee and manager guide to flexible work

    Flex work roadmap and communication plan

    5 Next Steps and Wrap-Up

    The Purpose

    Put everything together and prepare to implement.

    Key Benefits Achieved

    Our analysts will support you in synthesizing the workshop’s efforts into a cohesive implementation strategy.

    Activities

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Outputs

    Completed flexible work feasibility workbook

    Flexible work communication plan

    Further reading

    Develop a Targeted Flexible Work Program for IT

    Select flexible work options that balance organizational and employee needs to drive engagement and improve attraction and retention.

    Executive Summary

    Your Challenge

    • IT leaders continue to struggle with workplace flexibility, and it is a top priority for IT employees; as a result, organizations who fail to offer flexibility will have a difficult time attracting, recruiting, and retaining talent.
    • The benefits of remote work are not available to everyone, raising fairness and equity concerns for employees.

    Common Obstacles

    • A one-size-fits-all approach to selecting and implementing flexible work options fails to consider unique employee needs and will not reap the benefits of offering a flexible work program (e.g. higher engagement or enhanced employer brand).
    • Improper structure and implementation of flexible work programs exacerbates existing challenges (e.g. high turnover) or creates new ones.

    Info-Tech's Approach

    • Uncover the needs of unique employee segments to shortlist flexible work options that employees want and will use.
    • Assess the feasibility of various flexible work options and select ones that meet employee needs and are feasible for the organization.
    • Equip leaders with the information and tools needed to implement and sustain a flexible work program.

    Info-Tech Insight

    IT excels at hybrid location work and is more effective as a business function when location flexibility is an option for its employees. But hybrid work is just a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent.

    Flexible work arrangements are a requirement in today's world of work

    Flexible work continues to gain momentum…

    A 2022 LinkedIn report found that the following occurred between 2019 and 2021:

    +362%

    Increase in LinkedIn members sharing content with the term "flexible work."

    +83%

    Increase in job postings that mention "flexibility."
    (LinkedIn, 2022)

    In 2022, Into-Tech found that hybrid was the most commonly used location work model for IT across all industries.

    ("State of Hybrid Work in IT," Info-Tech Research Group, 2022)

    …and employees are demanding more flexibility

    90%

    of employees said they want schedule and location flexibility ("Global Employee Survey," EY, 2021).

    17%

    of resigning IT employees cited lack of flexible work options as a reason ("IT Talent Trends 2022," Info-Tech Research Group, 2022).

    71%

    of executives said they felt "pressure to change working models and adapt workplace policies to allow for greater flexibility" (LinkedIn, 2021).

    Therefore, organizations who fail to offer flexibility will be left behind

    Difficulty attracting and retaining talent

    98% of IT employees say flexible work options are important in choosing an employer ("IT Talent Trends 2022," Info-Tech Research Group, 2022).

    Worsening employee wellbeing and burnout

    Knowledge workers with minimal to no schedule flexibility are 2.2x more likely to experience work-related stress and are 1.4x more likely to suffer from burnout (Slack, 2022; N=10,818).

    Offering workplace flexibility benefits organizations and employees

    Higher performance

    IT departments that offer some degree of location flexibility are more effective at supporting the organization than those who do not.

    35% of service desk functions report improved service since implementing location flexibility.
    ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).

    Enhanced employer brand

    Employees are 2.1x more likely to recommend their employer to others when they are satisfied with their organization's flexible work arrangements (LinkedIn, 2021).

    Improved attraction

    41% of IT departments cite an expanded hiring pool as a key benefit of hybrid work.

    Organizations that mention "flexibility" in their job postings have 35% more engagement with their posts (LinkedIn, 2022).

    Increased job satisfaction

    IT employees who have more control over their working arrangement experience a greater sense of contribution and trust in leadership ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).

    Better work-life balance

    81% of employees say flexible work will positively impact their work-life balance (FlexJobs, 2021).

    Boosted inclusivity

    • Caregivers regardless of gender, supporting them in balancing responsibilities
    • Individuals with disabilities, enabling them to work from the comfort of their homes
    • Women who may have increased responsibilities
    • Women of color to mitigate the emotional tax experienced at work

    Info-Tech Insight

    Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.

    Despite the popularity of flexible work options, not all employees can participate

    IT organizations differ on how much flexibility different roles can have.

    IT employees were asked what percentage of IT roles were currently in a hybrid or remote work arrangement ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).

    However, the benefits of remote work are not available to all, which raises fairness and equity concerns between remote and onsite employees.

    45%

    of employers said, "one of the biggest risks will be their ability to establish fairness and equity among employees when some jobs require a fixed schedule or location, creating a 'have and have not' dynamic based on roles" ("Businesses Suffering," EY, 2021).

    Offering schedule flexibility to employees who need to be fully onsite can be used to close the fairness and equity gap.

    When offered the choice, 54% of employees said they would choose schedule flexibility over location flexibility ("Global Employee Survey," EY, 2021).

    When employees were asked "What choice would you want your employer to provide related to when you have to work?" The top three choices were:

    68%

    Flexibility on when to start and finish work

    38%

    Compressed or four-day work weeks

    33%

    Fixed hours (e.g. 9am to 5pm)

    Disclaimer: "Percentages do not sum to 100%, as each respondent could choose up to three of the [five options provided]" ("Global Employee Survey," EY, 2021).

    Beware of the "all or nothing" approach

    There is no one-size-fits-all approach to workplace flexibility.

    Understanding the needs of various employee segments in the organization is critical to the success of a flexible work program.

    Working parents want more flexibility

    82%

    of working mothers desire flexibility in where they work.

    48%

    of working fathers "want to work remotely 3 to 5 days a week."

    Historically underrepresented groups value more flexibility

    38%

    "Thirty-eight percent of Black male employees and 33% of Black female employees would prefer a fully flexible schedule, compared to 25% of white female employees and 26% of white male employees."
    (Slack, 2022; N=10,818)

    33%

    Workplace flexibility must be customized to the organization to avoid longer working hours and heavy workloads that impact employee wellbeing

    84%

    of remote workers and 61% of onsite workers reported working longer hours post pandemic. Longer working hours were attributed to reasons such as pressure from management and checking emails after working hours (Indeed, 2021).

    2.6x

    Respondents who either agreed or strongly agreed with the statement "Generally, I find my workload reasonable" were 2.6x more likely to be engaged compared to those who stated they disagreed or strongly disagreed (McLean & Company Engagement Survey Database;2022; N=5,615 responses).

    Longer hours and unsustainable workloads can contribute to stress and burnout, which is a threat to employee engagement and retention. With careful management (e.g. setting clear expectations and establishing manageable workloads), flexible work arrangement benefits can be preserved.

    Info-Tech Insight

    Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.

    Develop a flexible work program that meets employee and organizational needs

    This is an image of a sample flexible work program which meets employee and organizational needs.

    Insight summary

    Overarching insight: IT excels at hybrid location work and is more effective as a business function when location, time, and time-off flexibility are an option for its employees.

    Introduction

    Step 1 insight

    Step 2 insight

    Step 3 insight

    • Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.
    • Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.
    • Flexible work benefits everyone. IT employees experience greater engagement, motivation, and company loyalty. IT organizations realize benefits such as better service coverage, reduced facilities costs, and increased productivity.
    • Hybrid work is a start. A comprehensive flex work program extends beyond flexible location to flexible time and time off. Organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.
    • No two employee segments are the same. To be effective, flexible work options must align with the expectations and working processes of each segment.
    • Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future proofing your organization.
    • Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization, or if the cost of the option is too high, it will not support the long-term success of the organization.
    • Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.
    • Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.
    • Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.
    • A set of formal guidelines for IT ensures flexible work is:
      1. Administered fairly across all IT employees.
      2. Defensible and clear.
      3. Scalable to the rest of the organization.

    Case Study

    Expanding hybrid work at Info-Tech

    Challenge

    In 2020, Info-Tech implemented emergency work-from-home for its IT department, along with the rest of the organization. Now in 2023, hybrid work is firmly embedded in Info-Tech's culture, with plans to continue location flexibility for the foreseeable future.

    Adjusting to the change came with lessons learned and future-looking questions.

    Lessons Learned

    Moving into remote work was made easier by certain enablers that had already been put in place. These included issuing laptops instead of desktops to the user base and using an existing cloud-based infrastructure. Much support was already being done remotely, making the transition for the support teams virtually seamless.

    Continuing hybrid work has brought benefits such as reduced commuting costs for employees, higher engagement, and satisfaction among staff that their preferences were heard.

    Looking Forward

    Every flexible work implementation is a work in progress and must be continually revisited to ensure it continues to meet organizational and employee needs. Current questions being explored at Info-Tech are:

    • The concept of the "office as a tool" – how does use of the office change when it is used for specific collaboration-related tasks, rather than everything? How should the physical space change to support this?
    • What does a viable replacement for quick hallway meetings look like in a remote world where communication is much more deliberate? How can managers adjust their practices to ensure the benefits of informal encounters aren't lost?

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Preparation

    Step 1

    Step 2

    Step 3

    Follow-up

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Assess employee and organizational needs.

    Call #3: Shortlist flex work options and assess feasibility.

    Call #4: Finalize flex work options and create rollout plan.

    Call #5: (Optional) Review rollout progress or evaluate pilot success.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 3 to 5 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Activities

    Prepare to assess flex work feasibility

    Assess flex work feasibility

    Finalize flex work options

    Prepare for implementation

    Next Steps and Wrap-Up (offsite)

    1.1 Identify employee and organizational needs.

    1.2 Identify employee segments.

    1.3 Establish program goals and metrics.

    1.4 Shortlist flex work options.

    2.1 Conduct employee/manager focus groups to assess feasibility of flex work options.

    3.1 Finalize list of approved flex work options.

    3.2 Brainstorm solutions to implementation issues.

    3.2 Identify how to overcome cultural barriers.

    4.1 Design employee and manager guide prototype.

    4.2 Align HR programs and policies to support flexible work.

    4.3 Create a communication plan.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Organizational context summary
    2. List of shortlisted flex work options
    1. Summary of flex work options' feasibility per employee segment
    1. 1.Final list of flex work options
    2. 2.Implementation barriers and solutions summary
    1. Employee and manager guide to flexible work
    2. Flex work roadmap and communication plan
    1. Completed flexible work feasibility workbook
    2. Flexible work communication plan

    Step 1

    Assess employee and organizational needs

    1. Assess employee and organizational flexibility needs
    2. Identify potential flex options and assess feasibility
    3. Implement selected option(s)

    After completing this step you will have:

    • Identified key stakeholders and their responsibilities
    • Uncovered the current and desired state of the organization
    • Analyzed feedback to identify flexibility challenges
    • Identified and prioritized employee segments
    • Determined the program goals
    • Identified the degree of flexibility for work location, timing, and deliverables

    Identify key stakeholders

    Organizational flexibility requires collaborative and cross-functional involvement to determine which flexible options will meet the needs of a diverse workforce. HR leads the project to explore flexible work options, while other stakeholders provide feedback during the identification and implementation processes.

    HR

    • Assist with the design, implementation, and maintenance of the program.
    • Provide managers and employees with guidance to establish successful flexible work arrangements.
    • Help develop communications to launch and maintain the program.

    Senior Leaders

    • Champion the project by modeling and promoting flexible work options
    • Help develop and deliver communications; set the tone for flexible work at the organization.
    • Provide input into determining program goals.

    Managers

    • Model flexible work options and encourage direct reports to request and discuss options.
    • Use flexible work program guidelines to work with direct reports to select suitable flexible work options.
    • Develop performance metrics and encourage communication between flexible and non-flexible workers.

    Flexible Workers

    • Indicate preferences of flexible work options to the manager.
    • Identify ways to maintain operational continuity and communication while working flexibly.
    • Flag issues and suggest improvements to the manager.
    • Develop creative ways to work with colleagues who don't work flexibly.

    Non-Flexible Workers

    • Share feedback on issues with flexible arrangements and their impact on operational continuity.

    Info-Tech Insight

    Flexible work is a holistic team effort. Leaders, flexible workers, teammates, and HR must clearly understand their roles to ensure that teams are set up for success.

    Uncover the current and desired state of flexibility in the organization

    Current State

    Target State

    Review:

    • Existing policies related to flexibility (e.g. vacation, work from anywhere)
    • Existing flexibility programs (e.g. seasonal hours) and their uptake
    • Productivity of employees
    • Current culture at the organization. Look for:
      • Employee autonomy
      • Reporting structure and performance management processes
      • Trust and psychological safety of employees
      • Leadership behavior (e.g. do leaders model work-life balance, or does the organization have a work 24/7 mentality?)

    Identify what is driving the need for flexible work options. Ask:

    • Why does the organization need flexible options?
      • For example, the introduction of flexibility for some employees has created a "have and have not" dynamic between roles that must be addressed.
    • What does the organization hope to gain from implementing flexible options? For example:
      • Improved retention
      • Increased attraction, remaining competitive for talent
      • Increased work-life balance for employees
      • Reduced burnout
    • What does the organization aspire to be?
      • For example, an organization that creates an environment that values output, not face time.

    These drivers identify goals for the organization to achieve through targeted flexible work options.

    Info-Tech Insight

    Hybrid work is a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.

    Identify employee segments

    Using the data, feedback, and challenges analyzed and uncovered so far, assess the organization and identify employee segments.

    Identify employee segments with common characteristics to assess if they require unique flexible work options. Assess the feasibility options for the segments separately in Step 2.

    • Segments' unique characteristics include:
      • Role responsibilities (e.g. interacting with users, creating reports, development and testing)
      • Work location/schedule (e.g. geographic, remote vs. onsite, 9 to 5)
      • Work processes (e.g. server maintenance, phone support)
      • Group characteristics (e.g. specific teams, new hires)

    Identify employee segments and sort them into groups based on the characteristics above.

    Examples of segments:

    • Functional area (e.g. Service Desk, Security)
    • Job roles (e.g. desktop support, server maintenance)
    • Onsite, remote, or hybrid
    • Full-time or part-time
    • Job level (e.g. managers vs. independent contributors)
    • Employees with dependents

    Prioritize employee segments

    Determine whether the organization needs flexible work options for the entire organization or specific employee segments.
    For specific employee segments:

    • Answer the questions on the right to identify whether an employee segment is high, medium, or low priority. Complete slides 23 to 25 for each high-priority segment, repeating the process for medium-priority segments when resources allow.

    For the entire organization:

    • When identifying an option for the entire organization, consider all segments. The approach must create consistency and inclusion; keep this top of mind when identifying flexibility on slides 23 to 25. For example, the work location flexibility would be low in an organization where some segments can work remotely and others must be onsite due to machinery requirements.

    High priority: The employee segment has the lowest engagement scores or highest turnover within the organization. Segment sentiment is that current flexibility is nonexistent or not sufficiently meeting needs.
    Medium priority: The employee segment has low engagement or high turnover. Segment sentiment is that currently available flexibility is minimal or not sufficiently meeting needs.
    Low priority: The segment does not have the lowest engagement or the highest turnover rate. Segment sentiment is that currently available flexibility is sufficiently meeting needs.

    1. What is the impact on the organization if this segment's challenges aren't addressed (e.g. if low engagement and high turnover are not addressed)?
    2. How critical is flexibility to the segment's needs/engagement?
    3. How time sensitive is it to introduce flexibility to this segment (e.g. is the organization losing employees in this segment at a high rate)?
    4. Will providing flexibility to this segment increase organizational productivity or output

    Identify challenges to address with flexibility

    Uncover the lived experiences and expectations of employees to inform selection of segments and flexible options.

    1. Collect data from existing sources, such as:
      • Engagement surveys
      • New hire/exit surveys
      • Employee experience monitor surveys
      • Employee retention pulse surveys
      • Burnout surveys
      • DEI pulse surveys
    2. Analyze employee feedback on experiences with:
      • Work duties
      • Workload
      • Work-life balance
      • Operating processes and procedures
      • Achieving operational outcomes
      • Collaboration and communication
      • Individual experience and engagement
    3. Evaluate the data and identify challenges

    Example challenges:

    • Engagement: Low average score on work-life balance question; flexible work suggested in open-ended responses.
    • Retention: Exit survey indicating that lack of work-life balance is consistently a reason employees leave. Include the cost of turnover (e.g. recruitment, training, severance).
    • Burnout: Feedback from employees through surveys or HR business partner anecdotes indicating high burnout; high usage of wellness services or employee assistance programs.
    • Absenteeism: High average number of days employees were absent in the past year. Include the cost of lost productivity.
    • Operational continuity: Provide examples of when flexible work would have enabled operational continuity in the case of disaster or extended customer service coverage.
    • Program uptake: If the organization already has a flexible work program, provide data on the low proportion of eligible employees using available options.

    1.1 Prepare to evaluate flexible work options

    1-3 hours

    Follow the guidance on preceding slides to complete the following activities.
    Note: If you are only considering remote or hybrid work, use the Fast-Track Hybrid Work Program Workbook. Otherwise, proceed with the Targeted Flexible Work Program Workbook.

    1. Identify key stakeholders. Be sure to record the level of involvement and responsibility expected from each stakeholder. Use the "Stakeholders" tab of the workbook.
    2. Uncover current and desired state. Review and record your current state with respect to culture, productivity, and current flexible work options, if any. Next, record your desired future state, including reasons for implementing flexible work, and goals for the program. Record this in the "Current and Desired State" tab of the workbook.
    3. Identify and prioritize employee segments. Identify and record employee segments. Depending on the size of your department, you may identify a few or many. Be as granular as necessary to fully separate employee groups with different needs. If your resources or needs prevent you from rolling out flexible work to the entire department, record the priority level of each segment so you can focus on the highest priority first.
    4. Identify challenges with flexibility. With each employee segment in mind, analyze your available data to identify and record each segment's main challenges regarding flexible work. These will inform your program goals and metrics.

    Download the Targeted Flexible Work Program Workbook

    Download the Fast-Track Hybrid Work Program Workbook

    Input

    • List of departmental roles
    • Data on employee engagement, productivity, sentiment regarding flexible work, etc.

    Output

    • List of stakeholders and responsibilities
    • Flexible work challenges and aims
    • Prioritized list of employee segments

    Materials

    • Targeted Flexible Work Program Workbook
      Or
    • Fast-Track Hybrid Work Program Workbook

    Participants

    • IT department head
    • HR business partner
    • Flexible work program committee

    Determine goals and metrics for the flexible work program

    Sample program goals

    Sample metrics

    Increase productivity

    • Employee, team, and department key performance indicators (KPIs) before and after flexible work implementation
    • Absenteeism rate (% of lost working days due to all types of absence)

    Improve business satisfaction and perception of IT value

    Increase retention

    • % of exiting employees who cite lack of flexible work options or poor work-life balance as a reason they left
    • Turnover and retention rates

    Improve the employee value proposition (EVP) and talent attraction

    • # of responses on the new hire survey where flexible work options or work-life balance are cited as a reason for accepting an employment offer
    • # of views of career webpage that mentions flexible work program
    • Time-to-fill rates

    Improve engagement and work-life balance

    • Overall engagement score – deploy Info-Tech's Employee Engagement Diagnostics
    • Score for questions about work-life balance on employee engagement or pulse survey, including:
      • "I am able to maintain a balance between my work and personal life."
      • "I find my stress levels at work manageable."

    Info-Tech Insight

    Implementing flex work without solid performance metrics means you won't have a way of determining whether the program is enabling or hampering your business practices.

    1.2 Determine goals and metrics

    30 minutes

    Use the examples on the preceding slide to identify program goals and metrics:

    1. Brainstorm program goals. Be sure to consider both the business benefits (e.g. productivity, retention) and the employee benefits (work-life balance, engagement). A successful flexible work program benefits both the organization and its employees.
    2. Brainstorm metrics for each goal. Identify metrics that are easy to track accurately. Use Info-Tech's IT and HR metrics libraries for reference. Ideally, the metrics you choose should already exist in your organization so no extra effort will be necessary to implement them. It is also important to have a baseline measure of each one before flexible work is rolled out.
    3. Record your outputs on the "Goals and Metrics" tab of the workbook.

    Download the Targeted Flexible Work Program Workbook

    Download the IT Metrics Library

    Download the HR Metrics Library

    Input

    • Organizational and departmental strategy

    Output

    • List of program goals and metrics

    Materials

    • Targeted Flexible Work Program Workbook
      Or
    • Fast-Track Hybrid Work Program Workbook

    Participants

    • Flexible work program committee

    Determine work location flexibility for priority segments

    Work location looks at where a segment can complete all or some of their tasks (e.g. onsite vs. remote). For each prioritized employee segment, evaluate the amount of location flexibility available.

    Work Duties

    Processes

    Operational Outcomes

    High degree of flexibility

    • Low dependence on onsite equipment
    • Work easily shifts to online platforms
    • Low dependence on onsite external interactions (e.g. clients, customers, vendors)
    • Low interdependence of work duties internally (most work is independent)
    • Work processes and expectations are or can be formally documented
    • Remote work processes are sustainable long term

    Most or all operational outcomes can be achieved offsite (e.g. products/service delivery not impacted by WFH)

    • Some dependence on onsite equipment
    • Some work can shift to online platforms
    • Some dependence on onsite external interactions
    • Some interdependence of work duties internally (collaboration is critical)
    • Most work processes and expectations have been or can be formally documented
    • Remote work processes are sustainable (e.g. workarounds can be supported and didn't add work)

    Some operational outcomes can be achieved offsite (e.g. some impact of WFH on product/service delivery)

    Low degree of flexibility

    • High dependence on onsite equipment
    • Work cannot shift to online platforms
    • High dependence on onsite external interactions
    • High interdependence of work duties internally (e.g. line work)
    • Few work processes and expectations can be formally documented
    • Work processes cannot be done remotely, and workarounds for remote work are not sustainable long term

    Operational outcomes cannot be achieved offsite (e.g. significant impairment to product/service delivery)

    Note

    If roles within the segment have differing levels of location flexibility, use the lowest results (e.g. if role A in the segment has a high degree of flexibility for work duties and role B has a low degree of flexibility, use the results for role B).

    Identify work timing for priority segments

    Work timing looks at when work can or needs to be completed (e.g. Monday to Friday, 9am to 5pm).

    Work Duties

    Processes

    Operational Outcomes

    High degree of flexibility

    • No need to be available to internal and/or external customers during standard work hours
    • Equipment is available at any time
    • Does not rely on synchronous (occurring at the same time) work duties internally
    • Work processes and expectations are or can be formally documented
    • Low reliance on collaboration
    • Work is largely asynchronous (does not occur at the same time)

    Most or all operational outcomes are not time sensitive

    • Must be available to internal and/or external customers during some standard work hours
    • Some reliance on synchronous work duties internally (collaboration is critical)
    • Most work processes and expectations have been or can be formally documented
    • Moderate reliance on collaboration
    • Some work is synchronous

    Some operational outcomes are time sensitive and must be conducted within set date or time windows

    Low degree of flexibility

    • Must be available to internal and/or external customers during all standard work hours (e.g. Monday to Friday 9 to 5)
    • High reliance on synchronous work duties internally (e.g. line work)
    • Few work processes and expectations can be formally documented
    • High reliance on collaboration
    • Most work is synchronous

    Most or all operational outcomes are time sensitive and must be conducted within set date or time windows

    Note

    With additional coordination, flex time or flex time off options are still possible for employee segments with a low degree of flexibility. For example, with a four-day work week, the segment can be split into two teams – one that works Monday to Thursday and one that works Tuesday to Friday – so that employees are still available for clients five days a week.

    Examine work deliverables for priority segments

    Work deliverables look at the employee's ability to deliver on their role expectations (e.g. quota or targets) and whether reducing the time spent working would, in all situations, impact the work deliverables (e.g. constrained vs. unconstrained).

    Work Duties

    Operational Outcomes

    High degree of flexibility

    • Few or no work duties rely on equipment or processes that put constraints on output (unconstrained output)
    • Employees have autonomy over which work duties they focus on each day
    • Most or all operational outcomes are unconstrained (e.g. a marketing analyst who builds reports and strategies for clients can produce more reports, produce better reports, or identify new strategies)
    • Work quota or targets are achievable even if working fewer hours
    • Some work duties rely on equipment or processes that put constraints on output
    • Employees have some ability to decide which work duties they focus on each day
    • Some operational outcomes are constrained or moderately unconstrained (e.g. an analyst build reports based on client data; while it's possible to find efficiencies and build reports faster, it's not possible to attain the client data any faster)
    • Work quota or targets may be achievable if working fewer hours

    Low degree of flexibility

    • Most or all work duties rely on equipment or processes that put constraints on output (constrained output)
    • Daily work duties are prescribed (e.g. a telemarketer is expected to call a set number of people per day using a set list of contacts and a defined script)
    • Most or all operational outcomes are constrained (e.g. a machine operator works on a machine that produces 100 parts an hour; neither the machine nor the worker can produce more parts)
    • Work quota or targets cannot be achieved if fewer hours are worked

    Note

    For segments with a low degree of work deliverable flexibility (e.g. very constrained output), flexibility is still an option, but maintaining output would require additional headcount.

    1.3 Determine flexibility needs and constraints

    1-2 hours

    Use the guidelines on the preceding slides to document the parameters of each work segment.

    1. Determine work location flexibility. Work location looks at where a segment can complete all or some of their tasks (e.g. onsite vs. remote). For each prioritized employee segment, evaluate the amount of location flexibility available.
    2. Identify work timing. Work timing looks at when work can or needs to be completed (e.g. Monday to Friday, 9am to 5pm).
    3. Examine work deliverables. Work deliverables look at the employee's ability to deliver on their role expectations (e.g. quota or targets) and whether reducing the time spent working would, in all situations, impact the work deliverables (e.g. constrained vs. unconstrained).
    4. Record your outputs on the "Current and Desired State" tab of the workbook.

    Download the Targeted Flexible Work Program Workbook

    Input

    • List of employee segments

    Output

    • Summary of flexibility needs and constraints for each employee segment

    Materials

    • Targeted Flexible Work Program Workbook
      Or
    • Fast-Track Hybrid Work Program Workbook

    Participants

    • Flexible work program committee
    • Employee segment managers

    Step 2

    Identify potential flex options and assess feasibility

    1. Assess employee and organizational flexibility needs
    2. Identify potential flex options and assess feasibility
    3. Implement selected option(s)

    After completing this step you will have:

    • Created a shortlist of potential options for each prioritized employee segment
    • Evaluated the feasibility of each potential option
    • Determined the cost and benefit of each potential option
    • Gathered employee sentiment on potential options
    • Finalized options with senior leadership

    Prepare to identify and assess the feasibility of potential flexible work options

    First, review the Flexible Work Solutions Catalog

    Before proceeding to the next slide, review the Flexible Work Options Catalog to identify and shortlist five to seven flexible work options that are best suited to address the challenges faced for each of the priority employee segments identified in Step 1.

    Then, assess the feasibility of implementing selected options using slides 29 to 32

    Assess the feasibility of implementing the shortlisted solutions for the prioritized employee segments against the feasibility factors in this step. Repeat for each employee segment. Use the following slides to consult with and include leaders when appropriate.

    • Document your analysis in tabs 6 to 8 of the Targeted Flexible Work Program Workbook.
    • Note implementation issues throughout the assessment and record them in the tool. They will be addressed in Step 3: Implement Selected Program(s). Don't rule out an option simply because it presents some challenges; careful implementation can overcome many challenges.
    • At the end of this step, determine the final list of flexible work options and gain approval from senior leaders for implementation.

    Evaluate feasibility by reviewing the option's impact on continued operations and job performance

    Operational coverage

    Synchronous communication

    Time zones

    Face-to-face

    communication

    To what extent are employees needed to deliver products or services?

    • If constant customer service is required, stagger employees' schedules (e.g. one team works Monday-Thursday while another works Tuesday-Friday).

    To what extent do employees need to communicate with each other synchronously?

    • Break the workflow down and identify times when employees do and do not have to work at the same time to communicate with each other.

    To what extent do employees need to coordinate work across time zones?

    • If the organization already operates in different time zones, ensure that the option does not impact operations requiring continuous coverage.
    • When employees are located in different time zones, coordinate schedules based on the other operational factors.

    When do employees need to interact with each other or clients in person?

    • Examine the workflow closely to identify times when face-to-face communication is not required. Schedule "office days" for employees to work together when in-person interaction is needed.
    • When the interaction is only required with clients, determine whether employees are able to meet clients offsite.

    Info-Tech Insight

    Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future-proof your organization.

    Assess the option's alignment with organizational culture

    Symbols

    Values

    Behaviors

    How supportive of flexible work are the visible aspects of the organization's culture?

    • For example, the mission statement, newsletters, or office layout.
    • Note: Visible elements will need to be adapted to ensure they reinforce the value of the flexible work option.

    How supportive are both the stated and lived values of the organization?

    • When the flexible work option includes less direct supervision, assess how empowered employees feel to make decisions.
    • Assess whether all types of employees (e.g. virtual) are included, valued, and supported.

    How supportive are the attitudes and behaviors, especially of leaders?

    • Leaders set the expectations for acceptable behaviors in the organization. Determine how supportive leaders are toward flexible workers by examining their attitudes and perceptions.
    • Identify if employees are open to different ways of doing work.

    Determine the resources required for the option

    People

    Process

    Technology

    Do employees have the knowledge, skills, and abilities to adopt this option?

    • Identify any areas (e.g. process, technology) employees will need to be trained on and assess the associated costs.
    • Determine whether the option will require additional headcount to ensure operational continuity (e.g. two part-time employees in a job-sharing arrangement) and calculate associated costs (e.g. recruitment, training, benefits).

    How much will work processes need to change?

    • Interview organizational leaders with knowledge of the employee segment's core work processes. Determine whether a significant change will be required.
    • If a significant change is required, evaluate whether the benefits of the option outweigh the costs of the process and behavioral change (see the "net benefit" factor on slide 33).

    What new technologies will be required?

    • Identify the technology (e.g. that supports communication, work processes) required to enable the flexible work option.
    • Note whether existing technology can be used or additional technology will be required, and further investigate the viability and costs of these options.

    Examine the option's risks

    Data

    Health & Safety

    Legal

    How will data be kept secure?

    • Determine whether the organization's data policy and technology covers employees working remotely or other flexible work options.
    • If the employee segment handles sensitive data (e.g. personal employee information), consult relevant stakeholders to determine how data can be kept secure and assess any associated costs.

    How will employees' health and safety be impacted?

    • Consult your organization's legal counsel to determine whether the organization will be liable for the employees' health and safety while working from home or other locations.
    • Determine whether the organization's policies and processes will need to be modified.

    What legal risks might be involved?

    • Identify any policies in place or jurisdictional requirements to avoid any legal risks. Consult your organization's legal counsel about the situations below.
      • If the option causes significant changes to the nature of jobs, creating the risk of constructive dismissal.
      • If there are any risks to providing less supervision (e.g. higher chance of harassment).
      • When only some employee segments are eligible for the option, determine whether there is a risk of inequitable access.
      • If the option impacts any unionized employees or collective agreements.

    Determine whether the benefits of the option outweigh the costs

    Include senior leadership in the net benefit process to ensure any unfeasible options are removed from consideration before presenting to employees.

    1. Document the employee and employer benefits of the option from the previous feasibility factors on slides 29 to 32.
    • Include the benefits of reaching program goals identified in Step 1.
    • Quantify the benefits in dollar value where possible.
  • Document the costs and risks of the option, referring to the costs noted from previous feasibility factors.
    • Quantify the costs in dollar value where possible.
  • Compare the benefits and costs.
    • Add an option to your final list if the benefits are greater than the costs.
  • This is an image of a table with the main heading being Net Benefit, with the following subheadings: Benefits to organization; Benefits to employees; Costs.

    Info-Tech Insight

    Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization as a whole, or if the cost of the option is too high, it will not support the long-term success of the organization.

    2.1a Identify and evaluate flexible work options

    30 minutes per employee segment per work option

    If you are only considering hybrid or remote work, skip to activity 2.1b. Use the guidelines on the preceding slides to conduct feasibility assessments.

    1. Shortlist flexible work options. Review the Flexible Work Options Catalog to identify and shortlist five to seven flexible work options that are best suited to address the challenges faced for each of the priority employee segments. Record these on the "Options Shortlist" tab of the workbook. Even if the decision is simple, ensure you record the rationale to help communicate your decision to employees. Transparent communication is the best way to avoid feelings of unfairness if desired work options are not implemented.
    2. Evaluate option feasibility. For each of the shortlisted options, complete one "Feasibility - Option" tab in the workbook. Make as many copies of this tab as needed.
      • When evaluating each option, consider each employee segment individually as you work through the prompts in the workbook. You may find that segments differ greatly in the feasibility of various types of flexible work. You will use this information to inform your overall policy and any exceptions to it.
      • You may need to involve each segment's management team to get an accurate picture of day-to-day responsibilities and flexible work feasibility.
    3. Weigh benefits and costs. At the end of each flexible work option evaluation, record the anticipated costs and benefits. Discuss whether this balance renders the option viable or rules it out.

    Download the Targeted Flexible Work Program Workbook

    Download the Flexible Work Options Catalog

    Input

    • List of employee segments

    Output

    • Shortlist of flexible work options
    • Feasibility analysis for each work option

    Materials

    • Targeted Flexible Work Program Workbook
    • Flexible Work Options Catalog

    Participants

    • Flexible work program committee
    • Employee segment managers

    2.1b Assess hybrid work feasibility

    30 minutes per employee segment

    Use the guidelines on the preceding slides to conduct a feasibility assessment. This exercise relies on having trialed hybrid or remote work before. If you have never implemented any degree of remote work, consider completing the full feasibility assessment in activity 2.1a.

    1. Evaluate hybrid work feasibility. Review the feasibility prompts on the "Work Unit Remote Work Assessment" tab and record your insight for each employee segment.
      • When evaluating each option, consider each employee segment individually as you work through the prompts in the workbook. You may find that segments differ greatly in their ability to accommodate hybrid work. You will use this information to inform your overall policy and any exceptions to it.
      • You may need to involve each segment's management team to get an accurate picture of day-to-day responsibilities and hybrid work feasibility.

    Download the Fast-Track Hybrid Work Program Workbook

    Input

    • List of employee segments

    Output

    • Feasibility analysis for each work option

    Materials

    • Fast-Track Hybrid Work Program Workbook

    Participants

    • Flexible work program committee
    • Employee segment managers

    Ask employees which options they prefer and gather feedback for implementation

    Deliver a survey and/or conduct focus groups with a selection of employees from all prioritized employee segments.

    Share

    • Present your draft list of options to select employees.
    • Communicate that the organization is in the process of assessing the feasibility of flexible work options and would like employee input to ensure flex work meets needs.
    • Be clear that the list is not final or guaranteed.

    Ask

    • Ask which options are preferred more than others.
    • Ask for feedback on each option – how could it be modified to meet employee needs better? Use this information to inform implementation in Step 3.

    Decide

    • Prioritize an option if many employees indicated an interest in it.
    • If employees indicate no interest in an option, consider eliminating it from the list, unless it will be required. There is no value in providing an option if employees won't use it.

    Survey

    • List the options and ask respondents to rate each on a Likert scale from 1 to 5.
    • Ask some open-ended questions with comment boxes for employee suggestions.

    Focus Group

    • Conduct focus groups to gather deeper feedback.
    • See Appendix I for sample focus group questions.

    Info-Tech Insight

    Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.

    Finalize options list with senior leadership

    1. Select one to three final options and outline the details of each. Include:
      • Scope: To what extent will the option be applied? E.g. work-from-home one or two days a week.
      • Eligibility: Which employee segments are eligible?
      • Cost: What investment will be required?
      • Critical implementation issues: Will any of the implementation issues identified for each feasibility factor impact whether the option will be approved?
      • Resources: What additional resources will be required (e.g. technology)?
    2. Present the options to stakeholders for approval. Include:
      • An outline of the finalized options, including what the option is and the scope, eligibility, and critical implementation issues.
      • The feasibility assessment results, including benefits, costs, and employee preferences. Have more detail from the other factors ready if leaders ask about them.
      • The investment (cost) required to implement the option.
    3. Proceed to Step 3 to implement approved options.

    Running an IT pilot of flex work

    • As a technology department, IT typically doesn't own flexible work implementation for the entire organization. However, it is common to trial flexible work options for IT first, before rolling out to the entire organization.
    • During a flex work pilot, ensure you are working closely with HR partners, especially regarding regulatory and compliance issues.
    • Keep the rest of the organizational stakeholders in the loop, especially regarding their agreement on the metrics by which the pilot's success will be evaluated.

    2.2a Finalize flexible work options

    2-3 hours + time to gather employee feedback

    If you are only considering hybrid or remote work, skip to activity 2.2b. Use the guidelines on the preceding slides to gather final feedback and finalize work option selections.

    1. Gather employee feedback. If employee preferences are already known, skip this step. If they are not, gather feedback to ascertain whether any of the shortlisted options are preferred. Remember that a successful flexible work program balances the needs of employees and the business, so employee preference is a key determinant in flexible work program success. Document this on the "Employee Preferences" tab of the workbook.
    2. Finalize flexible work options. Use your notes on the cost-benefit balance for each option, along with employee preferences, to decide whether the move forward with it. Record this decision on the "Options Final List" tab. Include information about eligible employee segments and any implementation challenges that came up during the feasibility assessments. This is the final decision summary that will inform your flexible program parameters and policies.

    Download the Targeted Flexible Work Program Workbook

    Input

    • Flexible work options shortlist

    Output

    • Final flexible work options list

    Materials

    • Targeted Flexible Work Program Workbook

    Participants

    • Flexible work program committee

    2.2b Finalize hybrid work parameters

    2-3 hours + time to gather employee feedback

    Use the guidelines on the preceding slides to gather final feedback and finalize work option selections.

    1. Summarize feasibility analysis. On the "Program Parameters" tab, record the main insights from your feasibility analysis. Finalize important elements, including eligibility for hybrid/remote work by employee segment. Additionally, record the standard parameters for the program (i.e. those that apply to all employee segments) and variable parameters (i.e. ones that differ by employee segment).

    Download the Fast-Track Hybrid Work Program Workbook

    Input

    • Hybrid work feasibility analysis

    Output

    • Final hybrid work program parameters

    Materials

    • Fast-Track Hybrid Work Program Workbook

    Participants

    • Flexible work program committee

    Step 3

    Implement selected option(s)

    1. Assess employee and organizational flexibility needs
    2. Identify potential flex options and assess feasibility
    3. Implement selected option(s)

    After completing this step, you will have:

    • Addressed implementation issues and cultural barriers
    • Equipped the organization to adopt flexible work options successfully
    • Piloted the program and assessed its success
    • Developed a plan for program rollout and communication
    • Established a program evaluation plan
    • Aligned HR programs to support the program

    Solve the implementation issues identified in your feasibility assessment

    1. Identify a solution for each implementation issue documented in the Targeted Flexible Work Program Workbook. Consider the following when identifying solutions:
      • Scope: Determine whether the solution will be applied to one or all employee segments.
      • Stakeholders: Identify stakeholders to consult and develop a solution. If the scope is one employee segment, work with organizational leaders of that segment. When the scope is the entire organization, consult with senior leaders.
      • Implementation: Collaborate with stakeholders to solve implementation issues. Balance the organizational and employee needs, referring to data gathered in Steps 1 and 2.

    Example:

    Issue

    Solution

    Option 1: Hybrid work

    Brainstorming at the beginning of product development benefits from face-to-face collaboration.

    Block off a "brainstorming day" when all team members are required in the office.

    Employee segment: Product innovation team

    One team member needs to meet weekly with the implementation team to conduct product testing.

    Establish a schedule with rotating responsibility for a team member to be at the office for product testing; allow team members to swap days if needed.

    Address cultural barriers by involving leaders

    To shift a culture that is not supportive of flexible work, involve leaders in setting an example for employees to follow.

    Misconceptions

    Tactics to overcome them

    • Flexible workers are less productive.
    • Flexible work disrupts operations.
    • Flexible workers are less committed to the organization.
    • Flexible work only benefits employees, not the organization.
    • Employees are not working if they aren't physically in the office.

    Make the case by highlighting challenges and expected benefits for both the organization and employees (e.g. same or increased productivity). Use data in the introductory section of this blueprint.

    Demonstrate operational feasibility by providing an overview of the feasibility assessment conducted to ensure operational continuity.

    Involve most senior leadership in communication.

    Encourage discovery and exploration by having managers try flexible work options themselves, which will help model it for employees.

    Highlight success stories within the organization or from competitors or similar industries.

    Invite input from managers on how to improve implementation and ownership, which helps to discover hidden options.

    Shift symbols, values, and behaviors

    • Work with senior leaders to identify symbols, values, and behaviors to modify to align with the selected flexible work options.
    • Validate that the final list aligns with your organization's mission, vision, and values.

    Info-Tech Insight

    Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.

    Equip the organization for successful implementation

    Info-Tech recommends providing managers and employees with a guide to flexible work, introducing policies, and providing training for managers.

    Provide managers and employees with a guide to flexible work

    Introduce appropriate organization policies

    Equip managers with the necessary tools and training

    Use the guide to:

    • Familiarize employees and managers with the flexible work program.
    • Gain employee and manager buy-in and support for the program.
    • Explain the process and give guidance on selecting flexible work options and working with their colleagues to make it a success.

    Use Info-Tech's customizable policy templates to set guidelines, outline arrangements, and scope the organization's flexible work policies. This is typically done by, or in collaboration with, the HR department.

    Download the Guide to Flexible Work for Managers and Employees

    Download the Flex Location Policy

    Download the Flex Time-Off Policy

    Download the Flex Time Policy

    3.1 Prepare for implementation

    2-3 hours

    Use the guidelines on the preceding slides to brainstorm solutions to implementation issues and prepare to communicate program rollout to stakeholders.

    1. Solve implementation issues.
      • If you are working with the Targeted Flexible Work Program Workbook: For each implementation challenge identified on the "Final Options List" tab, brainstorm solutions. If you are working with the Fast-Track Hybrid Work Program Workbook: Work through the program enablement prompts on the "Program Enablement" tab.
      • You may need to involve relevant stakeholders to help you come up with appropriate solutions for each employee segment.
      • Ensure that any anticipated cultural barriers have been documented and are addressed during this step. Don't underestimate the importance of a supportive organizational culture to the successful rollout of flexible work.
    2. Prepare the employee guide. Modify the Guide to Flexible Work for Managers and Employees template to reflect your final work options list and the processes and expectations employees will need to follow.
    3. Create a communication plan. Use Info-Tech's Communicate Any IT Initiative blueprint and Appendix II to craft your messaging.

    Download the Guide to Flexible Work for Managers and Employees

    Download the Targeted Flexible Work Program Workbook

    Input

    • Flexible work options final list

    Output

    • Employee guide to flexible work
    • Flexible work rollout communication plan

    Materials

    • Guide to Flexible Work for Managers and Employees
    • Targeted Flexible Work Program Workbook
      Or
    • Fast-Track Hybrid Work Program Workbook

    Participants

    • Flexible work program committee
    • Employee segment managers

    Run an IT pilot for flexible work

    Prepare for pilot

    Launch Pilot

    Identify the flexible work options that will be piloted.

    • Refer to the final list of selected options for each priority segment to determine which options should be piloted.

    Select pilot participants.

    • If not rolling out to the entire IT department, look for the departments and/or team(s) where there is the greatest need and the biggest interest (e.g. team with lowest engagement scores).
    • Include all employees within the department, or team if the department is too large, in the pilot.
    • Start with a group whose managers are best equipped for the new flexibility options.

    Create an approach to collect feedback and measure the success of the pilot.

    • Feedback can be collected using surveys, focus groups, and/or targeted in-person interviews.

    The length of the pilot will greatly vary based on which flexible work options were selected (e.g. seasonal hours will require a shorter pilot period compared to implementing a compressed work week). Use discretion when deciding on pilot length and be open to extending or shortening the pilot length as needed.

    Launch pilot.

    • Launch the program through a town hall meeting or departmental announcement to build excitement and buy-in.
    • Develop separate communications for employee segments where appropriate. See Appendix II for key messaging to include.

    Gather feedback.

    • The feedback will be used to assess the pilot's success and to determine what modifications will be needed later for a full-scale rollout.
    • When gathering feedback, tailor questions based on the employee segment but keep themes similar. For example:
      • Employees: "How did this help your day-to-day work?"
      • Managers: "How did this improve productivity on your team?"

    Track metrics.

    • The success of the pilot is best communicated using your department's unique KPIs.
    • Metrics are critical for:
      • Accurately determining pilot success.
      • Getting buy-in to expand the pilot beyond IT.
      • Justifying to employees any changes made to the flexible work options.

    Assess the pilot's success and determine next steps

    Review the feedback collected on the previous slide and use this decision tree to decide whether to relaunch a pilot or proceed to a full-scale rollout of the program.

    This is an image of the flow chart used to assess the pilot's success and determine the next steps.  It will help you to determine whether you will Proceed to full-scale rollout on next slide, Major modifications to the option/launch (e.g. change operating time) – adjust and relaunch pilot or select a new employee segment and relaunch pilot, Minor modifications to the option/launch (e.g. introduce additional communications) – adjust and proceed to full scale rollout, or Return to shortlist (Step 2) and select a different option or launch pilot with a different employee segment.

    Prepare for full-scale rollout

    If you have run a team pilot prior to rolling out to all of IT, or run an IT pilot before an organizational rollout, use the following steps to transition from pilot to full rollout.

    1. Determine modifications
      • Review the feedback gathered during the pilot and determine what needs to change for a full-scale implementation.
      • Update HR policies and programs to support flexible work. Work closely with your HR business partner and other organizational leaders to ensure every department's needs are understood and compliance issues are addressed.
    2. Roll out and evaluate
      • Roll out the remainder of the program (e.g. to other employee segments or additional flexible work options) once there is significant uptake of the pilot by the target employee group and issues have been addressed.
      • Determine how feedback will be gathered after implementation, such as during engagement surveys, new hire and exit surveys, stay interviews, etc., and assess whether the program continues to meet employee and organizational needs.

    Rolling out beyond IT

    For a rollout beyond IT, HR will likely take over.

    However, this is your chance to remain at the forefront of your organization's flexible work efforts by continuing to track success and gather feedback within IT.

    Align HR programs and organizational policies to support flexible work

    Talent Management

    Learning & Development

    Talent Acquisition

    Reinforce managers' accountability for the success of flexible work in their teams:

    • Include "managing virtual teams" in the people management leadership competency.
    • Recognize managers who are modeling flexible work.

    Support flexible workers' career progression:

    • Monitor the promotion rates of flexible workers vs. non-flexible workers.
    • Make sure flexible workers are discussed during talent calibration meetings and have access to career development opportunities.

    Equip managers and employees with the knowledge and skills to make flexible work successful.

    • Provide guidance on selecting the right options and maintaining workflow.
    • If moving to a virtual environment, train managers on how to make it a success.

    Incorporate the flexible work program into the organization's employee value proposition to attract top talent who value flexible work options.

    • Highlight the program on the organization's career site and in job postings.

    Organizational policies

    Determine which organizational policies will be impacted as a result of the new flexible work options. For example, the introduction of flex time off can result in existing vacation policies needing to be updated.

    Plan to re-evaluate the program and make improvements

    Collect data

    Collect data

    Act on data

    Uptake

    Gather data on the proportion of employees eligible for each option who are using the option.

    If an option is tracking positively:

    • Maintain or expand the program to more of the organization.
    • Conduct a feasibility assessment (Step 2) for new employee segments.

    Satisfaction

    Survey managers and employees about their satisfaction with the options they are eligible for and provide an open box for suggestions on improvements.

    If an option is tracking negatively:

    • Investigate why. Gather additional data, interview organizational leaders, and/or conduct focus groups to gain deeper insight.
    • Re-assess the feasibility of the option (Step 2). If the costs outweigh the benefits based on new data, determine whether to cancel the option.
    • Take appropriate action based on the outcome of the evaluation, such as modifying or cancelling the option or providing employees with more support.
      • Note: Cancelling an option can impact the engagement of employees using the option. Ensure that the data, reasons for cancelling the option, and potential substitute options are communicated to employees in advance.

    Program goal progress

    Monitor progress against the program goals and metrics identified in Step 1 to evaluate the impact on issues that matter to the organization (e.g. retention, productivity, diversity).

    Career progression

    Evaluate flexible workers' promotion rates and development opportunities to determine if they are developing.

    Info-Tech Insight

    Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.

    Insight summary

    Overarching insight: IT excels at hybrid location work and is more effective as a business function when location, time, and time-off flexibility are an option for its employees.

    Introduction

    • Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.
    • Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.
    • Flexible work benefits everyone. IT employees experience greater engagement, motivation, and company loyalty. IT organizations realize benefits such as better service coverage, reduced facilities costs, and increased productivity.

    Step 1 insight

    • Hybrid work is a start. A comprehensive flex work program extends beyond flexible location to flexible time and time off. Organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.
    • No two employee segments are the same. To be effective, flexible work options must align with the expectations and working processes of each segment.

    Step 2 insight

    • Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future proofing your organization.
    • Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization, or if the cost of the option is too high, it will not support the long-term success of the organization.
    • Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.

    Step 3 insight

    • Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.
    • Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.
    • A set of formal guidelines for IT ensures flexible work is:
      1. Administered fairly across all IT employees.
      2. Defensible and clear.
      3. Scalable to the rest of the organization.

    Research Contributors and Experts

    Quinn Ross
    CEO
    The Ross Firm Professional Corporation

    Margaret Yap
    HR Professor
    Ryerson University

    Heather Payne
    CEO
    Juno College

    Lee Nguyen
    HR Specialist
    City of Austin

    Stacey Spruell
    Division HR Director
    Travis County

    Don MacLeod
    Chief Administrative Officer
    Zorra Township

    Stephen Childs
    CHRO
    Panasonic North America

    Shawn Gibson
    Sr. Director
    Info Tech Research Group

    Mari Ryan
    CEO/Founder
    Advancing Wellness

    Sophie Wade
    Founder
    Flexcel Networks

    Kim Velluso
    VP Human Resources
    Siemens Canada

    Lilian De Menezes
    Professor of Decision Sciences
    Cass Business School, University of London

    Judi Casey
    WorkLife Consultant and former Director, Work and Family Researchers Network
    Boston College

    Chris Frame
    Partner – Operations
    LiveCA

    Rose M. Stanley, CCP, CBP, WLCP, CEBS
    People Services Manager
    Sunstate Equipment Co., LLC

    Shari Lava
    Director, Vendor Research
    Info-Tech Research Group

    Carol Cochran
    Director of People & Culture
    FlexJobs

    Kidde Kelly
    OD Practitioner

    Dr. David Chalmers
    Adjunct Professor
    Ted Rogers School of Management, Ryerson University

    Kashmira Nagarwala
    Change Manager
    Siemens Canada

    Dr. Isik U. Zeytinoglu
    Professor of Management and Industrial Relations McMaster University, DeGroote School of Business

    Claire McCartney
    Diversity & Inclusion Advisor
    CIPD

    Teresa Hopke
    SVP of Client Relations
    Life Meets Work – www.lifemeetswork.com

    Mark Tippey
    IT Leader and Experienced Teleworker

    Dr. Kenneth Matos
    Senior Director of Research
    Families and Work Institute

    1 anonymous contributor

    Appendix I: Sample focus group questions

    See Info-Tech's Focus Group Guidefor guidance on setting up and delivering focus groups. Customize the guide with questions specific to flexible work (see sample questions below) to gain deeper insight into employee preferences for the feasibility assessment in Step 2 of this blueprint.

    Document themes in the Targeted Flexible Work Program Workbook.

    • What do you need to balance/integrate your work with your personal life?
    • What challenges do you face in achieving work-life balance/integration?
    • What about your job is preventing you from achieving work-life balance/integration?
    • How would [flexible work option] help you achieve work-life balance/integration?
    • How well would this option work with the workflow of your team or department? What would need to change?
    • What challenges do you see in adopting [flexible work option]?
    • What else would be helpful for you to achieve work-life balance/integration?
    • How could we customize [flexible work option] to ensure it meets your needs?
    • If this program were to fail, what do you think would be the top reasons and why?

    Appendix II: Communication key messaging

    1. Program purpose

    Start with the name and high-level purpose of the program.

    2. Business reasons for the program

    Share data you gathered in Step 1, illustrating challenges causing the need for the program and the benefits.

    3. Options selection process

    Outline the process followed to select options. Remember to share the involvement of stakeholders and the planning around employees' feedback, needs, and lived experiences.

    4. Options and eligibility

    Provide a brief overview of the options and eligibility. Specify that the organization is piloting these options and will modify them based on feedback.

    5. Approval not guaranteed

    Qualify that employees need to be "flexible about flexible work" – the options are not guaranteed and may sometimes be unavailable for business reasons.

    6. Shared responsibility

    Highlight the importance of everyone (managers, flexible workers, the team) working together to make flexible work achievable.

    7. Next steps

    Share any next steps, such as where employees can find the organization's Guide to Flexible Work for Managers and Employees, how to make flexible work a success, or if managers will be providing further detail in a team meeting.

    8. Ongoing communications

    Normalize the program and embed it in organizational culture by continuing communications through various media, such as the organization's newsletter or announcements in town halls.

    Works Cited

    Baziuk, Jennifer, and Duncan Meadows. "Global Employee Survey - Key findings and implications for ICMIF." EY, June 2021. Accessed May 2022.
    "Businesses suffering 'commitment issues' on flexible working," EY, 21 Sep. 2021. Accessed May 2022.
    "IT Talent Trends 2022". Info-Tech Research Group, 2022.
    "Jabra Hybrid Ways of Working: 2021 Global Report." Jabra, Aug. 2021. Accessed May 2022.
    LinkedIn Talent Solutions. "2022 Global Talent Trends." LinkedIn, 2022. Accessed May 2022.
    Lobosco, Mark. "The Future of Work is Flexible: 71% of Leaders Feel Pressure to Change Working Models." LinkedIn, 9 Sep. 2021. Accessed May 2022.
    Ohm, Joy, et al. "Covid-19: Women, Equity, and Inclusion in the Future of Work." Catalyst, 28 May 2020. Accessed May 2022.
    Pelta, Rachel. "Many Workers Have Quit or Plan to After Employers Revoke Remote Work." FlexJobs, 2021. Accessed May 2022.
    Slack Future Forum. "Inflexible return-to-office policies are hammering employee experience scores." Slack, 19 April 2022. Accessed May 2022.
    "State of Hybrid Work in IT: A Trend Report". Info-Tech Research Group, 2023.
    Threlkeld, Kristy. "Employee Burnout Report: COVID-19's Impact and 3 Strategies to Curb It." Indeed, 11 March 2021. Accessed March 2022.

    Become a Strategic CIO

    • Buy Link or Shortcode: {j2store}80|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 15 Average Days Saved
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • As a CIO, you are currently operating in a stable and trusted IT environment, but you would like to advance your role to strategic business partner.
    • CIOs are often overlooked as a strategic partner by their peers, and therefore face the challenge of proving they deserve a seat at the table.

    Our Advice

    Critical Insight

    • To become a strategic business partner, you must think and act as a business person that works in IT, rather than an IT person that works for the business.
    • Career advancement is not a solo effort. Building relationships with your executive business stakeholders will be critical to becoming a respected business partner.

    Impact and Result

    • Create a personal development plan and stakeholder management strategy to accelerate your career and become a strategic business partner. For a CIO to be considered a strategic business partner, he or she must be able to:
      • Act as a business person that works in IT, rather than an IT person that works for the business. This involves meeting executive stakeholder expectations, facilitating innovation, and managing stakeholder relationships.
      • Align IT with the customer. This involves providing business stakeholders with information to support stronger decision making, keeping up with disruptive technologies, and constantly adapting to the ever-changing end-customer needs.
      • Manage talent and change. This involves performing strategic workforce planning, and being actively engaged in identifying opportunities to introduce change in your organization, suggesting ways to improve, and then acting on them.

    Become a Strategic CIO Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should become a strategic CIO, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch

    Analyze strategic CIO competencies and assess business stakeholder satisfaction with IT using Info-Tech's CIO Business Vision Diagnostic and CXO-CIO Alignment Program.

    • Become a Strategic CIO – Phase 1: Launch

    2. Assess

    Evaluate strategic CIO competencies and business stakeholder relationships.

    • Become a Strategic CIO – Phase 2: Assess
    • CIO Strategic Competency Evaluation Tool
    • CIO Stakeholder Power Map Template

    3. Plan

    Create a personal development plan and stakeholder management strategy.

    • Become a Strategic CIO – Phase 3: Plan
    • CIO Personal Development Plan
    • CIO Stakeholder Management Strategy Template

    4. Execute

    Develop a scorecard to track personal development initiatives.

    • Become a Strategic CIO – Phase 4: Execute
    • CIO Strategic Competency Scorecard
    [infographic]

    Workshop: Become a Strategic CIO

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Competencies & Stakeholder Relationships

    The Purpose

    Gather and review information from business stakeholders.

    Assess strategic CIO competencies and business stakeholder relationships.

    Key Benefits Achieved

    Gathered information to create a personal development plan and stakeholder management strategy.

    Analyzed the information from diagnostics and determined the appropriate next steps.

    Identified and prioritized strategic CIO competency gaps.

    Evaluated the power, impact, and support of key business stakeholders.

    Activities

    1.1 Conduct CIO Business Vision diagnostic

    1.2 Conduct CXO-CIO Alignment program

    1.3 Assess CIO competencies

    1.4 Assess business stakeholder relationships

    Outputs

    CIO Business Vision results

    CXO-CIO Alignment Program results

    CIO competency gaps

    Executive Stakeholder Power Map

    2 Take Control of Your Personal Development

    The Purpose

    Create a personal development plan and stakeholder management strategy.

    Track your personal development and establish checkpoints to revise initiatives.

    Key Benefits Achieved

    Identified personal development and stakeholder engagement initiatives to bridge high priority competency gaps.

    Identified key performance indicators and benchmarks/targets to track competency development.

    Activities

    2.1 Create a personal development plan

    2.2 Create a stakeholder management strategy

    2.3 Establish key performance indicators and benchmarks/targets

    Outputs

    Personal Development Plan

    Stakeholder Management Strategy

    Strategic CIO Competency Scorecard

    Stabilize Infrastructure & Operations During Work-From-Anywhere

    • Buy Link or Shortcode: {j2store}309|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    Work-from-anywhere isn’t going anywhere. IT Infrastructure & Operations needs to:

    • Rebuild trust in the stability of IT infrastructure and operations.
    • Identify gaps created from the COVID-19 rush to remote work.
    • Identify how IT can better support remote workers.

    IT went through an initial crunch to enable remote work. It’s time to be proactive and learn from our mistakes.

    Our Advice

    Critical Insight

    • The nature of work has fundamentally changed. IT departments must ensure service continuity, not for how the company worked in 2019, but how the company is working now and will be working tomorrow.
    • Revisit the basics. Don’t focus on becoming an innovator until you have improved network access, app access, file access, and collaboration tools.
    • Aim for near-term innovation. Once you’re a trusted operator, become a business partner by directly empowering end users at home and in the office.

    Impact and Result

    Build a work-from-anywhere strategy that resonates with the business.

    • Strengthen the foundations of collaboration tools, app access, file access, network access, and endpoint standards.
    • Explore opportunities to strengthen IT operations.
    • Proactively help the business through employee experience monitoring and facilities optimization.

    Stabilize Infrastructure & Operations During Work-From-Anywhere Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a strategy for improving how well IT infrastructure and operations support work-from-anywhere, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Stabilize IT infrastructure

    Ensure your fundamentals are solid.

    2. Update IT operations

    Revisit your practices to ensure you can effectively operate in work-from-anywhere.

    3. Optimize IT infrastructure & operations

    Offer additional value to the business by proactively addressing these items.

    • Roadmap Tool

    Infographic

    Workshop: Stabilize Infrastructure & Operations During Work-From-Anywhere

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Stabilize IT Infrastructure

    The Purpose

    Strengthen the foundations of IT infrastructure.

    Key Benefits Achieved

    Improved end-user experience

    Stabilized environment

    Activities

    1.1 Review work-from-anywhere framework and identify capability gaps.

    1.2 Review diagnostic results to identify satisfaction gaps.

    1.3 Record improvement opportunities for foundational capabilities: collaboration, network, file access, app access.

    1.4 Identify deliverables and opportunities to provide value for each.

    Outputs

    Projects and initiatives to stabilize IT infrastructure

    Deliverables and opportunities to provide value for foundational capabilities

    2 Update IT Operations and Optimize

    The Purpose

    Update IT operational practices to support work-from-anywhere more effectively.

    Key Benefits Achieved

    Improved IT operations

    Activities

    2.1 Identify IT infrastructure and operational capability gaps.

    2.2 Record improvement opportunities for DRP & BCP.

    2.3 Record improvement opportunities for endpoint and systems management practices.

    2.4 Record improvement opportunities for IT operational practices.

    2.5 Explore office space optimization and employee experience monitoring.

    Outputs

    Projects and initiatives to update IT operations to better support work-from-anywhere

    Longer-term strategic initiatives

    Deliverables and opportunities to provide value for each capability

    Maximize Business Value From IT Through Benefits Realization

    • Buy Link or Shortcode: {j2store}337|cart{/j2store}
    • member rating overall impact (scale of 10): 6.0/10 Overall Impact
    • member rating average dollars saved: 4 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • IT and the business are often misaligned because business value is not well defined or communicated.
    • Decisions are made without a shared perspective of value. This results in cost misallocation and unexploited opportunities to improve efficiency and drive innovation.

    Our Advice

    Critical Insight

    • IT exists to provide business value and is part of the business value chain. Most IT organizations lack a way to define value, which complicates the process of making value-based strategic business decisions.
    • IT must link its spend to business value to justify its investments. IT doesn’t have an established process to govern benefits realization and struggles to demonstrate how it provides value from its investments.
    • Pursue value, not technology. The inability to articulate value leads to IT being perceived as a cost center.

    Impact and Result

    • Ensure there is a common understanding within the organization of what is valuable to drive growth and consistent strategic decision making.
    • Equip IT to evaluate, direct, and monitor investments to support the achievement of organizational values and business benefits.
    • Align IT spend with business value through an enhanced governance structure to achieve cost optimization. Ensure IT visibly contributes to the creation and maintenance of value.

    Maximize Business Value From IT Through Benefits Realization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should establish a benefits realization process, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand business value

    Ensure that all key strategic stakeholders hold a current understanding of what is valuable to the organization and a sense of what will be valuable based on future needs.

    • Maximize Business Value from IT Through Benefits Realization – Phase 1: Understand Business Value
    • Business Value Statement Template
    • Business Value Statement Example
    • Value Statement Email Communication Template
    • Feedback Consolidation Tool

    2. Incorporate benefits realization into governance

    Establish the process to evaluate spend on IT initiatives based on expected benefits, and implement the methods to monitor how well the initiatives achieve these benefits.

    • Maximize Business Value from IT Through Benefits Realization – Phase 2: Incorporate Benefits Realization into Governance
    • Business Value Executive Presentation Template

    3. Ensure an accurate reference of value

    Re-evaluate, on a consistent basis, the accuracy of the value drivers stated in the value statement with respect to the organization’s current internal and external environments.

    • Maximize Business Value from IT Through Benefits Realization – Phase 3: Ensure an Accurate Reference of Value
    [infographic]

    Workshop: Maximize Business Value From IT Through Benefits Realization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Business Value

    The Purpose

    Establish the business value statement.

    Understand the importance of implementing a benefits realization process.

    Key Benefits Achieved

    Unified stakeholder perspectives of business value drivers

    Establish supporters of the initiative

    Activities

    1.1 Understand what governance is and how a benefits realization process in governance will benefit the company.

    1.2 Discuss the mission and vision of the company, and why it is important to establish the target state prior to defining value.

    1.3 Brainstorm and narrow down organization value drivers.

    Outputs

    Stakeholder buy-in on benefits realization process

    Understanding of interrelations of mission, vision, and business value drivers

    Final three prioritized value drivers

    Completed business value statement

    2 Incorporate Benefits Realization Into Governance

    The Purpose

    Establish the intake, assessment and prioritization, and output and monitoring processes that are involved with implementing benefits realization.

    Assign cut-over dates and accountabilities.

    Establish monitoring and tracking processes.

    Key Benefits Achieved

    A thorough implementation plan that can be incorporated into existing governance documents

    Stakeholder understanding of implemented process, process ownership

    Activities

    2.1 Devise the benefits realization process.

    2.2 Establish launch dates, accountabilities, and exception handling on processes.

    2.3 Devise compliance monitoring and exception tracking methods on the benefits realization process.

    Outputs

    Benefits realization process incorporated into governance documentation

    Actionable plan to implement benefits realization process

    Reporting processes to ensure the successful delivery of the improved governance process

    3 Ensure an Accurate Reference of Value

    The Purpose

    Implement a process to ensure that business value drivers remain current to the organization.

    Key Benefits Achieved

    Align IT with the business and business to its environment

    Activities

    3.1 Determine regular review cycle to reassess business value drivers.

    3.2 Determine the trigger events that may cause off-cycle revisits to value.

    3.3 Devise compliance monitoring on value definition.

    Outputs

    Agenda and tools to assess the business context to verify the accuracy of value

    List of possible trigger events specific to your organization

    Reporting processes to ensure the continuous adherence to the business value definition

    Risk management company

    Expert risk management consultancy firm

    Based on experience
    Implementable advice
    human-based and people-oriented

    Engage Tymans Group, expert risk management and consultancy company, to advise you on mitigating, preventing, and monitoring IT and information security risks within your business. We offer our extensive experience as a risk consulting company to provide your business with a custom roadmap and practical solutions to any risk management problems you may encounter.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Setting up risk management within your company with our expert help

    Risk is unavoidable when doing business, but that does not mean you should just accept it and move on. Every company should try to manage and mitigate risk as much as possible, be it risks regarding data security or general corporate security. As such, it would be wise to engage an expert risk management and consultancy company, like Tymans Group. Our risk management consulting firm offers business practical solutions for setting up risk management programs and IT risk monitoring protocols as well as solutions for handling IT incidents. Thanks to our experience as a risk management consulting firm, you enjoy practical and proven solutions based on a people-oriented approach.

    Benefit from our expert advice on risk management

    If you engage our risk management consultancy company you get access to various guides and documents to help you set up risk management protocols within you company. Additionally, you can book a one-hour online talk with our risk management consulting firm’s CEO Gert Taeymans to discuss any problems you may be facing or request an on-site appointment in which our experts analyze your problems. The talk can discuss any topic, from IT risk control to external audits and even corporate security consultancy. If you have any questions about our risk management and consulting services for your company, we are happy to answer them. Just contact our risk management consulting firm through the online form and we will get in touch with as soon as possible.

    Continue reading

    Get the Most Out of Your CRM

    • Buy Link or Shortcode: {j2store}537|cart{/j2store}
    • member rating overall impact (scale of 10): 9.7/10 Overall Impact
    • member rating average dollars saved: $31,749 Average $ Saved
    • member rating average days saved: 22 Average Days Saved
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Application optimization is essential to stay competitive and productive in today’s digital environment.
    • Enterprise applications often involve large capital outlay, unquantified benefits, and high risk of failure.
    • Customer relationship management (CRM) application portfolios are often messy with multiple integration points, distributed data, and limited ongoing end-user training.
    • User dissatisfaction is common.

    Our Advice

    Critical Insight

    A properly optimized CRM ecosystem will reduce costs and increase productivity.

    Impact and Result

    • Build an ongoing optimization team to conduct application improvements.
    • Assess your CRM application(s) and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.
    • Validate CRM capabilities, user satisfaction, issues around data, vendor management, and costs to build out an optimization strategy.
    • Pull this all together to develop a prioritized optimization roadmap.

    Get the Most Out of Your CRM Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize your CRM, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Map current-state capabilities

    Gather information around the application:

    • Get the Most Out of Your CRM Workbook

    2. Assess your current state

    Assess CRM and related environment. Perform CRM process assessment. Assess user satisfaction across key processes, applications, and data. Understand vendor satisfaction

    • CRM Application Inventory Tool

    3. Build your optimization roadmap

    Build your optimization roadmap: process improvements, software capability improvements, vendor relationships, and data improvement initiatives.

    Infographic

    Workshop: Get the Most Out of Your CRM

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your CRM Application Vision

    The Purpose

    Define your CRM application vision.

    Key Benefits Achieved

    Develop an ongoing application optimization team.

    Realign CRM and business goals.

    Understand your current system state capabilities.

    Explore CRM and related costs.

    Activities

    1.1 Determine your CRM optimization team.

    1.2 Align organizational goals.

    1.3 Inventory applications and interactions.

    1.4 Define business capabilities.

    1.5 Explore CRM-related costs (optional).

    Outputs

    CRM optimization team

    CRM business model

    CRM optimization goals

    CRM system inventory and data flow

    CRM process list

    CRM and related costs

    2 Map Current-State Capabilities

    The Purpose

    Map current-state capabilities.

    Key Benefits Achieved

    Complete a CRM process gap analysis to understand where the CRM is underperforming.

    Review the CRM application portfolio assessment to understand user satisfaction and data concerns.

    Undertake a software review survey to understand your satisfaction with the vendor and product.

    Activities

    2.1 Conduct gap analysis for CRM processes.

    2.2 Perform an application portfolio assessment.

    2.3 Review vendor satisfaction.

    Outputs

    CRM process gap analysis

    CRM application portfolio assessment

    CRM software reviews survey

    3 Assess CRM

    The Purpose

    Assess CRM.

    Key Benefits Achieved

    Learn which processes you need to focus on.

    Uncover underlying user satisfaction issues to address these areas.

    Understand where data issues are occurring so that you can mitigate this.

    Investigate your relationship with the vendor and product, including that relative to others.

    Identify any areas for cost optimization (optional).

    Activities

    3.1 Explore process gaps.

    3.2 Analyze user satisfaction.

    3.3 Assess data quality.

    3.4 Understand product satisfaction and vendor management.

    3.5 Look for CRM cost optimization opportunities (optional).

    Outputs

    CRM process optimization priorities

    CRM vendor optimization opportunities

    CRM cost optimization

    4 Build the Optimization Roadmap

    The Purpose

    Build the optimization roadmap.

    Key Benefits Achieved

    Understanding where you need to improve is the first step, now understand where to focus your optimization efforts.

    Activities

    4.1 Identify key optimization areas.

    4.2 Build your CRM optimization roadmap and next steps.

    Outputs

    CRM optimization roadmap

    Further reading

    Get the Most Out of Your CRM

    In today’s connected world, continuous optimization of enterprise applications to realize your digital strategy is key.

    Get the Most Out of Your CRM

    In today’s connected world, continuous optimization of enterprise applications to realize your digital strategy is key.

    EXECUTIVE BRIEF

    Analyst Perspective

    Focus optimization on organizational value delivery.

    Customer relationship management (CRM) systems are at the core of a customer-centric strategy to drive business results. They are critical to supporting marketing, sales, and customer service efforts.

    CRM systems are expensive, their benefits are difficult to quantify, and they often suffer from poor user satisfaction. Post implementation, technology evolves, organizational goals change, and the health of the system is not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

    Too often organizations jump into the selection of replacement systems without understanding the health of their current systems. IT leaders need to stop reacting and take a proactive approach to continually monitor and optimize their enterprise applications. Strategically realign business goals, identify business application capabilities, complete a process assessment, evaluate user adoption, and create an optimization roadmap that will drive a cohesive technology strategy that delivers results.

    This is a picture of Lisa Highfield

    Lisa Highfield
    Research Director,
    Enterprise Applications
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    In today’s connected world, continuous optimization of enterprise applications to realize your digital strategy is key.

    Enterprise applications often involve large capital outlay and unquantified benefits.

    CRM application portfolios are often messy. Add to that poor processes, distributed data, and lack of training – business results and user dissatisfaction is common.

    Technology owners are often distributed across the business. Consolidation of optimization efforts is key.

    Common Obstacles

    Enterprise applications involve large numbers of processes and users. Without a clear focus on organizational needs, decisions about what and how to optimize can become complicated.

    Competing and conflicting priorities may undermine optimization value by focusing on the approaches that would only benefit one line of business rather than the entire organization.

    Teams do not have a framework to illustrate, communicate, and justify the optimization effort in the language your stakeholders understand.

    Info-Tech’s Approach

    Build an ongoing optimization team to conduct application improvements.

    Assess your CRM application(s) and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.

    Validate CRM capabilities, user satisfaction, issues around data, vendor management, and costs to build out an optimization strategy

    Pull this all together to develop a prioritized optimization roadmap.

    Info-Tech Insight

    CRM implementation should not be a one-and-done exercise. A properly optimized CRM ecosystem will reduce costs and increase productivity.

    This is an image of the thought model: Get the Most Out of Your CRM

    Insight Summary

    Continuous assessment and optimization of customer relationship management (CRM) systems is critical to their success.

    • Applications and the environments in which they live are constantly evolving.
    • Get the Most Out of Your CRM provides business and application managers a method to complete a health assessment on their CRM systems to identify areas for improvement and optimization.
    • Put optimization practices into effect by:
      • Aligning and prioritizing key business and technology drivers.
      • Identifying CRM process classification, and performing a gap analysis.
      • Measuring user satisfaction across key departments.
      • Evaluating vendor relations.
      • Understanding how data fits.
      • Pulling it all together into an optimization roadmap.

    CRM platforms are the applications that provide functional capabilities and data management around the customer experience (CX).

    Marketing, sales, and customer service are enabled through CRM technology.

    CRM technologies facilitate an organization’s relationships with customers, service users, employees, and suppliers.

    CRM technology is critical to managing the lifecycle of these relationships, from lead generation, to sales opportunities, to ongoing support and nurturing of these relationships.

    Customer experience management (CXM)

    CRM platforms sit at the core of a well-rounded customer experience management ecosystem.

    Customer Relationship Management

    • Web Experience Management Platform
    • E-Commerce & Point-of-Sale Solutions
    • Social Media Management Platform
    • Customer Intelligence Platform
    • Customer Service Management Tools
    • Marketing Management Suite

    Customer relationship management suites are one piece of the overall customer experience management ecosystem, alongside tools such as customer intelligence platforms and adjacent point solutions for sales, marketing, and customer service. Review Info-Tech’s CXM blueprint to build a complete, end-to-end customer interaction solution portfolio that encompasses CRM alongside other critical components. The CXM blueprint also allows you to develop strategic requirements for CRM based on customer personas and external market analysis.

    CRM by the numbers

    1/3

    Statistical analysis of CRM projects indicate failures vary from 18% to 69%. Taking an average of those analyst reports, about one-third of CRM projects are considered a failure.
    Source: CIO Magazine, 2017

    85%

    Companies that apply the principles of behavioral economics outperform their peers by 85% in sales growth and more than 25% in gross margin.
    Source: Gallup, 2012

    40%

    In 2019, 40% of executives name customer experience the top priority for their digital transformation.
    Source: CRM Magazine, 2019

    CRM dissatisfaction

    Drivers of Dissatisfaction

    Business Data People and Teams Technology
    • Misaligned objectives
    • Product fit
    • Changing priorities
    • Lack of metrics
    • Access to data
    • Data hygiene
    • Data literacy
    • One view of the customer
    • User adoption
    • Lack of IT support
    • Training (use of data and system)
    • Vendor relations
    • Systems integration
    • Multichannel complexity
    • Capability shortfall
    • Lack of product support

    Info-Tech Insight

    While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder to shoulder with the business to develop a technology framework for customer relationship management.

    Marketing, Sales, and Customer Service, along with IT, can only optimize CRM with the full support of each other. The cooperation of the departments is crucial when trying to improve CRM technology capabilities and customer interaction.

    Application optimization is risky without a plan

    Avoid the common pitfalls.

    • Not considering application optimization as a business and IT partnership that requires continuous formal engagement of all participants.
    • Not having a good understanding of current state, including integration points and data.
    • Not adequately accommodating feedback and changes after digital applications are deployed and employed.
    • Not treating digital applications as a motivator for potential future IT optimization effort, and not incorporating digital assets in strategic business planning.
    • Not involving department leads, management, and other subject matter experts to facilitate the organizational change digital applications bring.

    “A successful application optimization strategy starts with the business need in mind and not from a technological point of view. No matter from which angle you look at it, modernizing a legacy application is a considerable undertaking that can’t be taken lightly. Your best approach is to begin the journey with baby steps.”
    – Ernese Norelus, Sreeni Pamidala, and Oliver Senti
    Medium, 2020

    Info-Tech’s methodology for Get the Most Out of Your CRM

    1. Map Current-State Capabilities 2. Assess Your Current State 3. Build Your Optimization Roadmap
    Phase Steps
    1. Identify stakeholders and build your CRM optimization team
    2. Build a CRM strategy model
    3. Inventory current system state
    4. Define business capabilities
    1. Conduct a gap analysis for CRM processes
    2. Assess user satisfaction
    3. Review your satisfaction with the vendor and product
    1. Identify key optimization areas
    2. Compile optimization assessment results
    Phase Outcomes
    1. Stakeholder map
    2. CRM optimization team
    3. CRM business model
    4. Strategy alignment
    5. Systems inventory and diagram
    6. Business capabilities map
    7. Key CRM processes list
    1. Gap analysis for CRM-related processes
    2. Understanding of user satisfaction across applications and processes
    3. Insight into CRM data quality
    4. Quantified satisfaction with the vendor and product
    1. Application optimization plan

    Get the Most Out of Your CRM Workbook

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

    Key deliverable:

    CRM Optimization Roadmap (Tab 8)

    This image contains a screenshot from Tab 9 of the Get the most out of your CRM WorkshopThis image contains a screenshot from Tab 9 of the Get the most out of your CRM Workshop

    Complete an assessment of processes, user satisfaction, data quality, and vendor management using the Workbook or the APA diagnostic.

    CRM Business Model (Tab 2)

    This image contains a screenshot from Tab 2 of the Get the most out of your CRM Workshop

    Align your business and technology goals and objectives in the current environment.

    Prioritized CRM Optimization Goals (Tab 3)

    This image contains a screenshot from Tab 3 of the Get the most out of your CRM Workshop

    Identify and prioritize your CRM optimization goals.

    Application Portfolio Assessment (APA)

    This image contains a screenshot of the Application Portfolio Assessment

    Assess IT-enabled user satisfaction across your CRM portfolio.

    Prioritized Process Assessment (Tab 5)

    This image contains a screenshot from Tab 5 of the Get the most out of your CRM Workshop

    Understand areas for improvement.

    Case Study

    Align strategy and technology to meet consumer demand.

    INDUSTRY - Entertainment
    SOURCE - Forbes, 2017

    Challenge

    Beginning as a mail-out service, Netflix offered subscribers a catalog of videos to select from and have mailed to them directly. Customers no longer had to go to a retail store to rent a video. However, the lack of immediacy of direct mail as the distribution channel resulted in slow adoption.

    Blockbuster was the industry leader in video retail but was lagging in its response to industry, consumer, and technology trends around customer experience

    Solution

    In response to the increasing presence of tech-savvy consumers on the internet, Netflix invested in developing its online platform as its primary distribution channel. The benefit of doing so was two-fold: passive brand advertising (by being present on the internet) and meeting customer demands for immediacy and convenience. Netflix also recognized the rising demand for personalized service and created an unprecedented, tailored customer experience.

    Results

    Netflix’s disruptive innovation is built on the foundation of great customer experience management. Netflix is now a $28-billion company, which is tenfold what Blockbuster was worth.

    Netflix used disruptive technologies to innovatively build a customer experience that put it ahead of the long-time, video rental industry leader, Blockbuster.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2:

    Build the CRM team.

    Align organizational goals.

    Call #4:

    Conduct gap analysis for CRM processes.

    Prepare application portfolio assessment.

    Call #5:

    Understand product satisfaction and vendor management.

    Look for CRM cost optimization opportunities (optional).

    Call #7:

    Identify key optimization areas.

    Build out optimization roadmap and next steps.

    Call #3:

    Map current state.

    Inventory CRM processes.

    Explore CRM-related costs.

    Call #6:

    Review APA results.

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Define Your CRM Application Vision Map Current-State Capabilities Assess CRM Build the Optimization Roadmap Next Steps and Wrap-Up (offsite)

    Activities

    1.1 Determine your CRM optimization team

    1.2 Align organizational goals

    1.3 Inventory applications and interactions

    1.4 Define business capabilities

    1.5 Explore CRM-related costs

    2.1 Conduct gap analysis for CRM processes

    2.2 Perform an application portfolio assessment

    2.3 Review vendor satisfaction

    3.1 Explore process gaps

    3.2 Analyze user satisfaction

    3.3 Assess data quality

    3.4 Understand product satisfaction and vendor management

    3.5 Look for CRM cost optimization opportunities (optional)

    4.1 Identify key optimization areas

    4.2 Build your CRM optimization roadmap and next steps

    5.1 Complete in-progress deliverables from previous four days

    5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables
    1. CRM optimization team
    2. CRM business model
    3. CRM optimization goals
    4. CRM system inventory and data flow
    5. CRM process list
    6. CRM and related costs
    1. CRM process gap analysis
    2. CRM application portfolio assessment
    3. CRM software reviews survey
    1. CRM process optimization priorities
    2. CRM vendor optimization opportunities
    3. CRM cost optimization
    1. CRM optimization roadmap

    Phase 1

    Map Current-State Capabilities

    • 1.1 Identify Stakeholders and Build Your Optimization Team
    • 1.2 Build a CRM Strategy Model
    • 1.3 Inventory Current System State
    • 1.4 Define Business Capabilities
    • 1.5 Understand CRM Costs

    Get the Most Out of Your CRM

    This phase will walk you through the following activities:

    • Align your organizational goals
    • Gain a firm understanding of your current state
    • Inventory CRM and related applications
    • Confirm the organization’s capabilities

    This phase involves the following participants:

    • Product Owners
    • CMO
    • Departmental leads – Sales, Marketing, Customer Service, or other
    • Applications Director
    • Senior Business Analyst
    • Senior Developer
    • Procurement Analysts

    Inventory of CRM and related systems

    Develop an integration map to specify which applications will interface with each other.

    This is an image of an integration map, integrating the following Terms to CRM: Telephony Systems; Directory Services; Email; Content Management; Point Solutions; ERP

    Integration is paramount: your CRM application often integrates with other applications within the organization. Create an integration map to reflect a system of record and the exchange of data. To increase customer engagement, channel integration is a must (i.e. with robust links to unified communications solutions, email, and VoIP telephony systems).

    CRM plays a key role in the more holistic customer experience framework. However, it is heavily influenced by and often interacts with many other platforms.

    Data is one key consideration that needs to be considered here. If customer information is fragmented, it will be nearly impossible to build a cohesive view of the customer. Points of integration (POIs) are the junctions between the CRM(s) and other applications where data is flowing to and from. They are essential to creating value, particularly in customer insight-focused and omnichannel-focused deployments.

    Customer expectations are on the rise

    CRM strategy is a critical component of customer experience (CX).

    CUSTOMER EXPERIENCE

    1. Thoughtfulness is in
      Connect with customers on a personal level
    2. Service over products
      The experience is more important than the product
    3. Culture is now number one
      Culture is the most overlooked piece of customer experience strategy
    4. Engineering and service finally join forces
      Companies are combining their technology and service efforts to create
      strong feedback loops
    5. The B2B world is inefficiently served
      B2B needs to step up with more tools and a greater emphasis placed on
      customer experience

    Source: Forbes, 2019

    Build a cohesive CRM strategy that aligns business goals with CRM capabilities.

    Info-Tech Insight

    Customers expect to interact with organizations through the channels of their choice. Now more than ever, you must enable your organization to provide tailored customer experiences.

    IT is critical to the success of your CRM strategy

    Today’s shared digital landscape of the CIO and CMO

    CIO

    • IT Operations
    • Service Delivery and Management
    • IT Support
    • IT Systems and Application
    • IT Strategy and Governance
    • Cybersecurity

    Collaboration and Partnership

    • Digital Strategy = Transformation
      Business Goals | Innovation | Leadership | Rationalization
    • Customer Experience
      Architecture | Design | Omnichannel Delivery | Management
    • Insight (Market Facing)
      Analytics | Business Intelligence | Machine Learning | AI
    • Marketing Integration + Operating Model
      Apps | Channels | Experiences | Data | Command Center
    • Master Data
      Customer | Audience | Industry | Digital Marketing Assets

    CMO

    • PEO Media
    • Brand Management
    • Campaign Management
    • Marketing Tech
    • Marketing Ops
    • Privacy, Trust, and Regulatory Requirements

    Info-Tech Insight

    Technology is the key enabler of building strong customer experiences: IT must stand shoulder to shoulder with the business to develop a technology framework for customer relationship management.

    Step 1.1

    Identify Stakeholders and Build Your Optimization Team

    Activities

    1.1.1 Identify the stakeholders whose support will be critical to success

    1.1.2 Select your CRM optimization team

    Map Current-State Capabilities

    This step will walk you through the following activities:

    • Identify CRM drivers and objectives.
    • Explore CRM challenges and pain points.
    • Discover CRM benefits and opportunities.
    • Align the CRM foundation with the corporate strategy.

    This step involves the following participants:

    • Stakeholders
    • Project sponsors and leaders

    Outcomes of this step

    • Stakeholder map
    • CRM optimization team composition

    CRM optimization stakeholders

    Understand the roles necessary to get the most out of your CRM.

    Understand the role of each player within your optimization initiative. Look for listed participants on the activity slides to determine when each player should be involved.

    Info-Tech Insight

    Do not limit input or participation. Include subject matter experts and internal stakeholders at stages within the optimization initiative. Such inputs can be solicited on a one-off basis as needed. This ensures you take a holistic approach to creating your CRM optimization strategy.

    Title

    Roles Within CRM Optimization Initiative

    Optimization Sponsor

    • Owns the project at the management/C-suite level
    • Responsible for breaking down barriers and ensuring alignment with organizational strategy
    • CMO, VP od Marketing, VP of Sales, VP of Customer Care, or similar

    Optimization Initiative Manager

    • Typically IT individual(s) that oversee day-to-day operations
    • Responsible for preparing and managing the project plan and monitoring the project team’s progress
    • Applications Manager or other IT Manager, Business Analyst, Business Process Owner, or similar

    Business Leads/
    Product Owners

    • Works alongside the Optimization Initiative Manager to ensure that the strategy is aligned with business needs
    • In this case, likely to be a marketing, sales, or customer service lead
    • Product Owners
    • Sales Director, Marketing Director, Customer Care Director, or similar

    CRM Optimization Team

    • Comprised of individuals whose knowledge and skills are crucial to optimization success
    • Responsible for driving day-to-day activities, coordinating communication, and making process and design decisions
    • Project Manager, Business Lead, CRM Manager, Integration Manager, Application SMEs, Developers, Business Process Architects, and/or similar SMEs

    Steering Committee

    • Comprised of C-suite/management level individuals that act as the CRM optimization decision makers.
    • Responsible for validating goals and priorities, defining the optimization scope, enabling adequate resourcing, and managing change
    • Project Sponsor, Project Manager, Business Lead, CMO, Business Unit SMEs, or similar

    1.1.1 Identify stakeholders critical to success

    1 hour

    1. Hold a meeting to identify the stakeholders that should be included in the project’s steering committee.
    2. Finalize selection of steering committee members.
    3. Contact members to ensure their willingness to participate.
    4. Document the steering committee members and the milestone/presentation expectations for reporting project progress and results.

    Input

    • Stakeholder interviews
    • Business process owners list

    Output

    • CRM optimization stakeholders
    • Steering committee members

    Materials

    • N/A

    Participants

    • Product Owners
    • CMO
    • Departmental Leads – Sales, Marketing, Customer Service (and others)
    • Applications Director
    • Senior Business Analyst
    • Senior Developer
    • Procurement Analyst

    The CRM optimization team

    Consider the core team functions when composing the CRM optimization team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, Operations) to create a well-aligned CRM optimization strategy.

    Don’t let your core team become too large when trying to include all relevant stakeholders. Carefully limiting the size of the optimization team will enable effective decision making while still including functional business units such as Marketing, Sales, Service, and Customer Service.

    Required Skills/Knowledge

    Suggested Optimization Team Members

    Business

    • Understanding of the customer
    • Departmental processes
    • Sales Manager
    • Marketing Manager
    • Customer Service Manager

    IT

    • Product Owner
    • Application developers
    • Enterprise architects
    • CRM Application Manager
    • Business Process Manager
    • Data Stewards
    Other
    • Operations
    • Administrative
    • Change management
    • Operations Manager
    • CFO
    • Change Management Manager

    1.1.2 Select your CRM optimization team

    30 minutes

    1. Have the CMO and other key stakeholders discuss and determine who will be involved in the CRM optimization project.
      • Depending on the initiative and the size of the organization the size of the team will vary.
      • Key business leaders in key areas – Sales, Marketing, Customer Service, and IT – should be involved.
    2. Document the members of your optimization team in the Get the Most Out of Your CRM Workbook, tab “1. Optimization Team.”
      • Depending on your initiative and size of your organization, the size of this team will vary.

    Get the Most Out of Your CRM Workbook

    Input

    • Stakeholders

    Output

    • List of CRM Optimization Team members

    Materials

    • Get the Most Out of Your CRM Workbook

    Participants

    • Product Owners
    • CMO
    • Departmental Leads – Sales, Marketing, Customer Service
    • Applications Director
    • Senior Business Analyst
    • Senior Developer
    • Procurement Analyst

    Step 1.2

    Build a CRM Strategy Model

    Activities

    • 1.2.1 Explore environmental factors and technology drivers
    • 1.2.2 Discuss challenges and pain points
    • 1.2.3 Discuss opportunities and benefits
    • 1.2.4 Align CRM strategy with organizational goals

    Map Current-State Capabilities

    This step will walk you through the following activities:

    • Identify CRM drivers and objectives.
    • Explore CRM challenges and pain points.
    • Discover the CRM benefits and opportunities.
    • Align the CRM foundation with the corporate strategy.

    This step involves the following participants:

    • CRM Optimization Team

    Outcomes of this step

    • CRM business model
    • Strategy alignment

    Align the CRM strategy with the corporate strategy

    Corporate Strategy

    Your corporate strategy:

    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and business aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the future state.

    Unified Strategy

    • The CRM optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.

    CRM Strategy

    Your CRM Strategy:

    • Communicates the organization’s budget and spending on CRM.
    • Identifies IT initiatives that will support the business and key CRM objectives.
    • Outlines staffing and resourcing for CRM initiatives.

    CRM projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with CRM capabilities. Effective alignment between Sales, Marketing, Customer Service, Operations, IT, and the business should happen daily. Alignment doesn’t just need to occur at the executive level but at each level of the organization.

    Sample CRM objectives

    Increase Revenue

    Enable lead scoring

    Deploy sales collateral management tools

    Improve average cost per lead via a marketing automation tool

    Enhance Market Share

    Enhance targeting effectiveness with a CRM

    Increase social media presence via an SMMP

    Architect customer intelligence analysis

    Improve Customer Satisfaction

    Reduce time-to-resolution via better routing

    Increase accessibility to customer service with live chat

    Improve first contact resolution with customer KB

    Increase Customer Retention

    Use a loyalty management application

    Improve channel options for existing customers

    Use customer analytics to drive targeted offers

    Create Customer-Centric Culture

    Ensure strong training and user adoption programs

    Use CRM to provide 360-degree view of all customer interactions

    Incorporate the voice of the customer into product development

    Identifying organizational objectives of high priority will assist in breaking down business needs and CRM objectives. This exercise will better align the CRM systems with the overall corporate strategy and achieve buy-in from key stakeholders.

    CRM business model Template

    This image contains a screenshot of the CRM business model template

    Understand objectives for creating a strong CRM strategy

    Business Needs

    Business Drivers

    Technology Drivers

    Environmental Factors

    Definition A business need is a requirement associated with a particular business process. Business drivers can be thought of as business-level goals. These are tangible benefits the business can measure such as employee retention, operation excellence, and financial performance. Technology drivers are technological changes that have created the need for a new CRM enablement strategy. Many organizations turn to technology systems to help them obtain a competitive edge. External considerations are factors taking place outside of the organization that are impacting the way business is conducted inside the organization. These are often outside the control of the business.

    Examples

    • Audit tracking
    • Authorization levels
    • Business rules
    • Data quality
    • Employee engagement
    • Productivity
    • Operational efficiency
    • Deployment model (i.e. SaaS)
    • Integration
    • Reporting capabilities
    • Fragmented technologies
    • Economic and political factors, the labor market
    • Competitive influencers
    • Compliance regulations

    Info-Tech Insight

    One of the biggest drivers for CRM adoption is the ability to make decisions through consolidated data. This driver is a result of external considerations. Many industries today are highly competitive, uncertain, and rapidly changing. To succeed under these pressures, there needs to be timely information and visibility into all components of the organization.

    1.2.1 Explore environmental factors and technology drivers

    30 minutes

    1. Identify business drivers that are contributing to the organization’s need for CRM.
    2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization. Use a whiteboard and markers to capture key findings.
    3. Consider environmental factors: external considerations, organizational drivers, technology drivers, and key functional requirements.
    4. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.

    Get the Most Out of Your CRM Workbook

    This is a screenshot of the CRM Business Model the following boxes highlighted in purple boxes.  CRM business Needs; Environmental Factors; Technology Drivers

    External Considerations

    Organizational Drivers

    Technology Considerations

    Functional Requirements

    • Funding Constraints
    • Regulations
    • Compliance
    • Scalability
    • Operational Efficiency
    • Data Accuracy
    • Data Quality
    • Better Reporting
    • Information Availability
    • Integration Between Systems
    • Secure Data

    Create a realistic CRM foundation by identifying the challenges and barriers to the project

    There are several different factors that may stifle the success of an CRM portfolio. Organizations creating an CRM foundation must scan their current environment to identify internal barriers and challenges.

    Common Internal Barriers

    Management Support

    Organizational Culture

    Organizational Structure

    IT Readiness

    Definition The degree of understanding and acceptance towards CRM technology and systems. The collective shared values and beliefs. The functional relationships between people and departments in an organization. The degree to which the organization’s people and processes are prepared for new CRM system(s.)

    Questions

    • Is a CRM project recognized as a top priority?
    • Will management commit time to the project?
    • Are employees resistant to change?
    • Is the organization highly individualized?
    • Is the organization centralized?
    • Is the organization highly formalized?
    • Is there strong technical expertise?
    • Is there strong infrastructure?
    Impact
    • Funding
    • Resources
    • Knowledge sharing
    • User acceptance
    • Flow of knowledge
    • Poor implementation
    • Need for reliance on consultants

    1.2.2 Discuss challenges and pain points

    30 minutes

    1. Identify challenges with current systems and processes.
    2. Brainstorm potential barriers to success. Use a whiteboard and markers to capture key findings.
    3. Consider the project barriers: functional gaps, technical gaps, process gaps, and barriers to CRM success.
    4. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.

    Get the Most Out of Your CRM Workbook

    This is a screenshot of the CRM Business Model the following boxes highlighted in purple boxes.  Barriers

    Functional Gaps

    Technical Gaps

    Process Gaps

    Barriers to Success

    • No sales tracking within core CRM
    • Inconsistent reporting – data quality concerns
    • Duplication of data
    • Lack of system integration
    • Cultural mindset
    • Resistance to change
    • Lack of training
    • Funding

    1.2.3 Discuss opportunities and benefits

    30 minutes

    1. Identify opportunities and benefits from an integrated system.
    2. Brainstorm potential enablers for successful CRM enablement and the ideal portfolio.
    3. Consider the project enablers: business benefits, IT benefits, organizational benefits, and enablers of CRM success.
    4. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.
    This is a screenshot of the CRM Business Model the following boxes highlighted in purple boxes.  Enablers

    Business Benefits

    IT Benefits

    Organizational Benefits

    Enablers of Success

    • Business-IT alignment
    • Compliance
    • Scalability
    • Operational Efficiency
    • Data Accuracy
    • Data Quality
    • Better Reporting
    • Change Management
    • Training
    • Alignment to Strategic Objectives

    1.2.4 Align CRM strategy with organizational goals

    1 hour

    1. Discuss your corporate objectives (organizational goals). Choose three to five corporate objectives that are a priority for the organization in the current year.
    2. Break into groups and assign each group one corporate objective.
    3. For each objective, produce several ways an optimized CRM system will meet the given objective.
    4. Think about the modules and CRM functions that will help you realize these benefits.
    5. Use the Get the Most Out of Your CRM Workbook, tab “2. Business Model,” to complete this exercise.
    Increase Revenue

    CRM Benefits

    • Increase sales by 5%
    • Expand to new markets
    • Offer new product
    • Identify geographies underperforming
    • Build out global customer strategy
    • Allow for customer segmentation
    • Create targeted marketing campaigns

    Input

    • Organizational goals
    • CRM strategy model

    Output

    • Optimization benefits map

    Materials

    • Get the Most Out of Your CRM Workbook

    Participants

    • Product Owners
    • CMO
    • Departmental Leads – Sales, Marketing, Customer Service
    • Applications Director
    • Senior Business Analyst
    • Senior Developer
    • Procurement Analyst

    Download the Get the Most Out of Your CRM Workbook

    Step 1.3

    Inventory Current System State

    Activities

    1.3.1 Inventory applications and interactions

    Map Current-State Capabilities

    This step will walk you through the following activities:

    • Inventory applications
    • Map interactions between systems

    This step involves the following participants:

    • CRM Optimization Team
    • Enterprise Architect
    • Data Architect

    Outcomes of this step

    • Systems inventory
    • Systems diagram

    1.3.1 Inventory applications and interactions

    1-3 hours

    1. Individually list all electronic systems involved in the organization. This includes anything related to customer information and interactions, such as CRM, ERP, e-commerce, finance, email marketing, and social media, etc.
    2. Document data flows into and out of each system to the ERP. Refer to the example on the next slide (CRM data flow).
    3. Review the processes in place (e.g. reporting, marketing, data moving into and out of systems). Document manual processes. Identify integration points. If flowcharts exist for these processes, it may be useful to provide these to the participants.
    4. If possible, diagram the system. Include information direction flow. Use the sample CRM map, if needed.

    This image contains an example of a CRM Data Flow

    CRM data flow

    This image contains an example of a CRM Data Flow

    Be sure to include enterprise applications that are not included in the CRM application portfolio. Popular systems to consider for POIs include billing, directory services, content management, and collaboration tools.

    When assessing the current application portfolio that supports CRM, the tendency will be to focus on the applications under the CRM umbrella, relating mostly to Marketing, Sales, and Customer Service. Be sure to include systems that act as input to, or benefit due to outputs from, the CRM or similar applications.

    Sample CRM map

    This image contains an example of a CRM map

    Step 1.4

    Define Business Capabilities

    Activities

    1.4.1 Define business capabilities

    1.4.2 List your key CRM processes

    Map Current-State Capabilities

    This step will walk you through the following activities:

    • Define your business capabilities
    • List your key CRM processes

    This step involves the following participants:

    • CRM Optimization Team
    • Business Architect

    Outcomes of this step

    • Business capabilities map
    • Key CRM processes list

    Business capability map (Level 0)

    This image contains a screenshot of a business capability map.  an Arrow labeled CRM points to the Revenue Generation section. Revenue Generation: Marketing; Sales; Customer Service.

    In business architecture, the primary view of an organization is known as a business capability map.

    A business capability defines what a business does to enable value creation, rather than how.

    Business capabilities:

    • Represent stable business functions.
    • Are unique and independent of each other.
    • Typically will have a defined business outcome.

    A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

    Capability vs. process vs. feature

    Understanding the difference

    When examining CRM optimization, it is important we approach this from the appropriate layer.

    Capability:

    • The ability of an entity (e.g. organization or department) to achieve its objectives (APQC, 2017).
    • An ability that an organization, person, or system possesses. Typically expressed in general and high-level terms and typically require a combination of organization, people, processes, and technology to achieve (TOGAF).

    Process:

    • Can be manual or technology enabled. A process is a series of interrelated activities that convert inputs into results (outputs). Processes consume resources, require standards for repeatable performance, and respond to control systems that direct the quality, rate, and cost of performance. The same process can be highly effective in one circumstance and poorly effective in another with different systems, tools, knowledge, and people (APQC, 2017).

    Feature:

    • Is a distinguishing characteristic of a software item (e.g. performance, portability, or functionality) (IEEE, 2005).

    In today’s complex organizations, it can be difficult to understand where inefficiencies stem from and how performance can be enhanced.
    To fix problems and maximize efficiencies business capabilities and processes need to be examined to determine gaps and areas of lagging performance.

    Info-Tech’s CRM framework and industry tools such as the APQC’s Process Classification Framework can help make sense of this.

    1.4.1 Define business capabilities

    1-3 hours

    1. Look at the major functions or processes within the scope of CRM.
    2. Compile an inventory of current systems that interact with the chosen processes. In its simplest form, document your application inventory in a spreadsheet (see tab 3 of the CRM Application Inventory Tool). For large organizations, interview representatives of business domains to help create your list of applications.
    3. Make sure to include any processes that are manual versus automated.
    4. Use your current state drawing from activity 1.3.1 to link processes to applications for further effect.

    CRM Application Inventory Tool

    Input

    • Current systems
    • Key processes
    • APQC Framework
    • Organizational process map

    Output

    • List of key business processes

    Materials

    • CRM Application Inventory Tool
    • CRM APQC Framework
    • Whiteboard, PowerPoint, or flip charts
    • Pens/markers

    Participants

    • CRM Optimization Team

    CRM process mapping

    This image contains two screenshots.  one is of the business capability map seen earlier in this blueprint, and the other includes the following operating model: Objectives; Value Streams; Capabilities; Processes

    The operating model

    An operating model is a framework that drives operating decisions. It helps to set the parameters for the scope of CRM and the processes that will be supported. The operating model will serve to group core operational processes. These groupings represent a set of interrelated, consecutive processes aimed at generating a common output.

    The Value Stream

    Value Stream Defined

    Value Streams

    Design Product

    Produce Product

    Sell Product

    Customer Service

    • Manufacturers work proactively to design products and services that will meet consumer demand.
    • Products are driven by consumer demand and governmental regulations.
    • Production processes and labor costs are constantly analyzed for efficiencies and accuracies.
    • Quality of product and services are highly regulated through all levels of the supply chain.
    • Sales networks and sales staff deliver the product from the organization to the end consumer.
    • Marketing plays a key role throughout the value stream connecting consumers wants and needs to the product and services offered.
    • Relationships with consumers continue after the sale of a product and services.
    • Continued customer support and mining is important to revenue streams.

    Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

    There are two types of value streams: core value streams and support value streams.

    • Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
    • Support value streams are internally facing and provide the foundational support for an organization to operate.

    An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

    APQC Framework

    Help define your inventory of sales, marketing, and customer services processes.

    Operating Processes

    1. Develop Vision and Strategy
    2. Develop and Manage Products and Services
    3. Market and Sell Products and Services
    4. Deliver Physical Products
    5. Deliver Services

    Management and Support Processes

    1. Manage Customer Service
    2. Develop and Manage Human Capital
    3. Manage Information Technology (IT)
    4. Manage Financial Resources
    5. Acquire, Construct, and Manage Assets
    6. Manage Enterprise Risk, Compliance, Remediation, and Resiliency
    7. Manage External Relationships
    8. Develop and Manage Business Capabilities

    Source: APQC, 2020

    If you do not have a documented process model, you can use the APQC Framework to help define your inventory of sales business processes.

    APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

    Go to this link

    Process mapping hierarchy

    This image includes explanations for the following PCF levels:  Level 1 - Category; Level 2 - Process Group; Level 3 - Process; Level 4 - Activity; Level 5 - Task

    APQC provides a process classification framework. It allows organizations to effectively define their processes and manage them appropriately.

    THE APQC PROCESS CLASSIFICATION FRAMEWORK (PCF)® was developed by non-profit APQC, a global resource for benchmarking and best practices, and its member companies as an open standard to facilitate improvement through process management and benchmarking, regardless of industry, size, or geography. The PCF organizes operating and management processes into 12 enterprise level categories, including process groups and over 1,000 processes and associated activities. To download the full PCF or industry-specific versions of the PCF as well as associated measures and benchmarking, visit www.apqc.org/pcf.

    Cross-industry classification framework

    Level 1 Level Level 3 Level 4

    Market and sell products and services

    Understand markets, customers, and capabilities Perform customer and market intelligence analysis Conduct customer and market research

    Market and sell products and services

    Develop sales strategy Develop sales forecast Gather current and historic order information

    Deliver services

    Manage service delivery resources Manage service delivery resource demand Develop baseline forecasts
    ? ? ? ?

    Info-Tech Insight

    Focus your initial assessment on the level 1 processes that matter to your organization. This allows you to target your scant resources on the areas of optimization that matter most to the organization and minimize the effort required from your business partners.

    You may need to iterate the assessment as challenges are identified. This allows you to be adaptive and deal with emerging issues more readily and become a more responsive partner to the business.

    1.4.2 List your key CRM processes

    1-3 hours

    1. Reflect on your organization’s CRM capabilities and processes.
    2. Refer to tab 4, “Process Importance,” in your Get the Most Out of Your CRM Workbook. You can use your own processes if you prefer. Consult tab 10. “Framework (Reference)” in the Workbook to explore additional capabilities.
    3. Use your CRM goals as a guide.

    Get the Most Out of Your CRM Workbook

    This is a screenshot from the APQC Cross-Industry Process Classification Framework, adapted to list key CRM processes

    *Adapted from the APQC Cross-Industry Process Classification Framework, 2019.

    Step 1.5

    Understand CRM Costs

    Activities

    1.5.1 List CRM-related costs (optional)

    Map Current-State Capabilities

    This step will walk you through the following activities:

    • Define your business capabilities
    • List your key CRM processes

    This step involves the following participants:

    • Finance Representatives
    • CRM Optimization Team

    Outcomes of this step

    • Current CRM and related operating costs

    1.5.1 List CRM-related costs (optional)

    3+ hours

    Before you can make changes and optimization decisions, you need to understand the high-level costs associated with your current application architecture. This activity will help you identify the types of technology and people costs associated with your current systems.

    1. Identify the types of technology costs associated with each current system:
      1. System Maintenance
      2. Annual Renewal
      3. Licensing
    2. Identify the cost of people associated with each current system:
      1. Full-Time Employees
      2. Application Support Staff
      3. Help Desk Tickets
    3. Use the Get the Most Out of Your CRM Workbook, tab “9. Costs (Optional),” to complete this exercise.

    This is a screenshot of an example of a table which lays out CRM and Associated Costs.

    Get the Most Out of Your CRM Workbook

    Phase 2

    Assess Your Current State

    • 2.1 Conduct a Gap Analysis for CRM Processes
    • 2.2 Assess User Satisfaction
    • 2.3 Review Your Satisfaction With the Vendor and Product

    Get the Most Out of Your CRM

    This phase will guide you through the following activities:

    • Determine process relevance
    • Perform a gap analysis
    • Perform a user satisfaction survey
    • Assess software and vendor satisfaction

    This phase involves the following participants:

    • CRM optimization team
    • Users across functional areas of your CRM and related technologies

    Step 2.1

    Conduct a Gap Analysis for CRM Processes

    Activities

    • 2.1.1 Determine process relevance
    • 2.1.2 Perform process gap analysis

    Assess Your Current State

    This step will walk you through the following activities:

    • Determine process relevance
    • Perform a gap analysis

    This step involves the following participants:

    • CRM optimization team

    Outcomes of this step

    • Gap analysis for CRM-related processes (current vs. desired state)

    2.1.1 Determine process relevance

    1-3 hours

    1. Open tab “4. Process Importance,” in the Get the Most Out of Your CRM Workbook.
    2. Rate each process for level of importance to your organization on the following scale:
      • Crucial
      • Important
      • Secondary
      • Unimportant
      • Not applicable

    This image contains a screenshot of tab 4 of the Get the most out of your CRM Workbook.

    Get the Most Out of Your CRM Workbook

    2.1.2 Perform process gap analysis

    1-3 hours

    1. Open tab “5. Process Assessment,” in the Get the Most Out of Your CRM Workbook.
    2. For each line item, identify your current state and your desired state on the following scale:
      • Not important
      • Poor
      • Moderate
      • Good
      • Excellent

    This is a screenshot of Tab 5 of the Get the Most Out of your CRM Workshop

    Get the Most Out of Your CRM Workbook

    Step 2.2

    Assess User Satisfaction

    Activities

    • 2.2.1 Prepare and complete a user satisfaction survey
    • 2.2.2 Enter user satisfaction

    Assess Your Current State

    This step will walk you through the following activities:

    • Preparation and completion of an application portfolio assessment (APA)
    • Entry of the user satisfaction scores into the workbook

    This step involves the following participants:

    • CRM optimization team
    • Users across functional areas of CRM and related technologies

    Outcomes of this step

    • Understanding of user satisfaction across applications and processes
    • Insight into CRM data quality

    Benefits of the Application Portfolio Assessment

    This is a screenshot of the application  Overview tab

    Assess the health of the application portfolio

    • Get a full 360-degree view of the effectiveness, criticality, and prevalence of all relevant applications to get a comprehensive view of the health of the applications portfolio.
    • Identify opportunities to drive more value from effective applications, retire nonessential applications, and immediately address at-risk applications that are not meeting expectations.

    This is a screenshot of the Finance Overview tab

    Provide targeted department feedback

    • Share end-user satisfaction and importance ratings for core IT services, IT communications, and business enablement to focus on the right end-user groups or lines of business, and ramp up satisfaction and productivity.

    This is a screenshot of the application  Overview tab

    Insight into the state of data quality

    • Data quality is one of the key issues causing poor CRM user satisfaction and business results. This can include the relevance, accuracy, timeliness, or usability of the organization’s data.
    • Targeted, open-ended feedback around data quality will provide insight into where optimization efforts should be focused.

    2.2.1 Prepare and complete a user satisfaction survey

    1 hour

    Option 1: Use Info-Tech’s Application Portfolio Assessment to generate your user satisfaction score. This tool not only measures application satisfaction but also elicits great feedback from users regarding support they receive from the IT team.

    1. Download the CRM Application Inventory Tool.
    2. Complete the “Demographics” tab (tab 2).
    3. Complete the “Inventory” tab (tab 3).
      1. Complete the inventory by treating each process within the organization as a separate row. Use the processes identified in the process gap analysis as a reference.
      2. Treat every department as a separate column in the department section. Feel free to add, remove, or modify department names to match your organization.
      3. Include data quality for all applications applicable.

    Option 2: Use the method of choice to elicit current user satisfaction for each of the processes identified as important to the organization.

    1. List processes identified as important (from the Get the Most Out of Your CRM Workbook, tab 4, “Process Importance”).
    2. Gather user contact information by department.
    3. Ask users to rate satisfaction: Extremely Satisfied, Satisfied, Neutral, Dissatisfied, and Extremely Dissatisfied (on Get the Most Out of Your CRM Workbook, tab 5. “Process Assessment”).

    This image contains a screenshot of the CRM Application Inventory Tool Tab

    Understand user satisfaction across capabilities and departments within your organization.

    Download the CRM Application Inventory Tool

    2.2.2 Enter user satisfaction

    20 minutes

    Using the results from the Application Portfolio Assessment or your own user survey:

    1. Open your Get the Most Out of Your CRM Workbook, tab “5. Process Assessment.”
    2. For each process, record up to three different department responses.
    3. Enter the answers to the survey for each line item using the drop-down options:
      • Extremely Satisfied
      • Satisfied
      • Neutral
      • Dissatisfied
      • Extremely Dissatisfied

    This is a screenshot of Tab 5 of the Get the most out of your CRM Workbook

    Understand user satisfaction across capabilities and departments within your organization.

    Get the Most Out of Your CRM Workbook

    Step 2.3

    Review Your Satisfaction With the Vendor and Product

    Activities

    2.3.1 Rate your vendor and product satisfaction

    2.3.2 Enter SoftwareReviews scores from your CRM Product Scorecard (optional)

    Assess Your Current State

    This step will walk you through the following activities:

    • Rate your vendor and product satisfaction
    • Compare with survey data from SoftwareReviews

    This step involves the following participants:

    • CRM Owner(s)
    • Procurement Representative
    • Vendor Contracts Manager

    Outcomes of this step

    • Quantified satisfaction with vendor and product

    Use a SoftwareReviews Product Scorecard to evaluate your satisfaction compared to other organizations.

    This is a screenshot of the SoftwareReviews Product Scorecard

    Source: SoftwareReviews, March 2019

    Where effective IT leaders spend their time

    This image contains two lists.  One list is where CIOs with  data-verified=80% satisfaction score, and the other list is CIOs with <80% satisfaction score.">

    Info-Tech Insight

    The data shows that effective IT leaders invest a significant amount of time (8%) on vendor management initiatives.

    Be proactive in managing you calendar and block time for these important tasks.

    CIOs who prioritize vendor management see improved results

    Analysis of CIOs’ calendars revealed that how CIOs spend their time has a correlation to both stakeholder IT satisfaction and CEO-CIO alignment.

    Those CIOs that prioritized vendor management were more likely to have a business satisfaction score greater than 80%.

    This image demonstrates that CIOs who spend time with the team members of their direct reports delegate management responsibilities to direct reports and spend less time micromanaging, and CIOs who spend time on vendor management align rapidly changing business needs with updated vendor offerings.

    2.3.1 Rate your vendor and product satisfaction

    30 minutes

    Use Info-Tech’s vendor satisfaction survey to identify optimization areas with your CRM product(s) and vendor(s).

    Option 1 (recommended): Conduct a satisfaction survey using SoftwareReviews. This option allows you to see your results in the context of the vendor landscape.

    Download the Get the Most Out of Your CRM Workbook

    Option 2: Use your Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization,” to review your satisfaction with your software.

    SoftwareReviews’ Customer Relationship Management

    This is a screenshot of tab 6 of the Get the most out of your CRM Workbook.

    2.3.2 Enter SoftwareReviews scores (optional)

    30 minutes

    1. Download the scorecard for your CRM product from the SoftwareReviews website. (Note: Not all products are represented or have sufficient data, so a scorecard may not be available.)
    2. Use your Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization,” to record the scorecard results.
    3. Use your Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization,” to flag areas where your score may be lower than the product scorecard. Brainstorm ideas for optimization.

    Download the Get the Most Out of Your CRM Workbook

    SoftwareReviews’ Customer Relationship Management

    This is a screenshot of the optional vendor optimization scorecard

    Phase 3

    Build Your Optimization Roadmap

    • 3.1 Identify Key Optimization Areas
    • 3.2 Compile Optimization Assessment Results

    Get the Most Out of Your CRM

    This phase will walk you through the following activities:

    • Identify key optimization areas
    • Create an optimization roadmap

    This phase involves the following participants:

    • CRM Optimization Team

    Build your optimization roadmap

    Address process gaps

    • CRM and related technologies are invaluable to sales, marketing, and customer service enablement, but they must have supported processes driven by business goals.
    • Identify areas where capabilities need to be improved and work towards.

    Support user satisfaction

    • The best technology in the world won’t deliver business results if it is not working for the users who need it.
    • Understand concerns, communicate improvements, and support users in all roles.

    Improve data quality

    • Data quality is unique to each business unit and requires tolerance, not perfection.
    • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.

    Proactively manage vendors

    • Vendor management is a critical component of technology enablement and IT satisfaction.
    • Assess your current satisfaction against those of your peers and work towards building a process that is best fit for your organization.

    Info-Tech Insight

    Enabling a high-performing, customer-centric sales, marketing, and customer service operations program requires excellent management practices and continuous optimization efforts.

    Technology portfolio and architecture is important, but we must go deeper. Taking a holistic view of CRM technologies in the environments in which they operate allows for the inclusion of people and process improvements – this is key to maximizing business results.

    Using a formal CRM optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

    Step 3.1

    Identify Key Optimization Areas

    Activities

    • 3.1.1 Explore process gaps
    • 3.1.2 Analyze user satisfaction
    • 3.1.3 Assess data quality
    • 3.1.4 Analyze product satisfaction and vendor management

    Build Your Optimization Roadmap

    This step will guide you through the following activities:

    • Explore existing process gaps
    • Identify the impact of processes on user satisfaction
    • Identify the impact of data quality on user satisfaction
    • Review your overall product satisfaction and vendor management

    This step involves the following participants:

    • CRM Optimization Team

    Outcomes of this step

    • Application optimization plan

    3.1.1 Explore process gaps

    1 hour

    1. Review the compiled CRM Process Assessment in the Get the Most Out of Your CRM Workbook, tab “7. Process Prioritization.”
    2. These are processes you should prioritize.
    • The activities in the rest of Step 3.1 help you create optimization strategies for the different areas of improvement these processes relate to: user satisfaction, data quality, product satisfaction, and vendor management.
  • Consolidate your optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)
  • This image consists of the CRM Process Importance Rankings

    Get the Most Out of Your CRM Workbook

    Plan your product optimization strategy for each area of improvement

    This is a screenshot from the Get the most out of your CRM Workbook, with the Areas of Improvement column  highlighted in a red box.

    3.1.2 Analyze user satisfaction

    1 hour

    1. Use the APA survey results from activity 2.2.1 (or your own internal survey) to identify areas where the organization is performing low in user satisfaction across the CRM portfolio.
      1. Understand application portfolio and IT service satisfaction.
      2. Identify cost savings opportunities from unused or unimportant apps.
      3. Build a roadmap for improving user IT services.
      4. Manage needs by department and seniority.
    2. Consolidate your optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)

    this is an image of the Business & IT Communications Overview Tab from the Get the Most Out of Your CRM Workbook

    Get the Most Out of Your CRM Workbook

    Plan your user satisfaction optimization strategy

    This is a screenshot from the Get the most out of your CRM Workbook, with the Optimization Strategies column  highlighted in a red box.

    Next steps in improving your data quality

    Data Quality Management Effective Data Governance Data-Centric Integration Strategy Extensible Data Warehousing
    • Prevention is ten times cheaper than remediation. Stop fixing data quality with band-aid solutions and start fixing it by healing it at the source of the problem.
    • Data governance enables data-driven insight. Think of governance as a structure for making better use of data.
    • Every enterprise application involves data integration. Any change in the application and database ecosystem requires you to solve a data integration problem.
    • A data warehouse is a project; but successful data warehousing is a program. An effective data warehouse requires planning beyond the technology implementation.
    • Data quality is unique to each business unit and requires tolerance, not perfection. If the data allows the business to operate at the desired level, don’t waste time fixing data that may not need to be fixed.
    • Collaboration is critical. The business may own the data, but IT understands the data. Data governance will not work unless the business and IT work together.
    • Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.
    • Governance, not technology, needs to be the core support system for enabling a data warehouse program.
    • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.
    • Data governance powers the organization up the data value chain through policies and procedures, master data management, data quality, and data architecture.
    • Build your data integration practice with a firm foundation in governance and reference architecture. Ensure your process is scalable and sustainable.
    • Leverage an approach that focuses on constructing a data warehouse foundation that can address a combination of operational, tactical, and ad hoc business needs.
    • Develop a prioritized data quality improvement project roadmap and long-term improvement strategy.
    • Create a roadmap to prioritize initiatives and delineate responsibilities among data stewards, data owners, and members of the data governance steering committee.
    • Support the flow of data through the organization and meet the organization’s requirements for data latency, availability, and relevancy.
    • Invest time and effort to put together pre-project governance to inform and provide guidance to your data warehouse implementation.
    • Build related practices with more confidence and less risk after achieving an appropriate level of data quality.
    • Ensure buy-in from the business and IT stakeholders. Communicate initiatives to end users and executives to reduce resistance.
    • Data availability must be frequently reviewed and repositioned to continue to grow with the business.
    • Select the most suitable architecture pattern to ensure the data warehouse is “built right” at the very beginning.

    Build Your Data Quality Program

    Establish Data Governance

    Build a Data Integration Strategy

    Build an Extensible Data Warehouse Foundation

    3.1.3 Assess data quality

    1 hour

    1. Use your APA survey results (if available) to identify areas where the organization is performing low in data quality initiatives. Common areas for improvement include:
      • Overall data quality management
      • Effective data governance
      • Poor data integration
      • The need to implement extensible data warehousing
    2. Consolidate your optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)

    This is an image of the Business & IT Communications Overview tab from the Get the most out of your CRM Workbook

    Get the Most Out of Your CRM Workbook

    Plan your data quality optimization strategy

    This is a screenshot from the Get the most out of your CRM Workbook, with the Optimization Strategies column  highlighted in a red box.

    Use Info-Tech’s vendor management initiative (VMI)

    Create a right-size, right-fit strategy for managing the vendors relevant to your organization.

    A crowd chart is depicted, with quadrants for strategic value, and Vendor spend/switching cost.

    Info-Tech Insight

    A VMI is a formalized process within an organization, responsible for evaluating, selecting, managing, and optimizing third-party providers of goods and services.

    The amount of resources you assign to managing vendors depends on the number and value of your organization’s relationships. Before optimizing your vendor management program around the best practices presented in this blueprint, assess your current maturity and build the process around a model that reflects the needs of your organization.

    Info-Tech uses VMI interchangeably with the terms “vendor management office (VMO),” “vendor management function,” “vendor management process,” and “vendor management program.”

    Jump Start Your Vendor Management Initiative

    3.1.4 Analyze product satisfaction and vendor management

    1 hour

    1. Use the Get the Most Out of Your CRM Workbook, tab “6. Vendor Optimization.”
    2. Download the SoftwareReviews Vendor Scorecard.
    3. Using the scorecards, compare your results with those of your peers.
    4. Consolidate areas of improvement and optimization strategies in the Get the Most Out of Your CRM Workbook, tab “8. Optimization Roadmap.” (See next slide for screenshot.)

    See previous slide for help around implementing a vendor management initiative.

    This is a screenshot from the Get the most out of your CRM Workbook, with the Areas for Optimization column  highlighted in a red box.

    Get the Most Out of Your CRM Workbook

    Plan your vendor management optimization strategy

    This is a screenshot from the Get the most out of your CRM Workbook, with the Optimization Strategies column  highlighted in a red box.

    Step 3.2

    Compile Optimization Assessment Results

    Activities

    • 3.2.1 Identify key optimization areas

    Build Your Optimization Roadmap

    This step will guide you through the following activities:

    • Use your work from previous activities and prioritization to build your list of optimization activities and lay them out on a roadmap

    This step involves the following participants:

    • CRM Optimization Team

    Outcomes of this step

    • Application optimization plan

    3.2.1 Identify key optimization areas

    1-3 hours

    Before you can make changes and optimization decisions, you need to understand the high-level costs associated with your current application architecture. This activity will help you identify the types of technology and people costs associated with your current systems.

    1. Consolidate your findings and identify optimization priorities (Step 3.1).
    2. Prioritize those most critical to the organization, easiest to change, and whose impact will be highest.
    3. Use the information gathered from exercise 1.5.1 on Get the Most Out of Your CRM Workbook, tab “9. Costs (Optional).”
    4. These costs could affect the priority or timeline of the initiatives. Consolidate your thoughts on your Get the Most Out of Your CRM Workbook, tab 8, “Optimization Roadmap.” Note: There is no column specific to costs on tab 8.

    This is meant as a high-level roadmap. For formal, ongoing optimization project management, refer to “Build a Better Backlog” (Phase 2 of the Info-Tech blueprint Deliver on Your Digital Product Vision).

    This is a screenshot from the Get the most out of your CRM Workbook, with the Priority; Owner; and Timeline columns highlighted in a red box.

    Next steps: Manage your technical debt

    Use a holistic assessment of the “interest” paid on technical debt to quantify and prioritize risk and enable the business make better decisions.

    • Technical debt is an IT risk, which in turn is a category of business risk.
    • The business must decide how to manage business risk.
    • At the same time, business decision makers may not be aware of technical debt or be able to translate technical challenges into business risk. IT must help the business make decisions around IT risk by describing the risk of technical debt in business terms and by outlining the options available to address risk.
    • Measure the ongoing business impact (the “interest” paid on technical debt) to establish the business risk of technical debt. Consider a range of possible impacts including direct costs, lost goodwill, lost flexibility and resilience, and health, safety, and compliance impacts.
    • When weighing these impacts, the business may choose to accept the risk of technical debt if the cost of addressing the debt outweighs the benefit. But it’s critically important that the business accepts that risk – not IT.

    Manage Your Technical Debt

    Take it a step further…

    Deliver on Your Digital Product Vision

    Phase 2: Build a Better Product Backlog

    Build a structure for your backlog that supports your product vision.

    Deliver on Your Digital Product Vision

    Build a better backlog

    An ongoing CRM optimization effort is best facilitated through a continuous Agile process. Use info-Tech’s developed tools to build out your backlog.

    The key to a better backlog is a common structure and guiding principles that product owners and product teams can align to.

    Info-Tech Insight

    Exceptional customer value begins with a clearly defined backlog focused on items that will create the greatest human and business benefits.

    Activity Participants

    Backlog Activity

    Quality Filter

    Product Manager

    Product Owner

    Dev Team

    Scrum Master

    Business

    Architects

    Sprint

    Sprint Planning

    “Accepted”

    Ready

    Refine

    “Ready”

    Qualified

    Analysis

    “Qualified”

    Ideas

    Intake

    “Backlogged”

    A product owner and the product backlog are critical to realize the benefits of Agile development

    A product owner is accountable for defining and prioritizing the work that will be of the greatest value to the organization and its customers. The backlog is the key to facilitating this process and accomplishing the most fundamental goals of delivery.

    For more information on the role of a product owner, see Build a Better Product Owner.

    Highly effective Agile teams spend 28% of their time on product backlog management and roadmapping (Quantitative Software Management, 2015).

    1. Manage Stakeholders

    • Stakeholders need to be kept up to speed on what the future holds for a product, or at least they should be heard. This task falls to the product owner.

    2. Inform and Protect the Team

    • The product owner is a servant leader of the team. They need to protect the team from all the noise and give them the time they need to focus on what they do best: develop.

    3. Maximize Value to the Product

    • Sifting through all of these voices and determining what is valuable, or what is most valuable, falls to the product owner.

    A backlog stores and organizes PBIs at various stages of readiness.

    Your backlog must give you a holistic understanding of demand for change in the product

    A well-formed backlog can be thought of as a DEEP backlog:

    Detailed Appropriately: PBIs are broken down and refined as necessary.

    Emergent: The backlog grows and evolves over time as PBIs are added and removed.

    Estimated: The effort a PBI requires is estimated at each tier.

    Prioritized: The PBI’s value and priority are determined at each tier.

    Ideas; Qualified; Ready

    3 - IDEAS

    Composed of raw, vague, and potentially large ideas that have yet to go through any formal valuation.

    2 - QUALIFIED

    Researched and qualified PBIs awaiting refinement.

    1 - READY

    Discrete, refined PBIs that are ready to be placed in your development teams’ sprint plans.

    Summary of Accomplishment

    Get the Most Out of Your CRM

    CRM technology is critical to facilitate an organization’s relationships with customers, service users, employees, and suppliers. CRM implementation should not be a one-and-done exercise. There needs to be an ongoing optimization to enable business processes and optimal organizational results.

    Get the Most Out of Your CRM allows organizations to proactively implement continuous assessment and optimization of a customer relationship management system. This includes:

    • Alignment and prioritization of key business and technology drivers
    • Identification of CRM processes including classification and gap analysis
    • Measurement of user satisfaction across key departments
    • Improved vendor relations
    • Data quality initiatives

    This formal CRM optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process-improvement.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information

    workshops@infotech.com
    1-866-670-8889

    Research Contributors

    Ben Dickie

    Ben Dickie
    Research Practice Lead
    Info-Tech Research Group

    Ben Dickie is a Research Practice Lead at Info-Tech Research Group. His areas of expertise include customer experience management, CRM platforms, and digital marketing. He has also led projects pertaining to enterprise collaboration and unified communications.

    Scott Bickley

    Scott Bickley
    Practice Lead & Principal Research Director
    Info-Tech Research Group

    Scott Bickley is a Practice Lead & Principal Research Director at Info-Tech Research Group focused on vendor management and contract review. He also has experience in the areas of IT asset management (ITAM), software asset management (SAM), and technology procurement, along with a deep background in operations, engineering, and quality systems management.

    Andy Neil

    Andy Neil
    Practice Lead, Applications
    Info-Tech Research Group

    Andy is Senior Research Director, Data Management and BI, at Info-Tech Research Group. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and the development of industry-standard data models.

    Bibliography

    Armel, Kate. “Data-driven Estimation, Management Lead to High Quality.” Quantitative Software Management Inc. 2015. Web.

    Chappuis, Bertil, and Brian Selby. “Looking beyond Technology to Drive Sales Operations.” McKinsey & Company, 24 June 2016. Web.

    Cross-Industry Process Classification Framework (PCF) Version 7.2.1. APQC, 26 Sept. 2019. Web.

    Fleming, John, and Hater, James. “The Next Discipline: Applying Behavioral Economics to Drive Growth and Profitability.” Gallup, 22 Sept. 2012. Accessed 6 Oct. 2020.

    Hinchcliffe, Dion. “The evolving role of the CIO and CMO in customer experience.” ZDNet, 22 Jan. 2020. Web.

    Karlsson, Johan. “Backlog Grooming: Must-Know Tips for High-Value Products.” Perforce. 18 May 2018. Web. Feb. 2019.

    Klie, L. “CRM Still Faces Challenges, Most Speakers Agree: CRM systems have been around for decades, but interoperability and data siloes still have to be overcome.” CRM Magazine, vol. 23, no. 5, 2019, pp. 13-14.

    Kumar, Sanjib, et al. “Improvement of CRM Using Data Mining: A Case Study at Corporate Telecom Sector.” International Journal of Computer Applications, vol. 178, no. 53, 2019, pp. 12-20, doi:10.5120/ijca2019919413.

    Morgan, Blake. “50 Stats That Prove The Value Of Customer Experience.” Forbes, 24 Sept. 2019. Web.

    Norelus, Ernese, et al. “An Approach to Application Modernization: Discovery and Assessment Phase.” IBM Garage, Medium, 24 Feb 2020. Accessed 4 Mar. 2020.

    “Process Frameworks.” APQC, 4 Nov. 2020. Web.

    “Process vs. Capability: Understanding the Difference.” APCQ, 2017. Web.

    Rubin, Kenneth S. "Essential Scrum: A Practical Guide to the Most Popular Agile Process." Pearson Education, 2012.

    Savolainen, Juha, et al. “Transitioning from Product Line Requirements to Product Line Architecture.” 29th Annual International Computer Software and Applications Conference (COMPSAC'05), IEEE, vol. 1, 2005, pp. 186-195, doi: 10.1109/COMPSAC.2005.160

    Smith, Anthony. “How To Create A Customer-Obsessed Company Like Netflix.” Forbes, 12 Dec. 2017. Web.

    “SOA Reference Architecture – Capabilities and the SOA RA.” The Open Group, TOGAF. Web.

    Taber, David. “What to Do When Your CRM Project Fails.” CIO Magazine, 18 Sept. 2017. Web.

    “Taudata Case Study.” Maximizer CRM Software, 17 Jan. 2020. Web.

    Sprint Toward Data-Driven Culture Using DataOps

    • Buy Link or Shortcode: {j2store}199|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $10,399 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • Data teams do not have a mechanism to integrate with operations teams and operate in a silo.
    • Significant delays in the operationalization of analytical/algorithms due to lack of standards and a clear path to production.
    • Raw data is shared with end users and data scientists due to poor management of data, resulting in more time spent on integration and less on insight generation and analytics.

    Our Advice

    Critical Insight

    • Data and analytics teams need a clear mechanism to separate data exploratory work and repetitive data insights generation. Lack of such separation is the main cause of significant delays, inefficiencies, and frustration for data initiatives.
    • Access to data and exploratory data analytics is critical. However, the organization must learn to share insights and reuse analytics.
    • Once analytics finds wider use in the organization, they need to adopt a disciplined approach to ensure its quality and continuous integration in the production environment.

    Impact and Result

    • Use a metrics-driven approach and common framework across silos to enable the rapid development of data initiatives using Agile principles.
    • Implement an approach that allows business, data, and operation teams to collaboratively work together to provide a better customer experience.
    • Align DataOps to an overall data management and governance program that promotes collaboration, transparency, and empathy across teams, establishes the appropriate roles and responsibilities, and ensures alignment to a common set of goals.
    • Assess the current maturity of the data operations teams and implement a roadmap that considers the necessary competencies and capabilities and their dependencies in moving towards the desired DataOps target state.

    Sprint Toward Data-Driven Culture Using DataOps Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand the operational challenges associated with productizing the organization's data-related initiative. Review Info-Tech’s methodology for enabling the improved practice to operationalize data analytics and how we will support you in creating an agile data environment.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Discover benefits of DataOps

    Understand the benefits of DataOps and why organizations are looking to establish agile principles in their data practice, the challenges associated with doing so, and what the new DataOps strategy needs to be successful.

    • Sprint Toward Data-Driven Culture Using DataOps – Phase 1: Discover Benefits of DataOps

    2. Assess your data practice for DataOps

    Analyze DataOps using Info-Tech’s DataOps use case framework, to help you identify the gaps in your data practices that need to be matured to truly realize DataOps benefits including data integration, data security, data quality, data engineering, and data science.

    • Sprint Toward Data-Driven Culture Using DataOps – Phase 2: Assess Your Data Practice for DataOps
    • DataOps Roadmap Tool

    3. Mature your DataOps practice

    Mature your data practice by putting in the right people in the right roles and establishing DataOps metrics, communication plan, DataOps best practices, and data principles.

    • Sprint Toward Data-Driven Culture Using DataOps – Phase 3: Mature Your DataOps Practice
    [infographic]

    Workshop: Sprint Toward Data-Driven Culture Using DataOps

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify the Drivers of the Business for DataOps

    The Purpose

    Understand the DataOps approach and value proposition.

    Key Benefits Achieved

    A clear understanding of organization data priorities and metrics along with a simplified view of data using Info-Tech’s Onion framework.

    Activities

    1.1 Explain DataOps approach and value proposition.

    1.2 Review the common business drivers and how the organization is driving a need for DataOps.

    1.3 Understand Info-Tech’s DataOps Framework.

    Outputs

    Organization's data priorities and metrics

    Data Onion framework

    2 Assess DataOps Maturity in Your Organization

    The Purpose

    Assess the DataOps maturity of the organization.

    Key Benefits Achieved

    Define clear understanding of organization’s DataOps capabilities.

    Activities

    2.1 Assess current state.

    2.2 Develop target state summary.

    2.3 Define DataOps improvement initiatives.

    Outputs

    Current state summary

    Target state summary

    3 Develop Action Items and Roadmap to Establish DataOps

    The Purpose

    Establish clear action items and roadmap.

    Key Benefits Achieved

    Define clear and measurable roadmap to mature DataOps within the organization.

    Activities

    3.1 Continue DataOps improvement initiatives.

    3.2 Document the improvement initiatives.

    3.3 Develop a roadmap for DataOps practice.

    Outputs

    DataOps initiatives roadmap

    4 Plan for Continuous Improvement

    The Purpose

    Define a plan for continuous improvements.

    Key Benefits Achieved

    Continue to improve DataOps practice.

    Activities

    4.1 Create target cross-functional team structures.

    4.2 Define DataOps metrics for continuous monitoring.

    4.3 Create a communication plan.

    Outputs

    DataOps cross-functional team structure

    DataOps metrics

    Build, Optimize, and Present a Risk-Based Security Budget

    • Buy Link or Shortcode: {j2store}371|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Year after year, CISOs need to develop a comprehensive security budget that is able to mitigate against threats.
    • This budget will have to be defended against many other stakeholders to ensure there is proper funding.
    • Security budgets are unlike other departmental budgets. Increases or decreases in the budget can drastically affect the organizational risk level.
    • CISOs struggle with the ability to assess the effectiveness of their security controls and where to allocate money.

    Our Advice

    Critical Insight

    • CISOs can demonstrate the value of security when they correlate mitigations to business operations and attribute future budgetary needs to business evolution.
    • To identify the critical areas and issues that must be reflected in your security budget, develop a comprehensive corporate risk analysis and mitigation effectiveness model, which will illustrate where the moving targets are in your security posture.

    Impact and Result

    • Info-Tech’s methodology moves you away from the traditional budgeting approach to building a budget that is designed to be as dynamic as the business growth model.
    • Collect your organization's requirements and build different budget options to describe how increases and decreases can affect the risk level.
    • Discuss the different budgets with the business to determine what level of funding is needed for the desired level of security.
    • Gain approval of your budget early by preshopping and presenting the budget to individual stakeholders prior to the final budget approval process.

    Build, Optimize, and Present a Risk-Based Security Budget Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build, optimize, and present a risk-based security budget, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review requirements for the budget

    Collect and review the required information for your security budget.

    • Build, Optimize, and Present a Risk-Based Security Budget – Phase 1: Review Requirements for the Budget

    2. Build the budget

    Take your requirements and build a risk-based security budget.

    • Build, Optimize, and Present a Risk-Based Security Budget – Phase 2: Build the Budget
    • Security Budgeting Tool

    3. Present the budget

    Gain approval from business stakeholders by presenting the budget.

    • Build, Optimize, and Present a Risk-Based Security Budget – Phase 3: Present the Budget
    • Preshopping Security Budget Presentation Template
    • Final Security Budget Presentation Template
    [infographic]

    Workshop: Build, Optimize, and Present a Risk-Based Security Budget

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Requirements for the Budget

    The Purpose

    Understand your organization’s security requirements.

    Collect and review the requirements.

    Key Benefits Achieved

    Requirements are gathered and understood, and they will provide priorities for the security budget.

    Activities

    1.1 Define the scope and boundaries of the security budget.

    1.2 Review the security strategy.

    1.3 Review other requirements as needed, such as the mitigation effectiveness assessment or risk tolerance level.

    Outputs

    Defined scope and boundaries of the security budget

    2 Build the Budget

    The Purpose

    Map business capabilities to security controls.

    Create a budget that represents how risk can affect the organization.

    Key Benefits Achieved

    Finalized security budget that presents three different options to account for risk and mitigations.

    Activities

    2.1 Identify major business capabilities.

    2.2 Map capabilities to IT systems and security controls.

    2.3 Categorize security controls by bare minimum, standard practice, and ideal.

    2.4 Input all security controls.

    2.5 Input all other expenses related to security.

    2.6 Review the different budget options.

    2.7 Optimize the budget through defense-in-depth options.

    2.8 Finalize the budget.

    Outputs

    Identified major business capabilities, mapped to the IT systems and controls

    Completed security budget providing three different options based on risk associated

    Optimized security budget

    3 Present the Budget

    The Purpose

    Prepare a presentation to speak with stakeholders early and build support prior to budget approvals.

    Present a pilot presentation and incorporate any feedback.

    Prepare for the final budget presentation.

    Key Benefits Achieved

    Final presentations in which to present the completed budget and gain stakeholder feedback.

    Activities

    3.1 Begin developing a communication strategy.

    3.2 Build the preshopping report.

    3.3 Practice the presentation.

    3.4 Conduct preshopping discussions with stakeholders.

    3.5 Collect initial feedback and incorporate into the budget.

    3.6 Prepare for the final budget presentation.

    Outputs

    Preshopping Report

    Final Budget Presentation

    Optimize the IT Operating Model

    • Buy Link or Shortcode: {j2store}392|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $89,374 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Organizational Design
    • Parent Category Link: /organizational-design
    • Organizations have to adapt to a growing number of trends, putting increased pressure on IT to move at the same speed as the business.
    • The business, seeing that IT is slower to react, looks to external solutions to address its challenges and capitalize on opportunities.
    • IT and business leaders don’t have a clear and unified understanding or definition of an operating model.

    Our Advice

    Critical Insight

    • The IT operating model is not a static entity and should evolve according to changing business needs.
    • However, business needs are diverse, and the IT organization must recognize that the business includes groups that consume technology in different patterns. The IT operating model needs to support and enable multiple groups, while continuously adapting to changing business conditions.

    Impact and Result

    • Determine how each technology consumer group interacts with IT. Use consumer experience maps to determine what kind of services consumer groups use and if there are opportunities to improve the delivery of those services.
    • Identify how changing business conditions will affect the consumption of technology services. Classify your consumers based on business uncertainty and reliance on IT to plan for the future delivery of services.
    • Optimize the IT operating model. Create a target IT operating model based on the gathered information about technology service consumers. Select different implementations of common operating model elements: governance, sourcing, process, and structure.

    Optimize the IT Operating Model Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how implementing an IT operating model based on the needs of technology service consumers will improve the delivery of IT services and alignment with IT and business strategy.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Construct the IT services consumer experience maps

    Assess the current situation by identifying technology service consumers in the organization, their interfaces with IT, the level of service they require, and their sentiment toward IT.

    • Optimize the IT Operating Model – Phase 1: Construct the IT Services Consumer Experience Maps
    • Consumer Experience Map and Profiles

    2. Classify IT service consumers based on business needs

    Categorize the technology consumer groups into four business profiles based on their characteristics to identify implications based on technology consumption patterns for the target IT operating model.

    • Optimize the IT Operating Model – Phase 2: Classify IT Service Consumers Based on Business Needs

    3. Determine the target IT operating model

    Select implementation models for the four core elements of the IT operating model and optimize governance, sourcing, process, and organizational structure to create the target IT operating model.

    • Optimize the IT Operating Model – Phase 3: Determine the Target IT Operating Model
    • Target IT Operating Model

    4. Create a roadmap to develop the target IT operating model

    Create, assess, and prioritize initiatives to reach the target IT operating model. Construct a roadmap to show initiative execution.

    • Optimize the IT Operating Model – Phase 4: Create a Roadmap to Develop the Target IT Operating Model
    • IT Operating Model Roadmap
    [infographic]

    Workshop: Optimize the IT Operating Model

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Organizational Strategy and Technology Consumer Groups

    The Purpose

    Identify the IT and business strategies, so that the target IT operating model can be constructed to support them.

    Key Benefits Achieved

    Identify the implications for the IT operating model and understand how to optimally construct it.

    Create consumer groups for consumer experience mapping and consumer profile classification.

    Activities

    1.1 Review business and IT strategies.

    1.2 Identify implications for the IT operating model.

    1.3 Identify internal technology consumer groups.

    1.4 Identify external technology consumer groups.

    Outputs

    Implications for the IT operating model

    List of internal and external technology service consumer groups

    2 Map the Consumer Experience and Identify Consumption Patterns (Consumer Group 1)

    The Purpose

    Identify the interfaces with IT for the consumer group, its level of technology service requirement, its sentiment toward IT, and its needs from IT.

    Key Benefits Achieved

    Consumer group needs from IT and feelings toward IT are identified.

    Activities

    2.1 Identify interview candidates for the consumer groups.

    2.2 Complete consumer group questionnaire.

    2.3 Complete consumer experience map.

    2.4 Classify the consumer group into a business profile.

    Outputs

    Consumer experience map for first group

    Business profile classification

    3 Map the Consumer Experience and Identify Consumption Patterns (Consumer Group 2)

    The Purpose

    Continue mapping the experience of consumer groups and classify them into profiles based on their needs to draw implications for the target IT operating model.

    Key Benefits Achieved

    Consumption patterns from the consumer groups are defined and implications for the target IT operating model are drawn.

    Activities

    3.1 Continue interviews for consumer groups.

    3.2 Complete consumer experience map.

    3.3 Classify the consumer group into a business profile.

    3.4 Aggregate the consumption patterns for the business profile and document implications.

    Outputs

    Consumer experience map for second group

    Business profile classification

    Aggregated consumption patterns

    Implications for consumption patterns

    4 Create the Target IT Operating Model

    The Purpose

    Map the target operating model to show how each element of the IT operating model supports the delivery of IT services to the consumer groups.

    Key Benefits Achieved

    Identify whether the current IT operating model is optimally supporting the delivery of IT services to consumer groups from the four core IT operating model elements.

    Activities

    4.1 Determine the approach to IT governance.

    4.2 Select the optimal mix of sourcing models.

    4.3 Customize the approach to process implementation.

    4.4 Identify the target organizational structure.

    Outputs

    Target IT operating model

    5 Build a Roadmap and Create Initiatives to Reach the Target

    The Purpose

    Create initiatives and communicate them with a roadmap to show how the organization will arrive at the target IT operating model.

    Key Benefits Achieved

    The steps to reach the IT operating model are created, assessed, and prioritized.

    Steps are ordered for presentation.

    Activities

    5.1 Identify initiatives to reach the target IT operating model.

    5.2 Create initiative profiles to assess initiative quality.

    5.3 Prioritize initiatives based on business conditions.

    5.4 Create a roadmap to communicate initiative execution.

    Outputs

    Initiative profiles

    Sunshine diagram

    The Accessibility Business Case for IT

    • Buy Link or Shortcode: {j2store}519|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • Laws requiring digital accessibility are changing and differ by location.
    • You need to make sure your digital assets, products, and services (internal and external) are accessible to everyone, but getting buy-in is difficult.
    • You may not know where your gaps in understanding are because conventional thinking is driven by compliance and risk mitigation.

    Our Advice

    Critical Insight

    • The longer you put off accessibility, the more tech debt you accumulate and the more you risk losing access to new and existing markets. The longer you wait to adopt standards and best practices, the more interest you’ll accumulate on accessibility barriers and costs for remediation.
    • Implementing accessibility feels counterintuitive to IT departments. IT always wants to optimize and move forward, but with accessibility you may stay at one level for what feels like an uncomfortably long period. Don’t worry; building consistency and shifting culture takes time.
    • Accessibility goes beyond compliance, which should be an outcome, not the objective. With 1 billion people worldwide with some form of disability, nearly everyone likely has a connection to disability, whether it be in themselves, family, or colleagues. The market of people with disabilities has a spending power of more than $6 trillion (WAI, 2018).

    Impact and Result

    • Take away the overwhelm that many feel when they hear “accessibility” and make the steps for your organization approachable.
    • Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.
    • Understand your current state related to accessibility and identify areas for key initiatives to become part of the IT strategic roadmap.

    The Accessibility Business Case for IT Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The Accessibility Business Case for IT – Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.

    A step-by-step approach to walk you through understanding your current state related to accessibility maturity, identifying your desired future state, and building your business case to seek buy-in. This storyboard will help you figure out what’s right for your organization and build the accessibility business case for IT.

    • The Accessibility Business Case for IT – Phases 1-3

    2. Accessibility Business Case Template – A clear, concise, and compelling business case template to communicate the criticality of accessibility.

    The business case for accessibility is strong. Use this template to communicate to senior leaders the benefits, challenges, and risks of inaction.

    • Accessibility Business Case Template

    3. Accessibility Maturity Assessment – A structured tool to help you identify your current accessibility maturity level and identify opportunities to ensure progress.

    This tool uses a capability maturity model framework to evaluate your current state of accessibility. Maturity level is assessed on three interconnected aspects (people, process, and technology) across six dimensions proven to impact accessibility. Complete the assessment to get recommendations based on where you’re at.

    • Accessibility Maturity Assessment

    Infographic

    Further reading

    The Accessibility Business Case for IT

    Accessibility goes beyond compliance

    Analyst Perspective

    Avoid tech debt related to accessibility barriers

    Accessibility is important for individuals, businesses, and society. Diverse populations need diverse access, and it’s essential to provide access and opportunity to everyone, including people with diverse abilities. In fact, access to information and communications technologies (ICT) is a basic human right according to the United Nations.

    The benefits of ICT accessibility go beyond compliance. Many innovations that we use in everyday life, such as voice activation, began as accessibility initiatives and ended up creating a better lived experience for everyone. Accessibility can improve user experience and satisfaction, and it can enhance your brand, drive innovation, and extend your market reach (WAI, 2022).

    Although your organization might be required by law to ensure accessibility, understanding your users’ needs and incorporating them into your processes early will determine success beyond just compliance.

    Heather Leier-Murray, Senior Research Analyst, People and Leadership

    Heather Leier-Murray
    Senior Research Analyst, People and Leadership
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach

    Global IT and business leaders are challenged to make digital products and services accessible because inaccessibility comes with increasing risk to brand reputation, legal ramifications, and constrained market reach.

    • Laws requiring digital accessibility are changing and differ by location.
    • You need to make sure your digital assets, products, and services (internal and external) are accessible to everyone.
    • The cost of inaction is rising.

    Understanding where to start, where accessibility lives, and if or when you’re done can be overwhelmingly difficult.

    • Executive leadership buy-in is difficult to get.
    • Conventional thinking is driven by compliance and risk mitigation.
    • You don’t know where your gaps in understanding are.

    Conventional approaches to accessibility often fail because users are expected to do the hard work. You have to be doing 80% of the hard work.1

    Use Info-Tech’s research and resources to do what’s right for your organization. This framework takes away the overwhelm that many feel when they hear “accessibility” and makes the steps for your organization approachable.

    • Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.
    • Understand your current state related to accessibility and identify areas for key initiatives to become part of the IT strategic roadmap.

    1. Harvard Business Review, 2021

    Info-Tech Insight
    The longer you put off accessibility, the more tech debt you accumulate and the more you risk losing access to new and existing markets. The longer you wait to adopt standards and best practices, the more interest you’ll accumulate on accessibility barriers and costs for remediation.

    Your challenge

    This research is designed to help organizations who are looking to:

    • Build a business case for accessibility.
    • Ensure that digital assets, products, and services are accessible to everyone, internally and externally.
    • Support staff and build skills to support the organization with accessibility and accommodation.
    • Get assistance figuring out where to start on the road to accessibility compliance and beyond.

    The cost of inaction related to accessibility is rising. Preparing for accessibility earlier helps prevent tech debt; the longer you wait to address your accessibility obligations, the more costly it gets.

    More than 3,500 digital accessibility lawsuits were filed in the US in 2020, up more than 50% from 2018.

    Source: UsableNet. Inc.

    Common obstacles

    These barriers make accessibility difficult to address for many organizations:

    • You don’t know where your gaps in understanding are. Recognizing the importance of accessibility and how it fits into the bigger picture is key to developing buy-in.
    • Too often organizations focus on mitigating risk by being compliance driven. Shifting focus to the user experience, internally and externally, will realize better results.
    • Conventional approaches to accessibility often fail because the expectation is for users to do the hard work. One in five people have a permanent disability, but it’s likely everyone will be faced with some sort of disability at some point in their lives.1 Your organization has to be doing at least 80% of the hard work.2
    • Other types of compliance reside clearly with one area of the organization. Accessibility, however, has many homes: IT, user experience (UX), customer experience (CX), and even HR.

    1. Smashing Magazine

    2. Harvard Business Review, 2021

    90% of companies claim to prioritize diversity.

    Source: Harvard Business Review, 2020

    Only 4% of those that claim to prioritize diversity consider disability in those initiatives.

    Source: Harvard Business Review, 2020

    The four principles of accessibility

    WCAG (Web Content Accessibility Guidelines) identifies four principles of accessibility. WCAG is the most referenced standard in website accessibility lawsuits.

    The four principles of accessibility

    Source: eSSENTIAL Accessibility, 2022

    Why organizations address accessibility

    Top three reasons:

    61% 62% 78%
    To comply with laws To provide the best UX To include people with disabilities

    Source: Level Access

    Still, most businesses aren’t meeting compliance standards. Even though legislation has been in place for over 30 years, a 2022 study by WebAIM of 1,000,000 homepages returned a 96.8% WCAG 2.0 failure rate.

    Source: Institute for Disability Research, Policy, and Practice

    How organizations prioritize digital accessibility

    43% rated it as a top priority.

    36% rated it as important.

    Fewer than 5% rated as either low priority or not even on the radar.

    More than 65% agreed or strongly agreed it’s a higher priority than last year.

    Source: Angel Business Communications

    Organizations expect consumers to do more online

    The pandemic led to many businesses going digital and more people doing things online.

    Chart of activities performed more often compared to before COVID-19

    Chart of activities performed for the first time during COVID-19

    Source: Statistics Canada

    Disability is part of being human

    Merriam-Webster defines disability as a “physical, mental, cognitive, or developmental condition that impairs, interferes with, or limits a person’s ability to engage in certain tasks or actions or participate in typical daily activities and interactions.”1

    The World Health Organization (WHO) points out that a crucial part of the definition of disability is that it’s not just a health problem, but the environment impacts the experience and extent of disability. Inaccessibility creates barriers for full participation in society.2

    The likelihood of you experiencing a disability at some point in your life is very high, whether a physical or mental disability, seen or unseen, temporary or permanent, severe or mild.2

    Many people acquire disabilities as they age yet may not identify as “a person with a disability.”3 Where life expectancies are over 70 years of age, 11.5% of life is spent living with a disability. 4

    “Extreme personalization is becoming the primary difference in business success, and everyone wants to be a stakeholder in a company that provides processes, products, and services to employees and customers with equitable, person-centered experiences and allows for full participation where no one is left out.”
    – Paudie Healy, CEO, Universal Access

    1. Merriam-Webster
    2. World Health Organization
    3. Digital Leaders, as cited in WAI, 2018
    4. Disabled World, as cited in WAI, 2018

    Untapped talent resource

    Common myths about people with disabilities:

    • They can’t work.
    • They need more time off or are absent more often.
    • Only basic, unskilled work is appropriate for them.
    • Their productivity is lower than that of coworkers.
    • They cost more to recruit, train, and employ.
    • They decrease others’ productivity.
    • They’re not eligible for governmental financial incentives (e.g. apprentices).
    • They don’t fit in.

    These assumptions prevent organizations from hiring valuable people into the workforce and retaining them.

    Source: Forbes

    50% to 70% of people with disabilities are unemployed in industrialized countries. In the US alone, 61 million adults have a disability.

    Source: United Nations, as cited in Forbes

    Thought Model

    Info-Tech’s methodology for the accessibility business case for IT

    1. Understand Current State 2. Plan for Buy-in 3. Prepare Your Business Case
    Phase Steps
    1. Understand standards and legislation
    2. Build awareness
    3. Understand current accessibility maturity level Define desired future state
    1. Define desired future state
    2. Define goals and objectives
    3. Document roles and responsibilities
    1. Customize and populate the Accessibility Business Case Template and gain approval
    2. Validate post-approval steps and establish timelines
    Phase Outcomes
    • Accessibility maturity assessment
    • Accessibility drivers determined
    • Goals defined
    • Objectives identified
    • Roles and responsibilities documented
    • Business case drafted
    • Approval to move forward with implementing your accessibility program
    • Next steps and timelines

    Insight Summary

    Insight 1 The longer you put off accessibility, the more tech debt you accumulate and the more you risk losing access to new and existing markets. The longer you wait to adopt standards and best practices, the more interest you’ll accumulate on accessibility barriers and costs for remediation.
    Insight 2 Implementing accessibility feels counterintuitive to IT departments. IT always wants to optimize and move forward, but with accessibility you may stay at one level for what feels like an uncomfortably long period. Don’t worry; building consistency and shifting culture takes time.
    Insight 3 Accessibility goes beyond compliance, which should be an outcome, not the objective. With 1 billion people worldwide with some form of disability, nearly everyone likely has a connection to disability, whether it be in themselves, family, or colleagues. The market of people with disabilities has a spending power of more than $6 trillion.1

    1. WAI, 2018

    Blueprint deliverables

    This blueprint is accompanied by supporting deliverables to help you accomplish your goals.

    Accessibility Business Case Template

    The business case for accessibility is strong. Use this template to communicate to senior leaders the benefits and challenges of accessibility and the risks of inaction.

    Accessibility Maturity Assessment

    Use this assessment to understand your current accessibility maturity.

    Blueprint benefits

    Business Benefits IT Benefits
    • Don’t lose out on a 6-trillion-dollar market.
    • Don’t miss opportunities to work with organizations because you’re not accessible.
    • Enable and empower current employees with disabilities.
    • Minimize potential for negative brand reputation due to a lack of consideration for people with disabilities.
    • Decrease the risk of legal action being brought upon the organization.
    • Understand accessibility and know your role in it for your organization and your team members.
    • Be prepared and able to provide the user experience you want.
    • Decrease tech debt – start early to ensure accessibility for everyone.
    • Access an untapped labor market.
    • Mitigate IT retention challenges.

    Measure the value of this blueprint

    Improve stakeholder satisfaction and engagement

    • Tracking measures to understand the value of this blueprint is a critical part of the process.
    • Monitor employee engagement, overall stakeholder satisfaction with IT, and the overall end-customer satisfaction.
    • Remember, accessibility is not a one-and-done project – just because measures are positive does not mean your work is done.

    In phase 2 of this blueprint, we will help you establish current-state and target-state metrics for your organization.

    Suggested Metrics
    Overall end-customer satisfaction
    Monies saved through cost optimization efforts
    Employee engagement
    Monies save through application rationalization and standardization

    For more metrics ideas, see the Info-Tech IT Metrics Library.

    Executive Brief Case Study

    INDUSTRY
    Technology

    SOURCE
    W3C Web Accessibility Initiative (WAI), 2018

    Google

    Investing in accessibility
    With an innovative edge, Google invests in accessibility with the objective of making life easier for everyone. Google has created a broad array of accessibility innovations in its products and services so that people with disabilities get as much out of them as anyone else.

    Part of Google’s core mission, accessibility means more to Google than implementing fixes. It is viewed positively by the organization and drives it to be more innovative to make information available to everyone. Google approaches accessibility problems not as barriers but as ways to innovate and discover breakthroughs that will become mainstream in the future.

    Results
    Among Google’s innovations are contrast minimums, auto-complete, voice-control, AI advances, and machine learning auto-captioning. All of these were created for accessibility purposes but have positively impacted the user experience in general for Google.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 4 to 6 calls over the course of 2 to 4 months.

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Discuss motivation for the initiative and foundational knowledge requirements.

    Call #2: Discuss next steps to assess current accessibility maturity.

    Call #3: Discuss stakeholder engagement and future-state analysis.

    Call #4: Discuss defining goals and objectives, along with roles and responsibilities.

    Call #5: Review draft business case presentation.

    Call #6: Discuss post-approval steps and timelines.

    Phase 1

    Understand Your Current State

    Phase 1
    1.1 Understand standards and legislation
    1.2 Build awareness
    1.3 Understand maturity level

    Phase 2
    2.1 Define desired future state
    2.2 Define goals and objectives
    2.3 Document roles and responsibilities

    Phase 3
    3.1 Prepare business case template for presentation and approval
    3.2 Validate post-approval steps and establish timelines

    The Accessibility Business Case for IT

    This phase will walk you through the following activities:

    • Identifying and understanding accessibility and compliance requirements and the ramifications of noncompliance.
    • Defining accessibility, disability, and disability inclusion and building awareness of these with senior leaders.
    • Completing the Accessibility Maturity Assessment to help you understand your current state.

    Step 1.1

    Understand standards and legislation

    Activities

    1.1.1 Make a list of the legislation you need to comply with

    1.1.2 Seek legal and/or professional services’ input on compliance

    1.1.3 Detail the risks of inaction for your organization

    Understand Your Current State

    Outcomes of this step
    You will gain foundational understanding of the breadth of the regulation requirements for your organization. You will have reviewed and understand what is applicable to your organization.

    The regulatory landscape is evolving

    Canada

    • Canadian Human Rights Act
    • Policy on Communications and Federal Identity
    • Canadian Charter of Rights and Freedoms
    • Accessibility for Ontarians with Disabilities Act
    • Accessible Canada Act of 2019 (ACA)

    Europe

    • UK Equality Act 2010
    • EU Web and Mobile Accessibility Directive (2016)
    • EN 301 549 European Standard – Accessibility requirements for public procurement of ICT products and services

    United States

    • Section 508 of the US Rehabilitation Act of 1973
    • Americans with Disabilities Act of 1990 (ADA)
    • Section 255 of the Telecommunications Act of 1996
    • Air Carrier Access Act of 1986
    • 21st Century Communications and Video Accessibility Act of 2010 (CVAA)

    New Zealand

    • Human Rights Act 1993
    • Online Practice Guidelines for Government

    Australia

    • Disability Discrimination Act 1992 (DDA)

    Regulatory systems are moving toward an international standard.

    1.1.1 Make a list of the legislation you need to comply with

    1. Download the Accessibility Business Case Template.
    2. Conduct research and investigate what legislation and standards are applicable to your organization.
    3. a) Start by looking at your local legislation.
      b) Then consider any other regions you conduct business in.
      c) Also account for the various industries you are in.
    4. While researching, build a list of legislation requirements. Document these in your Accessibility Business Case Template as part of the Project Context section.
    Input Output
    • Research
    • Websites
    • Articles
    • List of legislation that applies to the organization related to accessibility
    Materials Participants
    • Accessibility Business Case Template
    • Project leader/initiator

    Download the Accessibility Business Case Template

    1.1.2 Seek professional advice on compliance

    1. Have general counsel review your list of regulations and standards related to accessibility or seek legal and/or professional support to review your list.
    2. Review or research further the implications of any suggestions from legal counsel.
    3. Make any updates to the Legal Landscape slide in the Accessibility Business Case Template.
    Input Output
    • Compiled list of applicable legislation and standards
    • Confirmed list of regulations that are applicable to your organization related to accessibility
    Materials Participants
    • Accessibility Business Case Template
    • Project leader/initiator
    • General counsel/professional services

    Download the Accessibility Business Case Template

    Ramifications of noncompliance

    Go beyond financial consequences

    Beyond the costs resulting from a claim, noncompliance can damage your organization in several ways.

    Financial Impact

    ADA Warning Shot: A complaint often indicates pending legal action to come. Addressing issues on a reactive, ad hoc basis can be quite expensive. It can cost almost $10,000 to address a single complaint, and chances are if you have one complaint, you have many.

    Lawsuit Costs: In the US, 265,000 demand letters were sent in 2020 under the ADA for inaccessible websites. On average, a demand letter could cost the company $25,000 (conservatively). These are low-end numbers; another estimate is that a small, quickly settled digital accessibility lawsuit could cost upwards of $350,000 for the defendant.

    Non-Financial Impact

    Reputational Impact: Claims brought upon a company can bring negative publicity with them. In contrast, having a clear commitment to accessibility demonstrates inclusion and can enhance brand image and reputation. Stakeholder expectations are changing, and consumers, investors, and employees alike want to support businesses with a purpose.

    Technology Resource Strains: Costly workarounds and ad hoc accommodation processes take away from efficiency and effectiveness. Updates and redesigns for accessibility and best practices will reduce costs associated with maintenance and service, including overall stakeholder satisfaction improvements.

    Access to Talent: 2022 saw a record high number of job openings, over 11.4 million in the US alone. Ongoing labor shortages require eliminating bias and keeping an open mind about who is qualified.

    Source: May Hopewell

    In the last four years, 83% of the retail 500 have been sued. Since 2018, 417 of the top 500 have received ADA-based digital lawsuits.

    Source: UsableNet

    1.1.3 Detail the risks of inaction for your organization

    1. Using the information that you’ve gathered through your research and legal/professional advice, detail the risks of inaction for your organization.
    2. a) Consider legal risks, consumer risks, brand risks, and employee risks. (Remember, risks aren’t just monetary.)
    3. Document the risks in your Accessibility Business Case Template.
    InputOutput
    • List of applicable legislation and standards
    • Information about risks
    • Identified accessibility maturity level
    MaterialsParticipants
    • Accessibility Business Case Template
    • Project leader/initiator

    Download the Accessibility Business Case Template

    Step 1.2

    Build awareness of accessibility and disability inclusion

    Activities

    1.2.1 Identify gaps in understanding

    1.2.2 Brainstorm how to reframe accessibility positively

    Understand Your Current State

    Outcomes of this step
    You’ll have a better understanding of accessibility so that you can effectively implement and promote it.

    Where to look for understanding

    First-hand experience of how people with disabilities interact with your organization is often eye-opening. It will help you understand the benefits and value of accessibility.

    Where to look for understanding

    • Talk with people you know with disabilities that are willing to share.*
    • Find role-specific training that’s appropriate.
    • Research. Articles and videos are easy to find.
    • Set up assistive technology trials.
    • Seek out first-hand experience from people with disabilities and how they work and use digital assets.

    Source: WAI, 2016

    * Remember, people with disabilities aren't obligated to discuss or explain their disabilities and may not be comfortable sharing. If you're asking for their time, be respectful, only ask if appropriate, and accept a "no" answer if the person doesn't wish to assist.

    1.2.1 Identify gaps in understanding

    Find out what accessibility is and why it is important. Learn the basics.

    1. Using the information that you’ve gathered through your research and legal counsel, conduct further research to understand the importance of accessibility.
    2. Answer these questions:
    3. a) What is accessibility? Why is it important?
      b) From the legislation and standards identified in step 1.1, what gaps exist?
      c) What is the definition of disability?
      d) How does your organization currently address accessibility?
      e) What are your risks?
      f) Do you have any current employees who have disabilities?
    4. Review the previous slide for suggestions on where to find more information to answer the above questions.
    5. Document any changes to the risks in your Accessibility Business Case Template.
    InputOutput
    • Articles
    • Interviews
    • Websites
    • Greater understanding of the lived experience of people with disabilities
    MaterialsParticipants
    • Articles
    • Websites
    • Accessibility Business Case Template
    • Project leader/initiator

    Download the Accessibility Business Case Template

    Reframe accessibility as a benefit, not a burden

    A clear understanding of accessibility and the related standards and regulations can turn accessibility from something big and scary to an achievable part of the business.

    The benefits of accessibility are:

    Market Reach Minimized Legal Risks Innovation Retention
    Over 1 billion people with a spending power of $6 trillion make up the global market of people with disabilities.1 Accessibility improves the experience for all users. In addition, many organizations require you to provide proof you meet accessibility standards during the RFP process. Accessibility regulations are changing, and claims are rising. Costs associated with legal proceedings can be more than just financial. Many countries have laws you need to follow. People with disabilities bring diversity of thought, have different lived experiences, and benefit inclusivity, which helps drive engagement. Plus accessibility features often solve unanticipated problems. Employing and supporting people with disabilities can reduce turnover and improve retention, reliability, company image, employee loyalty, ability awareness, and more.

    Source 1: WAI, 2018

    1.2.2 Brainstorm ways to reframe accessibility positively

    1. Using the information that you’ve gathered through your research, brainstorm additional positives of accessibility for your organization.
    2. Clearly identify the problem you want to solve (e.g., reframing accessibility positively in your organization).
    3. Collect any tools you want to use to during brainstorming (e.g., whiteboard, markers, sticky notes)
    4. Write down all the ideas that come to mind.
    5. Review all the points and group them into themes.
    6. Update the Accessibility Business Case Template with your findings.
    InputOutput
    • Research you have gathered
    • List of ways to positively reframe accessibility for your organization
    MaterialsParticipants
    • Sticky notes, whiteboard, pens, paper, markers.
    • Accessibility Business Case Template
    • Project leader/initiator

    Download the Accessibility Business Case Template

    Make it part of the conversation

    A first step to disability and accessibility awareness is to talk about it. When it is talked about as freely as other things are in the workplace, this can create a more welcoming workplace.

    Accessibility goes beyond physical access and includes technological access and support as well as our attitudes.

    Accessibility is making sure everyone (disabled or abled) can access the workplace equally.

    Adjustments in the workplace are necessary to create an accessible and welcoming environment. Understanding the three dimensions of accessibility in the workplace is a good place to start.

    Source: May Hopewell

    Three dimensions of accessibility in the workplace

    Three dimensions of accessibility in the workplace

    Case Study

    INDUSTRY
    Professional Services

    SOURCE
    Accenture

    Accenture takes an inclusive approach to increase accessibility.

    Accessibility is more than tools

    Employee experience was the focus of embarking on the accessibility journey, ensuring inclusivity was built in and every employee was able to use the tools they needed and could achieve their goals.

    "We are removing barriers in technology to make all of our employees, regardless of their ability, more productive.”
    — Melissa Summers, Managing Director – Global IT, Corporate Technology, Accenture

    Accessibility is inclusive

    The journey began with formalizing a Global IT Accessibility practice and defining an accessibility program charter. This provided direction and underpinned the strategy used to create a virtual Accessibility Center of Excellence and map out a multiyear plan of initiatives.

    The team then identified all the technologies they wanted to enhance by prioritizing ones that were high use and high impact. Involving disability champions gave insight into focus areas.

    Accessibility is innovation

    Working with partners like Microsoft and over 100 employees, Accenture continues toward the goal of 75% accessibility for all its global high-traffic internal platforms.

    Achievements thus far include:

    • 100% of new Accenture video and broadcast content is automatically captioned.
    • Accenture received a perfect Disability Equality Index (US) score of 100 out of 100 for 2017, 2018, and 2019.

    Step 1.3

    Understand your current accessibility maturity level

    Activities

    1.3.1 Complete the Accessibility Maturity Assessment

    Understand Your Current State

    Outcomes of this step
    Completed Accessibility Maturity Assessment to inform planning for and building your business case in Phases 2 and 3.

    Know where you are to know where to go

    Consider accessibility improvements from three interconnected aspects to determine current maturity level

    Accessibility Maturity

    People

    • Consider employee, customer, and user experience.

    Process

    • Review processes to ensure accessibility is considered early.

    Technology

    • Whether it’s new or existing, technology is an important tool to increase accessibility.

    Accessibility maturity levels

    INITIAL DEVELOPING DEFINED MANAGED OPTIMIZE
    At this level, accessibility processes are mostly undocumented, if they exist. Accessibility is most likely happening on a reactive, ad hoc basis. No one understands who is responsible for accessibility or what their role is. At this stage the organization is driven by the need for compliance. At the developing level, the organization is taking steps to increase accessibility but still has a lot of opportunity for improvements. The organization is defining and refining processes and is working toward building a library of assistive tools. At this level, processes related to accessibility are repeatable. However, there’s a tendency to resort to old habits under stress. The organization has tools in place to facilitate accommodation requests and technology is compatible with assistive technologies. Accessibility initiatives are driven by the desire to make the user experience better. The managed level is defined by its effective accessibility controls, processes, and metrics. The organization can mostly anticipate preferences of customers, employees, and users. The roles and responsibilities are defined, and disability is included as part of the organization’s diversity, equity, and inclusion (DEI) initiatives. This level is not the goal for all organizations. At this level there is a shift in the organization’s culture to a feeling of belonging. The organization also demonstrates ongoing process improvements. Everyone can experience a seamless interaction with the organization. The focus is on continuous improvement and using feedback to inform future initiatives.

    Determine your level of maturity

    Use Info-Tech’s Accessibility Maturity Assessment

    • On the accessibility questionnaire, tab 2, choose how much the statements apply to your organization. Answer the questions based on your knowledge of your current state organizationally.
    • Once you’ve answered all the questions, see the results on the tab 3, Accessibility Results. You can see your overall maturity level and the maturity level for each of six dimensions that are necessary to increase the success of an accessibility program.
    • Click through to tab 4, Recommendations, to see specific recommendations based on your results and proven research to progress through the maturity levels. Keep in mind that not all organizations will or should aspire to the “Optimize” maturity level.

    1.3.1 Complete the Accessibility Maturity Assessment

    1. Download the Accessibility Maturity Assessment and save it with the date so that as you work on your accessibility program, you can reassess later and track your progress.
    2. Once you have saved the assessment, select the appropriate answer for each statement on tab 2, Accessibility Questions, based on your knowledge of the organization’s approach.
    3. After reviewing all the accessibility statements, see your maturity level results on tab 3, Accessibility Results. Then see tab 4, Recommendations, for suggestions based on your answers.
    4. Document your accessibility maturity results in your Accessibility Business Case Template.
    Input Output
    • Assess your current state of accessibility by choosing all the statements that apply to your organization
    • Identified accessibility maturity level
    Materials Participants
    • Accessibility Maturity Assessment
    • Accessibility Business Case Template
    • Project leader/sponsor
    • IT leadership team

    Download the Accessibility Business Case Template

    Phase 2

    Plan for Senior Leader Buy-In

    Phase 1
    1.1 Understand standards and legislation
    1.2 Build awareness
    1.3 Understand maturity level

    Phase 2
    2.1 Define desired future state
    2.2 Define goals and objectives
    2.3 Document roles and responsibilities

    Phase 3
    3.1 Prepare business case template for presentation and approval
    3.2 Validate post-approval steps and establish timelines

    The Accessibility Business Case for IT

    This phase will walk you through the following activities:

    • Defining your desired future state.
    • Determining your accessibility program goals and objectives.
    • Clarifying and documenting roles and responsibilities related to accessibility in IT.

    This phase involves the following participants:

    • Project lead/sponsor
    • IT leadership team
    • Senior leaders/decision makers

    Step 2.1

    Define the desired future state of accessibility

    Activities

    2.1.1 Identify key stakeholders

    2.1.2 Hold a key stakeholder focus group

    2.1.3 Conduct a future-state analysis

    Outcomes of this step
    Following this step, you will have identified your aspirational maturity level and what your accessibility future state looks like for your organization.

    Plan for Senior Leader Buy-In

    Cheat sheet: Identify stakeholders

    Ask stakeholders, “Who else should I be talking to?” to discover additional stakeholders and ensure you don’t miss anyone.

    Identify stakeholders through the following questions:
    • Who in areas of influence will be adversely affected by potential environmental and social impacts of what you are doing?
    • At which stage will stakeholders be most affected (e.g. procurement, implementation, operations, decommissioning)?
    • Will other stakeholders emerge as the phases are started and completed?
    • Who is sponsoring the initiative?
    • Who benefits from the initiative?
    • Who is negatively impacted by the initiative?
    • Who can make approvals?
    • Who controls resources?
    • Who has specialist skills?
    • Who implements the changes?
    • Who are the owners, governors, customers, and suppliers of impacted capabilities or functions?
    Take a 360-degree view of potential internal and external stakeholders who might be impacted by the initiative.
    • Executives
    • Peers
    • Direct reports
    • Partners
    • Customers
    • Subcontractors
    • Subcontractors
    • Contractors
    • Lobby groups
    • Regulatory agencies

    Categorize your stakeholders with a stakeholder prioritization map

    A stakeholder prioritization map helps teams categorize their stakeholders by their level of influence and ownership.

    There are four areas in the map, and the stakeholders within each area should be treated differently.

    Players – Players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

    Mediators – Mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

    Noisemakers – Noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

    Spectators – Generally, spectators are apathetic and have little influence over or interest in the initiative.

    Stakeholder prioritization map

    Define strategies for engaging stakeholders by type

    Each group of stakeholders draws attention and resources away from critical tasks.

    By properly identifying your stakeholder groups, you can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of the Mediators and Players are met.

    Type Quadrant Actions
    Players High influence, high interest Actively Engage
    Keep them engaged through continuous involvement. Maintain their interest by demonstrating their value to its success.
    Mediators High influence, low interest Keep Satisfied
    They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust, and include them in important decision-making steps. In turn, they can help you influence other stakeholders.
    Noisemakers Low influence, high interest Keep Informed
    Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
    Spectators Low influence, low interest Monitor
    They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    2.1.1 Identify key stakeholders

    Collect this information by:

    1. List direct stakeholders for your area. Include stakeholders across the organization (both IT and business units) and externally.
    2. Create a stakeholder map to capture your stakeholders’ interest in and influence on digital accessibility.
    3. Shortlist stakeholders to invite as focus group participants in activity 2.1.2.
      • Aim for a combination of Players, Mediators, and Noisemakers.
    Input Output
    • List of stakeholders
    • Stakeholder requirements
    • A stakeholder map
    • List of stakeholders to include in the focus group in step 2.1.2
    Materials Participants
    • Sticky notes, pens, whiteboard, markers (optional)
    • Project leader/sponsor

    Hold a focus group to initiate planning

    Involve key stakeholders to determine the organizational drivers of accessibility, identify target maturity and key performance indicators (KPIs), and ultimately build the project charter.

    Building the project charter as a group will help you to clarify your key messages and secure buy-in from critical stakeholders up-front, which is key.

    Executing the business case for accessibility requires significant involvement from your IT leadership team. The challenge is that accessibility can be overwhelming because of inherent bias. Members of your IT leadership team will also need to participate in knowledge transfer, so get them involved up-front. The focus group will help stakeholders feel more engaged in the project, which is pivotal for success.

    You may feel like a full project charter isn’t necessary, and depending on your organizational size, it might not be. However, the exercise of building the charter is important regardless. No matter your current climate, some level of socializing the value of and plans for accessibility will be necessary.

    Meeting Agenda

    1. Short introduction
      Led by: Project Sponsor
      • Why the initiative is being considered.
    2. Make the case for the project
      Led by: Project Manager
      • Current state: What does the initiative address?
      • Future state: What is our target state of maturity?
    3. Success criteria
      Led by: Project Manager
      • How will success be measured?
    4. Define the project team
      Led by: Project Manager
      • Description of planned approach.
      • Stakeholder assessment.
      • What is required of the sponsor and stakeholders?
    5. Determine next steps
      Led by: Project Manager

    2.1.2 Hold a stakeholder focus group

    Identify the pain points you want to resolve and some of the benefits that you’d like to see from a program. By doing so, you’ll get a holistic view of what you need to achieve and what your drivers are.

    1. Ask the working group participants (as a whole or in smaller groups) to discuss pain points created by inaccessibility.
      • Challenges related to stakeholders.
      • Challenges created by process issues.
      • Difficulties improving accessibility practices.
    2. Discuss opportunities to be gained from improving these practices.
    3. Have participants write these down on sticky notes and place them on a whiteboard or flip chart.
    4. Review all the points as a group. Group challenges and benefits into themes.
    5. Have the group prioritize the risks and benefits in terms of what the solution must have, should have, could have, and won’t have.
    Input Output
    • Reasons for the project
    • Stakeholder requirements
    • Pain points and risks
    • A prioritized list of risks and benefits of the solution
    Materials Participants
    • Agenda (see previous slide)
    • Sticky notes, pens, whiteboard, markers (optional)
    • IT leadership
    • Other key stakeholders

    While defining future state, consider your drivers

    The Info-Tech Accessibility Maturity Framework identifies three key strategic drivers: compliance, experience, and incorporation.

    • Over 30% of organizations are focused on compliance, according to a 2022 survey by Harvard Business Review and Slack’s Future Forum. The survey asked more than 10,000 workers in six countries about their organizations’ approach to DEI.2

    Even though 90% of companies claim to prioritize diversity,1 over 30% are focused on compliance.2

    1. Harvard Business Review, 2020
    2. Harvard Business Review, 2022

    31.6% of companies remain in the Compliant stage, where they are focused on DEI compliance and not on integrating DEI throughout the organization or on creating continual improvement.

    Source: Harvard Business Review, 2022

    Align the benefits of program drivers to organizational goals or outcomes

    Although there will be various motivating factors, aligning the drivers of your accessibility program provides direction to the program. Connecting the advantages of program drivers to organizational goals builds the confidence of senior leaders and decision makers, increasing the continued commitment to invest in accessibility programming.

    Drivers Compliance Experience Incorporation
    Maturity level Initial Developing Defined Managed Optimized
    Description Any accessibility initiative is to comply with the minimum legislated requirement. Desire to avoid/decrease legal risk. Accessibility initiatives are focused on improving the experience of everyone from the start. Most organizations will be experience driven. Desire to increase accessibility and engagement. Accessibility is a seamless part of the whole organization and initiatives are focused on impacting social issues.
    Advantages Compliance is a good starting place for accessibility. It will reduce legal risk. Being people focused from the start of processes enables the organization to reduce tech debt, provide the best user experience, and realize other benefits of accessibility. There is a sense of belonging in the organization. The entire organization experiences the benefits of accessibility.
    Disadvantages Accessibility is about more than just compliance. Being compliance driven won’t give you the full benefits of accessibility. This can mean a culture change for the organization, which can take a long time. IT is used to moving quickly – it might feel counterintuitive to slow down and take time. It takes much longer to reach the associated level of maturity. Not possible for all organizations.

    Info-Tech Accessibility Maturity Framework

    Info-Tech Accessibility Maturity Framework

    After initially ensuring your organization is compliant with regulations and standards, you will progress to building disciplined process and consistent standardized processes. Eventually you will build the ability for predictable process, and lastly, you’ll optimize by continuously improving.

    Depending on the level of maturity you are trying to achieve, it could take months or even years to implement. The important thing to understand, however, is that accessibility work is never done.

    At all levels of the maturity framework, you must consider the interconnected aspects of people, process, and technology. However, as the organization progresses, the impact will shift from largely being focused on process and technology improvement to being focused on people.

    Info-Tech Insight
    IT typically works through maturity frameworks from the bottom to the top, progressing at each level until they reach the end. When it comes to digital accessibility initiatives, being especially thorough, thoughtful, and collaborative is critical to success. This will mean spending more time in the Developing, Defined, and Managed levels of maturity rather than trying to reach Optimized as quickly as you can. This may feel contrary to what IT historically considers as a successful implementation.

    Accessibility maturity levels

    Driver Description Benefits
    Initial Compliance
    • Accessibility processes are mostly undocumented.
    • Accessibility happens mostly on a reactive or ad hoc basis.
    • No one is aware of who is responsible for accessibility or what role they play.
    • Heavily focused on complying with regulations and standards to decrease legal risk.
    • The organization is aware of the need for accessibility.
    • Legal risk is decreased.
    Developing Experience
    • The organization is starting to take steps to increase accessibility beyond compliance.
    • Lots of opportunity for improvement.
    • Defining and refining processes.
    • Working toward building a library of assistive tools.
    • Awareness of the need for accessibility is growing.
    • Process review for accessibility increases process efficiency through avoiding rework.
    Defined Experience
    • Accessibility processes are repeatable.
    • There is a tendency to resort to old habits under stress.
    • Tools are in place to facilitate accommodation.
    • Employees know accommodations are available to them.
    • Accessibility is becoming part of daily work.
    Managed Experience
    • Defined by effective accessibility controls, processes, and metrics.
    • Mostly anticipating preferences.
    • Roles and responsibilities are defined.
    • Disability is included as part of DEI.
    • Employees understand their role in accessibility.
    • Engagement is positively impacted.
    • Attraction and retention are positively impacted.
    Optimized Incorporation
    • Not the goal for every organization.
    • Characterized by a dramatic shift in organizational culture and a feeling of belonging.
    • Ongoing continuous improvement.
    • Seamless interactions with the organization for everyone.
    • Using feedback to inform future initiatives.
    • More likely to be innovative and inclusive, reach more people positively, and meet emerging global legal requirements.
    • Better equipped for success.

    2.1.3 Conduct future-state analysis

    Identify your target state of maturity

    1. Provide the group with your maturity assessment results to review as well as the slides on the maturity levels, framework, and drivers.
    2. Compare the benefits listed on the Accessibility maturity levels slide to those that you named in the previous exercise and determine which maturity level best describes your target state.
    3. Discuss as a group and agree on one desired maturity level to reach.
    4. Review the other levels of maturity and determine what is in and out of scope for the project (higher-level benefits would be considered out of scope).
    5. Document your target state of maturity in your Accessibility Business Case Template.
    Input Output
    • Accessibility maturity levels chart on previous slide
    • Maturity level assessment results
    • Target maturity level documented
    Materials Participants
    • Paper and pens
    • Handouts of maturity levels
    • Accessibility Business Case Template
    • IT leadership team

    Download the Accessibility Business Case Template

    Case Study

    Accessibility as a differentiator

    INDUSTRY
    Financial

    SOURCE
    WAI-Engage

    Accessibility inside and out

    As a financial provider, Barclays embarked on the accessibility journey to engage customers and employees with the goal of equal access for all. One key statement that provided focus was “Essential for some, easier for all. ”

    “It's about helping everyone to work, bank and live their lives regardless of their age, situation, abilities or circumstances.”

    Embedding into experiences

    “The Barclays Accessibility team [supports] digital teams to embed accessibility into our services and culture through effective governance, partnering, training and tools. Establishing an enterprise-wide accessibility strategy, standards and programmes coupled with senior sponsorship helps support our publicly stated ambition of becoming the most accessible and inclusive FTSE company.”

    – Paul Smyth, Head of Digital Accessibility, Barclays

    It’s a circle, not a roadmap

    • Barclays continues the journey through partnerships with disability charities and accessibility experts and through regularly engaging with customers and colleagues with disabilities directly.
    • More accessible, inclusive products and services engage and attract more people with disabilities. This translates to a more diverse workforce that identifies opportunities for innovation. This leads to being attractive to diverse talent, and the circle continues.
    • Barclays’ mobile banking app was first to be accredited by accessibility consultants AbilityNet.

    Step 2.2

    Define your accessibility program goals and objectives

    Activities

    2.2.1 Create a list of goals and objectives

    2.2.2 Finalize key metrics

    Plan for Senior Leader Buy-In

    Outcomes of this step
    You will have clear measurable goals and objectives to respond to identified accessibility issues and organizational goals.

    What does a good goal look like?

    Use the SMART framework to build effective goals.

    S Specific: Is the goal clear, concrete, and well defined?
    M Measurable: How will you know when the goal is met?
    A Achievable: Is the goal possible to achieve in a reasonable time?
    R Relevant: Does this goal align with your responsibilities and with departmental and organizational goals?
    T Time-based: Have you specified a time frame in which you aim to achieve the goal?

    SMART is a common framework for setting effective goals. Make sure your goals satisfy these criteria to ensure you can achieve real results.

    2.2.1 Create a list of goals and objectives

    Use the outcomes from activity 2.1.2.

    1. Using the prioritized list of what your solution must have, should have, could have, and won’t have from activity 2.1.2, develop goals.
    2. Remember to use the SMART goal framework to build out each goal (see the previous slide for more information on SMART goals).
    3. Ensure each goal supports departmental and organizational goals to ensure it is meaningful.
    4. Document your goals and objectives in your Accessibility Business Case Template.
    InputOutput
    • Outcomes of activity 2.1.2
    • Organizational and departmental goals
    • Goals and objectives added to your Accessibility Business Case Template
    MaterialsParticipants
    • Accessibility Business Case Template
    • IT leadership team

    Download the Accessibility Business Case Template

    2.2.1 Create a list of goals and objectives

    Use the outcomes from activity 2.1.2.

    1. Using the prioritized list of what your solution must have, should have, could have, and won’t have from activity 2.1.2, develop goals.
    2. Remember to use the SMART goal framework to build out each goal (see the previous slide for more information on SMART goals).
    3. Ensure each goal supports departmental and organizational goals to ensure it is meaningful.
    4. Document your goals and objectives in your Accessibility Business Case Template.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    1. Progressing through the accessibility maturity model.
    2. Addressing accessibility earlier in processes to avoid tech debt and rework late in projects or releases.
    3. Making accessibility part of the procurement process as a scoring consideration and vendor choice.
    4. Ensuring compliance with regulations and standards.
    Metric Current Goal
    Overall end-customer satisfaction 90 120
    Monies saved through cost optimization efforts
    Employee engagement
    Monies save through application rationalization and standardization

    For more metrics ideas, see the Info-Tech IT Metrics Library.

    2.2.2 Finalize key metrics

    Finalize key metrics the organization will use to measure accessibility success

    1. Brainstorm how you would measure the success of each goal based on the benefits, challenges, and risks you previously identified.
    2. Write each of the metric ideas down and finalize three to five key metrics which you will track. The metrics you choose should relate to the key challenges or risks you have identified and match your desired maturity level and driver.
    3. Document your key metrics in the Accessibility Business Case Template.
    InputOutput
    • Accessibility challenges and benefits
    • Goals from activity 2.2.1
    • Three to five key metrics to track
    MaterialsParticipants
    • Accessibility Business Case Template
    • IT leadership team
    • Project lead/sponsor

    Download the Accessibility Business Case Template

    Step 2.3

    Document accessibility program roles and responsibilities

    Activities

    2.3.1 Populate a RACI chart

    Plan for Senior Leader Buy-In

    Outcomes of this step
    At the end of this step, you will have a completed RACI chart documenting the roles and responsibilities related to accessibility for your accessibility business case.

    2.3.1 Populate a RACI

    Populate a RACI chart to identify who should be responsible, accountable, consulted, and informed for each key activity.

    Define who is responsible, accountable, consulted, and informed for the project team:

    1. Write out the list of all stakeholders along the top of a whiteboard. Write out the key project steps along the left-hand side.
    2. For each initiative, identify each team member’s role. Are they:
      Responsible: The one responsible for getting the job done.
      Accountable: Only one person can be accountable for each task.
      Consulted: Are involved by providing knowledge.
      Informed: Receive information about execution and quality.
    3. As you proceed, continue to add tasks and assign responsibility to the RACI chart in the appendix of the Accessibility Business Case Template.
    InputOutput
    • Stakeholder list
    • Key project steps
    • Project RACI chart
    MaterialsParticipants
    • Whiteboard
    • Accessibility Business Case Template
    • IT leadership team

    Download the Accessibility Business Case Template

    Phase 3

    Prepare your business case and get approval

    Phase 1
    1.1 Understand standards and legislation
    1.2 Build awareness
    1.3 Understand maturity level

    Phase 2
    2.1 Define desired future state
    2.2 Define goals and objectives
    2.3 Document roles and responsibilities

    Phase 3
    3.1 Prepare business case template for presentation and approval
    3.2 Validate post-approval steps and establish timelines

    The Accessibility Business Case for IT

    This phase will walk you through the following activities:

    • Compiling the work and learning you’ve done so far into a business case presentation.

    This phase involves the following participants:

    • Project lead/sponsor
    • Senior leaders/approval authority

    There is a business case for accessibility

    • When planning for initiatives, a business case is a necessary tool. Although it can feel like an administrative exercise, it helps create a compelling argument to senior leaders about the benefits and necessity of building an accessibility program.
    • No matter the industry, you need to justify how the budget and effort you require for the initiative support organizational goals. However, senior leaders of different industries might be motivated by different reasons. For example, government is strongly motivated by legal and equity aspects, commercial companies may be attracted to the increase in innovation or market reach, and educational and nonprofit companies are likely motivated by brand enhancement.
    • The organizational focus and goals will guide your business case for accessibility. Highlight the most relevant benefits to your operational landscape and the risk of inaction.

    Source: WAI, 2018

    “Many organizations are waking up to the fact that embracing accessibility leads to multiple benefits – reducing legal risks, strengthening brand presence, improving customer experience and colleague productivity.”
    – Paul Smyth, Head of Digital Accessibility, Barclays
    Source: WAI, 2018

    Step 3.1

    Customize and populate the Accessibility Business Case Template

    Activities

    3.1.1 Prepare your business case template for presentation and approval

    Build Your Business Case

    Outcomes of this step
    Following this step, you will have a customized business case presentation that you can present to senior leaders.

    Use Info-Tech’s template to communicate with stakeholders

    Obtain approval for your accessibility program by customizing Info-Tech’s Accessibility Business Case Template, which is designed to effectively convey your key messages. Tailor the template to suit your needs.

    It includes:

    • Project context
    • Project scope and objectives
    • Knowledge transfer roadmap
    • Next steps

    Info-Tech Insight
    The support of senior leaders is critical to the success of your accessibility program development. Remind them of the benefits and impact and the risks associated with inaction.

    Download the Accessibility Business Case Template

    3.1.1 Prepare a presentation for senior leaders to gain approval

    Now that you understand your current and desired accessibility maturity, the next step is to get sign-off to begin planning your initiatives.

    Know your audience:

    1. Consider who will be included in your presentation audience.
    2. You want your presentation to be succinct and hard-hitting. Management’s time is tight, and they will lose interest if you drag out the delivery. Impact them hard and fast with the challenges, benefits, and risks of inaction.
    3. Contain the presentation to no more than an hour. Depending on your audience, the actual presentation delivery could be quite short. You want to ensure adequate time for questions and answers.
    4. Schedule a meeting with the key decision makers who will need to approve the initiatives (IT leadership team, executive team, the board, etc.) and present your business case.
    InputOutput
    • Activity results
    • Accessibility Maturity Assessment results
    • A completed presentation to communicate your accessibility business case
    MaterialsParticipants
    • Accessibility Business Case Template
    • IT leadership team
    • Project sponsor
    • Project stakeholders
    • Senior leaders

    Download the Accessibility Business Case Template

    Step 3.2

    Validate post-approval steps and establish timelines

    Activities

    3.2.1 Prepare for implementation: Complete the implementation prep to-do list and assign proposed timelines

    Build Your Business Case

    Outcomes of this step
    This step will help you gain leadership’s approval to move forward with building and implementing the accessibility program.

    Prepare to implement your program

    Complete the to-do list to ensure you are ready to move your accessibility program forward.

    To Do Proposed Timeline
    Reach out to your change management team for assistance.
    Discuss your plan with HR.
    Build a project team.
    Incorporate any necessary changes from senior leaders into your business case.
    [insert your own addition here]
    [insert your own addition here]
    [insert your own addition here]
    [insert your own addition here]

    3.2.1 Prep for implementation (action planning)

    Use the implementation prep to-do list to make sure you have gathered relevant information and completed critical steps to be ready for success.

    Use the list on the previous slide to make sure you are set up for implementation success and that you’re ready to move your accessibility program forward.

    1. Assign proposed timelines to each of the items.
    2. Work through the list, collecting or completing each item.
    3. As you proceed, keep your identified drivers, current state, desired future state, goals, and objectives in mind.
    Input Output
    • Accessibility Maturity Assessment
    • Business case presentation and any feedback from senior leaders
    • Goals, objectives, identified drivers, and desired future state
    • High-level action plan
    Materials Participants
    • Previous slide containing the checklist
    • Project lead

    Related Info-Tech Research

    Implement and Mature Your User Experience Design Practice

    • Create a practice that is focused on human outcomes; it starts and ends with the people you are designing for. This includes:
      • Establishing a practice with a common vision.
      • Enhancing the practice through four design factors.
      • Communicating a roadmap to improve your business through design.

    Modernize Your Corporate Website to Drive Business Value

    • Users are demanding more valuable web functionalities and improved access to your website services.
    • The criteria of user acceptance and satisfaction involves more than an aesthetically pleasing user interface (UI). It also includes how emotionally attached the user is to the website and how it accommodates user behaviors.

    IT Diversity & Inclusion Tactics

    • Although inclusion is key to the success of a diversity and inclusion (D&I) strategy, the complexity of the concept makes it a daunting pursuit.
    • This is further complicated by the fact that creating inclusion is not a one-and-done exercise. Rather, it requires the ongoing commitment of employees and managers to reassess their own behaviors and to drive a cultural shift.

    Fix Your IT Culture

    • Go beyond value statements to create a culture that enables the departmental strategy.
    • There is confusion about how to translate culture from an abstract concept to something that is measurable, actionable, and process driven.
    • Organizations lack clarity about who is accountable and responsible for culture, with groups often pointing fingers at each other.

    Works cited

    “2021 State of Digital Accessibility.” Level Access, n.d. Accessed 10 Aug. 2022

    ”2022 Midyear Report: ADA Digital Accessibility Lawsuits.” UsableNet, 2022. Accessed 9 Nov. 2022

    “Barclay’s Bank Case Study.” WAI-Engage, 12 Sept. 2018. Accessed 7 Nov. 2022.

    Bilodeau, Howard, et al. “StatCan COVID-19 Data to Insights for a Better Canada.” Statistics Canada, 24 June 2021. Accessed 10 Aug. 2022.

    Casey, Caroline. “Do Your D&I Efforts Include People With Disabilities?” Harvard Business Review, 19 March 2020. Accessed 28 July 2022.

    Digitalisation World. “Organisations failing to meet digital accessibility standards.” Angel Business Communications, 19 May 2022. Accessed Oct. 2022.

    “disability.” Merriam-Webster.com Dictionary, Merriam-Webster, https://www.merriam-webster.com/dictionary/disability. Accessed 10 Aug. 2022.

    “Disability.” World Health Organization, 2022. Accessed 10 Aug 2022.

    “Driving the Accessibility Advantage at Accenture.” Accenture, 2022. Accessed 7 Oct. 2022.

    eSSENTIAL Accessibility. The Must-Have WCAG 2.1 Checklist. 2022

    Hopewell, May. Accessibility in the Workplace. 2022.

    “Initiate.” W3C Web Accessibility Initiative (WAI), 31 March 2016. Accessed 18 Aug. 2022.

    Kalcevich, Kate, and Mike Gifford. “How to Bake Layers of Accessibility Testing Into Your Process.” Smashing Magazine, 26 April 2021. Accessed 31 Aug. 2022.

    Noone, Cat. “4 Common Ways Companies Alienate People with Disabilities.” Harvard Business Review, 29 Nov. 2021. Accessed Jul. 2022.

    Taylor, Jason. “A Record-Breaking Year for ADA Digital Accessibility Lawsuits.” UsableNet, 21 December 2020. Accessed Jul. 2022.

    “The Business Case for Digital Accessibility.” W3C Web Accessibility Initiative (WAI), 9 Nov. 2018. Accessed 4 Aug. 2022.

    “The WebAIM Million.” Web AIM, 31 March 2022. Accessed 28 Jul. 2022.

    Washington, Ella F. “The Five Stages of DEI Maturity.” Harvard Business Review, November - December 2022. Accessed 7 Nov. 2022.

    Wyman, Nicholas. “An Untapped Talent Resource: People With Disabilities.” Forbes, 25 Feb. 2021. Accessed 14 Sep. 2022.

    Reinforce End-User Security Awareness During Your COVID-19 Response

    • Buy Link or Shortcode: {j2store}311|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Endpoint Security
    • Parent Category Link: /endpoint-security

    Without the control over the areas in which employees are working, businesses are opening themselves up to a greater degree of risk during the pandemic. How does a business raise awareness for employees who are going to be working remotely?

    Our Advice

    Critical Insight

    • An expanding remote workforce requires training efforts to evolve to include the unique security threats that face remote end users.
    • By presenting security as a personal and individualized issue, you can make this new personal focus a driver for your organizational security awareness and training program.

    Impact and Result

    • Teach remote end users how to recognize current cyberattacks before they fall victim and turn them into active barriers against cyberattacks.
    • Use Info-Tech’s blueprint and materials to build a customized training program that uses best practices.

    Reinforce End-User Security Awareness During Your COVID-19 Response Research & Tools

    Start here

    COVID-19 is forcing many businesses to expand their remote working capabilities further than before. Using this blueprint, see how to augment your existing training or start from scratch during a remote work situation.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Reinforce End-User Security Awareness During Your COVID-19 Response Storyboard
    • Security Awareness and Training Program Development Tool
    • Security Awareness and Training Metrics Tool
    • End-User Security Knowledge Test Template

    1. Training Materials

    Use Info-Tech’s training materials to get you started on remote training and awareness.

    • Training Materials – Phishing
    • Training Materials – Incident Response
    • Training Materials – Cyber Attacks
    • Training Materials – Web Usage
    • Training Materials – Physical Computer Security
    • Training Materials – Mobile Security
    • Training Materials – Passwords
    • Training Materials – Social Engineering
    • Security Training Email Templates
    [infographic]

    The MVP Major Incident Manager

    The time has come to hire a new major incident manager. How do you go about that? How do you choose the right candidate? Major incident managers must have several typically conflicting traits, so how do you pick the right person? Let's dive into that.

    Continue reading

    Pandemic Preparation – The People Playbook

    • Buy Link or Shortcode: {j2store}513|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • Keeping employees safe – limiting exposure of employees to the virus and supporting them in the event they become ill.
    • Reducing potential disruption to business operations through employee absenteeism and travel restrictions.

    Our Advice

    Critical Insight

    • Communication of facts and definitive action plans from credible leaders is the key to maintaining some stability during a time of uncertainty.
    • Remote work is no longer a remote possibility – implementing alternative temporary work arrangements that keep large groups of employees from congregating reduce risk of employee exposure and operational downtime.
    • Pandemic travel protocols are necessary to support staff and their continuation of work while traveling for business and/or if stuck in a high-risk, restricted area.

    Impact and Result

    • Assign accountability of key planning decisions to members of a pandemic response team.
    • Craft key messages in preparation for communicating to employees.
    • Cascade communications from credible sources in a way that will establish pandemic travel protocols.

    Pandemic Preparation – The People Playbook Research & Tools

    Start here. Read the Pandemic Preparation: The People Playbook

    Read our concise Playbook to find out how you can immediately prepare for the people side of pandemic planning.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Pandemic Preparation: The People Playbook
    [infographic]

    Identify the Components of Your Cloud Security Architecture

    • Buy Link or Shortcode: {j2store}354|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing. Consumers do not know what security services they need and when to implement them.
    • With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.

    Our Advice

    Critical Insight

    • Your cloud security architecture needs to be strategic, realistic, and based on risk. The NIST approach to cloud security is to include everything security into your cloud architecture to be deemed secure. However, you can still have a robust and secure cloud architecture by using a risk-based approach to identify the necessary controls and mitigating services for your environment.
    • The cloud is not the right choice for everyone. You’re not as unique as you think. Start with a reference model that is based on your risks and business attributes and optimize it from there.
    • Your responsibility doesn’t end at the vendor. Even if you outsource your security services to your vendors, you will still have security responsibilities to address.
    • Don’t boil the ocean; do what is realistic for your enterprise. Your cloud security architecture should be based on securing your most critical assets. Use our reference model to determine a launch point.
    • A successful strategy is holistic. Controlling for cloud risks comes from knowing what the risks are. Consider the full spectrum of security, including both processes and technologies.

    Impact and Result

    • The business is adopting a cloud environment and it must be secured, which includes:
      • Ensuring business data cannot be leaked or stolen.
      • Maintaining the privacy of data and other information.
      • Securing the network connection points.
      • Knowing the risks associated with the cloud and mitigating those risks with the appropriate services.
    • This blueprint and associated tools are scalable for all types of organizations within various industry sectors. It allows them to know what types of risk they are facing and what security services are strongly recommended to mitigate those risks.

    Identify the Components of Your Cloud Security Architecture Research & Tools

    Start Here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create a cloud security architecture with security at the forefront, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Cloud security alignment analysis

    Explore how the cloud changes and whether your enterprise is ready for the shift to the cloud.

    • Identify the Components of Your Cloud Security Architecture – Phase 1: Cloud Security Alignment Analysis
    • Cloud Security Architecture Workbook

    2. Business-critical workload analysis

    Analyze the workloads that will migrated to the cloud. Consider the various domains of security in the cloud, considering the cloud’s unique risks and challenges as they pertain to your workloads.

    • Identify the Components of Your Cloud Security Architecture – Phase 2: Business-Critical Workload Analysis

    3. Cloud security architecture mapping

    Map your risks to services in a reference model from which to build a robust launch point for your architecture.

    • Identify the Components of Your Cloud Security Architecture – Phase 3: Cloud Security Architecture Mapping
    • Cloud Security Architecture Archive Document
    • Cloud Security Architecture Reference Model (Visio)
    • Cloud Security Architecture Reference Model (PDF)

    4. Cloud security strategy planning

    Map your risks to services in a reference architecture to build a robust roadmap from.

    • Identify the Components of Your Cloud Security Architecture – Phase 4: Cloud Security Strategy Planning
    • Cloud Security Architecture Communication Deck

    Infographic

    Workshop: Identify the Components of Your Cloud Security Architecture

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Cloud Security Alignment Analysis

    The Purpose

    Understand your suitability and associated risks with your workloads as they are deployed into the cloud.

    Key Benefits Achieved

    An understanding of the organization’s readiness and optimal service level for cloud security.

    Activities

    1.1 Workload Deployment Plan

    1.2 Cloud Suitability Questionnaire

    1.3 Cloud Risk Assessment

    1.4 Cloud Suitability Analysis

    Outputs

    Workload deployment plan

    Determined the suitability of the cloud for your workloads

    Risk assessment of the associated workloads

    Overview of cloud suitability

    2 Business-Critical Workload Analysis

    The Purpose

    Explore your business-critical workloads and the associated controls and mitigating services to secure them.

    Key Benefits Achieved

    Address NIST 800-53 security controls and the appropriate security services that can mitigate the risks appropriately.

    Activities

    2.1 “A” Environment Analysis

    2.2 “B” Environment Analysis

    2.3 “C” Environment Analysis

    2.4 Prioritized Security Controls

    2.5 Effort and Risk Dashboard Overview

    Outputs

    NIST 800-53 control mappings and relevancy

    NIST 800-53 control mappings and relevancy

    NIST 800-53 control mappings and relevancy

    Prioritized security controls based on risk and environmental makeup

    Mitigating security services for controls

    Effort and Risk Dashboard

    3 Cloud Security Architecture Mapping

    The Purpose

    Identify security services to mitigate challenges posed by the cloud in various areas of security.

    Key Benefits Achieved

    Comprehensive list of security services, and their applicability to your network environment. Documentation of your “current” state of cloud security.

    Activities

    3.1 Cloud Security Control Mapping

    3.2 Cloud Security Architecture Reference Model Mapping

    Outputs

    1. Cloud Security Architecture Archive Document to codify and document each of the associated controls and their risk levels to security services

    2. Mapping of the codified controls onto Info-Tech’s Cloud Security Architecture Reference Model for clear security prioritization

    4 Cloud Security Strategy Planning

    The Purpose

    Prepare a communication deck for executive stakeholders to socialize them to the state of your cloud security initiatives and where you still have to go.

    Key Benefits Achieved

    A roadmap for improving security in the cloud.

    Activities

    4.1 Cloud Security Strategy Considerations

    4.2 Cloud Security Architecture Communication Deck

    Outputs

    Consider the additional security considerations of the cloud for preparation in the communication deck.

    Codify all your results into an easily communicable communication deck with a clear pathway for progression and implementation of security services to mitigate cloud risks.

    Disaster Recovery Planning

    • Buy Link or Shortcode: {j2store}38|cart{/j2store}
    • Related Products: {j2store}38|crosssells{/j2store}
    • Teaser Video: Visit Website
    • Teaser Video Title: Disaster Recovery Planning
    • member rating overall impact (scale of 10): 9.6/10
    • member rating average dollars saved: $92,268
    • member rating average days saved: 36
    • Parent Category Name: Security and Risk
    • Parent Category Link: /security-and-risk
    The show must go on. Make sure your IT has right-sized DR capabilities.

    Run Better Meetings

    • Buy Link or Shortcode: {j2store}287|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Voice & Video Management
    • Parent Category Link: /voice-video-management

    Your newly hybrid workplace will include virtual, hybrid, and physical meetings, presenting several challenges:

    • The experience for onsite and remote attendees is not equal.
    • Employees are experiencing meeting and video fatigue.
    • Meeting rooms are not optimized for hybrid meetings.
    • The fact is that many people have not successfully run hybrid meetings before.

    Our Advice

    Critical Insight

    • Successful hybrid workplace plans must include planning around hybrid meetings. Seamless hybrid meetings are the result of thoughtful planning and documented best practices.

    Impact and Result

    • Identify your current state and the root cause of unsatisfactory meetings.
    • Review and identify meetings best practices around meeting roles, delivery models, and training.
    • Improve the technology that supports meetings.
    • Use Info-Tech’s quick checklists and decision flowchart to accelerate meeting planning and cover your bases.

    Run Better Meetings Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should run better meetings, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify the current state of meetings

    Understand the problem before you try to fix it. Before you can improve meetings, you need to understand what your norms and challenges currently are.

    • Checklist: Run a Virtual or Hybrid Meeting

    2. Publish best practices for how meetings should run

    Document meeting roles, expectations, and how meetings should run. Decide what kind of meeting delivery model to use and develop a training program.

    • Meeting Challenges and Best Practices
    • Meeting Type Decision Flowchart (Visio)
    • Meeting Type Decision Flowchart (PDF)

    3. Improve meeting technology

    Always be consulting with users: early in the process to set a benchmark, during and after every meeting to address immediate concerns, and quarterly to identify trends and deeper issues.

    • Team Charter
    • Communications Guide Poster Template
    [infographic]

    Workshop: Run Better Meetings

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Current State of Meetings

    The Purpose

    Understand the current state of meetings in your organization.

    Key Benefits Achieved

    What you need to keep doing and what you need to change

    Activities

    1.1 Brainstorm meeting types.

    1.2 Document meeting norms.

    1.3 Document and categorize meeting challenges.

    Outputs

    Documented challenges with meetings

    Meeting norms

    Desired changes to meeting norms

    2 Review and Identify Best Practices

    The Purpose

    Review and implement meeting best practices.

    Key Benefits Achieved

    Defined meeting best practices for your organization

    Activities

    2.1 Document meeting roles and expectations.

    2.2 Review common meeting challenges and identify best practices.

    2.3 Document when to use a hybrid meeting, virtual meeting, or an in-person meeting.

    2.4 Develop a training program.

    Outputs

    Meeting roles and expectations

    List of meeting best practices

    Guidelines to help workers choose between a hybrid, virtual, or in-person meeting

    Training plan for meetings

    3 Improve Meeting Technology

    The Purpose

    Identify opportunities to improve meeting technology.

    Key Benefits Achieved

    A strategy for improving the underlying technologies and meeting spaces

    Activities

    3.1 Empower virtual meeting attendees.

    3.2 Optimize spaces for hybrid meetings.

    3.3 Build a team of meeting champions.

    3.4 Iterate to build and improve meeting technology.

    3.5 Guide users toward each technology.

    Outputs

    Desired improvements to meeting rooms and meeting technology

    Charter for the team of meeting champions

    Communications Guide Poster

    Reduce Time to Consensus With an Accelerated Business Case

    • Buy Link or Shortcode: {j2store}286|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $12,999 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Business Analysis
    • Parent Category Link: /business-analysis
    • Enterprise application initiatives are complex, expensive, and require a significant amount of planning before initiation.
    • A financial business case is sometimes used to justify these initiatives.
    • Once the business case (and benefits therein) are approved, the case is forgotten, eliminating a critical check and balance of benefit realization.

    Our Advice

    Critical Insight

    1. Frame the conversation.

    Understand the audience and forum for the business case to best frame the conversation.

    2. Time-box the process of building the case.

    More time should be spent on performing the action rather than building the case.

    3. The business case is a living document.

    The business case creates the basis for review of the realization of the proposed business benefits once the procurement is complete.

    Impact and Result

    • Understand the drivers for decision making in your organization, and the way initiatives are evaluated.
    • Compile a compelling business case that provides decision makers with sufficient information to make decisions confidently.
    • Evaluate proposed enterprise application initiatives “apples-to-apples” using a standardized and repeatable methodology.
    • Provide a mechanism for tracking initiative performance during and after implementation.

    Reduce Time to Consensus With an Accelerated Business Case Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a business case for enterprise application investments, review Info-Tech’s methodology, and understand how we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Gather the required information

    Complete the necessary preceding tasks to building the business case. Rationalize the initiative under consideration, determine the organizational decision flow following a stakeholder assessment, and conduct market research to understand the options.

    • Reduce Time to Consensus With an Accelerated Business Case – Phase 1: Gather the Required Information
    • Business Case Readiness Checklist
    • Business Case Workbook
    • Request for Information Template
    • Request for Quotation Template

    2. Conduct the business case analysis

    Conduct a thorough assessment of the initiative in question. Define the alternatives under consideration, identify tangible and intangible benefits for each, aggregate the costs, and highlight any risks.

    • Reduce Time to Consensus With an Accelerated Business Case – Phase 2: Conduct the Business Case Analysis

    3. Make the case

    Finalize the recommendation based on the analysis and create a business case presentation to frame the conversation for key stakeholders.

    • Reduce Time to Consensus With an Accelerated Business Case – Phase 3: Make the Case
    • Full-Form Business Case Presentation Template
    • Summary Business Case Presentation Template
    • Business Case Change Log
    • Business Case Close-Out Form
    [infographic]

    Workshop: Reduce Time to Consensus With an Accelerated Business Case

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Plan for Business Case Development

    The Purpose

    Complete the necessary preceding tasks to building a strong business case.

    Key Benefits Achieved

    Alignment with business objectives.

    Stakeholder buy-in.

    Activities

    1.1 Map the decision flow in your organization.

    1.2 Define the proposed initiative.

    1.3 Define the problem/opportunity statement.

    1.4 Clarify goals and objectives expected from the initiative.

    Outputs

    Decision traceability

    Initiative summary

    Problem/opportunity statement

    Business objectives

    2 Build the Business Case Model

    The Purpose

    Put together the key elements of the business case including alternatives, benefits, and costs.

    Key Benefits Achieved

    Rationalize the business case.

    Activities

    2.1 Design viable alternatives.

    2.2 Identify the tangible and intangible benefits.

    2.3 Assess current and future costs.

    2.4 Create the financial business case model.

    Outputs

    Shortlisted alternatives

    Benefits tracking model

    Total cost of ownership

    Impact analysis

    3 Enhance the Business Case

    The Purpose

    Determine more integral factors in the business case such as ramp-up time for benefits realization as well as risk assessment.

    Key Benefits Achieved

    Complete a comprehensive case.

    Activities

    3.1 Determine ramp-up times for costs and benefits.

    3.2 Identify performance measures and tracking.

    3.3 Assess initiative risk.

    Outputs

    Benefits realization schedule

    Performance tracking framework

    Risk register

    4 Prepare the Business Case

    The Purpose

    Finalize the recommendation and formulate the business case summary and presentation.

    Key Benefits Achieved

    Prepare the business case presentation.

    Activities

    4.1 Choose the alternative to be recommended.

    4.2 Create the detailed and summary business case presentations.

    4.3 Present and incorporate feedback.

    4.4 Monitor and close out.

    Outputs

    Final recommendation

    Business case presentation

    Final sign-off

    Legacy Active Directory Environment

    • Buy Link or Shortcode: {j2store}471|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    You are looking to lose your dependency on Active Directory (AD), and you need to tackle infrastructure technical debt, but there are challenges:

    • Legacy apps that are in maintenance mode cannot shed their AD dependency or have hardware upgrades made.
    • You are unaware of what processes depend on AD and how integrated they are.
    • Departments invest in apps that are integrated with AD without informing you until they ask for Domain details after purchasing.

    Our Advice

    Critical Insight

    • Remove your dependency on AD one application at a time. If you are a cloud-first organization, rethink your AD strategy to ask “why” when you add a new device to your Active Directory.
    • With the advent of hybrid work, AD is now a security risk. You need to shore up your security posture. Think of zero trust architecture.
    • Take inventory of your objects that depend on Kerberos and NTML and plan on removing that barrier through applications that don’t depend on AD.

    Impact and Result

    Don’t allow Active Directory services to dictate your enterprise innovation and modernization strategies. Determine if you can safely remove objects and move them to a cloud service where your Azure AD Domain Services can handle your authentication and manage users and groups.

    Legacy Active Directory Environment Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Legacy Active Directory Environment Deck – Legacy AD was never built for modern infrastructure. Understand the history and future of Active Directory and what alternatives are in the market.

    Build all new systems with cloud integration in mind. Many applications built in the past had built-in AD components for access, using Kerberos and NTLM. This dependency has prevented organizations from migrating away from AD. When assessing new technology and applications, consider SaaS or cloud-native apps rather than a Microsoft-dependent application with AD ingrained in the code.

    • Legacy Active Directory Environment Storyboard
    [infographic]

    Further reading

    Legacy Active Directory Environment

    Kill the technical debt of your legacy Active Directory environment.

    Analyst Perspective

    Understand what Active Directory is and why Azure Active Directory does not replace it.

    It’s about Kerberos and New Technology LAN Manager (NTLM).

    The image contains a picture of John Donovan.

    Many organizations that want to innovate and migrate from on-premises applications to software as a service (SaaS) and cloud services are held hostage by their legacy Active Directory (AD). Microsoft did a good job taking over from Novell back in the late 90s, but its hooks into businesses are so deep that many have become dependent on AD services to manage devices and users, when in fact AD falls far short of needed capabilities, restricting innovation and progress.

    Despite Microsoft’s Azure becoming prominent in the world of cloud services, Azure AD is not a replacement for on-premises AD. While Azure AD is a secure authentication store that can contain users and groups, that is where the similarities end. In fact, Microsoft itself has an architecture to mitigate the shortcomings of Azure AD by recommending organizations migrate to a hybrid model, especially for businesses that have an in-house footprint of servers and applications.

    If you are a greenfield business and intend to take advantage of software, infrastructure, and platform as a service (SaaS, IaaS, and PaaS), as well as Microsoft 365 in Azure, then Azure AD is for you and you don’t have to worry about the need for AD.

    John Donovan
    Principal Director, I&O Practice
    Info-Tech Research Group

    Insight Summary

    Legacy AD was never built for modern infrastructure

    When Microsoft built AD as a free component for the Windows Server environment to replace Windows NT before the demise of Novell Directory Services in 2001, it never meant Active Directory to work outside the corporate network with Microsoft apps and devices. While it began as a central managing system for users and PCs on Microsoft operating systems, with one user per PC, the IT ecosystem has changed dramatically over the last 20 years, with cloud adoption, SaaS, IaaS, PaaS, and everything as a service. To make matters worse, work-from-anywhere has become a serious security challenge.

    Build all new systems with cloud integration in mind

    Many applications built in the past had built-in AD components for access, using Kerberos and NTLM. This dependency has prevented organizations from migrating away from AD. When assessing new technology and applications, consider SaaS or cloud-native apps rather than a Microsoft-dependent application with AD ingrained in the code. Ensure you are engaged when the business is assessing new apps. Stop the practice of the business purchasing apps without IT’s involvement; for example, if your marketing department is asking you for your Domain credentials for a vendor when you were not informed of this purchase.

    Hybrid AD is a solution but not a long-term goal

    Economically, Microsoft has no interest in replacing AD anytime soon. Microsoft wants that revenue and has built components like Azure AD Connect to mitigate the AD dependency issue, which is basically holding your organization hostage. In fact, Microsoft has advised that a hybrid solution will remain because, as we will investigate, Azure AD is not legacy AD.

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    You are looking to lose your dependency on Active Directory, and you need to tackle infrastructure technical debt, but there are challenges.

    • Legacy apps that are in maintenance mode cannot shed their AD dependency or have hardware upgrades made.
    • You are unaware of what processes depend on AD and how integrated they are.
    • Departments invest in apps that are integrated with AD without informing you until they ask for Domain details after purchasing.
    • Legacy applications can prevent you from upgrading servers or may need to be isolated due to security concerns related to inadequate patching and upgrades.
    • You do not see any return on investment in AD maintenance.
    • Mergers and acquisitions can prevent you from migrating away from AD if one company is dependent on AD and the other is fully in the cloud. This increases technical debt.
    • Remove your dependency on AD one application at a time. If you are a cloud-first organization, rethink your AD strategy to ask “why” when you add a new device to your Active Directory.
    • With the advent of hybrid work, AD is now a security risk. You need to shore up your security posture. Think of zero trust architecture.
    • Take inventory of your objects that depend on Kerberos and NTML and plan on removing that barrier through applications that don’t depend on AD.

    Info-Tech Insight

    Don’t allow Active Directory services to dictate your enterprise innovation and modernization strategies. Determine if you can safely remove objects and move them to a cloud service where your Azure AD Domain Services can handle your authentication and manage users and groups.

    The history of Active Directory

    The evolution of your infrastructure environment

    From NT to the cloud

    AD 2001 Exchange Server 2003 SharePoint 2007 Server 2008 R2 BYOD Security Risk All in Cloud 2015
    • Active Directory replaces NT and takes over from Novell as the enterprise access and control plane.
    • With slow WAN links, no cellphones, no tablets, and very few laptops, security was not a concern in AD.
    • In 2004, email becomes business critical.
    • This puts pressure on links, increases replication and domains, and creates a need for multiple identities.
    • Collaboration becomes pervasive.
    • Cross domain authentication becomes prevalent across the enterprise.
    • SharePoint sites need to be connected to multiple Domain AD accounts. More multiple identities are required.
    • Exchange resource forest rolls out, causing the new forest functional level to be a more complex environment.
    • Fine-grained password policies have impacted multiple forests, forcing them to adhere to the new password policies.
    • There are powerful Domain controllers, strong LAN and WAN connections, and an increase in smartphones and laptops.
    • Audits and compliance become a focus, and mergers and acquisitions add complexity. Security teams are working across the board.
    • Cloud technology doesn’t work well with complicated, messy AD environment. Cloud solutions need simple, flat AD architecture.
    • Technology changes after 15+ years. AD becomes the backbone of enterprise infrastructure. Managers demand to move to cloud, building complexity again.

    Organizations depend on AD

    AD is the backbone of many organizations’ IT infrastructure

    73% of organizations say their infrastructure is built on AD.

    82% say their applications depend on AD data.

    89% say AD enables authenticated access to file servers.

    90% say AD is the main source for authentication.

    Source: Dimensions research: Active Directory Modernization :

    Info-Tech Insight

    Organizations fail to move away from AD for many reasons, including:

    • Lack of time, resources, budget, and tools.
    • Difficulty understanding what has changed.
    • Migrating from AD being a low priority.

    Active Directory components

    Physical and logical structure

    Authentication, authorization, and auditing

    The image contains a screenshot of the active directory components.

    Active Directory has its hooks in!

    AD creates infrastructure technical debt and is difficult to migrate away from.

    The image contains a screenshot of an active directory diagram.

    Info-Tech Insight

    Due to the pervasive nature of Active Directory in the IT ecosystem, IT organizations are reluctant to migrate away from AD to modernize and innovate.

    Migration to Microsoft 365 in Azure has forced IT departments’ hand, and now that they have dipped their toe in the proverbial cloud “lake,” they see a way out of the mounting technical debt.

    AD security

    Security is the biggest concern with Active Directory.

    Neglecting Active Directory security

    98% of data breaches came from external sources.

    Source: Verizon, Data Breach Report 2022

    85% of data breach took weeks or even longer to discover.

    Source: Verizon Data Breach Report, 2012

    The biggest challenge for recovery after an Active Directory security breach is identifying the source of the breach, determining the extent of the breach, and creating a safe and secure environment.

    Info-Tech Insight

    Neglecting legacy Active Directory security will lead to cyberattacks. Malicious users can steal credentials and hijack data or corrupt your systems.

    What are the security risks to legacy AD architecture?

    • It's been 22 years since AD was released by Microsoft, and it has been a foundational technology for most businesses over the years. However, while there have been many innovations over those two decades, like Amazon, Facebook, iPhones, Androids, and more, Active Directory has remained mostly unchanged. There hasn’t been a security update since 2016.
    • This lack of security innovation has led to several cyberattacks over the years, causing businesses to bolt on additional security measures and added complexity. AD is not going away any time soon, but the security dilemma can be addressed with added security features.

    AD event logs

    84% of organizations that had a breach had evidence of that breach in their event logs.

    Source: Verizon Data Breach Report, 2012

    What is the business risk

    How does AD impact innovation in your business?

    It’s widely estimated that Active Directory remains at the backbone of 90% of Global Fortune 1000 companies’ business infrastructure (Lepide, 2021), and with that comes risk. The risks include:

    • Constraints of AD and growth of your digital footprint
    • Difficulty integrating modern technologies
    • Difficulty maintaining consistent security policies
    • Inflexible central domains preventing innovation and modernization
    • Inability to move to a self-service password portal
    • Vulnerability to being hacked
    • BYOD not being AD friendly

    AD is dependent on Windows Server

    1. Even though AD is compliant with LDAP, software vendors often choose optional features of LDAP that are not supported by AD. It is possible to implement Kerberos in a Unix system and establish trust with AD, but this is a difficult process and mistakes are frequent.
    2. Restricting your software selection to Windows-based systems reduces innovation and may hamper your ability to purchase best-in-class applications.

    Azure AD is not a replacement for AD

    AD was designed for an on-premises enterprise

    The image contains a screenshot of a Azure AD diagram.

    • Despite Microsoft’s Azure becoming prominent in the world of cloud services, Azure AD is not a replacement for on-premises AD.
    • In fact, Microsoft itself has an architecture to mitigate the shortcomings of Azure AD by recommending organizations migrate to a hybrid model, especially those businesses that have an in-house footprint of servers and applications.
    • If you are a greenfield business and intend to take advantage of SaaS, IaaS, and PaaS, as well as Microsoft 365 in Azure, then Azure AD is for you and you don’t have to worry about the need for AD.

    "Azure Active Directory is not designed to be the cloud version of Active Directory. It is not a domain controller or a directory in the cloud that will provide the exact same capabilities with AD. It actually provides many more capabilities in a different way.

    That’s why there is no actual ‘migration’ path from Active Directory to Azure Active Directory. You can synchronize your on-premises directories (Active Directory or other) to Azure Active Directory but not migrate your computer accounts, group policies, OU etc."

    – Gregory Hall,
    Brand Representative for Microsoft
    (Source: Spiceworks)

    The hybrid model for AD and Azure AD

    How the model works

    The image contains a screenshot of a hybrid model for AD and Azure AD.

    Note: AD Federated Services (ADFS) is not a replacement for AD. It’s a bolt-on that requires maintenance, support, and it is not a liberating service.

    Many companies are:

    • Moving to SaaS solutions for customer relationship management, HR, collaboration, voice communication, file storage, and more.
    • Managing non-Windows devices.
    • Moving to a hybrid model of work.
    • Enabling BYOD.

    Given these trends, Active Directory is becoming obsolete in terms of identity management and permissions.

    The difference between AD Domain Services and Azure AD DS

    One of the core principles of Azure AD is that the user is the security boundary, not the network.

    Kerberos is the default authentication and authorization protocol for AD. Kerberos is involved in nearly everything from the time you log on to accessing Sysvol, which is used to deliver policy and logon scripts to domain members from the Domain Controller.

    Info-Tech Insight

    If you are struggling to get away from AD, Kerberos and NTML are to blame. Working around them is difficult. Azure AD uses SAML2.0 OpenID Connect and OAuth2.0.

    Feature Azure AD DS Self-managed AD DS
    Managed service
    Secure deployments Administrator secures the deployment
    DNS server ✓ (managed service)
    Domain or Enterprise administrator privileges
    Domain join
    Domain authentication using NTLM and Kerberos
    Kerberos-constrained delegation Resource-based Resource-based and account-based
    Custom OU structure
    Group Policy
    Schema extensions
    AD domain/forest trusts ✓ (one-way outbound forest trusts only)
    Secure LDAP (LDAPS)
    LDAP read
    LDAP write ✓ (within the managed domain)
    Geo-distributed deployments

    Source: “Compare self-managed Active Directory Domain Services...” Azure documentation, 2022

    Impact of work-from-anywhere

    How AD poses issues that impact the user experience

    IT organizations are under pressure to enable work-from-home/work-from-anywhere.

    • IT teams regard legacy infrastructure, namely Active Directory, as inadequate to securely manage remote workloads.
    • While organizations previously used VPNs to access resources through Active Directory, they now have complex webs of applications that do not reside on premises, such as AWS, G-Suite, and SaaS customer relationship management and HR management systems, among others. These resources live outside the Windows ecosystem, complicating user provisioning, management, and security.
    • The work environment has changed since the start of COVID-19, with businesses scrambling to enable work-from-home. This had a huge impact on on-premises identity management tools such as AD, exposing their limitations and challenges. IT admins are all too aware that AD does not meet the needs of work-from-home.
    • As more IT organizations move infrastructure to the cloud, they have the opportunity to move their directory services to the cloud as well.
      • JumpCloud, OneLogin, Okta, Azure AD, G2, and others can be a solution for this new way of working and free up administrators from the overloaded AD environment.
      • Identity and access management (IAM) can be moved to the cloud where the modern infrastructure lives.
      • Alternatives for printers using AD include Google Cloud Print, PrinterOn, and PrinterLogic.

    How AD can impact your migration to Microsoft 365

    The beginning of your hybrid environment

    • Businesses that have a large on-premises footprint have very few choices for setting up a hybrid environment that includes their on-premises AD and Azure AD synchronization.
    • Microsoft 365 uses Azure AD in the background to manage identities.
    • Azure AD Connect will need to be installed, along with IdFix to identify errors such as duplicates and formatting problems in your AD.
    • Password hash should be implemented to synchronize passwords from on-premises AD so users can sign in to Azure without the need for additional single sign-on infrastructure.
    • Azure AD Connect synchronizes accounts every 30 minutes and passwords within two minutes.

    Alternatives to AD

    When considering retiring Active Directory from your environment, look at alternatives that can assist with those legacy application servers, handle Kerberos and NTML, and support LDAP.

    • JumpCloud: Cloud-based directory services. JumpCloud provides LDAP-as-a-Service and RADIUS-as-a-Service. It authenticates, authorizes, and manages employees, their devices, and IT applications. However, domain name changes are not supported.
    • Apache Directory Studio Pro: Written in Java, it supports LDAP v3–certified directory services. It is certified by Eclipse-based database utilities. It also supports Kerberos, which is critical for legacy Microsoft AD apps authentication.
    • Univention Corporate Server (UCS): Open-source Linux-based solution that has a friendly user interface and gets continuous security and feature updates. It supports Kerberos V5 and LDAP, works with AD, and is easy to sync. It also supports DNS server, DHCP, multifactor authentication and single sign-on, and APIs and REST APIs. However, it has a limited English knowledgebase as it is a German tool.

    What to look for

    If you are embedded in Windows systems but looking for an alternative to AD, you need a similar solution but one that is capable of working in the cloud and on premises.

    Aside from protocols and supporting utilities, also consider additional features that can help you retire your Active Directory while maintaining highly secure access control and a strong security posture.

    These are just a few examples of the many alternatives available.

    Market drivers to modernize your infrastructure

    The business is now driving your Active Directory migration

    What IT must deal with in the modern world of work:

    • Leaner footprint for evolving tech trends
    • Disaster recovery readiness
    • Dynamic compliance requirements
    • Increased security needs
    • The need to future-proof
    • Mergers and acquisitions
    • Security extending the network beyond Windows

    Organizations are making decisions that impact Active Directory, from enabling work-from-anywhere to dealing with malicious threats such as ransomware. Mergers and acquisitions also bring complexity with multiple AD domains.
    The business is putting pressure on IT to become creative with security strategies, alternative authentication and authorization, and migration to SaaS and cloud services.

    Activity

    Build a checklist to migrate off Active Directory.

    Discovery

    Assessment

    Proof of Concept

    Migration

    Cloud Operations

    ☐ Catalog your applications.

    ☐ Define your users, groups and usage.

    ☐ Identify network interdependencies and complexity.

    ☐ Know your security and compliance regulations.

    ☐ Document your disaster recovery plan and recovery point and time objectives (RPO/RTO).

    ☐ Build a methodology for migrating apps to IaaS.

    ☐ Develop a migration team using internal resources and/or outsourcing.

    ☐ Use Microsoft resources for specific skill sets.

    ☐ Map on-premises third-party solutions to determine how easily they will migrate.

    ☐ Create a plan to retire and archive legacy data.

    ☐ Test your workload: Start small and prove value with a phased approach.

    ☐ Estimate cloud costs.

    ☐ Determine the amount and size of your compute and storage requirements.

    ☐ Understand security requirements and the need for network and security controls.

    ☐ Assess network performance.

    ☐ Qualify and test the tools and solutions needed for the migration.

    ☐ Create a blueprint of your desired cloud environment.

    ☐ Establish a rollback plan.

    ☐ Identify tools for automating migration and syncing data.

    ☐ Understand the implications of the production-day data move.

    ☐ Keep up with the pace of innovation.

    ☐ Leverage 24/7 support via skilled Azure resources.

    ☐ Stay on top of system maintenance and upgrades.

    ☐ Consider service-level agreement requirements, governance, security, compliance, performance, and uptime.

    Related Info-Tech Research

    Manage the Active Directory in the Service Desk

    • Build and maintain your Active Directory with good data.
    • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.

    SoftwareReviews: Microsoft Azure Active Directory

    • The Azure Active Directory (Azure AD) enterprise identity service provides SSO and multifactor authentication to help protect your users from 99.9% of cybersecurity attacks

    Define Your Cloud Vision

    • Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud-first isn’t always the way to go.

    Bibliography

    “2012 Data Breach Investigations Report.” Verizon, 2012. Web.
    “2022 Data Breach Investigations Report.” Verizon, 2012. Web.
    “22 Best Alternatives to Microsoft Active Directory.” The Geek Page, 16 Feb 2022. Accessed 12 Sept. 2022.
    Altieri, Matt. “Infrastructure Technical Debt.” Device 42, 20 May 2019. Accessed Sept 2022.
    “Are You Ready to Make the Move from ADFS to Azure AD?’” Steeves and Associates, 29 April 2021. Accessed 28 Sept. 2022.
    Blanton, Sean. “Can I Replace Active Directory with Azure AD? No, Here’s Why.” JumpCloud, 9 Mar 2021. Accessed Sept. 2022.
    Chai, Wesley, and Alexander S. Gillis. “What is Active Directory and how does it work?” TechTarget, June 2021. Accessed 10 Sept. 2022.
    Cogan, Sam. “Azure Active Directory is not Active Directory!” SamCogan.com, Oct 2020. Accessed Sept. 2022.
    “Compare Active Directory to Azure Active Directory.” Azure documentation, Microsoft Learn, 18 Aug. 2022. Accessed 12 Sept. 2022.
    "Compare self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services." Azure documentation, Microsoft Learn, 23 Aug. 2022. Accessed Sept. 2022.
    “Dimensional Research, Active Directory Modernization: A Survey of IT Professionals.” Quest, 2017. Accessed Sept 2022.
    Grillenmeier, Guido. “Now’s the Time to Rethink Active Directory Security.“ Semperis, 4 Aug 2021. Accessed Oct. 2013.
    “How does your Active Directory align to today’s business?” Quest Software, 2017, accessed Sept 2022
    Lewis, Jack “On-Premises Active Directory: Can I remove it and go full cloud?” Softcat, Dec.2020. Accessed 15 Sept 2022.
    Loshin, Peter. “What is Kerberos?” TechTarget, Sept 2021. Accessed Sept 2022.
    Mann, Terry. “Why Cybersecurity Must Include Active Directory.” Lepide, 20 Sept. 2021. Accessed Sept. 2022.
    Roberts, Travis. “Azure AD without on-prem Windows Active Directory?” 4sysops, 25 Oct. 2021. Accessed Sept. 2022.
    “Understanding Active Directory® & its architecture.” ActiveReach, Jan 2022. Accessed Sept. 2022.
    “What is Active Directory Migration?” Quest Software Inc, 2022. Accessed Sept 2022.

    Build and Deliver an Optimized IT Update Presentation

    • Buy Link or Shortcode: {j2store}269|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage Business Relationships
    • Parent Category Link: /manage-business-relationships
    • IT update presentation success comes with understanding the business and the needs of your stakeholders. It often takes time and effort to get it right.
    • Many IT updates are too technically focused and do not engage nor demonstrate value in the eyes of the business.
    • This is not the time to boast about technical metrics that lack relevance.
    • Too often IT updates are prepared without the necessary pre-discussions required to validate content and hone priorities.

    Our Advice

    Critical Insight

    • CIOs need to take charge of the IT value proposition, increasing the impact and strategic role of IT.
    • Use your IT update to focus decisions, improve relationships, find new sources of value, and drive credibility.
    • Evolve the strategic partnership with your business using key metrics to help guide the conversation.

    Impact and Result

    • Build and deliver an IT update that focuses on what is most important.
    • Achieve the buy-in you require while driving business value.
    • Gain clarity on your scope, goals, and outcomes.
    • Validate IT’s role as a strategic business partner.

    Build and Deliver an Optimized IT Update Presentation Research & Tools

    Start here – read the Executive Brief

    Read our Executive Brief to find out how an optimized IT update presentation is your opportunity to drive business value.Review Info-Tech’s methodology and understand how we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Scope and goals

    Confirm the “why” of the IT update presentation by determining its scope and goals.

    • Build and Deliver an Optimized IT Update Presentation – Phase 1: Scope and Goals

    2. Assess and build

    Confirm the “what” of the presentation by focusing on business requirements, metrics, presentation creation, and stakeholder validation.

    • Build and Deliver an Optimized IT Update Presentation – Phase 2: Assess and Build
    • IT Update Stakeholder Interview Guide
    • IT Metrics Prioritization Tool

    3. Deliver and inspire

    Confirm the “how” of the presentation by focusing on engaging your audience, getting what you need, and creating a feedback cycle.

    • Build and Deliver an Optimized IT Update Presentation – Phase 3: Deliver and Inspire
    • IT Update Open Issues Tracking Tool
    [infographic]

    Workshop: Build and Deliver an Optimized IT Update Presentation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Scope, Goals, and Requirements

    The Purpose

    Determine the IT update’s scope and goals and identify stakeholder requirements

    Key Benefits Achieved

    IT update scope and goals

    Business stakeholder goals and requirements

    Activities

    1.1 Determine/validate the IT update scope

    1.2 Determine/validate the IT update goals

    1.3 Business context analysis

    1.4 Determine stakeholder needs and expectations

    1.5 Confirm business goals and requirements

    Outputs

    Documented IT update scope

    Documented IT update goals

    Validated business context

    Stakeholder requirements analysis

    Confirmed business goals and requirements

    2 Validate Metrics With Business Needs

    The Purpose

    Analyze metrics and content and validate against business needs

    Key Benefits Achieved

    Selection of key metrics

    Metrics and content validated to business needs

    Activities

    2.1 Analyze current IT metrics

    2.2 Review industry best-practice metrics

    2.3 Align metrics and content to business stakeholder needs

    Outputs

    Identification of key metrics

    Finalization of key metrics

    Metrics and content validated to business stakeholder needs

    3 Create an optimized IT update

    The Purpose

    Create an IT update presentation that is optimized to business needs

    Key Benefits Achieved

    Optimized IT update presentation

    Activities

    3.1 Understand the audience and how to best engage them

    3.2 Determine how to present the pertinent data

    3.3 IT update review with key business stakeholders

    3.4 Final edits and review of IT update presentation

    3.5 Pre-presentation checklist

    Outputs

    Clarity on update audience

    Draft IT update presentation

    Business stakeholder feedback

    Finalized IT update presentation

    Confirmation on IT update presentation readiness

    Define Service Desk Metrics That Matter

    • Buy Link or Shortcode: {j2store}491|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Consolidate your metrics and assign context and actions to ones currently tracked.
    • Establish tension metrics to see and tell the whole story.
    • Split your metrics for each stakeholder group. Assign proper cadences for measurements as a first step to building an effective dashboard.

    Our Advice

    Critical Insight

    • Identify the metrics that serve a real purpose and eliminate the rest. Establish a formal review process to ensure metrics are still valid, continue to provide the answers needed, and are at a manageable and usable level.

    Impact and Result

    • Tracking goal- and action-based metrics allows you to make meaningful, data-driven decisions for your service desk. You can establish internal benchmarks to set your own baselines.
    • Predefining the audience and cadence of each metric allows you to construct targeted dashboards to aid your metrics analysis.

    Define Service Desk Metrics That Matter Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Service Desk Metrics That Matter Storyboard – A deck that shows you how to look beyond benchmarks and rely on internal metrics to drive success.

    Deciding which service desk metrics to track and how to analyze them can be daunting. Use this deck to narrow down your goal-oriented metrics as a starting point and set your own benchmarks.

    • Define Service Desk Metrics That Matter Storyboard

    2. Service Desk Metrics Workbook – A tool to organize your service desk metrics.

    For each metric, consider adding the relevant overall goal, audience, cadence, and action. Use the audience and cadence of the metric to split your tracked metrics into various dashboards. Your final list of metrics and reports can be added to your service desk SOP.

    • Service Desk Metrics Workbook
    [infographic]

    Further reading

    Define Service Desk Metrics That Matter

    Look beyond benchmarks and rely on internal metrics to drive success.

    Analyst Perspective

    Don’t get paralyzed by benchmarks when establishing metrics

    When establishing a suite of metrics to track, it’s tempting to start with the metrics measured by other organizations. Naturally, benchmarking will enter the conversation. While benchmarking is useful, measuring you organization against others with a lack of context will only highlight your failures. Furthermore, benchmarks will highlight the norm or common practice. It does not necessarily highlight best practice.

    Keeping the limitations of benchmarking in mind, establish your own metrics suite with action-based metrics. Define the audience, cadence, and actions for each metric you track and pair them with business goals. Measure only what you need to.

    Slowly improve your metrics process over time and analyze your environment using your own data as your benchmark.

    Benedict Chang

    Research Analyst, Infrastructure & Operations

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Measure the business value provided by the service desk.
    • Consolidate your metrics and assign context and actions to ones currently tracked.
    • Establish tension metrics to see and tell the whole story.
    • Split your metrics for each stakeholder group. Assign proper cadences for measurements as a first step to building an effective dashboard or effective dashboards.

    Common Obstacles

    • Becoming too focused on benchmarks or unidimensional metrics (e.g. cost, first-contact resolution, time to resolve) can lead to misinterpretation of the data and poorly informed actions.
    • Sifting through the many sources of data post hoc can lead to stalling in data analysis or slow reaction times to poor metrics.
    • Dashboards can quickly become cluttered with uninformative metrics, thus reducing the signal-to-noise ratio of meaningful data.

    Info-Tech's Approach

    • Use metrics that drive productive change and improvement. Track only what you need to report on.
    • Ensure each metric aligns with the desired business goal, is action-based, and includes the answers to what, why, how, and who.
    • Establish internal benchmarks by analyzing the trends from your own data to set baselines.
    • Act on the results of your metrics by adjusting targets and measuring success.

    Info-Tech Insight

    Identify the metrics that serve a real purpose and eliminate the rest. Establish a formal review process to ensure metrics are still valid, continue to provide the answers needed, and are at a manageable and usable level.

    Improve your metrics to align IT with strategic business goals

    The right metrics can tell the business how hard IT works and how well they perform.

    • Only 19% of CXOs feel that their organization is effective at measuring the success of IT projects with their current metrics.
    • Implementing the proper metrics can facilitate communication between the business division and IT practice.
    • The proper metrics can help IT know what issues the business has and how the CEO and CIO should tackle them.
    • If the goals above resonate with your organization, our blueprint Take Control of Infrastructure and Operations Metrics will take you through the right steps.

    Current Metrics Suite

    19% Effective

    36% Some Improvement Necessary

    45% Significant Improvement Necessary

    Source: Info-Tech Research Group’s CEO/CIO Alignment Diagnostic, 2019; N=622

    CXOs stress that value is the most critical area for IT to improve in reporting

    • You most likely have to improve your metrics suite by addressing business value.
    • Over 80% of organizations say they need improvement to their business value metrics, with 32% of organizations reporting that significant improvement is needed.
    • Of course, measuring metrics for service desk operations is important, but don’t forget business-oriented metrics such as measuring knowledgebase articles written for shift-left enablement, cost (time and money) of service desk tickets, and overall end-user satisfaction.

    The image shows a bar graph with percentages on the Y-Acis, and the following categories on the X-Axis: Business value metrics; Stakeholder satisfaction reporting; Risk metrics; Technology performance & operating metrics; Cost & Salary metrics; and Ad hoc feedback from executives and staff. Each bar is split into two sections, with the blue section marked a Significant Improvement Necessary, and the purple section labelled Some Improvement necessary. Two sections are highlighted with red circles: Business Value metrics--32% blue; 52% purple; and Technology performance & operating metrics--23% blue and 51% purple.

    Source: Info-Tech Research Group’s CEO/CIO Alignment Diagnostic, 2019; N=622

    Benchmarking used in isolation will not tell the whole story

    Benchmarks can be used as a step in the metrics process

    They can be the first step to reach an end goal, but if benchmarks are observed in isolation, it will only highlight your failures.

    Benchmarking relies on standardized models

    This does not account for all the unique variables that make up an IT organization.

    For example, benchmarks that include cost and revenue may include organizations that prioritize first-call resolution (FCR), but the variables that make up this benchmark model will be quite different within your own organization.

    Info-Tech Insight

    Benchmarks reflect the norm and common practice, not best practice.

    Benchmarks are open to interpretation

    Taking the time to establish proper metrics is often more valuable time spent than going down the benchmark rabbit hole.

    Being above or below the norm is neither a good nor a bad thing.

    Determining what the results mean for you depends on what’s being measured and the unique factors, characteristics, and priorities in your organization.

    If benchmark data is a priority within your IT organization, you may look up organizations like MetricNet, but keep the following in mind:

    Review the collected benchmark data

    See where IT organizations in your industry typically stand in relation to the overall benchmark.

    Assess the gaps

    Large gaps between yourself and the overall benchmark could indicate areas for improvement or celebration. Use the data to focus your analysis, develop deeper self-awareness, and prioritize areas for potential concern.

    Benchmarks are only guidelines

    The benchmark source data may not come from true peers in every sense. Each organization is different, so always explore your unique context when interpreting any findings.

    Rely on internal metrics to measure and improve performance

    Measure internal metrics over time to define goals and drive real improvement

    • Internally measured metrics are more reliable because they provide information about your actual performance over time. This allows for targeted improvements and objective measurements of your milestones.
    • Whether a given metric is the right one for your service desk will depend on several different factors, including:
      • The maturity and capability of your service desk processes
      • The volume of service requests and incidents
      • The complexity of your environment when resolving tickets
      • The degree to which your end users are comfortable with self-service

    Take Info-Tech’s approach to metrics management

    Use metrics that drive productive change and improvement. Track only what you need to report on.

    Ensure each metric aligns with the desired business goal, is action-based, and includes the answers to what, why, how, and who.

    Establish internal benchmarks by analyzing the trends from your own data to set baselines.

    Act on the results of your metrics by adjusting targets and measuring success.

    Define action-based metrics to cut down on analysis paralysis

    Every metric needs to be backed with the following criteria:

    • Defining audience, cadence, goal, and action for each metric allows you to keep your tracked metrics to a minimum while maximizing the value.
    • The audience and cadence of each metric may allow you to define targeted dashboards.

    Audience - Who is this metric tracked for?

    Goal - Why are you tracking this metric? This can be defined along with the CSFs and KPIs.

    Cadence - How often are you going to view, analyze, and action this metric?

    Action - What will you do if this metric spikes, dips, trends up, or trends down?

    Activity 1. Define your critical success factors and key performance indicators

    Critical success factors (CSFs) are high-level goals that help you define the direction of your service desk. Key performance indicators (KPIs) can be treated as the trend of metrics that will indicate that you are moving in the direction of your CSFs. These will help narrow the data you have to track and action (metrics).

    CSFs, or your overall goals, typically revolve around three aspects of the service desk: time spent on tickets, resources spent on tickets, and the quality of service provided.

    1. As a group, brainstorm the CSFs and the KPIs that will help narrow your metrics. Use the Service Desk Metrics Workbook to record the results.
    2. Look at the example to the right as a starting point.

    Example metrics:

    Critical success factor Key performance indicator
    High End-User Satisfaction Increasing CSAT score on transactional surveys
    High end-user satisfaction score
    Proper resolution of tickets
    Low time to resolve
    Low Cost per Ticket Decreasing cost per ticket (due to efficient resolution, FCR, automation, self-service, etc.)
    Improve Access to Self-Service (tangential to improve customer service) High utilization of knowledgebase
    High utilization of portal

    Download the Service Desk Metrics Workbook

    Activity 2. Define action-based metrics that align with your KPIs and CSFs

    1. Now that you have defined your goals, continue to fill the workbook by choosing metrics that align with those goals.
    2. Use the chart below as a guide. For every metric, define the cadence of measurement, audience of the metric, and action associated with the metric. There may be multiple metrics for each KPI.
    3. If you find you are unable to define the cadence, audience, or action associated with a metric, you may not need to track the metric in the first place. Alternatively, if you find that you may action a metric in the future, you can decide to start gathering data now.

    Example metrics:

    Critical success factor Key performance indicator Metric Cadence Audience Action
    High End-User Satisfaction Increasing CSAT score on transactional surveys Monthly average of ticket satisfaction scores Monthly Management Action low scores immediately, view long-term trends
    High end-user satisfaction score Average end-user satisfaction score from annual survey Annually IT Leadership View IT satisfaction trends to align IT with business direction
    Proper resolution of tickets Number of tickets reopened Weekly Service Desk Technicians Action reopened tickets, look for training opportunities
    SLA breach rate Daily Service Desk Technicians Action reopened tickets, look for training opportunities
    Low time to resolve Average TTR (incidents) Weekly Management Look for trends to monitor resources
    Average TTR by priority Weekly Management Look for TTR solve rates to align with SLA
    Average TTR by tier Weekly Management Look for improperly escalated tickets or shift-left opportunities

    Download the Service Desk Metrics Workbook

    Activity 3. Define the data ownership, metric viability, and dashboards

    1. For each metric, define where the data is housed. Ideally, the data is directly in the ticketing tool or ITSM tool. This will make it easy to pull and analyze.
    2. Determine how difficult the metric will be to pull or track. If the effort is high, decide if the value of tracking the metric is worth the hassle of gathering it.
    3. Lastly, for each metric, use the cadence and audience to place the metric in a reporting dashboard. This will help divide your metrics and make them easier to report and action.
    4. You may use the output of this exercise to add your tracked metrics to your service desk SOP.
    5. A full suite of metrics can be found in our Infrastructure & Operations Metrics Library in the Take Control of Infrastructure Metrics Storyboard. The metrics have been categorized by low, medium, and advanced capabilities for you.

    Example metrics:

    Metric Who Owns the Data? Efforts to Track? Dashboards
    Monthly average of ticket satisfaction scores Service Desk Low Monthly Management Meeting
    Average end-user satisfaction score Service Desk Low Leadership Meeting
    Number of tickets reopened Service Desk Low Weekly Technician Standup
    SLA breach rate Service Desk Low Daily Technician Standup
    Average TTR (incidents) Service Desk Low Weekly Technician Standup
    Average TTR by priority Service Desk Low Weekly Technician Standup
    Average TTR by tier Service Desk Low Weekly Technician Standup
    Average TTR (SRs) Service Desk Low Weekly Technician Standup
    Number of tickets reopened Service Desk Low Daily Technician Standup

    Download the Service Desk Metrics Workbook

    Keep the following considerations in mind when defining which metrics matter

    Keep the customer in mind

    Metrics are typically focused on transactional efficiency and process effectiveness and not what was achieved against the customers’ need and satisfaction.

    Understand the relationships between performance and metrics management to provide the end-to-end service delivery picture you are aiming to achieve.

    Don’t settle for tool defaults

    ITSM solutions offer an abundance of metrics to choose from. The most common ones are typically built into the reporting modules of the tool suite.

    Do not start tracking everything. Choose metrics that are specifically aligned to your organization’s desired business outcomes.

    Establish tension metrics to achieve balance

    Don’t ignore the correlation and context between the suites of metrics chosen and how one interacts and affects the other.

    Measuring metrics in isolation may lead to an incomplete picture or undesired technician behavior. Tension metrics help complete the picture and lead to proper actions.

    Adjust those targets

    An arbitrary target on a metric that is consistently met month over month is useless. Each metric should inform the overall performance by combining capable service level management and customer experience programs to prove the value IT is providing to the organization.

    Related Info-Tech Research

    Standardize the Service Desk

    This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management, to create a sustainable service desk.

    Take Control of Infrastructure and Operations Metrics

    Make faster decisions and improve service delivery by using the right metrics for the job.

    Analyze Your Service Desk Ticket Data

    Take a data-driven approach to service desk optimization.

    IT Diagnostics: Build a Data-Driven IT Strategy

    Our data-driven programs ask business and IT stakeholders the right questions to ensure you have the inputs necessary to build an effective IT strategy.

    Info-Tech Quarterly Research Agenda Outcomes Q2-Q3 2023

    • Buy Link or Shortcode: {j2store}297|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    At Info-Tech, we take pride in our research and have established the most rigorous publication standards in the industry. However, we understand that engaging with all our analysts to gauge the future may not always be possible. Hence, we have curated some compelling recently published research along with forthcoming research insights to assist you in navigating the next quarter.

    Our Advice

    Critical Insight

    We offer a quarterly Research Agenda Outcomes deck that thoroughly summarizes our recently published research, supplying decision makers with valuable insights and best practices to make informed and effective decisions. Our research is supported by our team of seasoned analysts with decades of experience in the IT industry.

    By leveraging our research, you can stay updated with the latest trends and technologies, giving you an edge over the competition and ensuring the optimal performance of your IT department. This way, you can make confident decisions that lead to remarkable success and improved outcomes.

    Impact and Result

    • Enhance preparedness for future market trends and developments: Keep up to date with the newest trends and advancements in the IT sector to be better prepared for the future.
    • Enhance your decision making: Acquire valuable information and insights to make better-informed, confident decisions.
    • Promote innovation: Foster creativity, explore novel perspectives, drive innovation, and create new products or services.

    Info-Tech Quarterly Research Agenda Outcomes Q2/Q3 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Info-Tech Quarterly Research Agenda Q3 2023 Deck – An overview of our Research Agenda Outcome for Q2 and Q3 of 2023.

    A guide to our top research published to date for 2023 (Q2/Q3).

    • Info-Tech Quarterly Research Agenda Outcomes for Q2/Q3 2023
    [infographic]

    Further reading

    Featured Research Projects 2023 (Q2/Q3)

    “Here are my selections for the top research projects of the last quarter.”

    Photo of Gord Harrison, Head of Research & Advisory, Info-Tech Research Group.

    Gord Harrison
    Head of Research & Advisory
    Info-Tech Research Group

    CIO

    01
    Build Your Generative AI Roadmap

    Generative AI is here, and it's time to find its best uses – systematically and responsibly.

    02
    CIO Priorities 2023

    Engage cross-functional leadership to seize opportunity while protecting the organization from volatility.

    03
    Build an IT Risk Taxonomy

    If integrated risk is your destination, your IT risk taxonomy is the road to get you there.

    04
    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    Beyond the hype: How it can help you become more customer-focused?

    05
    Effective IT Communications

    Generative AI is here, and it's time to find its best uses – systematically and responsibly.

    06
    Develop a Targeted Flexible Work Program for IT

    Select flexible work options that balance organizational and employee needs to drive engagement and improve attraction and retention.

    07
    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    08
    Establish High-Value IT Performance Dashboards and Metrics

    Spend less time struggling with visuals and more time communicating about what matters to your executives.

    Applications

    09
    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn't start with technology but with an effective plan that the team can align on.

    10
    Develop Your Value-First Business Process Automation Strategy

    As you scale your business automations, focus on what matters most.

    11
    Manage Requirements in an Agile Environment

    Agile and requirements management are complementary, not competitors.

    Security

    12
    Assess Your Cybersecurity Insurance Policy

    Adapt to changes in the cyber insurance market.

    13
    Design and Implement a Business-Aligned Security Program

    Focus first on business value.

    Infrastructure & Operations

    14
    Automate IT Asset Data Collection

    Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

    Industry | Retail

    15
    Leveraging AI to Create Meaningful Insights and Visibility in Retail

    AI prominence across the enterprise value chain.

    Industry | Education

    16
    Understand the Implications of Generative AI in Education

    Bans aren't the answer, but what is?

    Industry | Wholesale

    17
    Wholesale Industry Business Reference Architecture

    Business capability maps, value streams, and strategy maps for the wholesale industry.

    Industry | Retail Banking

    18
    Mainframe Modernization for Retail Banking

    A strategy for modernizing mainframe systems to meet the needs of modern retail banking.

    Industry | Utilities

    19
    Data Analytics Use Cases for Utilities

    Building upon the collective wisdom for the art of the possible.

    Build Your Generative AI Roadmap

    Generative AI is here, and it's time to find its best uses – systematically and responsibly.

    CIO
    Strategy & Governance

    Photo of Bill Wong, Principal Research Director, Info-Tech Research Group.

    Bill Wong
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Build Your Generative AI Roadmap' research.

    Sample of the 'Build Your Generative AI Roadmap' research.

    Logo for Info-Tech.

    CIO Priorities 2023

    Engage cross-functional leadership to seize opportunity while protecting the organization from volatility.

    CIO
    Strategy & Governance

    Photo of Brian Jackson, Principal Research Director, Info-Tech Research Group.

    Brian Jackson
    Principal Research Director

    Download this report or book an analyst call on this topic

    Sample of the 'CIO Priorities 2023' report.

    Sample of the 'CIO Priorities 2023' report.

    Logo for Info-Tech.

    Build an IT Risk Taxonomy

    If integrated risk is your destination, your IT risk taxonomy is the road to get you there.

    CIO
    Strategy & Governance

    Photo of Donna Bales, Principal Research Director, Info-Tech Research Group.

    Donna Bales
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Build an IT Risk Taxonomy' research.

    Sample of the 'Build an IT Risk Taxonomy' research.

    Logo for Info-Tech.

    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    Beyond the hype: How it can help you become more customer-focused?

    CIO
    Strategy & Governance

    Photo of Manish Jain, Principal Research Director, Info-Tech Research Group.

    Manish Jain
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Navigate the Digital ID Ecosystem to Enhance Customer Experience' research.

    Sample of the 'Navigate the Digital ID Ecosystem to Enhance Customer Experience' research.

    Logo for Info-Tech.

    Effective IT Communications

    Empower IT employees to communicate well with any stakeholder across the organization.

    CIO
    People & Leadership

    Photo of Brittany Lutes, Research Director, Info-Tech Research Group.

    Brittany Lutes
    Research Director

    Photo of Diana MacPherson, Senior Research Analyst, Info-Tech Research Group.

    Diana MacPherson
    Senior Research Analyst

    Download this research or book an analyst call on this topic

    Effective IT Communications' research.

    Sample of the 'Effective IT Communications' research.

    Logo for Info-Tech.

    Develop a Targeted Flexible Work Program for IT

    Select flexible work options that balance organizational and employee needs to drive engagement and improve attraction and retention.

    CIO
    People & Leadership

    Photo of Jane Kouptsova, Research Director, Info-Tech Research Group.

    Jane Kouptsova
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Develop a Targeted Flexible Work Program for IT' research.

    Sample of the 'Develop a Targeted Flexible Work Program for IT' research.

    Logo for Info-Tech.

    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    CIO
    Value & Performance

    Photo of Mike Tweedle, Practice Lead, Info-Tech Research Group.

    Mike Tweedle
    Practice Lead

    Download this research or book an analyst call on this topic

    Sample of the 'Effectively Manage CxO Relations' research.

    Sample of the 'Effectively Manage CxO Relations' research.

    Logo for Info-Tech.

    Establish High-Value IT Performance Dashboards and Metrics

    Spend less time struggling with visuals and more time communicating about what matters to your executives.

    CIO
    Value & Performance

    Photo of Diana MacPherson, Senior Research Analyst, Info-Tech Research Group.

    Diana MacPherson
    Senior Research Analyst

    Download this research or book an analyst call on this topic

    Sample of the 'Establish High-Value IT Performance Dashboards and Metrics' research.

    Sample of the 'Establish High-Value IT Performance Dashboards and Metrics' research.

    Logo for Info-Tech.

    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn't start with technology but with an effective plan that the team can align on.

    Applications
    Business Processes

    Photo of Ricardo de Oliveira, Research Director, Info-Tech Research Group.

    Ricardo de Oliveira
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Build Your Enterprise Application Implementation Playbook' research.

    Sample of the 'Build Your Enterprise Application Implementation Playbook' research.

    Logo for Info-Tech.

    Develop Your Value-First Business Process Automation Strategy

    As you scale your business automations, focus on what matters most.

    Applications
    Business Processes

    Photo of Andrew Kum-Seun, Research Director, Info-Tech Research Group.

    Andrew Kum-Seun
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Develop Your Value-First Business Process Automation Strategy' research.

    Sample of the 'Develop Your Value-First Business Process Automation Strategy' research.

    Logo for Info-Tech.

    Manage Requirements in an Agile Environment

    Agile and requirements management are complementary, not competitors.

    Applications
    Application Development

    Photo of Vincent Mirabelli, Principal Research Director, Info-Tech Research Group.

    Vincent Mirabelli
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Manage Requirements in an Agile Environment' research.

    Sample of the 'Manage Requirements in an Agile Environment' research.

    Logo for Info-Tech.

    Assess Your Cybersecurity Insurance Policy

    Adapt to changes in the cyber insurance market.

    Security
    Security Risk, Strategy & Governance

    Photo of Logan Rohde, Senior Research Analyst, Info-Tech Research Group.

    Logan Rohde
    Senior Research Analyst

    Download this research or book an analyst call on this topic

    Sample of the 'Assess Your Cybersecurity Insurance Policy' research.

    Sample of the 'Assess Your Cybersecurity Insurance Policy' research.

    Logo for Info-Tech.

    Design and Implement a Business-Aligned Security Program

    Focus first on business value.

    Security
    Security Risk, Strategy & Governance

    Photo of Michel Hébert, Research Director, Info-Tech Research Group.

    Michel Hébert
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Design and Implement a Business-Aligned Security Program' research.

    Sample of the 'Design and Implement a Business-Aligned Security Program' research.

    Logo for Info-Tech.

    Automate IT Asset Data Collection

    Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

    Infrastructure & Operations
    I&O Process Management

    Photo of Andrew Sharp, Research Director, Info-Tech Research Group.

    Andrew Sharp
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Automate IT Asset Data Collection' research.

    Sample of the 'Automate IT Asset Data Collection' research.

    Logo for Info-Tech.

    Leveraging AI to Create Meaningful Insights and Visibility in Retail

    AI prominence across the enterprise value chain.

    Industry Coverage
    Retail

    Photo of Rahul Jaiswal, Principal Research Director, Info-Tech Research Group.

    Rahul Jaiswal
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Leveraging AI to Create Meaningful Insights and Visibility in Retail' research.

    Sample of the 'Leveraging AI to Create Meaningful Insights and Visibility in Retail' research.

    Logo for Info-Tech.

    Understand the Implications of Generative AI in Education

    Bans aren't the answer, but what is?

    Industry Coverage
    Education

    Photo of Mark Maby, Research Director, Info-Tech Research Group.

    Mark Maby
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Understand the Implications of Generative AI in Education' research.

    Sample of the 'Understand the Implications of Generative AI in Education' research.

    Logo for Info-Tech.

    Wholesale Industry Business Reference Architecture

    Business capability maps, value streams, and strategy maps for the wholesale industry.

    Industry Coverage
    Wholesale

    Photo of Rahul Jaiswal, Principal Research Director, Info-Tech Research Group.

    Rahul Jaiswal
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Wholesale Industry Business Reference Architecture' research.

    Sample of the 'Wholesale Industry Business Reference Architecture' research.

    Logo for Info-Tech.

    Mainframe Modernization for Retail Banking

    A strategy for modernizing mainframe systems to meet the needs of modern retail banking.

    Industry Coverage
    Retail Banking

    Photo of David Tomljenovic, Principal Research Director, Info-Tech Research Group.

    David Tomljenovic
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Mainframe Modernization for Retail Banking' research.

    Sample of the 'Mainframe Modernization for Retail Banking' research.

    Logo for Info-Tech.

    Data Analytics Use Cases for Utilities

    Building upon the collective wisdom for the art of the possible.

    Industry Coverage
    Utilities

    Photo of Jing Wu, Principal Research Director, Info-Tech Research Group.

    Jing Wu
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Data Analytics Use Cases for Utilities' research.

    Sample of the 'Data Analytics Use Cases for Utilities' research.

    Sneak Peaks: Research coming in next quarter!

    “Next quarter we have a big lineup of reports and some great new research!”

    Photo of Gord Harrison, Head of Research & Advisory, Info-Tech Research Group.

    Gord Harrison
    Head of Research & Advisory
    Info-Tech Research Group

    1. Build MLOps and Engineering for AI and ML

      Enabling you to develop your Engineering and ML Operations to support your current & planned use cases for AI and ML.
    2. Leverage Gen AI to Improve Your Test Automation Strategy

      Enabling you to embed Gen AI to assist your team during testing broader than Gen AI compiling code.
    3. Make Your IT Financial Data Accessible, Reliable, and Usable

      This project will provide a recipe for bringing IT's financial data to a usable state through a series of discovery, standardization, and policy-setting actions.
    4. Implement Integrated AI Governance

      Enabling you to implement best-practice governance principles when implementing Gen AI.
    5. Develop Exponential IT Capabilities

      Enabling you to understand and develop your strategic Exponential IT capabilities.
    6. Build Your AI Strategy and Roadmap

      This project will provide step-by-step guidance in development of your AI strategy with an AI strategy exemplar.
    7. Priorities for Data Leaders in 2024 and Beyond

      This report will detail the top five challenges expected in the upcoming year and how you as the CDAO can tackle them.
    8. Deploy AIOps More Effectively

      This research is designed to assess the process maturity of your IT operations and help identify pain pains and opportunities for AI deployment within your IT operations.
    9. Design Your Edge Computing Architecture

      This research will provide deployment guidelines and roadmap to address your edge computing needs.
    10. Manage Change in the AI-Enabled Enterprise

      Managing change is complex with the disruptive nature of emerging tech like AI. This research will assist you from an organizational change perspective.
    11. Assess the Security and Privacy Impacts of Your AI Vendors

      This research will allow you to enhance transparency, improve risk management, and ensure the security and privacy of data when working with AI vendors.
    12. Prepare Your Board for AI Disruption

      This research will arm you with tools to educate your board on the impact of Gen AI, addressing the potential risks and the potential benefits.

    Info-Tech Research Leadership Team

    “We have a world-class team of experts focused on providing practical, cutting-edge IT research and advice.”

    Photo of Gord Harrison, Head of Research & Advisory, Info-Tech Research Group.

    Gord Harrison
    Head of Research & Advisory
    Info-Tech Research Group

    Photo of Jack Hakimian, Senior Vice President, Research Development, Info-Tech Research Group.

    Jack Hakimian
    Senior Vice President
    Research Development

    Photo of Aaron Shum, Vice President, Security & Privacy Research, Info-Tech Research Group.

    Aaron Shum
    Vice President
    Security & Privacy Research

    Photo of Larry Fretz, Vice President, Industry Research, Info-Tech Research Group.

    Larry Fretz
    Vice President
    Industry Research

    Photo of Mark Tauschek, Vice President, Research Fellowships, Info-Tech Research Group.

    Mark Tauschek
    Vice President
    Research Fellowships

    Photo of Tom Zehren, Chief Product Officer, Info-Tech Research Group.

    Tom Zehren
    Chief Product Officer

    Photo of Rick Pittman, Vice President, Advisory Quality & Delivery, Info-Tech Research Group.

    Rick Pittman
    Vice President
    Advisory Quality & Delivery

    Photo of Nora Fisher, Vice President, Shared Services, Info-Tech Research Group.

    Nora Fisher
    Vice President
    Shared Services

    Photo of Becca Mackey, Vice President, Workshops, Info-Tech Research Group.

    Becca Mackey
    Vice President
    Workshops

    Photo of Geoff Nielson, Senior Vice President, Global Services & Delivery, Info-Tech Research Group.

    Geoff Nielson
    Senior Vice President
    Global Services & Delivery

    Photo of Brett Rugroden, Senior Vice President, Global Market Programs, Info-Tech Research Group.

    Brett Rugroden
    Senior Vice President
    Global Market Programs

    Photo of Hannes Scheidegger, Senior Vice President, Global Public Sector, Info-Tech Research Group.

    Hannes Scheidegger
    Senior Vice President
    Global Public Sector

    About Info-Tech Research Group

    Info-Tech Research Group produces unbiased and highly relevant research to help leaders make strategic, timely, and well-informed decisions. We partner closely with your teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for the organization.

    Sample of the IT Management & Governance Framework.

    Drive Measurable Results

    Our world-class leadership team is continually focused on building disruptive research and products that drive measurable results and save money.

    Info-Tech logo.

    Better Research Than Anyone

    Our team of experts is composed of the optimal mix of former CIOs, CISOs, PMOs, and other IT leaders and IT and management consultants as well as academic researchers and statisticians.

    Dramatically Outperform Your Peers

    Leverage Industry Best Practices

    We enable over 30,000 members to share their insights and best practices that you can use by having direct access to over 100 analysts as an extension of your team.

    Become an Info-Tech influencer:

    • Help shape our research by talking with our analysts.
    • Discuss the challenges, insights, and opportunities in your chosen areas.
    • Suggest new topic ideas for upcoming research cycles.

    Contact
    Jack Hakimian
    jhakimian@infotech.com

    We interview hundreds of experts and practitioners to help ensure our research is practical and focused on key member challenges.

    Why participate in expert interviews?

    • Discuss market trends and stay up to date.
    • Influence Info-Tech's research direction with your practical experience.
    • Preview our analysts' perspectives and preliminary research.
    • Build on your reputation as a thought leader and research contributor.
    • See your topic idea transformed into practical research.

    Thank you!

    Join us at our webinars to discuss more topics.

    For information on Info-Tech's products and services and to participate in our research process, please contact:

    Jack Hakimian
    jhakimian@infotech.com

    Operations management

    • Buy Link or Shortcode: {j2store}12|cart{/j2store}
    • Related Products: {j2store}12|crosssells{/j2store}
    • Up-Sell: {j2store}12|upsells{/j2store}
    • member rating overall impact (scale of 10): 10.0/10
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Infra and Operations
    • Parent Category Link: /infra-and-operations
    IT Operations is all about effectiveness. We make sure that you deliver reliable services to the clients and users within the company.

    Drive Technology Adoption

    • Buy Link or Shortcode: {j2store}111|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    The project isn’t over if the new product or system isn’t being used. How do you ensure that what you’ve put in place isn’t going to be ignored or only partially adopted? People are more complicated than any new system and managing them through the change needs careful planning.

    Our Advice

    Critical Insight

    Cultivating a herd mentality, where people adopt new technology merely because everyone else is, is an important goal in getting the bulk of users using the new product or system. The herd needs to gather momentum though and this can be done by using the more tech-able and enthused to lead the rest on the journey. Identifying and engaging these key resources early in the process will greatly assist in starting the flow.

    Impact and Result

    While communication is key throughout, involving staff in proof-of-concept activities and contests and using the train-the-trainer techniques and technology champions will all start the momentum toward technology adoption. Group activities will address the bulk of users, but laggards may need special attention.

    Drive Technology Adoption Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive Technology Adoption – A brief deck describing how to encourage users to adopt newly implemented technology.

    This document will help you to ensure that newly implemented systems and technologies are correctly adopted by the intended recipients.

    • Drive Technology Adoption Storyboard
    [infographic]

    Further reading

    Drive Technology Adoption

    The project is over. The new technology is implemented. Now how do we make sure it's used?

    Executive Summary

    Your Challenge

    Technology endlessly changes and evolves. Similarly, business directions and requirements change, and these changes need to be supported by technology. Improved functionality and evolvement of systems, along with systems becoming redundant or unsupported, means that maintaining a static environment is virtually impossible.

    Enormous amounts of IT budget are allocated to these changes each year. But once the project is over, how do you manage that change and ensure the systems are being used? Planning your technology adoption is vital.

    Common Obstacles

    The obstacles to technology adoption can be many and various, covering a broad spectrum of areas including:

    • Reluctance of staff to let go of familiar processes and procedures.
    • Perception that any change will add complications but not add value, thereby hampering enthusiasm to adopt.
    • Lack of awareness of the change.
    • General fear of change.
    • Lack of personal confidence.

    Info-Tech’s Approach

    Start by identifying, understanding, categorizing, and defining barriers and put in place a system to:

    • Gain an early understanding of the different types of users and their attitudes to technology and change.
    • Review different adoption techniques and analyze which are most appropriate for your user types.
    • Use a “Follow the Leader” approach, by having technical enthusiasts and champions to show the way.
    • Prevent access to old systems and methods.

    Info-Tech Insight

    For every IT initiative that will be directly used by users, consider the question, “Will the final product be readily accepted by those who are going to use it?” There is no point in implementing a product that no one is prepared to use. Gaining user acceptance is much more than just ticking a box in a project plan once UAT is complete.

    The way change should happen is clear

    Prosci specializes in change. Its ADKAR model outlines what’s required to bring individuals along on the change journey.

    AWARENESS

    • Awareness means more than just knowing there’s a change occurring,
    • it means understanding the need for change.

    DESIRE

    • To achieve desire, there needs to be motivation, whether it be from an
    • organizational perspective or personal.

    KNOWLEDGE

    • Both knowledge on how to train during the transition and knowledge
    • on being effective after the change are required. This can only be done
    • once awareness and desire are achieved.

    ABILITY

    • Ability is not knowledge. Knowing how to do something doesn’t necessarily translate to having the skills to do it.

    REINFORCEMENT

    • Without reinforcement there can be a tendency to revert.

    When things go wrong

    New technology is not being used

    The project is seen as complete. Significant investments have been made, but the technology either isn’t being used or is only partially in use.

    Duplicate systems are now in place

    Even worse. The failure to adopt the new technology by some means that the older systems are still being used. There are now two systems that fail to interact; business processes are being affected and there is widespread confusion.

    Benefits not being realized

    Benefits promised to the business are not being realized. Projected revenue increases, savings, or efficiencies that were forecast are now starting to be seen as under threat.

    There is project blowout

    The project should be over, but the fact that the technology is not being used has created a perception that the implementation is not complete and the project needs to continue.

    Info-Tech Insight

    People are far more complicated than any technology being implemented.

    Consider carefully your approach.

    Why does it happen?

    POOR COMMUNICATION

    There isn’t always adequate communications about what’s changing in the workplace.

    FEAR

    Fear of change is natural and often not rational. Whether the fear is about job loss or not being able to adapt to change; it needs to be managed.

    TRAINING

    Training can be insufficient or ineffective and when this happens people are left feeling like they don’t have the skills to make the change.

    LACK OF EXECUTIVE SUPPORT

    A lack of executive support for change means the change is seen as less important.

    CONFLICTING VIEWS OF CHANGE

    The excitement the project team and business feels about the change is not necessarily shared throughout the business. Some may just see the change as more work, changing something that already works, or a reason to reduce staff levels.

    LACK OF CONFIDENCE

    Whether it’s a lack of confidence generally with technology or concern about a new or changing tool, a lack of confidence is a huge barrier.

    BUDGETARY CONSTRAINTS

    There is a cost with managing people during a change, and budget must be allocated to allow for it.

    Communications

    Info-Tech Insight

    Since Sigmund Freud there has been endless work to understand people’s minds.
    Don’t underestimate the effect that people’s reactions to change can have on your project.

    This is a Kubler-ross change curve graph, plotting the following Strategies: Create Alignment; Maximize Communication; Spark Motivation; Develop Capability; Share Knowledge

    Communication plans are designed to properly manage change. Managing change can be easier when we have the right tools and information to adapt to new circumstances. The Kubler-Ross change curve illustrates the expected steps on the path to acceptance of change. With the proper communications strategy, each can be managed appropriately

    Analyst perspective

    Paul Binns – Principal Research Advisor, Info-Tech

    The rapidly changing technology landscape in our world has always meant that an enthusiasm or willingness to embrace change has been advantageous. Many of us have seen how the older generation has struggled with that change and been left behind.

    In the work environment, the events of the past two years have increased pressure on those slow to adopt as in many cases they couldn't perform their tasks without new tools. Previously, for example, those who may have been reluctant to use digital tools and would instead opt for face-to-face meetings, suddenly found themselves without an option as physical meetings were no longer possible. Similarly, digital collaboration tools that had been present in the market for some time were suddenly more heavily used so everyone could continue to work together in the “online world.”

    At this stage no one is sure what the "new normal" will be in the post-pandemic world, but what has been clearly revealed is that people are prepared to change given the right motivation.

    “Technology adoption is about the psychology of change.”
    Bryan Tutor – Executive Counsellor, Info-Tech

    The Fix

    • Categorize Users
      • Gain a clear understanding of your user types.
    • Identify Adoption Techniques
      • Understand the range of different tools and techniques available.
    • Match Techniques To Categories
      • Determine the most appropriate techniques for your user base.
    • Follow-the-Leader
      • Be aware of the different skills in your environment and use them to your advantage.
    • Refresh, Retrain, Restrain
      • Prevent reversion to old methods or systems.

    Categories

    Client-Driven Insight

    Consider your staff and industry when looking at the Everett Rogers curve. A technology organization may have less laggards than a traditional manufacturing one.

    In Everett Rogers’ book Diffusion of Innovations 5th Edition (Free Press, 2005), Rogers places adopters of innovations into five different categories.

    This is an image of an Innovation Adoption Curve from Everett Rogers' book Diffusion of Innovations 5th Edition

    Category 1: The Innovator – 2.5%

    Innovators are technology enthusiasts. Technology is a central interest of theirs, either at work, at home, or both. They tend to aggressively pursue new products and technologies and are likely to want to be involved in any new technology being implemented as soon as possible, even before the product is ready to be released.

    For people like this the completeness of the new technology or the performance can often be secondary because of their drive to get new technology as soon as possible. They are trailblazers and are not only happy to step out of their comfort zone but also actively seek to do so.

    Although they only make up about 2.5% of the total, their enthusiasm, and hopefully endorsement of new technology, offers reassurance to others.

    Info-Tech Insight

    Innovators can be very useful for testing before implementation but are generally more interested in the technology itself rather than the value the technology will add to the business.

    Category 2: The Early Adopter – 13.5%

    Whereas Innovators tend to be technologists, Early Adopters are visionaries that like to be on board with new technologies very early in the lifecycle. Because they are visionaries, they tend to be looking for more than just improvement – a revolutionary breakthrough. They are prepared to take high risks to try something new and although they are very demanding as far as product features and performance are concerned, they are less price-sensitive than other groups.

    Early Adopters are often motivated by personal success. They are willing to serve as references to other adopter groups. They are influential, seen as trendsetters, and are of utmost importance to win over.

    Info-Tech Insight

    Early adopters are key. Their enthusiasm for technology, personal drive, and influence make them a powerful tool in driving adoption.

    Category 3: The Early Majority – 34%

    This group is comprised of pragmatists. The first two adopter groups belong to early adoption, but for a product to be fully adopted the mainstream needs to be won over, starting with the Early Majority.

    The Early Majority share some of the Early Adopters’ ability to relate to technology. However, they are driven by a strong sense of practicality. They know that new products aren’t always successful. Consequently, they are content to wait and see how others fare with the technology before investing in it themselves. They want to see well-established references before adopting the technology and to be shown there is no risk.

    Because there are so many people in this segment (roughly 34%), winning these people over is essential for the technology to be adopted.

    Category 4: The Late Majority – 34%

    The Late Majority are the conservatives. This group is generally about the same size as the Early Majority. They share all the concerns of the Early Majority; however, they are more resistant to change and are more content with the status quo than eager to progress to new technology. People in the Early Majority group are comfortable with their ability to handle new technology. People in the Late Majority are not.

    As a result, these conservatives prefer to wait until something has become an established standard and take part only at the end of the adoption period. Even then, they want to see lots of support and ensure that there is proof there is no risk in them adopting it.

    Category 5: The Laggard – 16%

    This group is made up of the skeptics and constitutes 16% of the total. These people want nothing to do with new technology and are generally only content with technological change when it is invisible to them. These skeptics have a strong belief that disruptive new technologies rarely deliver the value promised and are almost always worried about unintended consequences.

    Laggards need to be dealt with carefully as their criticism can be damaging and without them it is difficult for a product to become fully adopted. Unfortunately, the effort required for this to happen is often disproportional to the size of the group.

    Info-Tech Insight

    People aren’t born laggards. Technology projects that have failed in the past can alter people’s attitudes, especially if there was a negative impact on their working lives. Use empathy when dealing with people and respect their hesitancy.

    Adoption Techniques

    Different strokes for different folks

    Technology adoption is all about people; and therefore, the techniques required to drive that adoption need to be people oriented.

    The following techniques are carefully selected with the intention of being impactful on all the different categories described previously.

    Technology Adoption: Herd Mentality; Champions; Force; Group Training; One-on-One; Contests; Marketing; Proof of Concept; Train the Trainer

    There are multitudes of different methods to get people to adopt new technology, but which is the most appropriate for your situation? Generally, it’s a combination.

    Technology Adoption: Herd Mentality; Champions; Force; Group Training; One-on-One; Contests; Marketing; Proof of Concept; Train the Trainer

    Train the Trainer

    Use your staff to get your message across.

    Abstract

    This technique involves training key members of staff so they can train others. It is important that those selected are strong communicators, are well respected by others, and have some expertise in technology.

    Advantages

    • Cost effective
    • Efficient dissemination of information
    • Trusted internal staff

    Disadvantages

    • Chance of inconsistent delivery
    • May feel threatened by co-worker

    Best to worst candidates

    • Early Adopter: Influential trendsetters. Others receptive of their lead.
    • Innovator: Comfortable and enthusiastic about new technology, but not necessarily a trainer.
    • Early Majority: Tendency to take others’ lead.
    • Late Majority: Risk averse and tend to follow others, only after success is proven.
    • Laggard: Last to adopt usually. Unsuitable as Trainer.

    Marketing

    Marketing should be continuous throughout the change to encourage familiarity.

    Abstract

    Communication is key as people are comfortable with what is familiar to them. Marketing is an important tool for convincing adopters that the new product is mainstream, widely adopted and successful.

    Advantages

    • Wide communication
    • Makes technology appear commonplace
    • Promotes effectiveness of new technology

    Disadvantages

    • Reliant on staff interest
    • Can be expensive

    Best to worst candidates

    • Early Majority: Pragmatic about change. Marketing is effective encouragement.
    • Early Adopter: Receptive and interested in change. Marketing is supplemental.
    • Innovator: Actively seeks new technology. Does not need extensive encouragement.
    • Late Majority: Requires more personal approach.
    • Laggard: Resistant to most enticements.

    One-on-One

    Tailored for individuals.

    Abstract

    One-on-one training sometimes is the only way to train if you have staff with special needs or who are performing unique tasks.
    It is generally highly effective but inefficient as it only addresses individuals.

    Advantages

    • Tailored to specific need(s)
    • Only relevant information addressed
    • Low stress environment

    Disadvantages

    • Expensive
    • Possibility of inconsistent delivery
    • Personal conflict may render it ineffective

    Best to worst candidates

    • Laggard: Encouragement and cajoling can be used during training.
    • Late Majority: Proof can be given of effectiveness of new product.
    • Early Majority: Effective, but not cost efficient.
    • Early Adopter: Effective, but not cost-efficient.
    • Innovator: Effective, but not cost-efficient.

    Group Training

    Similar roles, attitudes, and abilities.

    Abstract

    Group training is one of the most common methods to start people on their journey toward new technology. Its effectiveness with the two largest groups, Early Majority and Late Majority, make it a primary tool in technology adoption.

    Advantages

    • Cost effective
    • Time effective
    • Good for team building

    Disadvantages

    • Single method may not work for all
    • Difficult to create single learning pace for all

    Best to worst candidates

    • Early Majority: Receptive. The formality of group training will give confidence.
    • Late Majority: Conservative attitude will be receptive to traditional training.
    • Early Adopter: Receptive and attentive. Excited about the change.
    • Innovator: Will tend to want to be ahead or want to move ahead of group.
    • Laggard: Laggards in group training may have a negative impact.

    Force

    The last resort.

    Abstract

    The transition can’t go on forever.

    At some point the new technology needs to be fully adopted and if necessary, force may have to be used.

    Advantages

    • Immediate full transition
    • Fixed delivery timeline

    Disadvantages

    • Alienation of some staff
    • Loss of faith in product if there are issues

    Best to worst candidates

    • Laggard: No choice but to adopt. Forces the issue.
    • Late Majority: Removes issue of reluctance to change.
    • Early Majority: Content, but worried about possible problems.
    • Early Adopter: Feel less personal involvement in change process.
    • Innovator: Feel less personal involvement in change process.

    Contests

    Abstract

    Contests can generate excitement and create an explorative approach to new technology. People should not feel pressured. It should be enjoyable and not compulsory.

    Advantages

    • Rapid improvement of skills
    • Bring excitement to the new technology
    • Good for team building

    Disadvantages

    • Those less competitive or with lower skills may feel alienated
    • May discourage collaboration

    Best to worst candidates

    • Early Adopter: Seeks personal success. Risk taker. Effective.
    • Innovator: Enthusiastic to explore limits of technology.
    • Early Majority: Less enthusiastic. Pragmatic. Less competitive.
    • Late Majority: Conservative. Not enthusiastic about new technology.
    • Laggard: Reluctant to get involved.

    Incentives

    Incentives don’t have to be large.

    Abstract

    For some staff, merely taking management’s lead is not enough. Using “Nudge” techniques to give that extra incentive is quite effective. Incentivizing staff either financially or through rewards, recognition, or promotion is a successful adoption technique for some.

    Advantages

    Encouragement to adopt from receiving tangible benefit

    Draws more attention to the new technology

    Disadvantages

    Additional expense to business or project

    Possible poor precedent for subsequent changes

    Best to worst candidates

    Early Adopter: Desire for personal success makes incentives enticing.

    Early Majority: Prepared to change, but extra incentive will assist.

    Late Majority: Conservative attitude means incentive may need to be larger.

    Innovator: Enthusiasm for new technology means incentive not necessary.

    Laggard: Sceptical about change. Only a large incentive likely to make a difference.

    Champions

    Strong internal advocates for your new technology are very powerful.

    Abstract

    Champions take on new technology and then use their influence to promote it in the organization. Using managers as champions to actively and vigorously promote the change is particularly effective.

    Advantages

    • Infectious enthusiasm encourages those who tend to be reluctant
    • Use of trusted internal staff

    Disadvantages

    • Removes internal staff from regular duties
    • Ineffective if champion not respected

    Best to worst candidates

    • Early Majority: Champions as references of success provide encouragement.
    • Late Majority: Management champions in particular are effective.
    • Laggard: Close contact with champions may be effective.
    • Early Adopter: Receptive of technology, less effective.
    • Innovator: No encouragement or promotion required.

    Herd Mentality

    Follow the crowd.

    Abstract

    Herd behavior is when people discount their own information and follow others. Ideally all adopters would understand the reason and advantages in adopting new technology, but practically, the result is most important.

    Advantages

    • New technology is adopted without question
    • Increase in velocity of adoption

    Disadvantages

    • Staff may not have clear understanding of the reason for change and resent it later
    • Some may adopt the change before they are ready to do so

    Best to worst candidates

    • Early Majority: Follow others’ success.
    • Late Majority: Likely follow an established proven standard.
    • Early Adopter: Less effective as they prefer to set trends rather than follow.
    • Innovator: Seeks new technology rather than following others.
    • Laggard: Suspicious and reluctant to change.

    Proof of Concepts

    Gain early input and encourage buy-in.

    Abstract

    Proof of concept projects give early indications of the viability of a new initiative. Involving the end users in these projects can be beneficial in gaining their support

    Advantages

    Involve adopters early on

    Valuable feedback and indications of future issues

    Disadvantages

    If POC isn’t fully successful, it may leave lingering negativity

    Usually, involvement from small selection of staff

    Best to worst candidates

    • Innovator: Strong interest in getting involved in new products.
    • Early Adopter: Comfortable with new technology and are influencers.
    • Early Majority: Less interest. Prefer others to try first.
    • Late Majority: Conservative attitude makes this an unlikely option.
    • Laggard: Highly unlikely to get involved.

    Match techniques to categories

    What works for who?

    This clustered column chart categorizes techniques by category

    Follow the leader

    Engage your technology enthusiasts early to help refine your product, train other staff, and act as champions. A combination of marketing and group training will develop a herd mentality. Finally, don’t neglect the laggards as they can prevent project completion.

    This is an inverted funnel chart with the output of: Change Destination.  The inputs are: 16% Laggards; 34% Late Majority; 34% Early Majority; 13.3% Early Adopters; 2% Innovators

    Info-Tech Insight

    Although there are different size categories, none can be ignored. Consider your budget when dealing with smaller groups, but also consider their impact.

    Refresh, retrain, restrain

    We don’t want people to revert.

    Don’t assume that because your staff have been trained and have access to the new technology that they will keep using it in the way they were trained. Or that they won’t revert back to their old methods or system.

    Put in place methods to remove completely or remove access to old systems. Schedule refresh training or skill enhancement sessions and stay vigilant.

    Research Authors

    Paul Binns

    Paul Binns

    Principal Research Advisor, Info-Tech Research Group

    With over 30 years in the IT industry, Paul brings to his work his experience as a Strategic Planner, Consultant, Enterprise Architect, IT Business Owner, Technologist, and Manager. Paul has worked with both small and large companies, local and international, and has had senior roles in government and the finance industry.

    Scott Young

    Scott Young

    Principal Research Advisor, Info-Tech Research Group

    Scott Young is a Director of Infrastructure Research at Info-Tech Research Group. Scott has worked in the technology field for over 17 years, with a strong focus on telecommunications and enterprise infrastructure architecture. He brings extensive practical experience in these areas of specialization, including IP networks, server hardware and OS, storage, and virtualization.

    Related Info-Tech Research

    User Group Analysis Workbook

    Use Info-Tech’s workbook to gather information about user groups, business processes, and day-to-day tasks to gain familiarity with your adopters.

    Governance and Management of Enterprise Software Implementation

    Use our research to engage users and receive timely feedback through demonstrations. Our iterative methodology with a task list focused on the business’ must-have functionality allows staff to return to their daily work sooner.

    Quality Management User Satisfaction Survey

    This IT satisfaction survey will assist you with early information to use for categorizing your users.

    Master Organizational Change Management Practices

    Using a soft, empathetic approach to change management is something that all PMOs should understand. Use our research to ensure you have an effective OCM plan that will ensure project success.

    Bibliography

    Beylis, Guillermo. “COVID-19 accelerates technology adoption and deepens inequality among workers in Latin America and the Caribbean.” World Bank Blogs, 4 March 2021. Web.

    Cleland, Kelley. “Successful User Adoption Strategies.” Insight Voices, 25 Apr. 2017. Web.

    Hiatt, Jeff. “The Prosci ADKAR ® Model.” PROSCI, 1994. Web.

    Malik, Priyanka. “The Kübler Ross Change Curve in the Workplace.” whatfix, 24 Feb. 2022. Web.

    Medhaugir, Tore. “6 Ways to Encourage Software Adoption.” XAIT, 9 March 2021. Web.

    Narayanan, Vishy. “What PwC Australia learned about fast tracking tech adoption during COVID-19” PWC, 13 Oct. 2020. Web.

    Sridharan, Mithun. “Crossing the Chasm: Technology Adoption Lifecycle.” Think Insights, 28 Jun 2022. Web.

    Manage the Active Directory in the Service Desk

    • Buy Link or Shortcode: {j2store}489|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.
    • Adding permissions without removing them in lateral transfers creates access issues, especially when regulatory requirements like HIPAA require tight controls.
    • With the importance of maintaining and granting permissions within the Active Directory, organizations are hesitant to grant domain admin access to Tier 1 of the service desk. However, inundating Tier 2 analysts with requests to grant permissions takes away project time.

    Our Advice

    Critical Insight

    • Do not treat the Active Directory like a black box. Strive for accurate data and be proactive by managing your monitoring and audit schedules.
    • Catch outage problems before they happen by splitting monitoring tasks between daily, weekly, and monthly routines.
    • Shift left to save resourcing by employing workflow automation or scripted authorization for Tier 1 technicians.
    • Design actionable metrics to monitor and manage your Active Directory.

    Impact and Result

    • Consistent and right-sized monitoring and updating of the Active Directory is key to clean data.
    • Split monitoring activities between daily, weekly, and monthly checklists to raise efficiency.
    • If need be, shift-left strategies can be implemented for identity and access management by scripting the process so that it can be done by Tier 1 technicians.

    Manage the Active Directory in the Service Desk Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should manage your Active Directory in the service desk, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Maintain your Active Directory with clean data

    Building and maintaining your Active Directory does not have to be difficult. Standardized organization and monitoring with the proper metrics help you keep your data accurate and up to date.

    • Active Directory Standard Operating Procedure
    • Active Directory Metrics Tool

    2. Structure your service desk Active Directory processes

    Build a comprehensive Active Directory workflow library for service desk technicians to follow.

    • Active Directory Process Workflows (Visio)
    • Active Directory Process Workflows (PDF)
    [infographic]

    Enterprise Architecture

    • Buy Link or Shortcode: {j2store}43|cart{/j2store}
    • Related Products: {j2store}43|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.2/10
    • member rating average dollars saved: $28,368
    • member rating average days saved: 24
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: service-planning-and-architecture
    Demystify enterprise architecture value with key metrics.

    Application Maintenance

    • Buy Link or Shortcode: {j2store}30|cart{/j2store}
    • Related Products: {j2store}30|crosssells{/j2store}
    • member rating overall impact (scale of 10): 10.0/10
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Applications
    • Parent Category Link: /applications

    The challenge

    • If you work with application maintenance or operations teams that handle the "run" of your applications, you may find that the sheer volume and variety of requests create large backlogs.
    • Your business and product owners may want scrum or DevOps teams to work on new functionality rather than spend effort on lifecycle management.
    • Increasing complexity and increasing reliance on technology may create unrealistic expectations for your maintenance teams. Business applications must be available around the clock, and new feature roadmaps cannot be side-tracked by maintenance.

    Our advice

    Insight

    • Improving maintenance focus may mean doing less work but create more value. Your teams need to be realistic about what commitments they take—balance maintenance with business value and risk levels.
    • Treat maintenance the same as any other development practice. Use the same intake and prioritization practices. Uphold the same quality standards.

    Impact and results 

    • Justify the necessity of streamlined and regular maintenance. Understand each stakeholder's objectives and concerns, validate them against your staff's current state, processes, and technologies involved.
    • Maintenance and risk go hand in hand. And the business wants to move forward all the time as well. Strengthen your prioritization practice. Use a holistic view of the business and technical impacts, risks, urgencies across the maintenance needs and requests. That allows you to justify their respective positions in the overall development backlog. Identify opportunities to bring some requirements and features together.
    • Build a repeatable process with appropriate governance around it. Ensure that people know their roles and responsibilities and are held accountable.
    • Instill development best-practices into your maintenance processes.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started.

    Read our executive brief to understand everyday struggles regarding application maintenance, the root causes, and our methodology to overcome these. We show you how we can support you.

    Understand your maintenance priorities

    Identify your stakeholders and understand their drivers.

    • Streamline Application Maintenance – Phase 1: Assess the Current Maintenance Landscape (ppt)
    • Application Maintenance Operating Model Template (doc)
    • Application Maintenance Resource Capacity Assessment (xls)
    • Application Maintenance Maturity Assessment (xls)

    Define and employ maintenance governance

    Identify the right level of governance appropriate to your company and business context for your application maintenance. That ensures that people uphold standards across maintenance practices.

    • Streamline Application Maintenance – Phase 2: Develop a Maintenance Release Schedule (ppt)

    Enhance your prioritization practices

    Most companies cannot do everything for all applications and systems. Build your maintenance triage and prioritization rules to safeguard your company, maximize business value generation and IT risks and requirements.

    • Streamline Application Maintenance – Phase 3: Optimize Maintenance Capabilities (ppt)

    Streamline your maintenance delivery

    Define quality standards in maintenance practices. Enforce these in alignment with the governance you have set up. Show a high degree of transparency and open discussions on development challenges.

    • Streamline Application Maintenance – Phase 4: Streamline Maintenance Delivery (ppt)
    • Application Maintenance Business Case Presentation Document (ppt)

     

     

    Create a Work-From-Anywhere Strategy

    • Buy Link or Shortcode: {j2store}323|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 33 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    Work-from-anywhere isn’t going anywhere. During the initial rush to remote work, tech debt was highlighted and the business lost faith in IT. IT now needs to:

    • Rebuild trust with the CXO.
    • Identify gaps created from the COVID-19 rush to remote work.
    • Identify how IT can better support remote workers.

    IT went through an initial crunch to enable remote work. It’s time to be proactive and learn from our mistakes.

    Our Advice

    Critical Insight

    • It’s not about embracing the new normal; it’s about resiliency and long-term success. Your strategy needs to not only provide short-term operational value but also make the organization more resilient for the unknown risks of tomorrow.
    • The nature of work has fundamentally changed. IT departments must ensure service continuity, not for how the company worked in 2019, but for how the company is working now and will be working tomorrow.
    • Ensure short-term survival. Don’t focus on becoming an innovator until you are no longer stuck in firefighting.
    • Aim for near-term innovation. Once you’re a trusted operator, become a business partner by helping the business better adapt business processes and operations to work-from-anywhere.

    Impact and Result

    Follow these steps to build a work-from-anywhere strategy that resonates with the business:

    • Identify a vision that aligns with business goals.
    • Design the work-from-anywhere value proposition for critical business roles.
    • Benchmark your current maturity.
    • Build a roadmap for bridging the gap.

    Benefit employees’ remote working experience while ensuring that IT heads in a strategic direction.

    Create a Work-From-Anywhere Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create a work-from-anywhere strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define a target state

    Identify a vision that aligns with business goals, not for how the company worked in 2019, but for how the company is working now and will be working tomorrow.

    • Work-From-Anywhere Strategy Template
    • Work-From-Anywhere Value Proposition Template

    2. Analyze current fitness

    Don’t focus on becoming an innovator until you are no longer stuck in firefighting mode.

    3. Build a roadmap for improving enterprise apps

    Use these blueprints to improve your enterprise app capabilities for work-from-anywhere.

    • Microsoft Teams Cookbook – Sections 1-2
    • Rationalize Your Collaboration Tools – Phases 1-3
    • Adapt Your Customer Experience Strategy to Successfully Weather COVID-19 Storyboard
    • The Rapid Application Selection Framework Deck

    4. Build a roadmap for improving strategy, people & leadership

    Use these blueprints to improve IT’s strategy, people & leadership capabilities for work-from-anywhere.

    • Define Your Digital Business Strategy – Phases 1-4
    • Training Deck: Equip Managers to Effectively Manage Virtual Teams
    • Sustain Work-From-Home in the New Normal Storyboard
    • Develop a Targeted Flexible Work Program for IT – Phases 1-3
    • Maintain Employee Engagement During the COVID-19 Pandemic Storyboard
    • Adapt Your Onboarding Process to a Virtual Environment Storyboard
    • Manage Poor Performance While Working From Home Storyboard
    • The Essential COVID-19 Childcare Policy for Every Organization, Yesterday Storyboard

    5. Build a roadmap for improving infrastructure & operations

    Use these blueprints to improve infrastructure & operations capabilities for work-from-anywhere.

    • Stabilize Infrastructure & Operations During Work-From-Anywhere – Phases 1-3
    • Responsibly Resume IT Operations in the Office – Phases 1-5
    • Execute an Emergency Remote Work Plan Storyboard
    • Build a Digital Workspace Strategy – Phases 1-3

    6. Build a roadmap for improving IT security & compliance capabilities

    Use these blueprints to improve IT security & compliance capabilities for work-from-anywhere.

    • Cybersecurity Priorities in Times of Pandemic Storyboard
    • Reinforce End-User Security Awareness During Your COVID-19 Response Storyboard

    Infographic

    Workshop: Create a Work-From-Anywhere Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define a Target State

    The Purpose

    Define the direction of your work-from-anywhere strategy and roadmap.

    Key Benefits Achieved

    Base your decisions on senior leadership and user needs.

    Activities

    1.1 Identify drivers, benefits, and challenges.

    1.2 Perform a goals cascade to align benefits to business needs.

    1.3 Define a vision and success metrics.

    1.4 Define the value IT brings to work-from-anywhere.

    Outputs

    Desired benefits for work-from-anywhere

    Vision statement

    Mission statement

    Success metrics

    Value propositions for in-scope user groups

    2 Review In-Scope Capabilities

    The Purpose

    Focus on value. Ensure that major applications and IT capabilities will relieve employees’ pains and provide them with gains.

    Key Benefits Achieved

    Learn from past mistakes and successes.

    Increase adoption of resulting initiatives.

    Activities

    2.1 Review work-from-anywhere framework and identify capability gaps.

    2.2 Review diagnostic results to identify satisfaction gaps.

    2.3 Record improvement opportunities for each capability.

    2.4 Identify deliverables and opportunities to provide value for each.

    2.5 Identify constraints faced by each capability.

    Outputs

    SWOT assessment of work-from-anywhere capabilities

    Projects and initiatives to improve capabilities

    Deliverables and opportunities to provide value for each capability

    Constraints with each capability

    3 Build the Roadmap

    The Purpose

    Build a short-term plan that allows you to iterate on your existing strengths and provide early value to your users.

    Key Benefits Achieved

    Provide early value to address operational pain points.

    Build a plan to provide near-term innovation and business value.

    Activities

    3.1 Organize initiatives into phases.

    3.2 Identify tasks for short-term initiatives.

    3.3 Estimate effort with Scrum Poker.

    3.4 Build a timeline and tie phases to desired business benefits.

    Outputs

    Prioritized list of initiatives and phases

    Profiles for short-term initiatives

    Strengthen the SSDLC for Enterprise Mobile Applications

    • Buy Link or Shortcode: {j2store}283|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Mobile Development
    • Parent Category Link: /mobile-development
    • CEOs see mobile for employees as their top mandate for upcoming technology innovation initiatives, making security a key competency for development.
    • Unsecure mobile applications can cause your employees to question the mobile applications’ integrity for handling sensitive data, limiting uptake.
    • Secure mobile development tends to be an afterthought, where vulnerabilities are tested for post-production rather than during the build process.
    • Developers lack the expertise, processes, and proper tools to effectively enhance applications for mobile security.

    Our Advice

    Critical Insight

    • Organizations currently react to security issues. Info-Tech recommends a proactive approach to ensure a secure software development life cycle (SSDLC) end-to-end.
    • Organizations currently lack the secure development practices to provide highly secure mobile applications that end users can trust.
    • Enable your developers with five key secure development techniques from Info-Tech’s development toolkit.

    Impact and Result

    • Embed secure development techniques into your SDLC.
    • Create a repeatable process for your developers to continually evaluate and optimize mobile application security for new threats and corresponding mitigation steps.
    • Build capabilities within your team based on Info-Tech’s framework by supporting ongoing security improvements through monitoring and metric analysis.

    Strengthen the SSDLC for Enterprise Mobile Applications Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should adopt secure development techniques for mobile application development, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess secure mobile development processes

    Determine the current security landscape of mobile application development.

    • Strengthen the SSDLC for Enterprise Mobile Applications – Phase 1: Assess Secure Mobile Development Practices
    • Systems Architecture Template
    • Mobile Application High-Level Design Requirements Template

    2. Implement and test secure mobile techniques

    Incorporate the various secure development techniques into current development practices.

    • Strengthen the SSDLC for Enterprise Mobile Applications – Phase 2: Implement and Test Secure Mobile Techniques

    3. Monitor and support secure mobile applications

    Create a roadmap for mobile optimization initiatives.

    • Strengthen the SSDLC for Enterprise Mobile Applications – Phase 3: Monitor and Support Secure Mobile Applications
    • Mobile Optimization Roadmap
    [infographic]

    Workshop: Strengthen the SSDLC for Enterprise Mobile Applications

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Your Secure Mobile Development Practices

    The Purpose

    Identification of the triggers of your secure mobile development initiatives.

    Assessment of the security vulnerabilities in your mobile applications from an end-user perspective.

    Identification of the execution of your mobile environment.

    Assessment of the mobile threats and vulnerabilities to your systems architecture.

    Prioritization of your mobile threats.

    Creation of your risk register.

    Key Benefits Achieved

    Key opportunity areas where a secure development optimization initiative can provide tangible benefits.

    Identification of security requirements.

    Prioritized list of security threats.

    Initial mobile security risk register created. 

    Activities

    1.1 Establish the triggers of your secure mobile development initiatives.

    1.2 Assess the security vulnerabilities in your mobile applications from an end-user perspective.

    1.3 Understand the execution of your mobile environment with a systems architecture.

    1.4 Assess the mobile threats and vulnerabilities to your systems architecture.

    1.5 Prioritize your mobile threats.

    1.6 Begin building your risk register.

    Outputs

    Mobile Application High-Level Design Requirements Document

    Systems Architecture Diagram

    2 Implement and Test Your Secure Mobile Techniques

    The Purpose

    Discovery of secure development techniques to apply to current development practices.

    Discovery of new user stories from applying secure development techniques.

    Discovery of new test cases from applying secure development techniques.

    Key Benefits Achieved

    Areas within your code that can be optimized for improving mobile application security.

    New user stories created in relation to mitigation steps.

    New test cases created in relation to mitigation steps.

    Activities

    2.1 Gauge the state of your secure mobile development practices.

    2.2 Identify the appropriate techniques to fill gaps.

    2.3 Develop user stories from security development gaps identified.

    2.4 Develop test cases from user story gaps identified.

    Outputs

    Mobile Application High-Level Design Requirements Document

    3 Monitor and Support Your Secure Mobile Applications

    The Purpose

    Identification of key metrics used to measure mobile application security issues.

    Identification of secure mobile application and development process optimization initiatives.

    Identification of enablers and blockers of your mobile security optimization.

    Key Benefits Achieved

    Metrics for measuring application security.

    Modified triaging process for addressing security issues.

    Initiatives for development optimization.

    Enablers and blockers identified for mobile security optimization initiatives.

    Process for developing your mobile optimization roadmap.

    Activities

    3.1 List the metrics that would be gathered to assess the success of your mobile security optimization.

    3.2 Adjust and modify your triaging process to enhance handling of security issues.

    3.3 Brainstorm secure mobile application and development process optimization initiatives.

    3.4 Identify the enablers and blockers of your mobile security optimization.

    3.5 Define your mobile security optimization roadmap.

    Outputs

    Mobile Optimization Roadmap

    Build an Extensible Data Warehouse Foundation

    • Buy Link or Shortcode: {j2store}342|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Big Data
    • Parent Category Link: /big-data
    • Data warehouse implementation is a costly and complex undertaking, and can end up not serving the business' needs appropriately.
    • Too heavy a focus on technology creates a data warehouse that isn’t sustainable and ends up with poor adoption.
    • Emerging data sources and technologies add complexity to how the appropriate data is made available to business users.

    Our Advice

    Critical Insight

    • A data warehouse is a project; but successful data warehousing is a program. An effective data warehouse requires planning beyond the technology implementation.
    • Governance, not technology needs to be the core support system for enabling a data warehouse program.
    • Understand business processes at the operational, tactical, and ad hoc levels to ensure a fit-for-purpose DW is built.

    Impact and Result

    • Leverage an approach that focuses on constructing a data warehouse foundation that is able to address a combination of operational, tactical, and ad hoc business needs.
    • Invest time and effort to put together pre-project governance to inform and provide guidance to your data warehouse implementation.
    • Develop “Rosetta Stone” views of your data assets to facilitate data modeling.
    • Select the most suitable architecture pattern to ensure the data warehouse is “built right” at the very beginning.

    Build an Extensible Data Warehouse Foundation Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why the data warehouse is becoming an important tool for driving business value, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Prepare for the data warehouse foundation project

    Begin the data warehouse foundation by defining the project and governance teams, as well as reviewing supporting data management practices.

    • Build an Extensible Data Warehouse Foundation – Phase 1: Prepare for the Data Warehouse Foundation Project
    • Data Warehouse Foundation Project Plan Template
    • Data Warehouse Work Breakdown Structure Template
    • Data (Warehouse) Architect
    • Data Integration Specialist
    • Business Intelligence Specialist
    • Director of Data Warehousing/Business Intelligence
    • Data Warehouse Program Charter Template
    • Data Warehouse Steering Committee Charter Template

    2. Establish the business drivers and data warehouse strategy

    Using the business activities as a guide, develop a data model, data architecture, and technology plan for a data warehouse foundation.

    • Build an Extensible Data Warehouse Foundation – Phase 2: Establish the Business Drivers and Data Warehouse Strategy
    • Business Data Catalog
    • Data Classification Inventory Tool
    • Data Warehouse Architecture Planning Tool
    • Master Data Mapping Tool

    3. Plan for data warehouse governance

    Start developing a data warehouse program by defining how users will interact with the new data warehouse environment.

    • Build an Extensible Data Warehouse Foundation – Phase 3: Plan for Data Warehouse Governance
    • Data Warehouse Standard Operating Procedures Template
    • Data Warehouse Service Level Agreement
    [infographic]

    Workshop: Build an Extensible Data Warehouse Foundation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Prepare for the Data Warehouse Foundation Project

    The Purpose

    Identify the members of the foundation project team.

    Define overarching statements and define success factors/risks.

    Outline basic project governance.

    Key Benefits Achieved

    Defined membership, roles, and responsibilities involved in the foundation project.

    Establishment of a steering committee as a starting point for the data warehouse program.

    Activities

    1.1 Identify foundation project team and create a RACI chart.

    1.2 Understand what a data warehouse can and cannot enable.

    1.3 Define critical success factors, key performance metrics, and project risks.

    1.4 Develop rough timelines for foundation project completion.

    1.5 Define the current and future states for key data management practices.

    Outputs

    Job Descriptions and RACI

    Data Warehouse Steering Committee Charter

    Data Warehouse Foundation Project Plan

    Work Breakdown Structure

    2 Establish the Business Drivers and Data Warehouse Strategy

    The Purpose

    Define the information needs of the business and its key processes.

    Create the components that will inform an appropriate data model.

    Design a data warehouse architecture model.

    Key Benefits Achieved

    Clear definition of business needs that will directly inform the data and architecture models.

    Activities

    2.1 Understand the most fundamental needs of the business.

    2.2 Define the data warehouse vision, mission, purpose, and goals.

    2.3 Detail the most important operational, tactical, and ad hoc activities the data warehouse should support.

    2.4 Link the processes that will be central to the data warehouse foundation.

    2.5 Walk through the four-column model and business entity modeling as a starting point for data modeling.

    2.6 Create data models using the business data glossary and data classification.

    2.7 Identify master data elements to define dimensions.

    2.8 Design lookup tables based on reference data.

    2.9 Create a fit-for-purpose data warehousing model.

    Outputs

    Data Warehouse Program Charter

    Data Warehouse Vision and Mission

    Documentation of Business Processes

    Business Entity Map

    Business Data Glossary

    Data Classification Scheme

    Data Warehouse Architecture Model

    3 Plan for Data Warehouse Governance

    The Purpose

    Create a plan for governing your data warehouse efficiently and effectively.

    Key Benefits Achieved

    Documentation of current standard operating procedures.

    Identified members of a data warehouse center of excellence.

    Activities

    3.1 Develop a technology capability map to visualize your desired state.

    3.2 Establish a data warehouse center of excellence.

    3.3 Create a data warehouse foundation roadmap.

    3.4 Define data warehouse service level agreements.

    3.5 Create standard operating procedures.

    Outputs

    Technology Capability Map

    Project Roadmap

    Service Level Agreement

    Data Warehouse Standard Operating Procedure Workbook

    Reduce Manual Repetitive Work With IT Automation

    • Buy Link or Shortcode: {j2store}458|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $34,099 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • IT staff are overwhelmed with manual repetitive work.
    • You have little time for projects.
    • You cannot move as fast as the business wants.

    Our Advice

    Critical Insight

    • Optimize before you automate.
    • Foster an engineering mindset.
    • Build a process to iterate.

    Impact and Result

    • Begin by automating a few tasks with the highest value to score quick wins.
    • Define a process for rolling out automation, leveraging SDLC best practices.
    • Determine metrics and continually track the success of the automation program.

    Reduce Manual Repetitive Work With IT Automation Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why you should reduce manual repetitive work with IT automation.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify automation candidates

    Select the top automation candidates to score some quick wins.

    • Reduce Manual Repetitive Work With IT Automation – Phase 1: Identify Automation Candidates
    • IT Automation Presentation
    • IT Automation Worksheet

    2. Map and optimize process flows

    Map and optimize process flows for each task you wish to automate.

    • Reduce Manual Repetitive Work With IT Automation – Phase 2: Map & Optimize Process Flows

    3. Build a process for managing automation

    Build a process around managing IT automation to drive value over the long term.

    • Reduce Manual Repetitive Work With IT Automation – Phase 3: Build a Process for Managing Automation

    4. Build automation roadmap

    Build a long-term roadmap to enhance your organization's automation capabilities.

    • Reduce Manual Repetitive Work With IT Automation – Phase 4: Build Automation Roadmap
    • IT Automation Roadmap
    [infographic]

    Workshop: Reduce Manual Repetitive Work With IT Automation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Automation Candidates

    The Purpose

    Identify top candidates for automation.

    Key Benefits Achieved

    Plan to achieve quick wins with automation for early value.

    Activities

    1.1 Identify MRW pain points.

    1.2 Drill down pain points into tasks.

    1.3 Estimate the MRW involved in each task.

    1.4 Rank the tasks based on value and ease.

    1.5 Select top candidates and define metrics.

    1.6 Draft project charters.

    Outputs

    MRW pain points

    MRW tasks

    Estimate of MRW involved in each task

    Ranking of tasks for suitability for automation

    Top candidates for automation & success metrics

    Project charter(s)

    2 Map & Optimize Processes

    The Purpose

    Map and optimize the process flow of the top candidate(s).

    Key Benefits Achieved

    Requirements for automation of the top task(s).

    Activities

    2.1 Map process flows.

    2.2 Review and optimize process flows.

    2.3 Clarify logic and finalize future-state process flows.

    Outputs

    Current-state process flows

    Optimized process flows

    Future-state process flows with complete logic

    3 Build a Process for Managing Automation

    The Purpose

    Develop a lightweight process for rolling out automation and for managing the automation program.

    Key Benefits Achieved

    Ability to measure and to demonstrate success of each task automation, and of the program as a whole.

    Activities

    3.1 Kick off your test plan for each automation.

    3.2 Define process for automation rollout.

    3.3 Define process to manage your automation program.

    3.4 Define metrics to measure success of your automation program.

    Outputs

    Test plan considerations

    Automation rollout process

    Automation program management process

    Automation program metrics

    4 Build Automation Roadmap

    The Purpose

    Build a roadmap to enhance automation capabilities.

    Key Benefits Achieved

    A clear timeline of initiatives that will drive improvement in the automation program to reduce MRW.

    Activities

    4.1 Build a roadmap for next steps.

    Outputs

    IT automation roadmap

    Further reading

    Reduce Manual Repetitive Work With IT Automation

    Free up time for value-adding jobs.

    ANALYST PERSPECTIVE

    Automation cuts both ways.

    Automation can be very, very good, or very, very bad.
    Do it right, and you can make your life a whole lot easier.
    Do it wrong, and you can suffer some serious pain.
    All too often, automation is deployed willy-nilly, without regard to the overall systems or business processes in which it lives.
    IT professionals should follow a disciplined and consistent approach to automation to ensure that they maximize its value for their organization.

    Derek Shank,
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Executive summary

    Situation

    • IT staff are overwhelmed with manual repetitive work.
    • You have little time for projects.
    • You cannot move as fast as the business wants.

    Complication

    • Automation is simple to say, but hard to implement.
    • Vendors claim automation will solve all your problems.
    • You have no process for managing automation.

    Resolution

    • Begin by automating a few tasks with the highest value to score quick wins.
    • Define a process for rolling out automation, leveraging SDLC best practices.
    • Determine metrics and continually track the success of the automation program.

    Info-Tech Insight

    1. Optimize before you automate.The current way isn’t necessarily the best way.
    2. Foster an engineering mindset.Your team members may not be process engineers, but they should learn to think like one.
    3. Build a process to iterate.Effective automation can't be a one-and-done. Define a lightweight process to manage your program.

    Infrastructure & operations teams are overloaded with work

    • DevOps and digital transformation initiatives demand increased speed.
    • I&O is still tasked with security and compliance and audit.
    • I&O is often overloaded and unable to keep up with demand.

    Manual repetitive work (MRW) sucks up time

    • Manual repetitive work is a fact of life in I&O.
    • DevOps circles refer to this type of work simply as “toil.”
    • Toil is like treading water: it must be done, but it consumes precious energy and effort just to stay in the same place.
    • Some amount of toil is inevitable, but it's important to measure and cap toil, so it does not end up overwhelming your team's whole capacity for engineering work.

    Info-Tech Insight

    Follow our methodology to focus IT automation on reducing toil.

    Manual hand-offs create costly delays

    • Every time there is a hand-off, we lose efficiency and productivity.
    • In addition to the cost of performing manual work itself, we must also consider the impact of lost productivity caused by the delay of waiting for that work to be performed.

    Every queue is a tire fire

    Queues create waste and are extremely damaging. Like a tire fire, once you get started, they’re almost impossible to stamp out!

    Increase queues if you want

    • “More overhead”
    • “Lower quality”
    • “More variability”
    • “Less motivation”
    • “Longer cycle time”
    • “Increased risk”

    (Source: Edwards, citing Donald G. Reinersten: The Principles of Product Development Flow: Second Generation Lean Product Development )

    Increasing complexity makes I&O’s job harder

    Every additional layer of complexity multiplies points of failure. Beyond a certain level of complexity, troubleshooting can become a nightmare.

    Today, Operations is responsible for the outcomes of a full stack of a very complex, software-defined, API-enabled system running on infrastructure they may or may not own.
    – Edwards

    Growing technical debt means an ever-rising workload

    • Enterprises naturally accumulate technical debt.
    • All technology requires care and feeding.
    • I&O cannot control how much technology it’s expected to support.
    • I&O faces a larger and larger workload as technical debt accumulates.

    The systems built under each new technology paradigm never fully replace the systems built under the old paradigms. It’s not uncommon for an enterprise to have an accumulation of systems built over 10-15 years and have no budget, risk appetite, or even a viable path to replace them all. With each shift, who bares [SIC] the brunt of the responsibility for making sure the old and the new hang together? Operations, of course. With each new advance, Operations juggles more complexity and more layers of legacy technologies than ever before.
    – Edwards

    Most IT shops can’t have a dedicated engineering team

    • In most organizations, the team that builds things is best equipped to support them.
    • Often the knowledge to design systems and the knowledge to run those systems naturally co-exists in the same personnel resources.
    • When your I&O team is trying to do engineering work, they can end up frequently interrupted to perform operational tasks.
    A Venn Diagram is depicted which compares People who build things with People who run things. the two circles are almost completely overlapping, indicating the strong connection between the two groups.

    Personnel resources in most IT organizations overlap heavily between “build” and “run.”

    IT operations must become an engineering practice

    • Usually you can’t double your staff or double their hours.
    • IT professionals must become engineers.
    • We do this by automating manual repetitive work and reducing toil.
    Two scenarios are depicted. The first scenario is found at a hypothetical work camp, in which one employee performs the task of manually splitting firewood with an axe. In order to split twice as much firewood, the employee would need to spend twice the time. The second scenario is Engineering Operations. in this scenario, a wood processor is used to automate the task, allowing far more wood to be split in same amount of time.

    Build your Sys Admin an Iron Man suit

    Some CIOs see a Sys Admin and want to replace them with a Roomba. I see a Sys Admin and want to build them an Iron Man suit.
    – Deepak Giridharagopal, CTO, Puppet

    Two Scenarios are depicted. In one, an employee is replaced by automation, represented by a Roomba, reducing costs by laying off a single employee. In the second scenario, the single employee is given automated tools to do their job, represented by an iron-man suit, leading to a 10X boost in employee productivity.

    Use automation to reduce risk

    Consistency

    When we automate, we can make sure we do something the same way every time and produce a consistent result.

    Auditing and Compliance

    We can design an automated execution that will ship logs that provide the context of the action for a detailed audit trail.

    Change

    • Enterprise environments are continually changing.
    • When context changes, so does the procedure.
    • You can update your docs all you want, but you can't make people read them before executing a procedure.
    • When you update the procedure itself, you can make sure it’s executed properly.

    Follow Info-Tech’s approach: Start small and snowball

    • It’s difficult for I&O to get the staffing resources it needs for engineering work.
    • Rather than trying to get buy-in for resources using a “top down” approach, Info-Tech recommends that I&O score some quick wins to build momentum.
    • Show success while giving your team the opportunity to build their engineering chops.

    Because the C-suite relies on upwards communication — often filtered and sanitized by the time it reaches them — executives don’t see the bottlenecks and broken processes that are stalling progress.
    – Andi Mann

    Info-Tech’s methodology employs a targeted approach

    • You aren’t going to automate IT operations end-to-end overnight.
    • In fact, such a large undertaking might be more effort than it’s worth.
    • Info-Tech’s methodology employs a targeted approach to identify which candidates will score some quick wins.
    • We’ll demonstrate success, gain momentum, and then iterate for continual improvement.

    Invest in automation to reap long-term rewards

    • All too often people think of automation like a vacuum cleaner you can buy once and then forget.
    • The reality is you need to perform care and feeding for automation like for any other process or program.
    • To reap the greatest rewards you must continually invest in automation – and invest wisely.

    To get the full ROI on your automation, you need to treat it like an employee. When you hire an employee, you invest in that person. You spend time and resources training and nurturing new employees so they can reach their full potential. The investment in a new employee is no different than your investment in automation.– Edwards

    Measure the success of your automation program

    Example of How to Estimate Dollar Value Impact of Automation
    Metric Timeline Target Value
    Hours of manual repetitive work 12 months 20% reduction $48,000/yr.(1)
    Hours of project capacity 18 months 30% increase $108,000/yr.(2)
    Downtime caused by errors 6 months 50% reduction $62,500/yr.(3)

    1 15 FTEs x 80k/yr.; 20% of time on MRW, reduced by 20%
    2 15 FTEs x 80k/yr.; 30% project capacity, increased by 30%
    3 25k/hr. of downtime.; 5 hours per year of downtime caused by errors

    Automating failover for disaster recovery

    CASE STUDY

    Industry Financial Services
    Source Interview

    Challenge

    An IT infrastructure manager had established DR failover procedures, but these required a lot of manual work to execute. His team lacked the expertise to build automation for the failover.

    Solution

    The manager hired consultants to build scripts that would execute portions of the failover and pause at certain points to report on outcomes and ask the human operator whether to proceed with the next step.

    Results

    The infrastructure team reduced their achievable RTOs as follows:
    Tier 1: 2.5h → 0.5h
    Tier 2: 4h → 1.5h
    Tier 3: 8h → 2.5h
    And now, anyone on the team could execute the entire failover!

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Reduce Manual Repetitive Work With IT Automation – project overview

    1. Select Candidates 2. Map Process Flows 3. Build Process 4. Build Roadmap
    Best-Practice Toolkit

    1.1 Identify MRW pain points

    1.2 Drill down pain points into tasks

    1.3 Estimate the MRW involved in each task

    1.4 Rank the tasks based on value and ease

    1.5 Select top candidates and define metrics

    1.6 Draft project charters

    2.1 Map process flows

    2.2 Review and optimize process flows

    2.3 Clarify logic and finalize future-state process flows

    3.1 Kick off your test plan for each automation

    3.2 Define process for automation rollout

    3.3 Define process to manage your automation program

    3.4 Define metrics to measure success of your automation program

    4.1 Build automation roadmap

    Guided Implementations

    Introduce methodology.

    Review automation candidates.

    Review success metrics.

    Review process flows.

    Review end-to-end process flows.

    Review testing considerations.

    Review automation SDLC.

    Review automation program metrics.

    Review automation roadmap.

    Onsite Workshop Module 1:
    Identify Automation Candidates
    Module 2:
    Map and Optimize Processes
    Module 3:
    Build a Process for Managing Automation
    Module 4:
    Build Automation Roadmap
    Phase 1 Results:
    Automation candidates and success metrics
    Phase 2 Results:
    End-to-end process flows for automation
    Phase 3 Results:
    Automation SDLC process, and automation program management process
    Phase 4 Results:
    Automation roadmap

    The Small Enterprise Guide to People and Resource Management

    • Buy Link or Shortcode: {j2store}602|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • 52% of small business owners agree that labor quality is their most important problem, and 76% of executives expect the talent market to get even more challenging.
    • The problem? You can't compete on salary, training budgets are slim, you need people skilled in all areas, and even one resignation represents a large part of your workforce.

    Our Advice

    Critical Insight

    • The usual, reactive approach to workforce management is risky:
      • Optimizing tactics helps you hire faster, train more, and negotiate better contracts.
      • But fulfilling needs as they arise costs more, has greater risk of failure, and leaves you unprepared for future needs.
    • In a small enterprise where every resource counts, in which one hire represents 10% of your workforce, it is essential to get it right.

    Impact and Result

    • Workforce planning helps you anticipate future needs.
    • More lead time means better decisions at lower cost.
    • Small Enterprises benefit most, since every resource counts.

    The Small Enterprise Guide to People and Resource Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The Small Enterprise Guide to People and Resource Management Deck – Find out why workforce planning is critical for small enterprises.

    Use this storyboard to lay the foundation of people and resources management practices in your small enterprise IT department.

    • The Small Enterprise Guide to People and Resource Management – Phases 1-3

    2. Workforce Planning Workbook – Use the tool to successfully complete all of the activities required to define and estimate your workforce needs for the future.

    Use these concise exercises to analyze your department’s talent current and future needs and create a skill sourcing strategy to fill the gaps.

    • Workforce Planning Workbook for Small Enterprises

    3. Knowledge Transfer Tools – Use these templates to identify knowledge to be transferred.

    Work through an activity to discover key knowledge held by an employee and create a plan to transfer that knowledge to a successor.

    • IT Knowledge Identification Interview Guide Template
    • IT Knowledge Transfer Plan Template

    4. Development Planning Tools – Use these tools to determine priority development competencies.

    Assess employees’ development needs and draft a development plan that fits with key organizational priorities.

    • IT Competency Library
    • Leadership Competencies Workbook
    • IT Employee Career Development Workbook
    • Individual Competency Development Plan
    • Learning Methods Catalog for IT Employees

    Infographic

    Workshop: The Small Enterprise Guide to People and Resource Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Lay Your Foundations

    The Purpose

    Set project direction and analyze workforce needs.

    Key Benefits Achieved

    Planful needs analysis ensures future workforce supports organizational goals.

    Activities

    1.1 Set workforce planning goals and success metrics.

    1.2 Identify key roles and competency gaps.

    1.3 Conduct a risk analysis to identify future needs.

    1.4 Determine readiness of internal successors.

    Outputs

    Work with the leadership team to:

    Extract key business priorities.

    Set your goals.

    Assess workforce needs.

    2 Create Your Workforce Plan

    The Purpose

    Conduct a skill sourcing analysis, and determine competencies to develop internally.

    Key Benefits Achieved

    A careful analysis ensures skills are being sourced in the most efficient way, and internal development is highly aligned with organizational objectives.

    Activities

    2.1 Determine your skill sourcing route.

    2.2 Determine priority competencies for development.

    Outputs

    Create a workforce plan.

    2.Determine guidelines for employee development.

    3 Plan Knowledge Transfer

    The Purpose

    Discover knowledge to be transferred, and build a transfer plan.

    Key Benefits Achieved

    Ensure key knowledge is not lost in the event of a departure.

    Activities

    3.1 Discover knowledge to be transferred.

    3.2 Identify the optimal knowledge transfer methods.

    3.3 Create a knowledge transfer plan.

    Outputs

    Discover tacit and explicit knowledge.

    Create a knowledge transfer roadmap.

    4 Plan Employee Development

    The Purpose

    Create a development plan for all staff.

    Key Benefits Achieved

    A well-structured development plan helps engage and retain employees while driving organizational objectives.

    Activities

    4.1 Identify target competencies & draft development goals

    4.2 Select development activities and schedule check-ins.

    4.3 Build manager coaching skills.

    Outputs

    Assess employees.

    Prioritize development objectives.

    Plan development activities.

    Build management skills.

    Further reading

    The Small Enterprise Guide to People and Resource Management

    Quickly start getting the right people, with the right skills, at the right time

    Is this research right for you?

    Research Navigation

    Managing the people in your department is essential, whether you have three employees or 300. Depending on your available time, resources, and current workforce management maturity, you may choose to focus on the overall essentials, or dive deep into particular areas of talent management. Use the questions below to help guide you to the right Info-Tech resources that best align with your current needs.

    Question If you answered "no" If you answered "yes"

    Does your IT department have fewer than 15 employees, and is your organization's revenue less than $25 million (USD)?

    Review Info-Tech's archive of research for mid-sized and large enterprise clients.

    Follow the guidance in this blueprint.

    Does your organization require a more rigorous and customizable approach to workforce management?

    Follow the guidance in this blueprint.

    Review Info-Tech's archive of research for mid-sized and large enterprise clients.

    Analyst Perspective

    Workforce planning is even more important for small enterprises than large organizations.

    It can be tempting to think of workforce planning as a bureaucratic exercise reserved for the largest and most formal of organizations. But workforce planning is never more important than in small enterprises, where every individual accounts for a significant portion of your overall productivity.

    Without workforce planning, organizations find themselves in reactive mode, hiring new staff as the need arises. They often pay a premium for having to fill a position quickly or suffer productivity losses when a critical role goes unexpectedly vacant.

    A workforce plan helps you anticipate these challenges, come up with solutions to mitigate them, and allocate resources for the most impact, which means a greater return on your workforce investment in the long run.

    This blueprint will help you accomplish this quickly and efficiently. It will also provide you with the essential development and knowledge transfer tools to put your plan into action.

    This is a picture of Jane Kouptsova

    Jane Kouptsova
    Senior Research Analyst, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    52% of small business owners agree that labor quality is their most important problem.1

    Almost half of all small businesses face difficulty due to staff turnover.

    76% of executives expect the talent market to get even more challenging.2

    Common Obstacles

    76% of executives expect workforce planning to become a top strategic priority for their organization.2

    But…

    30% of small businesses do not have a formal HR function.3

    Small business leaders are often left at a disadvantage for hiring and retaining the best talent, and they face even more difficulty due to a lack of support from HR.

    Small enterprises must solve the strategic workforce planning problem, but they cannot invest the same time or resources that large enterprises have at their disposal.

    Info-Tech's Approach

    A modular, lightweight approach to workforce planning and talent management, tailored to small enterprises

    Clear activities that guide your team to decisive action

    Founded on your IT strategy, ensuring you have not just good people, but the right people

    Concise yet comprehensive, covering the entire workforce lifecycle from competency planning to development to succession planning and reskilling

    Info-Tech Insight

    Every resource counts. When one hire represents 10% of your workforce, it is essential to get it right.

    1CNBC & SurveyMonkey. 2ADP. 3Clutch.

    Labor quality is small enterprise's biggest challenge

    The key to solving it is strategic workforce planning

    Strategic workforce planning (SWP) is a systematic process designed to identify and address gaps in today's workforce, including pinpointing the human capital needs of the future.

    Linking workforce planning with strategic planning ensures that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.

    SWP helps you understand the makeup of your current workforce and how well prepared it is or isn't (as the case may be) to meet future IT requirements. By identifying capability gaps early, CIOs can prepare to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.

    52%

    of small business owners agree that labor quality is their most important problem.1

    30%

    30% of small businesses have no formal HR function.2

    76%

    of senior leaders expect workforce planning to become the top strategic challenge for their organization.3

    1CNBC & SurveyMonkey. 2Clutch. 3ADP.

    Workforce planning matters more for small enterprises

    You know that staffing mistakes can cost your department dearly. But did you know the costs are greater for small enterprises?

    The price of losing an individual goes beyond the cost of hiring a replacement, which can range from 0.5 to 2 times that employee's salary (Gallup, 2019). Additional costs include loss of productivity, business knowledge, and team morale.

    This is a major challenge for large organizations, but the threat is even greater for small enterprises, where a single individual accounts for a large proportion of IT's productivity. Losing one of a team of 10 means 10% of your total output. If that individual was solely responsible for a critical function, your department now faces a significant gap in its capabilities. And the effect on morale is much greater when everyone is on the same close-knit team.

    And the threat continues when the staffing error causes you not to lose a valuable employee, but to hire the wrong one instead. When a single individual makes up a large percentage of your workforce, as happens on small teams, the effects of talent management errors are magnified.

    A group of 100 triangles is shown above a group of 10 triangles. In each group, one triangle is colored orange, and the rest are colored blue.

    Info-Tech Insight

    One bad hire on a team of 100 is a problem. One bad hire on a team of 10 is a disaster.

    This is an image of Info-Tech's small enterprise guide o people and resource management.

    Blueprint pre-step: Determine your starting point

    People and Resource management is essential for any organization. But depending on your needs, you may want to start at different stages of the process. Use this slide as a quick reference for how the activities in this blueprint fit together, how they relate to other workforce management resources, and the best starting point for you.

    Your IT strategy is an essential input to your workforce plan. It defines your destination, while your workforce is the vessel that carries you there. Ensure you have at least an informal strategy for your department before making major workforce changes, or review Info-Tech's guidance on IT strategy.

    This blueprint covers the parts of workforce management that occur to some extent in every organization:

    • Workforce planning
    • Knowledge transfer
    • Development planning

    You may additionally want to seek guidance on contract and vendor management, if you outsource some part of your workload outside your core IT staff.

    Track metrics

    Consider these example metrics for tracking people and resource management success

    Project Outcome Metric Baseline Target
    Reduced training costs Average cost of training (including facilitation, materials, facilities, equipment, etc.) per IT employee
    Reduced number of overtime hours worked Average hours billed at overtime rate per IT employee
    Reduced length of hiring period Average number of days between job ad posting and new hire start date
    Reduced number of project cancellations due to lack of capacity Total of number of projects cancelled per year
    Increased number of projects completed per year (project throughput) Total number of project completions per year
    Greater net recruitment rate Number of new recruits/Number of terminations and departures
    Reduced turnover and replacement costs Total costs associated with replacing an employee, including position coverage cost, training costs, and productivity loss
    Reduced voluntary turnover rate Number of voluntary departures/Total number of employees
    Reduced productivity loss following a departure or termination Team or role performance metrics (varies by role) vs. one year ago

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1:

    Scope requirements, objectives, and your specific challenges.

    Call #2: Assess current workforce needs.

    Call #4: Determine skill sourcing route.

    Call #6:

    Identify knowledge to be transferred.

    Call #8: Draft development goals and select activities.

    Call #3: Explore internal successor readiness.

    Call #5:Set priority development competencies.

    Call #7: Create a knowledge transfer plan.

    Call #9: Build managers' coaching & feedback skills.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 4 to 6 calls over the course of 3 to 4 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    1.Lay Your Foundations 2. Create Your Workforce Plan 3. Plan Knowledge Transfer 3. Plan Employee Development Next Steps and Wrap-Up (offsite)
    Activities

    1.1 Set workforce planning goals and success metrics

    1.2 Identify key roles and competency gaps

    1.3 Conduct a risk analysis to identify future needs

    1.4 Determine readiness of internal successors

    1.5 Determine your skill sourcing route

    1.6 Determine priority competencies for development

    3.1 Discover knowledge to be transferred

    3.2 Identify the optimal knowledge transfer methods

    3.3 Create a knowledge transfer plan

    4.1 Identify target competencies & draft development goals

    4.2 Select development activities and schedule check-ins

    4.3 Build manager coaching skills

    Outcomes

    Work with the leadership team to:

    1. Extract key business priorities
    2. Set your goals
    3. Assess workforce needs

    Work with the leadership team to:

    1. Create a workforce plan
    2. Determine guidelines for employee development

    Work with staff and managers to:

    1. Discover tacit and explicit knowledge
    2. Create a knowledge transfer roadmap

    Work with staff and managers to:

    1. Assess employees
    2. Prioritize development objectives
    3. Plan development activities
    4. Build management skills

    Info-Tech analysts complete:

    1. Workshop report
    2. Workforce plan record
    3. Action plan

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Each onsite day is structured with group working sessions from 9-11 a.m. and 1:30-3:30 p.m. and includes Open Analyst Timeslots, where our facilitators are available to expand on scheduled activities, capture and compile workshop results, or review additional components from our comprehensive approach.

    This is a calendar showing days 1-4, and times from 8am-5pm

    Phase 1

    Workforce Planning

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership team
    • Managers
    • Human resource partner (if applicable)

    Additional Resources

    Workforce Planning Workbook for Small Enterprises

    Phase pre-step: Gather resources and participants

    1. Ensure you have an up-to-date IT strategy. If you don't have a formal strategy in place, ensure you are aware of the main organizational objectives for the next 3-5 years. Connect with executive stakeholders if necessary to confirm this information.
      If you are not sure of the organizational direction for this time frame, we recommend you consult Info-Tech's material on IT strategy first, to ensure your workforce plan is fully positioned to deliver value to the organization.
    2. Consult with your IT team and gather any documentation pertaining to current roles and skills. Examples include an org chart, job descriptions, a list of current tasks performed/required, a list of company competencies, and a list of outsourced projects.
    3. Gather the right participants. Most of the decisions in this section will be made by senior leadership, but you will also need input from front-line managers. Ensure they are available on an as-needed basis. If your organization has an HR partner, it can also be helpful to involve them in your workforce planning process.

    Formal workforce planning benefits even small teams

    Strategic workforce planning (SWP) is a systematic process designed to identify and address gaps in your workforce today and plan for the human capital needs of the future.

    Your workforce plan is an extension of your IT strategy, ensuring that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.

    SWP helps you understand the makeup of your current workforce and how well prepared it is or isn't (as the case may be) to meet future IT requirements. By identifying capability gaps early, CIOs can prepare to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.

    The smaller the business, the more impact each individual's performance has on the overall success of the organization. When a given role is occupied by a single individual, the organization's performance in that function is determined wholly by one employee. Creating a workforce plan for a small team may seem excessive, but it ensures your organization is not unexpectedly hit with a critical competency gap.

    Right-size your workforce planning process to the size of your enterprise

    Small organizations are 2.2 times more likely to have effective workforce planning processes.1 Be mindful of the opportunities and risks for organizations of your size as you execute the project. How you build your workforce plan will not change drastically based on the size of your organization; however, the scope of your initiative, the size of your team, and the tactics you employ may vary.

    Small Organization

    Medium Organization

    Large Organization

    Project Opportunities

    • Project scope is much more manageable.
    • Communication and planning can be more manageable.
    • Fewer roles can clarify prioritization needs and promotability.
    • Project scope is more manageable.
    • Moderate budget for workforce planning initiatives is needed.
    • Communication and enforcement is easier.
    • Larger candidate pool to pull from.
    • Greater career path options for staff.
    • In-house expertise may be available

    Project Risks

    • Limited resources and time to execute the project.
    • In-house expertise is unlikely.
    • Competencies may be informal and not documented.
    • Limited overlap in responsibilities, resulting in fewer redundancies.
    • Limited staff with experience for the project.
    • Workforce planning may be a lower priority and difficult to generate buy-in for.
    • Requires more staff to manage workforce plan and execute initiatives.
    • Less collective knowledge on staff strengths may make career planning difficult.
    • Geographically dispersed business units make collaboration and communication difficult.

    1 McLean & Company Trends Report 2014

    1.1 Set project outcomes and success metrics

    1-3 hours

    1. As a group, brainstorm key pain points that the IT department experiences due to the lack of a workforce plan. Ask them to consider turnover, retention, training, and talent acquisition.
    2. Discuss any key themes that arise and brainstorm your desired project outcomes. Keep a record of these for future reference and to aid in stakeholder communication.
    3. Break into smaller groups (or if too small, continue as a single group):
      1. For each desired outcome, consider what metrics you could use to track progress. Keep your initial list of pain points in mind as you brainstorm metrics.
      2. Write each of the metric suggestions on a whiteboard and agree to track 3-5 metrics. Set targets for each metric. Consider the effort required to obtain and track the metric, as well as its reliability.
      3. Assign one individual for tracking the selected metrics. Following the meeting, that individual will be responsible for identifying the baseline and targets, and reporting on metrics progress.

    Input

    Output

    • List of workforce data available
    • List of workforce metrics to track the workforce plan's impact

    Materials

    Participants

    • Whiteboard/flip charts
    • Leadership team
    • Human resource partner (if applicable)

    1.2 Identify key roles and competency gaps

    1-3 hours

    1. As a group, identify all strategic, core, and supporting roles by reviewing the organizational chart:
      1. Strategic: What are the roles that must be filled by top performers and cannot be left vacant in order to meet strategic objectives?
      2. Core: What roles are important to drive operational excellence?
      3. Supporting: What roles are required for day-to-day work, but are low risk if the role is vacant for a period of time?
    2. Working individually or in small groups, have managers for each identified role define the level of competence required for the job. Consider factors such as:
      1. The difficulty or criticality of the tasks being performed
      2. The impact on job outcomes
      3. The impact on the performance of other employees
      4. The consequence of errors if the competency is not present
      5. How frequently the competency is used on the job
      6. Whether the competency is required when the job starts or can be learned or acquired on the job within the first six months
    3. Continue working individually and rate the level of proficiency of the current incumbent.
    4. As a group, review the assessment and make any adjustments.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    Download the Workforce Planning Workbook for Small Enterprises

    1.2 Identify key roles and competency gaps

    Input Output
    • Org chart, job descriptions, list of current tasks performed/required, list of company competencies
    • List of competency gaps for key roles
    Materials Participants
    • Leadership team
    • Managers

    Conduct a risk-of-departure analysis

    A risk-of-departure analysis helps you plan for future talent needs by identifying which employees are most likely to leave the organization (or their current role).

    A risk analysis takes into account two factors: an employee's risk for departure and the impact of departure:

    Employees are high risk for departure if they:

    • Have specialized or in-demand skills (tenured employees are more likely to have this than recent hires)
    • Are nearing retirement
    • Have expressed career aspirations that extend outside your organization
    • Have hit a career development ceiling at your organization
    • Are disengaged
    • Are actively job searching
    • Are facing performance issues or dismissal OR promotion into a new role

    Employees are low risk for departure if they:

    • Are a new hire or new to their role
    • Are highly engaged
    • Have high potential
    • Are 5-10 years out from retirement

    If you are not sure where an employee stands with respect to leaving the organization, consider having a development conversation with them. In the meantime, consider them at medium risk for departure.

    To estimate the impact of departure, consider:

    • The effect of losing the employee in the near- and medium-term, including:
      • Impact on the organization, department, unit/team and projects
      • The cost (in time, resources, and productivity loss) to replace the individual
      • The readiness of internal successors for the role

    1.3 Conduct a risk analysis to identify future needs

    1-3 hours

    Preparation: Your estimation of whether key employees are at risk of leaving the organization will depend on what you know of them objectively (skills, age), as well as what you learn from development conversations. Ensure you collect all relevant information prior to conducting this activity. You may need to speak with employees' direct managers beforehand or include them in the discussion.

    • As a group, list all your current employees, and using the previous slide for guidance, rank them on two parameters: risk of departure and impact of departure, on a scale of low to high. Record your conclusions in a chart like the one on the right. (For a more in-depth risk assessment, use the "Risk Assessment Results" tab of the Key Roles Succession Planning Tool.)
    • Employees that fall in the "Mitigate" quadrant represent key at-risk roles with at least moderate risk and moderate impact. These are your succession planning priorities. Add these roles to your list of key roles and competency gaps, and include them in your workforce planning analysis.
    • Employees that fall in the "Manage" quadrants represent secondary priorities, which should be looked at if there is capacity after considering the "Mitigate" roles.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    This is an image of the Risk analysis for risk of departure to importance of departure.

    Info-Tech Insight

    Don't be afraid to rank most or all your staff as "high impact of departure." In a small enterprise, every player counts, and you must plan accordingly.

    1.3 Conduct a risk analysis to identify future needs

    Input Output
    • Employee data on competencies, skills, certifications, and performance. Input from managers from informal development conversations.
    • A list of first- and second-priority at-risk roles to carry forward into a succession planning analysis
    Materials Participants
    • Leadership team
    • Managers

    Determine your skill sourcing route

    The characteristics of need steer hiring managers to a preferred choice, while the marketplace analysis will tell you the feasibility of each option.

    Sourcing Options

    Preferred Options

    Final Choice

    four blue circles

    A right facing arrow

    Two blue circles A right facing arrow One blue circle
    State of the Marketplace

    State of the Marketplace

    Urgency: How soon do we need this skill? What is the required time-to-value?

    Criticality: How critical, i.e. core to business goals, are the services or systems that this skill will support?

    Novelty: Is this skill brand new to our workforce?

    Availability: How often, and at what hours, will the skill be needed?

    Durability: For how long will this skill be needed? Just once, or indefinitely for regular operations?

    Scarcity: How popular or desirable is this skill? Do we have a large enough talent pool to draw from? What competition are we facing for top talent?

    Cost: How much will it cost to hire vs. contract vs. outsource vs. train this skill?

    Preparedness: Do we have internal resources available to cultivate this skill in house?

    1.4 Determine your skill sourcing route

    1-3 hours

    1. Identify the preferred sourcing method as a group, starting with the most critical or urgent skill need on your list. Use the characteristics of need to guide your discussion. If more than one option seems adequate, carry several over to the next step.
    2. Consider the marketplace factors applicable to the skill in question and use these to narrow down to one final sourcing decision.
      1. If it is not clear whether a suitable internal candidate is available or ready, refer to the next activity for a readiness assessment.
    3. Be sure to document the rationale supporting your decision. This will ensure the decision can be clearly communicated to any stakeholders, and that you can review on your decision-making process down the line.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    Info-Tech Insight

    Consider developing a pool of successors instead of pinning your hopes on just one person. A single pool of successors can be developed for either one key role that has specialized requirements or even multiple key roles that have generic requirements.

    Input

    Output

    • List of current and upcoming skill gaps
    • A sourcing decision for each skill

    Materials

    Participants

    • Leadership team
    • Human resource partner (if applicable)

    1.5 Determine readiness of internal successors

    1-3 hours

    1. As a group, and ensuring you include the candidates' direct managers, identify potential successors for the first role on your list.
    2. Ask how effectively the potential successor would serve in the role today. Review the competencies for the key role in terms of:
      1. Relationship-building skills
      2. Business skills
      3. Technical skills
      4. Industry-specific skills or knowledge
    3. Determine what competencies the succession candidate currently has and what must be learned. Be sure you know whether the candidate is open to a career change. Don't assume – if this is not clear, have a development conversation to ensure everyone is on the same page.
    4. Finally, determine how difficult it will be for the successor to acquire missing skills or knowledge, whether the resources are available to provide the required development, and how long it will take to provide it.
    5. As a group, decide whether training an internal successor is a viable option for the role in question, considering the successor's readiness and the characteristics of need for the role. If a clear successor is not readily apparent, consider:
      1. If the development of the successor can be fast-tracked, or if some requirements can be deprioritized and the successor provided with temporary support from other employees.
      2. If the role in question is being discussed because the current incumbent is preparing to leave, consider negotiating an arrangement that extends the incumbent's employment tenure.
    6. Record the decision and repeat for the next role on your list.

    Info-Tech Insight

    A readiness assessment helps to define not just development needs, but also any risks around the organization's ability to fill a key role.

    Input

    Output

    • List of roles for which you are considering training internally
    • Job descriptions and competency requirements for the roles
    • List of roles for which internal successors are a viable option

    Materials

    Participants

    • Leadership team
    • Candidates' direct managers, if applicable

    Use alternative work arrangements to gain time to prepare successors

    Alternative work arrangements are critical tools that employers can use to achieve a mutually beneficial solution that mitigates the risk of loss associated with key roles.

    Alternative work arrangements not only support employees who want to keep working, but more importantly, they allow the business to retain employees that are needed in key roles who are departure risks due to retirement.

    Viewing retirement as a gradual process can help you slow down skill loss in your organization and ensure you have sufficient time to train successors. Retiring workers are becoming increasingly open to alternative work arrangements. Among employed workers aged 50-75, more than half planned to continue working part-time after retirement.
    Source: Statistics Canada.

    Flexible work options are the most used form of alternative work arrangement

    A bar graph showing the percent of organizations who implemented alternate work arrangement, for Flexible work options; Contract based work; Part time roles; Graduated retirement programs; Part year jobs or job sharing; Increased PTO for employees over a certain age.

    Source: McLean & Company, N=44

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement Description Ideal Use Caveats
    Flexible work options Employees work the same number of hours but have flexibility in when and where they work (e.g. from home, evenings). Employees who work fairly independently with no or few direct reports. Employee may become isolated or disconnected, impeding knowledge transfer methods that require interaction or one-on-one time.
    Contract-based work Working for a defined period of time on a specific project on a non-salaried or non-wage basis. Project-oriented work that requires specialized knowledge or skills. Available work may be sporadic or specific projects more intensive than the employee wants. Knowledge transfer must be built into the contractual arrangement.
    Part-time roles Half days or a certain number of days per week; indefinite with no end date in mind. Employees whose roles can be readily narrowed and upon whom people and critical processes are not dependent. It may be difficult to break a traditionally full-time job down into a part-time role given the size and nature of associated tasks.
    Graduated retirement Retiring employee has a set retirement date, gradually reducing hours worked per week over time. Roles where a successor has been identified and is available to work alongside the incumbent in an overlapping capacity while he or she learns. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement Description Ideal Use Caveats
    Part-year jobs or job sharing Working part of the year and having the rest of the year off, unpaid. Project-oriented work where ongoing external relationships do not need to be maintained. The employee is unavailable for knowledge transfer activities for a large portion of the year. Another risk is that the employee may opt not to return at the end of the extended time off with little notice.
    Increased paid time off Additional vacation days upon reaching a certain age. Best used as recognition or reward for long-term service. This may be a particularly useful retention incentive in organizations that do not offer pension plans. The company may not be able to financially afford to pay for such extensive time off. If the role incumbent is the only one in the role, this may mean crucial work is not being done.
    Altered roles Concentration of a job description on fewer tasks that allows the employee to focus on his or her specific expertise. Roles where a successor has been identified and is available to work alongside the incumbent, with the incumbent's new role highly focused on mentoring. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Phase 2

    Knowledge Transfer

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership/management team
    • Incumbent & successor

    Additional Resources

    IT Knowledge Identification Interview Guide Template

    Knowledge Transfer Plan Template

    Determine your skill sourcing route

    Knowledge transfer plans have three key components that you need to complete for each knowledge source:

    Define what knowledge needs to be transferred

    Each knowledge source has unique information which needs to be transferred. Chances are you don't know what you don't know. The first step is therefore to interview knowledge sources to find out.

    Identify the knowledge receiver

    Depending on who the information is going to, the knowledge transfer tactic you employ will differ. Before deciding on the knowledge receiver and tactic, consider three key factors:

    • How will this knowledge be used in the future?
    • What is the next career step for the knowledge receiver?
    • Are the receiver and the source going to be in the same location?

    Identify which knowledge transfer tactics you will use for each knowledge asset

    Not all tactics are good in every situation. Always keep the "knowledge type" (information, process, skills, and expertise), knowledge sources' engagement level, and the knowledge receiver in mind as you select tactics.

    Don't miss tacit knowledge

    There are two basic types of knowledge: "explicit" and "tacit." Ensure you capture both to get a well-rounded overview of the role.

    Explicit Tacit
    • "What knowledge" – knowledge can be articulated, codified, and easily communicated.
    • Easily explained and captured – documents, memos, speeches, books, manuals, process diagrams, facts, etc.
    • Learn through reading or being told.
    • "How knowledge" – intangible knowledge from an individual's experience that is more from the process of learning, understanding, and applying information (insights, judgments, and intuition).
    • Hard to verbalize, and difficult to capture and quantify.
    • Learn through observation, imitation, and practice.

    Types of explicit knowledge

    Types of tacit knowledge

    Information Process Skills Expertise

    Specialized technical knowledge.

    Unique design capabilities/methods/models.

    Legacy systems, details, passwords.

    Special formulas/algorithms/ techniques/contacts.

    • Specialized research & development processes.
    • Proprietary production processes.
    • Decision-making processes.
    • Legacy systems.
    • Variations from documented processes.
    • Techniques for executing on processes.
    • Relationship management.
    • Competencies built through deliberate practice enabling someone to act effectively.
    • Company history and values.
    • Relationships with key stakeholders.
    • Tips and tricks.
    • Competitor history and differentiators.

    e.g. Knowing the lyrics to a song, building a bike, knowing the alphabet, watching a YouTube video on karate.

    e.g. Playing the piano, riding a bike, reading or speaking a language, earning a black belt in karate.

    Embed your knowledge transfer methods into day-to-day practice

    Multiple methods should be used to transfer as much of a person's knowledge as possible, and mentoring should always be one of them. Select your method according to the following criteria:

    Info-Tech Insight

    The more integrated knowledge transfer is in day-to-day activities, the more likely it is to be successful, and the lower the time cost. This is because real learning is happening at the same time real work is being accomplished.

    Type of Knowledge

    • Tacit knowledge transfer methods are often informal and interactive:
      • Mentoring
      • Multi-generational work teams
      • Networks and communities
      • Job shadowing
    • Explicit knowledge transfer methods tend to be more formal and one way:
      • Formal documentation of processes and best practices
      • Self-published knowledge bases
      • Formal training sessions
      • Formal interviews

    Incumbent's Preference/Successor's Preference

    Ensure you consult the employees, and their direct manager, on the way they are best prepared to teach and learn. Some examples of preferences include:

    1. Prefer traditional classroom learning, augmented with participation, critical reflection, and feedback.
    2. May get bored during formal training sessions and retain more during job shadowing.
    3. Prefer to be self-directed or self-paced, and highly receptive to e-learning and media.
    4. Prefer informal, incidental learning, tend to go immediately to technology or direct access to people. May have a short attention span and be motivated by instant results.
    5. May be uncomfortable with blogs and wikis, but comfortable with SharePoint.

    Cost

    Consider costs beyond the monetary. Some methods require an investment in time (e.g. mentoring), while others require an investment in technology (e.g. knowledge bases).

    The good news is that many supporting technologies may already exist in your organization or can be acquired for free.

    Methods that cost time may be difficult to get underway since employees may feel they don't have the time or must change the way they work.

    2.1 Create a knowledge transfer plan

    1-3 hours

    1. Working together with the current incumbent, brainstorm the key information pertaining to the role that you want to pass on to the successor. Use the IT Knowledge Identification Interview Guide Template to ensure you don't miss anything.
      • Consider key knowledge areas, including:
        • Specialized technical knowledge.
        • Specialized research and development processes.
        • Unique design capabilities/methods/models.
        • Special formulas/algorithms/techniques.
        • Proprietary production processes.
        • Decision-making criteria.
        • Innovative sales methods.
        • Knowledge about key customers.
        • Relationships with key stakeholders.
        • Company history and values.
      • Ask questions of both sources and receivers of knowledge to help determine the best knowledge transfer methods to use.
        • What is the nature of the knowledge? Explicit or tacit?
        • Why is it important to transfer?
        • How will the knowledge be used?
        • What knowledge is critical for success?
        • How will the users find and access it?
        • How will it be maintained and remain relevant and usable?
        • What are the existing knowledge pathways or networks connecting sources to recipients?
    2. Once the knowledge has been identified, use the information on the following slides to decide on the most appropriate methods. Be sure to consult the incumbent and successor on their preferences.
    3. Prioritize your list of knowledge transfer activities. It's important not to try to do too much too quickly. Focus on some quick wins and leverage the success of these initiatives to drive the project forward. Follow these steps as a guide:
      1. Take an inventory of all the tactics and techniques which you plan to employ. Eliminate redundancies where possible.
      2. Start your implementation with your highest risk role or knowledge item, using explicit knowledge transfer tactics. Interviews, use cases, and process mapping will give you some quick wins and will help gain momentum for the project.
      3. Then move forward to other tactics, the majority of which will require training and process design. Pick 1-2 other key tactics you would like to employ and build those out. For tactics that require resources or monetary investment, start with those that can be reused for multiple roles.

    Record your plan in the IT Knowledge Transfer Plan Template.

    Download the IT Knowledge Identification Interview Guide Template

    Download the Knowledge Transfer Plan Template

    Info-Tech Insight

    Wherever possible, ask employees about their personal learning styles. It's likely that a collaborative compromise will have to be struck for knowledge transfer to work well.

    2.1 Create a knowledge transfer plan

    Input

    Output

    • List of roles for which you need to transfer knowledge
    • Prioritized list of knowledge items and chosen transfer method

    Materials

    Participants

    • Leadership team
    • Incumbent
    • Successor

    Not every transfer method is effective for every type of knowledge

    Knowledge Type
    Tactic Explicit Tacit
    Information Process Skills Expertise
    Interviews Very Strong Strong Strong Strong
    Process Mapping Medium Very Strong Very Weak Very Weak
    Use Cases Medium Very Strong Very Weak Very Weak
    Job Shadow Very Weak Medium Very Strong Very Strong
    Peer Assist Strong Medium Very Strong Very Strong
    Action Review Medium Medium Strong Strong
    Mentoring Weak Weak Strong Very Strong
    Transition Workshop Strong Strong Strong Weak
    Storytelling Weak Weak Strong Very Strong
    Job Share Weak Weak Very Strong Very Strong
    Communities of Practice Strong Weak Very Strong Very Strong

    This table shows the relative strengths and weaknesses of each knowledge transfer tactic compared against four different knowledge types.

    Not all techniques are effective for all types of knowledge; it is important to use a healthy mixture of techniques to optimize effectiveness.

    Employees' engagement can impact knowledge transfer effectiveness

    Level of Engagement
    Tactic Disengaged/ Indifferent Almost Engaged - Engaged
    Interviews Yes Yes
    Process Mapping Yes Yes
    Use Cases Yes Yes
    Job Shadow No Yes
    Peer Assist Yes Yes
    Action Review Yes Yes
    Mentoring No Yes
    Transition Workshop Yes Yes
    Storytelling No Yes
    Job Share Maybe Yes
    Communities of Practice Maybe Yes

    When considering which tactics to employ, it's important to consider the knowledge holder's level of engagement. Employees who you would identify as being disengaged may not make good candidates for job shadowing, mentoring, or other tactics where they are required to do additional work or are asked to influence others.

    Knowledge transfer can be controversial for all employees as it can cause feelings of job insecurity. It's essential that motivations for knowledge transfer are communicated effectively.

    Pay particular attention to your communication style with disengaged and indifferent employees, communicate frequently, and tie communication back to what's in it for them.

    Putting disengaged employees in a position where they are mentoring others can be a risk, as their negativity could influence others not to participate, or it could negate the work you're doing to create a positive knowledge sharing culture.

    Employees' engagement can impact knowledge transfer effectiveness

    Effort by Stakeholder

    Tactic

    Business Analyst

    IT Manager

    Knowledge Holder

    Knowledge Receiver

    Interviews

    These tactics require the least amount of effort, especially for organizations that are already using these tactics for a traditional requirements gathering process.

    Medium

    N/A

    Low

    Low

    Process Mapping

    Medium

    N/A

    Low

    Low

    Use Cases

    Medium

    N/A

    Low

    Low

    Job Shadow

    Medium

    Medium

    Medium

    Medium

    Peer Assist

    Medium

    Medium

    Medium

    Medium

    Action Review

    These tactics generally require more involvement from IT management and the BA in tandem for preparation. They will also require ongoing effort for all stakeholders. It's important to gain stakeholder buy-in as it is key for success.

    Low

    Medium

    Medium

    Low

    Mentoring

    Medium

    High

    High

    Medium

    Transition Workshop

    Medium

    Low

    Medium

    Low

    Storytelling

    Medium

    Medium

    Low

    Low

    Job Share

    Medium

    High

    Medium

    Medium

    Communities of Practice

    High

    Medium

    Medium

    Medium

    Phase 3

    Development Planning

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership team
    • Managers
    • Employees

    Additional Resources

    Effective development planning hinges on robust performance management

    Your performance management framework is rooted in organizational goals and defines what it means to do any given role well.

    Your organization's priority competencies are the knowledge, skills and attributes that enable an employee to do the job well.

    Each individual's development goals are then aimed at building these priority competencies.

    Mission Statement

    To be the world's leading manufacturer and distributor of widgets.

    Business Goal

    To increase annual revenue by 10%.

    IT Department Objective

    To ensure reliable communications infrastructure and efficient support for our sales and development teams.

    Individual Role Objective

    To decrease time to resolution of support requests by 10% while maintaining quality.

    Info-Tech Insight

    Without a performance management framework, your employees cannot align their development with the organization's goals. For detailed guidance, see Info-Tech's blueprint Setting Meaningful Employee Performance Measures.

    What is a competency?

    The term "competency" refers to the collection of knowledge, skills, and attributes an employee requires to do a job well.

    Often organizations have competency frameworks that consist of core, leadership, and functional competencies.

    Core competencies apply to every role in the organization. Typically, they are tied to organizational values and business mission and/or vision.

    Functional competencies are at the department, work group, or job role levels. They are a direct reflection of the function or type of work carried out.

    Leadership competencies generally apply only to people managers in the organization. Typically, they are tied to strategic goals in the short to medium term

    Generic Functional
    • Core
    • Leadership
    • IT
    • Finance
    • Sales
    • HR

    Use the SMART model to make sure goals are reasonable and attainable

    S

    Specific: Be specific about what you want to accomplish. Think about who needs to be involved, what you're trying to accomplish, and when the goal should be met.

    M

    Measurable: Set metrics that will help to determine whether the goal has been reached.

    A

    Achievable: Ensure that you have both the organizational resources and employee capability to accomplish the goal.

    R

    Relevant: Goals must align with broader business, department, and development goals in order to be meaningful.

    T

    Time-bound: Provide a target date to ensure the goal is achievable and provide motivation.

    Example goal:

    "Learn Excel this summer."

    Problems:

    Not specific enough, not measurable enough, nor time bound.

    Alternate SMART goal:

    "Consult with our Excel expert and take the lead on creating an Excel tool in August."

    3.2 Identify target competencies & draft development goals

    1 hour

    Pre-work: Employees should come to the career conversation having done some self-reflection. Use Info-Tech's IT Employee Career Development Workbook to help employees identify their career goals.

    1. Pre-work: Managers should gather any data they have on the employee's current proficiency at key competencies. Potential sources include task-based assessments, performance ratings, supervisor or peer feedback, and informal conversation.

      Prioritize competencies. Using your list of priority organizational competencies, work with your employees to help them identify two to four competencies to focus on developing now and in the future. Use the Individual Competency Development Plan template to document your assessment and prioritize competencies for development. Consider the following questions for guidance:
      1. Which competencies are needed in my current role that I do not have full proficiency in?
      2. Which competencies are related to both my career interests and the organization's priorities?
      3. Which competencies are related to each other and could be developed together or simultaneously?
    2. Draft goals. Ask your employee to create a list of multiple simple goals to develop the competencies they have selected to work on developing over the next year. Identifying multiple goals helps to break development down into manageable chunks. Ensure goals are concrete, for example, if the competency is "communication skills," your development goals could be "presentation skills" and "business writing."
    3. Review goals:
      1. Ask why these areas are important to the employee.
      2. Share your ideas and why it is important that the employee develop in the areas identified.
      3. Ensure that the goals are realistic. They should be stretch goals, but they must be achievable. Use the SMART framework on the previous slide for guidance.

    Info-Tech Insight

    Lack of career development is the top reason employees leave organizations. Development activities need to work for both the organization and the employee's own development, and clearly link to advancing employees' careers either at the organization or beyond.

    Download the IT Employee Career Development Workbook

    Download the Individual Competency Development Plan

    3.2 Identify target competencies & draft development goals

    Input

    Output

    • Employee's career aspirations
    • List of priority organizational competencies
    • Assessment of employee's current proficiency
    • A list of concrete development goals

    Materials

    Participants

    • Employee
    • Direct manager

    Apply a blend of learning methods

    • Info-Tech recommends the 70-20-10 principle for learning and development, which places the greatest emphasis on learning by doing. This experiential learning is then supported by feedback from mentoring, training, and self-reflection.
    • Use the 70-20-10 principle as a guideline – the actual breakdown of your learning methods will need to be tailored to best suit your organization and the employee's goals.

    Spend development time and effort wisely:

    70%

    On providing challenging on-the-job opportunities

    20%

    On establishing opportunities for people to develop learning relationships with others, such as coaching and mentoring

    10%

    On formal learning and training programs

    Internal initiatives are a cost-effective development aid

    Internal Initiative

    What Is It?

    When to Use It

    Special Project

    Assignment outside of the scope of the day-to-day job (e.g. work with another team on a short-term initiative).

    As an opportunity to increase exposure and to expand skills beyond those required for the current job.

    Stretch Assignment

    The same projects that would normally be assigned, but in a shorter time frame or with a more challenging component.

    Employee is consistently meeting targets and you need to see what they're capable of.

    Training Others

    Training new or more junior employees on their position or a specific process.

    Employee wants to expand their role and responsibility and is proficient and positive.

    Team Lead On an Assignment

    Team lead for part of a project or new initiative.

    To prepare an employee for future leadership roles by increasing responsibility and developing basic managerial skills.

    Job Rotation

    A planned placement of employees across various roles in a department or organization for a set period of time.

    Employee is successfully meeting and/or exceeding job expectations in their current role.

    Incorporating a development objective into daily tasks

    What do we mean by incorporating into daily tasks?

    The next time you assign a project to an employee, you should also ask the employee to think about a development goal for the project. Try to link it back to their existing goals or have them document a new goal in their development plan.

    For example: A team of employees always divides their work in the same way. Their goal for their next project could be to change up the division of responsibility so they can learn each other's roles.

    Another example:

    "I'd like you to develop your ability to explain technical terms to a non-technical audience. I'd like you to sit down with the new employee who starts tomorrow and explain how to use all our software, getting them up and running."

    Info-Tech Insight

    Employees often don't realize that they are being developed. They either think they are being recognized for good work or they are resentful of the additional workload.

    You need to tell your employees that the activity you are asking them to do is intended to further their development.

    However, be careful not to sell mundane tasks as development opportunities – this is offensive and detrimental to engagement.

    Establish manager and employee accountability for following up

    Ensure that the employee makes progress in developing prioritized competencies by defining accountabilities:

    Tracking Progress

    Checking In

    Development Meetings

    Coaching & Feedback

    Employee accountability:

    • Employees need to keep track of what they learn.
    • Employees should take the time to reflect on their progress.

    Manager accountability:

    • Managers need to make the time for employees to reflect.

    Employee accountability:

    • Employees need to provide managers with updates and ask for help.

    Manager accountability:

    • Managers need to check in with employees to see if they need additional resources.

    Employee accountability:

    • Employees need to complete assessments again to determine whether they have made progress.

    Manager accountability:

    • Managers should schedule monthly meetings to discuss progress and identify next steps.

    Employee accountability:

    • Employees should ask their manager and colleagues for feedback after development activities.

    Manager accountability:

    • Managers can use both scheduled meetings and informal conversations to provide coaching and feedback to employees.

    3.3 Select development activities and schedule check-ins

    1-3 hours

    Pre-work: Employees should research potential development activities and come prepared with a range of suggestions.

    Pre-work: Managers should investigate options for employee development, such as internal training/practice opportunities for the employee's selected competencies and availability of training budget.

    1. Communicate your findings about internal opportunities and external training allowance to the employee. This can also be done prior to the meeting, to help guide the employee's own research. Address any questions or concerns.
    2. Review the employee's proposed list of activities, and identify priority ones based on:
      1. How effectively they support the development of priority competencies.
      2. How closely they match the employee's original goals.
      3. The learning methods they employ, and whether the chosen activities support a mix of different methods.
      4. The degree to which the employee will have a chance to practice new skills hands-on.
      5. The amount of time the activities require, balanced against the employee's work obligations.
    3. Guide the employee in selecting activities for the short and medium term. Establish an understanding that this list is tentative and subject to ongoing revision during future check-ins.
      1. If in doubt about whether the employee is over-committing, err on the side of fewer activities to start.
    4. Schedule a check-in for one month out to review progress and roadblocks, and to reaffirm priorities.
    5. Check-ins should be repeated regularly, typically once a month.

    Download the Learning Methods Catalog

    Info-Tech Insight

    Adopt a blended learning approach using a variety of techniques to effectively develop competencies. This will reinforce learning and accommodate different learning styles. See Info-Tech's Learning Methods Catalog for a description of popular experiential, relational, and formal learning methods.

    3.3 Select development activities and schedule check-ins

    Input

    Output

    • List of potential development activities (from employee)
    • List of organizational resources (from manager)
    • A selection of feasible development activities
    • Next check-in scheduled

    Materials

    Participants

    • Employee
    • Direct manager

    Tips for tricky conversations about development

    What to do if…

    Employees aren't interested in development:

    • They may have low aspiration for advancement.
    • Remind them about the importance of staying current in their role given increasing job requirements.
    • Explain that skill development will make their job easier and make them more successful at it; sell development as a quick and effective way to learn the skill.
    • Indicate your support and respond to concerns.

    Employees have greater aspiration than capability:

    • Explain that there are a number of skills and capabilities that they need to improve in order to move to the next level. If the specific skills were not discussed during the performance appraisal, do not hesitate to explain the improvements that you require.
    • Inform the employee that you want them to succeed and that by pushing too far and too fast they risk failure, which would not be beneficial to anyone.
    • Reinforce that they need to do their current job well before they can be considered for promotion.

    Employees are offended by your suggestions:

    • Try to understand why they are offended. Before moving forward, clarify whether they disagree with the need for development or the method by which you are recommending they be developed.
    • If it is because you told them they had development needs, then reiterate that this is about helping them to become better and that everyone has areas to develop.
    • If it is about the development method, discuss the different options, including the pros and cons of each.

    Coaching and feedback skills help managers guide employee development

    Coaching and providing feedback are often confused. Managers often believe they are coaching when they are just giving feedback. Learn the difference and apply the right approach for the right situation.

    What is coaching?

    A conversation in which a manager asks questions to guide employees to solve problems themselves.

    Coaching is:

    • Future-focused
    • Collaborative
    • Geared toward growth and development

    What is feedback?

    Information conveyed from the manager to the employee about their performance.

    Feedback is:

    • Past-focused
    • Prescriptive
    • Geared toward behavior and performance

    Info-Tech Insight

    Don't forget to develop your managers! Ensure coaching, feedback, and management skills are part of your management team's development plan.

    Understand the foundations of coaching to provide effective development coaching:

    Knowledge Mindset Relationship
    • Understand what coaching is and how to apply it:
    • Identify when to use coaching, feedback, or other people management practices, and how to switch between them.
    • Know what coaching can and cannot accomplish.
    • When focusing on performance, guide an employee to solve problems related to their work. When focusing on development, guide an employee to reach their own development goals.
    • Adopt a coaching mindset by subscribing to the following beliefs:
    • Employees want to achieve higher performance and have the potential to do so.
    • Employees have a unique and valuable perspective to share of the challenges they face as well as the possible solutions.
    • Employees should be empowered to realize solutions themselves to motivate them in achieving goals.
    • Develop a relationship of trust between managers and employees:
    • Create an environment of psychological safety where employees feel safe to be open and honest.
    • Involve employees in decision making and inform employees often.
    • Invest in employees' success.
    • Give and expect candor.
    • Embrace failure.

    Apply the "4A" behavior-focused coaching model

    Using a model allows every manager, even those with little experience, to apply coaching best practices effectively.

    Actively Listen

    Ask

    Action Plan

    Adapt

    Engage with employees and their message, rather than just hearing their message.

    Key active listening behaviors:

    • Provide your undivided attention.
    • Observe both spoken words and body language.
    • Genuinely try to understand what the employee is saying.
    • Listen to what is being said, then paraphrase back what you heard.

    Ask thoughtful, powerful questions to learn more information and guide employees to uncover opportunities and/or solutions.

    Key asking behaviors:

    • Ask open-ended questions.
    • Ask questions to learn something you didn't already know.
    • Ask for reasoning (the why).
    • Ask "what else?"

    Hold employees and managers accountable for progress and results.

    During check-ins, review each development goal to ensure employees are meeting their targets.

    Key action planning behaviors:

    Adapt to individual employees and situations.

    Key adapting behaviors:

    • Recognize employees' unique characteristics.
    • Appreciate the situation at hand and change your behavior and communication in order to best support the individual employee.

    Use the following questions to have meaningful coaching conversations

    Opening Questions

    • What's on your mind?
    • Do you feel you've had a good week/month?
    • What is the ideal situation?
    • What else?

    Problem-Identifying Questions

    • What is most important here?
    • What is the challenge here for you?
    • What is the real challenge here for you?
    • What is getting in the way of you achieving your goal?

    Problem-Solving Questions

    • What are some of the options available?
    • What have you already tried to solve this problem? What worked? What didn't work?
    • Have you considered all the possibilities?
    • How can I help?

    Next-Steps Questions

    • What do you need to do, and when, to achieve your goal?
    • What resources are there to help you achieve your goal? This includes people, tools, or even resources outside our organization.
    • How will you know when you have achieved your goal? What does success look like?

    The purpose of asking questions is to guide the conversation and learn something you didn't already know. Choose the questions you ask based on the flow of the conversation and on what information you would like to uncover. Approach the answers you get with an open mind.

    Info-Tech Insight

    Avoid the trap of "hidden agenda" questions, whose real purpose is to offer your own advice.

    Use the following approach to give effective feedback

    Provide the feedback in a timely manner

    • Plan the message you want to convey.
    • Provide feedback "just-in-time."
    • Ensure recipient is not preoccupied.
    • Try to balance the feedback; refer to successful as well as unsuccessful behavior.

    Communicate clearly, using specific examples and alternative behaviors

    • Feedback must be honest and helpful.
    • Be specific and give a recent example.
    • Be descriptive, not evaluative.
    • Relate feedback to behaviors that can be changed.
    • Give an alternative positive behavior.

    Confirm their agreement and understanding

    • Solicit their thoughts on the feedback.
    • Clarify if not understood; try another example.
    • Confirm recipient understands and accepts the feedback.

    Manager skill is crucial to employee development

    Development is a two-way street. This means that while employees are responsible for putting in the work, managers must enable their development with support and guidance. The latter is a skill, which managers must consciously cultivate.

    For more in-depth management skills development, see the Info-Tech "Build a Better Manager" training resources:

    Bibliography

    Anderson, Kelsie. "Is Your IT Department Prepared for the 4 Biggest Challenges of 2017?" 14 June 2017.
    Atkinson, Carol, and Peter Sandiford. "An Exploration of Older Worker Flexible Working Arrangements in Smaller Firms." Human Resource Management Journal, vol. 26, no. 1, 2016, pp. 12–28. Wiley Online Library.
    BasuMallick, Chiradeep. "Top 8 Best Practices for Employee Cross-Training." Spiceworks, 15 June 2020.
    Birol, Andy. "4 Ways You Can Succeed With a Staff That 'Wears Multiple Hats.'" The Business Journals, 26 Nov. 2013.
    Bleich, Corey. "6 Major Benefits To Cross-Training Employees." EdgePoint Learning, 5 Dec. 2018.
    Cancialosi, Chris. "Cross-Training: Your Best Defense Against Indispensable Employees." Forbes, 15 Sept. 2014.
    Cappelli, Peter, and Anna Tavis. "HR Goes Agile." Harvard Business Review, Mar. 2018.
    Chung, Kai Li, and Norma D'Annunzio-Green. "Talent Management Practices of SMEs in the Hospitality Sector: An Entrepreneurial Owner-Manager Perspective." Worldwide Hospitality and Tourism Themes, vol. 10, no. 4, Jan. 2018.
    Clarkson, Mary. Developing IT Staff: A Practical Approach. Springer Science & Business Media, 2012.
    "CNBC and SurveyMonkey Release Latest Small Business Survey Results." Momentive, 2019. Press Release. Accessed 6 Aug. 2020.
    Cselényi, Noémi. "Why Is It Important for Small Business Owners to Focus on Talent Management?" Jumpstart:HR | HR Outsourcing and Consulting for Small Businesses and Startups, 25 Mar. 2013.
    dsparks. "Top 10 IT Concerns for Small Businesses." Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support, 16 May 2017.
    Duff, Jimi. "Why Small to Mid-Sized Businesses Need a System for Talent Management | Talent Management Blog | Saba Software." Saba, 17 Dec. 2018.
    Employment and Social Development Canada. "Age-Friendly Workplaces: Promoting Older Worker Participation." Government of Canada, 3 Oct. 2016.
    Exploring Workforce Planning. Accenture, 23 May 2017.
    "Five Major IT Challenges Facing Small and Medium-Sized Businesses." Advanced Network Systems. Accessed 25 June 2020.
    Harris, Evan. "IT Problems That Small Businesses Face." InhouseIT, 17 Aug. 2016.
    Heathfield, Susan. "What Every Manager Needs to Know About Succession Planning." Liveabout, 8 June 2020.
    ---. "Why Talent Management Is an Important Business Strategy." Liveabout, 29 Dec. 2019.
    Herbert, Chris. "The Top 5 Challenges Facing IT Departments in Mid-Sized Companies." ExpertIP, 25 June 2012.
    How Smaller Organizations Can Use Talent Management to Accelerate Growth. Avilar. Accessed 25 June 2020.
    Krishnan, TN, and Hugh Scullion. "Talent Management and Dynamic View of Talent in Small and Medium Enterprises." Human Resource Management Review, vol. 27, no. 3, Sept. 2017, pp. 431–41.
    Mann Jackson, Nancy. "Strategic Workforce Planning for Midsized Businesses." ADP, 6 Feb. 2017.
    McCandless, Karen. "A Beginner's Guide to Strategic Talent Management (2020)." The Blueprint, 26 Feb. 2020.
    McFeely, Shane, and Ben Wigert. "This Fixable Problem Costs U.S. Businesses $1 Trillion." Gallup.com, 13 Mar. 2019.
    Mihelič, Katarina Katja. Global Talent Management Best Practices for SMEs. Jan. 2020.
    Mohsin, Maryam. 10 Small Business Statistics You Need to Know in 2020 [May 2020]. 4 May 2020.
    Ramadan, Wael H., and B. Eng. The Influence of Talent Management on Sustainable Competitive Advantage of Small and Medium Sized Establishments. 2012, p. 15.
    Ready, Douglas A., et al. "Building a Game-Changing Talent Strategy." Harvard Business Review, no. January–February 2014, Jan. 2014.
    Reh, John. "Cross-Training Employees Strengthens Engagement and Performance." Liveabout, May 2019.
    Rennie, Michael, et al. McKinsey on Organization: Agility and Organization Design. McKinsey, May 2016.
    Roddy, Seamus. "The State of Small Business Employee Benefits in 2019." Clutch, 18 Apr. 2019.
    SHRM. "Developing Employee Career Paths and Ladders." SHRM, 28 Feb. 2020.
    Strandberg, Coro. Sustainability Talent Management: The New Business Imperative. Strandberg Consulting, Apr. 2015.
    Talent Management for Small & Medium-Size Businesses. Success Factors. Accessed 25 June 2020.
    "Top 10 IT Challenges Facing Small Business in 2019." Your IT Department, 8 Jan. 2019.
    "Why You Need Workforce Planning." Workforce.com, 24 Oct. 2022.

    Enterprise Architecture Trends

    • Buy Link or Shortcode: {j2store}584|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy & Operating Model
    • Parent Category Link: /strategy-and-operating-model
    • The digital transformation journey brings business and technology increasingly closer.
    • Because the two become more and more intertwined, the role of the enterprise architecture increases in importance, aligning the two in providing additional efficiencies.
    • The current need for an accelerated digital transformation elevates the importance of enterprise architecture.

    Our Advice

    Critical Insight

    • Enterprise architecture is impacted and has an increasing role in the following areas:
      • Business agility
      • Security
      • Innovation
      • Collaborative EA
      • Tools and automation

    Impact and Result

    EA’s role in brokering and negotiating overlapping areas can lead to the creation of additional efficiencies at the enterprise level.

    Enterprise Architecture Trends Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Enterprise Architecture Trends Deck – A trend report to support executives as they digitally transform the enterprise.

    In an accelerated path to digitization, the increasingly important role of enterprise architecture is one of collaboration across siloes, inside and outside the enterprise, in a configurable way that allows for quick adjustment to new threats and conditions, while embracing unprecedented opportunities to scale, stimulating innovation, in order to increase the organization’s competitive advantage.

    • Enterprise Architecture Trends Report

    Infographic

    Further reading

    Enterprise Architecture Trends

    Supporting Executives to Digitally Transform the Enterprise

    Analyst Perspective

    Enterprise architecture, seen as the glue of the organization, aligns business goals with all the other aspects of the organization, providing additional effectiveness and efficiencies while also providing guardrails for safety.

    In an accelerated path to digitization, the increasingly important role of enterprise architecture (EA) is one of collaboration across siloes, inside and outside the enterprise, in a configurable way that allows for quick adjustment to new threats and conditions while embracing unprecedented opportunities to scale, stimulating innovation to increase the organization’s competitive advantage.

    Photo of Milena Litoiu, Principal/Senior Director, Enterprise Architecture, Info-Tech Research Group.

    Milena Litoiu
    Principal/Senior Director, Enterprise Architecture
    Info-Tech Research Group

    Accelerated digital transformation elevates the importance of EA

    The Digital transformation journey brings Business and technology increasingly closer.

    Because the two become more and more intertwined, the role OF Enterprise Architecture increases in importance, aligning the two in providing additional efficiencies.

    THE Current need for an accelerated Digital transformation elevates the importance of Enterprise Architecture.

    More than 70% of organizations revamp their enterprise architecture programs. (Info-Tech Tech Trends 2022 Survey)

    Most organizations still see a significant gap between the business and IT.

    Enterprise Architecture (EA) is impacted and has an increasing role in the following areas

    Accelerated Digital Transformation

    • Business agility Business agility, needed more that ever, increases reliance on enterprise strategies.
      EA creates alignment between business and IT to improve business nimbleness.
    • Security More sophisticated attacks require more EA coordination.
      EA helps adjust to the increasing sophistication of external threats. Partnering with the CISO office to develop strategies to protect the enterprise becomes a prerequisite for survival.
    • Innovation EA's role in an innovation increases synergies at the enterprise level.
      EA plays an increasingly stronger role in innovation, from business endeavors to technology, across business units, etc.
    • Collaborative EA Collaborative EA requires new ways of working.
      Enterprise collaboration gains new meaning, replacing stiff governance.
    • Tools & automation Tools-based automation becomes increasingly common.
      Tools support as well as new artificial intelligence or machine- learning- powered approaches help achieve tools-assisted coordination across viewpoints and teams.

    Info-Tech Insight

    EA's role in brokering and negotiating overlapping areas can lead to the creation of additional efficiencies at the enterprise level.

    EA Enabling Business Agility

    Trend 01 — Business Agility is needed more than ever and THIS increases reliance on enterprise Strategies. to achieve nimbleness, organizations need to adapt timely to changes in the environment.

    Approaches:
    A plethora of approaches are needed (e.g. architecture modularity, data integration, AI/ML) in addition to other Agile/iterative approaches for the entire organization.

    Mergers & Acquisitions: The Sell Blueprint

    • Buy Link or Shortcode: {j2store}324|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

    • IT can suggest a divestiture to meet the business objectives of the organization.
    • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
    • IT participates in due diligence activities and complies with the purchasing organization’s asks.
    • IT needs to reactively prepare its environment to enable the separation.

    Consider the ideal scenario for your IT organization.

    Our Advice

    Critical Insight

    Divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

    • The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
    • A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
    • Transactions that are driven by digital motivations, requiring IT’s expertise.
    • There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.

    Impact and Result

    Prepare for a sale/divestiture transaction by:

    • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
    • Creating a standard strategy that will enable strong program management.
    • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

    Mergers & Acquisitions: The Sell Blueprint Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how your organization can excel its reduction strategy by engaging in M&A transactions. Review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Proactive Phase

    Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

    • One-Pager: M&A Proactive
    • Case Study: M&A Proactive
    • Information Asset Audit Tool
    • Data Valuation Tool
    • Enterprise Integration Process Mapping Tool
    • Risk Register Tool
    • Security M&A Due Diligence Tool
    • Service Catalog Internal Service Level Agreement Template

    2. Discovery & Strategy

    Create a standardized approach for how your IT organization should address divestitures or sales.

    • One-Pager: M&A Discovery & Strategy – Sell
    • Case Study: M&A Discovery & Strategy – Sell

    3. Due Diligence & Preparation

    Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

    • One-Pager: M&A Due Diligence & Preparation – Sell
    • Case Study: M&A Due Diligence & Preparation – Sell
    • IT Due Diligence Charter
    • IT Culture Diagnostic
    • M&A Separation Project Management Tool (SharePoint)
    • SharePoint Template: Step-by-Step Deployment Guide
    • M&A Separation Project Management Tool (Excel)

    4. Execution & Value Realization

    Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

    • One-Pager: M&A Execution & Value Realization – Sell
    • Case Study: M&A Execution & Value Realization – Sell

    Infographic

    Workshop: Mergers & Acquisitions: The Sell Blueprint

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Pre-Transaction Discovery & Strategy

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for divesting or selling.

    Formalize the program plan.

    Create the valuation framework.

    Strategize the transaction and finalize the M&A strategy and approach.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Set up crucial elements to facilitate the success of the transaction.

    Have a repeatable transaction strategy that can be reused for multiple organizations.

    Activities

    1.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics.

    1.2 Identify key stakeholders and outline their relationship to the M&A process.

    1.3 Understand the rationale for the company's decision to pursue a divestiture or sale.

    1.4 Assess the IT/digital strategy.

    1.5 Identify pain points and opportunities tied to the divestiture/sale.

    1.6 Create the IT vision statement and mission statement and identify IT guiding principles and the transition team.

    1.7 Document the M&A governance.

    1.8 Establish program metrics.

    1.9 Create the valuation framework.

    1.10 Establish the separation strategy.

    1.11 Conduct a RACI.

    1.12 Create the communication plan.

    1.13 Prepare to assess target organizations.

    Outputs

    Business perspectives of IT

    Stakeholder network map for M&A transactions

    Business context implications for IT

    IT’s divestiture/sale strategic direction

    Governance structure

    M&A program metrics

    IT valuation framework

    Separation strategy

    RACI

    Communication plan

    Prepared to assess target organization(s)

    2 Mid-Transaction Due Diligence & Preparation

    The Purpose

    Establish the foundation.

    Discover the motivation for separation.

    Identify expectations and create the carve-out roadmap.

    Prepare and manage employees.

    Plan the separation roadmap.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Methodology identified to enable compliance during due diligence.

    Employees are set up for a smooth and successful transition.

    Separation activities are planned and assigned.

    Activities

    2.1 Gather and evaluate the stakeholders involved, M&A strategy, future-state operating model, and governance.

    2.2 Review the business rationale for the divestiture/sale.

    2.3 Establish the separation strategy.

    2.4 Create the due diligence charter.

    2.5 Create a list of IT artifacts to be reviewed in the data room.

    2.6 Create a carve-out roadmap.

    2.7 Create a service/technical transaction agreement.

    2.8 Measure staff engagement.

    2.9 Assess the current culture and identify the goal culture.

    2.10 Create employee transition and functional workplans.

    2.11 Establish the separation roadmap.

    2.12 Establish and align project metrics with identified tasks.

    2.13 Estimate integration costs.

    Outputs

    Stakeholder map

    IT strategy assessed

    IT operating model and IT governance structure defined

    Business context implications for IT

    Separation strategy

    Due diligence charter

    Data room artifacts

    Carve-out roadmap

    Service/technical transaction agreement

    Engagement assessment

    Culture assessment

    Employee transition and functional workplans

    Integration roadmap and associated resourcing

    3 Post-Transaction Execution & Value Realization

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for separation.

    Plan the separation roadmap.

    Prepare employees for the transition.

    Engage in separation.

    Assess the transaction outcomes.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Separation activities are planned and assigned.

    Employees are set up for a smooth and successful transition.

    Separation strategy and roadmap are executed to benefit the organization.

    Review what went well and identify improvements to be made in future transactions.

    Activities

    3.1 Identify key stakeholders and outline their relationship to the M&A process.

    3.2 Gather and evaluate the M&A strategy, future-state operating model, and governance.

    3.3 Review the business rationale for the divestiture/sale.

    3.4 Establish the separation strategy.

    3.5 Prioritize separation tasks.

    3.6 Establish the separation roadmap.

    3.7 Establish and align project metrics with identified tasks.

    3.8 Estimate separation costs.

    3.9 Measure staff engagement.

    3.10 Assess the current culture and identify the goal culture.

    3.11 Create employee transition and functional workplans.

    3.12 Complete the separation by regularly updating the project plan.

    3.13 Assess the service/technical transaction agreement.

    3.14 Confirm separation costs.

    3.15 Review IT’s transaction value.

    3.16 Conduct a transaction and separation SWOT.

    3.17 Review the playbook and prepare for future transactions.

    Outputs

    M&A transaction team

    Stakeholder map

    IT strategy assessed

    IT operating model and IT governance structure defined

    Business context implications for IT

    Separation strategy

    Separation roadmap and associated resourcing

    Engagement assessment

    Culture assessment

    Employee transition and functional workplans

    Updated separation project plan

    Evaluated service/technical transaction agreement

    SWOT of transaction

    M&A Sell Playbook refined for future transactions

    Further reading

    Mergers & Acquisitions: The Sell Blueprint

    For IT leaders who want to have a role in the transaction process when their business is engaging in an M&A sale or divestiture.

    EXECUTIVE BRIEF

    Analyst Perspective

    Don’t wait to be invited to the M&A table, make it.

    Photo of Brittany Lutes, Research Analyst, CIO Practice, Info-Tech Research Group.
    Brittany Lutes
    Research Analyst,
    CIO Practice
    Info-Tech Research Group
    Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice, Info-Tech Research Group.
    Ibrahim Abdel-Kader
    Research Analyst,
    CIO Practice
    Info-Tech Research Group

    IT has always been an afterthought in the M&A process, often brought in last minute once the deal is nearly, if not completely, solidified. This is a mistake. When IT is brought into the process late, the business misses opportunities to generate value related to the transaction and has less awareness of critical risks or inaccuracies.

    To prevent this mistake, IT leadership needs to develop strong business relationships and gain respect for their innovative suggestions. In fact, when it comes to modern M&A activity, IT should be the ones suggesting potential transactions to meet business needs, specifically when it comes to modernizing the business or adopting digital capabilities.

    IT needs to stop waiting to be invited to the acquisition or divestiture table. IT needs to suggest that the table be constructed and actively work toward achieving the strategic objectives of the business.

    Executive Summary

    Your Challenge

    There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

    • IT can suggest a divestiture to meet the business objectives of the organization.
    • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
    • IT participates in due diligence activities and complies with the purchasing organization’s asks.
    • IT needs to reactively prepare its environment to enable the separation.

    Consider the ideal scenario for your IT organization.

    Common Obstacles

    Some of the obstacles IT faces include:

    • IT is often told about the transaction once the deal has already been solidified and is now forced to meet unrealistic business demands.
    • The business does not trust IT and therefore does not approach IT to define value or reduce risks to the transaction process.
    • The people and culture element is forgotten or not given adequate priority.

    These obstacles often arise when IT waits to be invited into the transaction process and misses critical opportunities.

    Info-Tech's Approach

    Prepare for a sale/divestiture transaction by:

    • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
    • Creating a standard strategy that will enable strong program management.
    • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

    Info-Tech Insight

    As the number of merger, acquisition, and divestiture transactions continues to increase, so too does IT’s opportunity to leverage the growing digital nature of these transactions and get involved at the onset.

    The changing M&A landscape

    Businesses will embrace more digital M&A transactions in the post-pandemic world

    • When the pandemic occurred, businesses reacted by either pausing (61%) or completely cancelling (46%) deals that were in the mid-transaction state (Deloitte, 2020). The uncertainty made many organizations consider whether the risks would be worth the potential benefits.
    • However, many organizations quickly realized the pandemic is not a hindrance to M&A transactions but an opportunity. Over 16,000 American companies were involved in M&A transactions in the first six months of 2021 (The Economist). For reference, this had been averaging around 10,000 per six months from 2016 to 2020.
    • In addition to this transaction growth, organizations have increasingly been embracing digital. These trends increase the likelihood that, as an IT leader, you will engage in an M&A transaction. However, it is up to you when you get involved in the transactions.

    The total value of transactions in the year after the pandemic started was $1.3 billion – a 93% increase in value compared to before the pandemic. (Nasdaq)

    71% of technology companies anticipate that divestitures will take place as a result of the COVID-19 pandemic. (EY, 2020)

    Your challenge

    IT is often not involved in the M&A transaction process. When it is, it’s often too late.

    • The most important driver of an acquisition is the ability to access new technology (DLA Piper), and yet 50% of the time, IT isn’t involved in the M&A transaction at all (IMAA Institute, 2017).
    • Additionally, IT’s lack of involvement in the process negatively impacts the business:
      • Most organizations (60%) do not have a standardized approach to integration (Steeves and Associates), let alone separation.
      • Two-thirds of the time, the divesting organization and acquiring organization will either fail together or succeed together (McKinsey, 2015).
      • Less than half (47%) of organizations actually experience the positive results sought by the M&A transaction (Steeves and Associates).
    • Organizations pursuing M&A and not involving IT are setting themselves up for failure.

    Only half of M&A deals involve IT (Source: IMAA Institute, 2017)

    Common Obstacles

    These barriers make this challenge difficult to address for many organizations:

    • IT is rarely afforded the opportunity to participate in the transaction deal. When IT is invited, this often happens later in the process where separation will be critical to business continuity.
    • IT has not had the opportunity to demonstrate that it is a valuable business partner in other business initiatives.
    • One of the most critical elements that IT often doesn’t take the time or doesn’t have the time to focus on is the people and leadership component.
    • IT waits to be invited to the process rather then actively involving themselves and suggesting how value can be added to the process.

    In hindsight, it’s clear to see: Involving IT is just good business.

    47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion. (Source: IMAA Institute, 2017)

    “Solutions exist that can save well above 50 percent on divestiture costs, while ensuring on-time delivery.” (Source: SNP)

    Info-Tech's approach

    Acquisitions & Divestitures Framework

    Acquisitions and divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

    1. The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
    2. Transactions that are driven by digital motivations, requiring IT’s expertise.
    3. A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
    4. There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.
    A diagram highlighting the 'IT Executives' Role in Acquisitions and Divestitures' when they are integrated at different points in the 'Core Business Timeline'. There are four main entry points 'Proactive', 'Discovery and Strategy', 'Due Diligence and Preparation', and 'Execution and Value Realized'. It is highlighted that IT can and should start at 'Proactive', but most organizations start at 'Execution and Value Realized'. 'Proactive': suggest opportunities to evolve the organization; prove IT's value and engage in growth opportunities early. Innovators start here. Steps of the business timeline in 'Proactive' are 'Organization strategies are defined' and 'M and A is considered to enable strategy'. After a buy or sell transaction is initiated is 'Discovery and Strategy': pre-transaction state. If it is a Buy transaction, 'Establish IT's involvement and approach'. If it is a Sell transaction, 'Prepare to engage in negotiations'. Business Partners start here. Steps of the business timeline in 'Discovery and Strategy' are 'Searching criteria is set', 'Potential candidates are considered', and 'LOI is sent/received'. 'Due Diligence and Preparation': mid-transaction state. If it is a Buy transaction, 'Identify potential transaction benefits and risks'. If it is a Sell transaction, 'Comply, communicate, and collaborate in transaction'. Trusted Operators start here. Steps of the business timeline in 'Due Diligence and Preparation' are 'Due diligence engagement occurs', 'Final agreement is reached', and 'Preparation for transaction execution occurs'. 'Execution and Value Realization': post-transaction state. If it is a Buy transaction, 'Integrate the IT environments and achieve business value'. If it is a Sell transaction, 'Separate the IT environment and deliver on transaction terms'. Firefighters start here. Steps of the business timeline in 'Execution and Value Realization' are 'Staff and operations are addressed appropriately', 'Day 1 of implementation and integration activities occurs', '1st 100 days of new entity state occur' and 'Ongoing risk mitigating and value creating activities occur'.

    The business’ view of IT will impact how soon IT can get involved

    There are four key entry points for IT

    A colorful visualization of the four key entry points for IT and a fifth not-so-key entry point. Starting from the top: 'Innovator', Information and Technology as a Competitive Advantage, 90% Satisfaction; 'Business Partner', Effective Delivery of Strategic Business Projects, 80% Satisfaction; 'Trusted Operator', Enablement of Business Through Application and Work Orders, 70% Satisfaction; 'Firefighter', Reliable Infrastructure and IT Service Desk, 60% Satisfaction; and then 'Unstable', Inability to Consistently Deliver Basic Services, <60% Satisfaction.
    1. Innovator: IT suggests a sale or divestiture to meet the business objectives of the organization.
    2. Business Partner: IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspective.
    3. Trusted Operator: IT participates in due diligence activities and complies with the purchasing organization’s asks.
    4. Firefighter: IT needs to reactively prepare its environment in order to enable the separation.

    Merger, acquisition, and divestiture defined

    Merger

    A merger looks at the equal combination of two entities or organizations. Mergers are rare in the M&A space, as the organizations will combine assets and services in a completely equal 50/50 split. Two organizations may also choose to divest business entities and merge as a new company.

    Acquisition

    The most common transaction in the M&A space, where an organization will acquire or purchase another organization or entities of another organization. This type of transaction has a clear owner who will be able to make legal decisions regarding the acquired organization.

    Divestiture

    An organization may decide to sell partial elements of a business to an acquiring organization. They will separate this business entity from the rest of the organization and continue to operate the other components of the business.

    Info-Tech Insight

    A true merger does not exist, as there is always someone initiating the discussion. As a result, most M&A activity falls into acquisition or divestiture categories.

    Selling vs. buying

    The M&A process approach differs depending on whether you are the selling or buying organization

    This blueprint is only focused on the sell side:

    • Examples of sell-related scenarios include:
      • Your organization is selling to another organization with the intent of keeping its regular staff, operations, and location. This could mean minimal separation is required.
      • Your organization is selling to another organization with the intent of separating to be a part of the purchasing organization.
      • Your organization is engaging in a divestiture with the intent of:
        • Separating components to be part of the purchasing organization permanently.
        • Separating components to be part of a spinoff and establish a unit as a standalone new company.
    • As the selling organization, you could proactively seek out suitors to purchase all or components of your organization, or you could be approached by an organization.

    The buy side is focused on:

    • More than two organizations could be involved in a transaction.
    • Examples of buy-related scenarios include:
      • Your organization is buying another organization with the intent of having the purchased organization keep its regular staff, operations, and location. This could mean minimal integration is required.
      • Your organization is buying another organization in its entirety with the intent of integrating it into your original company.
      • Your organization is buying components of another organization with the intent of integrating them into your original company.
    • As the purchasing organization, you will probably be initiating the purchase and thus will be valuating the selling organization during due diligence and leading the execution plan.

    For more information on acquisitions or purchases, check out Info-Tech’s Mergers & Acquisitions: The Buy Blueprint.

    Core business timeline

    For IT to be valuable in M&As, you need to align your deliverables and your support to the key activities the business and investors are working on.

    Info-Tech’s methodology for Selling Organizations in Mergers, Acquisitions, or Divestitures

    1. Proactive

    2. Discovery & Strategy

    3. Due Diligence & Preparation

    4. Execution & Value Realization

    Phase Steps

    1. Identify Stakeholders and Their Perspective of IT
    2. Assess IT’s Current Value and Future State
    3. Drive Innovation and Suggest Growth Opportunities
    1. Establish the M&A Program Plan
    2. Prepare IT to Engage in the Separation or Sale
    1. Engage in Due Diligence and Prepare Staff
    2. Prepare to Separate
    1. Execute the Transaction
    2. Reflection and Value Realization

    Phase Outcomes

    Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

    Create a standardized approach for how your IT organization should address divestitures or sales.

    Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

    Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

    Metrics for each phase

    1. Proactive

    2. Discovery & Strategy

    3. Valuation & Due Diligence

    4. Execution & Value Realization

    • % Share of business innovation spend from overall IT budget
    • % Critical processes with approved performance goals and metrics
    • % IT initiatives that meet or exceed value expectation defined in business case
    • % IT initiatives aligned with organizational strategic direction
    • % Satisfaction with IT's strategic decision-making abilities
    • $ Estimated business value added through IT-enabled innovation
    • % Overall stakeholder satisfaction with IT
    • % Percent of business leaders that view IT as an Innovator
    • % IT budget as a percent of revenue
    • % Assets that are not allocated
    • % Unallocated software licenses
    • # Obsolete assets
    • % IT spend that can be attributed to the business (chargeback or showback)
    • % Share of CapEx of overall IT budget
    • % Prospective organizations that meet the search criteria
    • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
    • % Business leaders that view IT as a Business Partner
    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target
    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT separation
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    IT's role in the selling transaction

    And IT leaders have a greater likelihood than ever of needing to support a merger, acquisition, or divestiture.

    1. Reduced Risk

      IT can identify risks that may go unnoticed when IT is not involved.
    2. Increased Accuracy

      The business can make accurate predictions around the costs, timelines, and needs of IT.
    3. Faster Integration

      Faster integration means faster value realization for the business.
    4. Informed Decision Making

      IT leaders hold critical information that can support the business in moving the transaction forward.
    5. Innovation

      IT can suggest new opportunities to generate revenue, optimize processes, or reduce inefficiencies.

    The IT executive’s critical role is demonstrated by:

    • Reduced Risk

      47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion (IMAA Institute, 2017).
    • Increased Accuracy

      Sellers often only provide 15 to 30 days for the acquiring organization to decide (Forbes, 2018), increasing the necessity of accurate pricing.
    • Faster Integration

      36% of CIOs have visibility into only business unit data, making the divestment a challenge (EY, 2021).
    • Informed Decision Making

      Only 38% of corporate and 22% of private equity firms include IT as a significant aspect in their transaction approach (IMAA Institute, 2017).
    • Innovation

      Successful CIOs involved in M&As can spend 70% of their time on aspects outside of IT and 30% of their time on technology and delivery (CIO).

    Playbook benefits

    IT Benefits

    • IT will be seen as an innovative partner to the business, and its suggestions and involvement in the organization will lead to benefits, not hindrances.
    • Develop a streamlined method to prepare the IT environment for potential carve-out and separations, ensuring risk management concerns are brought to the business’ attention immediately.
    • Create a comprehensive list of items that IT needs to do during the separation that can be prioritized and actioned.

    Business Benefits

    • The business will get accurate and relevant information about its IT environment in order to sell or divest the company to the highest bidder for a true price.
    • Fewer business interruptions will happen, because IT can accurately plan for and execute the high-priority separation tasks.
    • The business can obtain a high-value offer for the components of IT being sold and can measure the ongoing value the sale will bring.

    Insight summary

    Overarching Insight

    IT controls if and when it gets invited to support the business through a purchasing growth transaction. Take control of the process, demonstrate the value of IT, and ensure that separation of IT environments does not lead to unnecessary and costly decisions.

    Proactive Insight

    CIOs on the forefront of digital transformation need to actively look for and suggest opportunities to acquire or partner on new digital capabilities to respond to rapidly changing business needs.

    Discovery & Strategy Insight

    IT organizations that have an effective M&A program plan are more prepared for the transaction, enabling a successful outcome. A structured strategy is particularly necessary for organizations expected to deliver M&As rapidly and frequently.

    Due Diligence & Preparation Insight

    IT often faces unnecessary separation challenges because of a lack of preparation. Secure the IT environment and establish how IT will retain employees early in the transaction process.

    Execution & Value Realization Insight

    IT needs to demonstrate value and cost savings within 100 days of the transaction. The most successful transactions are when IT continuously realizes synergies a year after the transaction and beyond.

    Blueprint deliverables

    Key Deliverable: M&A Sell Playbook

    The M&A Sell Playbook should be a reusable document that enables your IT organization to successfully deliver on any divestiture transaction.

    Screenshots of the 'M and A Sell Playbook' deliverable.

    M&A Sell One-Pager

    See a one-page overview of each phase of the transaction.

    Screenshots of the 'M and A Sell One-Pagers' deliverable.

    M&A Sell Case Studies

    Read a one-page case study for each phase of the transaction.

    Screenshots of the 'M and A Sell Case Studies' deliverable.

    M&A Separation Project Management Tool (SharePoint)

    Manage the separation process of the divestiture/sale using this SharePoint template.

    Screenshots of the 'M and A Separation Project Management Tool (SharePoint)' deliverable.

    M&A Separation Project Management Tool (Excel)

    Manage the separation process of the divestiture/sale using this Excel tool if you can’t or don’t want to use SharePoint.

    Screenshots of the 'M and A Separation Project Management Tool (Excel)' deliverable.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 10 calls over the course of 2 to 4 months.

      Proactive Phase

    • Call #1: Scope requirements, objectives, and your specific challenges.
    • Discovery & Strategy Phase

    • Call #2: Determine stakeholders and business perspectives on IT.
    • Call #3: Identify how M&A could support business strategy and how to communicate.
    • Due Diligence & Preparation Phase

    • Call #4: Establish a transaction team and divestiture/sale strategic direction.
    • Call #5: Create program metrics and identify a standard separation strategy.
    • Call #6: Prepare to carve out the IT environment.
    • Call #7: Identify the separation program plan.
    • Execution & Value Realization Phase

    • Call #8: Establish employee transitions to retain key staff.
    • Call #9: Assess IT’s ability to deliver on the divestiture/sale transaction.

    The Sell Blueprint

    Phase 1

    Proactive

    Phase 1

    Phase 2 Phase 3 Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Conduct the CEO-CIO Alignment diagnostic
    • Conduct the CIO Business Vision diagnostic
    • Visualize relationships among stakeholders to identify key influencers
    • Group stakeholders into categories
    • Prioritize your stakeholders
    • Plan to communicate
    • Valuate IT
    • Assess the IT/digital strategy
    • Determine pain points and opportunities
    • Align goals to opportunities
    • Recommend reduction opportunities

    This phase involves the following participants:

    • IT and business leadership

    What is the Proactive phase?

    Embracing the digital drivers

    As the number of merger, acquisition, or divestiture transactions driven by digital means continues to increase, IT has an opportunity to not just be involved in a transaction but actively seek out potential deals.

    In the Proactive phase, the business is not currently considering a transaction. However, the business could consider one to reach its strategic goals. IT organizations that have developed respected relationships with the business leaders can suggest these potential transactions.

    Understand the business’ perspective of IT, determine who the critical M&A stakeholders are, valuate the IT environment, and examine how it supports the business goals in order to suggest an M&A transaction.

    In doing so, IT isn’t waiting to be invited to the transaction table – it’s creating it.

    Goal: To support the organization in reaching its strategic goals by suggesting M&A activities that will enable the organization to reach its objectives faster and with greater-value outcomes.

    Proactive Prerequisite Checklist

    Before coming into the Proactive phase, you should have addressed the following:

    • Understand what mergers, acquisitions, and divestitures are.
    • Understand what mergers, acquisitions, and divestitures mean for the business.
    • Understand what mergers, acquisitions, and divestitures mean for IT.

    Review the Executive Brief for more information on mergers, acquisitions, and divestitures for selling organizations.

    Proactive

    Step 1.1

    Identify M&A Stakeholders and Their Perspective of IT

    Activities

    • 1.1.1 Conduct the CEO-CIO Alignment diagnostic
    • 1.1.2 Conduct the CIO Business Vision diagnostic
    • 1.1.3 Visualize relationships among stakeholders to identify key influencers
    • 1.1.4 Group stakeholders into categories
    • 1.1.5 Prioritize your stakeholders
    • 1.16 Plan to communicate

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical M&A stakeholders

    Outcomes of Step

    Understand how the business perceives IT and establish strong relationships with critical M&A stakeholders.

    Business executives' perspectives of IT

    Leverage diagnostics and gain alignment on IT’s role in the organization

    • To suggest or get involved with a merger, acquisition, or divestiture, the IT executive leader needs to be well respected by other members of the executive leadership team and the business.
    • Specifically, the Proactive phase relies on the IT organization being viewed as an Innovator within the business.
    • Identify how the CEO/business executive currently views IT and where they would like IT to move within the Maturity Ladder.
    • Additionally, understand how other critical department leaders view IT and how they view the partnership with IT.
    A colorful visualization titled 'Maturity Ladder' detailing levels of IT function that a business may choose from based on the business executives' perspectives of IT. Starting from the bottom: 'Struggle', Does not embarrass, Does not crash; 'Support', Keeps business happy, Keeps costs low; 'Optimize', Increases efficiency, Decreases costs; 'Expand', Extends into new business, Generates revenue; 'Transform', Creates new industry.

    Misalignment in target state requires further communication between the CIO and CEO to ensure IT is striving toward an agreed-upon direction.

    Info-Tech’s CIO Business Vision (CIO BV) diagnostic measures a variety of high-value metrics to provide a well-rounded understanding of stakeholder satisfaction with IT.

    Sample of Info-Tech's CIO Business Vision diagnostic measuring percentages of high-value metrics like 'IT Satisfaction' and 'IT Value' regarding business leader satisfaction. A note for these two reads 'Evaluate business leader satisfaction with IT this year and last year'. A section titled 'Relationship' has metrics such as 'Understands Needs' and 'Trains Effectively'. A note for this section reads 'Examine relationship indicators between IT and the business'. A section titled 'Security Friction' has metrics such as 'Regulatory Compliance-Driven' and 'Office/Desktop Security'.

    Business Satisfaction and Importance for Core Services

    The core services of IT are important when determining what IT should focus on. The most important services with the lowest satisfaction offer the largest area of improvement for IT to drive business value.

    Sample of Info-Tech's CIO Business Vision diagnostic specifically comparing the business satisfaction of 12 core services with their importance. Services listed include 'Service Desk', 'IT Security', 'Requirements Gathering', 'Business Apps', 'Data Quality', and more. There is a short description of the services, a percentage for the business satisfaction with the service, a percentage comparing it to last year, and a numbered ranking of importance for each service. A note reads 'Assess satisfaction and importance across 12 core IT capabilities'.

    1.1.1 Conduct the CEO-CIO Alignment diagnostic

    2 weeks

    Input: IT organization expertise and the CEO-CIO Alignment diagnostic

    Output: An understanding of an executive business stakeholder’s perception of IT

    Materials: M&A Sell Playbook, CEO-CIO Alignment diagnostic

    Participants: IT executive/CIO, Business executive/CEO

    1. The CEO-CIO Alignment diagnostic can be a powerful input. Speak with your Info-Tech account representative to conduct the diagnostic. Use the results to inform current IT capabilities.
    2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret and draw conclusions from the results.
    3. Examine the results of the survey and note where there might be specific capabilities that could be improved.
    4. Determine whether there are any areas of significant disagreement between the you and the CEO. Mark down those areas for further conversations. Additionally, take note of areas that could be leveraged to support transactions or support your rationale in recommending transactions.

    Download the sample report.

    Record the results in the M&A Sell Playbook.

    1.1.2 Conduct the CIO Business Vision diagnostic

    2 weeks

    Input: IT organization expertise, CIO BV diagnostic

    Output: An understanding of business stakeholder perception of certain IT capabilities and services

    Materials: M&A Buy Playbook, CIO Business Vision diagnostic

    Participants: IT executive/CIO, Senior business leaders

    1. The CIO Business Vision (CIO BV) diagnostic can be a powerful tool for identifying IT capability focus areas. Speak with your account representative to conduct the CIO BV diagnostic. Use the results to inform current IT capabilities.
    2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret the results and draw conclusions from the diagnostic.
    3. Examine the results of the survey and take note of any IT services that have low scores.
    4. Read through the diagnostic comments and note any common themes. Especially note which stakeholders identified they have a favorable relationship with IT and which stakeholders identified they have an unfavorable relationship. For those who have an unfavorable relationship, identify if they will have a critical role in a growth transaction.

    Download the sample report.

    Record the results in the M&A Sell Playbook.

    Create a stakeholder network map for M&A transactions

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Example:

    Diagram of stakeholders and their relationships with other stakeholders, such as 'Board Members', 'CFO/Finance', 'Compliance', etc. with 'CIO/IT Leader' highlighted in the middle. There are unidirectional black arrows and bi-directional green arrows indicating each connection.

      Legend
    • Black arrows indicate the direction of professional influence
    • Dashed green arrows indicate bidirectional, informal influence relationships

    Info-Tech Insight

    Your stakeholder map defines the influence landscape that the M&A transaction will occur within. This will identify who holds various levels of accountability and decision-making authority when a transaction does take place.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantial relationships with your stakeholders.

    1.1.3 Visualize relationships among stakeholders to identify key influencers

    1-3 hours

    Input: List of M&A stakeholders

    Output: Relationships among M&A stakeholders and influencers

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership

    1. The purpose of this activity is to list all the stakeholders within your organization that will have a direct or indirect impact on the M&A transaction.
    2. Determine the critical stakeholders, and then determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
    3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
    4. Construct a diagram linking stakeholders and their influencers together.
      • Use black arrows to indicate the direction of professional influence.
      • Use dashed green arrows to indicate bidirectional, informal influence relationships.

    Record the results in the M&A Sell Playbook.

    Categorize your stakeholders with a prioritization map

    A stakeholder prioritization map helps IT leaders categorize their stakeholders by their level of influence and ownership in the merger, acquisition, or divestiture process.

    A prioritization map of stakeholder categories split into four quadrants. The vertical axis is 'Influence', from low on the bottom to high on top. The horizontal axis is 'Ownership/Interest', from low on the left to high on the right. 'Spectators' are low influence, low ownership/interest. 'Mediators' are high influence, low ownership/interest. 'Noisemakers' are low influence, high ownership/interest. 'Players' are high influence, high ownership/interest.

    There are four areas in the map, and the stakeholders within each area should be treated differently.

    Players – players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

    Mediators – mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

    Noisemakers – noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

    Spectators – generally, spectators are apathetic and have little influence over or interest in the initiative.

    1.1.4 Group stakeholders into categories

    30 minutes

    Input: Stakeholder map, Stakeholder list

    Output: Categorization of stakeholders and influencers

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership, Stakeholders

    1. Identify your stakeholders’ interest in and influence on the M&A process as high, medium, or low by rating the attributes below.
    2. Map your results to the model to the right to determine each stakeholder’s category.

    Same prioritization map of stakeholder categories as before. This one has specific stakeholders mapped onto it. 'CFO' is mapped as low interest and middling influence, between 'Mediator' and 'Spectator'. 'CIO' is mapped as higher than average interest and high influence, a 'Player'. 'Board Member' is mapped as high interest and high influence, a 'Player'.

    Level of Influence
    • Power: Ability of a stakeholder to effect change.
    • Urgency: Degree of immediacy demanded.
    • Legitimacy: Perceived validity of stakeholder’s claim.
    • Volume: How loud their “voice” is or could become.
    • Contribution: What they have that is of value to you.
    Level of Interest

    How much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product?

    Record the results in the M&A Sell Playbook.

    Prioritize your stakeholders

    There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

    Level of Support

    Supporter

    Evangelist

    Neutral

    Blocker

    Stakeholder Category Player Critical High High Critical
    Mediator Medium Low Low Medium
    Noisemaker High Medium Medium High
    Spectator Low Irrelevant Irrelevant Low

    Consider the three dimensions for stakeholder prioritization: influence, interest, and support. Support can be determined by answering the following question: How significant is that stakeholder to the M&A or divestiture process?

    These parameters are used to prioritize which stakeholders are most important and should receive your focused attention.

    1.1.5 Prioritize your stakeholders

    30 minutes

    Input: Stakeholder matrix

    Output: Stakeholder and influencer prioritization

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership, M&A/divestiture stakeholders

    1. Identify the level of support of each stakeholder by answering the following question: How significant is that stakeholder to the M&A transaction process?
    2. Prioritize your stakeholders using the prioritization scheme on the previous slide.

    Stakeholder

    Category

    Level of Support

    Prioritization

    CMO Spectator Neutral Irrelevant
    CIO Player Supporter Critical

    Record the results in the M&A Sell Playbook.

    Define strategies for engaging stakeholders by type

    A revisit to the map of stakeholder categories, but with strategies listed for each one, and arrows on the side instead of an axis. The vertical arrow is 'Authority', which increases upward, and the horizontal axis is Ownership/Interest which increases as it moves to the right. The strategy for 'Players' is 'Engage', for 'Mediators' is 'Satisfy', for 'Noisemakers' is 'Inform', and for 'Spectators' is 'Monitor'.

    Type

    Quadrant

    Actions

    Players High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve Players in the process and maintain their engagement and interest by demonstrating their value to its success.
    Mediators High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.
    Noisemakers Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
    Spectators Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    Info-Tech Insight

    Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying stakeholder groups, the IT executive leader can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of Mediators and Players are met.

    1.1.6 Plan to communicate

    30 minutes

    Input: Stakeholder priority, Stakeholder categorization, Stakeholder influence

    Output: Stakeholder communication plan

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership, M&A/divestiture stakeholders

    The purpose of this activity is to make a communication plan for each of the stakeholders identified in the previous activities, especially those who will have a critical role in the M&A transaction process.

    1. In the M&A Sell Playbook, input the type of influence each stakeholder has on IT, how they would be categorized in the M&A process, and their level of priority. Use this information to create a communication plan.
    2. Determine the methods and frequency of communication to keep the necessary stakeholder satisfied and maintain or enhance IT’s profile within the organization.

    Record the results in the M&A Sell Playbook.

    Proactive

    Step 1.2

    Assess IT’s Current Value and Method to Achieve a Future State

    Activities

    • 1.2.1 Valuate IT
    • 1.2.2 Assess the IT/digital strategy

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical stakeholders to M&A

    Outcomes of Step

    Identify critical opportunities to optimize IT and meet strategic business goals through a merger, acquisition, or divestiture.

    How to valuate your IT environment

    And why it matters so much

    • Valuating your current organization’s IT environment is a critical step that all IT organizations should take, whether involved in an M&A or not, to fully understand what it might be worth.
    • The business investments in IT can be directly translated into a value amount. For every $1 invested in IT, the business might be gaining $100 in value back or possibly even loosing $100.
    • Determining, documenting, and communicating this information ensures that the business takes IT’s suggestions seriously and recognizes why investing in IT is so critical.
    • There are three ways a business or asset can be valuated:
      • Cost Approach: Look at the costs associated with building, purchasing, replacing, and maintaining a given aspect of the business.
      • Market Approach: Look at the relative value of a particular aspect of the business. Relative value can fluctuate and depends on what the markets and consequently society believe that particular element is worth.
      • Discounted Cash Flow Approach: Focus on what the potential value of the business could be or the intrinsic value anticipated due to future profitability.
    • (Source: “Valuation Methods,” Corporate Finance Institute)

    Four ways to create value through digital

    1. Reduced costs
    2. Improved customer experience
    3. New revenue sources
    4. Better decision making
    5. (Source: McKinsey & Company)

    1.2.1 Valuate IT

    1 day

    Input: Valuation of data, Valuation of applications, Valuation of infrastructure and operations, Valuation of security and risk

    Output: Valuation of IT

    Materials: Relevant templates/tools listed on the following slides, Capital budget, Operating budget, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership

    The purpose of this activity is to demonstrate that IT is not simply an operational functional area that diminishes business resources. Rather, IT contributes significant value to the business.

    1. Review each of the following slides to valuate IT’s data, applications, infrastructure and operations, and security and risk. These valuations consider several tangible and intangible factors and result in a final dollar amount.
    2. Input the financial amounts identified for each critical area into a summary slide. Use this information to determine where IT is delivering value to the organization.

    Info-Tech Insight

    Consistency is key when valuating your IT organization as well as other IT organizations throughout the transaction process.

    Record the results in the M&A Sell Playbook.

    Data valuation

    Data valuation identifies how you monetize the information that your organization owns.

    Create a data value chain for your organization

    When valuating the information and data that exists in an organization, there are many things to consider.

    Info-Tech has two tools that can support this process:

    1. Information Asset Audit Tool: Use this tool first to take inventory of the different information assets that exist in your organization.
    2. Data Valuation Tool: Once information assets have been accounted for, valuate the data that exists within those information assets.

    Data Collection

    Insight Creation

    Value Creation

    Data Valuation

    01 Data Source
    02 Data Collection Method
    03 Data
    04 Data Analysis
    05 Insight
    06 Insight Delivery
    07 Consumer
    08 Value in Data
    09 Value Dimension
    10 Value Metrics Group
    11 Value Metrics
    Screenshots of Tab 2 of Info-Tech's Data Valuation Tool.

    Instructions

    1. Using the Data Valuation Tool, start gathering information based on the eight steps above to understand your organization’s journey from data to value.
    2. Identify the data value spectrum. (For example: customer sales service, citizen licensing service, etc.)
    3. Fill out the columns for data sources, data collection, and data first.
    4. Capture data analysis and related information.
    5. Then capture the value in data.
    6. Add value dimensions such as usage, quality, and economic dimensions.
      • Remember that economic value is not the only dimension, and usage/quality has a significant impact on economic value.
    7. Collect evidence to justify your data valuation calculator (market research, internal metrics, etc.).
    8. Finally, calculate the value that has a direct correlation with underlying value metrics.

    Application valuation

    Calculate the value of your IT applications

    When valuating the applications and their users in an organization, consider using a business process map. This shows how business is transacted in the company by identifying which IT applications support these processes and which business groups have access to them. Info-Tech has a business process mapping tool that can support this process:

    • Enterprise Integration Process Mapping Tool: Complete this tool first to map the different business processes to the supporting applications in your organization.

    Instructions

    1. Start by calculating user costs. This is the multiplication of: (# of users) × (% of time spent using IT) × (fully burdened salary).
    2. Identify the revenue per employee and divide that by the average cost per employee to calculate the derived productivity ratio (DPR).
    3. Once you have calculated the user costs and DPR, multiply those total values together to get the application value.
    4. User Costs

      Total User Costs

      Derived Productivity Ratio (DPR)

      Total DPR

      Application Value

      # of users % time spent using IT Fully burdened salary Multiply values from the 3 user costs columns Revenue per employee Average cost per employee (Revenue P.E) ÷ (Average cost P.E) (User costs) X (DPR)

    5. Once the total application value is established, calculate the combined IT and business costs of delivering that value. IT and business costs include inflexibility (application maintenance), unavailability (downtime costs, including disaster exposure), IT costs (common costs statistically allocated to applications), and fully loaded cost of active (full-time equivalent [FTE]) users.
    6. Calculate the net value of applications by subtracting the total IT and business costs from the total application value calculated in step 3.
    7. IT and Business Costs

      Total IT and Business Costs

      Net Value of Applications

      Application maintenance Downtime costs (include disaster exposure) Common costs allocated to applications Fully loaded costs of active (FTE) users Sum of values from the four IT and business costs columns (Application value) – (IT and business costs)

    (Source: CSO)

    Infrastructure valuation

    Assess the foundational elements of the business’ information technology

    The purpose of this exercise is to provide a high-level infrastructure valuation that will contribute to valuating your IT environment.

    Calculating the value of the infrastructure will require different methods depending on the environment. For example, a fully cloud-hosted organization will have different costs than a fully on-premises IT environment.

    Instructions:

    1. Start by listing all of the infrastructure-related items that are relevant to your organization.
    2. Once you have finalized your items column, identify the total costs/value of each item.
      • For example, total software costs would include servers and storage.
    3. Calculate the total cost/value of your IT infrastructure by adding all of values in the right column.

    Item

    Costs/Value

    Hardware Assets Total Value +$3.2 million
    Hardware Leased/Service Agreement -$
    Software Purchased +$
    Software Leased/Service Agreement -$
    Operational Tools
    Network
    Disaster Recovery
    Antivirus
    Data Centers
    Service Desk
    Other Licenses
    Total:

    For additional support, download the M&A Runbook for Infrastructure and Operations.

    Risk and security

    Assess risk responses and calculate residual risk

    The purpose of this exercise is to provide a high-level risk assessment that will contribute to valuating your IT environment. For a more in-depth risk assessment, please refer to the Info-Tech tools below:

    1. Risk Register Tool
    2. Security M&A Due Diligence Tool

    Instructions

    1. Review the probability and impact scales below and ensure you have the appropriate criteria that align to your organization before you conduct a risk assessment.
    2. Identify the probability of occurrence and estimated financial impact for each risk category detail and fill out the table on the right. Customize the table as needed so it aligns to your organization.
    3. Probability of Risk Occurrence

      Occurrence Criteria
      (Classification; Probability of Risk Event Within One Year)

      Negligible Very Unlikely; ‹20%
      Very Low Unlikely; 20 to 40%
      Low Possible; 40 to 60%
      Moderately Low Likely; 60 to 80%
      Moderate Almost Certain; ›80%

    Note: If needed, you can customize this scale with the severity designations that you prefer. However, make sure you are always consistent with it when conducting a risk assessment.

    Financial & Reputational Impact

    Budgetary and Reputational Implications
    (Financial Impact; Reputational Impact)

    Negligible (‹$10,000; Internal IT stakeholders aware of risk event occurrence)
    Very Low ($10,000 to $25,000; Business customers aware of risk event occurrence)
    Low ($25,000 to $50,000; Board of directors aware of risk event occurrence)
    Moderately Low ($50,000 to $100,000; External customers aware of risk event occurrence)
    Moderate (›$100,000; Media coverage or regulatory body aware of risk event occurrence)

    Risk Category Details

    Probability of Occurrence

    Estimated Financial Impact

    Estimated Severity (Probability X Impact)

    Capacity Planning
    Enterprise Architecture
    Externally Originated Attack
    Hardware Configuration Errors
    Hardware Performance
    Internally Originated Attack
    IT Staffing
    Project Scoping
    Software Implementation Errors
    Technology Evaluation and Selection
    Physical Threats
    Resource Threats
    Personnel Threats
    Technical Threats
    Total:

    1.2.2 Assess the IT/digital strategy

    4 hours

    Input: IT strategy, Digital strategy, Business strategy

    Output: An understanding of an executive business stakeholder’s perception of IT, Alignment of IT/digital strategy and overall organization strategy

    Materials: Computer, Whiteboard and markers, M&A Sell Playbook

    Participants: IT executive/CIO, Business executive/CEO

    The purpose of this activity is to review the business and IT strategies that exist to determine if there are critical capabilities that are not being supported.

    Ideally, the IT and digital strategies would have been created following development of the business strategy. However, sometimes the business strategy does not directly call out the capabilities it requires IT to support.

    1. On the left half of the corresponding slide in the M&A Sell Playbook, document the business goals, initiatives, and capabilities. Input this information from the business or digital strategies. (If more space for goals, initiatives, or capabilities is needed, duplicate the slide).
    2. On the other half of the slide, document the IT goals, initiatives, and capabilities. Input this information from the IT strategy and digital strategy.

    For additional support, see Build a Business-Aligned IT Strategy.

    Record the results in the M&A Sell Playbook.

    Proactive

    Step 1.3

    Drive Innovation and Suggest Growth Opportunities

    Activities

    • 1.3.1 Determine pain points and opportunities
    • 1.3.2 Align goals with opportunities
    • 1.3.3 Recommend reduction opportunities

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical M&A stakeholders

    Outcomes of Step

    Establish strong relationships with critical M&A stakeholders and position IT as an innovative business partner that can suggest reduction opportunities.

    1.3.1 Determine pain points and opportunities

    1-2 hours

    Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade

    Output: List of pain points or opportunities that IT can address

    Materials: Computer, Whiteboard and markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Business stakeholders

    The purpose of this activity is to determine the pain points and opportunities that exist for the organization. These can be external or internal to the organization.

    1. Identify what opportunities exist for your organization. Opportunities are the potential positives that the organization would want to leverage.
    2. Next, identify pain points, which are the potential negatives that the organization would want to alleviate.
    3. Spend time considering all the options that might exist, and keep in mind what has been identified previously.

    Opportunities and pain points can be trends, other departments’ initiatives, business perspectives of IT, etc.

    Record the results in the M&A Sell Playbook.

    1.3.2 Align goals with opportunities

    1-2 hours

    Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade, List of pain points and opportunities

    Output: An understanding of an executive business stakeholder’s perception of IT, Foundations for reduction strategy

    Materials: Computer, Whiteboard and markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Business stakeholders

    The purpose of this activity is to determine whether a growth or separation strategy might be a good suggestion to the business in order to meet its business objectives.

    1. For the top three to five business goals, consider:
      1. Underlying drivers
      2. Digital opportunities
      3. Whether a growth or reduction strategy is the solution
    2. Just because a growth or reduction strategy is a solution for a business goal does not necessarily indicate M&A is the way to go. However, it is important to consider before you pursue suggesting M&A.

    Record the results in the M&A Sell Playbook.

    1.3.3 Recommend reduction opportunities

    1-2 hours

    Input: Growth or separation strategy opportunities to support business goals, Stakeholder communication plan, Rationale for the suggestion

    Output: M&A transaction opportunities suggested

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, Business executive/CEO

    The purpose of this activity is to recommend a merger, acquisition, or divestiture to the business.

    1. Identify which of the business goals the transaction would help solve and why IT is the one to suggest such a goal.
    2. Leverage the stakeholder communication plan identified previously to give insight into stakeholders who would have a significant level of interest, influence, or support in the process.

    Info-Tech Insight

    With technology and digital driving many transactions, leverage your organizations’ IT environment as an asset and reason why the divestiture or sale should happen, suggesting the opportunity yourself.

    Record the results in the M&A Sell Playbook.

    By the end of this Proactive phase, you should:

    Be prepared to suggest M&A opportunities to support your company’s goals through sale or divestiture transactions

    Key outcome from the Proactive phase

    Develop progressive relationships and strong communication with key stakeholders to suggest or be aware of transformational opportunities that can be achieved through sale or divestiture strategies.

    Key deliverables from the Proactive phase
    • Business perspective of IT examined
    • Key stakeholders identified and relationship to the M&A process outlined
    • Ability to valuate the IT environment and communicate IT’s value to the business
    • Assessment of the business, digital, and IT strategies and how M&As could support those strategies
    • Pain points and opportunities that could be alleviated or supported through an M&A transaction
    • Sale or divestiture recommendations

    The Sell Blueprint

    Phase 2

    Discovery & Strategy

    Phase 1

    Phase 2

    Phase 3Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Create the mission and vision
    • Identify the guiding principles
    • Create the future-state operating model
    • Determine the transition team
    • Document the M&A governance
    • Create program metrics
    • Establish the separation strategy
    • Conduct a RACI
    • Create the communication plan
    • Assess the potential organization(s)

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Transaction FoundationDiscover the Motivation for Divesting or SellingFormalize the Program PlanCreate the Valuation FrameworkStrategize the TransactionNext Steps and Wrap-Up (offsite)

    Activities

    • 0.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics
    • 0.2 Identify key stakeholders and outline their relationship to the M&A process
    • 0.3 Identify the rationale for the company's decision to pursue a divestiture or sale
    • 1.1 Review the business rationale for the divestiture/sale
    • 1.2 Assess the IT/digital strategy
    • 1.3 Identify pain points and opportunities tied to the divestiture/sale
    • 1.4 Create the IT vision statement, create the IT mission statement, and identify IT guiding principles
    • 2.1 Create the future-state operating model
    • 2.2 Determine the transition team
    • 2.3 Document the M&A governance
    • 2.4 Establish program metrics
    • 3.1 Valuate your data
    • 3.2 Valuate your applications
    • 3.3 Valuate your infrastructure
    • 3.4 Valuate your risk and security
    • 3.5 Combine individual valuations to make a single framework
    • 4.1 Establish the separation strategy
    • 4.2 Conduct a RACI
    • 4.3 Review best practices for assessing target organizations
    • 4.4 Create the communication plan
    • 5.1 Complete in-progress deliverables from previous four days
    • 5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables

    1. Business perspectives of IT
    2. Stakeholder network map for M&A transactions
    1. Business context implications for IT
    2. IT’s divestiture/sale strategic direction
    1. Operating model for future state
    2. Transition team
    3. Governance structure
    4. M&A program metrics
    1. IT valuation framework
    1. Separation strategy
    2. RACI
    3. Communication plan
    1. Completed M&A program plan and strategy
    2. Prepared to assess target organization(s)

    What is the Discovery & Strategy phase?

    Pre-transaction state

    The Discovery & Strategy phase during a sale or divestiture is a unique opportunity for many IT organizations. IT organizations that can participate in the transaction at this stage are likely considered a strategic partner of the business.

    For one-off sales/divestitures, IT being invited during this stage of the process is rare. However, for organizations that are preparing to engage in many divestitures over the coming years, this type of strategy will greatly benefit from IT involvement. Again, the likelihood of participating in an M&A transaction is increasing, making it a smart IT leadership decision to, at the very least, loosely prepare a program plan that can act as a strategic pillar throughout the transaction.

    During this phase of the pre-transaction state, IT may be asked to participate in ensuring that the IT environment is able to quickly and easily carve out components/business lines and deliver on service-level agreements (SLAs).

    Goal: To identify a repeatable program plan that IT can leverage when selling or divesting all or parts of the current IT environment, ensuring customer satisfaction and business continuity

    Discovery & Strategy Prerequisite Checklist

    Before coming into the Discovery & Strategy phase, you should have addressed the following:

    • Understand the business perspective of IT.
    • Know the key stakeholders and have outlined their relationship to the M&A process.
    • Be able to valuate the IT environment and communicate IT's value to the business.
    • Understand the rationale for the company's decision to pursue a sale or divestiture and the opportunities or pain points the sale should address.

    Discovery & Strategy

    Step 2.1

    Establish the M&A Program Plan

    Activities

    • 2.1.1 Create the mission and vision
    • 2.1.2 Identify the guiding principles
    • 2.1.3 Create the future-state operating model
    • 2.1.4 Determine the transition team
    • 2.1.5 Document the M&A governance
    • 2.1.6 Create program metrics

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Outcomes of Step

    Establish an M&A program plan that can be repeated across sales/divestitures.

    The vision and mission statements clearly articulate IT’s aspirations and purpose

    The IT vision statement communicates a desired future state of the IT organization, whereas the IT mission statement portrays the organization’s reason for being. While each serves its own purpose, they should both be derived from the business context implications for IT.

    Vision Statements

    Mission Statements

    Characteristics

    • Describe a desired future
    • Focus on ends, not means
    • Concise
    • Aspirational
    • Memorable
    • Articulate a reason for existence
    • Focus on how to achieve the vision
    • Concise
    • Easy to grasp
    • Sharply focused
    • Inspirational

    Samples

    To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce. (Source: Business News Daily) IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset. (Source: Forbes, 2013)

    2.1.1 Create the mission and vision statements

    2 hours

    Input: Business objectives, IT capabilities, Rationale for the transaction

    Output: IT’s mission and vision statements for reduction strategies tied to mergers, acquisitions, and divestitures

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create mission and vision statements that reflect IT’s intent and method to support the organization as it pursues a reduction strategy.

    1. Review the definitions and characteristics of mission and vision statements.
    2. Brainstorm different versions of the mission and vision statements.
    3. Edit the statements until you get to a single version of each that accurately reflects IT’s role in the reduction process.

    Record the results in the M&A Sell Playbook.

    Guiding principles provide a sense of direction

    IT guiding principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting IT investment portfolio management, solution development, and procurement decisions.

    A diagram illustrating the place of 'IT guiding principles' in the process of making 'Decisions on the use of IT'. There are four main items, connecting lines naming the type of process in getting from one step to the next, and a line underneath clarifying the questions asked at each step. On the far left, over the question 'What decisions should be made?', is 'Business context and IT implications'. This flows forward to 'IT guiding principles', and they are connected by 'Influence'. Next, over the question 'How should decisions be made?', is the main highlighted section. 'IT guiding principles' flows forward to 'Decisions on the use of IT', and they are connected by 'Guide and inform'. On the far right, over the question 'Who has the accountability and authority to make decisions?', is 'IT policies'. This flows back to 'Decisions on the use of IT', and they are connected by 'Direct and control'.

    IT principles must be carefully constructed to make sure they are adhered to and relevant

    Info-Tech has identified a set of characteristics that IT principles should possess. These characteristics ensure the IT principles are relevant and followed in the organization.

    Approach focused. IT principles should be focused on the approach – how the organization is built, transformed, and operated – as opposed to what needs to be built, which is defined by both functional and non-functional requirements.

    Business relevant. Create IT principles that are specific to the organization. Tie IT principles to the organization’s priorities and strategic aspirations.

    Long lasting. Build IT principles that will withstand the test of time.

    Prescriptive. Inform and direct decision making with actionable IT principles. Avoid truisms, general statements, and observations.

    Verifiable. If compliance can’t be verified, people are less likely to follow the principle.

    Easily Digestible. IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren’t a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.

    Followed. Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously communicated to all stakeholders to achieve and maintain buy-in.

    In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

    Consider the example principles below

    IT Principle Name

    IT Principle Statement

    1. Risk Management We will ensure that the organization’s IT Risk Management Register is properly updated to reflect all potential risks and that a plan of action against those risks has been identified.
    2. Transparent Communication We will ensure employees are spoken to with respect and transparency throughout the transaction process.
    3. Separation for Success We will create a carve-out strategy that enables the organization and clearly communicates the resources required to succeed.
    4. Managed Data We will handle data creation, modification, separation, and use across the enterprise in compliance with our data governance policy.
    5.Deliver Better Customer Service We will reduce the number of products offered by IT, enabling a stronger focus on specific products or elements to increase customer service delivery.
    6. Compliance With Laws and Regulations We will operate in compliance with all applicable laws and regulations for both our organization and the potentially purchasing organization.
    7. Defined Value We will create a plan of action that aligns with the organization’s defined value expectations.
    8. Network Readiness We will ensure that employees and customers have immediate access to the network with minimal or no outages.
    9. Value Generator We will leverage the current IT people, processes, and technology to turn the IT organization into a value generator by developing and selling our services to purchasing organizations.

    2.1.2 Identify the guiding principles

    2 hours

    Input: Business objectives, IT capabilities, Rationale for the transaction, Mission and vision statements

    Output: IT’s guiding principles for reduction strategies tied to mergers, acquisitions, and divestitures

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create the guiding principles that will direct the IT organization throughout the reduction strategy process.

    1. Review the role of guiding principles and the examples of guiding principles that organizations have used.
    2. Brainstorm different versions of the guiding principles. Each guiding principle should start with the phrase “We will…”
    3. Edit and consolidate the statements until you have a list of approximately eight to ten statements that accurately reflect IT’s role in the reduction process.
    4. Review the guiding principles every six months to ensure they continue to support the delivery of the business’ reduction strategy goals.

    Record the results in the M&A Sell Playbook.

    Create two IT teams to support the transaction

    IT M&A Transaction Team

    • The IT M&A Transaction Team should consist of the strongest members of the IT team who can be expected to deliver on unusual or additional tasks not asked of them in normal day-to-day operations.
    • The roles selected for this team will have very specific skills sets or deliver on critical separation capabilities, making their involvement in the combination of two or more IT environments paramount.
    • These individuals need to have a history of proving themselves very trustworthy, as they will likely be required to sign an NDA as well.
    • Expect to have to certain duplicate capabilities or roles across the M&A Team and Operational Team.

    IT Operational Team

    • This group is responsible for ensuring the business operations continue.
    • These employees might be those who are newer to the organization but can be counted on to deliver consistent IT services and products.
    • The roles of this team should ensure that end users or external customers remain satisfied.

    Key capabilities to support M&A

    Consider the following capabilities when looking at who should be a part of the IT Transaction Team.

    Employees who have a significant role in ensuring that these capabilities are being delivered will be a top priority.

    Infrastructure & Operations

    • System Separation
    • Data Management
    • Helpdesk/Desktop Support
    • Cloud/Server Management

    Business Focus

    • Service-Level Management
    • Enterprise Architecture
    • Stakeholder Management
    • Project Management

    Risk & Security

    • Privacy Management
    • Security Management
    • Risk & Compliance Management

    Build a lasting and scalable operating model

    An operating model is an abstract visualization, used like an architect’s blueprint, that depicts how structures and resources are aligned and integrated to deliver on the organization’s strategy.

    It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint before embarking on detailed organizational design.

    The visual should highlight which capabilities are critical to attaining strategic goals and clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization.

    As you assess the current operating model, consider the following:

    • Does the operating model contain all the necessary capabilities your IT organization requires to be successful?
    • What capabilities should be duplicated?
    • Are there individuals with the skill set to support those roles? If not, is there a plan to acquire or develop those skills?
    • A dedicated project team strictly focused on M&A is great. However, is it feasible for your organization? If not, what blockers exist?
    A diagram with 'Initiatives' and 'Solutions' on the left and right of an area chart, 'Customer' at the top, the area between them labelled 'Functional Area n', and six horizontal bars labelled 'IT Capability' stacked on top of each other. The 'IT Capability' bars are slightly skewed to the 'Solutions' side of the chart.

    Info-Tech Insight

    Investing time up-front getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and allowing your model to change as the business changes.

    2.1.3 Create the future-state operating model

    4 hours

    Input: Current operating model, IT strategy, IT capabilities, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

    Output: Future-state operating model for divesting organizations

    Materials: Operating model, Capability overlay, Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to establish what the future-state operating model will be if your organization needs to adjust to support a divestiture transaction. If your organization plans to sell in its entirety, you may choose to skip this activity.

    1. Ensuring that all the IT capabilities are identified by the business and IT strategy, document your organization’s current operating model.
    2. Identify what core capabilities would be critical to the divesting transaction process and separation. Highlight and make copies of those capabilities in the M&A Sell Playbook. As a result of divesting, there may also be capabilities that will become irrelevant in your future state.
    3. Ensure the capabilities that will be decentralized are clearly identified. Decentralized capabilities do not exist within the central IT organization but rather in specific lines of businesses, products, or locations to better understand needs and deliver on the capability.

    An example operating model is included in the M&A Sell Playbook. This process benefits from strong reference architecture and capability mapping ahead of time.

    Record the results in the M&A Sell Playbook.

    2.1.4 Determine the transition team

    3 hours

    Input: IT capabilities, Future-state operating model, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

    Output: Transition team

    Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a team that will support your IT organization throughout the transaction. Determining which capabilities and therefore which roles will be required ensures that the business will continue to get the operational support it needs.

    1. Based on the outcome of activity 2.1.3, review the capabilities that your organization will require on the transition team. Group capabilities into functional groups containing capabilities that are aligned well with one another because they have similar responsibilities and functionalities.
    2. Replace the capabilities with roles. For example, stakeholder management, requirements gathering, and project management might be one functional group. Project management and stakeholder management might combine to create a project manager role.
    3. Review the examples in the M&A Sell Playbook and identify which roles will be a part of the transition team.

    For more information, see Redesign Your Organizational Structure

    What is governance?

    And why does it matter so much to IT and the M&A process?

    • Governance is the method in which decisions get made, specifically as they impact various resources (time, money, and people).
    • Because M&A is such a highly governed transaction, it is important to document the governance bodies that exist in your organization.
    • This will give insight into what types of governing bodies there are, what decisions they make, and how that will impact IT.
    • For example, funds to support separation need to be discussed, approved, and supplied to IT from a governing body overseeing the acquisition.
    • A highly mature IT organization will have automated governance, while a seemingly non-existent governance process will be considered ad hoc.
    A pyramid with four levels representing the types of governing bodies that are available with differing levels of IT maturity. An arrow beside the pyramid points upward. The bottom of the arrow is labelled 'Traditional (People and document centric)' and the top is labelled 'Adaptive (Data centric)'. Starting at the bottom of the pyramid is level 1 'Ad Hoc Governance', 'Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people'. Level 2 is 'Controlled Governance', 'Governance focused on compliance and decisions driven by hierarchical authority. Levels of authority are defined and often driven by regulatory'. Level 3 is 'Agile Governance', 'Governance that is flexible to support different needs and quick response in the organization. Driven by principles and delegated throughout the company'. At the top of the pyramid is level 4 'Automated Governance', 'Governance that is entrenched and automated into organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival'.

    2.1.5 Document M&A governance

    1-2 hours

    Input: List of governing bodies, Governing body committee profiles, Governance structure

    Output: Documented method on how decisions are made as it relates to the M&A transaction

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine the method in which decisions are made throughout the M&A transaction as it relates to IT. This will require understanding both governing bodies internal to IT and those external to IT.

    1. First, determine the other governance structures within the organization that will impact the decisions made about M&A. List out these bodies or committees.
    2. Create a profile for each committee that looks at the membership, purpose of the committee, decision areas (authority), and the process of inputs and outputs. Ensure IT committees that will have a role in this process are also documented. Consider the benefits realized, risks, and resources required for each.
    3. Organize the committees into a structure, identifying the committees that have a role in defining the strategy, designing and building, and running.

    Record the results in the M&A Sell Playbook.

    Current-state structure map – definitions of tiers

    Strategy: These groups will focus on decisions that directly connect to the strategic direction of the organization.

    Design & Build: The second tier of groups will oversee prioritization of a certain area of governance as well as design and build decisions that feed into strategic decisions.

    Run: The lowest level of governance will be oversight of more-specific initiatives and capabilities within IT.

    Expect tier overlap. Some committees will operate in areas that cover two or three of these governance tiers.

    Measure the IT program’s success in terms of its ability to support the business’ M&A goals

    Upper management will measure IT’s success based on your ability to support the underlying reasons for the M&A. Using business metrics will help assure business stakeholders that IT understands their needs and is working with the business to achieve them.

    Business-Specific Metrics

    • Revenue Growth: Increase in the top line as seen by market expansion, product expansion, etc. by percentage/time.
    • Synergy Extraction: Reduction in costs as determined by the ability to identify and eliminate redundancies over time.
    • Profit Margin Growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs over time.

    IT-Specific Metrics

    • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure over time.
    • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
    • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
    • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
    • Business capability support: Delivering the end state of IT that supports the expected business capabilities and growth.

    Establish your own metrics to gauge the success of IT

    Establish SMART M&A Success Metrics

    S pecific Make sure the objective is clear and detailed.
    M easurable Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.
    A ctionable Objectives become actionable when specific initiatives designed to achieve the objective are identified.
    R ealistic Objectives must be achievable given your current resources or known available resources.
    T ime-Bound An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.
    • What should IT consider when looking to identify potential additions, deletions, or modifications that will either add value to the organization or reduce costs/risks?
    • Provide a definition of synergies.
    • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure.
    • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
    • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
    • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
    • Revenue growth: Increase in the top line as a result, as seen by market expansion, product expansion, etc., as a result of divesting lines of the business and selling service-level agreements to the purchasing organization.
    • Synergy extraction: Reduction in costs, as determined by the ability to identify and eliminate redundancies.
    • Profit margin growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs.

    Metrics for each phase

    1. Proactive

    2. Discovery & Strategy

    3. Valuation & Due Diligence

    4. Execution & Value Realization

    • % Share of business innovation spend from overall IT budget
    • % Critical processes with approved performance goals and metrics
    • % IT initiatives that meet or exceed value expectation defined in business case
    • % IT initiatives aligned with organizational strategic direction
    • % Satisfaction with IT's strategic decision-making abilities
    • $ Estimated business value added through IT-enabled innovation
    • % Overall stakeholder satisfaction with IT
    • % Percent of business leaders that view IT as an Innovator
    • % IT budget as a percent of revenue
    • % Assets that are not allocated
    • % Unallocated software licenses
    • # Obsolete assets
    • % IT spend that can be attributed to the business (chargeback or showback)
    • % Share of CapEx of overall IT budget
    • % Prospective organizations that meet the search criteria
    • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
    • % Business leaders that view IT as a Business Partner
    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target
    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT separation
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    2.1.6 Create program metrics

    1-2 hours

    Input: IT capabilities, Mission, vision, and guiding principles, Rationale for the acquisition

    Output: Program metrics to support IT throughout the M&A process

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine how IT’s success throughout a growth transaction will be measured and determined.

    1. Document a list of appropriate metrics on the whiteboard. Remember to include metrics that demonstrate the business impact. You can use the sample metrics listed on the previous slide as a starting point.
    2. Set a target and deadline for each metric. This will help the group determine when it is time to evaluate progression.
    3. Establish a baseline for each metric based on information collected within your organization.
    4. Assign an owner for tracking each metric as well as someone to be accountable for performance.

    Record the results in the M&A Sell Playbook.

    Discovery & Strategy

    Step 2.2

    Prepare IT to Engage in the Separation or Sale

    Activities

    • 2.2.1 Establish the separation strategy
    • 2.2.2 Conduct a RACI
    • 2.2.3 Create the communication plan
    • 2.2.4 Assess the potential organization(s)

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Outcomes of Step

    Identify IT’s plan of action when it comes to the separation/sale and align IT’s separation/sale strategy with the business’ M&A strategy.

    Separation strategies

    There are several IT separation strategies that will let you achieve your target technology environment.

    IT Separation Strategies
    • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
    • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
    • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

    The approach IT takes will depend on the business objectives for the M&A.

    • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
    • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

    Key considerations when choosing an IT separation strategy include:

    • What are the main business objectives of the M&A?
    • What are the key synergies expected from the transaction?
    • What IT separation strategy best helps obtain these benefits?
    • What opportunities exist to position the business for sustainable and long-term growth?

    Separation strategies in detail

    Review highlights and drawbacks of different separation strategies

    Divest
      Highlights
    • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
    • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
      Drawbacks
    • May be forced to give up critical staff that have been known to deliver high value.
    • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
    • There can be increased risk and security concerns that need to be addressed.
    Sell
      Highlights
    • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
    • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
      Drawbacks
    • IT is no longer needed as an operating or capital service for the organization.
    • Lost resources, including highly trained and critical staff.
    • May require packaging employees off and using the profit or capital generated to cover any closing costs.
    Spin-Off or Joint Venture
      Highlights
    • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
    • Each side has a unique offering but complementing capabilities.
      Drawbacks
    • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
    • There could be differences in culture.
    • This could require a large amount of investment without a guarantee of profit or success.

    2.2.1 Establish the separation strategy

    1-2 hours

    Input: Business separation strategy, Guiding principles, M&A governance

    Output: IT’s separation strategy

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine IT’s approach to separating or selling. This approach might differ slightly from transaction to transaction. However, the businesses approach to transactions should give insight into the general separation strategy IT should adopt.

    1. Make sure you have clearly articulated the business objectives for the M&A, the technology end state for IT, and the magnitude of the overall separation.
    2. Review and discuss the highlights and drawbacks of each type of separation.
    3. Use Info-Tech’s Separation Posture Selection Framework on the next slide to select the separation posture that will appropriately enable the business. Consider these questions during your discussion:
      1. What are the main business objectives of the M&A? What key IT capabilities will need to support business objectives?
      2. What key synergies are expected from the transaction? What opportunities exist to position the business for sustainable growth?
      3. What IT separation best helps obtain these benefits?

    Record the results in the M&A Sell Playbook.

    Separation Posture Selection Framework

    Business M&A Strategy

    Resultant Technology Strategy

    M&A Magnitude (% of Seller Assets, Income, or Market Value)

    IT Separation Posture

    A. Horizontal Adopt One Model ‹100% Divest
    ›99% Sell
    B. Vertical Create Links Between Critical Systems Any Divest
    C. Conglomerate Independent Model Any Joint Venture
    Divest
    D. Hybrid: Horizontal & Conglomerate Create Links Between Critical Systems Any Divest
    Joint Venture

    M&A separation strategy

    Business M&A Strategy Resultant Technology Strategy M&A Magnitude (% of Seller Assets, Income, or Market Value) IT Separation Posture

    You may need a hybrid separation posture to achieve the technology end state.

    M&A objectives may not affect all IT domains and business functions in the same way. Therefore, the separation requirements for each business function may differ. Organizations will often choose to select and implement a hybrid separation posture to realize the technology end state.

    Each business division may have specific IT domain and capability needs that require an alternative separation strategy.

    • Example: Even when conducting a joint venture by forming a new organization, some partners might view themselves as the dominant partner and want to influence the IT environment to a greater degree.
    • Example: Some purchasing organizations will expect service-level agreements to be available for a significant period of time following the divestiture, while others will be immediately independent.

    2.2.2 Conduct a RACI

    1-2 hours

    Input: IT capabilities, Transition team, Separation strategy

    Output: Completed RACI for Transition team

    Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to identify the core accountabilities and responsibilities for the roles identified as critical to your transition team. While there might be slight variation from transaction to transaction, ideally each role should be performing certain tasks.

    1. First, identify a list of critical tasks that need to be completed to support the sale or separation. For example:
      • Communicate with the company M&A team.
      • Identify the key IT solutions that can and cannot be carved out.
      • Gather data room artifacts and provide them to acquiring organization.
    2. Next, identify at the activity level which role is accountable or responsible for each activity. Enter an A for accountable, R for responsible, or A/R for both.

    Record the results in the M&A Sell Playbook.

    Communication and change

    Prepare key stakeholders for the potential changes

    • Anytime you are starting a project or program that will depend on users and stakeholders to give up their old way of doing things, change will force people to become novices again, leading to lost productivity and added stress.
    • Change management can improve outcomes for any project where you need people to adopt new tools and procedures, comply with new policies, learn new skills and behaviors, or understand and support new processes.
    • M&As move very quickly, and it can be very difficult to keep track of which stakeholders you need to be communicating with and what you should be communicating.
    • Not all organizations embrace or resist change in the same ways. Base your change communications on your organization’s cultural appetite for change in general.
      • Organizations with a low appetite for change will require more direct, assertive communications.
      • Organizations with a high appetite for change are more suited to more open, participatory approaches.

    Three key dimensions determine the appetite for cultural change:

    • Power Distance. Refers to the acceptance that power is distributed unequally throughout the organization.
      In organizations with a high power distance, the unequal power distribution is accepted by the less powerful employees.
    • Individualism. Organizations that score high in individualism have employees who are more independent. Those who score low in individualism fall into the collectivism side, where employees are strongly tied to one another or their groups.
    • Uncertainty Avoidance. Describes the level of acceptance that an organization has toward uncertainty. Those who score high in this area find that their employees do not favor uncertain situations, while those that score low in this area find that their employees are comfortable with change and uncertainty.

    2.2.3 Create the communication plan

    1-2 hours

    Input: IT’s M&A mission, vision, and guiding principles, M&A transition team, IT separation strategy, RACI

    Output: IT’s M&A communication plan

    Materials: Flip charts/whiteboard, Markers, RACI, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a communication plan that IT can leverage throughout the initiative.

    1. Create a structured communication plan that allows for continuous communication with the integration management office, senior management, and the business functional heads.
    2. Outline key topics of communication, with stakeholders, inputs, and outputs for each topic.
    3. Review Info-Tech’s example communication plan in the M&A Sell Playbook and update it with relevant information.
    4. Does this communication plan make sense for your organization? What doesn’t make sense? Adjust the communication guide to suit your organization.

    Record the results in the M&A Sell Playbook.

    Assessing potential organizations

    As soon as you have identified organizations to consider, it’s imperative to assess critical risks. Most IT leaders can attest that they will receive little to no notice when the business is pursuing a sale and IT has to assess the IT organization. As a result, having a standardized template to quickly assess the potential acquiring organization is important.

    Ways to Assess

    1. News: Assess what sort of news has been announced in relation to the organization. Have they had any risk incidents? Has a critical vendor announced working with them?
    2. LinkedIn: Scan through the LinkedIn profiles of employees. This will give you a sense of what platforms they have based on employees. It will also give insight into positive or negative employee experiences that could impact retention.
    3. Trends: Some industries will have specific solutions that are relevant and popular. Assess what the key players are (if you don’t already know) to determine the solution.
    4. Business Architecture: While this assessment won’t perfect, try to understand the business’ value streams and the critical business and IT capabilities that would be needed to support them. Will your organization or employee skills be required to support these long term?

    Info-Tech Insight

    Assessing potential organizations is not just for the purchaser. The seller should also know what the purchasing organization’s history with M&As is and what potential risks could occur if remaining connected through ongoing SLAs.

    2.2.4 Assess the potential organization(s)

    1-2 hours

    Input: Publicized historical risk events, Solutions and vendor contracts likely in the works, Trends

    Output: IT’s valuation of the potential organization(s) for selling or divesting

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO

    The purpose of this activity is to assess the organization(s) that your organization is considering selling or divesting to.

    1. Complete the Historical Valuation Worksheet in the M&A Sell Playbook to understand the type of IT organization that your company may support.
      • The business likely isn’t looking for in-depth details at this time. However, as the IT leader, it is your responsibility to ensure critical risks are identified and communicated to the business.
    2. Use the information identified to help the business narrow down which organizations could be the right organizations to sell or divest to.

    Record the results in the M&A Sell Playbook.

    By the end of this pre-transaction phase you should:

    Have a program plan for M&As and a repeatable M&A strategy for IT when engaging in reduction transactions

    Key outcomes from the Discovery & Strategy phase
    • Prepare the IT environment to support the potential sale or divestiture by identifying critical program plan elements and establishing a separation or carve-out strategy that will enable the business to reach its goals.
    • Create a M&A strategy that accounts for all the necessary elements of a transaction and ensures sufficient governance, capabilities, and metrics exist.
    Key deliverables from the Discovery & Strategy phase
    • Create vision and mission statements
    • Establish guiding principles
    • Create a future-state operating model
    • Identify the key roles for the transaction team
    • Identify and communicate the M&A governance
    • Determine target metrics
    • Identify the M&A operating model
    • Select the separation strategy framework
    • Conduct a RACI for key transaction tasks for the transaction team
    • Document the communication plan

    M&A Sell Blueprint

    Phase 3

    Due Diligence & Preparation

    Phase 1Phase 2

    Phase 3

    Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Drive value with a due diligence charter
    • Gather data room artifacts
    • Measure staff engagement
    • Assess culture
    • Create a carve-out roadmap
    • Prioritize separation tasks
    • Establish the separation roadmap
    • Identify the buyer’s IT expectations
    • Create a service/transaction agreement
    • Estimate separation costs
    • Create an employee transition plan
    • Create functional workplans for employees
    • Align project metrics with identified tasks

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team
    • Business leaders
    • Purchasing organization
    • Transition team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Transaction FoundationDiscover the Motivation for SeparationIdentify Expectations and Create the Carve-Out RoadmapPrepare and Manage EmployeesPlan the Separation RoadmapNext Steps and Wrap-Up (offsite)

    Activities

    • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
    • 0.2 Identify key stakeholders and determine the IT transaction team.
    • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
    • 1.1 Review the business rationale for the divestiture/sale.
    • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
    • 1.3 Establish the separation strategy.
    • 1.4 Create the due diligence charter.
    • 2.1 Identify the buyer’s IT expectations.
    • 2.2 Create a list of IT artifacts to be reviewed in the data room.
    • 2.3 Create a carve-out roadmap.
    • 2.4 Create a service/technical transaction agreement.
    • 3.1 Measure staff engagement.
    • 3.2 Assess the current culture and identify the goal culture.
    • 3.3 Create an employee transition plan.
    • 3.4 Create functional workplans for employees.
    • 4.1 Prioritize separation tasks.
    • 4.2 Establish the separation roadmap.
    • 4.3 Establish and align project metrics with identified tasks.
    • 4.4 Estimate separation costs.
    • 5.1 Complete in-progress deliverables from previous four days.
    • 5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. IT strategy
    2. IT operating model
    3. IT governance structure
    4. M&A transaction team
    1. Business context implications for IT
    2. Separation strategy
    3. Due diligence charter
    1. Data room artifacts identified
    2. Carve-out roadmap
    3. Service/technical transaction agreement
    1. Engagement assessment
    2. Culture assessment
    3. Employee transition plans and workplans
    1. Separation roadmap and associated resourcing
    1. Divestiture separation strategy for IT

    What is the Due Diligence & Preparation phase?

    Mid-transaction state

    The Due Diligence & Preparation phase during a sale or divestiture is a critical time for IT. If IT fails to proactively participate in this phase, IT will have to merely react to separation expectations set by the business.

    If your organization is being sold in its entirety, staff will have major concerns about their future in the new organization. Making this transition as smooth as possible and being transparent could go a long way in ensuring their success in the new organization.

    In a divestiture, this is the time to determine where it’s possible for the organization to divide or separate from itself. A lack of IT involvement in these conversations could lead to an overcommitment by the business and under-delivery by IT.

    Goal: To ensure that, as the selling or divesting organization, you comply with regulations, prepare staff for potential changes, and identify a separation strategy if necessary

    Due Diligence Prerequisite Checklist

    Before coming into the Due Diligence & Preparation phase, you must have addressed the following:

    • Understand the rationale for the company's decision to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
    • Identify the key roles for the transaction team.
    • Identify the M&A governance.
    • Determine target metrics.
    • Select a separation strategy framework.
    • Conduct a RACI for key transaction tasks for the transaction team.

    Before coming into the Due Diligence & Preparation phase, we recommend addressing the following:

    • Create vision and mission statements.
    • Establish guiding principles.
    • Create a future-state operating model.
    • Identify the M&A operating model.
    • Document the communication plan.
    • Examine the business perspective of IT.
    • Identify key stakeholders and outline their relationship to the M&A process.
    • Be able to valuate the IT environment and communicate IT’s value to the business.

    The Technology Value Trinity

    Delivery of Business Value & Strategic Needs

    • Digital & Technology Strategy
      The identification of objectives and initiatives necessary to achieve business goals.
    • IT Operating Model
      The model for how IT is organized to deliver on business needs and strategies.
    • Information & Technology Governance
      The governance to ensure the organization and its customers get maximum value from the use of information and technology.

    All three elements of the Technology Value Trinity work in harmony to deliver business value and achieve strategic needs. As one changes, the others need to change as well.

    • Digital and IT Strategy tells you what you need to achieve to be successful.
    • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
    • Information & Technology Governance is the confirmation of IT’s goals and strategy, which ensures the alignment of IT and business strategy. It’s the mechanism by which you continuously prioritize work to ensure that what is delivered is in line with the strategy. This oversight evaluates, directs, and monitors the delivery of outcomes to ensure that the use of resources results in the achieving the organization’s goals.

    Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest – not based on what is in the best interest of the organization.

    Due Diligence & Preparation

    Step 3.1

    Engage in Due Diligence and Prepare Staff

    Activities

    • 3.1.1 Drive value with a due diligence charter
    • 3.1.2 Gather data room artifacts
    • 3.1.3 Measure staff engagement
    • 3.1.4 Assess culture

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team
    • Business leaders
    • Prospective IT organization
    • Transition team

    Outcomes of Step

    This step of the process is when IT should prepare and support the business in due diligence and gather the necessary information about staff changes.

    3.1.1 Drive value with a due diligence charter

    1-2 hours

    Input: Key roles for the transaction team, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

    Output: IT Due Diligence Charter

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a charter leveraging the items completed in the previous phase, as listed on the Due Diligence Prerequisite Checklist slide, to gain executive sign-off.

    1. In the IT Due Diligence Charter in the M&A Sell Playbook, complete the aspects of the charter that are relevant for you and your organization.
    2. We recommend including these items in the charter:
      • Communication plan
      • Transition team roles
      • Goals and metrics for the transaction
      • Separation strategy
      • Sale/divestiture RACI
    3. Once the charter has been completed, ensure that business executives agree to the charter and sign off on the plan of action.

    Record the results in the M&A Sell Playbook.

    3.1.2 Gather data room artifacts

    4 hours

    Input: Future-state operating model, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

    Output: List of items to acquire and verify can be provided to the purchasing organization while in the data room

    Materials: Critical domain lists on following slides, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team, Legal team, Compliance/privacy officers

    The purpose of this activity is to create a list of the key artifacts that you could be asked for during the due diligence process.

    1. Review the lists on the following pages as a starting point. Identify which domains, stakeholders, artifacts, and information should be requested for the data room.
    2. IT leadership may or may not be asked to enter the data room directly. The short notice for having to find these artifacts for the purchasing organization can leave your IT organization scrambling. Identify the critical items worth obtaining ahead of time.
    3. Once you have identified the artifacts, provide the list to the legal team or compliance/privacy officers and ensure they also agree those items can be provided. If changes to the documents need to be made, take the time to do so.
    4. Store all items in a safe and secure file or provide to the M&A team ahead of due diligence.

    **Note that if your organization is not leading/initiating the data room, then you can ignore this activity.

    Record the results in the M&A Sell Playbook.

    Critical domains

    Understand the key stakeholders and outputs for each domain

    Domain

    Stakeholders

    Key Artifacts

    Key Information to request

    Business
    • Enterprise Architecture
    • Business Relationship Manager
    • Business Process Owners
    • Business capability map
    • Capability map (the M&A team should be taking care of this, but make sure it exists)
    • Business satisfaction with various IT systems and services
    Leadership/IT Executive
    • CIO
    • CTO
    • CISO
    • IT budgets
    • IT capital and operating budgets (from current year and previous year)
    Data & Analytics
    • Chief Data Officer
    • Data Architect
    • Enterprise Architect
    • Master data domains, system of record for each
    • Unstructured data retention requirements
    • Data architecture
    • Master data domains, sources, and storage
    • Data retention requirements
    Applications
    • Applications Manager
    • Application Portfolio Manager
    • Application Architect
    • Applications map
    • Applications inventory
    • Applications architecture
    • Copy of all software license agreements
    • Copy of all software maintenance agreements
    Infrastructure
    • Head of Infrastructure
    • Enterprise Architect
    • Infrastructure Architect
    • Infrastructure Manager
    • Infrastructure map
    • Infrastructure inventory
    • Network architecture (including which data centers host which infrastructure and applications)
    • Inventory (including separation capabilities of vendors, versions, switches, and routers)
    • Copy of all hardware lease or purchase agreements
    • Copy of all hardware maintenance agreements
    • Copy of all outsourcing/external service provider agreements
    • Copy of all service-level agreements for centrally provided, shared services and systems
    Products and Services
    • Product Manager
    • Head of Customer Interactions
    • Product lifecycle
    • Product inventory
    • Customer market strategy

    Critical domains (continued)

    Understand the key stakeholders and outputs for each domain

    Domain

    Stakeholders

    Key Artifacts

    Key Information to request

    Operations
    • Head of Operations
    • Service catalog
    • Service overview
    • Service owners
    • Access policies and procedures
    • Availability and service levels
    • Support policies and procedures
    • Costs and approvals (internal and customer costs)
    IT Processes
    • CIO
    • IT Management
    • VP of IT Governance
    • VP of IT Strategy
    • IT process flow diagram
    • Processes in place and productivity levels (capacity)
    • Critical processes/processes the organization feels they do particularly well
    IT People
    • CIO
    • VP of Human Resources
    • IT organizational chart
    • Competency & capacity assessment
    • IT organizational structure (including resources from external service providers such as contractors) with appropriate job descriptions or roles and responsibilities
    • IT headcount and location
    Security
    • CISO
    • Security Architect
    • Security posture
    • Information security staff
    • Information security service providers
    • Information security tools
    • In-flight information security projects
    Projects
    • Head of Projects
    • Project portfolio
    • List of all future, ongoing, and recently completed projects
    Vendors
    • Head of Vendor Management
    • License inventory
    • Inventory (including what will and will not be transitioning, vendors, versions, number of licenses)

    Retain top talent throughout the transition

    Focus on retention and engagement

    • People are such a critical component of this process, especially in the selling organization.
    • Retaining employees, especially the critical employees who hold specific skills or knowledge, will ensure the success and longevity of the divesting organization, purchasing organization, or the new company.
    • Giving employees a role in the organization and ensuring they do not see their capabilities as redundant will be critical to the process.
    • It is okay if employees need to change what they were doing temporarily or even long-term. However, being transparent about these changes and highlighting their value to the process and organization(s) will help.
    • The first step to moving forward with retention is to look at the baseline engagement and culture of employees and the organization. This will help determine where to focus and allow you to identify changes in engagement that resulted from the transaction.
    • Job engagement drivers are levers that influence the engagement of employees in their day-to-day roles.
    • Organizational engagement drivers are levers that influence an employee’s engagement with the broader organization.
    • Retention drivers are employment needs. They don’t necessarily drive engagement, but they must be met for engagement to be possible.

    3.1.3 Measure staff engagement

    3-4 hours

    Input: Engagement survey

    Output: Baseline engagement scores

    Materials: Build an IT Employee Engagement Program

    Participants: IT executive/CIO, IT senior leadership, IT employees of current organization

    The purpose of this activity is to measure current staff engagement to have a baseline to measure against in the future state. This is a good activity to complete if you will be divesting or selling in entirety.

    The results from the survey should act as a baseline to determine what the organization is doing well in terms of employee engagement and what drivers could be improved upon.

    1. Review Info-Tech’s Build an IT Employee Engagement Program research and select a survey that will best meet your needs.
    2. Conduct the survey and note which drivers employees are currently satisfied with. Likewise, note where there are opportunities.
    3. Document actions that should be taken to mitigate the negative engagement drivers throughout the transaction and enhance or maintain the positive engagement drivers.

    Record the results in the M&A Sell Playbook.

    Assess culture as a part of engagement

    Culture should not be overlooked, especially as it relates to the separation of IT environments

    • There are three types of culture that need to be considered.
    • Most importantly, this transition is an opportunity to change the culture that might exist in your organization’s IT environment.
    • Make a decision on which type of culture you’d like IT to have post transition.

    Target Organization's Culture. The culture that the target organization is currently embracing. Their established and undefined governance practices will lend insight into this.

    Your Organization’s Culture. The culture that your organization is currently embracing. Examine people’s attitudes and behaviors within IT toward their jobs and the organization.

    Ideal Culture. What will the future culture of the IT organization be once separation is complete? Are there aspects that your current organization and the target organization embrace that are worth considering?

    Culture categories

    Map the results of the IT Culture Diagnostic to an existing framework

    Competitive
    • Autonomy
    • Confront conflict directly
    • Decisive
    • Competitive
    • Achievement oriented
    • Results oriented
    • High performance expectations
    • Aggressive
    • High pay for good performance
    • Working long hours
    • Having a good reputation
    • Being distinctive/different
    Innovative
    • Adaptable
    • Innovative
    • Quick to take advantage of opportunities
    • Risk taking
    • Opportunities for professional growth
    • Not constrained by rules
    • Tolerant
    • Informal
    • Enthusiastic
    Traditional
    • Stability
    • Reflective
    • Rule oriented
    • Analytical
    • High attention to detail
    • Organized
    • Clear guiding philosophy
    • Security of employment
    • Emphasis on quality
    • Focus on safety
    Cooperative
    • Team oriented
    • Fair
    • Praise for good performance
    • Supportive
    • Calm
    • Developing friends at work
    • Socially responsible

    Culture Considerations

    • What culture category was dominant for each IT organization?
    • Do you share the same dominant category?
    • Is your current dominant culture category the most ideal to have post-separation?

    3.1.4 Assess Culture

    3-4 hours

    Input: Cultural assessments for current IT organization, Cultural assessment for target IT organization

    Output: Goal for IT culture

    Materials: IT Culture Diagnostic

    Participants: IT executive/CIO, IT senior leadership, IT employees of current organization, IT employees of target organization, Company M&A team

    The purpose of this activity is to assess the different cultures that might exist within the IT environments of the organizations involved. By understanding the culture that exists in the purchasing organization, you can identify the fit and prepare impacted staff for potential changes.

    1. Complete this activity by leveraging the blueprint Fix Your IT Culture, specifically the IT Culture Diagnostic.
    2. Fill out the diagnostic for the IT department in your organization:
      1. Answer the 16 questions in tab 2, Diagnostic.
      2. Find out your dominant culture and review recommendations in tab 3, Results.
    3. Document the results from tab 3, Results, in the M&A Sell Playbook if you are trying to record all artifacts related to the transaction in one place.
    4. Repeat the activity for the purchasing organization.
    5. Leverage the information to determine what the goal for the culture of IT will be post-separation if it will differ from the current culture.

    Record the results in the M&A Sell Playbook.

    Due Diligence & Preparation

    Step 3.2

    Prepare to Separate

    Activities

    • 3.2.1 Create a carve-out roadmap
    • 3.2.2 Prioritize separation tasks
    • 3.2.3 Establish the separation roadmap
    • 3.2.4 Identify the buyer’s IT expectations
    • 3.2.5 Create a service/transaction agreement
    • 3.2.6 Estimate separation costs
    • 3.2.7 Create an employee transition plan
    • 3.2.8 Create functional workplans for employees
    • 3.2.9 Align project metrics with identified tasks

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Transition team
    • Company M&A team
    • Purchasing organization

    Outcomes of Step

    Have an established plan of action toward separation across all domains and a strategy toward resources.

    Don’t underestimate the importance of separation preparation

    Separation involves taking the IT organization and dividing it into two or more separate entities.

    Testing the carve capabilities of the IT organization often takes 3 months. (Source: Cognizant, 2014)

    Daimler-Benz lost nearly $19 billion following its purchase of Chrysler by failing to recognize the cultural differences that existed between the two car companies. (Source: Deal Room)

    Info-Tech Insight

    Separating the IT organization requires more time and effort than business leaders will know. Frequently communicate challenges and lost opportunities when carving the IT environment out.

    Separation needs

    Identify the business objectives of the sale to determine the IT strategy

    Set up a meeting with your IT due diligence team to:

    • Ensure there will be no gaps in the delivery of products and services in the future state.
    • Discuss the people and processes necessary to achieve the target technology environment and support M&A business objectives.

    Use this opportunity to:

    • Identify data and application complexities between the involved organizations.
    • Identify the IT people and process gaps, initiatives, and levels of support expected.
    • Determine your infrastructure needs to ensure effectiveness and delivery of services:
      • Does IT have the infrastructure to support the applications and business capabilities?
      • Identify any gaps between the current infrastructure in both organizations and the infrastructure required.
      • Identify any redundancies/gaps.
      • Determine the appropriate IT separation strategies.
    • Document your gaps, redundancies, initiatives, and assumptions to help you track and justify the initiatives that must be undertaken and help estimate the cost of separation.

    Separation strategies

    There are several IT separation strategies that will let you achieve your target technology environment.

    IT Separation Strategies
    • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
    • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
    • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

    The approach IT takes will depend on the business objectives for the M&A.

    • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
    • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

    Key considerations when choosing an IT separation strategy include:

    • What are the main business objectives of the M&A?
    • What are the key synergies expected from the transaction?
    • What IT separation strategy best helps obtain these benefits?
    • What opportunities exist to position the business for sustainable and long-term growth?

    Separation strategies in detail

    Review highlights and drawbacks of different separation strategies

    Divest
      Highlights
    • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
    • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
      Drawbacks
    • May be forced to give up critical staff that have been known to deliver high value.
    • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
    • There can be increased risk and security concerns that need to be addressed.
    Sell
      Highlights
    • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
    • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
      Drawbacks
    • IT is no longer needed as an operating or capital service for the organization.
    • Lost resources, including highly trained and critical staff.
    • May require packaging employees off and using the profit or capital generated to cover any closing costs.
    Spin-Off or Joint Venture
      Highlights
    • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
    • Each side has a unique offering but complementing capabilities.
      Drawbacks
    • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
    • There could be differences in culture.
    • This could require a large amount of investment without a guarantee of profit or success.

    Preparing the carve-out roadmap

    And why it matters so much

    • When carving out the IT environment in preparation for a divestiture, it’s important to understand the infrastructure, application, and data connections that might exist.
    • Much to the business’ surprise, carving out the IT environment is not easy, especially when considering the services and products that might depend on access to certain applications or data sets.
    • Once the business has indicated which elements they anticipate divesting, be prepared for testing the functionality and ability of this carve-out, either through automation or manually. There are benefits and drawbacks to both methods:
      • Automated requires a solution and a developer to code the tests.
      • Manual requires time to find the errors, possibly more time than automated testing.
    • Identify if there are dependencies that will make the carve-out difficult.
      • For example, the business is trying to divest Product X, but that product is integrated with Product Y, which is not being sold.
      • Consider all the processes and products that specific data might support as well.
      • Moreover, the data migration tool will need to enter the ERP system and identify not just the data but all supporting and historical elements that underlie the data.

    Critical components to consider:

    • Selecting manual or automated testing
    • Determining data dependencies
    • Data migration capabilities
    • Auditing approval
    • People and skills that support specific elements being carved out

    3.2.1 Create a carve-out roadmap

    6 hours

    Input: Items included in the carve-out, Dependencies, Whether testing is completed, If the carve-out will pass audit, If the carve-out item is prepared to be separated

    Output: Carve-out roadmap

    Materials: Business’ divestiture plan, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Business leaders, Transition team

    The purpose of this activity is to prepare the IT environment by identifying a carve-out roadmap, specifically looking at data, infrastructure, and applications. Feel free to expand the roadmap to include other categories as your organization sees fit.

    1. In the Carve-Out Roadmap in the M&A Sell Playbook, identify the key elements of the carve-out in the first column.
    2. Note any dependencies the items might have. For example:
      • The business is selling Product X, which is linked to Data X and Data Y. The organization does not want to sell Data Y. Data X would be considered dependent on Data Y.
    3. Once the dependencies have been confirmed, begin automated or manual testing to examine the possibility of separating the data sets (or other dependencies) from one another.
    4. After identifying an acceptable method of separation, inform the auditing individual or body and confirm that there would be no repercussions for the planned process.

    Record the results in the M&A Sell Playbook.

    3.2.2 Prioritize separation tasks

    2 hours

    Input: Separation tasks, Transition team, M&A RACI

    Output: Prioritized separation list

    Materials: Separation task checklist, Separation roadmap

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to prioritize the different separation tasks that your organization has identified as necessary to this transaction. Some tasks might not be relevant for this particular transaction, and others might be critical.

    1. Begin by downloading the SharePoint or Excel version of the M&A Separation Project Management Tool.
    2. Identify which separation tasks you want to have as part of your project plan. Alter or remove any tasks that are irrelevant to your organization. Add in tasks you think are missing.
    3. When deciding criticality of the task, consider the effect on stakeholders, those who are impacted or influenced in the process of the task, and dependencies (e.g. data strategy needs to be addressed first before you can tackle its dependencies, like data quality).
    4. Feel free to edit the way you measure criticality. The standard tool leverages a three-point scale. At the end, you should have a list of tasks in priority order based on criticality.

    Record the updates in the M&A Separation Project Management Tool (SharePoint).

    Record the updates in the M&A Separation Project Management Tool (Excel).

    Separation checklists

    Prerequisite Checklist
    • Build the project plan for separation and prioritize activities
      • Plan first day
      • Plan first 30/100 days
      • Plan first year
    • Create an organization-aligned IT strategy
    • Identify critical stakeholders
    • Create a communication strategy
    • Understand the rationale for the sale or divestiture
    • Develop IT's sale/divestiture strategy
      • Determine goal opportunities
      • Create the mission and vision statements
      • Create the guiding principles
      • Create program metrics
    • Consolidate reports from due diligence/data room
    • Conduct culture assessment
    • Create a transaction team
    • Establish a service/technical transaction agreement
    • Plan and communicate culture changes
    • Create an employee transition plan
    • Assess baseline engagement
    Business
    • Design an enterprise architecture
    • Document your business architecture
    • Meet compliance and regulatory standards
    • Identify and assess all of IT's risks
    Applications
    • Prioritize and address critical applications
      • CRM
      • HRIS
      • Financial
      • Sales
      • Risk
      • Security
      • ERP
      • Email
    • Develop method of separating applications
    • Model critical applications that have dependencies on one another
    • Identify the infrastructure capacity required to support critical applications
    • Prioritize and address critical applications
    Leadership/IT Executive
    • Build an IT budget
    • Structure operating budget
    • Structure capital budget
    • Identify the workforce demand vs. capacity
    • Establish and monitor key metrics
    • Communicate value realized/cost savings
    Data
    • Confirm data strategy
    • Confirm data governance
    • Build a data architecture roadmap
    • Analyze data sources and domains
    • Evaluate data storage (on-premises vs. cloud)
    • Develop an enterprise content management strategy and roadmap
    • Ensure cleanliness/usability of data sets
    • Identify data sets that can remain operational if reduced/separated
    • Develop reporting and analytics capabilities
    • Confirm data strategy
    Operations
    • Manage sales access to customer data
    • Determine locations and hours of operation
    • Separate/terminate phone lists and extensions
    • Split email address books
    • Communicate helpdesk/service desk information

    Separation checklists (continued)

    Infrastructure
    • Manage organization domains
    • Consolidate data centers
    • Compile inventory of vendors, versions, switches, and routers
    • Review hardware lease or purchase agreements
    • Review outsourcing/service provider agreements
    • Review service-level agreements
    • Assess connectivity linkages between locations
    • Plan to migrate to a single email system if necessary
    • Determine network access concerns
    Vendors
    • Establish a sustainable vendor management office
    • Review vendor landscape
    • Identify warranty options
    • Identify the licensing grant
    • Rationalize vendor services and solutions
    People
    • Design an IT operating model
    • Design your future IT organizational structure
    • Conduct a RACI for prioritized activities
    • Conduct a culture assessment and identify goal IT culture
    • Build an IT employee engagement program
    • Determine critical roles and systems/process/products they support
    • Define new job descriptions with meaningful roles and responsibilities
    • Create employee transition plans
    • Create functional workplans
    Projects
    • Identify projects to be on hold
    • Communicate project intake process
    • Reprioritize projects
    Products & Services
    • Redefine service catalog
    • Ensure customer interaction requirements are met
    • Select a solution for product lifecycle management
    • Plan service-level agreements
    Security
    • Conduct a security assessment
    • Develop accessibility prioritization and schedule
    • Establish an information security strategy
    • Develop a security awareness and training program
    • Develop and manage security governance, risk, and compliance
    • Identify security budget
    • Build a data privacy and classification program
    IT Processes
    • Evaluate current process models
    • Determine productivity/capacity levels of processes
    • Identify processes to be changed/terminated
    • Establish a communication plan
    • Develop a change management process
    • Establish/review IT policies
    • Evaluate current process models

    3.2.2 Establish the separation roadmap

    2 hours

    Input: Prioritized separation tasks, Carve-out roadmap, Employee transition plan, Separation RACI, Costs for activities, Activity owners

    Output: Separation roadmap

    Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel), SharePoint Template: Step-by-Step Deployment Guide

    Participants: IT executive/CIO, IT senior leadership, Transition team, Company M&A team

    The purpose of this activity is to create a roadmap to support IT throughout the separation process. Using the information gathered in previous activities, you can create a roadmap that will ensure a smooth separation.

    1. Use our Separation Project Management Tool to help track critical elements in relation to the separation project. There are a few options available:
      1. Follow the instructions on the next slide if you are looking to upload our SharePoint project template. Additional instructions are available in the SharePoint Template Step-by-Step Deployment Guide.
      2. If you cannot or do not want to use SharePoint as your project management solution, download our Excel version of the tool.
        **Remember that this your tool, so customize to your liking.
    2. Identify who will own or be accountable for each of the separation tasks and establish the time frame for when each project should begin and end. This will confirm which tasks should be prioritized.

    Record the updates in the M&A Separation Project Management Tool (SharePoint).

    Record the updates in the M&A Separation Project Management Tool (Excel).

    Separation Project Management Tool (SharePoint Template)

    Follow these instructions to upload our template to your SharePoint environment

    1. Create or use an existing SP site.
    2. Download the M&A Separation Project Management Tool (SharePoint) .wsp file from the Mergers & Acquisitions: The Sell Blueprint landing page.
    3. To import a template into your SharePoint environment, do the following:
      1. Open PowerShell.
      2. Connect-SPO Service (need to install PowerShell module).
      3. Enter in your tenant admin URL.
      4. Enter in your admin credentials.
      5. Set-SPO Site https://YourDomain.sharepoint.com/sites/YourSiteHe... -DenyAddAndCustomizePages 0
      OR
      1. Turn on both custom script features to allow users to run custom
    4. Screenshot of the 'Custom Script' option for importing a template into your SharePoint environment. Feature description reads 'Control whether users can run custom script on personal sites and self-service created sites. Note: changes to this setting might take up to 24 hours to take effect. For more information, see http://go.microsoft.com/fwlink/?LinkIn=397546'. There are options to prevent or allow users from running custom script on personal/self-service created sites.
    5. Enable the SharePoint Server feature.
    6. Upload the .wsp file in Solutions Gallery.
    7. Deploy by creating a subsite and select from custom options.
      • Allow or prevent custom script
      • Security considerations of allowing custom script
      • Save, download, and upload a SharePoint site as a template
    8. Refer to Microsoft documentation to understand security considerations and what is and isn’t supported:

    For more information, check out the SharePoint Template: Step-by-Step Deployment Guide.

    Supporting the transition and establishing service-level agreements

    The purpose of this part of the transition is to ensure both buyer and seller have a full understanding of expectations for after the transaction.

    • Once the organizations have decided to move forward with a deal, all parties need a clear level of agreement.
    • IT, since it is often seen as an operational division of an organization, is often expected to deliver certain services or products once the transaction has officially closed.
    • The purchasing organization or the new company might depend on IT to deliver these services until they are able to provide those services on their own.
    • Having a clear understanding of what the buyer’s expectations are and what your company, as the selling organization, can provide is important.
    • Have a conversation with the buyer and document those expectations in a signed service agreement.

    3.2.4 Identify the buyer's IT expectations

    3-4 hours

    Input: Carve-out roadmap, Separation roadmap, Up-to-date version of the agreement

    Output: Buyer’s IT expectations

    Materials: Questions for meeting

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

    The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization. By identifying, documenting, and agreeing on what services your IT organization will be responsible for, you can obtain a final agreement to protect you as the selling organization.

    1. Buyers should not assume certain services will be provided. Organize a meeting with IT leaders and the company M&A teams to determine what services will be provided.
    2. The next slide has a series of questions that you can start from. Ensure you get detailed information about each of the services.
    3. Once you fully understand the buyer’s IT expectations, create an SLA in the next activity and obtain sign-off from both organizations.

    Questions to ask the buyer

    1. What services would you like my IT organization to provide?
    2. How long do you anticipate those services will be provided to you?
    3. How do you expect your staff/employees to communicate requests or questions to my staff/employees?
    4. Are there certain days or times that you expect these services to be delivered?
    5. How many staff do you expect should be available to support you?
    6. What should be the acceptable response time on given service requests?
    7. When it comes to the services you require, what level of support should we provide?
    8. If a service requires escalation to Level 2 or Level 3 support, are we still expected to support this service? Or are we only Level 1 support?
    9. What preventative security methods does your organization have to protect our environment during this agreement period?

    3.2.5 Create a service/ transaction agreement

    6 hours

    Input: Buyer's expectations, Separation roadmap

    Output: SLA for the purchasing organization

    Materials: Service Catalog Internal Service Level Agreement Template, M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

    The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization post-transaction that your IT organization is agreeing to provide.

    1. Document the expected services and the related details in a service-level agreement.
    2. Provide the SLA to the purchasing organization.
    3. Obtain sign-off from both organizations on the level of service that is expected of IT.
    4. Update the M&A Separation Project Management Tool Excel or SharePoint document to reflect any additional items that the purchasing organization identified.

    *For organizations being purchased in their entirety, this activity may not be relevant.

    Modify the Service Catalog Internal Service Level Agreement with the agreed-upon terms of the SLA.

    Importance of estimating separation costs

    Change is the key driver of separation costs

    Separation costs are dependent on the following:
    • Meeting synergy targets – whether that be cost saving or growth related.
      • Employee-related costs, licensing, and reconfiguration fees play a huge part in meeting synergy targets.
    • Adjustments related to compliance or regulations – especially if there are changes to legal entities, reporting requirements, or risk mitigation standards.
    • Governance or third party–related support required to ensure timelines are met and the separation is a success.
    Separation costs vary by industry type.
    • Certain industries may have separation costs made up of mostly one type, differing from other industries, due to the complexity and demands of the transaction. For example:
      • Healthcare separation costs are mostly driven by regulatory, safety, and quality standards, as well as consolidation of the research and development function.
      • Energy and Utilities tend to have the lowest separation costs due to most transactions occurring within the same sector rather than as cross-sector investments. For example, oil and gas transactions tend to be for oil fields and rigs (strategic fixed assets), which can easily be added to the buyer’s portfolio.

    Separation costs are more related to the degree of change required than the size of the transaction.

    3.2.6 Estimate separation costs

    3-4 hours

    Input: Separation tasks, Transition team, Valuation of current IT environment, Valuation of target IT environment, Outputs from data room, Technical debt, Employees

    Output: List of anticipated costs required to support IT separation

    Materials: Separation task checklist, Separation roadmap, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to estimate the costs that will be associated with the separation. Identify and communicate a realistic figure to the larger M&A team within your company as early in the process as possible. This ensures that the funding required for the transaction is secured and budgeted for in the overarching transaction.

    1. On the associated slide in the M&A Sell Playbook, input:
      • Task
      • Domain
      • Cost type
      • Total cost amount
      • Level of certainty around the cost
    2. Provide a copy of the estimated costs to the company’s M&A team. Also provide any additional information identified earlier to help them understand the importance of those costs.

    Record the results in the M&A Sell Playbook.

    Employee transition planning

    Considering employee impact will be a huge component to ensure successful separation

    • Meet With Leadership
    • Plan Individual and Department Redeployment
    • Plan Individual and Department Layoffs
    • Monitor and Manage Departmental Effectiveness
    • For employees, the transition could mean:
      • Changing from their current role to a new role to meet requirements and expectations throughout the transition.
      • Being laid off because the role they are currently occupying has been made redundant.
    • It is important to plan for what the M&A separation needs will be and what the IT operational needs will be.
    • A lack of foresight into this long-term plan could lead to undue costs and headaches trying to retain critical staff, rehiring positions that were already let go, and keeping redundant employees longer then necessary.

    Info-Tech Insight

    Being transparent throughout the process is critical. Do not hesitate to tell employees the likelihood that their job may be made redundant. This will ensure a high level of trust and credibility for those who remain with the organization after the transaction.

    3.2.7 Create an employee transition plan

    3-4 hours

    Input: IT strategy, IT organizational design

    Output: Employee transition plans

    Materials: M&A Sell Playbook, Whiteboard, Sticky notes, Markers

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to create a transition plan for employees.

    1. Transition planning can be done at specific individual levels or more broadly to reflect a single role. Consider these four items in the transition plan:
      • Understand the direction of the employee transitions.
      • Identify employees that will be involved in the transition (moved or laid off).
      • Prepare to meet with employees.
      • Meet with employees.
    2. For each employee that will be facing some sort of change in their regular role, permanent or temporary, create a transition plan.
    3. For additional information on transitioning employees, review the blueprint Streamline Your Workforce During a Pandemic.

    **Note that if someone’s future role is a layoff, then there is no need to record anything for skills needed or method for skill development.

    Record the results in the M&A Sell Playbook.

    3.2.8 Create functional workplans for employees

    3-4 hours

    Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners

    Output: Employee functional workplans

    Materials: M&A Sell Playbook, Learning and development tools

    Participants: IT executive/CIO, IT senior leadership, IT management team, Company M&A team, Transition team

    The purpose of this activity is to create a functional workplan for the different employees so that they know what their key role and responsibilities are once the transaction occurs.

    1. First complete the transition plan from the previous activity (3.2.7) and the separation roadmap. Have these documents ready to review throughout this process.
    2. Identify the employees who will be transitioning to a new role permanently or temporarily. Creating a functional workplan is especially important for these employees.
    3. Identify the skills these employees need to have to support the separation. Record this in the corresponding slide in the M&A Sell Playbook.
    4. For each employee, identify someone who will be a point of contact for them throughout the transition.

    It is recommended that each employee have a functional workplan. Leverage the IT managers to support this task.

    Record the results in the M&A Sell Playbook.

    Metrics for separation

    Valuation & Due Diligence

    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target

    Execution & Value Realization

    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT separation
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    3.2.9 Align project metrics with identified tasks

    3-4 hours

    Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners, M&A goals

    Output: Separation-specific metrics to measure success

    Materials: Separation roadmap, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Transition team

    The purpose of this activity is to understand how to measure the success of the separation project by aligning metrics to each identified task.

    1. Review the M&A goals identified by the business. Your metrics will need to tie back to those business goals.
    2. Identify metrics that align to identified tasks and measure achievement of those goals. For each metric you consider, ask the following questions:
      • What is the main goal or objective that this metric is trying to solve?
      • What does success look like?
      • Does the metric promote the right behavior?
      • Is the metric actionable? What is the story you are trying to tell with this metric?
      • How often will this get measured?
      • Are there any metrics it supports or is supported by?

    Record the results in the M&A Sell Playbook.

    By the end of this mid-transaction phase you should:

    Have successfully evaluated your IT people, processes, and technology to determine a roadmap forward for separating or selling.

    Key outcomes from the Due Diligence & Preparation phase
    • Participate in due diligence activities to comply with regulatory and auditing standards and prepare employees for the transition.
    • Create a separation roadmap that considers the tasks that will need to be completed and the resources required to support separation.
    Key deliverables from the Due Diligence & Preparation phase
    • Drive value with a due diligence charter
    • Gather data room artifacts
    • Measure staff engagement
    • Assess culture
    • Create a carve-out roadmap
    • Prioritize separation tasks
    • Establish the separation roadmap
    • Identify the buyer’s IT expectations
    • Create a service/transaction agreement
    • Estimate separation costs
    • Create an employee transition plan
    • Create functional workplans for employees
    • Align project metrics with identified tasks

    M&A Sell Blueprint

    Phase 4

    Execution & Value Realization

    Phase 1Phase 2Phase 3

    Phase 4

    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Monitor service agreements
    • Continually update the project plan
    • Confirm separation costs
    • Review IT’s transaction value
    • Conduct a transaction and separation SWOT
    • Review the playbook and prepare for future transactions

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Vendor management team
    • IT transaction team
    • Company M&A team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Engage in Separation

    Day 4

    Establish the Transaction FoundationDiscover the Motivation for IntegrationPlan the Separation RoadmapPrepare Employees for the TransitionEngage in SeparationAssess the Transaction Outcomes (Must be within 30 days of transaction date)

    Activities

    • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
    • 0.2 Identify key stakeholders and determine the IT transaction team.
    • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
    • 1.1 Review the business rationale for the divestiture/sale.
    • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
    • 1.3 Establish the separation strategy.
    • 1.4 Create the due diligence charter.
    • 2.1 Prioritize separation tasks.
    • 2.2 Establish the separation roadmap.
    • 2.3 Establish and align project metrics with identified tasks.
    • 2.4 Estimate separation costs.
    • 3.1 Measure staff engagement
    • 3.2 Assess the current culture and identify the goal culture.
    • 3.3 Create an employee transition plan.
    • 3.4 Create functional workplans for employees.
    • S.1 Complete the separation by regularly updating the project plan.
    • S.2 Assess the service/technical transaction agreement.
    • 4.1 Confirm separation costs.
    • 4.2 Review IT’s transaction value.
    • 4.3 Conduct a transaction and separation SWOT.
    • 4.4 Review the playbook and prepare for future transactions.

    Deliverables

    1. IT strategy
    2. IT operating model
    3. IT governance structure
    4. M&A transaction team
    1. Business context implications for IT
    2. Separation strategy
    3. Due diligence charter
    1. Separation roadmap and associated resourcing
    1. Engagement assessment
    2. Culture assessment
    3. Employee transition plans and workplans
    1. Evaluate service/technical transaction agreement
    2. Updated separation project plan
    1. SWOT of transaction
    2. M&A Sell Playbook refined for future transactions

    What is the Execution & Value Realization phase?

    Post-transaction state

    Once the transaction comes to a close, it’s time for IT to deliver on the critical separation tasks. As the selling organization in this transaction, you need to ensure you have a roadmap that properly enables the ongoing delivery of your IT environment while simultaneously delivering the necessary services to the purchasing organization.

    Throughout the separation transaction, some of the most common obstacles IT should prepare for include difficulty separating the IT environment, loss of key personnel, disengaged employees, and security/compliance issues.

    Post-transaction, the business needs to understands the value they received by engaging in the transaction and the ongoing revenue they might obtain as a result of the sale. You also need to ensure that the IT environment is functioning and mitigating any high-risk outcomes.

    Goal: To carry out the planned separation activities and deliver the intended value to the business.

    Execution Prerequisite Checklist

    Before coming into the Execution & Value Realization phase, you must have addressed the following:

    • Understand the rationale for the company's decisions to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
    • Identify the key roles for the transaction team.
    • Identify the M&A governance.
    • Determine target metrics.
    • Select a separation strategy framework.
    • Conduct a RACI for key transaction tasks for the transaction team.
    • Create a carve-out roadmap.
    • Prioritize separation tasks.
    • Establish the separation roadmap.
    • Create employee transition plans.

    Before coming into the Execution & Value Realization phase, we recommend addressing the following:

    • Create vision and mission statements.
    • Establish guiding principles.
    • Create a future-state operating model.
    • Identify the M&A operating model.
    • Document the communication plan.
    • Examine the business perspective of IT.
    • Identify key stakeholders and outline their relationship to the M&A process.
    • Establish a due diligence charter.
    • Be able to valuate the IT environment and communicate IT’s value to the business.
    • Gather and present due diligence data room artifacts.
    • Measure staff engagement.
    • Assess and plan for culture.
    • Estimate separation costs.
    • Create functional workplans for employees.
    • Identify the buyer’s IT expectations.
    • Create a service/ transaction agreement.

    Separation checklists

    Prerequisite Checklist
    • Build the project plan for separation and prioritize activities
      • Plan first day
      • Plan first 30/100 days
      • Plan first year
    • Create an organization-aligned IT strategy
    • Identify critical stakeholders
    • Create a communication strategy
    • Understand the rationale for the sale or divestiture
    • Develop IT's sale/divestiture strategy
      • Determine goal opportunities
      • Create the mission and vision statements
      • Create the guiding principles
      • Create program metrics
    • Consolidate reports from due diligence/data room
    • Conduct culture assessment
    • Create a transaction team
    • Establish a service/technical transaction agreement
    • Plan and communicate culture changes
    • Create an employee transition plan
    • Assess baseline engagement
    Business
    • Design an enterprise architecture
    • Document your business architecture
    • Meet compliance and regulatory standards
    • Identify and assess all of IT's risks
    Applications
    • Prioritize and address critical applications
      • CRM
      • HRIS
      • Financial
      • Sales
      • Risk
      • Security
      • ERP
      • Email
    • Develop method of separating applications
    • Model critical applications that have dependencies on one another
    • Identify the infrastructure capacity required to support critical applications
    • Prioritize and address critical applications
    Leadership/IT Executive
    • Build an IT budget
    • Structure operating budget
    • Structure capital budget
    • Identify the workforce demand vs. capacity
    • Establish and monitor key metrics
    • Communicate value realized/cost savings
    Data
    • Confirm data strategy
    • Confirm data governance
    • Build a data architecture roadmap
    • Analyze data sources and domains
    • Evaluate data storage (on-premises vs. cloud)
    • Develop an enterprise content management strategy and roadmap
    • Ensure cleanliness/usability of data sets
    • Identify data sets that can remain operational if reduced/separated
    • Develop reporting and analytics capabilities
    • Confirm data strategy
    Operations
    • Manage sales access to customer data
    • Determine locations and hours of operation
    • Separate/terminate phone lists and extensions
    • Split email address books
    • Communicate helpdesk/service desk information

    Separation checklists (continued)

    Infrastructure
    • Manage organization domains
    • Consolidate data centers
    • Compile inventory of vendors, versions, switches, and routers
    • Review hardware lease or purchase agreements
    • Review outsourcing/service provider agreements
    • Review service-level agreements
    • Assess connectivity linkages between locations
    • Plan to migrate to a single email system if necessary
    • Determine network access concerns
    Vendors
    • Establish a sustainable vendor management office
    • Review vendor landscape
    • Identify warranty options
    • Identify the licensing grant
    • Rationalize vendor services and solutions
    People
    • Design an IT operating model
    • Design your future IT organizational structure
    • Conduct a RACI for prioritized activities
    • Conduct a culture assessment and identify goal IT culture
    • Build an IT employee engagement program
    • Determine critical roles and systems/process/products they support
    • Define new job descriptions with meaningful roles and responsibilities
    • Create employee transition plans
    • Create functional workplans
    Projects
    • Identify projects to be on hold
    • Communicate project intake process
    • Reprioritize projects
    Products & Services
    • Redefine service catalog
    • Ensure customer interaction requirements are met
    • Select a solution for product lifecycle management
    • Plan service-level agreements
    Security
    • Conduct a security assessment
    • Develop accessibility prioritization and schedule
    • Establish an information security strategy
    • Develop a security awareness and training program
    • Develop and manage security governance, risk, and compliance
    • Identify security budget
    • Build a data privacy and classification program
    IT Processes
    • Evaluate current process models
    • Determine productivity/capacity levels of processes
    • Identify processes to be changed/terminated
    • Establish a communication plan
    • Develop a change management process
    • Establish/review IT policies
    • Evaluate current process models

    Execution & Value Realization

    Step 4.1

    Execute the Transaction

    Activities

    • 4.1.1 Monitor service agreements
    • 4.1.2 Continually update the project plan

    This step will walk you through the following activities:

    • Monitor service agreements
    • Continually update the project plan

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Vendor management team
    • IT transaction team
    • Company M&A team

    Outcomes of Step

    Successfully execute the separation of the IT environments and update the project plan, strategizing against any roadblocks as they come.

    Key concerns to monitor during separation

    If you are entering the transaction at this point, consider and monitor the following three items above all else.

    Your IT environment, reputation as an IT leader, and impact on key staff will depend on monitoring these aspects.

    • Risk & Security. Make sure that the channels of communication between the purchasing organization and your IT environment are properly determined and protected. This might include updating or removing employees’ access to certain programs.
    • Retaining Employees. Employees who do not see a path forward in the organization or who feel that their skills are being underused will be quick to move on. Make sure they are engaged before, during, and after the transaction to avoid losing employees.
    • IT Environment Dependencies. Testing the IT environment several times and obtaining sign-off from auditors that this has been completed correctly should be completed well before the transaction occurs. Have a strong architecture outlining technical dependencies.

    For more information, review:

    • Reduce and Manage Your Organization’s Insider Threat Risk
    • Map Technical Skills for a Changing Infrastructure Operations Organization
    • Build a Data Architecture Roadmap

    4.1.1 Monitor service agreements

    3-6 months

    Input: Original service agreement, Risk register

    Output: Service agreement confirmed

    Materials: Original service agreement

    Participants: IT executive/CIO, IT senior leadership, External organization IT senior leadership

    The purpose of this activity is to monitor the established service agreements on an ongoing basis. Your organization is most at risk during the initial months following the transaction.

    1. Ensure the right controls exist to prevent the organization from unnecessarily opening itself up to risks.
    2. Meet with the purchasing organization/subsidiary three months after the transaction to ensure that everyone is satisfied with the level of services provided.
    3. This is not a quick and completed activity, but one that requires ongoing monitoring. Repeatedly identify potential risks worth mitigating.

    For additional information and support for this activity, see the blueprint Build an IT Risk Management Program.

    4.1.2 Continually update the project plan

    Reoccurring basis following transition

    Input: Prioritized separation tasks, Separation RACI, Activity owners

    Output: Updated separation project plan

    Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

    Participants: IT executive/CIO, IT senior leadership, IT transaction team, Company M&A team

    The purpose of this activity is to ensure that the project plan is continuously updated as your transaction team continues to execute on the various components outlined in the project plan.

    1. Set a regular cadence for the transaction team to meet, update the project plan, review the status of the various separation task items, and strategize how to overcome any roadblocks.
    2. Employ governance best practices in these meetings to ensure decisions can be made effectively and resources allocated strategically.

    Record the updates in the M&A Separation Project Management Tool (SharePoint).

    Record the updates in the M&A Separation Project Management Tool (Excel).

    Execution & Value Realization

    Step 4.2

    Reflection and Value Realization

    Activities

    • 4.2.1 Confirm separation costs
    • 4.2.2 Review IT’s transaction value
    • 4.2.3 Conduct a transaction and separation SWOT
    • 4.2.4 Review the playbook and prepare for future transactions

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Transition team
    • Company M&A team

    Outcomes of Step

    Review the value that IT was able to generate around the transaction and strategize about how to improve future selling or separating transactions.

    4.2.1 Confirm separation costs

    3-4 hours

    Input: Separation tasks, Carve-out roadmap, Transition team, Previous RACI, Estimated separation costs

    Output: Actual separation costs

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Transaction team, Company M&A team

    The purpose of this activity is to confirm the associated costs around separation. While the separation costs would have been estimated previously, it’s important to confirm the costs that were associated with the separation in order to provide an accurate and up-to-date report to the company’s M&A team.

    1. Taking all the original items identified previously in activity 3.2.6, identify if there were changes in the estimated costs. This can be an increase or a decrease.
    2. Ensure that each cost has a justification for why the cost changed from the original estimation.

    Record the results in the M&A Sell Playbook.

    Track cost savings and revenue generation

    Throughout the transaction, the business would have communicated its goals, rationales, and expectations for the transaction. Sometimes this is done explicitly, and other times the information is implicit. Either way, IT needs to ensure that metrics have been defined and are measuring the intended value that the business expects. Ensure that the benefits realized to the organization are being communicated regularly and frequently.

    1. Define Metrics: Select metrics to track synergies through the separation.
      1. You can track value by looking at percentages of improvement in process-level metrics depending on the savings or revenue being pursued.
      2. For example, if the value being pursued is decreasing costs, metrics could range from capacity to output, highlighting that the output remains high despite smaller IT environments.
    2. Prioritize Value-Driving Initiatives: Estimate the cost and benefit of each initiative's implementation to compare the amount of business value to the cost. The benefits and costs should be illustrated at a high level. Estimating the exact dollar value of fulfilling a synergy can be difficult and misleading.
        Steps
      • Determine the benefits that each initiative is expected to deliver.
      • Determine the high-level costs of implementation (capacity, time, resources, effort).
    3. Track Cost Savings and Revenue Generation: Develop a detailed workplan to resource the roadmap and track where costs are saved and revenue is generated as the initiatives are undertaken.

    4.2.2 Review IT’s transaction value

    3-4 hours

    Input: Prioritized separation tasks, Separation RACI, Activity owners, M&A company goals

    Output: Transaction value

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company's M&A team

    The purpose of this activity is to track how your IT organization performed against the originally identified metrics.

    1. If your organization did not have the opportunity to identify metrics, determine from the company M&A what those metrics might be. Review activity 3.2.9 for more information on metrics.
    2. Identify whether the metric (which should support a goal) was at, below, or above the original target metric. This is a very critical task for IT to complete because it allows IT to confirm that they were successful in the transaction and that the business can count on them in future transactions.
    3. Be sure to record accurate and relevant information on why the outcomes (good or bad) are supporting the M&A goals set out by the business.

    Record the results in the M&A Sell Playbook.

    4.2.3 Conduct a transaction and separation SWOT

    2 hours

    Input: Separation costs, Retention rates, Value that IT contributed to the transaction

    Output: Strengths, weaknesses, opportunities, and threats

    Materials: Flip charts, Markers, Sticky notes

    Participants: IT executive/CIO, IT senior leadership, Business transaction team

    The purpose of this activity is to assess the positive and negative elements of the transaction.

    1. Consider the internal and external elements that could have impacted the outcome of the transaction.
      • Strengths. Internal characteristics that are favorable as they relate to your development environment.
      • Weaknesses Internal characteristics that are unfavorable or need improvement.
      • Opportunities External characteristics that you may use to your advantage.
      • Threats External characteristics that may be potential sources of failure or risk.

    Record the results in the M&A Sell Playbook.

    M&A Sell Playbook review

    With an acquisition complete, your IT organization is now more prepared then ever to support the business through future M&As

    • Now that the transaction is more than 80% complete, take the opportunity to review the key elements that worked well and the opportunities for improvement.
    • Critically examine the M&A Sell Playbook your IT organization created and identify what worked well to help the transaction and where your organization could adjust to do better in future transactions.
    • If your organization were to engage in another sale or divestiture under your IT leadership, how would you go about the transaction to make sure the company meets its goals?

    4.2.4 Review the playbook and prepare for future transactions

    4 hours

    Input: Transaction and separation SWOT

    Output: Refined M&A playbook

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO

    The purpose of this activity is to revise the playbook and ensure it is ready to go for future transactions.

    1. Using the outputs from the previous activity, 4.2.3, determine what strengths and opportunities there were that should be leveraged in the next transaction.
    2. Likewise, determine which threats and weaknesses could be avoided in the future transactions.
      Remember, this is your M&A Sell Playbook, and it should reflect the most successful outcome for you in your organization.

    Record the results in the M&A Sell Playbook.

    By the end of this post-transaction phase you should:

    Have completed the separation post-transaction and be fluidly delivering the critical value that the business expected of IT.

    Key outcomes from the Execution & Value Realization phase
    • Ensure the separation tasks are being completed and that any blockers related to the transaction are being removed.
    • Determine where IT was able to realize value for the business and demonstrate IT’s involvement in meeting target goals.
    Key deliverables from the Execution & Value Realization phase
    • Monitor service agreements
    • Continually update the project plan
    • Confirm separation costs
    • Review IT’s transaction value
    • Conduct a transaction and separation SWOT
    • Review the playbook and prepare for future transactions

    Summary of Accomplishment

    Problem Solved

    Congratulations, you have completed the M&A Sell Blueprint!

    Rather than reacting to a transaction, you have been proactive in tackling this initiative. You now have a process to fall back on in which you can be an innovative IT leader by suggesting how and why the business should engage in a separation or sale transaction. You have:

    • Created a standardized approach for how your IT organization should address divestitures or sales.
    • Retained critical staff and complied with any regulations throughout the transaction.
    • Delivered on the separation project plan successfully and communicated IT’s transaction value to the business.

    Now that you have done all of this, reflect on what went well and what can be improved if you were to engage in a similar divestiture or sale again.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8899

    Research Contributors and Experts

    Ibrahim Abdel-Kader
    Research Analyst | CIO
    Info-Tech Research Group
    Brittany Lutes
    Senior Research Analyst | CIO
    Info-Tech Research Group
    John Annand
    Principal Research Director | Infrastructure
    Info-Tech Research Group
    Scott Bickley
    Principal Research Director | Vendor Management
    Info-Tech Research Group
    Cole Cioran
    Practice Lead | Applications
    Info-Tech Research Group
    Dana Daher
    Research Analyst | Strategy & Innovation
    Info-Tech Research Group
    Eric Dolinar
    Manager | M&A Consulting
    Deloitte Canada
    Christoph Egel
    Director, Solution Design & Deliver
    Cooper Tire & Rubber Company
    Nora Fisher
    Vice President | Executive Services Advisory
    Info-Tech Research Group
    Larry Fretz
    Vice President | Industry
    Info-Tech Research Group

    Research Contributors and Experts

    David Glazer
    Vice President of Analytics
    Kroll
    Jack Hakimian
    Senior Vice President | Workshops and Delivery
    Info-Tech Research Group
    Gord Harrison
    Senior Vice President | Research & Advisory
    Info-Tech Research Group
    Valence Howden
    Principal Research Director | CIO
    Info-Tech Research Group
    Jennifer Jones
    Research Director | Industry
    Info-Tech Research Group
    Nancy McCuaig
    Senior Vice President | Chief Technology and Data Office
    IGM Financial Inc.
    Carlene McCubbin
    Practice Lead | CIO
    Info-Tech Research Group
    Kenneth McGee
    Research Fellow | Strategy & Innovation
    Info-Tech Research Group
    Nayma Naser
    Associate
    Deloitte
    Andy Neill
    Practice Lead | Data & Analytics, Enterprise Architecture
    Info-Tech Research Group

    Research Contributors and Experts

    Rick Pittman
    Vice President | Research
    Info-Tech Research Group
    Rocco Rao
    Research Director | Industry
    Info-Tech Research Group
    Mark Rosa
    Senior Vice President & Chief Information Officer
    Mohegan Gaming and Entertainment
    Tracy-Lynn Reid
    Research Lead | People & Leadership
    Info-Tech Research Group
    Jim Robson
    Senior Vice President | Shared Enterprise Services (retired)
    Great-West Life
    Steven Schmidt
    Senior Managing Partner Advisory | Executive Services
    Info-Tech Research Group
    Nikki Seventikidis
    Senior Manager | Finance Initiative & Continuous Improvement
    CST Consultants Inc.
    Allison Straker
    Research Director | CIO
    Info-Tech Research Group
    Justin Waelz
    Senior Network & Systems Administrator
    Info-Tech Research Group
    Sallie Wright
    Executive Counselor
    Info-Tech Research Group

    Bibliography

    “5 Ways for CIOs to Accelerate Value During Mergers and Acquisitions.” Okta, n.d. Web.

    Altintepe, Hakan. “Mergers and acquisitions speed up digital transformation.” CIO.com, 27 July 2018. Web.

    “America’s elite law firms are booming.” The Economist, 15 July 2021. Web.

    Barbaglia, Pamela, and Joshua Franklin. “Global M&A sets Q1 record as dealmakers shape post-COVID world.” Nasdaq, 1 April 2021. Web.

    Boyce, Paul. “Mergers and Acquisitions Definition: Types, Advantages, and Disadvantages.” BoyceWire, 8 Oct. 2020. Web.

    Bradt, George. “83% Of Mergers Fail -- Leverage A 100-Day Action Plan For Success Instead.” Forbes, 27 Jan. 2015. Web.

    Capgemini. “Mergers and Acquisitions: Get CIOs, IT Leaders Involved Early.” Channel e2e, 19 June 2020. Web.

    Chandra, Sumit, et al. “Make Or Break: The Critical Role Of IT In Post-Merger Integration.” IMAA Institute, 2016. Web.

    Deloitte. “How to Calculate Technical Debt.” The Wall Street Journal, 21 Jan. 2015. Web.

    Ernst & Young. “IT As A Driver Of M&A Success.” IMAA Institute, 2017. Web.

    Fernandes, Nuno. “M&As In 2021: How To Improve The Odds Of A Successful Deal.” Forbes, 23 March 2021. Web.

    “Five steps to a better 'technology fit' in mergers and acquisitions.” BCS, 7 Nov. 2019. Web.

    Fricke, Pierre. “The Biggest Opportunity You’re Missing During an M&Aamp; IT Integration.” Rackspace, 4 Nov. 2020. Web.

    Garrison, David W. “Most Mergers Fail Because People Aren't Boxes.” Forbes, 24 June 2019. Web.

    Harroch, Richard. “What You Need To Know About Mergers & Acquisitions: 12 Key Considerations When Selling Your Company.” Forbes, 27 Aug. 2018. Web.

    Hope, Michele. “M&A Integration: New Ways To Contain The IT Cost Of Mergers, Acquisitions And Migrations.” Iron Mountain, n.d. Web.

    “How Agile Project Management Principles Can Modernize M&A.” Business.com, 13 April 2020. Web.

    Hull, Patrick. “Answer 4 Questions to Get a Great Mission Statement.” Forbes, 10 Jan. 2013. Web.

    Kanter, Rosabeth Moss. “What We Can Learn About Unity from Hostile Takeovers.” Harvard Business Review, 12 Nov. 2020. Web.

    Koller, Tim, et al. “Valuation: Measuring and Managing the Value of Companies, 7th edition.” McKinsey & Company, 2020. Web.

    Labate, John. “M&A Alternatives Take Center Stage: Survey.” The Wall Street Journal, 30 Oct. 2020. Web.

    Lerner, Maya Ber. “How to Calculate ROI on Infrastructure Automation.” DevOps.com, 1 July 2020. Web.

    Loten, Angus. “Companies Without a Tech Plan in M&A Deals Face Higher IT Costs.” The Wall Street Journal, 18 June 2019. Web.

    Low, Jia Jen. “Tackling the tech integration challenge of mergers today” Tech HQ, 6 Jan. 2020. Web.

    Lucas, Suzanne. “5 Reasons Turnover Should Scare You.” Inc. 22 March 2013. Web.

    “M&A Trends Survey: The future of M&A. Deal trends in a changing world.” Deloitte, Oct. 2020. Web.

    Maheshwari, Adi, and Manish Dabas. “Six strategies tech companies are using for successful divesting.” EY, 1 Aug. 2020. Web.

    Majaski, Christina. “Mergers and Acquisitions: What's the Difference?” Investopedia, 30 Apr. 2021.

    “Mergers & Acquisitions: Top 5 Technology Considerations.” Teksetra, 21 Jul. 2020. Web.

    “Mergers Acquisitions M&A Process.” Corporate Finance Institute, n.d. Web.

    “Mergers and acquisitions: A means to gain technology and expertise.” DLA Piper, 2020. Web.

    Nash, Kim S. “CIOs Take Larger Role in Pre-IPO Prep Work.” The Wall Street Journal, 5 March 2015. Web.

    O'Connell, Sean, et al. “Divestitures: How to Invest for Success.” McKinsey, 1 Aug. 2015. Web

    Paszti, Laila. “Canada: Emerging Trends In Information Technology (IT) Mergers And Acquisitions.” Mondaq, 24 Oct. 2019. Web.

    Patel, Kiison. “The 8 Biggest M&A Failures of All Time” Deal Room, 9 Sept. 2021. Web.

    Peek, Sean, and Paula Fernandes. “What Is a Vision Statement?” Business News Daily, 7 May 2020. Web.

    Ravid, Barak. “How divestments can re-energize the technology growth story.” EY, 14 July 2021. Web.

    Ravid, Barak. “Tech execs focus on growth amid increasingly competitive M&A market.” EY, 28 April 2021. Web.

    Resch, Scott. “5 Questions with a Mergers & Acquisitions Expert.” CIO, 25 June 2019. Web.

    Salsberg, Brian. “Four tips for estimating one-time M&A integration costs.” EY, 17 Oct. 2019. Web.

    Samuels, Mark. “Mergers and acquisitions: Five ways tech can smooth the way.” ZDNet, 15 Aug. 2018. Web.

    “SAP Divestiture Projects: Options, Approach and Challenges.” Cognizant, May, 2014. Web.

    Steeves, Dave. “7 Rules for Surviving a Merger & Acquisition Technology Integration.” Steeves and Associates, 5 Feb. 2020. Web.

    Tanaszi, Margaret. “Calculating IT Value in Business Terms.” CSO, 27 May 2004. Web.

    “The CIO Playbook. Nine Steps CIOs Must Take For Successful Divestitures.” SNP, 2016. Web.

    “The Role of IT in Supporting Mergers and Acquisitions.” Cognizant, Feb. 2015. Web.

    Torres, Roberto. “M&A playbook: How to prepare for the cost, staff and tech hurdles.” CIO Dive, 14 Nov. 2019. Web.

    “Valuation Methods.” Corporate Finance Institute, n.d. Web.

    Weller, Joe. “The Ultimate Guide to the M&A Process for Buyers and Sellers.” Smartsheet, 16 May 2019. Web.

    Lead Strategic Decision Making With Service Portfolio Management

    • Buy Link or Shortcode: {j2store}397|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • There are no standardized processes for the intake of new ideas and no consistent view of the drivers needed to assess the value of these ideas.
    • IT is spending money on low-value services and doesn’t have the ability to understand and track value in order to prioritize IT investment.
    • CIOs are not trusted to drive innovation.

    Our Advice

    Critical Insight

    • The service portfolio empowers IT to be a catalyst in business strategy, change, and growth.
    • IT must drive value-based investment by understanding value of all services in the portfolio.
    • Organizations must assess the value of their services throughout their lifecycle to optimize business outcomes and IT spend.

    Impact and Result

    • Optimize IT investments by prioritizing services that provide more value to the business, ensuring that you do not waste money on low-value or out-of-date IT services.
    • Ensure that services are directly linked to business objectives, goals, and needs, keeping IT embedded in the strategic vision of the organization.
    • Enable the business to understand the impact of IT capabilities on business strategy.
    • Ensure that IT maintains a strategic and tactical view of the services and their value.
    • Drive agility and innovation by having a streamlined view of your business value context and a consistent intake of ideas.
    • Provide strategic leadership and create new revenue by understanding the relative value of new ideas vs. existing services.

    Lead Strategic Decision Making With Service Portfolio Management Research & Tools

    Start here – read the Executive Brief

    Service portfolio management enables organizations to become strategic value creators by establishing a dynamic view of service value. Understand the driving forces behind the need to manage services through their lifecycles.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish the service portfolio

    Establish and understand the service portfolio process by setting up the Service Portfolio Worksheet.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 1: Establish the Service Portfolio
    • Service Portfolio Worksheet

    2. Develop a value assessment framework

    Use the value assessment tool to assess services based on the organization’s context of value.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 2: Develop a Value Assessment Framework
    • Value Assessment Tool
    • Value Assessment Example Tool

    3. Manage intake and assessment of initiatives

    Create a centralized intake process to manage all new service ideas.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 3: Manage Intake and Assessment of Initiatives
    • Service Intake Form

    4. Assess active services

    Continuously validate the value of the existing service and determine the future of service based on the value and usage of the service.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 4: Assess Active Services

    5. Manage and communicate the service portfolio

    Communicate and implement the service portfolio within the organization, and create a mechanism to seek out continuous improvement opportunities.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 5: Manage and Communicate the Service Portfolio
    [infographic]

    Workshop: Lead Strategic Decision Making With Service Portfolio Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Service Portfolio

    The Purpose

    Establish and understand the service portfolio process by setting up the Service Portfolio Worksheet.

    Understand at a high level the steps involved in managing the service portfolio.

    Key Benefits Achieved

    Adapt the Service Portfolio Worksheet to organizational needs and create a plan to begin documenting services in the worksheet.

    Activities

    1.1 Review the Service Portfolio Worksheet.

    1.2 Adapt the Service Portfolio Worksheet.

    Outputs

    Knowledge about the use of the Service Portfolio Worksheet.

    Adapt the worksheet to reflect organizational needs and structure.

    2 Develop a Value Assessment Framework

    The Purpose

    Understand the need for a value assessment framework.

    Key Benefits Achieved

    Identify the organizational context of value through a holistic look at business objectives.

    Leverage Info-Tech’s Value Assessment Tool to validate and determine service value.

    Activities

    2.1 Understand value from business context.

    2.2 Determine the governing body.

    2.3 Assess culture and organizational structure.

    2.4 Complete the value assessment.

    2.5 Discuss value assessment score.

    Outputs

    Alignment on value context.

    Clear roles and responsibilities established.

    Ensure there is a supportive organizational structure and culture in place.

    Understand how to complete the value assessment and obtain a value score for selected services.

    Understand how to interpret the service value score.

    3 Manage Intake and Assessment of Initiatives

    The Purpose

    Create a centralized intake process to manage all new service ideas.

    Key Benefits Achieved

    Encourage collaboration and innovation through a transparent, formal, and centralized service intake process.

    Activities

    3.1 Review or design the service intake process.

    3.2 Review the Service Intake Form.

    3.3 Design a process to assess and transfer service ideas.

    3.4 Design a process to transfer completed services to the service catalog.

    Outputs

    Create a centralized process for service intake.

    Complete the Service Intake Form for a specific initiative.

    Have a process designed to transfer approved projects to the PMO.

    Have a process designed for transferring of completed services to the service catalog.

    4 Assess Active Services

    The Purpose

    Continuously validate the value of existing services.

    Key Benefits Achieved

    Ensure services are still providing the expected outcome.

    Clear next steps for services based on value.

    Activities

    4.1 Discuss/review management of active services.

    4.2 Complete value assessment for an active service.

    4.3 Determine service value and usage.

    4.4 Determine the next step for the service.

    4.5 Document the decision regarding the service outcome.

    Outputs

    Understand how active services must be assessed throughout their lifecycles.

    Understand how to assess an existing service.

    Place the service on the 2x2 matrix based on value and usage.

    Understand the appropriate next steps for services based on value.

    Formally document the steps for each of the IRMR options.

    5 Manage and Communicate Your Service Portfolio

    The Purpose

    Communicate and implement the service portfolio within the organization.

    Key Benefits Achieved

    Obtain buy-ins for the process.

    Create a mechanism to identify changes within the organization and to seek out continuous improvement opportunities for the service portfolio management process and procedures.

    Activities

    5.1 Create a communication plan for service portfolio and value assessment.

    5.2 Create a communication plan for service intake.

    5.3 Create a procedure to continuously validate the process.

    Outputs

    Document the target audience, the message, and how the message should be communicated.

    Document techniques to encourage participation and promote participation from the organization.

    Document the formal review process, including cycle, roles, and responsibilities.

    Build an Information Security Strategy

    • Buy Link or Shortcode: {j2store}242|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $45,303 Average $ Saved
    • member rating average days saved: 34 Average Days Saved
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Many security leaders struggle to decide how to best to prioritize their scarce information security resources
    • The need to move from a reactive approach to security towards a strategic planning approach is clear. The path to getting there is less so.

    Our Advice

    Critical Insight

    The most successful information security strategies are:

    • Holistic – They consider the full spectrum of information security, including people, processes, and technology.
    • Risk aware – They understand that security decisions should be made based on the security risks facing their organization, not just on “best practice.”
    • Business aligned – They demonstrate an understanding of the goals and strategies of the organization and how the security program can support the business.

    Impact and Result

    • Info-Tech has developed a highly effective approach to building an information security strategy, an approach that has been successfully tested and refined for more than seven years with hundreds of different organizations:
    • This approach includes tools for:
      • Ensuring alignment with business objectives.
      • Assessing organizational risk and stakeholder expectations.
      • Enabling a comprehensive current state assessment.
      • Prioritizing initiatives and building out a security roadmap.

    Build an Information Security Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Information Security (IS) Strategy Research – A step-by-step document that helps you build a holistic, risk-based, and business-aligned IS strategy.

    Your security strategy should not be based on trying to blindly follow best practices but on a holistic risk-based assessment that is risk aware and aligns with your business context. Use this storyboard to augment your security strategy by ensuring alignment with business objectives, assessing your organization's risk and stakeholder expectations, understanding your current security state, and prioritizing initiatives and a security roadmap.

    • Build an Information Security Strategy – Phases 1-4

    2. Information Security Requirements Gathering Tool – A tool to make informed security risk decisions to support business needs.

    Use this tool to formally identify business goals and customer and compliance obligations and make explicit links to how security initiatives propose to support these business interests. Then define the scope and boundaries for the security strategy and the risk tolerance definitions that will guide future security risk decisions.

    • Information Security Requirements Gathering Tool

    3. Information Security Pressure Analysis Tool – An evaluation tool to invest in the right security functions using a pressure analysis approach.

    Security pressure posture analysis helps your organization assess your real security context and enables you to invest in the right security functions while balancing the cost and value in alignment with business strategies. Security pressure sets the baseline that will help you avoid over-investing or under-investing in your security functions.

    • Information Security Pressure Analysis Tool

    4. Information Security Program Gap Analysis Tool – A structured tool to systematically understand your current security state.

    Effective security planning should not be one size fits all – it must consider business alignment, security benefit, and resource cost. To enable an effective security program, all areas of security need to be evaluated closely to determine where the organization sits currently and where it needs to go in the future.

    • Information Security Program Gap Analysis Tool

    5. Information Security Strategy Communication Deck – A best-of-breed presentation document to build a clear, concise, and compelling strategy document.

    Use this communication deck template to present the results of the security strategy to stakeholders, demonstrate the progression from the current state to the future state, and establish the roadmap of the security initiatives that will be implemented. This information security communication deck will help ensure that you’re communicating effectively for your cause.

    • Information Security Strategy Communication Deck

    6. Information Security Charter – An essential document for defining the scope and purpose of a security project or program.

    A charter is an essential document for defining the scope and purpose of security. Without a charter to control and set clear objectives for this committee, the responsibility of security governance initiatives will likely be undefined within the enterprise, preventing the security governance program from operating efficiently. This template can act as the foundation for a security charter to provide guidance to the governance of information security.

    • Information Security Charter
    [infographic]

    Workshop: Build an Information Security Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Security Requirements

    The Purpose

    Understand business and IT strategy and plans.

    Key Benefits Achieved

    Defined security obligations, scope, and boundaries.

    Activities

    1.1 Define business and compliance.

    1.2 Establish security program scope.

    1.3 Analyze the organization’s risk and stakeholder pressures.

    1.4 Identify the organizational risk tolerance level.

    Outputs

    Security obligations statement

    Security scope and boundaries statement

    Defined risk tolerance level

    Risk assessment and pressure analysis

    2 Perform a Gap Analysis

    The Purpose

    Define the information security target state.

    Key Benefits Achieved

    Set goals and Initiatives for the security strategy in line with the business objectives.

    Activities

    2.1 Assess current security capabilities.

    2.2 Identify security gaps.

    2.3 Build initiatives to bridge the gaps.

    Outputs

    Information security target state

    Security current state assessment

    Initiatives to address gaps

    3 Complete the Gap Analysis

    The Purpose

    Continue assessing current security capabilities.

    Key Benefits Achieved

    Identification of security gaps and initiatives to bridge them according to the business goals.

    Activities

    3.1 Identify security gaps.

    3.2 Build initiatives to bridge the maturity gaps.

    3.3 Identify initiative list and task list.

    3.4 Define criteria to be used to prioritize initiatives.

    Outputs

    Completed security current state assessment

    Task list to address gaps

    Initiative list to address gaps

    Prioritize criteria

    4 Develop the Roadmap

    The Purpose

    Create a plan for your security strategy going forward.

    Key Benefits Achieved

    Set path forward to achieving the target state for the business through goal cascade and gap initiatives.

    Activities

    4.1 Conduct cost/benefit analysis on initiatives.

    4.2 Prioritize gap initiatives based on cost and alignment with business.

    4.3 Build an effort list.

    4.4 Determine state times and accountability.

    4.5 Finalize security roadmap and action plan.

    4.6 Create communication plan.

    Outputs

    Information security roadmap

    Draft communication deck

    5 Communicate and Implement

    The Purpose

    Finalize deliverables.

    Key Benefits Achieved

    Consolidate documentation into a finalized deliverable that can be used to present to executives and decision makers to achieve buy-in for the project.

    Activities

    5.1 Support communication efforts.

    5.2 Identify resources in support of priority initiatives.

    Outputs

    Security strategy roadmap documentation

    Detailed cost and effort estimates

    Mapping of Info-Tech resources against individual initiatives

    Further reading

    Build an Information Security Strategy

    Create value by aligning your strategy to business goals and business risks.

    Analyst Perspective

    Set your security strategy up for success.

    “Today’s rapid pace of change in business innovation and digital transformation is a call to action to information security leaders.

    Too often, chief information security officers find their programs stuck in reactive mode, a result of years of mounting security technical debt. Shifting from a reactive to proactive stance has never been more important. Unfortunately, doing so remains a daunting task for many.

    While easy to develop, security plans premised on the need to blindly follow ‘best practices’ are unlikely to win over many stakeholders. To be truly successful, an information security strategy needs to be holistic, risk-aware, and business-aligned.”

    Kevin Peuhkurinen

    Research Director – Security, Risk & Compliance

    Info-Tech Research Group

    Executive summary

    Your Challenge

    • Many security leaders struggle to decide how best to prioritize their scarce information security resources.
    • The need to move from a reactive approach to security toward a strategic planning approach is clear. The path to getting there is less clear.

    Common Obstacle

    • Developing a security strategy can be challenging. Complications include:
      • Performing an accurate assessment of your current security program can be extremely difficult when you don’t know what to assess or how.
      • Determining the appropriate target state for security can be even more challenging. A strategy built around following best practices is unlikely to garner significant support from business stakeholders.

    Info-Tech’s Approach

    • Info-Tech has developed a highly effective approach to building an information security strategy, an approach that has been successfully tested and refined for 7+ years with hundreds of organizations.
    • This unique approach includes tools for:
      • Ensuring alignment with business objectives.
      • Assessing organizational risk and stakeholder expectations.
      • Enabling a comprehensive current state assessment.
      • Prioritizing initiatives and building out a security roadmap.

    Info-Tech Insight

    The most successful information security strategies are:

    • Holistic. They consider the full spectrum of information security, including people, processes, and technologies.
    • Risk-Aware. They understand that security decisions should be made based on the security risks facing their organization, not just on best practice.
    • Business-Aligned. They demonstrate an understanding of the goals and strategies of the organization, and how the security program can support the business.

    It’s not a matter of if you have a security incident, but when

    Organizations need to prepare and expect the inevitable security breach.

    Fifty-eight percent of companies surveyed that experienced a breach were small businesses.

    Eighty-nine percent of breaches have a financial or espionage motive.

    Three graphs are depicted. The first is labeled ‘Total Cost for Three Data Breach Root Causes,’ the second ‘Distribution of Benchmark by Root Cause of the Data Breach,’ and the third ‘Per Capita for Three Root Causes of a Data Breach.’ The three root causes are malicious or criminal attack (US$166 million per capita), system glitch ($132 million per capita), and human error ($133 million per capita).

    Source: Ponemon Institute, “2019 Global Cost of Data Breach Study”

    An information security strategy can help you prepare for incidents

    Organizations need to expect the inevitable security breach.

    90%

    of businesses have experienced an external threat in the last year.

    50%

    of IT professionals consider security to be their number one priority.

    53%

    of organizations claimed to have experienced an insider attack in the previous 12 months. 1

    46%

    of businesses believe the frequency of attacks is increasing. 2

    Effective IT leaders approach their security strategy from an understanding that attacks on their organization will occur. Building a strategy around this assumption allows your security team to understand the gaps in your current approach and become proactive instead of being reactive.

    Sources: 1 Kaspersky Lab, “Global IT Security Risks Survey”; 2 CA Technologies, “Insider Threat 2018 Report”

    Persistent Issues

    Evolving Ransomware

    • Continual changes in types and platforms make ransomware a persistent threat. The frequency of ransomware attacks was reported to have increased by 67% in the past five years. 1

    Phishing Attacks

      • Despite filtering and awareness, email remains the most common threat vector for phishing attacks (94%) and an average of 3% of participants in phishing campaigns still click on them. 2

    Insider Privilege and Misuse

    • Typically, 34% of breaches are perpetrated by insiders, with 15% involving privilege misuse. Takeaway: Care less about titles and more about access levels. 3

    Denial of Service

    • The median amount of time that an organization is under attack from DDoS attack is three days.

    Emerging Trends

    Advanced Identity and Access Governance

    • Using emerging technologies in automation, orchestration, and machine learning, the management and governance of identities and access has become more advanced.

    Sources: 1 Accenture, “2019 The Cost of Cyber Crime Study”; 2,3 Verizon, “2019 Data Breach Investigations Report”

    New threat trends in information security aren’t new.

    Previously understood attacks are simply an evolution of prior implementations, not a revolution.

    Traditionally, most organizations are not doing a good-enough job with security fundamentals, which is why attackers have been able to use the same old tricks.

    However, information security has finally caught the attention of organizational leaders, presenting the opportunity to implement a comprehensive security program.

    Cyberattacks have a significant financial impact

    Global average cost of a data breach: $3.92 Million

    Source: Ponemon Institute, “2019 Cost of a Data Breach Study: Global Overview”

    A bar graph, titled ‘Average cost of data breach by industry,’ is depicted. Of 17 industries depicted, public is the lowest average cost (US$1.29 million) and health is the highest average cost ($6.45 million).

    Primary incident type (with a confirmed data breach)

    1. Leading incident type is Denial of Service attacks (DoS), taking up to 70% of all incidents.
    2. When it comes to data breaches, we see that the use of stolen credentials leads to the most cases of confirmed breaches, accounting for 29%.

    Personal records tend to be the most compromised data types, while databases tend to be the most frequently involved asset in breaches.

    Source: Verizon, “2019 Data Breach Investigations Report”

    Security threats are not going away

    We continue to see and hear of security breaches occurring regularly.

    A bar graph depicts the percentage of businesses who experienced a data breach in the last year–US total and global total. Numbers have increased from 2016 to 2019. In 2016, 19 percent of US businesses experienced a breach. In 2019, this number was 59 percent.

    An attacker must be successful only once. The defender – you – must be successful every time.

    Info-Tech’s approach

    Maturing from reactive to strategic information security

    Two circular graphs depict the move from ‘reactive security’ to ‘strategic security’ organizations can accomplish using Info-Tech’s approach.

    Tools icon that is used in the first three stages of the strategic security graph above. Indicates Info-Tech tools included in this blueprint.

    The Info-Tech difference:

    1. A proven, structured approach to mature your information security program from reactive to strategic.
    2. A comprehensive set of tools to take the pain out of each phase in the strategy building exercise.
    3. Visually appealing templates to communicate and socialize your security strategy and roadmap to your stakeholders.

    Info-Tech’s Security Strategy Model

    Info-Tech’s Security Strategy Model is depicted in this rectangular image with arrows. The first level depicts business context (enterprise goals, compliance obligations, scope and boundaries) and pressures (security risks, risk tolerance, stakeholder expectations). The second level depicts security target state (maturity model, security framework, security alignment goals, target maturity, time frame) and current state (current state assessment, gap analysis). The third level depicts the information security roadmap (initiative list, task list, prioritization methodology, and Gantt chart).

    The Info-Tech difference:

    An information security strategy model that is:

    1. Business-Aligned. Determines business context and cascades enterprise goals into security alignment goals.
    2. Risk-Aware. Understands the security risks of the business and how they intersect with the overall organizational risk tolerance.
    3. Holistic. Leverages a best-of-breed information security framework to provide comprehensive awareness of organizational security capabilities.

    Info-Tech’s best-of-breed security framework

    This image shows how Info-Tech’s framework is based on ISO 27000 series, CIS Top 20, COBIT 2019, NIST 800-53, and NIST CSF.

    Info-Tech’s approach

    Creating an information security strategy

    Value to the business

    Outcome

    Best-of-breed security strategy

    Have documentation that paints a picture of the road to compliance. Integrate your framework with your risk tolerance and external pressures.

    Be ready for future changes by aligning your security strategy to security framework best practices.

    Address the nature of your current information security

    Eliminate gaps in process and know what is in scope for your security strategy. Learn what pressures your business and industry are under.

    Gain insight into your current state, allowing you to focus on high-value projects first, transitioning towards a target state.

    Highlight overlooked functions of your current security strategy

    Build a comprehensive security program that brings to light all aspects of your security program.

    Instead of pursing ad hoc projects, know what needs work and how to prioritize your pressing security issues.

    Create a tangible roadmap to your target state

    Create a plan for your future state of information security. Refer to and update your target state as your business needs change.

    Document your current progress and path forward in the future. Know your goals and requirements, codified in a living document.

    Use our prepopulated deliverables to fast track your progress

    Let Info-Tech do the work for you. With completed deliverables, have tangible documents to convey your business needs.

    A comprehensive set of deliverables with concrete, defensible data to justify any business changes.

    A living security strategy

    Pivot and change prioritization to meet the needs of your security deficits.

    Future-proof your security strategy for any contingency.

    The Info-Tech difference:

    Evolve the security program to be more proactive by leveraging Info-Tech’s approach to building a security strategy.

    • Dive deep into security obligations and security pressures to define the business context.
    • Conduct a thorough current state and future state analysis that is aligned with a best-of-breed framework.
    • Prioritize gap-closing initiatives to create a living security strategy roadmap.

    Use Info-Tech’s blueprint to save one to three months

    This image depicts how using Info-Tech’s four-phase blueprint can save an estimated seven to 14 weeks of an organization’s time and effort.

    Iterative benefit

    Over time, experience incremental value from your initial security strategy. Through continual updates your strategy will evolve but with less associated effort, time, and costs.

    These estimates are based on experiences with Info-Tech clients throughout the creation of this blueprint.

    Key deliverable:

    Information Security Strategy Communication Deck (PPT)

    Present your findings in a prepopulated document that can summarizes all key findings of the blueprint.

    Screenshots from Info-Tech’s Information Security Strategy Communication Deck Template.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Information Security Requirements Gathering Tool

    Define the business, customer, and compliance alignment for your security program.

    Information Security Pressure Analysis Tool

    Determine your organization’s security pressures and ability to tolerate risk.

    Information Security Program Gap Analysis Tool

    Use our best-of-breed security framework to perform a gap analysis between your current and target states.

    Information Security Charter

    Ensure the development and management of your security policies meet the broader program vision.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical Guided Implementation on this topic look like?

    Guided Implementation #1 - Assess security requirements
    • Call #1 - Introduce project and complete pressure analysis.
    Guided Implementation #2 - Build a gap initiative strategy
    • Call #1 - Introduce the maturity assessment.
    • Call #2 - Perform gap analysis and translate into initiatives.
    • Call #3 - Consolidate related gap initiatives and define, cost, effort, alignment, and security benefits.
    Guided Implementation #3 - Prioritize initiatives and build roadmap
    • Call #1 - Review cost/benefit analysis and build an effort map.
    • Call #2 - Build implementation waves and introduce Gantt chart.
    Guided Implementation #4 - Execute and maintain
    • Call #1 - Review Gantt chart and ensure budget/buy-in support.
    • Call #2 - Three-month check-in: Execute and maintain.

    A Guided Implementation is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical Guided Implementation is between 2-12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information, or contact workshops@infotech.com or 1-888-670-8889.

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Activities

    Assess Security Requirements

    Perform a Gap Analysis

    Complete the Gap Analysis

    Develop Roadmap

    Communicate and Implement

    1.1 Understand business and IT strategy and plans

    1.2 Define business and compliance requirements

    1.3 Establish the security program scope

    1.4 Analyze the organization’s risks and stakeholder pressures

    1.5 Identify the organizational risk tolerance level

    2.1 Define the information security target state

    2.2 Assess current security capabilities

    2.3 Identify security gaps

    2.4 Build initiatives to bridge the gaps

    3.1 Continue assessing current security capabilities

    3.2 Identify security gaps

    3.3 Build initiatives to bridge the maturity gaps

    3.4 Identify initiative list and task list

    3.5 Define criteria to be used to prioritize initiatives

    4.1 Conduct cost/benefit analysis on initiatives

    4.2 Prioritize gap initiatives based on cost, time, and alignment with the business

    4.3 Build effort map

    4.4 Determine start times and accountability

    4.5 Finalize security roadmap and action plan

    4.6 Create communication plan

    5.1 Finalize deliverables

    5.2 Support communication efforts

    5.3 Identify resources in support of priority initiatives

    Deliverables

    1.Security obligations statement

    2.Security scope and boundaries statement

    3.Defined risk tolerance level

    4.Risk assessment and pressure analysis

    1.Information security target state

    2.Security current state assessment

    3.Initiatives to address gaps

    1.Completed security current state assessment

    2.Task list to address gaps address gaps

    4.Prioritization criteria

    1.Information security roadmap

    2.Draft communication deck

    1.Security strategy roadmap documentation

    2.Detailed cost and effort estimates

    3.Mapping of Info-Tech resources against individual initiatives

    Executive Brief Case Study

    Credit Service Company

    Industry: Financial Services

    Source: Info-Tech Research group

    Founded over 100 years ago, Credit Service Company (CSC)* operates in the United States with over 40 branches located across four states. The organization services over 50,000 clients.

    Situation

    Increased regulations, changes in technology, and a growing number of public security incidents had caught the attention of the organization’s leadership. Despite awareness, an IT and security strategy had not been previously created. Management was determined to create a direction for the security team that aligned with their core mission of providing exceptional service and expertise.

    Solution

    During the workshop, the IT team and Info-Tech analysts worked together to understand the organization’s ideal state in various areas of information security. Having a concise understanding of requirements was a stepping stone to beginning to develop CSC’s prioritized strategy.

    Results

    Over the course of the week, the team created a document that concisely prioritized upcoming projects and associated costs and benefits. On the final day of the workshop, the team effectively presented the value of the newly developed security strategy to senior management and received buy-in for the upcoming project.

    *Some details have been changed for client privacy.

    Phase 1

    Assess Security Requirements

      Phase 1

    • 1.1 Define goals & scope
    • 1.2 Assess risks
    • 1.3 Determine pressures
    • 1.4 Determine risk tolerance
    • 1.5 Establish target state

      Phase 2

    • 2.1 Review Info-Tech’s security framework
    • 2.2 Assess your current state
    • 2.3 Identify gap closure actions

      Phase 3

    • 3.1 Define tasks & initiatives
    • 3.2 Perform cost/benefit analysis
    • 3.3 Prioritize initiatives
    • 3.4 Build roadmap

      Phase 4

    • 4.1 Build communication deck
    • 4.2 Develop a security charter
    • 4.3 Execute on your roadmap

    This phase will walk you through the following activities:

    1.1 Define goals and scope of the security strategy.

    1.2 Assess your organization’s current inherent security risks.

    1.3 Determine your organization’s stakeholder pressures for security.

    1.4 Determine your organization’s risk tolerance.

    1.5 Establish your security target state.

    1.1.1 Record your business goals

    Once you have identified your primary and secondary business goals, as well as the corresponding security alignment goals, record them in the Information Security Requirements Gathering Tool. The tool provides an activity status that will let you know if any parts of the tool have not been completed.

    1. Record your identified primary and secondary business goals in the Goals Cascade tab of the Information Security Requirements Gathering Tool.

    Use the drop-down lists to select an appropriate goal or choose “Other.” If you do choose “Other,” you will need to manually enter an appropriate business goal.

    2. For each of your business goals, select one to two security alignment goals. The tool will provide you with recommendations, but you can override these by selecting a different goal from the drop-down lists.

    A screenshot of the ‘Business Goals Cascade,’ which is part of the ‘Information Security Requirements Gathering Tool.’

    A common challenge for security leaders is how to express their initiatives in terms that are meaningful to business executives. This exercise helps to make an explicit link between what the business cares about and what security is trying to accomplish.

    1.1.2 Review your goals cascade

    Estimated Time: 15 minutes

    1. When you have completed the goals cascade, you can review a graphic diagram that illustrates your goals. The graphic is found on the Results tab of the Information Security Requirements Gathering Tool.
      • Security must support the primary business objectives. A strong security program will enable the business to compete in new and creative ways, rather than simply acting as an obstacle.
      • Failure to meet business obligations can result in operational problems, impacting the organization’s ability to function and the organization’s bottom line.
    2. Once you have reviewed the diagram, copy it into the Information Security Strategy Communication Deck.

    A screenshot of the ‘Goal Cascade Diagrams,’ which is part of the ‘Information Security Requirements Gathering Tool.’

    Identify your compliance obligations

    Most conventional regulatory obligations are legally mandated legislation or compliance obligations, such as:

    Sarbanes-Oxley Act (SOX)

    Applies to public companies that have registered equity or debt securities within the SEC to guarantee data integrity against financial fraud.

    Payment Card Industry Data Security Standard (PCI DSS)

    Applies to any organization that processes, transmits, or stores credit card information to ensure cardholder data is protected.

    Health Insurance Portability and Accountability Act (HIPAA)

    Applies to the healthcare sector and protects the privacy of individually identifiable healthcare information.

    Health Information Technology for Economic and Clinical Health (HITECH)

    Applies to the healthcare sector and widens the scope of privacy and security protections available under HIPAA.

    Personal Information Protection and Electronic Documents Act (PIPEDA)

    Applies to private sector organizations that collect personal information in Canada to ensure the protection of personal information in the course of commercial business.

    Compliance obligations also extend to voluntary security frameworks:

    NIST

    National Institute of Standards and Technology; a non-regulatory agency that develops and publicizes measurement

    CIS – 20 CSC

    Center for Internet Security – 20 Critical Security Controls; foundational set of effective cybersecurity practices.

    ISO 27001

    An information security management system framework outlining policies and procedures.

    COBIT 5

    An information technology and management and governance framework.

    HITRUST

    A common security framework for organizations that use or hold regulated personal health information.

    1.1.3 Record your compliance obligations

    Estimated Time: 30 minutes

    1. Identify your compliance obligations. Most organizations have compliance obligations that must be adhered to. These can include both mandatory and voluntary obligations. Mandatory obligations include:
      • Laws
      • Government regulations
      • Industry standards
      • Contractual agreements
      Voluntary obligations include standards that the organization has chosen to follow for best practices and any obligations that are required to maintain certifications. Organizations will have many different compliance obligations. For the purposes of your security strategy, include only those that have information security or privacy requirements.
    2. Record your compliance obligations, along with any notes, in your copy of the Information Security Requirements Gathering Tool.

    A screenshot of ‘Security Compliance Obligations,’ part of the ‘Information Security Requirements Gathering Tool.’

    Establish your scope and boundaries

    It is important to know at the outset of the strategy: what are we trying to secure?

    This includes physical areas we are responsible for, types of data we care about, and departments or IT systems we are responsible for.

    This also includes what is not in scope. For some outsourced services or locations, you may not be responsible for their security. In some business departments, you may not have control of security processes. Ensure that it is made explicit at the outset what will be included and what will be excluded from security considerations.

    Physical Scope and Boundaries

    • How many offices and locations does your organization have?
    • Which locations/offices will be covered by your information security management system (ISMS)?
    • How sensitive is the data residing at each location?
    • You may have many physical locations, and it is not necessary to list every one. Rather, list exceptional cases that are specifically in or out of scope.

    IT Systems Scope and Boundaries

    • There may be hundreds of applications that are run and maintained in your organization. Some of these may be legacy applications. Does your ISMS need to secure all your programs or a select few?
    • Is the system owned or outsourced?
    • Where are we accountable for security?
    • How sensitive is the data that each system handles?

    Organizational Scope and Boundaries

    • Will your ISMS cover all departments within your organization? For example, do certain departments (e.g. Operations) not need any security coverage?
    • Do you have the ability to make security decisions for each department?
    • Who are the key stakeholders/data owners for each department?

    Organizational scope considerations

    Many different groups will fall within the purview of the security strategy. Consider these two main points when deciding which departments will be in scope:

    1. If a group/user has access to data or systems that can impact the organization, then securing that group/user should be included within scope of the security strategy.
    2. If your organization provides some work direction to a group/user, they should be included within scope of the security strategy.
    1. Identify your departments and business groups
      • Start by identifying departments that provide some essential input or service to the organization or departments that interact with sensitive data.
    2. Break out different subsidiaries or divisions
      • Subsidiaries may or may not be responsible for securing themselves and protecting their data, but either way they are often heavily reliant on corporate for guidance and share IT resourcing support.
    3. Identify user groups
      • Many user groups exist, all requiring different levels of security. For example, from on-premises to remote access, from full-time employees to part-time or contractors.

    Physical scope considerations

    List physical locations by type

    Offices

    The primary location(s) where business operations are carried out. Usually leased or owned by the business.

    Regional Offices

    These are secondary offices that can be normal business offices or home offices. These locations will have a VPN connection and some sort of tenant.

    Co-Locations

    These are redundant data center sites set up for additional space, equipment, and bandwidth.

    Remote Access

    This includes all remaining instances of employees or contractors using a VPN to connect.

    Clients and Vendors

    Various vendors and clients have dedicated VPN connections that will have some control over infrastructure (whether owed/laaS/other).

    List physical locations by nature of the location

    Core areas within physical scope

    These are many physical locations that are directly managed. These are high-risk locations with many personal and services, resulting in many possible vulnerabilities and attack vectors.

    Locations on the edge of control

    These are on the edge of the physical scope, and thus, in scope of the security strategy. These include remote locations, remote access connections, etc.

    Third-party connections

    Networks of third-party users are within physical scope and need defined security requirements and definitions of how this varies per user.

    BYOD

    Mostly privately owned mobile devices with either on-network or remote access.

    It would be overkill and unhelpful to list every single location or device that is in scope. Rather, list by broad categories as suggested above or simply list exceptional cases that are in/out of scope.

    IT systems scope considerations

    Consider identifying your IT systems by your level of control or ownership.

    Fully owned systems

    These are systems that are wholly owned or managed by your organization.

    IT is almost always the admin of these systems. Generally they are hosted on premises. All securitization through methods such as patching or antivirus is done and managed by your IT department.

    Cloud/remote hosted (SaaS)

    These are systems with a lot of uncertainties because the vendor or service provided is either not known or what they are doing for security is not fully known.

    These systems need to be secured regardless, but supplier and vendor relationship management becomes a major component of how to manage these systems. Often, each system has varying levels of risk based on vendor practices.

    Hybrid owned (IaaS/PaaS)

    You likely have a good understanding of control for these systems, but they may not be fully managed by you (i.e. ownership of the infrastructure). These systems are often hosted by third parties that do some level of admin work.

    A main concern is the unclear definition of responsibility in maintaining these systems. These are managed to some degree by third parties; it is challenging for your security program to perform the full gamut of security or administrative functions.

    Unknown/unowned systems

    There are often systems that are unowned and even unknown and that very few people are using. These apps can be very small and my not fall under your IT management system framework. These systems create huge levels of risk due to limited visibility.

    For example, unapproved (shadow IT) file sharing or cloud storage applications would be unknown and unowned.

    1.1.4 Record your scope and boundaries

    Estimated Time: 30-60 minutes

    1. Divide into groups and give each group member a handful of sticky notes. Ask them to write down as many items as possible for the organization that could fall under one of the scope buckets.
    2. Collect each group’s responses and discuss the sticky notes and the rationale for including them. Discuss your security-related locations, data, people, and technologies, and define their scope and boundaries.
      • Careful attention should be paid to any elements of the strategy that are not in scope.
    3. Discuss and aggregate all responses as to what will be in scope of the security strategy and what will not be. Record these in the Information Security Requirements Gathering Tool.

    A screenshot of ‘Scope and Boundaries,’ part of the ‘Information Security Requirements Gathering Tool.’

    1.2 Conduct a risk assessment

    Estimated Time: 1-3 hours

    1. As a group, review the questions on the Risk Assessment tab of the Information Security Pressure Analysis Tool.
    2. Gather the required information from subject matter experts on the following risk elements:
      • Threats
      • Assets
      • Vulnerabilities (people, systems, supply chain)
      • Historical security incidents

    Input

    • List of organizational assets
    • Historical data on information security incidents

    Output

    • Completed risk assessment

    Materials

    • Information Security Pressure Analysis Tool

    Participants

    • Security Team
    • IT Leadership
    • Risk Management

    Download the Information Security Pressure Analysis Tool

    1.2.1 Complete the risk assessment questionnaire

    Estimated Time: 60-90 minutes

    1. Review each question in the questionnaire and provide the most appropriate response using the drop-down list.
      • If you are unsure of the answer, consult with subject matter experts to obtain the required data.
      • Otherwise, provide your best estimation
    2. When providing responses for the historical incident questions, only count incidents that had a sizeable impact on the business.

    A screenshot of the ‘Organizational Security Risk Assessment,’ part of the ‘Information Security Pressure Analysis Tool.’

    Info-Tech Insight

    Understanding your organization’s security risks is critical to identifying the most appropriate level of investment into your security program. Organizations with more security risks will need more a mature security program to mitigate those risks.

    1.2.2 Review the results of the risk assessment

    Estimated Time: 30 minutes

    1. Once you have completed the risk assessment, you can review the output on the Results tab.
    2. If required, the weightings of each of the risk elements can be customized on the Weightings tab.
    3. Once you have reviewed the results, copy your risk assessment diagram into the Information Security Strategy Communication Deck.

    A screenshot showing sample results of the ‘Organizational Risk Assessment,’ part of the ‘Information Security Pressure Analysis Tool.’

    It is important to remember that the assessment measures inherent risk, meaning the risk that exists prior to the implementation of security controls. Your security controls will be assessed later as part of the gap analysis.

    1.3 Conduct pressure analysis

    Estimated Time: 1-2 hours

    1. As a group, review the questions on the Pressure Analysis tab of the Information Security Pressure Analysis Tool.
    2. Gather the required information from subject matter experts on the following pressure elements:
      • Compliance and oversight
      • Customer expectations
      • Business expectations
      • IT expectations

    Input

    • Information on various pressure elements within the organization

    Output

    • Completed pressure analysis

    Materials

    • Information Security Pressure Analysis Tool

    Participants

    • Security Team
    • IT Leadership
    • Business Leaders
    • Compliance

    Download the Information Security Pressure Analysis Tool

    Risk tolerance considerations

    At this point, we want to frame risk tolerance in terms of business impact. Meaning, what kinds of impacts to the business would we be able to tolerate and how often? This will empower future risk decisions by allowing the impact of a potential event to be assessed, then compared against the formalized tolerance. We will consider impact from three perspectives:

    F

    Functional Impact

    The disruption or degradation of business/organizational processes.

    I

    Informational Impact

    The breach of confidentiality, privacy, or integrity of data/information.

    R

    Recoverability Impact

    The disruption or degradation of the ability to return to conditions prior to a security incident.

    Consider these questions:

    Questions to ask

    Description

    Is there a hard-dollar impact from downtime?

    This refers to when revenue or profits are directly impacted by a business disruption. For example, when an online ordering system is compromised and shut down, it affects sales, and therefore, revenue.

    Is regulatory compliance a factor?

    Depending on the circumstances of the vulnerabilities, it can be a violation of compliance obligations that would cause significant fines.

    Are any critical services dependent on this asset?

    Functional dependencies are sometimes not obvious, and assets that appear marginal can have huge impacts on critical services.

    Is there a health or safety risk?

    Some operations are critical to health and safety. For example, medical organizations have operations that are necessary to ensure uninterrupted critical health services. An exploited vulnerability that impacts these operations can have life and death consequences.

    ANALYST PERSPECTIVE

    It is crucial to keep in mind that you care about a risk scenario impact to the main business processes.

    For example, imagine a complete functional loss of the corporate printers. For most businesses, even the most catastrophic loss of printer function will have a small impact on their ability to carry out the main business functions.

    On the flip side, even a small interruption to email or servers could have a large functional impact on business processes.

    Risk tolerance descriptions

    High

    • Organizations with high risk tolerances are often found in industries with limited security risk, such as Construction, Agriculture and Fishing, or Mining.
    • A high risk tolerance may be appropriate for organizations that do not rely on highly sensitive data, have limited compliance obligations, and where their customers do not demand strong security controls. Organizations that are highly focused on innovation and rapid growth may also tend towards a higher risk tolerance.
    • However, many organizations adopt a high risk tolerance by default simply because they have not adequately assessed their risks.

    Moderate

    • Organizations with medium risk tolerances are often found in industries with moderate levels of security risk, such as Local Government, Education, or Retail and Wholesale
    • A medium risk tolerance may be appropriate for organizations that store and process some sensitive data, have a modest number of compliance obligations, and where customer expectations for security tend to be implicit rather than explicit.

    Low

    • Organizations with low risk tolerances are often found in industries with elevated security risk, such as Financial Services, Federal Governments, or Defense Contractors.
    • A low risk tolerance may be appropriate for organizations that store very sensitive data, process high-value financial transactions, are highly regulated, and where customers demand strong security controls.
    • Some organizations claim to have a low risk tolerance, but in practice will often allow business units or IT to accept more security risk than would otherwise be permissible. A strong information security program will be required to manage risks to an acceptable level.

    1.4.1 Complete the risk tolerance questionnaire

    Estimated Time: 30-60 minutes

    1. In a group discussion, review the low-, medium-, and high-impact scenarios and examples for each impact category. Ensure that everyone has a consistent understanding of the scenarios.
    2. For each impact type, use the frequency drop-down list to identify the maximum frequency that the organization could tolerate for the event scenarios, considering:
      • The current frequency with which the scenarios are occurring in your organization may be a good indication of your tolerance. However, keep in mind that you may be able to tolerate these incidents happening more frequently than they do.
      • Hoping is not the same as tolerating. While everyone hopes that high-impact incidents never occur, carefully consider whether you could tolerate them occurring more frequently.

    A screenshot showing the ‘Organizational Security Risk Tolerance Assessment,’ part of the ‘Information Security Pressure Analysis Tool.’

    1.4.2 Review the results of the risk tolerance analysis

    Estimated Time: 30 minutes

    1. Once you have completed the risk tolerance exercise, you can review the output on the Results tab.
    2. If required, the weightings of each of the impact types can be customized on the Weightings tab.
    3. Once you have reviewed the results, copy your risk tolerance diagram into the Information Security Strategy Communication Deck.

    A screenshot showing the results of the 'Information Security Risk Tolerance Assessment,' part of the ‘Information Security Pressure Analysis Tool.’

    A low risk tolerance will require a stronger information security program to ensure that operational security risk in the organization is minimized. If this tool reports that your risk tolerance is low, it is recommended that you review the results with your senior stakeholders to ensure agreement and support for the security program.

    1.5 Establish your target state

    Estimated Time: 30-60 minutes

    1. As a group, review the overall results of the requirements gathering exercise:
      • Business goals cascade
      • Compliance obligations
      • Scope
    2. Review the overall results of the risk assessment, pressure analysis, and risk tolerance exercises.
    3. Conduct a group discussion to arrive at a consensus of what the ideal target state for the information security program should look like.
      • Developing mission and vision statements for security may be useful for focusing the group.
      • This discussion should also consider the desired time frame for achieving the target state.

    Download the Information Security Pressure Analysis Tool

    Input

    • Information security requirements (goals cascade, compliance obligations, scope)
    • Risk assessment
    • Pressure analysis
    • Risk tolerance

    Output

    • Completed information security target state

    Materials

    Participants

    • Security Team
    • IT Leadership
    • Risk Management
    • Business Leaders
    • Compliance

    Understanding security target states

    Maturity models are very effective for determining information security target states. This table provides general descriptions for each maturity level. As a group, consider which description most accurately reflects the ideal target state for information security in your organization.

    1. AD HOC

      Initial/Ad hoc security programs are reactive. Lacking strategic vision, these programs are less effective and less responsive to the needs of the business.
    2. DEVELOPING

      Developing security programs can be effective at what they do but are not holistic. Governance is largely absent. These programs tend to rely on the talents of individuals rather than a cohesive plan.
    3. DEFINED

      A defined security program is holistic, documented, and proactive. At least some governance is in place, however, metrics are often rudimentary and operational in nature. These programs still often rely on best practices rather than strong risk management.
    4. MANAGED

      Managed security programs have robust governance and metrics processes. Management and board-level metrics for the overall program are produced. These are reviewed by business leaders and drive security decisions. More mature risk management practices take the place of best practices.
    5. OPTIMIZED

      An optimized security program is based on strong risk management practices, including the production of key risk indicators (KRIs). Individual security services are optimized using key performance indicators (KPIs) that continually measure service effectiveness and efficiency.

    1.5.1 Review the results of the target state recommendation

    Estimated Time: 30-60 minutes

    1. Based upon your risk assessment, pressure analysis, and risk tolerance, the Information Security Pressure Analysis Tool will provide a recommended information security target state.
    2. With your group, review the recommendation against your expectations.
    3. If required, the weightings of each of the factors can be customized on the Weightings tab.
    4. Once you have reviewed the results, copy your target state diagram into the Information Security Strategy Communication Deck.

    A screenshot showing the results of the ‘Information Security Target State,’ part of the ‘Information Security Pressure Analysis Tool.’

    Info-Tech Insight

    Higher target states require more investment to attain. It is critical to ensure that all key stakeholders agree on the security target state. If you set a target state that aims too high, you may struggle to gain support and funding for the strategy. Taking this opportunity to ensure alignment from the start will pay off dividends in future.

    1.5.2 Review and adjust risk and pressure weightings

    Estimated Time: 30 minutes

    1. If the results of your risk assessment, pressure analysis, risk tolerance, or target state do not match your expectations, you may need to review and adjust the weightings for the elements within one or more of these areas.
    2. On the Weightings tab, review each of the strategic categories and adjust the weights as required.
      • Each domain is weighted to contribute to your overall pressure score based on the perceived importance of the domain to the organization.
      • The sum of all weights for each category must add up to 100%.

    A screenshot showing the results of the weightings given to each factor in a category, part of the ‘Information Security Pressure Analysis Tool.’

    Case Study

    Credit Service Company

    Industry: Financial Services

    Source: Info-Tech Research group

    Below are some of the primary requirements that influenced CSC’s initial strategy development.

    External Pressure

    Pressure Level: High

    • Highly regulated industries, such as Finance, experience high external pressure.
    • Security pressure was anticipated to increase over the following three years due to an increase in customer requirement.

    Obligations

    Regulatory: Numerous regulations and compliance requirements as a financial institution (PCI, FFIEC guidance).

    Customer: Implicitly assumes personal, financial, and health information will be kept secure.

    Risk Tolerance

    Tolerance Level: Low

    1. Management: Are risk averse and have high visibility into information security.
    2. Multiple locations controlled by a central IT department decreased the organization’s risk tolerance.

    Summary of Security Requirements

    Define and implement dynamic information security program that understands and addresses the business’ inherent pressure, requirements (business, regulatory, and customer), and risk tolerance.

    Phase 2

    Build a Gap Initiative Strategy

      Phase 1

    • 1.1 Define goals & scope
    • 1.2 Assess risks
    • 1.3 Determine pressures
    • 1.4 Determine risk tolerance
    • 1.5 Establish target state

      Phase 2

    • 2.1 Review Info-Tech’s security framework
    • 2.2 Assess your current state
    • 2.3 Identify gap closure actions

      Phase 3

    • 3.1 Define tasks & initiatives
    • 3.2 Perform cost/benefit analysis
    • 3.3 Prioritize initiatives
    • 3.4 Build roadmap

      Phase 4

    • 4.1 Build communication deck
    • 4.2 Develop a security charter
    • 4.3 Execute on your roadmap

      This phase will walk you through the following activities:

    • 2.1 Review Info-Tech’s framework.
    • 2.2 Assess your current state of security against your target state.
    • 2.3 Identify actions required to close gaps.

    2.1 Review the Info-Tech framework

    Estimated Time: 30-60 minutes

    1. As a group, have the security team review the security framework within the Information Security Gap Analysis Tool.
    2. Customize the tool as required using the instructions on the following slides.

    Input

    • Information security requirements
    • Security target state

    Output

    • Customized security framework

    Materials

    • Information Security Gap Analysis Tool

    Participants

    • Security Team

    Download the Information Security Gap Analysis Tool

    Understand the Info-Tech framework

    Info-Tech’s security framework uses a best-of-breed approach to leverage and align with most major security standards, including:

    • ISO 27001/27002
    • COBIT
    • Center for Internet Security (CIS) Critical Controls
    • NIST Cybersecurity Framework
    • NIST SP 800-53
    • NIST SP 800-171

    A diagram depicting Info-Tech’s best-of-breed security framework.

    A best-of-breed approach ensures holistic coverage of your information security program while refraining from locking you in to a specific compliance standard.

    2.1.1 Configure the Information Security Gap Analysis Tool

    Estimated Time: 30 minutes

    Review the Setup tab of the Information Security Gap Analysis Tool. This tab contains several configurable settings that should be customized to your organization. For now, the three settings you will need to modify are:

    • The security target state. Enter the target state from your Information Security Pressure Analysis Tool. If you do not enter a target state, the tool will default to a target of 3 (Defined).
    • Your Security Alignment Goals (from your Information Security Requirements Gathering Tool).
    • The starting year for your security roadmap.

    A screenshot showing the ‘Setup’ tab of the ‘Information Security Gap Analysis Tool.’

    2.2 Assess current state of security

    Estimated Time: 8-16 hours

    1. Using the Information Security Gap Analysis Tool, review each of the controls in the Gap Analysis tab.
    2. Follow the instructions on the next slides to complete your current state and target state assessment.
    3. For most organizations, multiple internal subject matter experts will need to be consulted to complete the assessment.

    Input

    • Security target state
    • Information on current state of security controls, including sources such as audit findings, vulnerability and penetration test results, and risk registers

    Output

    • Gap analysis

    Materials

    • Information Security Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management

    Download the Information Security Gap Analysis Tool

    Example maturity levels

    To help determine appropriate current and target maturity levels, refer to the example below for the control “Email communication is filtered for spam and potential malicious communications.”

    AD HOC 01

    There is no centrally managed spam filter. Spam may be filtered by endpoint email clients.

    DEVELOPING 02

    There is a secure email gateway. However, the processes for managing it are not documented. Administrator roles are not well defined. Minimal fine-tuning is performed, and only basic features are in use.

    DEFINED 03

    There is a policy and documented process for email security. Roles are assigned and administrators have adequate technical training. Most of the features of the solution are being used. Rudimentary reports are generated, and some fine-tuning is performed.

    MANAGED 04

    Metrics are produced to measure the effectiveness of the email security service. Advanced technical features of the solution have been implemented and are regularly fine-tuned based on the metrics.

    OPTIMIZED 05

    There is a dedicated email security administrator with advanced technical training. Custom filters are developed to further enhance security, based on relevant cyber threat intelligence. Email security metrics feed key risk indicators that are reported to senior management.

    2.2.1 Conduct current state assessment

    Estimated Time: 8-16 hours

    1. Carefully review each of the controls in the Gap Analysis tab. For each control, indicate the current maturity level using the drop-down list.
      • You should only use “N/A” if you are confident that the control is not required in your organization.
      • For example, if your organization does not perform any software development then you can select “N/A” for any controls related to secure coding practices.
    2. Provide comments to describe your current state. This step is optional but recommended as it may be important to record this information for future reference.
    3. Select the target maturity for the control. The tool will default to the target state for your security program, but this can be overridden using the drop-down list.

    2.2.1 Conduct current state assessment

    Estimated Time: 8-16 hours

    1. Carefully review each of the controls in the Gap Analysis tab. For each control, indicate the current maturity level using the drop-down list.
      • You should only use “N/A” if you are confident that the control is not required in your organization. For example, if your organization does not perform any software development then you can select “N/A” for any controls related to secure coding practices.
    2. Provide comments to describe your current state. This step is optional but recommended as it may be important to record this information for future reference.
    3. Select the target maturity for the control. The tool will default to the target state for your security program, but this can be overridden using the drop-down list.

    A screenshot showing the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

    Review the Gap Analysis Dashboard

    Use the Gap Assessment Dashboard to map your progress. As you fill out the Gap Analysis Tool, check with the Dashboard to see the difference between your current and target state.

    Use the color-coded legend to see how large the gap between your current and target state is. The legend can be customized further if desired.

    Security domains that appear white have not yet been assessed or are rated as “N/A.”

    2.2.3 Identify actions required to close gaps

    Estimated Time: 4-8 hours

    1. Using the Information Security Gap Analysis Tool, review each of the controls in the Gap Analysis tab.
    2. Follow the instructions on the next slides to identify gap closure actions for each control that requires improvement.
    3. For most organizations, multiple internal subject matter experts will need to be consulted to complete the assessment.

    Input

    • Security control gap information

    Output

    • Gap closure action list

    Materials

    • Information Security Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management

    Download the Information Security Gap Analysis Tool

    2.3.1 Identify gap closure actions

    Estimated Time: 4-8 hours

    1. For each of the controls where there is a gap between the current and target state, a gap closure action should be identified:
      • Review the example actions and copy one or more of them if appropriate. Otherwise, enter your own gap closure action.
    2. Identify whether the action should be managed as a task or as an initiative. Most actions should be categorized as an initiative. However, it may be more appropriate to categorize them as a task when:
      1. They have no costs associated with them
      2. They require a low amount of initial effort to implement and no ongoing effort to maintain
      3. They can be accomplished independently of other tasks

    A screenshot showing gap closure actions, part of the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

    Considerations for gap closure actions

    • In small groups, have participants ask, “what would we have to do to achieve the target state?” Document these in the Gap Closure Actions column.
    • The example gap closure actions may be appropriate for your organization, but do not simply copy them without considering whether they are right for you.
    • Not all gaps will require their own action. You can enter one action that may address multiple gaps.
    • If you find that many of your actions are along the lines of “investigate and make recommendations,” you should consider using the estimated gap closure percentage column to track the fact that these gaps will not be fully closed by the actions.

    A screenshot showing considerations for gap closure actions, part of the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

    2.3.2 Define gap closure action effectiveness

    Estimated Time: 1-2 hours

    For each of the gap closure actions, optionally enter an estimated gap closure percentage to indicate how effective the action will be in fully closing the gap.

    • For instance, an action to “investigate solutions and make recommendations” will not fully close the gap.
    • This is an optional step but will be helpful to understand how much progress towards your security target state you will make based on your roadmap.
    • If you do not fill in this column, the tool will assume that your actions will fully close all gaps.

    A screenshot showing considerations for estimated gap closure percentage, part of the 'Gap Analysis' tab of the 'Information Security Gap Analysis Tool.'

    Completing this step will populate the “Security Roadmap Progression” diagram in the Results tab, which will provide a graphic illustration of how close to your target state you will get based upon the roadmap.

    Phase 3

    Prioritize Initiatives and Build Roadmap

    Phase 1

    • 1.1 Define goals & scope
    • 1.2 Assess risks
    • 1.3 Determine pressures
    • 1.4 Determine risk tolerance
    • 1.5 Establish target state

    Phase 2

    • 2.1 Review Info-Tech’s security framework
    • 2.2 Assess your current state
    • 2.3 Identify gap closure actions

    Phase 3

    • 3.1 Define tasks & initiatives
    • 3.2 Perform cost/benefit analysis
    • 3.3 Prioritize initiatives
    • 3.4 Build roadmap

    Phase 4

    • 4.1 Build communication deck
    • 4.2 Develop a security charter
    • 4.3 Execute on your roadmap

    This phase will walk you through the following activities:

    • 3.1 Define tasks and initiatives.
    • 3.2 Define cost, effort, alignment, and security benefit of each initiative.
    • 3.3 Prioritize initiatives.
    • 3.4 Build the prioritized security roadmap

    3.1 Define tasks and initiatives

    Estimated Time: 2-4 hours

    1. As a group, review the gap actions identified in the Gap Analysis tab.
    2. Using the instructions on the following slides, finalize your task list.
    3. Using the instructions on the following slides, review and consolidate your initiative list.

    Input

    • Gap analysis

    Output

    • List of tasks and initiatives

    Materials

    • Information Security Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    Download the Information Security Gap Analysis Tool

    3.1.1 Finalize your task list

    Estimated Time: 1-2 hours

    1. Obtain a list of all your task actions by filtering on the Action Type column in the Gap Analysis tab.
    2. Paste the list into the table on the Task List tab.
      • Use Paste Values to retain the table formatting
    3. Enter a task owner and due date for each task. Without accountability, it is too easy to fall into complacency and neglect these tasks.

    A screenshot showing the 'Task List' tab of the 'Information Security Gap Analysis Tool.'

    Info-Tech Insight

    Tasks are not meant to be managed to the same degree that initiatives will be. However, they are still important. It is recommended that you develop a process for tracking these tasks to completion.

    3.1.2 Consolidate your gap closure actions into initiatives

    Estimated Time: 2-3 hours

    1. Once you have finalized your task list, you will need to consolidate your list of initiative actions. Obtain a list of all your initiative actions by filtering on the Action Type column in the Gap Analysis tab.
    2. Create initiatives on the Initiative List tab. While creating initiatives, consider the following:
      • As much as possible, it is recommended that you consolidate multiple actions into a single initiative. Reducing the total number of initiatives will allow for more efficient management of the overall roadmap.
      • Start by identifying areas of commonality between gap closure actions, for instance:
        • Group all actions within a security domain into a single initiative.
        • Group together similar actions, such as all actions that require updating policies.
        • Consider combining actions that have inter-dependencies.
      • While it is recommended that you consolidate actions as much as possible, some actions should become initiatives on their own. This will be appropriate when:
        • The action is time sensitive and consolidating it with other actions will cause scheduling issues.
        • Actions that could otherwise be consolidated have different business sponsors or owners and need to be kept separate for funding or accountability reasons.
    3. Link the initiative actions on the Gap Analysis tab using the drop-down list in the Initiative Name column.

    Initiative consolidation example

    In the example below, we see three gap closure actions within the Security Culture and Awareness domain being consolidated into a single initiative “Develop security awareness program.”

    We can also see one gap closure action within the same domain being grouped with two actions from the Security Policies domain into another initiative “Update security policies.”

    Info-Tech Insight

    As you go through this exercise, you may find that some actions that you previously categorized as tasks could be consolidated into an initiative.

    A screenshot showing how six sample gap closure actions can be distilled into two gap closure initiatives. Part of the 'Information Security Gap Analysis Tool.'

    3.1.3 Finalize your initiative list

    Estimated Time: 30 minutes

    1. Review your final list of initiatives and make any required updates.
    2. Optionally, add a description or paste in a list of the individual gap closure actions that are associated with the initiative. This will make it easier to perform the cost and benefit analysis.
    3. Use the drop-down list to indicate which of the security alignment goals most appropriately reflects the objectives of the initiative. If you are unsure, use the legend next to the table to find the primary security domain associated with the initiative and then select the recommended security alignment goal.
      • This step is important to understand how the initiative supports the business goals identified earlier.

     A screenshot showing the primary security alignment goal, part of the 'Initiative List' tab of the 'Information Security Gap Analysis Tool.'

    3.2 Conduct cost/ benefit analysis

    Estimated Time: 1-2 hours

    1. As a group, define the criteria to be used to conduct the cost/benefit analysis, following the instructions on the next slide.
    2. Assign costing and benefits information for each initiative.
    3. Define dependencies or business impacts if they will help with prioritization.

    Input

    • Gap analysis
    • Initiative list

    Output

    • Completed cost/benefit analysis for initiative list

    Materials

    • Information Security Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    Download the Information Security Gap Analysis Tool

    3.2.1 Define costing criteria

    Estimated Time: 30 minutes

    1. On the Setup tab of the Information Security Gap Analysis Tool, enter high, medium, and low ranges for initial and ongoing costs and efforts.
      1. Initial costs are one-time, upfront capital investments (e.g. hardware and software costs, project-based consulting fees, training).
      2. Ongoing cost is any annually recurring operating expenses that are new budgetary costs (e.g. licensing, maintenance, subscription fees).
      3. Initial staffing in hours is total time in person hours required to complete a project. It is not total elapsed time but dedicated time. Consider time required to gather requirements and to design, test, and implement the solution.
      4. Ongoing staffing in FTEs is the ongoing average effort required to support that initiative after implementation.
    2. In addition to ranges, provide an average for each. These will be used to calculate estimated total costs for the roadmap.

    A screenshot showing the initiative costs for estimation, part of the 'Setup' tab of the 'Information Security Gap Analysis Tool.' The range of costs is labeled with an arrow with number 1 on it, and the average cost per initiative is labeled with an arrow with number 2 on it.

    Make sure that your ranges allow for differentiation between initiatives to enable prioritization. For instance, if you set your ranges too low, all your initiatives will be assessed as high cost, providing no help when you must prioritize them.

    3.2.2 Define benefits criteria

    Estimated Time: 30 minutes

    1. On the Setup tab of the Information Security Gap Analysis Tool, enter high, medium, and low values for the Alignment with Business Benefit.
      • This variable is meant to capture how well each initiative aligns with organizational goals and objectives.
      • By default, this benefit is linked directly to business goals through the primary and secondary security alignment goals. This allows the tool to automatically calculate the benefit based on the security alignment goals associated with each initiative.
      • If you change these values, you may need to override the calculated values in the prioritization tab.
    2. Enter a high, medium, and low value for the Security Benefit.
      • This variable is meant to capture the relative security benefit or risk reduction being provided by the gap initiative.
      • By default, this benefit is linked to security risk reduction.

    A screenshot showing the initiative benefits for estimation, part of the 'Setup' tab of the 'Information Security Gap Analysis Tool.'

    Some organizations prefer to use the “Security Benefit” criteria to demonstrate how well each initiative supports specific compliance goals.

    3.2.3 Complete the cost/benefit analysis

    Estimated Time: 1-2 hours

    1. On the Prioritization tab, use the drop-down lists to enter the estimated costs and efforts for each initiative, using the criteria defined earlier.
      • If you have actual costs available, you can optionally enter them under the Detailed Cost Estimates columns.
    2. Enter the estimated benefits, also using the criteria defined earlier.
      • The Alignment with Business benefit will be automatically populated, but you can override this value using the drop-down list if desired.

    A screenshot showing the estimated cost, estimated effort, and estimated benefits section, part of the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.' Estimated cost and estimated effort are labeled with an arrow with number 1 on it, and estimated benefits is labeled with an arrow with a number 2 on it.

    3.2.4 Optionally enter detailed cost estimates

    Estimated Time: 30 minutes

    1. For each initiative, the tool will automatically populate the Detailed Cost Estimates and Detailed Staffing Estimates columns using the averages that you provided in steps 3.2.1 and 3.2.2. However, if you have more detailed data about the costs and effort requirements for an initiative, you can override the calculated data by manually entering it into these columns. For example:
      • You are planning to subscribe to a security awareness vendor, and you have a quote from them specifying that the initial cost will be $75,000.
      • You have defined your “Medium” cost range as being “$10-100K”, so you select medium as your initial cost for this initiative in step 3.2.3. As you defined the average for medium costs as being $50,000, this is what the tool will put into the detailed cost estimate.
      • You can override this average by entering $75,000 as the initial cost in the detailed cost estimate column.

    A screenshot showing the detailed cost estimates and detailed staffing estimates columns, part of the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.' These columns are labeled with an arrow with a number 1 on it.

    Case Study

    Credit Service Company

    Industry: Financial Services

    Source: Info-Tech Research Group

    A chart titled 'Framework Components,' displaying how the Credit Service Company profiled in the case study performed a current state assessment, created gap initiatives, and prioritized gap initiatives.

    3.3 Prioritize initiatives

    Estimated Time: 2-3 hours

    1. As a group, review the results of the cost/benefit analysis. Optionally, complete the Other Considerations columns in the Prioritization tab:
      • Dependencies can refer to other initiatives on the list or any other dependency that relates to activities or projects within the organization.
      • Business impacts can be helpful to document as they may require additional planning and communication that could impact initiative timelines.
    2. Follow step 3.3.1 to create an effort map with the results of the cost/benefit analysis.
    3. Follow step 3.3.2 to assign initiatives into execution waves.

    Input

    • Gap analysis
    • Initiative list
    • Cost/benefit analysis

    Output

    • Prioritized list of initiatives

    Materials

    • Information Security Gap Analysis Tool
    • Whiteboard

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    Download the Information Security Gap Analysis Tool

    3.3.1 Create effort map

    Estimated Time: 30 minutes

    1. On a whiteboard, draw the quadrant diagram shown.
    2. Create sticky notes for each initiative on your initiative list.
    3. For each initiative, use the “Cost/Effort Rating” and the “Benefit Rating” calculated on the Prioritization tab to place the corresponding sticky note onto the diagram.

    An effort map is a tool used for the visualization of a cost/benefit analysis. It is a quadrant output that visually shows how your gap initiatives were prioritized. In this example, the initiative “Update Security Policies” was assessed as low cost/effort (3) and high benefit (10).

    An image showing how 'update security policies,' as ranked on a cost/effort and benefit quadrant, translates to a cost/effort and benefit rating on the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.'

    3.3.2 Assign initiatives to execution waves

    Estimated Time: 60 minutes

    1. Using sticky flip chart sheets, create four sheets and label them according to the four execution waves:
      • MUST DO – These are initiatives that need to get moving right away. They may be quick wins, items with critical importance, or foundational projects upon which many other initiatives depend.
      • SHOULD DO – These are important initiatives that need to get done but cannot launch immediately due to budget constraints, dependencies, or business impacts that require preparation.
      • COULD DO – Initiatives that have merit but are not a priority.
      • WON’T DO – Initiatives where the costs outweigh the benefits.
    2. Using the further instructions on the following slides, move the initiative sticky notes from your effort map into the waves.

    Considerations for prioritization

    • Starting from the top right of the effort map, begin pulling stickies off and putting them in the appropriate roadmap category.
    • Keep dependencies in mind. If an important initiative depends on a low-priority one being completed first, then pull dependent initiatives up the list.
    • It may be helpful to think of each wave as representing a specific time frame (e.g. wave 1 = first year of your roadmap, wave 2 = year two, wave 3 = year three).

    Info-Tech Insight

    Use an iterative approach. Most organizations tend to put too many initiatives into wave 1. Be realistic about what you can accomplish and take several passes at the exercise to achieve a balance.

    An image showing how to map the sticky notes from a sample exercise, as placed on a cost/effort and benefit quadrant, into waves.

    3.3.3 Finalize prioritization

    Estimated Time: 30 minutes

    1. Once you have completed placing your initiative sticky notes into the waves, update the Prioritization tab with the Roadmap Wave column.
    2. Optionally, use the Roadmap Sub-Wave column to prioritize initiatives within a single wave.
      • This will allow you more granular control over the final prioritization, especially where dependencies require extra granularity.

    Any initiatives that are currently in progress should be assigned to Wave 0.

    An image showing the roadmap wave and roadmap sub-wave sections, part of the 'Prioritization' tab of the 'Information Security Gap Analysis Tool.' Roadmap wave is labeled with an arrow with a number 1 on it, and roadmap sub-wave is labeled with an arrow with a number 2 on it.

    3.4 Build roadmap

    Estimated Time: 1-3 hours

    1. As a group, follow step 3.4.1 to create your roadmap by scheduling initiatives into the Gantt chart within the Information Security Gap Analysis Tool.
    2. Review the roadmap for resourcing conflicts and adjust as required.
    3. Review the final cost and effort estimates for the roadmap.

    Input

    • Gap analysis
    • Cost/benefit analysis
    • Prioritized initiative list
    • (Optional) List of other non-security IT and business projects

    Output

    • Security strategic roadmap

    Materials

    • Information Security Gap Analysis Tool

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    Download the Information Security Gap Analysis Tool

    3.4.1 Schedule initiatives using the Gantt chart

    Estimated Time: 1-2 Hours

    1. On the Gantt Chart tab for each initiative, enter an owner (the individual who will be primarily responsible for execution).
    2. Additionally, enter a start month and year for the initiative and the expected duration in months.
      • You can filter the Wave column to only see specific waves at any one time to assist with the scheduling.
      • You do not need to schedule Wave 4 initiatives as the expectation is that these initiatives will not be done.

    Info-Tech Insight

    Use the Owner column to help identify resourcing constraints. If a single individual is responsible for many different initiatives that are planned to start at the same time, consider staggering those initiatives.

    An image showing the owner and planned start sections, part of the 'Security Roadmap Gantt Chart' tab of the 'Information Security Gap Analysis Tool.' The owner column is labeled with an arrow with a 1 on it, and the planned start column is labeled with an arrow with a 2 on it.

    3.4.2 Review your roadmap

    Estimated Time: 30-60 minutes

    1. When you have completed the Gantt chart, as a group review the overall roadmap to ensure that it is reasonable for your organization. Consider the following:
      • Do you have other IT or business projects planned during this time frame that may impact your resourcing or scheduling?
      • Does your organization have regular change freezes throughout the year that will impact the schedule?
      • Do you have over-subscribed resources? You can filter the list on the Owner column to identify potential over-subscription of resources.
      • Have you considered any long vacations, sabbaticals, parental leaves, or other planned longer-term absences?
      • Are your initiatives adequately aligned to your budget cycle? For instance, if you have an initiative that is expected to make recommendations for capital expenditure, it must be completed prior to budget planning.

    A screenshot image showing parts of the 'Security Roadmap Gantt Chart' tab with sample data in it. Taken from the 'Information Security Gap Analysis Tool.'

    3.4.3 Review your expected roadmap progression

    Estimated Time: 30 minutes

    1. If you complete the optional exercise of filling in the Estimated Gap Closure Percentage column on the Gap Analysis tab, the tool will generate a diagram showing how close to your target state you can expect to get based on the tasks and initiatives in your roadmap. You can review this diagram on the Results tab.
      • Remember that this Expected Maturity at End of Roadmap score assumes that you will complete all tasks and initiatives (including all Wave 4 initiatives).
    2. Copy the diagram into the Information Security Strategy Communication Deck.

    Info-Tech Insight

    Often, internal stakeholders will ask the question “If we do everything on this roadmap, will we be at our target state?” This diagram will help answer that question.

    A screenshot image showing the 'Expected Security Roadmap Progression' with sample data in it. Part of the 'Results' tab of the 'Information Security Gap Analysis Tool.'

    3.4.4 Review your cost/effort estimates table

    Estimated Time: 30 minutes

    1. Once you have completed your roadmap, review the total cost/effort estimates. This can be found in a table on the Results tab. This table will provide initial and ongoing costs and staffing requirements for each wave. This also includes the total three-year investment. In your review consider:
      • Is this investment realistic? Will completion of your roadmap require adding more staff or funding than you otherwise expected?
      • If the investment seems unrealistic, you may need to revisit some of your assumptions, potentially reducing target levels or increasing the amount of time to complete the strategy.
      • This table provides you with the information to have important conversations with management and stakeholders
    2. When you have completed your review, copy the table into the Information Security Strategy Communication Deck.

    A screenshot image showing the 'Information Security Roadmap Cost/Effort Estimates,' part of the 'Results' tab of the 'Information Security Gap Analysis Tool.'

    Phase 4

    Execute and Maintain

    Phase 1

    • 1.1 Define goals & scope
    • 1.2 Assess risks
    • 1.3 Determine pressures
    • 1.4 Determine risk tolerance
    • 1.5 Establish target state

    Phase 2

    • 2.1 Review Info-Tech’s security framework
    • 2.2 Assess your current state
    • 2.3 Identify gap closure actions

    Phase 3

    • 3.1 Define tasks & initiatives
    • 3.2 Perform cost/benefit analysis
    • 3.3 Prioritize initiatives
    • 3.4 Build roadmap

    Phase 4

    • 4.1 Build communication deck
    • 4.2 Develop a security charter
    • 4.3 Execute on your roadmap

    This phase will walk you through the following activities:

    • 4.1 Build your security strategy communication deck.
    • 4.2 Develop a security charter.
    • 4.3 Execute on your roadmap.

    4.1 Build your communication deck

    Estimated Time: 1-3 hours

    1. As a group, review the Information Security Strategy Communication Deck.
    2. Follow the instructions within the template and on the next few slides to customize the template with the results of your strategic roadmap planning.

    Input

    • Completed Security Requirements Gathering Tool
    • Completed Security Pressure Analysis Tool
    • Completed Security Gap Analysis Tool

    Output

    • Information Security Strategy Communication Deck

    Materials

    • Information Security Strategy Communication Deck

    Participants

    • Security Team
    • IT Leadership

    Download the Information Security Gap Analysis Tool

    4.1.1 Customize the Communication Deck

    Estimated Time: 1-2 hours

    1. When reviewing the Information Security Strategy Communication Deck, you will find slides that contain instructions within green text boxes. Follow the instructions within the boxes, then delete the boxes.
      • Most slides only require that you copy and paste screenshots or tables from your tools into the slides.
      • However, some slides require that you customize or add text explanations that need to reflect your unique organization.
      • It is recommended that you pay attention to the Next Steps slide at the end of the deck. This will likely have a large impact on your audience.
    2. Once you have customized the existing slides, you may wish to add additional slides. For instance, you may wish to add more context to the risk assessment or pressure analysis diagrams or provide details on high-priority initiatives.

    An image showing the 'Business Goals Cascade,' part of the 'Information Security Strategy Communication Deck.' A green box on top of the screenshot instructs you to 'Paste your goals cascade from the Information Security Requirements Gathering Tool here.'

    Consider developing multiple versions of the deck for different audiences. Senior management may only want an executive summary, whereas the CIO may be more interested in the methodology used to develop the strategy.

    Communication considerations

    Developing an information security strategy is only half the job. For the strategy to be successful, you will need to garner support from key internal stakeholders. These may include the CIO, senior executives, and business leaders. Without their support, your strategy may never get the traction it needs. When building your communication deck and planning to present to these stakeholders, consider the following:

    • Gaining support from stakeholders requires understanding their needs. Before presenting to a new audience, carefully consider their priorities and tailor your presentation to address them.
    • Use the communication deck to clarify the business context and how your initiatives that will support business goals.
    • When presenting to senior stakeholders, anticipate what questions they might ask and be sure to prepare answers in advance. Always be prepared to speak to any data point within the deck.
    • If you are going to present your strategy to a group and you anticipate that one or more members of that group may be antagonistic, seek out an opportunity to speak to them before the meeting and address their concerns one on one.

    If you have already fully engaged your key stakeholders through the requirements gathering exercises, presenting the strategy will be significantly easier. The stakeholders will have already bought in to the business goals, allowing you to show how the security strategy supports those goals.

    Info-Tech Insight

    Reinforce the concept that a security strategy is an effort to enable the organization to achieve its core mission and goals and to protect the business only to the degree that the business demands. It is important that stakeholders understand this point.

    4.2 Develop a security charter

    Estimated Time: 1-3 hours

    1. As a group, review the Information Security Charter.
    2. Customize the template as required to reflect your information security program. It may include elements such as:
      • A mission and vision statement for information security in your organization
      • The objectives and scope of the security program
      • A description of the security principles upon which your program is built
      • High-level roles and responsibilities for information security within the organization

    Input

    • Completed Security Requirements Gathering Tool
    • Completed Security Pressure Analysis Tool
    • Completed Security Gap Analysis Tool

    Output

    • Information security charter

    Materials

    • Information Security Charter

    Participants

    • Security Team

    Download the Information Security Gap Analysis Tool

    4.2.1 Customize the Information Security Charter

    Estimated Time: 1-3 hours

    1. Involve the stakeholders that were present during Phase 1 activities to allow you to build a charter that is truly reflective of your organization.
    2. The purpose of the security charter is too:
      • Establish a mandate for information security within the organization.
      • Communicate executive commitment to risk and information security management.
      • Outline high-level responsibilities for information security within the organization.
      • Establish awareness of information security within the organization.

    A screenshot of the introduction of the 'Information Security Charter' template.

    A security charter is a formalized and defined way to document the scope and purpose of your security program. It will define security governance and allow it to operate efficiently through your mission and vision.

    4.3 Execute on your roadmap

    1. Executing on your information security roadmap will require coordinated effort by multiple teams within your organization. To ensure success, consider the following recommendations:
      1. If you have a project management office, leverage them to help apply formal project management methodologies to your initiatives.
      2. Develop a process to track the tasks on your strategy task list. Because these will not be managed as formal initiatives, it will be easy to lose track of them.
      3. Develop a schedule for regular reporting of progress on the roadmap to senior management. This will help hold yourself and others accountable for moving the project forward.
    2. Plan to review and update the strategy and roadmap on a regular basis. You may need to add, change, or remove initiatives as priorities shift.

    Input

    • Completed Security Gap Analysis Tool

    Output

    • Execution of your strategy and roadmap

    Materials

    • Information Security Gap Analysis Tool
    • Project management tools as required

    Participants

    • Security Team
    • Project Management Office
    • IT and Corporate Teams, as required

    Info-Tech Insight

    Info-Tech has many resources that can help you quickly and effectively implement most of your initiatives. Talk to your account manager to learn more about how we can help your strategy succeed.

    Summary of Accomplishment

    Knowledge Gained

    • Knowledge of organizational pressures and the drivers behind them
    • Insight into stakeholder goals and obligations
    • A defined security risk tolerance information and baseline
    • Comprehensive knowledge of security current state and summary initiatives required to achieve security objectives

    Deliverables Completed

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com
    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Information Security Program Gap Analysis Tool

    Use our best-of-breed security framework to perform a gap analysis between your current and target states.

    Information Security Requirements Gathering Tool

    Define the business, customer, and compliance alignment for your security program.

    Related Info-Tech Research

    Develop a Security Operations Strategy

    A unified security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes, addressing the increasing sophistication of cyberthreats, and guiding continuous improvement.

    This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

    Implement a Security Governance and Management Program

    Your security governance and management program needs to be aligned with business goals to be effective.

    This approach also helps to provide a starting point to develop a realistic governance and management program.

    This project will guide you through the process of implementing and monitoring a security governance and management program that prioritizes security while keeping costs to a minimum.

    Align Your Security Controls to Industry Frameworks for Compliance

    Don’t reinvent the wheel by reassessing your security program using a new framework.

    Instead, use the tools in this blueprint to align your current assessment outcomes to required standards.

    Bibliography

    “2015 Cost of Data Breach Study: United States.” Sponsored by IBM. Ponemon Institute, May 2015. Web.

    “2016 Cost of Cyber Crime Study & the Risk of Business Innovation.” Ponemon Institute, Oct. 2016. Web. 25 Oct. 2016.

    “2016 Cost of Data Breach Study: Global Analysis.” Ponemon Institute, June 2016. Web. 26 Oct. 2016.

    “2016 Data Breach Investigations Report.” Verizon, 2016. Web. 25 Oct. 2016.

    “2016 NowSecure Mobile Security Report.” NowSecure, 2016. Web. 5 Nov. 2016.

    “2017 Cost of Cyber Crime Study.” Ponemon Institute, Oct. 2017. Web.

    “2018 Cost of Data Breach Study: Global Overview.” Ponemon Institute, July 2018. Web.

    “2018 Data Breach Investigations Report.” Verizon, 2018. Web. Oct. 2019.

    “2018 Global State of Information Security Survey.” CSO, 2017. Web.

    “2018 Thales Data Threat Report.” Thales eSecurity, 2018. Web.

    “2019 Data Breach Investigations Report.” Verizon, 2020. Web. Feb. 2020.

    “2019 Global Cost of a Data Breach Study.” Ponemon Institute, Feb. 2020. Web.

    “2019 The Cost of Cyber Crime Study.” Accenture, 2019. Web Jan 2020.

    “2020 Thales Data Threat Report Global Edition.” Thales eSecurity, 2020. Web. Mar. 2020.

    Ben Salem, Malek. “The Cyber Security Leap: From Laggard to Leader.” Accenture, 2015. Web. 20 Oct. 2016.

    “Cisco 2017 Annual Cybersecurity Report.” Cisco, Jan. 2017. Web. 3 Jan. 2017.

    “Cyber Attack – How Much Will You Lose?” Hewlett Packard Enterprise, Oct. 2016. Web. 3 Jan. 2017.

    “Cyber Crime – A Risk You Can Manage.” Hewlett Packard Enterprise, 2016. Web. 3 Jan. 2017.

    “Global IT Security Risks Survey.” Kaspersky Lab, 2015. Web. 20 October 2016.

    “How Much Is the Data on Your Mobile Device Worth?” Ponemon Institute, Jan. 2016. Web. 25 Oct. 2016.

    “Insider Threat 2018 Report.” CA Technologies, 2018. Web.

    “Kaspersky Lab Announces the First 2016 Consumer Cybersecurity Index.” Press Release. Kaspersky Lab, 8 Sept. 2016. Web. 3 Jan. 2017.

    “Kaspersky Lab Survey Reveals: Cyberattacks Now Cost Large Businesses an Average of $861,000.” Press Release. Kaspersky Lab, 13 Sept. 2016. Web. 20 Oct. 2016.

    “Kaspersky Security Bulletin 2016.” Kaspersky Lab, 2016. Web. 25 Oct. 2016.

    “Managing Cyber Risks in an Interconnected World: Key Findings From the Global State of Information Security Survey 2015.” PwC, 30 Sept. 2014. Web.

    “Measuring Financial Impact of IT Security on Business.” Kaspersky Lab, 2016. Web. 25 Oct. 2016.

    “Ponemon Institute Releases New Study on How Organizations Can Leapfrog to a Stronger Cyber Security Posture.” Ponemon Institute, 10 Apr. 2015. Web. 20 Oct. 2016.

    “Predictions for 2017: ‘Indicators of Compromise’ Are Dead.” Kaspersky Lab, 2016. Web. 4 Jan. 2017.

    “Take a Security Leap Forward.” Accenture, 2015. Web. 20 Oct. 2016.

    “Trends 2016: (In)security Everywhere.” ESET Research Laboratories, 2016. Web. 25 Oct. 2016.

    Research Contributors

    • Peter Clay, Zeneth Tech Partners, Principal
    • Ken Towne, Zeneth Tech Partners, Security Architect
    • Luciano Siqueria, Road Track, IT Security Manager
    • David Rahbany, The Hain Celestial Group, Director IT Infrastructure
    • Rick Vadgama, Cimpress, Head of Information Privacy and Security
    • Doug Salah, Wabtec Corp, Manager of Information Security and IT Audit
    • Peter Odegard, Children’s Hospitals and Clinics, Information Security Officer
    • Trevor Butler, City of Lethbridge, Information Technology General Manager
    • Shane Callahan, Tractor Supply, Director of Information Security
    • Jeff Zalusky, Chrysalis, President/CEO
    • Candy Alexander, Independent Consultant, Cybersecurity and Information Security Executive
    • Dan Humbert, YMCA of Central Florida, Director of Information Technology
    • Ron Kirkland, Crawford & Co, Manager ICT Security & Customer Service
    • Jason Bevis – FireEye, Senior Director Orchestration Product Management - Office of the CTO
    • Joan Middleton, Village of Mount Prospect, IT Director
    • Jim Burns, Great America Financial Services, Vice President Information Technology
    • Ryan Breed, Hudson’s Bay, Information Security Analyst
    • James Fielder, Farm Credit Services – Central Illinois, Vice President of Information Systems

    Create a Holistic IT Dashboard

    • Buy Link or Shortcode: {j2store}117|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $8,049 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Performance Measurement
    • Parent Category Link: /performance-measurement
    • IT leaders do not have a single holistic view of how their 45 IT processes are operating.
    • Expecting any single individual to understand the details of all 45 IT processes is unrealistic.
    • Problems in performance only become evident when the process has already failed.

    Our Advice

    Critical Insight

    • Mature your IT department by measuring what matters.
    • Don’t measure things just because you can; change what you measure as your organization matures.

    Impact and Result

    • Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the 45 process areas and select those that apply to your organization.
    • Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
    • Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

    Create a Holistic IT Dashboard Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to develop your KPI program that leads to improved performance.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Choose the KPIs

    Identify the KPIs that matter to your organization’s goals.

    • Create a Holistic IT Dashboard – Phase 1: Choose the KPIs
    • IT Metrics Library

    2. Build the Dashboard

    Use the IT Management Dashboard on the Info-Tech website to display your chosen KPIs.

    • Create a Holistic IT Dashboard – Phase 2: Build the Dashboard

    3. Create the Action Plan

    Use the review of your KPIs to build an action plan to drive performance.

    • Create a Holistic IT Dashboard – Phase 3: Build the Action Plan
    [infographic]

    Workshop: Create a Holistic IT Dashboard

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify What to Measure (Offsite)

    The Purpose

    Determine the KPIs that matter to your organization.

    Key Benefits Achieved

    Identify organizational goals

    Identify IT goals and their organizational goal alignment

    Identify business pain points

    Activities

    1.1 Identify organizational goals.

    1.2 Identify IT goals and organizational alignment.

    1.3 Identify business pain points.

    Outputs

    List of goals and pain points to create KPIs for

    2 Configure the Dashboard Tool (Onsite)

    The Purpose

    Learn how to configure and use the IT Management Dashboard.

    Key Benefits Achieved

    Configured IT dashboard

    Initial IT scorecard report

    Activities

    2.1 Review metrics and KPI best practices.

    2.2 Use the IT Metrics Library.

    2.3 Select the KPIs for your organization.

    2.4 Use the IT Management Dashboard.

    Outputs

    Definition of KPIs to be used, data sources, and ownership

    Configured IT dashboard

    3 Review and Develop the Action Plan

    The Purpose

    Learn how to review and plan actions based on the KPIs.

    Key Benefits Achieved

    Lead KPI review to actions to improve performance

    Activities

    3.1 Create the scorecard report.

    3.2 Interpret the results of the dashboard.

    3.3 Use the IT Metrics Library to review suggested actions.

    Outputs

    Initial IT scorecard report

    Action plan with initial actions

    4 Improve Your KPIs (Onsite)

    The Purpose

    Use your KPIs to drive performance.

    Key Benefits Achieved

    Improve your metrics program to drive effectiveness

    Activities

    4.1 Develop your action plan.

    4.2 Execute the plan and tracking progress.

    4.3 Develop new KPIs as your practice matures.

    Outputs

    Understanding of how to develop new KPIs using the IT Metrics Library

    5 Next Steps and Wrap-Up (Offsite)

    The Purpose

    Ensure all documentation and plans are complete.

    Key Benefits Achieved

    Documented next steps

    Activities

    5.1 Complete IT Metrics Library documentation.

    5.2 Document decisions and next steps.

    Outputs

    IT Metrics Library

    Action plan

    Further reading

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Executive Brief

    Analyst Perspective

    Measurement alone provides only minimal improvements

    It’s difficult for CIOs and other top-level leaders of IT to know if everything within their mandate is being managed effectively. Gaining visibility into what’s happening on the front lines without micromanaging is a challenge most top leaders face.

    Understanding Info-Tech’s Management and Governance Framework of processes that need to be managed and being able to measure what’s important to their organization's success can give leaders the ability to focus on their key responsibilities of ensuring service effectiveness, enabling increased productivity, and creating the ability for their teams to innovate.

    Even if you know what to measure, the measurement alone will lead to minimal improvements. Having the right methods in place to systematically collect, review, and act on those measurements is the differentiator to driving up the maturity of your IT organization.

    The tools in this blueprint can help you identify what to measure, how to review it, and how to create effective plans to improve performance.

    Tony Denford

    Research Director, Info-Tech Research Group

    Executive Summary

    Your Challenge

    • IT leaders do not have a single holistic view of how their IT processes are operating.
    • Expecting any single individual to understand the details of all IT processes is unrealistic.
    • Problems in performance only become evident when the process has already failed.

    Common Obstacles

    • Business changes quickly, and what should be measured changes as a result.
    • Most measures are trailing indicators showing past performance.
    • Measuring alone does not result in improved performance.
    • There are thousands of operational metrics that could be measured, but what are the right ones for an overall dashboard?

    Info-Tech's Approach

    • Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the process areas and select those that apply to your organization.
    • Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
    • Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

    Info-Tech Insight

    Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

    Your challenge

    This research is designed to help organizations quickly choose holistic measures, review the results, and devise action plans.

    • The sheer number of possible metrics can be overwhelming. Choose metrics from our IT Metrics Library or choose your own, but always ensure they are in alignment with your organizational goals.
    • Ensure your dashboard is balanced across all 45 process areas that a modern CIO is responsible for.
    • Finding leading indicators to allow your team to be proactive can be difficult if your team is focused on the day-to-day operational tasks.
    • It can be time consuming to figure out what to do if an indicator is underperforming.

    Build your dashboard quickly using the toolset in this research and move to improvement actions as soon as possible.

    The image is a bar graph, titled KPI-based improvements. On the X-axis are four categories, each with one bar for Before KPIs and another for After KPIs. The categories are: Productivity; Fire Incidents; Request Response Time; and Savings.

    Productivity increased by 30%

    Fire/smoke incidents decreased by 25% (high priority)

    Average work request response time reduced by 64%

    Savings of $1.6 million in the first year

    (CFI, 2013)

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • What should be measured can change over time as your organization matures and the business environment changes. Understanding what creates business value for your organization is critical.
    • Organizations almost always focus on past result metrics. While this is important, it will not indicate when you need to adjust something until it has already failed.
    • It’s not just about measuring. You also need to review the measures often and act on the biggest risks to your organization to drive performance.

    Don’t get overwhelmed by the number of things you can measure. It can take some trial and error to find the measures that best indicate the health of the process.

    The importance of frequent review

    35% - Only 35% of governing bodies review data at each meeting. (Committee of University Chairs, 2008)

    Common obstacles

    Analysis paralysis

    Poor data can lead to incorrect conclusions, limit analysis, and undermine confidence in the value of your dashboard.

    Achieving perfect data is extremely time consuming and may not add much value. It can also be an excuse to avoid getting started with metrics and analytics.

    Data quality is a struggle for many organizations. Consider how much uncertainty you can tolerate in your analysis and what would be required to improve your data quality to an acceptable level. Consider cost, technological resources, people resources, and time required.

    Info-Tech Insight

    Analytics are only as good as the data that informs it. Aim for just enough data quality to make informed decisions without getting into analysis paralysis.

    Common obstacles

    The problem of surrogation

    Tying KPIs and metrics to performance often leads to undesired behavior. An example of this is the now infamous Wells Fargo cross-selling scandal, in which 3.5 million credit card and savings accounts were opened without customers’ consent when the company incented sales staff to meet cross-selling targets.

    Although this is an extreme example, it’s an all-too-common phenomenon.

    A focus on the speed of closure of tickets often leads to shortcuts and lower-quality solutions.

    Tying customer value to the measures can align the team on understanding the objective rather than focusing on the measure itself, and the team will no longer be able to ignore the impact of their actions.

    Surrogation is a phenomenon in which a measure of a behavior replaces the intent of the measure itself. People focus on achieving the measure instead of the behavior the measure was intended to drive.

    Info-Tech’s thought model

    The Threefold Role of the IT Executive Core CIO Objectives
    IT Organization - Manager A - Optimize the Effectiveness of the IT Organization
    Enterprise - Partner B - Boost the Productivity of the Enterprise
    Market - Innovator C - Enable Business Growth Through Technology

    Low-Maturity Metrics Program

    Trailing indicators measure the outcomes of the activities of your organization. Hopefully, the initiatives and activities are aligned with the organizational goals.

    High-Maturity Metrics Program

    The core CIO objectives align with the organizational goals, and teams define leading indicators that show progress toward those goals. KPIs are reviewed often and adjustments are made to improve performance based on the leading indicators. The results are improved outcomes, greater transparency, and increased predictability.

    The image is a horizontal graphic with multiple text boxes. The first (on the left) is a box that reads Organizational Goals, second a second box nested within it that reads Core CIO Objectives. There is an arrow pointing from this box to the right. The arrow connects to a text box that reads Define leading indicators that show progress toward objectives. To the right of that, there is a title Initiatives & activities, with two boxes beneath it: Processes and Projects. Below this middle section, there is an arrow pointing left, with the text: Adjust behaviours. After this, there is an arrow pointing right, to a box with the title Outcomes, and the image of an unlabelled bar graph.

    Info-Tech’s approach

    Adopt an iterative approach to develop the right KPIs for your dashboard

    Periodically: As appropriate, review the effectiveness of the KPIs and adjust as needed.

    Frequently: At least once per month, but the more frequent, the more agility your organization will have.

    The image shows a series of steps in a process, each connected by an arrow. The process is iterative, so the steps circle back on themselves, and repeat. The process begins with IT Metrics Library, then Choose or build KPIs, then Build Dashboard, then Review KPIs and Create action plan. Review KPIs and Create action plan are steps that the graphic indicates should be repeated, so the arrows are arranged in a circle around these two items. Following that, there is an additional step: Are KPIs and action plans leading to improved results? After this step, we return to the Choose or build KPIs step.

    The Info-Tech difference:

    1. Quickly identify the KPIs that matter to your organization using the IT Metrics Library.
    2. Build a presentable dashboard using the IT Management Dashboard available on the Info-Tech website.
    3. When indicators show underperformance, quickly get them back on track using the suggested research in the IT Metrics Library.
    4. If your organization’s needs are different, define your own custom metrics using the same format as the IT Metrics Library.
    5. Use the action plan tool to keep track of progress

    Info-Tech’s methodology for creating a holistic IT dashboard

    1. Choose the KPIs 2. Build the Dashboard 3. Create the Action Plan
    Phase Steps
    1. Review available KPIs
    2. Select KPIs for your organization
    3. Identify data sources and owners
    1. Understand how to use the IT Management Dashboard
    2. Build and review the KPIs
    1. Prioritize low-performing indicators
    2. Review suggested actions
    3. Develop your action plan
    Phase Outcomes A defined and documented list of the KPIs that will be used to monitor each of the practice areas in your IT mandate A configured dashboard covering all the practice areas and the ability to report performance in a consistent and visible way An action plan for addressing low-performing indicators

    Insight summary

    Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

    Don’t just measure things because you can. Change what you measure as your organization becomes more mature.

    Select what matters to your organization

    Measure things that will resolve pain points or drive you toward your goals.

    Look for indicators that show the health of the practice, not just the results.

    Review KPIs often

    Ease of use will determine the success of your metrics program, so keep it simple to create and review the indicators.

    Take action to improve performance

    If indicators are showing suboptimal performance, develop an action plan to drive the indicator in the right direction.

    Act early and often.

    Measure what your customers value

    Ensure you understand what’s valued and measure whether the value is being produced. Let front-line managers focus on tactical measures and understand how they are linked to value.

    Look for predictive measures

    Determine what action will lead to the desired result and measure if the action is being performed. It’s better to predict outcomes than react to them.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    IT Metrics Library

    Customize the KPIs for your organization using the IT Metrics Library

    IT Metrics Library Action Plan

    Keep track of the actions that are generated from your KPI review

    Key deliverable:

    IT Management Dashboard and Scorecard

    The IT Overall Scorecard gives a holistic view of the performance of each IT function

    Blueprint benefits

    IT Benefits

    • An IT dashboard can help IT departments understand how well they are performing against key indicators.
    • It can allow IT teams to demonstrate to their business partners the areas they are focusing on.
    • Regular review and action planning based on the results will lead to improved performance, efficiency, and effectiveness.
    • Create alignment of IT teams by focusing on common areas of performance.

    Business Benefits

    • Ensure alignment and transparency between the business and IT.
    • Understand the value that IT brings to the operation and strategic initiatives of your organization.
    • Understand the contribution of the IT team to achieving business outcomes.
    • Focus IT on the areas that are important to you by requesting new measures as business needs change.

    Measure the value of this blueprint

    Utilize the existing IT Metrics Library and IT Dashboard tools to quickly kick off your KPI program

    • Developing the metrics your organization should track can be very time consuming. Save approximately 120 hours of effort by choosing from the IT Metrics Library.
    • The need for a simple method to display your KPIs means either developing your own tool or buying one off the shelf. Use the IT Management Dashboard to quickly get your KPI program up and running. Using these tools will save approximately 480 hours.
    • The true value of this initiative comes from using the KPIs to drive performance.

    Keeping track of the number of actions identified and completed is a low overhead measure. Tracking time or money saved is higher overhead but also higher value.

    The image is a screen capture of the document titled Establish Baseline Metrics. It shows a table with the headings: Metric, Current, Goal.

    The image is a chart titled KPI benefits. It includes a legend indicating that blue bars are for Actions identified, purple bars are for Actions completed, and the yellow line is for Time/money saved. The graph shows Q1-Q4, indicating an increase in all areas across the quarters.

    Executive Brief Case Study

    Using data-driven decision making to drive stability and increase value

    Industry: Government Services

    Source: Info-Tech analyst experience

    Challenge

    A newly formed application support team with service desk responsibilities was becoming burned out due to the sheer volume of work landing on their desks. The team was very reactive and was providing poor service due to multiple conflicting priorities.

    To make matters worse, there was a plan to add a major new application to the team’s portfolio.

    Solution

    The team began to measure the types of work they were busy doing and then assessed the value of each type of work.

    The team then problem solved how they could reduce or eliminate their low-value workload.

    This led to tracking how many problems were being resolved and improved capabilities to problem solve effectively.

    Results

    Upon initial data collection, the team was performing 100% reactive workload. Eighteen months later slightly more than 80% of workload was proactive high-value activities.

    The team not only was able to absorb the additional workload of the new application but also identified efficiencies in their interactions with other teams that led to a 100% success rate in the change process and a 92% decrease in resource needs for major incidents.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 - Choose the KPIs

    Call #1: Scope dashboard and reporting needs.

    Call #2: Learn how to use the IT Metrics Library to select your metrics.

    Phase 2 – Build the Dashboard

    Call #3: Set up the dashboard.

    Call #4: Capture data and produce the report.

    Phase 3 – Create the Action Plan

    Call #5: Review the data and use the metrics library to determine actions.

    Call #6: Improve the KPIs you measure.

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Identify What to Measure Configure the Dashboard Tool Review and Develop the Action Plan Improve Your KPIs Compile Workshop Output
    Activities

    1.1 Identify organizational goals.

    1.2 Identify IT goals and organizational alignment.

    1.3 Identify business pain points.

    2.1 Determine metrics and KPI best practices.

    2.2 Learn how to use the IT Metrics Library.

    2.3 Select the KPIs for your organization.

    2.4 Configure the IT Management Dashboard.

    3.1 Create the scorecard report.

    3.2 Interpret the results of the dashboard.

    3.3 Use the IT Metrics Library to review suggested actions.

    4.1 Develop your action plan.

    4.2 Execute the plan and track progress.

    4.3 Develop new KPIs as your practice matures.

    5.1 Complete the IT Metrics Library documentation.

    5.2 Document decisions and next steps.

    Outcomes 1. List of goals and pain points that KPIs will measure

    1. Definition of KPIs to be used, data sources, and ownership

    2. Configured IT dashboard

    1. Initial IT scorecard report

    2. Action plan with initial actions

    1. Understanding of how to develop new KPIs using the IT Metrics Library

    1. IT Metrics Library documentation

    2. Action plan

    Phase 1

    Choose the KPIs

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Reviewing and selecting the KPIs suggested in the IT Metrics Library.

    Identifying the data source for the selected KPI and the owner responsible for data collection.

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 1.1

    Review Available KPIs

    Activities

    1.1.1 Download the IT Metrics Library and review the KPIs for each practice area.

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and owners

    This step will walk you through the following activities:

    Downloading the IT Metrics Library

    Understanding the content of the tool

    Reviewing the intended goals for each practice area

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    Downloaded tool ready to select the KPIs for your organization

    Using the IT Metrics Library

    Match the suggested KPIs to the Management and Governance Framework

    The “Practice” and “Process” columns relate to each of the boxes on the Info-Tech Management and Governance Framework. This ensures you are measuring each area that needs to be managed by a typical IT department.

    The image shows a table on the left, and on the right, the Info-Tech Management and Governance Structure. Sections from the Practice and Process columns of the table have arrows emerging from them, pointing to matching sections in the framework.

    Using the IT Metrics Library

    Content for each entry

    KPI - The key performance indicator to review

    CSF - What needs to happen to achieve success for each goal

    Goal - The goal your organization is trying to achieve

    Owner - Who will be accountable to collect and report the data

    Data Source (typical) - Where you plan to get the data that will be used to calculate the KPI

    Baseline/Target - The baseline and target for the KPI

    Rank - Criticality of this goal to the organization's success

    Action - Suggested action if KPI is underperforming

    Blueprint - Available research to address typical underperformance of the KPI

    Practice/Process - Which practice and process the KPI represents

    1.1.1 Download the IT Metrics Library

    Input

    • IT Metrics Library

    Output

    • Ideas for which KPIs would be useful to track for each of the practice areas

    Materials

    • Whiteboard/flip charts

    Participants

    • IT senior leadership
    • Process area owners
    • Metrics program owners and administrators

    4 hours

    1. Click the link below to download the IT Metrics Library spreadsheet.
    2. Open the file and select the “Data Entry” tab.
    3. The sheet has suggested KPIs for each of the 9 practice areas and 45 processes listed in the Info-Tech Management and Governance Framework. You can identify this grouping in the “Practice” and “Process” columns.
    4. For each practice area, review the suggested KPIs and their associated goals and discuss as a team which of the KPIs would be useful to track in your organization.

    Download the IT Metrics Library

    Step 1.2

    Select KPIs for Your Organization

    Activities

    1.2.1 Select the KPIs that will drive your organization forward

    1.2.2 Remove unwanted KPIs from the IT Metrics Library

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and Owners

    This step will walk you through the following activities:

    • Selecting the KPIs for your organization and removing unwanted KPIs from IT Metrics Library

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A shortlist of selected KPIs

    1.2.1 Select the KPIs that will drive your organization forward

    Input

    • IT Metrics Library

    Output

    • KPIs would be useful to track for each of the practice areas

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    4 hours

    1. Review the suggested KPIs for each practice area and review the goal.
    2. Some suggested KPIs are similar, so make sure the goal is appropriate for your organization.
    3. Pick up to three KPIs per practice.

    1.2.2 Remove unwanted KPIs

    Input

    • IT Metrics Library

    Output

    • KPIs would be useful to track for each of the practice areas

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    0.5 hours

    1. To remove unwanted KPIs from the IT Metric Library Tool, select the unwanted row, right-click on the row, and delete it.
    2. The result should be up to three KPIs per practice area left on the spreadsheet.

    Step 1.3

    Identify data sources and owners

    Activities

    1.3.1 Document the data source

    1.3.2 Document the owner

    1.3.3 Document baseline and target

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and Owners

    This step will walk you through the following activities:

    Documenting for each KPI where you plan to get the data, who is accountable to collect and report the data, what the current baseline is (if available), and what the target is

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A list of KPIs for your organization with appropriate attributes documented

    1.3 Identify data sources, owners, baseline, and target

    Input

    • IT Metrics Library

    Output

    • Completed IT Metrics Library

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators

    2 hours

    1. For each selected KPI, complete the owner, data source, baseline, and target if the information is available.
    2. If the information is not available, document the owner and assign them to complete the other columns.

    Phase 2

    Build the Dashboard

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Understanding the IT Management Dashboard

    Configuring the IT Management Dashboard and entering initial measures

    Produce thing IT Scorecard from the IT Management Dashboard

    Interpreting the results

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 2.1

    Understand the IT Management Dashboard

    Activities

    2.1.1 Logging into the IT Management Dashboard

    2.1.2 Understanding the “Overall Scorecard” tab

    2.1.3 Understanding the “My Metrics” tab

    Build the Dashboard

    Step 2.1 – Understand the IT Management Dashboard

    Step 2.2 – Build and review the KPIs

    This step will walk you through the following activities:

    Accessing the IT Management Dashboard

    Basic functionality of the tool

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    Understanding of how to administer the IT Management Dashboard

    2.1.1 Logging into the IT Management Dashboard

    Input

    • Info-Tech membership

    Output

    • Access to the IT Management Dashboard

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    0.5 hours

    1. Using your web browser, access your membership at infotech.com.
    2. Log into your Info-Tech membership account.
    3. Select the “My IT Dashboard” option from the menu (circled in red).
    4. If you cannot gain access to the tool, contact your membership rep.

    The image is a screen capture of the Info-Tech website, with the Login button at the top right of the window circled in red.

    2.1.2 Understanding the “Overall Scorecard” tab

    0.5 hours

    1. Once you select “My IT Dashboard,” you will be in the “Overall Scorecard” tab view.
    2. Scrolling down reveals the data entry form for each of the nine practice areas in the Info-Tech Management and Governance Framework, with each section color-coded for easy identification.
    3. Each of the section headers, KPI names, data sources, and data values can be updated to fit the needs of your organization.
    4. This view is designed to show a holistic view of all areas in IT that are being managed.

    2.1.3 Understanding the “My Metrics” tab

    0.5 hours

    1. On the “My Metrics” tab you can access individual scorecards for each of the nine practice areas.
    2. Below the “My Metrics” tab is each of the nine practice areas for you to select from. Each shows a different subset of KPIs specific to the practice.
    3. The functionality of this view is the same as the overall scorecard. Each title, KPI, description, and actuals are editable to fit your organization’s needs.
    4. This blueprint does not go into detail on this tab, but it is available to be used by practice area leaders in the same way as the overall scorecard.

    Step 2.2

    Build and review the KPIs

    Activities

    2.2.1 Entering the KPI descriptions

    2.2.2 Entering the KPI actuals

    2.2.3 Producing the IT Overall Scorecard

    Build the Dashboard

    Step 2.1 – Understand the IT Management Dashboard

    Step 2.2 – Build and review the KPIs

    This step will walk you through the following activities:

    Entering the KPI descriptions

    Entering the actuals for each KPI

    Producing the IT Overall Scorecard

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An overall scorecard indicating the selected KPI performance

    2.2.1 Entering the KPI descriptions

    Input

    • Access to the IT Management Dashboard
    • IT Metrics Library with your organization’s KPIs selected

    Output

    • KPI descriptions entered into tool

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    1 hour

    1. Navigate to the IT Management Dashboard as described in section 2.1.1 and scroll down to the practice area you wish to complete.
    2. If needed, modify the section name to match your organization’s needs.
    3. Select “Add another score.”

    2.2.1 Entering the KPI descriptions

    1 hour

    1. Select if your metric is a custom metric or a standard metric available from one of the Info-Tech diagnostic tools.
    2. Enter the metric name you selected from the IT Metrics Library.
    3. Select the value type.
    4. Select the “Add Metric” button.
    5. The descriptions only need to be entered when they change.

    Example of a custom metric

    The image is a screen capture of the Add New Metric function. The metric type selected is Custom metric, and the metric name is Employee Engagement. There is a green Add Metric button, which is circled in red.

    Example of a standard metric

    The image is a screen capture of the Add New Metric function. The metric type selected is Standard Metric. The green Add Metric button at the bottom is circled in red.

    2.2.2 Entering the KPI actuals

    Input

    • Actual data from each data source identified

    Output

    • Actuals recorded in tool

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    1 hour

    1. Select the period you wish to create a scorecard for by selecting “Add New Period” or choosing one from the drop-down list.
    2. For each KPI on your dashboard, collect the data from the data source and enter the actuals.
    3. Select the check mark (circled) to save the data for the period.

    The image is a screen capture of the My Overall Scorecard Metrics section, with a button at the bottom that reads Add New Period circled in red

    The image has the text People and Resources at the top. It shows data for the KPI, and there is a check mark circled in red.

    2.2.3 Producing the IT Overall Scorecard

    Input

    • Completed IT Overall Scorecard data collection

    Output

    • IT Overall Scorecard

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    0.5 hours

    1. Select the period you wish to create a scorecard for by selecting from the drop-down list.
    2. Click the “Download as PDF” button to produce the scorecard.
    3. Once the PDF is produced it is ready for review or distribution.

    Phase 3

    Create the Action Plan

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Prioritizing low-performing indicators

    Using the IT Metrics Library to review suggested actions

    Developing your team’s action plan to improve performance

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 3.1

    Prioritize low-performing indicators

    Activities

    3.1.1 Determine criteria for prioritization

    3.1.2 Identify low-performing indicators

    3.1.3 Prioritize low-performing indicators

    Create the action plan

    Step 3.1 – Prioritize low-performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Determining the criteria for prioritization of low-performing indicators

    Identifying low-performing indicators

    Prioritizing the low-performing indicators

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A prioritized list of low-performing indicators that need remediation

    3.1.1 Determine criteria for prioritization

    Often when metrics programs are established, there are multiple KPIs that are not performing at the desired level. It’s easy to expect the team to fix all the low-performing indicators, but often teams are stretched and have conflicting priorities.

    Therefore it’s important to spend some time to prioritize which of your indicators are most critical to the success of your business.

    Also consider, if one area is performing well and others have multiple poor indicators, how do you give the right support to optimize the results?

    Lastly, is it better to score slightly lower on multiple measures or perfect on most but failing badly on one or two?

    3.1.1 Determine criteria for prioritization

    Input

    • Business goals and objectives
    • IT goals and objectives
    • IT organizational structure

    Output

    • Documented scorecard remediation prioritization criteria

    Materials

    • Whiteboard or flip charts

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    1 hour

    1. Identify any KPIs that are critical and cannot fail without high impact to your organization.
    2. Identify any KPIs that cannot fail for an extended period and document the time period.
    3. Rank the KPIs from most critical to least critical in the IT Metrics Library.
    4. Look at the owner accountable for the performance of each KPI. If there are any large groups, reassess the ownership or rank.
    5. Periodically review the criteria to see if they’re aligned with meeting current business goals.

    3.1.2 Identify low-performing indicators

    Input

    • Overall scorecard
    • Overall scorecard (previous period)
    • IT Metrics Library

    Output

    • List of low-performing indicators that need remediation
    • Planned actions to improve performance

    Materials

    • Whiteboard or flip charts

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    1 hour

    1. Review the overall scorecard for the current period. List any KPIs that are not meeting the target for the current month in the “Action Plan” tab of the IT Metrics Library.
    2. Compare current month to previous month. List any KPIs that are moving away from the long-term target documented in the tool IT Metrics Library.
    3. Revise the target in the IT Metrics Library as business needs change.

    3.1.3 Prioritize low-performing indicators

    Input

    • IT Metrics Library

    Output

    • Prioritized list of planned actions for low-performing indicators

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    1 hour

    1. Look through the list of new and outstanding planned actions in the “Action Plan” tab of the IT Metrics Library, review progress, and prioritize outstanding items.
    2. Compare the list that needs remediation with the rank in the data entry tab.
    3. Adjust the priority of the outstanding and new actions to reflect the business needs.

    Step 3.2

    Review suggested actions

    Activities

    3.2.1 Review suggested actions in the IT Metrics Library

    Create the Action Plan

    Step 3.1 – Prioritize low-performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Reviewing the suggested actions in the IT Metrics Library

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An idea of possible suggested actions

    Take Action

    Knowing where you are underperforming is only half the battle. You need to act!

    • So far you have identified which indicators will tell you whether or not your team is performing and which indicators are most critical to your business success.
    • Knowing is the first step, but things will not improve without some kind of action.
    • Sometimes the action needed to course-correct is small and simple, but sometimes it is complicated and may take a long time.
    • Utilize the diverse ideas of your team to find solutions to underperforming indicators.
    • If you don’t have a viable simple solution, leverage the IT Metrics Library, which suggests high-level action needed to improve each indicator. If you need additional information, use your Info-Tech membership to review the recommended research.

    3.2.1 Review suggested actions in the IT Metrics Library

    Input

    • IT Metrics Library

    Output

    • Suggested actions

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each of your low-performing indicators, review the suggested action and related research in the IT Metrics Library.

    Step 3.3

    Develop the action plan

    Activities

    3.3.1 Document planned actions

    3.3.2 Assign ownership of actions

    3.3.3 Determine timeline of actions

    3.3.4 Review past action status

    Create the action plan

    Step 3.1 – Prioritize low- performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Using the action plan tool to document the expected actions for low-performing indicators

    Assigning an owner and expected due date for the action

    Reviewing past action status for accountability

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An action plan to invoke improved performance

    3.3.1 Document planned actions

    Input

    • IT Metrics Library

    Output

    • Planned actions

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    1 hour

    1. Decide on the action you plan to take to bring the indicator in line with expected performance and document the planned action in the “Action Plan” tab of the IT Metrics Library.

    Info-Tech Insight

    For larger initiatives try to break the task down to what is likely manageable before the next review. Seeing progress can motivate continued action.

    3.3.2 Assign ownership of actions

    Input

    • IT Metrics Library

    Output

    • Identified owners for each action

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each unassigned task, assign clear ownership for completion of the task.
    2. The task owner should be the person accountable for the task.

    Info-Tech Insight

    Assigning clear ownership can promote accountability for progress.

    3.3.3 Determine timeline of actions

    Input

    • IT Metrics Library

    Output

    • Expected timeline for each action

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each task, agree on an estimated target date for completion.

    Info-Tech Insight

    If the target completion date is too far in the future, break the task into manageable chunks.

    3.3.4 Review past action status

    Input

    • IT Metrics Library

    Output

    • Complete action plan for increased performance

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each task, review the progress since last review.
    2. If desired progress is not being made, adjust your plan based on your organizational constraints.

    Info-Tech Insight

    Seek to understand the reasons that tasks are not being completed and problem solve for creative solutions to improve performance.

    Measure the value of your KPI program

    KPIs only produce value if they lead to action

    • Tracking the performance of key indicators is the first step, but value only comes from taking action based on this information.
    • Keep track of the number of action items that come out of your KPI review and how many are completed.
    • If possible, keep track of the time or money saved through completing the action items.

    Keeping track of the number of actions identified and completed is a low overhead measure.

    Tracking time or money saved is higher overhead but also higher value.

    The image is a chart titled KPI benefits. It includes a legend indicating that blue bars are for Actions identified, purple bars are for Actions completed, and the yellow line is for Time/money saved. The graph shows Q1-Q4, indicating an increase in all areas across the quarters.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    1. Identifying actions needed to remediate poor-performing KPIs
    2. Associating time and/or money savings as a result of actions taken
    Metric Current Goal
    Number of actions identified per month as a result of KPI review 0 TBD
    $ saved through actions taken due to KPI review 0 TBD
    Time saved through actions taken due to KPI review 0 TBD

    Summary of Accomplishment

    Problem Solved

    Through this project we have identified typical key performance indicators that are important to your organization’s effective management of IT.

    You’ve populated the IT Management Dashboard as a simple method to display the results of your selected KPIs.

    You’ve also established a regular review process for your KPIs and have a method to track the actions that are needed to improve performance as a result of the KPI review. This should allow you to hold individuals accountable for improvement efforts.

    You can also measure the effectiveness of your KPI program by tracking how many actions are identified as a result of the review. Ideally you can also track the money and time savings.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech Workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Select the KPIs for your organization

    Examine the benefits of the KPIs suggested in the IT Metrics Library and help selecting those that will drive performance for your maturity level.

    Build an action plan

    Discuss options for identifying and executing actions that result from your KPI review. Determine how to set up the discipline needed to make the most of your KPI review program.

    Research Contributors and Experts

    Valence Howden

    Principal Research Director, CIO – Service Management Info-Tech Research Group

    • Valence has extensive experience in helping organizations be successful through optimizing how they govern themselves, how they design and execute strategies, and how they drive service excellence in all work.

    Tracy-Lynn Reid

    Practice Lead, CIO – People & Leadership Info-Tech Research Group

    • Tracy-Lynn covers key topics related to People & Leadership within an information technology context.

    Fred Chagnon

    Practice Lead, Infrastructure & Operations Info-Tech Research Group

    • Fred brings extensive practical experience in all aspects of enterprise IT Infrastructure, including IP networks, server hardware, operating systems, storage, databases, middleware, virtualization and security.

    Aaron Shum

    Practice Lead, Security, Risk & Compliance Info-Tech Research Group

    • With 20+ years of experience across IT, InfoSec, and Data Privacy, Aaron currently specializes in helping organizations implement comprehensive information security and cybersecurity programs as well as comply with data privacy regulations.

    Cole Cioran

    Practice Lead, Applications and Agile Development Info-Tech Research Group

    • Over the past twenty-five years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.

    Barry Cousins

    Practice Lead, Applications – Project and Portfolio Mgmt. Info-Tech Research Group

    • Barry specializes in Project Portfolio Management, Help/Service Desk, and Telephony/Unified Communications. He brings an extensive background in technology, IT management, and business leadership.

    Jack Hakimian

    Vice President, Applications Info-Tech Research Group

    • Jack has close to 25 years of Technology and Management Consulting experience. He has served multi-billion-dollar organizations in multiple industries, including Financial Services and Telecommunications. Jack also served several large public sector institutions.

    Vivek Mehta

    Research Director, CIO Info-Tech Research Group

    • Vivek publishes on topics related to digital transformation and innovation. He is the author of research on Design a Customer-Centric Digital Operating Model and Create Your Digital Strategy as well as numerous keynotes and articles on digital transformation.

    Carlos Sanchez

    Practice Lead, Enterprise Applications Info-Tech Research Group

    • Carlos has a breadth of knowledge in enterprise applications strategy, planning, and execution.

    Andy Neill

    Practice Lead, Enterprise Architecture, Data & BI Info-Tech Research Group

    • Andy has extensive experience in managing technical teams, information architecture, data modeling, and enterprise data strategy.

    Michael Fahey

    Executive Counselor Info-Tech Research Group

    • As an Executive Counselor, Mike applies his decades of business experience and leadership, along with Info-Tech Research Group’s resources, to assist CIOs in delivering outstanding business results.

    Related Info-Tech Research

    Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

    • Reinforce service orientation in your IT organization by ensuring your IT metrics generate value-driven resource behavior.

    Use Applications Metrics That Matter

    • It all starts with quality and customer satisfaction.

    Take Control of Infrastructure Metrics

    • Master the metrics maze to help make decisions, manage costs, and plan for change.

    Bibliography

    Bach, Nancy. “How Often Should You Measure Your Organization's KPIs?” EON, 26 June 2018. Accessed Jan. 2020.

    “The Benefits of Tracking KPIs – Both Individually and for a Team.” Hoopla, 30 Jan. 2017. Accessed Jan. 2020.

    Chepul, Tiffany. “Top 22 KPI Examples for Technology Companies.” Rhythm Systems, Jan. 2020. Accessed Jan. 2020.

    Cooper, Larry. “CSF's, KPI's, Metrics, Outcomes and Benefits” itSM Solutions. 5 Feb. 2010. Accessed Jan 2020.

    “CUC Report on the implementation of Key Performance Indicators: case study experience.” Committee of University Chairs, June 2008. Accessed Jan 2020.

    Harris, Michael, and Bill Tayler. “Don’t Let Metrics Undermine Your Business.” HBR, Sep.–Oct 2019. Accessed Jan. 2020.

    Hatari, Tim. “The Importance of a Strong KPI Dashboard.” TMD Coaching. 27 Dec. 2018. Accessed Jan. 2020.

    Roy, Mayu, and Marian Carter. “The Right KPIs, Metrics for High-performing, Cost-saving Space Management.” CFI, 2013. Accessed Jan 2020.

    Schrage, Michael, and David Kiron. “Leading With Next-Generation Key Performance Indicators.” MIT Sloan Management Review, 26 June 2018. Accessed Jan. 2020.

    Setijono, Djoko, and Jens J. Dahlgaard. “Customer value as a key performance indicator (KPI) and a key improvement indicator (KII)” Emerald Insight, 5 June 2007. Accessed Jan 2020.

    Skinner, Ted. “Balanced Scorecard KPI Examples: Comprehensive List of 183 KPI Examples for a Balanced Scorecard KPI Dashboard (Updated for 2020).” Rhythm Systems, Jan. 2020. Accessed Jan 2020.

    Wishart, Jessica. “5 Reasons Why You Need The Right KPIs in 2020” Rhythm Systems, 1 Feb. 2020. Accessed Jan. 2020.

    Become a Transformational CIO

    • Buy Link or Shortcode: {j2store}86|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • Business transformations are happening, but CIOs are often involved only when it comes time to implement change. This makes it difficult for the CIO to be perceived as an organizational leader.
    • CIOs find it difficult to juggle operational activities, strategic initiatives, and involvement in business transformation.
    • CIOs don’t always have the IT organization structured and mobilized in a manner that facilitates the identification of transformation opportunities, and the planning for and the implementation of organization-wide change.

    Our Advice

    Critical Insight

    • Don’t take an ad hoc approach to transformation.
    • You’re not in it alone.
    • Your legacy matters

    Impact and Result

    • Elevate your stature as a business leader.
    • Empower the IT organization to act with a business mind first, and technology second.
    • Create a high-powered IT organization that is focused on driving lasting change, improving client experiences, and encouraging collaboration across the entire enterprise.
    • Generate opportunities for organizational growth, as manifested through revenue growth, profit growth, new market entry, new product development, etc.

    Become a Transformational CIO Research & Tools

    Start here – read the Executive Brief

    Read our Executive Brief to find out why you should undergo an evolution in your role as a business leader, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Are you ready to lead transformation?

    Determine whether you are ready to focus your attention on evolving your role.

    • Become a Transformational CIO – Phase 1: Are You Ready to Lead Transformation?

    2. Build business partnerships

    Create a plan to establish key business partnerships and position IT as a co-leader of transformation.

    • Become a Transformational CIO – Phase 2: Build Business Partnerships
    • Partnership Strategy Template

    3. Develop the capability to transform

    Mobilize the IT organization and prepare for the new mandate.

    • Become a Transformational CIO – Phase 3: Develop the Capability to Transform
    • Transformation Capability Assessment

    4. Shift IT’s focus to the customer

    Align IT with the business through a direct, concentrated focus on the customer.

    • Become a Transformational CIO – Phase 4: Shift IT’s Focus to the Customer
    • Transformational CIO Value Stream Map Template
    • Transformational CIO Business Capability Map Template

    5. Adopt a transformational approach to leadership

    Determine the key behaviors necessary for transformation success and delegate effectively to make room for new responsibilities.

    • Become a Transformational CIO – Phase 5: Adopt a Transformational Approach to Leadership
    • Office of the CIO Template

    6. Sustain the transformational capability

    Track the key success metrics that will help you manage transformation effectively.

    • Become a Transformational CIO – Phase 6: Sustain the Transformational Capability
    • Transformation Dashboard
    [infographic]

    Workshop: Become a Transformational CIO

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Determine Readiness to Become a Transformational CIO

    The Purpose

    Understand stakeholder and executive perception of the CIO’s performance and leadership.

    Determine whether the CIO is ready to lead transformation.

    Key Benefits Achieved

    Decision to evolve role or address areas of improvement as a pre-requisite to becoming a transformational CIO.

    Activities

    1.1 Select data collection techniques.

    1.2 Conduct diagnostic programs.

    1.3 Review results and define readiness.

    Outputs

    Select stakeholder and executive perception of the CIO

    Decision as to whether to proceed with the role evolution

    2 Build Business Partnerships

    The Purpose

    Identify potential business partners and create a plan to establish key partnerships.

    Key Benefits Achieved

    An actionable set of initiatives that will help the CIO create valuable partnerships with internal or external business stakeholders.

    Activities

    2.1 Identify potential business partners.

    2.2 Evaluate and prioritize list of potential partners.

    2.3 Create a plan to establish the target partnerships.

    Outputs

    Partnership strategy

    3 Establish IT’s Ability to Transform

    The Purpose

    Make the case and plan for the development of key capabilities that will enable the IT organization to handle transformation.

    Key Benefits Achieved

    A maturity assessment of critical capabilities.

    A plan to address maturity gaps in preparation for a transformational mandate.

    Activities

    3.1 Define transformation as a capability.

    3.2 Assess the current and target transformation capability maturity.

    3.3 Develop a roadmap to address gaps.

    Outputs

    Transformation capability assessment

    Roadmap to develop the transformation capability

    4 Shift IT’s Focus to the Customer

    The Purpose

    Gain an understanding of the end customer of the organization.

    Key Benefits Achieved

    A change in IT mindset away from a focus on operational activities or internal customers to external customers.

    A clear understanding of how the organization creates and delivers value to customers.

    Opportunities for business transformation.

    Activities

    4.1 Analyze value streams that impact the customer.

    4.2 Map business capabilities to value streams.

    Outputs

    Value stream maps

    Business capability map

    5 Establish Transformation Leadership and Sustain the Capability

    The Purpose

    Establish a formal process for empowering employees and developing new leaders.

    Create a culture of continuous improvement and a long-term focus.

    Key Benefits Achieved

    Increased ability to sustain momentum that is inherent to business transformations.

    Better strategic workforce planning and a clearer career path for individuals in IT.

    A system to measure IT’s contribution to business transformation.

    Activities

    5.1 Set the structure for the office of the CIO.

    5.2 Assess current leadership skills and needs.

    5.3 Spread a culture of self-discovery.

    5.4 Maintain the transformation capability.

    Outputs

    OCIO structure document

    Transformational leadership dashboard

    Learn the right way to manage metrics

    • Parent Category Name: Improve Your Processes
    • Parent Category Link: /improve-your-processes

    Learn to use metrics in the right way. Avoid staff (subconciously) gaming the numbers, as it is only natural to try to achieve the objective. This is really a case of be careful what you wish for, you may just get it.

    Register to read more …

    Develop a Master Data Management Practice and Platform

    • Buy Link or Shortcode: {j2store}401|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $27,416 Average $ Saved
    • member rating average days saved: 15 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • The volume of enterprise data is growing rapidly and comes from a wide variety of internal and external data sources (e.g. ERP, CRM). When data is located in different systems and applications, coupled with degradation and proliferation, this can lead to inaccurate, inconsistent, and redundant data being shared across departments within an organization.
    • Data kept in separate soiled sources can result in poor stakeholder decision making and inefficient business processes. Some common master data problems include:
      • The lack of a clean customer list results in poor customer service.
      • Hindering good analytics and business predictions, such as incorrect supply chain decisions when having duplicate product and vendor data between plants.
      • Creating cross-group consolidated reports from inconsistent local data that require too much manual effort and resources.

    Our Advice

    Critical Insight

    • Everybody has master data (e.g. customer, product) but not master data problems (e.g. duplicate customers and products). MDM is complex in practice and requires investments in data governance, data architecture, and data strategy. Identifying business outcomes based on quality master data is essential before you pull the trigger on an MDM solution.

    Impact and Result

    This blueprint can help you:

    • Build a list of business-aligned data initiatives and capabilities that address master data problem and realize business strategic objectives.
    • Design a master data management practice based on the required business and data process.
    • Design a master data management platform based on MDM implementation style and prioritized technical capabilities.

    Develop a Master Data Management Practice and Platform Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop a Master Data Management Practice and Platform Deck – A clear blueprint that provides a step-by-step approach to aid in the development of your MDM practice and platform.

    This blueprint will help you achieve a single view of your most important data assets by following our two-phase methodology:

  • Build a vision for MDM
  • Build an MDM practice and platform
    • Develop a Master Data Management Practice and Platform – Phases 1-2

    2. Master Data Management Readiness Assessment Tool – A tool to help you make the decision to stop the MDM project now or to continue the path to MDM.

    This tool will help you determine if your organization has a master data problem and if an MDM project should be undertaken.

    • Master Data Management Readiness Assessment Tool

    3. Master Data Management Business Needs Assessment Tool – A tool to help you identify and document the various data sources in the organization and determine which data should be classified as master data.

    The tool will help you identify the sources of data within the business unit and use the typical properties of master data to determine which data should be classified as master data.

    • Master Data Management Business Needs Assessment Tool

    4. Master Data Management Business Case Presentation Template – A template to communicate MDM basics, benefits, and approaches to obtain business buy-in for the MDM project.

    The template will help you communicate your organization's specific pains surrounding poor management of master data and identify and communicate the benefits of effective MDM. Communicate Info-Tech's approach for creating an effective MDM practice and platform.

    • Master Data Management Business Case Presentation Template

    5. Master Data Management Project Charter Template – A template to centralize the critical information regarding to objectives, staffing, timeline, and expected outcome of the project.

    The project charter will help you document the project sponsor of the project. Identify purpose, goals, and objectives. Identify the project risks. Build a cross-functional project team and assign responsibilities. Define project team expectations and meeting frequency. Develop a timeline for the project with key milestones. Identify metrics for tracking success. Receive approval for the project.

    • Master Data Management Project Charter Template

    6. Master Data Management Architecture Design Template – An architecture design template to effectively document the movement of data aligned with the business process across the organization.

    This template will assist you:

  • Document the current state and achieve a common understanding of the business process and movement of data across the company.
  • Identify the source of master data and what other systems will contribute to the MDM system.
  • Document the target architectural state of the organization.
    • Master Data Management Architecture Design Template

    7. Master Data Management Practice Pattern Template – Pre-built practice patterns to effectively define the key services and outputs that must be delivered by establishing core capabilities, accountabilities, roles, and governance for the practice.

    The master data management practice pattern describes the core capabilities, accountabilities, processes, essential roles, and the elements that provide oversight or governance of the practice, all of which are required to deliver on high value services and deliverables or output for the organization.

    • Master Data Management Practice Pattern Template

    8. Master Data Management Platform Template – A pre-built platform template to illustrate the organization’s data environment with MDM and the value MDM brings to the organization.

    This template will assist you:

  • Establish an understanding of where MDM fits in an organization’s overall data environment.
  • Determine the technical capabilities that is required based on organization’s data needs for your MDM implementation.
    • Master Data Management Platform Template

    Infographic

    Workshop: Develop a Master Data Management Practice and Platform

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Develop a Vision for the MDM Project

    The Purpose

    Identification of MDM and why it is important.

    Differentiate between reference data and master data.

    Discuss and understand the key challenges and pains felt by the business and IT with respect to master data, and identify the opportunities MDM can provide to the business.

    Key Benefits Achieved

    Identification of what is and is not master data.

    Understand the value of MDM and how it can help the organization better monetize its data.

    Knowledge of how master data can benefit both IT and the business.

    Activities

    1.1 Establish business context for master data management.

    1.2 Assess the value, benefits, challenges, and opportunities associated with MDM.

    1.3 Develop the vision, purpose, and scope of master data management for the business.

    1.4 Identify MDM enablers.

    1.5 Interview business stakeholders.

    Outputs

    High-level data requirements

    Identification of business priorities

    Project vision and scope

    2 Document the Current State

    The Purpose

    Recognize business drivers for MDM.

    Determine where master data lives and how this data moves within the organization.

    Key Benefits Achieved

    Streamline business process, map the movement of data, and achieve a common understanding across the company.

    Identify the source of master data and what other systems will contribute to the MDM system.

    Activities

    2.1 Evaluate the risks and value of critical data.

    2.2 Map and understand the flow of data within the business.

    2.3 Identify master data sources and users.

    2.4 Document the current architectural state of the organization.

    Outputs

    Data flow diagram with identified master data sources and users

    Business data glossary

    Documented current data state.

    3 Document the Target State

    The Purpose

    Document the target data state of the organization surrounding MDM.

    Identify key initiatives and metrics.

    Key Benefits Achieved

    Recognition of four MDM implementation styles.

    Identification of key initiatives and success metrics.

    Activities

    3.1 Document the target architectural state of the organization.

    3.2 Develop alignment of initiatives to strategies.

    3.3 Consolidate master data management initiatives and strategies.

    3.4 Develop a project timeline and define key success measures.

    Outputs

    Documented target state surrounding MDM.

    Data and master data management alignment and strategies

    4 Develop an MDM Practice and Platform

    The Purpose

    Get a clear picture of what the organization wants to get out of MDM.

    Identify master data management capabilities, accountabilities, process, roles, and governance.

    Key Benefits Achieved

    Prioritized master data management capabilities, accountabilities, process, roles, and governance.

    Activities

    4.1 Identify master data management capabilities, roles, process, and governance.

    4.2 Build a master data management practice and platform.

    Outputs

    Master Data Management Practice and Platform

    Further reading

    Develop a Master Data Management Practice and Platform

    Are you sure you have a master data problem?

    Analyst Perspective

    The most crucial and shared data assets inside the firm must serve as the foundation for the data maturing process. This is commonly linked to your master data (such as customers, products, employees, and locations). Every organization has master data, but not every organization has a master data problem.

    Don't waste time or resources before determining the source of your master data problem. Master data issues are rooted in the business practices of your organization (such as mergers and acquisitions and federated multi-geographic operations). To address this issue, you will require a master data management (MDM) solution and the necessary architecture, governance, and support from very senior champions to ensure the long-term success of your MDM initiative. Approaching MDM with a clear blueprint that provides a step-by-step approach will aid in the development of your MDM practice and platform.

    Ruyi Sun

    Ruyi Sun
    Research Specialist
    Data & Analytics Practice
    Info-Tech Research Group

    Rajesh Parab

    Rajesh Parab
    Research Director
    Data & Analytics Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    Your organization is experiencing data challenges, including:

    • Too much data volume, variety, and velocity, from more and more sources.
    • Duplicate and disorganized data across multiple systems and applications.
    • Master data is pervasive throughout the business and is often created and captured in highly disparate sources that often are not easily shared across business units and applications.

    MDM is useful in situations such as a business undergoing a merger or acquisition, where a unique set of master data needs to be created to act as a single source of truth. However, having a unified view of the definitions and systems of record for the most critical data in your organization can be difficult to achieve. An organization might experience some pain points:

    • Failure to identify master data problem and organization’s data needs.
    • Conflicting viewpoints and definitions of data assets across business units.
    • Recognize common business operating models or strategies with master data problems.
    • Identify the organization’s problem and needs out of its master data and align to strategic business needs.
    • Define the architecture, governance, and support.
    • Create a practice and platform for the organization’s MDM program.

    Info-Tech Insight

    Everybody has master data (e.g. customer, product) but not a master data problem (e.g. duplicate customers and products). MDM is complex in practice and requires investments in data governance, data architecture, and data strategy. Identifying business outcomes based on quality master data is essential before you pull the trigger on an MDM solution.

    What is master data and master data management?

    • Master data domains include the most important data assets of an organization. For this data to be used across an enterprise in consistent and value-added ways, the data must be properly managed. Some common master data entities include customer, product, and employees.
    • Master data management (MDM) is the control over master data values to enable consistent, shared, contextual use across systems, of the most accurate, timely, and relevant version of truth about essential business entities (DAMA DMBOK).
    • The fundamental objective of MDM is to enable the business to see one view of critical data elements across the organization.
    • MDM systems will detect and declare relationships between data, resolve duplicate records, and make data available to the people, processes, and applications that need it. The end goal of an MDM implementation is to make sure your investment in MDM technology delivers the promised business results. By supplementing the technology with rules, guidelines, and standards around enterprise data you will ensure data continues to be synchronized across data sources on an ongoing basis.

    The image contains a screenshot of Info-Tech's Data Management Framework.

    Info-Tech’s Data Management Framework Adapted from DAMA-DMBOK and Advanced Knowledge Innovations Global Solutions. See Create a Data Management Roadmap blueprint for more information.

    Why manage master data?

    Master data drives practical insights that arise from key aspects of the business.

    Customer Intimacy

    Innovation Leadership

    Risk Management

    Operational Excellence

    Improve marketing and the customer experience by using the right data from the system of record to analyze complete customer views of transactions, sentiments, and interactions.

    Gain insights on your products, services, usage trends, industry directions, and competitor results, and use these data artifacts to support decisions on innovations, new products, services, and pricing.

    Maintain more transparent and accurate records and ensure that appropriate rules are followed to support audit, compliance, regulatory, and legal requirements. Monitor data usage to avoid fraud.

    Make sure the right solution is delivered rapidly and consistently to the right parties for the right price and cost structure. Automate processes by using the right data to drive process improvements.

    85% of customers expect consistent interactions across departments (Salesforce, 2022).

    Top-decile economic performers are 20% more likely to have a common source of data that serves as the single source of truth across the organization compared to their peers (McKinsey & Company, 2021).

    Only 6% of board members believe they are effective in managing risk (McKinsey & Company, 2018).

    32% of sales and marketing teams consider data inconsistency across platforms as their biggest challenge (Dun & Bradstreet, 2022).

    Your Challenge

    Modern organizations have unprecedented data challenges.

    • The volume of enterprise data is growing rapidly and comes from a wide variety of internal and external data sources (e.g. ERP, CRM). When data is located in different systems and applications, coupled with degradation and proliferation, this can lead to inaccurate, inconsistent, and redundant data being shared across departments within an organization.
    • For example, customer information may not be identical in the customer service system, shipping system, and marketing management platform because of manual errors or different name usage (e.g. GE or General Electric) when input by different business units.
    • Data kept in separate soiled sources can also result in poor stakeholder decision making and inefficient business processes. Some issues include:
      • The lack of clean customer list results in poor customer service.
      • Hindering good analytics and business predictions, such as incorrect supply chain decision when having duplicate product and vendor data between plants.
      • Creating cross-group consolidated reports from duplicate and inconsistent local data requires too much manual effort and resources.

    On average, 25 different data sources are used for generating customer insights and engagement.

    On average, 16 different technology applications are used to leverage customer data.

    Source: Deloitte Digital, 2020

    Common Obstacles

    Finding a single source of truth throughout the organization can be difficult.

    Changes in business process often come with challenges for CIOs and IT leaders. From an IT perspective, there are several common business operating models that can result in multiple sets of master data being created and held in various locations. Some examples could be:

    • Integrate systems following corporate mergers and acquisitions
    • Enterprise with multi-product line
    • Multinational company or multi-geographic operations with various ERP systems
    • Digital transformation projects such as omnichannel

    In such situations, implementing an MDM solution helps achieve harmonization and synchronization of master data and provide a single, reliable, and precise view of the organization. However, MDM is a complex system that requires more than just a technical solution. An organization might experience the following pain points:

    • Failure to identify master data problem and organization’s data needs.
    • Conflicting viewpoints and definitions of data assets that should reside in MDM across business units.

    Building a successful MDM initiative can be a large undertaking that takes some preparation before starting. Understanding the fundamental roles that data governance, data architecture, and data strategy play in MDM is essential before the implementation.

    “Only 3 in 10 of respondents are completely confident in their company's ability to deliver a consistent omnichannel experience.”

    Source: Dun & Bradstreet, 2022

    The image contains an Info-Tech Thought Model of the Develop a Master Data Management Practice & Platform.

    Insight summary

    Overarching insight

    Everybody has master data (e.g. customer, product) but not a master data problem (e.g. duplicate customers and products). MDM is complex in practice and requires investments in data governance, data architecture, and data strategy. Figuring out what the organization needs out of its master data is essential before you pull the trigger on an MDM solution.

    Phase 1 insight

    A master data management solution will assist you in solving master data challenges if your organization is large or complex, such as a multinational corporation or a company with multiple product lines, with frequent mergers and acquisitions, or adopting a digital transformation strategy such as omnichannel.

    Organizations often have trouble getting started because of the difficulty of agreeing on the definition of master data within the enterprise. Reference data is an easy place to find that common ground.

    While the organization may have data that fits into more than one master data domain, it does not necessarily need to be mastered. Determine what master data entities your organization needs.

    Although it is easy to get distracted by the technical aspects of the MDM project – such as extraction and consolidation rules – the true goal of MDM is to make sure that the consumers of master data (such as business units, sales) have access to consistent, relevant, and trusted shared data.

    Phase 2 insight

    An organization with activities such as mergers and acquisitions or multi-ERP systems poses a significant master data challenge. Prioritize your master data practice based on your organization’s ability to locate and maintain a single source of master data.

    Leverage modern capabilities such as artificial intelligence or machine learning to support large and complex MDM deployments.

    Blueprint Overview

    1. Build a Vision for MDM

    2. Build an MDM Practice and Platform

    Phase Steps

    1. Assess Your Master Data Problem
    2. Identify Your Master Data Domains
    3. Create a Strategic Vision
    1. Document Your Organization’s Current Data State
    2. Document Your Organization’s Target Data State
    3. Formulate an Actionable MDM Practice and Platform

    Phase Participants

    CIO, CDO, or IT Executive

    Head of the Information Management Practice

    Business Domain Representatives

    Enterprise Architecture Domain Architects

    Information Management MDM Experts

    Data Stewards or Data Owners

    Phase Outcomes

    This step identifies the essential concepts around MDM, including its definitions, your readiness, and prioritized master data domains. This will ensure the MDM initiatives are aligned to business goals and objectives.

    To begin addressing the MDM project, you must understand your current and target data state in terms of data architecture and data governance surrounding your MDM strategy. With all these considerations in mind, design your organizational MDM practice and platform.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    1. MDM Readiness Assessment ToolThe image contains a screenshot of the MDM Readiness Assessment Tool. 2. Business Needs Assessment Tool The image contains a screenshot of the Business Needs Assessment Tool.
    3. Business Case Presentation Template The image contains a screenshot of the Business Case Presentation Template. 4. Project Charter Template The image contains a screenshot of the Project Charter Template.
    5. Architecture Design Template The image contains a screenshot of the Architecture Design Template.

    Key deliverable:

    6. MDM Practice Pattern Template

    7. MDM Platform Template

    Define the intentional relationships between the business and the master data through a well-thought-out master data platform and practice.

    The image contains a screenshot to demonstrate the intentional relationships between the business and the master data.

    Measure the value of this blueprint

    Refine the metrics for the overall Master Data Management Practice and Platform.

    In phase 1 of this blueprint, we will help you establish the business context and master data needs.

    In phase 2, we will help you document the current and target state of your organization and develop a practice and platform so that master data is well managed to deliver on those defined metrics.

    Sample Metrics

    Method of Calculation

    Master Data Sharing Availability and Utilization

    # of Business Lines That Use Master Data

    Master Data Sharing Volume

    # of Master Entities

    # of Key Elements, e.g. # of Customers With Many Addresses

    Master Data Quality and Compliance

    # of Duplicate Master Data Records

    Identified Sources That Contribute to Master Data Quality Issues

    # of Master Data Quality Issues Discovered or Resolved

    # of Non-Compliance Issues

    Master Data Standardization/Governance

    # of Definitions for Each Master Entity

    # of Roles (e.g. Data Stewards) Defined and Created

    Trust and Satisfaction

    Trust Indicator, e.g. Confidence Indicator of Golden Record

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2

    Call #1: Identify master data problem and assess your organizational readiness for MDM.

    Call #2: Define master data domains and priorities.

    Call #3: Determine business requirements for MDM.

    Call #4: Develop a strategic vision for the MDM project.

    Call #5: Map and understand the flow of data within the business.

    Call #6: Document current architectural state.

    Call #7: Discover the MDM implementation styles of MDM and document target architectural state.

    Call #8: Create MDM data practice and platform.

    Call #9: Summarize results and plan next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5

    Develop a Vision for the MDM Project

    Document the
    Current State

    Document the
    Target State

    Develop a MDM Practice and Platform

    Next Steps and
    Wrap-Up (offsite)

    Activities

    • Establish business context for master data management.
    • Assess the readiness, value, benefits, challenges, and opportunities associated with MDM.
    • Develop the vision, purpose, and scope of master data management for the business.
    • Identify master data management enablers.
    • Interview business stakeholders.
    • Evaluate the risks and value of critical data.
    • Map and understand the flow of data within the business.
    • Identify master data sources and users.
    • Document the current architectural state of the organization
    • Document the target data state of the organization.
    • Develop alignment of initiatives to strategies.
    • Consolidate master data management initiatives and strategies.
    • Develop a project timeline and define key success measures.
    • Identify master data management capabilities, roles, process, and governance.
    • Build a master data management practice and platform.
    • Complete in-progress deliverables from previous four days.
    • Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. High-level data requirements
    2. Identification of business priorities
    3. Project vision and scope
    1. Data flow diagram with identified master data sources and users
    2. Business data glossary
    3. Documented current data state
    1. Documented target state surrounding MDM
    2. Data and master data management alignment and strategies
    1. Master Data Management Practice and Platform
    1. Master Data Management Strategy for continued success

    Phase 1: Build a Vision for MDM

    Develop a Master Data Management Practice and Platform

    Step 1.1

    Assess Your Master Data Problem

    Objectives

    1. Build a solid foundation of knowledge surrounding MDM.

    2. Recognize MDM problems that the organization faces in the areas of mergers and acquisitions, omnichannel, multi-product line, and multi-ERP setups.

    This step involves the following participants:

    CIO, CDO, or IT Executive

    Head of Information Management

    Outcomes of this step

    An understanding of master data, MDM, and the prerequisites necessary to create an MDM program.

    Determine if there is a need for MDM in the organization.

    Understand your data – it’s not all transactional

    Info-Tech analyzes the value of data through the lenses of its four distinct classes: Master, Transactional, Operational, and Reference.

    Master

    Transactional

    Operational

    Reference

    • Addresses critical business entities that fall into four broad groupings: party (customers, suppliers); product (products, policies); location (physical spaces and segmentations); and financial (contracts, transactions).
    • This data is typically critical to the organization, less volatile, and more complex in nature; it contains many data elements and is used across systems.
    • Transactional data refers to data generated when dealing with external parties, such as clients and suppliers.
    • Transactional data may be needed on a per-use basis or through several activities.
    • The data can also be accessed in real-time if needed.
    • Operational data refers to data that is used to support internal business activities, processes, or workflows.
    • This data is generated during a one-time activity or multiple times through a data hub or orchestration layer.
    • Depending on the need for speed, there can be a real-time aspect to the situation.
    • Examples: scheduling service data or performance data.
    • Reference data refers to simple lists of data that are typically static and help categorize other data using code tables.
    • Examples: list of countries or states, postal codes, general ledger chart of accounts, currencies, or product code.

    Recognize the fundamental prerequisites for MDM before diving into more specific readiness requirements

    Organizational buy-in

    • Ensure there is someone actively invested and involved in the progress of the project. Having senior management support, especially in the form of an executive sponsor or champion, is necessary to approve MDM budgets and resourcing.
    • MDM changes business processes and practices that affect many departments, groups, and people – this type of change may be disruptive so sponsorship from the top ensures your project will keep moving forward even during difficulties.
    • Consider developing a cross-functional master data team involving stakeholders from management, IT, and the business units. This group can ensure that the MDM initiative is aligned with and supports larger organizational needs and everyone understands their role.

    Understanding the existing data environment

    • Knowing the state of an organization’s data architecture, and which data sources are linked to critical business processes, is essential before starting an MDM project.
    • Identify the areas of data pain within your organization and establish the root cause. Determine what impact this is having on the business.

    Before starting to look at technology solutions, make sure you have organizational buy-in and an understanding of the existing data environment. These two prerequisites are the foundation for MDM success.

    Master data management provides opportunities to use data for analytical and operational purposes with greater accuracy

    MDM can be approached in two ways: analytical and operational.

    Think of it in the context of your own organization:

    • How will MDM improve the ability for accurate data to be shared across business processes (Operational MDM)?
    • How will MDM improve the quality of reports for management reporting and executive decision making (Analytical MDM)?

    An investment in MDM will improve the opportunities for using the organization’s most valuable data assets, including opportunities like:

    • Data is more easily shared across the organization’s environment with greater accuracy and trust.
    • Multiple instances of the same data are consistent.
    • MDM enables the ability to find the right data more quickly.

    9.5% of revenue was at risk when bad experiences were offered to customers.

    Source: Qualtrics XM Institute, 2022

    Master data management drives better customer experience

    85% In a survey of nearly 17,000 consumers and business buyers, 85% of customers expect consistent interactions across departments.

    Source: Salesforce, 2022

    Yet, 60% of customer say it generally feels like sales, service, and marketing teams do not share information.

    Source: Salesforce, 2022

    What is a business without the customer? Positive customer service experience drives customer retention, satisfaction, and revenue growth, and ultimately, determines the success of the organization. Effective MDM can improve customer experiences by providing consistent interactions and the ability to meet customer expectations.

    61% of customers say they would switch to a competitor after just one bad customer service experience.

    Source: Zendesk, 2022

    Common business operating models or strategies with master data problems

    Mergers and acquisitions (M&A)

    M&A involves activities related to the consolidation of two companies. From IT’s perspective, whether the organization maintains different IT systems and applications in parallel or undergoes data integration process, it is common to have multiple instances of the same customer or product entity across different systems between companies, leading to incomplete, duplicate, and conflicting data sets. The organization may face challenges in both operational and analytical aspects. For many, the objective is to create a list of master data to have a single view of the organization.

    Multiple-instance ERP or multinational organizations

    Multiple-instance ERP solutions are commonly used by businesses that operate globally to accommodate each country’s needs or financial systems (Brightwork Research). With MDM, having a single source of truth could be a great advantage in certain business units to collaborate globally, such as sharing inventory coding systems to allow common identity and productive resource allocation and shared customer information for analytical purposes.

    Common business operating models or strategies with master data problems (cont.)

    Multiple product lines of business

    An example for firms that sells multiple product lines could be Nike’s multiple product lines including footwear, clothing, and equipment. Keeping track of many product lines is a constant challenge for organizations in terms of inventory management, vendor database, and a tracking system. The ability to track and maintain your product data accurately and consistently is crucial for a successful supply chain (whether in a warehouse, distribution center, or retail office), which leads to improved customer satisfaction and increased sales.

    Info-Tech Insight
    A master data management solution will assist you in solving master data challenges if your organization is large or complex such as a multinational corporation or a company with multiple product lines, frequent mergers and acquisitions, or adopting a digital transformation strategy such as omnichannel.

    Omni-channel

    In e-commerce and retail industry, omnichannel means a business strategy that offers seamless shopping experiences across all channels, such as in-store, mobile, and online (Oracle). This also means the company needs to provide consistent information on orders, inventory, pricing, and promotions to customers and keep the customer records up to date. The challenges of omnichannel include having to synchronize data across channels and systems such as ERP, CRM, and social media. MDM becomes a solution for the success of an omnichannel strategy that refers to the same source of truth across business functions and channels.

    Assess business model using Info-Tech’s MDM Readiness Assessment Tool

    30 Minutes

    • The MDM Readiness Assessment Tool will help you make the decision to stop the MDM project now or to continue on the path to MDM.
    • Not all organizations need MDM. Don’t waste precious IT time and resources if your organization does not have a master data problem.

    The image contains screenshots of the MDM Readiness Assessment Tool.

    Download the MDM Readiness Assessment Tool

    Input Output
    • List of key MDM decision points
    • MDM readiness
    Materials Participants
    • Master Data Management Readiness Assessment Tool
    • Head of Information Management
    • CIO, CDO, or IT Executive

    Step 1.2

    Identify the Master Data Domains

    Objectives

    Determine which data domain contains the most critical master data in the organization for an MDM strategy.

    This step involves the following participants:

    Business Domain Representatives

    Data Stewards or Data Owners

    Information Management Team

    Outcomes of this step

    Determine the ideal data domain target for the organization based on where the business is experiencing the largest pains related to master data and where it will see the most benefit from MDM.

    Reference data makes tackling master data easier

    Reference data serves as a great starting place for an MDM project.

    • Reference data is the simple lists of data that are typically static and help categorize other data using code tables. Examples include lists of countries or states, postal codes, general ledger charts of accounts, currencies, or product codes.
    • Loading information into the warehouse or an MDM hub usually requires reconciling reference data from multiple sources. By getting reference data in order first, MDM will be easier to implement.
    • Reference data also requires a relatively small investment with good returns so the value of the project can easily be demonstrated to stakeholders.
    • One example of how reference data makes master data easier to tackle is a master list of an organization’s customers that needs an attribute of an address. By maintaining a list of postal codes or cities as reference data, this is made much easier to manage than simply allowing free text.

    Info-Tech Insight

    Organizations often have trouble getting started because of the difficulty of agreeing on the definition of master data within the enterprise. Reference data is an easy place to find that common ground.

    There are several key considerations when defining which data is master data in the organization

    A successful implementation of MDM depends on the careful selection of the data element to be mastered. As departments often have different interests, establishing a standard set of data elements can lead to a lot of discussion. When selecting what data should be considered master data, consider the following:

    • Complexity. As the number of elements in a set increases, the likelihood that the data is master data also increases.
    • Volatility. Master data tends to be less volatile. The more volatile data is, the more likely it is transactional data.
    • Risk. The more likely data may have a risk associated with it, the more likely it should be managed with MDM.
    • Value. The more valuable a data set is to the organization, the greater the chance it is master data.
    • Sharing. If the data set is used in multiple systems, it likely should be managed with an MDM system.

    Begin by documenting the existing data sources within the organization.

    Use Info-Tech’s Master Data Management Business Needs Assessment Tool to determine master data sources.

    Info-Tech Insight

    While the organization may have data that fits into more than one master data domain, it does not necessarily need to be mastered. Determine what master data entities your organization needs.

    Master data also fall into these four areas

    More perspectives to consider and define which data is your master data.

    Internally Created Entities

    Externally Created Entities

    Large Non-Recurring Transactions

    Categories/Relationships/ Hierarchies/Aggregational Patterns

    • Business objects and concepts at the core of organizational activities that are created and maintained only by this organization.
    • Examples: customers, suppliers, products, projects
    • Business objects and concepts at the core of organizational activities that are created outside of this organization, but it keeps its own master list of these entities with additional attributions.
    • Examples: equipment, materials, industry classifications
    • Factual records reflecting the organization’s activities.
    • Examples: large purchases, large sales, measuring equipment data, student academic performance
    • Lateral and hierarchical relationships across master entities.
    • Organization-wide standards for data / information organization and aggregation.
    • Examples: classifications of equipment and materials, legal relationships across legal entities, sales regions or sub-regions

    Master data types can be divided into four main domains

    Parties

    • Data about individuals, organizations, and the roles they play in business relationships.
    • In the commercial world this means customer, employee, vendor, partner, and competitor data.

    Product

    • Can focus on organization's internal products or services or the entire industry, including competitor products and services.
    • May include information about part/ingredient usage, versions, patch fixes, pricing, and bundles.

    Financial

    • Data about business units, cost centers, profit centers, general ledger accounts, budgets, projections, and projects
    • Typically, ERP systems serve as the central hub for this.

    Locations

    • Often seen as the domain that encompasses other domains. Typically includes geopolitical data such as sales territories.
    • Provides ability to track and share reference information about different geographies and create hierarchical relationships based on information.

    Single Domain vs. Multi-Domain

    • By focusing on a single master data domain, organizations can start with smaller, more manageable steps, rather than trying to tackle everything at once.
    • MDM solutions can be domain-specific or be designed to support multiple domains.
    • Multi-domain MDM is a solution that manages multiple types of master data in one repository. By implementing multi-domain from the beginning, an organization is better able to support growth across all dimensions and business units.

    Use Info-Tech’s Master Data Management Business Needs Assessment Tool to determine master data priorities

    2 hours

    Use the Master Data Management Business Needs Assessment Tool to assist you in determining the master data domains present in your organization and the suggested domain(s) for your MDM solution.

    The image contains screenshots of the Master Data Management Business Needs Assessment Tool.

    Download the MDM Business Needs Assessment Tool

    Input Output
    • Current data sources within the organization
    • Business requirements of master data
    • Prioritized list of master data domains
    • Project scope
    Materials Participants
    • Master Data Management Business Needs Assessment Tool
    • Data Stewards or Data Custodians
    • Information Management Team

    Step 1.3

    Create a Strategic Vision for Your MDM Program

    Objectives

    1. Understand the true goal of MDM – ensuring that the needs of the master data users in the organization are fulfilled.

    2. Create a plan to obtain organizational buy-in for the MDM initiative.

    3. Organize and officialize your project by documenting key metrics, responsibilities, and goals for MDM.

    This step involves the following participants:

    CEO, CDO, or CIO

    Business Domain Representatives

    Information Management Team

    Outcomes of this step

    Obtain business buy-in and direction for the MDM initiative.

    Create the critical foundation plans that will guide you in evaluating, planning, and implementing your immediate and long-term MDM goals.

    MDM is not just IT’s responsibility

    Make sure the whole organization is involved throughout the project.

    • Master data is created for the organization as a whole, so get business input to ensure IT decisions fit with corporate goals and objectives.
    • The ownership of master data is the responsibility of the business. IT is responsible for the MDM project’s technology, support, platforms, and infrastructure; however, the ownership of business rules and standards reside with the business.
    • MDM requires IT and the business to form a partnership. While IT is responsible for the technical component, the business will be key in identifying master data.
    • MDM belongs to the entire organization – not a specific department – and should be created with the needs of the whole organization in mind. As such, MDM needs to be aligned with company’s overall data strategy. Data strategy planning involves identifying and translating business objectives and capability goals into strategies for improving data usage by the business and enhancing the capabilities of MDM.

    Keep the priorities of the users of master data at the forefront of your MDM initiative.

    • To fully satisfy the needs of the users of master data, you have to know how the data is consumed. Information managers and architects must work with business teams to determine how organizational objectives are achieved by using master data.
    • Steps to understanding the users of master data and their needs:
    1. Identify and document the users of master data – some examples include business units such as marketing, sales, and innovation teams.
    2. Interview those identified to understand how their strategic goals can be enabled by MDM. Determine their needs and expectations.
    3. Determine how changes to the master data management strategy will bring about improvements to information sharing and increase the value of this critical asset.

    Info-Tech Insight

    Although it is easy to get distracted by the technical aspects of the MDM project – such as extraction and consolidation rules – the true goal of MDM is to make sure that the consumers of master data (such as business units, sales reps) have access to consistent, relevant, and trusted shared data.

    Interview business stakeholders to understand how IT’s implementation of MDM will enable better business decisions

    1 hours

    Instructions

    1. Identify which members of the business you would like to interview to gather an understanding of their current data issues and desired data usage. (Recommendation: Gather a diverse set of individuals to help build a broader and more holistic knowledge of data consumption wants or requirements.)
    2. Prepare your interview questions.
    3. Interview the identified members of the business.
    4. Debrief and document results.

    Tactical Tips

    • Include members of your team to help heighten their knowledge of the business.
    • Identify a team member to operate as the formal scribe.
    • Keep the discussion as free flowing as possible; it will likely enable the business to share more. Don’t get defensive – one of the goals of the interviews is to open communication lines and identify opportunities for change, not create tension between IT and the business.
    Input Output
    • Current master data pain points and issues
    • Desired master data usage
    • Prioritized list of master data management enablers
    • Understanding of organizational strategic plan
    Materials Participants
    • Interview questions
    • Whiteboard/flip charts
    • Information Management Team
    • Business Line Representatives

    Info-Tech Insight

    Prevent the interviews from being just a venue for the business to complain about data by opening the discussion of having them share current concerns and then focus the second half on what they would like to do with data and how they see master data assets supporting their strategic plans.

    Ensure buy-in for the MDM project by aligning the MDM vision and the drivers of the organization

    MDM exists to enable the success of the organization as a whole, not just as a technology venture. To be successful in the MDM initiative, IT must understand how MDM will help the critical aspects of the business. Likewise, the business must understand why it is important to them to ensure long-term support of the project.

    The image contains a screenshot example of the text above.

    “If an organization only wants to look at MDM as a tech project, it will likely be a failure. It takes a very strong business and IT partnership to make it happen.”

    – Julie Hunt, Software Industry Analyst, Hub Designs Magazine

    Use Info-Tech’s Master Data Management Business Case Presentation Template to help secure business buy-in

    1-2 hours

    The image contains screenshots of the Master Data Management Business Case Presentation Template.

    Objectives

    • This presentation should be used to help obtain momentum for the ongoing master data management initiative and continued IT- business collaboration.
    • Master data management and the state of processes around data can be a sensitive business topic. To overcome issues of resistance from the operational or strategic levels, create a well-crafted business case.
    Input Output
    • Business requirements
    • Goals of MDM
    • Pain points of inadequate MDM
    • Awareness built for MDM project
    • Target data domains
    • Project scope
    Materials Participants
    • Master Data Management Business Case Presentation Template
    • Data Stewards or Data Custodians
    • CEO, CDO, or CIO
    • Information Management Team

    Download the MDM Business Case Presentation Template

    Use Info-Tech’s project charter to support your team in organizing their master data management plans

    Use this master document to centralize the critical information regarding the objectives, staffing, timeline, budget, and expected outcome of the project.

    1. MDM Vision and Mission

    Overview

    Define the value proposition behind addressing master data strategies and developing the organization's master data management practice.

    Consider

    Why is this project critical for the business?

    Why should this project be done now, instead of delayed further down the road?

    2. Goals or Objectives

    Overview

    Your goals and objectives should be practical and measurable. Goals and objectives should be mapped back to the reasons for MDM that we identified in the Executive Brief.

    Example Objectives

    Align the organization’s IT and business capabilities in MDM to the requirements of the organization’s business processes and the data that supports it.

    3. Expected Outcomes

    Overview

    Master data management as a concept can change based on the organization and with definitions and expectations varying heavily for individuals. Ensure alignment at the outset of the project by outlining and attaining agreement on the expectations and expected outcomes (deliverables) of the project.

    Recommended Outcomes

    Outline of an action plan

    Documented data strategies

    4. Outline of Action Plan

    Overview

    Document the plans for your project in the associated sections of the project charter to align with the outcomes and deliverables associated with the project. Use the sample material in the charter and the “Develop Your Timeline for the MDM Project” section to support developing your project plans.

    Recommended Project Scope

    Align master data MDM plan with the business.

    Document current and future architectural state of MDM.

    Download the MDM Project Charter Template

    5. Identify the Resourcing Requirements

    Overview

    Create a project team that has representation of both IT and the business (this will help improve alignment and downstream implementation planning).

    Business Roles to Engage

    Data owners (for subject area data)

    Data stewards who are custodians of business data (related to subject areas evaluated)

    Data scientists or other power users who are heavy consumers of data

    IT Roles to Engage

    Data architect(s)

    Any data management professionals who are involved in modeling data, managing data assets, or supporting the systems in which the data resides.

    Database administrators or data warehousing architects with a deep knowledge of data operations.

    Individuals responsible for data governance.

    Phase 2: Build the MDM Practice and Platform

    Develop a Master Data Management Practice and Platform

    Step 2.1

    Document the Current Data State

    Objectives

    1. Understand roles that data strategy, data governance, and data architecture play in MDM.

    2. Document the organization’s current data state for MDM.

    This step involves the following participants:

    Data Stewards or Data Custodians

    Data or Enterprise Architect

    Information Management Team

    Outcomes of this step

    Document the organization’s current data state, understanding the business processes and movement of data across the company.

    Effective data governance will create the necessary roles and rules within the organization to support MDM

    • A major success factor for MDM falls under data governance. If you don’t establish data governance early on, be prepared to face major obstacles throughout your project. Governance includes data definitions, data standards, access rights, and quality rules and ensures that MDM continues to offer value.
    • Data governance involves an organizational committee or structure that defines the rules of how data is used and managed – rules around its quality, processes to remediate data errors, data sharing, managing data changes, and compliance with internal and external regulations.
    • What is required for governance of master data? Defined roles, including data stewards and data owners, that will be responsible for creating the definitions relevant to master data assets.

    The image contains a screenshot of the Data Governance Key to Data Enablement.

    For more information, see Info-Tech Research Group’s Establish Data Governance blueprint.

    Ensure MDM success by defining roles that represent the essential high-level aspects of MDM

    Regardless of the maturity of the organization or the type of MDM project being undertaken, all three representatives must be present and independent. Effective communication between them is also necessary.

    Technology Representative

    Governance Representative

    Business Representative

    Role ensures:

    • MDM technology requirements are defined.
    • MDM support is provided.
    • Infrastructure to support MDM is present.

    Role ensures:

    • MDM roles and responsibilities are clearly defined.
    • MDM standards are adhered to.

    Role ensures:

    • MDM business requirements are defined.
    • MDM business matching rules are defined.

    The following roles need to be created and maintained for effective MDM:

    Data Owners are accountable for:

    • Data created and consumed.
    • Ensuring adequate data risk management is in place.

    Data Stewards are responsible for:

    • The daily and routine care of all aspects of data systems.
    • Supporting the user community.
    • Collecting, collating, and evaluating issues and problems with data.
    • Managing standard business definitions and metadata for critical data elements.

    Another crucial aspect of implementing MDM governance is defining match rules for master data

    • Matching, merging, and linking data from multiple systems about the same item, person, group, etc. attempts to remove redundancy, improve data quality, and provide information that is more comprehensive.
    • Matching is performed by applying inference rules. Data cleansing tools and MDM applications often include matching engines used to match data.
      • Engines are dependent on clearly defined matching rules, including the acceptability of matches at different confidence levels.
    • Despite best efforts, match decisions sometimes prove to be incorrect. It is essential to maintain the history of matches so that matches can be undone when they are discovered to be incorrect.
    • Artificial intelligence (AI) for match and merge is also an option, where the AI engine can automatically identify duplicate master data records to create a golden record.

    Match-Merge Rules vs. Match-Link Rules

    Match-Merge Rules

    • Match records and merge the data from these records into a single, unified, reconciled, and comprehensive record. If rules apply across data sources, create a single unique and comprehensive record in each database.
    • Complex due to the need to identify so many possible circumstances, with different levels of confidence and trust placed on data values in different fields from different sources.
    • Challenges include the operational complexity of reconciling the data and the cost of reversing the operation if there is a false merge.

    Match-Link Rules

    • Identify and cross-reference records that appear to relate to a master record without updating the content of the cross-referenced record.
    • Easier to implement and much easier to reverse.
    • Simple operation; acts on the cross-reference table and not the individual fields of the merged master data record, even though it may be more difficult to present comprehensive information from multiple records.

    Data architecture will assist in producing an effective data integration model for the technology underlying MDM

    Data quality is directly impacted by architecture.

    • With an MDM architecture, access, replication, and flow of data are controlled, which increases data quality and consistency.
    • Without an MDM architecture, master data occurs in application silos. This can cause redundant and inconsistent data.

    Before designing the MDM architecture, consider:

    • How the business is going to use the master data.
    • Architectural style (this is often dependent on the existing IT architecture, but generally, organizations starting with MDM find a hub architecture easiest to work with).
    • Where master data is entered, updated, and stored.
    • Whether transactions should be processed as batch or real-time.
    • What systems will contribute to the MDM system.
    • Implementation style. This will help ensure the necessary applications have access to the master data.

    “Having an architectural oversight and reference model is a very important step before implementing the MDM solutions.”

    – Selwyn Samuel, Director of Enterprise Architecture

    Document the organization’s data architecture to generate an accurate picture of the current data state

    2-3 hours

    Populate the template with your current organization's data components and the business flow that forms the architecture.

    Think about the source of master data and what other systems will contribute to the MDM system.

    The image contains a screenshot of the MDM Architecture Design Template.

    Input Output
    • Business process streamline
    • Current data state
    Materials Participants
    • MDM Architecture Design Template ArchiMate file
    • Enterprise Architect
    • Data Architect

    Download the MDM Architecture Design Template ArchiMate file

    Step 2.2

    Document the Target Data State

    Objectives

    1. Understand four implementation styles for MDM deployments.

    2. Document target MDM implementation systems.

    This step involves the following participants:

    Data Stewards or Data Custodians

    Data or Enterprise Architect

    Information Management Team

    Outcomes of this step

    Document the organization’s target architectural state surrounding MDM, identifying the specific MDM implementation style.

    How the organization’s data flows through IT systems is a convenient way to define your MDM state

    Understanding the data sources present in the organization and how the business organizes and uses this data is critical to implementing a successful MDM strategy.

    Operational MDM

    • As you manage data in an operational MDM system, the data gets integrated back into the systems that were the source of the data in the first place. The “best records” are created from a combination of data elements from systems that create relevant data (e.g. billing system, call center, reservation system) and then the data is sent back to the systems to update it to the best record. This includes both batch and real-time processing data.

    Analytical MDM

    • Generates “best records” the same way that operational MDM does. However, the data doesn’t go back to the systems that generated the data but rather to a repository for analytics, decision management, or reporting system purposes.

    Discovery of master data is the same for both approaches, but the end use is very different.

    The approaches are often combined by technologically mature organizations, but analytical MDM is generally more expensive due to increased complexity.

    Central to an MDM program is the implementation of an architectural framework

    Info-Tech Research Group’s Reference MDM Architecture uses a top-down approach.

    A top-down approach shows the interdependent relationship between layers – one layer of functionality uses services provided by the layers below, and in turn, provides services to the layers above.

    The image contains a screenshot of the Architectural Framework.

    Info-Tech Research Group’s Reference MDM Architecture can meet the unique needs of different organizations

    The image contains a screenshot of Info-Tech Research Group's Reference MDM Architecture.

    The MDM service layers that make up the hub are:

    • Virtual Registry. The virtual registry is used to create a virtual view of the master data (this layer is not necessary for every MDM implementation).
    • Interface Services. The interface services work directly with the transport method (e.g. Web Service, Pub/Sub, Batch/FTP).
    • Rules Management. The rules management layer manages business rules and match rules set by the organization.
    • Lifecycle Management. This layer is responsible for managing the master data lifecycle. This includes maintaining relationships across domains, modeling classification and hierarchies within the domains, helping with master data quality through profiling rules, deduplicating and merging data to create golden records, keeping authoring logs, etc.
    • Base Services. The base services are responsible for managing all data (master, history, metadata, and reference) in the MDM hub.
    • Security. Security is the base layer and is responsible for protecting all layers of the MDM hub.

    An important architectural decision concerns where master data should live

    All MDM architectures will contain a system of entry, a system of record, and in most cases, a system of reference. Collectively, these systems identify where master data is authored and updated and which databases will serve as the authoritative source of master data records.

    System of Entry (SOE)

    System of Record (SOR)

    System of Reference (SORf)

    Any system that creates master data. It is the point in the IT architecture where one or more types of master data are entered. For example, an enterprise resource planning (ERP) application is used as a system of entry for information about business entities like products (product master data) and suppliers (supplier master data).

    The system designated as the authoritative data source for enterprise data. The true system of record is the system responsible for authoring and updating master data and this is normally the SOE. An ideal MDM system would contain and manage a single, up-to-date copy of all master data. This database would provide timely and accurate business information to be used by the relevant applications. In these cases, one or more SOE applications (e.g. customer relationship management or CRM) will be declared the SOR for certain types of data. The SOR can be made up of multiple physical subsystems.

    A replica of master data that can be synchronized with the SOR(s). It is updated regularly to resolve discrepancies between data sets, but will not always be completely up to date. Changes in the SOR are typically batched and then transmitted to the SORf. When a SORf is implemented, it acts as the authoritative source of enterprise data, given that it is updated and managed relative to the SOR. The SORf can only be used as a read-only source for data consumers.

    Central to an MDM program is the implementation of an architectural framework

    These styles are complementary and see increasing functionality; however, organizations do not need to start with consolidation.

    Consolidation

    Registry

    Coexistence

    Transactional

    What It Means

    The MDM is a system of reference (application systems serve as the systems of record). Data is created and stored in the applications and sent (generally in batch mode) to a centralized MDM system.

    The MDM is a system of reference. Master data is created and stored in the

    application systems, but key master data identifiers are linked with the MDM system, which allows a view of master data records to be assembled.

    The MDM is a system of reference. Master data is created and stored in application systems; however, an authoritative record of master data is also created (through matching) and stored in the MDM system.

    The MDM is a genuine source of record. All master data records are centrally authored and materialized in the MDM system.

    Use Case

    This style is ideal for:

    • Organizations that want to have access to master data for reporting.
    • Organizations that do not need real-time access to master data.

    This style is ideal for:

    • A view of key master data identifiers.
    • Near real-time master data reference.
    • Organizations that need access to key master data for operational systems.
    • Organizations facing strict data replication regulations.

    This style is ideal for:

    • A complete view of each master data entity.
    • Deployment of workflows for collaborative authoring.
    • A central reference system for master data.

    This style is ideal for:

    • Organizations that want true master data management.
    • Organizations that need complete, accurate, and consistent master data at all times.
    • Transactional access to master data records.
    • Tight control over master data.

    Method of Use

    Analytical

    Operational

    Analytical, operational, or collaborative

    Analytical, operational, or collaborative

    Consolidation implementation style

    Master data is created and stored in application systems and then placed in a centralized MDM hub that can be used for reference and reporting.

    The image contains a screenshot of the architectural framework and MDM hub.

    Advantages

    • Prepares master data for enterprise data warehouse and reporting by matching/merging.
    • Can serve as a basis for coexistence or transactional MDM.

    Disadvantages

    • Does not provide real-time reference because updates are sent to the MDM system in batch mode.
    • New data requirements will need to be managed at the system of entry.

    Registry implementation style

    Master data is created and stored in applications. Key identifiers are then linked to the MDM system and used as reference for operational systems.

    The image contains a screenshot of the architectural framework with a focus on registry implementation style.

    Advantages

    • Quick to deploy.
    • Can get a complete view of key master data identifiers when needed.
    • Data is always current since it is accessed from the source systems.

    Disadvantages

    • Depends on clean data at the source system level.
    • Can be complex to manage.
    • Except for the identifiers persisting in the MDM system, all master data records remain in the applications, which means there is not a complete view of all master data records.

    Coexistence implementation style

    Master data is created and stored in existing systems and then synced with the MDM system to create an authoritative record of master data.

    The image contains a screenshot of the architectural framework with a focus on the coexistence implementation style.

    Advantages

    • Easier to deploy workflows for collaborative authoring.
    • Creates a complete view for each master data record.
    • Increased master data quality.
    • Allows for data harmonization across systems.
    • Provides organizations with a central reference system.

    Disadvantages

    • Master data is altered in both the MDM system and source systems. Data may not be up to date until synchronization takes place.
    • Higher deployment costs because all master data records must be harmonized.

    Transactional implementation style

    All master data records are materialized in the MDM system, which provides the organization with a single, complete source of master data at all times.

    The image contains a screenshot of the architectural framework with a focus on the transactional implementation style.

    Advantages

    • Functions as a system of record, providing complete, consistent, accurate, and up-to-date data.
    • Provides a single location for updating and managing master data.

    Disadvantages

    • The implementation of this style may require changes to existing systems and business processes.
    • This implementation style comes with increased cost and complexity.

    All organizations are different; identify the architecture and implementation needs of your organization

    Architecture is not static – it must be able to adapt to changing business needs.

    • The implementation style an organization chooses is dependent on organizational factors such as the purpose of MDM and method of use.
    • Some master data domains may require that you start with one implementation style and later graduate to another style while retaining the existing data model, metadata, and matching rules. Select a starting implementation style that will best suit the organization.
    • Organizations with multi-domain master data may have to use multiple implementation styles. For example, data domain X may require the use of a registry implementation, while domain Y requires a coexistence implementation.

    Document your target data state surrounding MDM

    2-3 hours

    Populate the template with your target organization’s data architecture.

    Highlight new capabilities and components that MDM introduced based on MDM implementation style.

    The image contains a screenshot of the MDM Architecture Design Template.

    Input Output
    • Business process streamline
    • MDM architectural framework
    • Target data state
    Materials Participants
    • MDM Architecture Design Template ArchiMate File
    • Enterprise Architect
    • Data Architect
    • Head of Data

    Step 2.3

    Develop MDM Practice and Platform

    Objectives

    1. Review Info-Tech’s practice pattern and design your master data management practice.

    2. Design your master data management platform.

    3. Consider next steps for the MDM project.

    This step involves the following participants:

    Data Stewards or Data Custodians

    Data or Enterprise Architect

    Information Management Team

    Outcomes of this step

    Define the key services and outputs that must be delivered by establishing core capabilities, accountabilities, roles, and governance for the practice and platform.

    What does a master data management practice pattern look like?

    The master data management practice pattern describes the core capabilities, accountabilities, processes, and essential roles and the elements that provide oversight or governance of the practice, all of which are required to deliver on high-value services and deliverables or output for the organization.

    The image contains a screenshot to demonstrate the intentional relationships between the business and the master data.

    Download the Master Data Management Practice Pattern Template ArchiMate File

    Master data management data practice setup

    • Define the practice lead’s accountabilities and responsibilities.
    • Assign the practice lead.
    • Design the practice, defining the details of the practice (including the core capabilities, accountabilities, processes, and essential roles; the elements that provide oversight or governance of the practice; and the practice’s services and deliverables or output for the organization).
    • Define services and accountabilities:
    1. Define deployment and engagement model
    2. Define practice governance and metrics
    3. Define processes and deliverables
    4. Summarize capabilities
    5. Use activity slide to assign the skills to the role

    General approach to setting up data practices

    Guidelines for designing and establishing your various data practices.

    Understand master data management practice pattern

    A master data management practice pattern includes key services and outputs that must be delivered by establishing core capabilities, accountabilities, roles, and governance for the practice.

    Assumption:

    The accountabilities and responsibilities for the master data management practice have been established and assigned to a practice lead.

    1. Download and review Master Data Management Practice Pattern (Level 1 – Master Data Management Practice Pattern).
    2. Review and update master data management processes for your organization.

    Download the Master Data Management Practice Pattern Template ArchiMate File

    Info-Tech Insight

    An organization with heavy merger and acquisition activity poses a significant master data challenge. Prioritize your master data practice based on your organization’s ability to locate and maintain a single source of master data.

    The image contains a screenshot of the Master Data Management Process.

    Initiate your one-time master data management practice setup

    1. Ensure data governance committees are established.
    2. Align master data management working group responsibilities with data governance committee.
    3. Download and review Master Data Management Practice Pattern Setup (Level 1 – Master Data Management Practice Setup).
    4. Start establishing your master data practice:
    5. 4.1 Define services and accountabilities

      4.2 Define processes and deliverables by stakeholder

      4.3 Design practice operating model

      4.4 Perform skills inventory and design roles

      4.5 Determine practice governance and metrics

      4.6 Summarize practice capabilities

    6. Define key master data management deliverable and processes.

    The image contains a screenshot of the Process Template MDM Conflict Resolution.

    Download and Update:

    Process Template: MDM Conflict Resolution

    MDM operating model

    The operating model is a visualization of how MDM commonly operates and the value it brings to the organization. It illustrates the master data flow, which works from left to right, from source system to consumption layer. Another important component of the model is the business data glossary, which is part of your data governance plan, to define terminology and master data’s key characteristics across business units.

    The image contains a screenshot of the MDM Operating Model.

    Choosing the appropriate technology capabilities

    An MDM platform should include certain core technical capabilities:

    • Master data hub: Functions as a system of reference, providing an authoritative source of data in read-only format to systems downstream.
    • Data modeling: Ability to model complex relationships between internal application sources and other parties.
    • Workflow management: Ability to support flexible and comprehensive workflow-based capabilities.
    • Relationship and hierarchies: Ability to determine relationships and identify hierarchies within the same domain or across different domains of master data.
    • Information quality: Ability to profile, cleanse, match, link, identify, and reconcile master data in different data sources to create and maintain the “golden record.”
    • Loading, integration, synchronization: Ability to load data quality tools and integrate so there is a bidirectional flow of data. Enable data migration and updates that prevent duplicates within the incoming data and data found in the hub.
    • Security: Ability to control access of MDM and the ability to report on activities. Ability to configure and manage different rules and visibilities.
    • Ease of use: Including different user interfaces for technical and business roles.
    • Scalability and high performance/high availability: Ability to expand or shrink depending on the business needs and maintain a high service level.

    Other requirements may include:

    • MDM solution that can handle multiple domains on a single set of technology and hardware.
    • Offers a broad set of data integration connectors out of the box.
    • Offers flexible deployments (on-premises, cloud, as-a-service).
    • Supports all architectural implementation styles: registry, consolidation, coexistence, and transactional.
    • Data governance tools: workflow and business process management (BPM) functionality to link data governance with operational MDM.
    • Uses AI to automate MDM processes.

    Info-Tech Research Group’s MDM platform

    The image contains a screenshot of Info-Tech's MDM Platform.

    Info-Tech Research Group’s MDM platform summarizes an organization’s data environment and the technical capabilities that should be taken into consideration for your organization's MDM implementation.

    Design your master data management platform

    2-3 hours

    Instructions

    Download the Master Data Management Platform Template.

    The platform is not static. Adapt the template to your own needs based on your target data state, required technical capabilities, and business use cases.

    The image contains a screenshot of Info-Tech's MDM Platform.

    Input Output
    • Technology capabilities
    • Target data state
    • Master Data Management Platform
    Materials Participants
    • Master Data Management Platform Template
    • Data Architect
    • Enterprise Architect
    • Head of Data

    Download the MDM Platform Template

    Next steps for the MDM project

    There are several deployment options for MDM platforms; pick the one best suited to the organization’s business needs:

    On-Premises Solutions

    Cloud Solutions

    Hybrid Solutions

    Embrace the technology

    MDM has traditionally been an on-premises initiative. On-premises solutions have typically had different instances for various divisions. On-premises solutions offer interoperability and consistency.

    Many IT teams of larger companies prefer an on-premises implementation. They want to purchase a perpetual MDM software license, install it on hardware systems, configure and test the MDM software, and maintain it on an ongoing basis.

    Cloud MDM solutions can be application-specific or platform-specific, which involves using a software platform or web-based portal interface to connect internal and external data. Cloud is seen as a more cost-effective MDM solution as it doesn’t require a large IT staff to configure the system and can be paid for through a monthly subscription. Because many organizations are averse to storing their master data outside of their firewalls, some cloud MDM solutions manage the data where it resides (either software as a service or on-premises), rather than maintaining it in the cloud.

    MDM system resides both on premises and in the cloud. As many organizations have some applications on premises and others in the cloud, having a hybrid MDM solution is a realistic option for many. MDM can be leveraged from either on-premises or in the cloud solutions, depending on the current needs of the organization.

    • Vendor-supplied MDM solutions often provide complete technical functionality in the package and various deployment options.
    • Consider leverage Info-Tech’s SoftwareReviews to accelerate and improve your software selection process.

    Capitalizing on trends in the MDM technology space would increase your competitive edge

    AI improves master data management.

    • With MDM technology improving every year, there are a greater number of options to choose from than ever before. AI is one of the hottest trends in MDM.
    • By using machine learning (ML) techniques, AI can automate many activities surrounding MDM to ease manual processes and improve accuracy, such as automating master data profiling, managing workflow, identifying duplication, and suggesting match and merge proposals.
    • Some other powerful applications include product categorization and hierarchical management. The product is assigned to the correct level of the category hierarchy based on the probability that a block of words in a product title or description belongs to product categories (Informatica, 2021).

    Info-Tech Insight

    Leverage modern capabilities such as AI and ML to support large and complex MDM deployments.

    The image contains a screenshot of the AI Activities in MDM.

    Informatica, 2021

    Related Info-Tech Research

    Build Your Data Quality Program

    • Data needs to be good, but truly spectacular data may go unnoticed. Provide the right level of data quality, with the appropriate effort, for the correct usage. This blueprint will help you determine what “the right level of data quality” means and create a plan to achieve that goal for the business.

    Build a Data Architecture Roadmap

    • Optimizing data architecture requires a plan, not just a data model.

    Create a Data Management Roadmap

    • Streamline your data management program with our simplified framework.

    Related Info-Tech Research

    Build a Robust and Comprehensive Data Strategy

    • Formulate a data strategy that stitches all of the pieces together to better position you to unlock the value in your data.

    Build Your Data Practice and Platform

    • The true value of data comes from defining intentional relationships between the business and the data through a well-thought-out data platform and practice.

    Establish Data Governance

    • Establish data trust and accountability with strong governance.

    Research Authors and Contributors

    Authors:

    Name

    Position

    Company

    Ruyi Sun

    Research Specialist, Data & Analytics

    Info-Tech Research Group

    Rajesh Parab

    Research Director, Data & Analytics

    Info-Tech Research Group

    Contributors:

    Name

    Position

    Company

    Selwyn Samuel

    Director of Enterprise Architecture

    Furniture manufacturer

    Julie Hunt

    Consultant and Author

    Hub Designs Magazine and Julie Hunt Consulting

    David Loshin

    President

    Knowledge Integrity Inc.

    Igor Ikonnikov

    Principal Advisory Director

    Info-Tech Research Group

    Irina Sedenko

    Advisory Director

    Info-Tech Research Group

    Anu Ganesh

    Principal Research Director

    Info-Tech Research Group

    Wayne Cain

    Principal Advisory Director

    Info-Tech Research Group

    Reddy Doddipalli

    Senior Workshop Director

    Info-Tech Research Group

    Imad Jawadi

    Senior Manager, Consulting

    Info-Tech Research Group

    Andy Neill

    Associate Vice President

    Info-Tech Research Group

    Steve Wills

    Practice Lead

    Info-Tech Research Group

    Bibliography

    “DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK Guide).” First Edition. DAMA International. 2009. Digital. April 2014.
    “State of the Connected Customer, Fifth Edition.” Salesforce, 2022. Accessed Jan. 2023.
    “The new digital edge: Rethinking strategy for the postpandemic era.” McKinsey & Company, 26 May. 2021. Assessed Dec. 2022.
    “Value and resilience through better risk management.” Mckinsey & Company, 1 Oct. 2018. Assessed Dec. 2022.
    “Plotting a course through turbulent times (9TH ANNUAL B2B SALES & MARKETING DATA REPORT)” Dun & Bradstreet, 2022. Assessed Jan. 2023.
    ““How to Win on Customer Experience.”, Deloitte Digital, 2020. Assessed Dec. 2022.
    “CX Trends 2022.”, Zendesk, 2022. Assessed Jan. 2023
    .”Global consumer trends to watch out for in 2023.” Qualtrics XM Institute, 8 Nov. 2022. Assessed Dec. 2022
    “How to Understand Single Versus Multiple Software Instances.” Brightwork Research & Analysis, 24 Mar. 2021. Assessed Dec. 2022
    “What is omnichannel?” Oracle. Assessed Dec. 2022
    “How AI Improves Master Data Management (MDM).” Informatica, 30 May. 2021. Assessed Dec. 2022

    Create an Architecture for AI

    • Buy Link or Shortcode: {j2store}344|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $604,999 Average $ Saved
    • member rating average days saved: 49 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    This research is designed to help organizations who are facing these challenges:

    • Deliver on the AI promise within the organization.
    • Prioritize the demand for AI projects and govern the projects to prevent overloading resources.
    • Have sufficient data management capability.
    • Have clear metrics in place to measure progress and for decision making.

    AI requires a high level of maturity in all data management capabilities, and the greatest challenge the CIO or CDO faces is to mature these capabilities sufficiently to ensure AI success.

    Our Advice

    Critical Insight

    • Build your target state architecture from predefined best-practice building blocks.
    • Not all business use cases require AI to increase business capabilities.
    • Not all organizations are ready to embark on the AI journey.
    • Knowing the AI pattern that you will use will simplify architecture considerations.

    Impact and Result

    • This blueprint will assist organizations with the assessment, planning, building, and rollout of their AI initiatives.
      • Do not embark on an AI project with an immature data management practice. Embark on initiatives to fix problems before they cripple your AI projects.
      • Using architecture building blocks will speed up the architecture decision phase.
    • The success rate of AI initiatives is tightly coupled with data management capabilities and a sound architecture.

    Create an Architecture for AI Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand why you need an underlying architecture for AI, review Info-Tech's methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess business use cases for AI readiness

    Define business use cases where AI may bring value. Evaluate each use case to determine the company’s AI maturity in people, tools, and operations for delivering the correct data, model development, model deployment, and the management of models in the operational areas.

    • Create an Architecture for AI – Phase 1: Assess Business Use Cases for AI Readiness
    • AI Architecture Assessment and Project Planning Tool
    • AI Architecture Assessment and Project Planning Tool – Sample

    2. Design your target state

    Develop a target state architecture to allow the organization to effectively deliver in the promise of AI using architecture building blocks.

    • Create an Architecture for AI – Phase 2: Design Your Target State
    • AI Architecture Templates

    3. Define the AI architecture roadmap

    Compare current state with the target state to define architecture plateaus and build a delivery roadmap.

    • Create an Architecture for AI – Phase 3: Define the AI Architecture Roadmap
    [infographic]

    Workshop: Create an Architecture for AI

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Answer “Where To?”

    The Purpose

    Define business use cases where AI may add value and assess use case readiness.

    Key Benefits Achieved

    Know upfront if all required data resources are available in the required velocity, veracity, and variety to service the use case.

    Activities

    1.1 Review the business vision.

    1.2 Identify and classify business use cases.

    1.3 Assess company readiness for each use case.

    1.4 Review architectural principles and download and install Archi.

    Outputs

    List of identified AI use cases

    Assessment of each use case

    Data sources needed for each use case

    Archi installed

    2 Define the Required Architecture Building Blocks

    The Purpose

    Define architecture building blocks that can be used across use cases and data pipeline.

    Key Benefits Achieved

    The architectural building blocks ensure reuse of resources and form the foundation of a stepwise rollout.

    Activities

    2.1 ArchiMate modelling language overview.

    2.2 Architecture building block overview

    2.3 Identify architecture building blocks by use case.

    2.4 Define the target state architecture.

    Outputs

    A set of building blocks created in Archi

    Defined target state architecture using architecture building blocks

    3 Assess the Current State Architecture

    The Purpose

    Assess your current state architecture in the areas identified by the target state.

    Key Benefits Achieved

    Only evaluating the current state architecture that will influence your AI implementation.

    Activities

    3.1 Identify the current state capabilities as required by the target state.

    3.2 Assess your current state architecture.

    3.3 Define a roadmap and design implementation plateaus.

    Outputs

    Current state architecture documented in Archi

    Assessed current state using assessment tool

    A roadmap defined using plateaus as milestones

    4 Bridge the Gap and Create the Roadmap

    The Purpose

    Assess your current state against the target state and create a plan to bridge the gaps.

    Key Benefits Achieved

    Develop a roadmap that will deliver immediate results and ensure long-term durability.

    Activities

    4.1 Assess the gaps between current- and target-state capabilities.

    4.2 Brainstorm initiatives to address the gaps in capabilities

    4.3 Define architecture delivery plateaus.

    4.4 Define a roadmap with milestones.

    4.5 Sponsor check-in.

    Outputs

    Current to target state gap assessment

    Architecture roadmap divided into plateaus

    Cyber Resilience Report 2018

    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A

    "The cyber threat landscape today is highly complex and rapidly changing. Cyber security incidents can have several impacts on organizations and society, both on a physical and non-physical level. Through the use of a computer, criminals can indeed cause IT outages, supply chain disruptions and other physical security incidents"

    -- excerpt from the foreword of the BCI Cyber resilience report 2018 by David Thorp, Executive Director, BCI

    There are a number of things you can do to protect yourself. And they range, as usual, from the fairly simple to the more elaborate and esoteric. Most companies can, with some common sense, if not close the door on most of these issues, at least prepare themselves to limit the consequences.

    Register to read more …

    Mitigate Machine Bias

    • Buy Link or Shortcode: {j2store}343|cart{/j2store}
    • member rating overall impact (scale of 10): 8.8/10 Overall Impact
    • member rating average dollars saved: $9,549 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy
    • AI is the new electricity. It is fundamentally and radically changing the fabric of our world, from the way we conduct business, to how we work and live, make decisions, and engage with each other, to how we organize our society, and ultimately, to who we are. Organizations are starting to adopt AI to increase efficiency, better engage customers, and make faster, more accurate decisions.
    • Like with any new technology, there is a flip side, a dark side, to AI – machine biases. If unchecked, machine biases replicate, amplify, and systematize societal biases. Biased AI systems may treat some of your customers (or employees) differently, based on their race, gender, identity, age, etc. This is discrimination, and it is against the law. It is also bad for business, including missed opportunities, lost consumer confidence, reputational risk, regulatory sanctions, and lawsuits.

    Our Advice

    Critical Insight

    • Machine biases are not intentional. They reflect the cognitive biases, preconceptions, and judgement of the creators of AI systems and the societal structures encoded in the data sets used for machine learning.
    • Machine biases cannot be prevented or fully eliminated. Early identification and diversity in and by design are key. Like with privacy and security breaches, early identification and intervention – ideally at the ideation phase – is the best strategy. Forewarned is forearmed. Prevention starts with a culture of diversity, inclusivity, openness, and collaboration.
    • Machine bias is enterprise risk. Machine bias is not a technical issue. It is a social, political, and business problem. Integrate it into your enterprise risk management (ERM).

    Impact and Result

    • Just because machine biases are induced by human behavior, which is also captured in data silos, they are not inevitable. By asking the right questions upfront during application design, you can prevent many of them.
    • Biases can be introduced into an AI system at any stage of the development process, from the data you collect, to the way you collect it, to which algorithms are used, to which assumptions are made, etc. Ask your data science team a lot of questions; leave no stone unturned.
    • Don’t wait until “Datasheets for Datasets” and “Model Cards for Model Reporting” (or similar frameworks) become standards. Start creating these documents now to identify and analyze biases in your apps. If using open-source data sets or libraries, you may need to create them yourself for now. If working with partners or using AI/ ML services, demand that they provide such information as part of the engagement. You, not your partners, are ultimately responsible for the AI-powered product or service you deliver to your customers or employees.
    • Build a culture of diversity, transparency, inclusivity, and collaboration – the best mechanism to prevent and address machine biases.
    • Treat machine bias as enterprise risk. Use your ERM to guide all decisions around machine biases and their mitigation.

    Mitigate Machine Bias Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand the dark side of AI: algorithmic (machine) biases, how they emerge, why they are dangerous, and how to mitigate them. Review Info-Tech’s methodology and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand AI biases

    Learn about machine biases, how and where they arise in AI systems, and how they relate to human cognitive and societal biases.

    • Mitigate Machine Bias – Phase 1: Understand AI Biases

    2. Identify data biases

    Learn about data biases and how to mitigate them.

    • Mitigate Machine Bias – Phase 2: Identify Data Biases
    • Datasheets for Data Sets Template
    • Datasheets for Datasets

    3. Identify model biases

    Learn about model biases and how to mitigate them.

    • Mitigate Machine Bias – Phase 3: Identify Model Biases
    • Model Cards for Model Reporting Template
    • Model Cards For Model Reporting

    4. Mitigate machine biases and risk

    Learn about approaches for proactive and effective bias prevention and mitigation.

    • Mitigate Machine Bias – Phase 4: Mitigate Machine Biases and Risk
    [infographic]

    Workshop: Mitigate Machine Bias

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Prepare

    The Purpose

    Understand your organization’s maturity with respect to data and analytics in order to maximize workshop value.

    Key Benefits Achieved

    Workshop content aligned to your organization’s level of maturity and business objectives.

    Activities

    1.1 Execute Data Culture Diagnostic.

    1.2 Review current analytics strategy.

    1.3 Review organization's business and IT strategy.

    1.4 Review other supporting documentation.

    1.5 Confirm participant list for workshop.

    Outputs

    Data Culture Diagnostic report.

    2 Understand Machine Biases

    The Purpose

    Develop a good understanding of machine biases and how they emerge from human cognitive and societal biases. Learn about the machine learning process and how it relates to machine bias.

    Select an ML/AI project and complete a bias risk assessment.

    Key Benefits Achieved

    A solid understanding of algorithmic biases and the need to mitigate them.

    Increased insight into how new technologies such as ML and AI impact organizational risk.

    Customized bias risk assessment template.

    Completed bias risk assessment for selected project.

    Activities

    2.1 Review primer on AI and machine learning (ML).

    2.2 Review primer on human and machine biases.

    2.3 Understand business context and objective for AI in your organization.

    2.4 Discuss selected AI/ML/data science project or use case.

    2.5 Review and modify bias risk assessment.

    2.6 Complete bias risk assessment for selected project.

    Outputs

    Bias risk assessment template customized for your organization.

    Completed bias risk assessment for selected project.

    3 Identify Data Biases

    The Purpose

    Learn about data biases: what they are and where they originate.

    Learn how to address or mitigate data biases.

    Identify data biases in selected project.

    Key Benefits Achieved

    A solid understanding of data biases and how to mitigate them.

    Customized Datasheets for Data Sets Template.

    Completed datasheet for data sets for selected project.

    Activities

    3.1 Review machine learning process.

    3.2 Review examples of data biases and why and how they happen.

    3.3 Identify possible data biases in selected project.

    3.4 Discuss “Datasheets for Datasets” framework.

    3.5 Modify Datasheets for Data Sets Template for your organization.

    3.6 Complete datasheet for data sets for selected project.

    Outputs

    Datasheets for Data Sets Template customized for your organization.

    Completed datasheet for data sets for selected project.

    4 Identify Model Biases

    The Purpose

    Learn about model biases: what they are and where they originate.

    Learn how to address or mitigate model biases.

    Identify model biases in selected project.

    Key Benefits Achieved

    A solid understanding of model biases and how to mitigate them.

    Customized Model Cards for Model Reporting Template.

    Completed model card for selected project.

    Activities

    4.1 Review machine learning process.

    4.2 Review examples of model biases and why and how they happen.

    4.3 Identify potential model biases in selected project.

    4.4 Discuss Model Cards For Model Reporting framework.

    4.5 Modify Model Cards for Model Reporting Template for your organization.

    4.6 Complete model card for selected project.

    Outputs

    Model Cards for Model Reporting Template customized for your organization.

    Completed model card for selected project.

    5 Create Mitigation Plan

    The Purpose

    Review mitigation approach and best practices to control machine bias.

    Create mitigation plan to address machine biases in selected project. Align with enterprise risk management (ERM).

    Key Benefits Achieved

    A solid understanding of the cultural dimension of algorithmic bias prevention and mitigation and best practices.

    Drafted plan to mitigate machine biases in selected project.

    Activities

    5.1 Review and discuss lessons learned.

    5.2 Create mitigation plan to address machine biases in selected project.

    5.3 Review mitigation approach and best practices to control machine bias.

    5.4 Identify gaps and discuss remediation.

    Outputs

    Summary of challenges and recommendations to systematically identify and mitigate machine biases.

    Plan to mitigate machine biases in selected project.

    Data security consultancy

    Data security consultancy

    Based on experience
    Implementable advice
    human-based and people-oriented

    Data security consultancy makes up one of Tymans Group’s areas of expertise as a corporate consultancy firm. We are happy to offer our insights and solutions regarding data security and risk to businesses, both through online and offline channels. Read on and discover how our consultancy company can help you set up practical data security management solutions within your firm.

    How our data security consultancy services can help your company

    Data security management should be an important aspect of your business. As a data security consultancy firm, Tymans Group is happy to assist your small or medium-sized enterprise with setting up clear protocols to keep your data safe. As such, we can advise on various aspects comprising data security management. This ranges from choosing a fit-for-purpose data architecture to introducing IT incident management guidelines. Moreover, we can perform an external IT audit to discover which aspects of your company’s data security are vulnerable and which could be improved upon.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Discover our practical data security management solutions

    Data security is just one aspect with which our consultancy firm can assist your company. Tymans Group offers its extensive expertise in various corporate management domains, such as quality management and risk management. Our solutions all stem from our vast expertise and have proven their effectiveness. Moreover, when you choose to employ our consultancy firm for your data security management, you benefit from a holistic, people-oriented approach.

    Set up an appointment with our experts

    Do you wish to learn more about our data security management solutions and services for your company? We are happy to analyze any issues you may be facing and offer you a practical solution if you contact us for an appointment. You can book a one-hour online talk or elect for an on-site appointment with our experts. Contact us to set up your appointment now.

    Continue reading

    Applications Priorities 2023

    • Buy Link or Shortcode: {j2store}186|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Economic, social, and regulatory conditions have changed livelihoods, businesses, and marketplaces. Modern tools and technologies have acted as lifelines by minimizing operating and delivery costs, and in the process, establishing a strong foundation for growth and maturity.
    • These tools and technologies must meet the top business goals of CXOs: ensure service continuity, improve customer experience, and make data-driven decisions.
    • While today’s business applications are good and well received, there is still room for improvement. The average business application satisfaction score among IT leadership was 72% (n=1582, CIO Business Vision).

    Our Advice

    Critical Insight

    • Applications are critical components in any business strategic plan. They can directly influence an organization’s internal and external brand and reputation, such as their uniqueness, competitiveness and innovativeness in the industry
    • Business leaders are continuously looking for innovative ways to better position their application portfolio to satisfy their goals and objectives, i.e., application priorities. Given the scope and costs often involved, these priorities must be carefully crafted to clearly state achievable business outcomes that satisfies the different needs very different customers, stakeholders, and users.
    • Unfortunately, expectations on your applications team have increased while the gap between how stakeholders and applications teams perceive effectiveness remains wide. This points to a need to clarify the requirements to deliver valuable and quality applications and address the pressures challenging your teams.

    Impact and Result

    Learn and explore the technology and practice initiatives in this report to determine which initiatives should be prioritized in your application strategy and align to your business organizational objectives:

    • Optimize the effectiveness of the IT organization.
    • Boost the productivity of the enterprise.
    • Enable business growth through technology.

    Applications Priorities 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Applications Priorities Report 2023 – A report that introduces and describes five opportunities to prioritize in your 2023 application strategy.

    In this report, we explore five priorities for emerging and leading-edge technologies and practices that can improve on capabilities needed to meet the ambitions of your organization.

    • Applications Priorities 2023 Report

    Infographic

    Further reading

    Applications Priorities 2023

    Applications are the engine of the business: keep them relevant and modern

    What we are facing today is transforming the ways in which we work, live, and relate to one another. Applications teams and portfolios MUST change to meet this reality.

    Economic, social, and regulatory conditions have changed livelihoods, businesses, and marketplaces. Modern tools and technologies have acted as lifelines by minimizing operating and delivery costs, and in the process, establishing a strong foundation for growth and maturity.

    As organizations continue to strengthen business continuity, disaster recovery, and system resilience, activities to simply "keep the lights on" are not enough. Be pragmatic in the prioritization and planning of your applications initiatives, and use your technologies as a foundation for your growth.

    Your applications must meet the top business goals of your CXOs

    • Ensure service continuity
    • Improve customer experience
    • Make data-driven decisions
    • Maximize stakeholder value
    • Manage risk

    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022, n=568.

    Select and align your applications priorities to your business goals and objectives

    Applications are critical components in any business strategic plan. They can directly influence an organization's internal and external brand and reputation, such as their:

    • Uniqueness, competitiveness, and innovativeness in the industry.
    • Ability to be dynamic, flexible, and responsive to changing expectations, business conditions, and technologies.

    Therefore, business leaders are continuously looking for innovative ways to better position their application portfolios to satisfy their goals and objectives, i.e. applications priorities. Given the scope and costs often involved, these priorities must be carefully crafted to clearly state achievable business outcomes that satisfy
    the different needs of very different customers, stakeholders, and users.

    Today's business applications are good but leave room for improvement

    72%
    Average business application satisfaction score among IT leadership in 1582 organizations.

    Source: CIO Business Vision, August 2021 to July 2022, N=190.

    Five Applications Priorities for 2023

    In this report, we explore five priorities for emerging and leading-edge technologies and practices that can improve on capabilities needed to meet the Ambitions of your organization.

    this is an image of the Five Applications Priorities for which will be addressed in this blueprint.

    Strengthen your foundations to better support your applications priorities

    These key capabilities are imperative to the success of your applications strategy.

    KPI and Metrics

    Easily attainable and insightful measurements to gauge the progress of meeting strategic objectives and goals (KPIs), and the performance of individual teams, practices and processes (metrics).

    BUSINESS ALIGNMENT

    Gain an accurate understanding and interpretation of stakeholder, end-user, and customer expectations and priorities. These define the success of business products and services considering the priorities of individual business units and teams.

    EFFICIENT DELIVERY & SUPPORT PRACTICE

    Software delivery and support roles, processes, and tools are collaborative, well equipped and resourced, and optimized to meet changing stakeholder expectations.

    Data Management & Governance

    Ensuring data is continuously reliable and trustworthy. Data structure and integrations are defined, governed, and monitored.

    Product & Service Ownership

    Complete inventory and rationalization of the product and service portfolio, prioritized backlogs, roadmaps, and clear product and service ownership with good governance. This helps ensure this portfolio is optimized to meet its goals and objectives.

    Strengthen your foundations to better support your applications priorities (cont'd)

    These key capabilities are imperative to the success of your applications strategy.

    Organizational Change Management

    Manage the adoption of new and modified processes and technologies considering reputational, human, and operational concerns.

    IT Operational Management

    Continuous monitoring and upkeep of products and services to assure business continuity, and system reliability, robustness and disaster recovery.

    Architectural Framework

    A set of principles and standards that guides the consistent, sustainable and scalable growth of enterprise technologies. Changes to the architecture are made in collaboration with affected parties, such as security and infrastructure.

    Application Security

    The measures, controls, and tactics at the application layer that prevent vulnerabilities against external and internal threats and ensure compliance to industry and regulatory security frameworks and standards.

    There are many factors that can stand in your team's way

    Expectations on your applications team have increased, while the gap between how stakeholders and applications teams perceive effectiveness remains wide. This points to a need to clarify the requirements to deliver valuable and quality applications and address the pressures challenging your teams.

    1. Attracting and retaining talent
    2. Maximizing the return on technology
    3. Confidently shifting to digital
    4. Addressing competing priorities
    5. Fostering a collaborative culture
    6. Creating high-throughput teams

    CIOs agree that at least some improvement is needed across key IT activities

    A bar graph is depicted which shows the proportion of CIOs who believe that some, or significant improvement is necessary for the following categories: Measure IT Project Success; Align IT Budget; Align IT Project Approval Process; Measure Stakeholder Satisfaction With IT; Define and Align IT Strategy; Understand Business Goals

    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022, n=568.

    Pressure Point 1:
    Attracting and Retaining Talent

    Recent environmental pressures impacted traditional working arrangements and showed more workplace flexibility is often possible. At the same time, many employees' expectations about how, when, and where they choose to work have also evolved. Recruitment and retention are reflections of different sides of the same employee value proposition coin. Organizations that fail to reinvent their approach to attracting and retaining talent by focusing on candidate and employee experience risk turnover, vacancies, and lost opportunities that can negatively impact the bottom line.

    Address the underlying challenges

    • Lack of employee empowerment and few opportunities for learning and development.
    • Poor coworker and manager relationships.
    • Compensation and benefits are inadequate to maintain desired quality of life.
    • Unproductive work environment and conflicting balance of work and life.
    • Unsatisfactory employee experience, including lack of employee recognition
      and transparency of organizational change.

    While workplace flexibility comes with many benefits, longer work hours jeopardize wellbeing.
    62% of organizations reported increased working hours, while 80% reported an increase in flexibility.
    Source: McLean & Company, 2022; n=394.

    Be strategic in how you fill and train key IT skills and capabilities

    • Cybersecurity
    • Big Data/Analytics
    • Technical Architecture
    • DevOps
    • Development
    • Cloud

    Source: Harvey Nash Group, 2021; n=2120.

    Pressure Point 2:
    Maximizing the Return of Technology

    Recent environmental pressures impacted traditional working arrangements and showed more workplace flexibility is often possible. At the same time, many employees' expectations about how, when, and where they choose to work have also evolved. Recruitment and retention are reflections of different sides of the same employee value proposition coin. Organizations that fail to reinvent their approach to attracting and retaining talent by focusing on candidate and employee experience risk turnover, vacancies, and lost opportunities that can negatively impact the bottom line.

    Address the underlying challenges

    • Inability to analyze, propose, justify, and communicate modernization solutions in language the stakeholders understand and in a way that shows they clearly support business priorities and KPIs and mitigate risks.
    • Little interest in documenting and rationalizing products and services through business-IT collaboration.
    • Lack of internal knowledge of the system and loss of vendor support.
    • Undefined, siloed product and service ownership and governance, preventing solutions from working together to collectively deliver more value.
    • Little stakeholder appetite to invest in activities beyond "keeping the lights on."

    Only 64% of applications were identified as effective by end users.
    Effective applications are identified as at least highly important and have high feature and usability satisfaction.
    Source: Application Portfolio Assessment, August 2021 to July 2022; N=315.

    "Regardless of the many definitions of modernization floating around, the one characteristic that we should be striving for is to ensure our applications do an outstanding job of supporting the users and the business in the most effective and efficient manner possible."
    Source: looksoftware.

    Pressure Point 3:
    Confidently Shifting to Digital

    "Going digital" reshapes how the business operates and drives value by optimizing how digital and traditional technologies and tactics work together. This shift often presents significant business and technical risks to business processes, enterprise data, applications, and systems which stakeholders and teams are not aware of or prepared to accommodate.

    Address the underlying challenges

    • Differing perspectives on digital can lead to disjointed transformation initiatives, oversold benefits, and a lack of synergy among digital technologies and processes.
    • Organizations have difficulty adapting to new technologies or rethinking current business models, processes, and ways of working because of the potential human, ethical, and reputational impacts and restrictions from legacy systems.
    • Management lacks a framework to evaluate how their organization manages and governs business value delivery.
    • IT is not equipped or resourced to address these rapidly changing business, customer, and technology needs.
    • The wrong tools and technologies were chosen to support the shift to digital.

    The shift to digital processes is starting, but slowly.
    62% of respondents indicated that 1-20% of their processes were digitized during the past year.
    Source: Tech Trends and Priorities 2023; N=500

    Resistance to change and time/budget constraints are top barriers preventing companies from modernizing their applications.
    Source: Konveyor, 2022; n=600.

    Pressure Point 4:
    Addressing Competing Priorities

    Enterprise products and services are not used, operated, or branded in isolation. The various parties involved may have competing priorities, which often leads to disagreements on when certain business and technology changes should be made and how resources, budget, and other assets should be allocated. Without a broader product vision, portfolio vision, and roadmap, the various dependent or related products and services will not deliver the same level of value as if they were managed collectively.

    Address the underlying challenges

    • Undefined product and service ownership and governance, including escalation procedures when consensus cannot be reached.
    • Lack of a unified and grounded set of value and quality definitions, guiding principles, prioritization standards, and broad visibility across portfolios, business capabilities, and business functions.
    • Distrust between business units and IT teams, which leads to the scaling of unmanaged applications and fragmented changes and projects.
    • Decisions are based on opinions and experiences without supporting data.

    55% of CXOs stated some improvement is necessary in activities to understand business goals.
    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

    CXOs are moderately satisfied with IT's performance as a business partner (average score of 69% among all CXOs). This sentiment is similarly felt among CIOs (64%).
    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

    Pressure Point 5:
    Fostering a Collaborative Culture

    Culture impacts business results, including bottom-line revenue and productivity metrics. Leaders appreciate the impact culture can have on applications initiatives and wish to leverage this. How culture translates from an abstract concept to something that is measurable and actionable is not straightforward. Executives need to clarify how the desired culture will help achieve their applications strategy and need to focus on the items that will have the most impact.

    Address the underlying challenges

    • Broad changes do not consider the unique subcultures, personalities, and behaviors of the various teams and individuals in the organization.
    • Leaders mandate cultural changes without alleviating critical barriers and do not embody the principles of the target state.
    • Bureaucracy and politics restrict changes and encourage the status quo.
    • Industry standards, technologies, and frameworks do not support or cannot be tailored to fit the desired culture.
    • Some teams are deliberately excluded from the scoping, planning, and execution of key product and service delivery and management activities.

    Agile does not solve team culture challenges.
    43% of organizations cited organizational culture as a significant barrier to adopting and scaling Agile practices.
    Source: Digital.ai, 2021.

    "Providing a great employee experience" as the second priority (after recruiting) highlights the emphasis organizations are placing on helping employees adjust after having been forced to change the way work gets done.
    Source: McLean & Company, 2022; N=826.

    Use your applications priorities to help address your pressure points

    Success can be dependent on your ability to navigate around or alleviate your pressure points. Design and market your applications priorities to bring attention to your pressure points and position them as key risk factors to their success.

    Applications Priorities
    Digital Experience (DX) Intelligent Automation Proactive Application Management Multisource Systems Digital Organization as a Platform
    Attracting and Retaining Talent Enhance the employee experience Be transparent and support role changes Shift focus from maintenance to innovation Enable business-managed applications Promote and showcase achievements and successes
    Maximizing the Return on Technology Modernize or extend the use of existing investments Automate applications across multiple business functions Improve the reliability of mission-critical applications Enhance the functionality of existing applications Increase visibility of underused applications
    Confidently Shifting to Digital Prioritize DX in your shift to digital Select the capabilities that will benefit most from automation Prepare applications to support digital tools and technologies Use best-of-breed tools to meet specific digital needs Bring all applications up to a common digital standard
    Addressing Competing Priorities Ground your digital vision, goals, and objectives Recognize and evaluate the architectural impact Rationalize the health of the applications Agree on a common philosophy on system composition Map to a holistic platform vision, goals, and objectives
    Fostering a Collaborative Culture Involve all perspectives in defining and delivering DX Involve the end user in the delivery and testing of the automated process Include the technical perspective in the viability of future applications plans Discuss how applications can work together better in an ecosystem Ensure the platform is configured to meet the individual needs of the users
    Creating High-Throughput Teams Establish delivery principles centered on DX Remove manual, error-prone, and mundane tasks Simplify applications to ease delivery and maintenance Alleviate delivery bottlenecks and issues Abstract the enterprise system to expedite delivery

    Digital Experience (DX)

    PRIORITY 1

    • Deliver Valuable User, Customer, Employee, and Brand Experiences

    Delivering valuable digital experiences requires the adoption of good management, governance, and operational practices to accommodate stakeholder, employee, customer, and end-user expectations of digital experiences (e.g. product management, automation, and iterative delivery). Technologies are chosen based on what best enables, delivers, and supports these expectations.

    Introduction

    Digital transformation is not just about new tools and technologies. It is also about delivering a valuable digital experience

    What is digital experience (DX)?

    Digital experience (DX) refers to the interaction between a user and an organization through digital products and services. Digital products and services are tools, systems, devices, and resources that gather, store, and process data; are continuously modernized; and embody eight key attributes that are described on the following slide. DX is broken down into four distinct perspectives*:

    • Customer Experience – The immediate perceptions of transactions and interactions experienced through a customer's journey in the use of the organization's digital
      products and services.
    • End-User Experience – Users' emotions, beliefs, and physical and psychological responses
      that occur before, during, or after interacting with a digital product or service.
    • Brand Experience – The broader perceptions, emotions, thoughts, feelings and actions the public associate with the organization's brand and reputation or its products and services. Brand experience evolves over time as customers continuously engage with the brand.
    • Employee Experience – The satisfaction and experience of an employee through their journey with the organization, from recruitment and hiring to their departure. How an employee embodies and promotes the organization brand and culture can affect their performance, trust, respect, and drive to innovate and optimize.
    Digital Products and Services
    Customer Experience Brand Experience Employee Experience End-User Experience

    Digital products and services have a common set of attributes

    Digital transformation is not just about new tools and technologies. It is also about delivering a valuable digital experience

    • Digital products and services must keep pace with changing business and end-user needs as well as tightly supporting your maturing business model with continuous modernization. Focus your continuous modernization on the key characteristics that drive business value.
    • Fit for purpose: Functionalities are designed and implemented for the purpose of satisfying the end user's needs and solving their problems.
    • User-centric: End users see the product as rewarding, engaging, intuitive, and emotionally satisfying. They want to come back to it.
    • Adaptable: The product can be quickly tailored to meet changing end-user and technology needs with reusable and customizable components.
    • Accessible: The product is available on demand and on the end user's preferred interface.
      End users have a seamless experience across all devices.
    • Private and secured: The end user's activity and data are protected from unauthorized access.
    • Informative and insightful: The product delivers consumable, accurate, and trustworthy real-time data that is important to the end user.
    • Seamless application connection: The product facilitates direct interactions with one or more other products through an uninterrupted user experience.
    • Relationship and network building: The product enables and promotes the connection and interaction of people.

    The Business Value cycle of continuous modernization.

    Signals

    DX is critical for business growth and maturity, but the organization may not be ready

    A good DX has become a key differentiator that gives organizations an advantage over their competition and peers. Shifts in working environments; employee, customer, and stakeholder expectations; and the advancements in modern technologies have raised the importance of adopting and transitioning to digital processes and tools to stay relevant and responsive to changing business and technology conditions.

    Applications teams are critical to ensuring the successful delivery and operation of these digital processes and tools. However, they are often under-resourced and challenged to meet their DX goals.

    • 7% of both business and IT respondents think IT has the resources needed to keep up with digital transformation initiatives and meet deadlines (Cyara, 2021).
    • 43% of respondents said that the core barrier to digital transformation is a lack of skilled resources (Creatio, 2021).
    A circle graph is shown with 91% of the circle coloured in dark blue, with the number 91% in the centre.

    of organizations stated that at least 1% of processes were shifted from being manually completed to digitally completed in the last year. 29% of organizations stated at least 21% were shifted.

    Source: Tech Trends and Priorities 2023; N=500.

    A circle graph is shown with 98% of the circle coloured in dark blue, with the number 98% in the centre.

    of organizations recognized digital transformation is important for competitive advantage. 94% stated it is important to enhance customer experience, and 91% stated it will have a positive impact on revenue.

    Source: Cyara, 2021.

    Drivers

    Brand and reputation

    Customers are swayed by the innovations and advancements in digital technologies and expect your applications team to deliver and support them. Your leaders recognize the importance of these expectations and are integrating them into their business strategy and brand (how the organization presents itself to its customers, employees and the public). They hope that their actions will improve and shape the company's reputation (public perception of the company) as effective, customer-focused, and forward-thinking.

    Worker productivity

    As you evolve and adopt more complex tools and technology, your stakeholders will expect more from business units and IT teams. Unfortunately, teams employing manual processes and legacy systems will struggle to meet these expectations. Digital products and services promote the simplification of complex operations and applications and help the business and your teams better align operational practices with strategic goals and deliver valuable DX.

    Organization modernization

    Legacy processes, systems, and ways of working are no longer suitable for meeting the strategic digital objectives and DX needs stakeholders expect. They drive up operational costs without increased benefits, impede business growth and innovation, and consume scarce budgets that could be used for other priorities. Shifting to digital tools and technologies will bring these challenges to light and demonstrate how modernization is an integral part of DX success.

    Benefits & Risks

    Benefits

    • Flexibility & Satisfaction
    • Adoption
    • Reliability

    Employees and customers can choose how they want to access, modify, and consume digital products and services. They can be tailored to meet the specific functional needs, behaviors, and habits of the end user.

    The customer, end user, brand, and employee drive selection, design, and delivery of digital products and services. Even the most advanced technologies will fail if key roles do not see the value in their use.

    Digital products and services are delivered with technical quality built into them, ensuring they meet the industry, regulatory, and company standards throughout their lifespan and in various conditions.

    Risks

    • Legacy & Lore
    • Bureaucracy & Politics
    • Process Inefficiencies
    • No Quality Standards

    Some stakeholders may not be willing to change due to their familiarity and comfort of business practices.

    Competing and conflicting priorities of strategic products and services undermine digital transformation and broader modernization efforts.

    Business processes are often burdened by wasteful activities. Digital products and services are only as valuable as the processes they support.

    The performance and support of your digital products and services are hampered due to unmanageable technical debt because of a deliberate decision to bypass or omit quality good practices.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Enhance the employee experience.

    Design the digital processes, tools, and technologies to meet the individual needs of the employee.

    Maximizing the Return on Technology

    Modernize or extend the use of existing investments.

    Drive higher adoption of applications and higher user value and productivity by implementing digital capabilities to the applications that will gain the most.

    Confidently Shifting to Digital

    Prioritize DX in your shift to digital. Include DX as part of your definition of success.

    Your products and services are not valuable if users, customers, and employees do not use them.

    Addressing Competing Priorities

    Ground your digital vision, goals, and objectives

    Establish clear ownership of DX and digital products and services with a cross-functional prioritization framework.

    Fostering a Collaborative Culture

    Involve all perspectives in defining and delivering DX.

    Maintain a committee of owners, stakeholders, and delivery teams to ensure consensus and discuss how to address cross-functional opportunities and risks.

    Creating High-Throughput Teams

    Establish delivery principles centered on DX.

    Enforce guiding principles to streamline and simplify DX delivery, such as plug-and-play architecture and quality standards.

    Recommendations

    Build a digital business strategy

    A digital business strategy clearly articulates the goals and ambitions of the business to adopt digital practices, tools, and technologies. This document:

    • Looks for ways to transform the business by identifying what technologies to embrace, what processes to automate, and what new business models to create.
    • Unifies digital possibilities with your customer experiences.
    • Establishes accountability with the executive leadership.
    • States the importance of cross-functional participation from senior management across the organization.

    Related Research:

    Learn, understand, and empathize with your users, employees, and customers

    • To create a better product, solution, or service, understanding those who use it, their needs, and their context is critical.
    • A great experience design practice can help you balance those goals so that they are in harmony with those of your users.
    • IT leaders must find ways to understand the needs of the business and develop empathy on a much deeper level. This empathy is the foundation for a thriving business partnership.

    Related Research:

    Recommendations

    Center product and service delivery decisions and activities on DX and quality

    User, customer, employee, and brand are integral perspectives on the software development lifecycle (SDLC) and the management and governance practices supporting digital products and services. It ensures quality standards and controls are consistently upheld while maintaining alignment with various needs and priorities. The goal is to come to a consensus on a universal definition and approach to embed quality and DX-thinking throughout the delivery process.

    Related Research:

    Instill collaborative delivery practices

    Today's rapidly scaling and increasingly complex digital products and services create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality. This pressure is further compounded by the competing priorities of individual stakeholders and the nuances among different personas of digital products and services.

    A collaborative delivery practice sets the activities, channels, and relationships needed to deliver a valuable and quality product or service with cross-functional awareness, accountability, and agreement.

    Related Research:

    Recommendations

    Continuously monitor and modernize your digital products and services

    Today's modern digital products and services are tomorrow's shelfware. They gradually lose their value, and the supporting technologies will become obsolete. Modernization is a continuous need.

    Data-driven insights help decision makers decide which products and services to retire, upgrade, retrain on, or maintain to meet the demands of the business.

    Enhancements focusing on critical business capabilities strengthen the case for investment and build trust with all stakeholders.

    Related Research:

    CASE STUDY
    Mastercard in Asia

    Focus on the customer journey

    Chief Marketing Officer M.V. Rajamannar (Raja) wanted to change Mastercard's iconic "Priceless" ad campaign (with the slogan "There are some things money can't buy. For everything else there's Mastercard."). The main reasons were that the campaign relied on one-way communication and targeted end customers, even though Mastercard doesn't issue cards directly to customers; partner banks do. To drive the change in campaign, Raja and his team created a digital engine that leveraged digital and social media. Digital engine is a seven-step process based on insights gleaned from data and real-time optimization.

    1. Emotional spark: Using data to understand customers' passion points, Mastercard builds videos and creatives to ignite an emotional spark and give customers a reason to engage. For example, weeks before New Year's Eve, Mastercard produced a video with Hugh Jackman to encourage customers to submit a story about someone who deeply mattered to them. The authors of the winning story would be flown to reunite with those both distant and dear.
    2. Engagement: Mastercard targets the right audience with a spark video through social media to encourage customers to share their stories.
    3. Offers: To help its partner banks and merchants in driving their business, the company identifies the best offers to match consumers' interests. In the above campaign, Mastercard's Asia-Pacific team found that Singapore was a favorite destination for Indian customers, so they partnered with Singapore's Resorts World Sentosa with an attractive offer.
    4. Real-time optimization: Mastercard optimizes, in real time, a portfolio of several offers through A/B testing and other analysis.
    5. Amplification: Real-time testing provides confidence to Mastercard about the potential success of these offers and encourages its bank and merchant partners to co-market and co-fund these campaigns.
    6. Network effects: A few weeks after consumers submitted their stories about distant loved ones, Mastercard selected winners, produced videos of them surprising their friends and families, and used these videos in social media to encourage sharing.
    7. Incremental transactions: These programs translate into incremental business for banks who issue cards, for merchants where customers spend money, and for Mastercard, which gets a portion of every transaction.

    Source: Harvard Business Review Press

    CASE STUDY
    Mastercard in Asia (cont'd)

    Focus on the customer journey

    1. Emotional Spark
      Drives genuine personal stories
    2. Engagement
      Through Facebook
      and social media
    3. Offers
      From merchants
      and Mastercard assets
    4. Optimization
      Real-time testing of offers and themes
    5. Amplification
      Paid and organic programmatic buying
    6. Network Effects
      Sharing and
      mass engagement
    7. Incremental Transactions
      Win-win for all parties

    CASE STUDY
    Mastercard in Asia (cont'd)

    The Mastercard case highlights important lessons on how to engage customers:

    • Have a broad message. Brands need to connect with consumers over how they live and spend their time. Organizations need to go beyond the brand or product message to become more relevant to consumers' lives. Dove soap was very successful in creating a conversation among consumers with its "Real Beauty" campaign, which focused not on the brand or even the product category, but on how women and society view beauty.
    • Shift from storytelling to story making. To break through the clutter of advertising, companies need to move from storytelling to story making. A broader message that is emotionally engaging allows for a two-way conversation.
    • Be consistent with the brand value. The brand needs to stand for something, and the content should be relevant to and consistent with the image of the brand. Pepsi announced an award of $20 million in grants to individuals, businesses, and nonprofits that promote a new idea to make a positive impact on community. A large number of submissions were about social causes that had nothing to do with Pepsi, and some, like reducing obesity, were in conflict with Pepsi's product.
    • Create engagement that drives business. Too much entertainment in ads may engage customers but detract from both communicating the brand message and increasing sales. Simply measuring the number of video views provides only a partial picture of a program's success.

    Intelligent Automation

    PRIORITY 2

    • Extend Automation Practices with AI and ML

    AI and ML are rapidly growing. Organizations see the value of machines intelligently executing high-performance and dynamic tasks such as driving cars and detecting fraud. Senior leaders see AI and ML as opportunities to extend their business process automation investments.

    Introduction

    Intelligent automation is the next step in your business process automation journey

    What is intelligent automation (IA)?

    Intelligent automation (IA) is the combination of traditional automation technologies, such as business process management (BPM) and robotic process automation (RPA), with AI and ML. The goal is to further streamline and scale decision making across various business processes by:

    • Removing human interactions.
    • Addressing decisions that involve complex variables.
    • Automatically adapting processes to changing conditions.
    • Bridging disparate automation technologies into an integrated end-to-end value delivery pipeline.

    "For IA to succeed, employees must be involved in the transformation journey so they can experience firsthand the benefits of a new way of working and creating business value," (Cognizant).

    What is the difference between IA and hyperautomation?

    "Hyperautomation is the act of automating everything in an organization that can be automated. The intent is to streamline processes across an organization using intelligent automation, which includes AI, RPA and other technologies, to run without human intervention. … Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible" (IBM, 2021).

    Note that hyperautomation often enables IA, but teams solely adopting IA do not need to abide to its automation-first principles.

    IA is a combination of various tools and technologies

    What tools and technologies are involved in IA?

    • Artificial intelligence (AI) & Machine Learning (ML) – AI systems perform tasks mimicking human intelligence such as learning from experience and problem solving. AI is making its own decisions without human intervention. Machine learning systems learn from experience and without explicit instructions. They learn patterns from data then analyze and make predictions based on past behavior and the patterns learned. AI is a combination of technologies and can include machine learning.
    • Intelligent Business Process Management System (iBPMS) – Combination of BPM tools with AI and other intelligence capabilities.
    • Robotic Process Automation (RPA) – Robots leveraging an application's UI rather than programmatic access. Automate rules-based, repetitive tasks performed by human workers with AI/ML.
    • Process Mining & Discovery – Process mining involves reading system event logs and application transactions and applying algorithmic analysis to automatically identify and map inferred business processes. Process discovery involves unintrusive virtual agents that sit on a user's desktop and record and monitor how they interact with applications to perform tasks and processes. Algorithms are then used to map and analyze the processes.
    • Intelligent Document Processing – The conversion of physical or unstructured documents into a structured, digital format that can be used in automation solutions. Optical character recognition (OCR) and natural language processing (NPL) are common tools used to enable this capability.
    • Advanced Analytics – The gathering, synthesis, transformation, and delivery of insightful and consumable information that supports data-driven decision making. Data is queried from various disparate sources and can take on a variety of structured and unstructured formats.

    The cycle of IA technologies

    Signals

    Process automation is an executive priority and requires organizational buy-in

    Stakeholders recognize the importance of business process automation and AI and are looking for ways to deliver more value using these technologies.

    • 90% of executives stated automating business workflows post-COVID-19 will ensure business continuity (Kofax, 2022).
    • 88% of executives stated they need to fast-track their end-to-end digital transformation (Kofax, 2022).

    However, the advertised benefits to vendors of enabling these desired automations may not be easily achievable because of:

    • Manual and undocumented business processes.
    • Fragmented and inaccessible systems.
    • Poor data quality, insights, and security.
    • The lack of process governance and management practice.
    A circle graph is shown with 49% of the circle coloured in dark blue, with the number 49% in the centre.

    of CXOs stated staff sufficiency, skill and engagement issues as a minor IT pain point compared to 51% of CIOs stated this issue as a major pain point.

    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

    A circle graph is shown with 36% of the circle coloured in dark blue, with the number 36% in the centre.

    of organizations have already invested in AI or machine learning.

    Source: Tech Trends and Priorities 2023; N=662

    Drivers

    Quality & throughput

    Products and services delivered through an undefined and manual process risk the creation of preventable and catchable defects, security flaws and holes, missing information, and other quality issues. IA solutions consistently reinforce quality standards the same way across all products and services while tailoring outputs to meet an individual's specific needs. Success is dependent on the accurate interpretation and application of quality standards and the user's expectations.

    Worker productivity

    IA removes the tedious, routine, and mundane tasks that distract and restrict employees from doing more valuable, impactful, and cognitively focused activities. Practical insights can also be generated through IA tools that help employees make data-driven decisions, evaluate problems from different angles, and improve the usability and value of the products and services they produce.

    Good process management practices

    Automation magnifies existing inefficiencies of a business process management practice, such as unclear and outdated process documentation and incorrect assumptions. IA reinforces the importance of good business process optimization practices, such as removing waste and inefficiencies in a thoughtful way, choosing the most appropriate automation solution, and configuring the process in the right way to maximize the solution's value.

    Benefits & Risks

    Benefits

    • Documentation
    • Hands-Off
    • Reusability

    All business processes must be mapped and documented to be automated, including business rules, data entities, applications, and control points.

    IA can be configured and orchestrated to automatically execute when certain business, process, or technology conditions are met in an unattended or attended manner.

    IA is applicable in use cases beyond traditional business processes, such as automated testing, quality control, audit, website scraping, integration platform, customer service, and data transfer.

    Risks

    • Data Quality & Bias
    • Ethics
    • Recovery & Security
    • Management

    The accuracy and relevance of the decisions IA makes are dependent on the overall quality of the data
    used to train it.

    Some decisions can have significant reputational, moral, and ethical impacts if made incorrectly.
    The question is whether it is appropriate for a non-human to make that decision.

    IA is composed of technologies that can be compromised or fail. Without the proper monitoring, controls,
    and recovery protocols, impacted IA will generate significant business and IT costs and can potentially harm customers, employees, and the organization.

    Low- and no-code capabilities ease and streamline IA development, which makes it susceptible to becoming unmanageable. Discipline is needed to ensure IA owners are aware of the size and health of the IA portfolio.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Be transparent and support role changes.

    Plan to address the human sentiment with automation (e.g. job security) and the transition of the role to other activities.

    Maximizing the Return on Technology

    Automate applications across multiple business functions.

    Recognize the value opportunities of improving and automating the integration of cross-functional processes.

    Confidently Shifting to Digital

    Maximize the learning of automation fit.

    Select the right capabilities to demonstrate the value of IA while using lessons learned to establish the appropriate support.

    Addressing Competing Priorities

    Recognize automation opportunities with capability maps.

    Use a capability diagram to align strategic IA objectives with tactical and technical IA initiatives.

    Fostering a Collaborative Culture

    Involve the user in the delivery process.

    Maximize automation adoption by ensuring the user finds value in its use before deployment.

    Creating High-Throughput Teams

    Remove manual, error-prone, and mundane tasks.

    Look for ways to improve team throughput by removing wasteful activities, enforcing quality, and automating away tasks driving down productivity.

    Recommendations

    Build your business process automation playbook and practice

    Formalize your business process automation practice with a good toolkit and a repeatable set of tactics and techniques.

    • Clarify the problem being solved with IA.
    • Optimate your processes. Apply good practices to first optimize (opti-) and then automate (-mate) key business processes.
    • Deliver minimum viable automations (MVAs). Maximize the learning of automation solutions and business operational changes through small, strategic automation use cases.

    Related Research:

    Explore the various IA tooling options

    Each IA tool will address a different problem. Which tool to choose is dependent on a variety of factors, such as functional suitability, technology suitability, delivery and support capabilities, alignment to strategic business goals, and the value it is designed to deliver.

    Related Research:

    Recommendations

    Introduce AI and ML thoughtfully and with a plan

    Despite the many promises of AI, organizations are struggling to fully realize its potential. The reasons boil down to a lack of understanding of when these technologies should and shouldn't be used, as well as a fear of the unknown. The plan to adopt AI should include:

    • Understanding of what AI really means in practice.
    • Identifying specific applications of AI in the business.
    • Understanding the type of AI applicable for the situation.

    Related Research:

    Mitigate AI and ML bias

    Biases can be introduced into an IA system at any stage of the development process, from the data you collect, to the way you collect it, to which algorithms are used and what assumptions were made. In most cases, AI and ML bias is a is a social, political, and business problem.

    While bias may not be intentional nor completely prevented or eliminated, early detection, good design, and other proactive preventative steps can be taken to minimize its scope and impact.

    Related Research:

    CASE STUDY
    University Hospitals

    Challenge

    University Hospitals Cleveland (UH) faces the same challenge that every major hospital confronts regarding how to deliver increasingly complex, high-quality healthcare to a diverse population efficiently and economically. In 2017, UH embarked on a value improvement program aiming to improve quality while saving $400 million over a five-year period.

    In emergency department (ED) and inpatient units, leaders found anticipating demand difficult, and consequently units were often over-staffed when demand was low and under-staffed when demand was high. Hospital leaders were uncertain about how to reallocate resources based on capacity needs.

    Solution

    UH turned to Hospital IQ's Census Solution to proactively manage capacity, staff, and flow in the ED and inpatient areas.

    By applying AI, ML, and external data (e.g. weather forecasts) to the hospital's own data (including EMR data and hospital policies), the solution helped UH make two-day census forecasts that managers used to determine whether to open or close in-patient beds and, when necessary, divert low-acuity patients to other hospitals in the system to handle predicted patient volume.

    Source: University Hospitals

    Results

    ED boarding hours have declined by 10% and the hospital has seen a 50% reduction in the number of patients who leave the hospital without
    being seen.

    UH also predicts in advance patients ready for discharge and identifies roadblocks, reducing the average length of stay by 15%. UH is able to better manage staff, reducing overtime and cutting overall labor costs.

    The hospital has also increased staff satisfaction and improved patient safety by closing specific units on weekends and increasing the number of rooms that can be sterilized.

    Proactive Application Management

    PRIORITY 3

    • Strengthen Applications to Prevent and Minimize the Impact of Future Issues

    Application management is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on application management when it becomes a problem. The lack of governance and practice accountability leaves this practice in a chaotic state: politics take over, resources are not strategically allocated, and customers are frustrated. As a result, application management is often reactive and brushed aside for new development.

    Introduction

    What is application management?

    Application management ensures valuable software is successfully delivered and is maintained for continuous and sustainable business operations. It contains a repeatable set of activities needed to rationalize and roadmap products and services while balancing priorities of new features and maintenance tasks.

    Unfortunately, application management is commonly perceived as a practice that solely addresses issues, updates, and incidents. However, application management teams are also tasked with new value delivery that was not part of the original release.

    Why is an effective application maintenance (reactive) practice not good enough?

    Application maintenance is the "process of modifying a software system or its components after delivery to correct faults, improve performance or other attributes, or adapt to a changed environment or business process," (IEEE, 1998). While it is critical to quickly fix defects and issues when they occur, reactively addressing them is more expensive than discovering them early and employing the practices to prevent them.

    Even if an application is working well, its framework, architecture, and technology may not be compatible with the possible upcoming changes stakeholders and vendors may want to undertake. Applications may not be problems now, but they soon can be.

    What motivates proactive application changes?

    This image shows the motivations for proactive application changes, sorted by external and internal sources.

    Proactive application management must be disciplined and applied strategically

    Proactive application management practices are critical to maintaining business continuity. They require continuous review and modification so that applications are resilient and can address current and future scenarios. Depending on the value of the application, its criticality to business operations, and its susceptibility to technology change, a more proactive management approach may be warranted. Stakeholders can then better manage resources and budget according to the needs of specific products.

    Reactive Management

    Run-to-Failure

    Fix and enhance the product when it breaks. In most cases, a plan is in place ahead of a failure, so that the problem can be addressed without significant disruption and costs.

    Preventive

    Regularly inspect and optimize the product to reduce the likelihood that it will fail in the future. Schedule inspections based on a specific timeframe or usage threshold.

    Predictive

    Predict failures before they happen using performance and usage data to alert teams when products are at risk of failure according to specified conditions.

    Reliability and Risk Based

    Analyze all possible failure scenarios for each component of the product and create tailored delivery plans to improve the stability, reliability, and value of each product.

    Proactive Management

    Signals

    Applications begin to degrade as soon as they are used

    Today's applications are tomorrow's shelfware. They gradually lose their value, stability, robustness, and compatibility with other enterprise technologies. The longer these applications are left unattended or simply "keeping the lights on," the more risks they will bring to the application portfolio, such as:

    • Discovery and exploitation of security flaws and gaps.
    • Increasing the lock-in to specific vendor technologies.
    • Inconsistent application performance across various workloads.

    These impacts are further compounded by the continuous work done on a system burdened with technical debt. Technical debt describes the result of avoided costs that, over time, cause ongoing business impacts. Left unaddressed, technical debt can become an existential threat that risks your organization's ability to effectively compete and serve its customers. Unfortunately, most organizations have a significant, growing, unmanageable technical debt portfolio.

    A circle graph is shown with 60% of the circle coloured in dark green, with the number 60% in the centre.

    of respondents stated they saw an increase in perceived change in technical debt during the past three years. A quarter of respondents indicated that it stayed the same.

    Source: McKinsey Digital, 2020.

    US
    $4.35
    Million

    is the average cost of a data breach in 2022. This figure represents a 2.6% increase from last year. The average cost has climbed 12.7% since 2020.

    Source: IBM, 2022; N=537.

    Drivers

    Technical debt

    Historical decisions to meet business demands by deferring key quality, architectural, or other software delivery activities often lead to inefficient and incomplete code, fragile legacy systems, broken processes, data quality problems, and the other contributors to technical debt. The impacts for this challenge is further heightened if organizations are not actively refactoring and updating their applications behind the scenes. Proactive application management is intended to raise awareness of application fragility and prioritize comprehensive refactoring activities alongside new feature development.

    Long-term application value

    Applications are designed, developed, and tested against a specific set of parameters which may become less relevant over time as the business matures, technology changes, and user behaviors and interactions shift. Continuous monitoring of the application system, regular stakeholder and user feedback, and active technology trend research and vendor engagement will reveal tasks to prepare an application for future value opportunities or stability and resilience concerns.

    Security and resiliency

    Innovative approaches to infiltrating and compromising applications are becoming prevailing stakeholder concerns. The loopholes and gaps in existing application security protocols, control points, and end-user training are exploited to gain the trust of unsuspecting users and systems. Proactive application management enforces continuous security reviews to determine whether applications are at risk. The goal is to prevent an incident from happening by hardening or complementing measures already in place.

    Benefits & Risks

    Benefits

    • Consistent Performance
    • Robustness
    • Operating Costs

    Users expect the same level of performance and experience from their applications in all scenarios. A proactive approach ensures the configurations meet the current needs of users and dependent technologies.

    Proactively managed applications are resilient to the latest security concerns and upcoming trends.

    Continuous improvements to the underlying architecture, codebase, and interfaces can minimize the cost to maintain and operate the application, such as the transition to a loosely coupled architecture and the standardization of REST APIs.

    Risks

    • Stakeholder Buy-In
    • Delayed Feature Releases
    • Team Capacity
    • Discipline

    Stakeholders may not see the association between the application's value and its technical quality.

    Updates and enhancements are system changes much like any application function. Depending
    on the priority of these changes, new functions may be pushed off to a future release cycle.

    Applications teams require dedicated capacity to proactively manage applications, but they are often occupied meeting other stakeholder demands.

    Overinvesting in certain application management activities (such as refactoring, re-architecture, and redesign) can create more challenges. Knowing how much to do is important.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Shift focus from maintenance to innovation.

    Work on the most pressing and critical requests first, with a prioritization framework reflecting cross-functional priorities.

    Maximizing the Return on Technology

    Improve the reliability of mission-critical applications.

    Regularly verify and validate applications are up to date with the latest patches and fixes and comply with industry good practices and regulations.

    Confidently Shifting to Digital

    Prepare applications to support digital tools and technologies.

    Focus enhancements on the key components required to support the integration, performance, and security needs of digital.

    Addressing Competing Priorities

    Rationalize the health of the applications.

    Use data-driven, compelling insights to justify the direction and prioritization of applications initiatives.

    Fostering a Collaborative Culture

    Include the technical perspective in the viability of future applications plans.

    Demonstrate how poorly maintained applications impede the team's ability to deliver confidently and quickly.

    Creating High-Throughput Teams

    Simplify applications to ease delivery and maintenance.

    Refactor away application complexities and align the application portfolio to a common quality standard to reduce the effort to deliver and test changes.

    Recommendations

    Reinforce your application maintenance practice

    Maintenance is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on maintenance when it becomes a problem.

    • Justify the necessity of streamlined maintenance.
    • Strengthen triaging and prioritization practices.
    • Establish and govern a repeatable process.

    Ensure product issues, incidents, defects, and change requests are promptly handled to minimize business and IT risks.

    Related Research:

    Build an application management practice

    Apply the appropriate management approaches to maintain business continuity and balance priorities and commitments among maintenance and new development requests.

    This practice serves as the foundation for creating exceptional customer experience by emphasizing cross-functional accountability for business value and product and service quality.

    Related Research:

    Recommendations

    Manage your technical debt

    Technical debt is a type of technical risk, which in turn is business risk. It's up to the business to decide whether to accept technical debt or mitigate it. Create a compelling argument to stakeholders as to why technical debt should be a business priority rather than just an IT one.

    • Define and identify your technical debt.
    • Conduct a business impact analysis.
    • Identify opportunities to better manage technical debt.

    Related Research:

    Gauge your application's health

    Application portfolio management is nearly impossible to perform without an honest and thorough understanding of your portfolio's alignment to business capabilities, business value, total cost of ownership, end-user reception and satisfaction, and technical health.

    Develop data-driven insights to help you decide which applications to retire, upgrade, retrain on, or maintain to meet the demands of the business.

    Related Research:

    Recommendations

    Adopt site reliability engineering (SRE) and DevOps practices

    Site reliability engineering (SRE) is an operational model for running online services more reliably by a team of dedicated reliability-focused engineers.

    DevOps, an operational philosophy promoting development and operations collaboration, can bring the critical insights to make application management practices through SRE more valuable.

    Related Research:

    CASE STUDY
    Government Agency

    Goal

    A government agency needed to implement a disciplined, sustainable application delivery, planning, and management process so their product delivery team could deliver features and changes faster with higher quality. The goal was to ensure change requests, fixes, and new features would relieve requester frustrations, reduce regression issues, and allow work to be done on agreeable and achievable priorities organization-wide. The new model needed to increase practice efficiency and visibility in order to better manage technical debt and focus on value-added solutions.

    Solution

    This organization recognized a number of key challenges that were inhibiting its team's ability to meet its goals:

    • The product backlog had become too long and unmanageable.
    • Delivery resources were not properly allocated to meet the skills and capabilities needed to successfully meet commitments.
    • Quality wasn't defined or enforced, which generated mounting technical debt.
    • There was a lack of clear metrics and defined roles and responsibilities.
    • The business had unrealistic and unachievable expectations.

    Source: Info-Tech Workshop

    Key practices implemented

    • Schedule quarterly business satisfaction surveys.
    • Structure and facilitate regular change advisory board meetings.
    • Define and enforce product quality standards.
    • Standardize a streamlined process with defined roles.
    • Configure management tools to better handle requests.

    Multisource Systems

    PRIORITY 4

    • Manage an Ecosystem Composed of In-House and Outsourced Systems

    Various market and company factors are motivating a review on resource and system sourcing strategies. The right sourcing model provides key skills, resources, and capabilities to meet innovation, time to market, financial, and quality goals of the business. However, organizations struggle with how best to support sourcing partners and to allocate the right number of resources to maximize success.

    Introduction

    A multisource system is an ecosystem of integrated internally and externally developed applications, data, and infrastructure. These technologies can be custom developed, heavily configured vendor solutions, or they may be commercial off-the-shelf (COTS) solutions. These systems can also be developed, supported, and managed by internal staff, in partnership with outsourced contractors, or be completely outsourced. Multisource systems should be configured and orchestrated in a way that maximizes the delivery of specific value drivers for the targeted audience.

    Successfully selecting a sourcing approach is not a simple RFP exercise to choose the lowest cost

    Defining and executing a sourcing approach can be a significant investment and risk because of the close interactions third-party services and partners will have with internal staff, enterprise applications and business capabilities. A careful selection and design is necessary.

    The selection of a sourcing partner is not simple. It involves the detailed inspection and examination of different candidates and matching their fit to the broader vision of the multisource system. In cases where control is critical, technology stack and resource sourcing consolidation to a few vendors and partners is preferred. In other cases, where worker productivity and system flexibility are highly prioritized, a plug-and-play best-of-breed approach is preferred.

    Typical factors involved in sourcing decisions.

    Sourcing needs to be driven by your department and system strategies

    How does the department want to be perceived?

    The image that your applications department and teams want to reflect is frequently dependent on the applications they deliver and support, the resources they are composed of, and the capabilities they provide.

    Therefore, choosing the right sourcing approach should be driven by understanding who the teams are and want to be (e.g. internal builder, an integrator, a plug-in player), what they can or want to do (e.g. custom-develop or implement), and what they can deliver or support (e.g. cloud or on-premises) must be established.

    What value is the system delivering?

    Well-integrated systems are the lifeblood of your organization. They provide the capabilities needed to deliver value to customers, employees, and stakeholders. However, underlying system components may not be sourced under a unified strategy, which can lead to duplicate vendor services and high operational costs.

    The right sourcing approach ensures your partners address key capabilities in your system's delivery and support, and that they are positioned to maximize the value of critical and high-impact components.

    Signals

    Business demand may outpace what vendors can support or offer

    Outsourcing and shifting to a buy-over-build applications strategy are common quick fixes to dealing with capacity and skills gaps. However, these quick fixes often become long-term implementations that are not accounted for in the sourcing selection process. Current application and resource sourcing strategies must be reviewed to ensure that vendor arrangements meet the current and upcoming demands and challenges of the business, customers, and enterprise technologies, such as:

    • Pressure from stakeholders to lower operating costs while maintaining or increasing quality and throughput.
    • Technology lock-in that addresses short-term needs but inhibits long-term growth and maturity.
    • Team capacity and talent acquisition not meeting the needs of the business.
    A circle graph is shown with 42% of the circle coloured in dark brown, with the number 42% in the centre.

    of respondents stated they outsourced software development fully or partly in the last 12 months (2021).

    Source: Coding Sans, 2021.

    A circle graph is shown with 65% of the circle coloured in dark brown, with the number 65% in the centre.

    of respondents stated they were at least somewhat satisfied with the result of outsourcing software development.

    Source: Coding Sans, 2021.

    Drivers

    Business-managed applications

    Employees are implementing and building applications without consulting, notifying, or heeding the advice of IT. IT is often ill-equipped and under-resourced to fight against shadow IT. Instead, organizations are shifting the mindset of "fight shadow IT" to "embrace business-managed applications," using good practices in managing multisource systems. A multisource approach strikes the right balance between user empowerment and centralized control with the solutions and architecture that can best enable it.

    Unique problems to solve

    Point solutions offer features to address unique use cases in uncommon technology environments. However, point solutions are often deployed in siloes with limited integration or overlap with other solutions. The right sourcing strategy accommodates the fragmented nature of point solutions into a broader enterprise system strategy, whether that be:

    • Multisource best of breed – integrate various technologies that provide subsets of the features needed for supporting business functions.
    • Multisource custom – integrate systems built in-house with technologies developed by external organizations.
    • Vendor add-ons and integrations – enhance an existing vendor's offering by using their system add-ons as upgrades, new add-ons, or integrations.

    Vendor services

    Some vendor services in a multisource environment may be redundant, conflicting, or incompatible. Given that multisource systems are regularly changing, it is difficult to identify what services are affected, what would be needed to fill the gap of the removed solution, or which redundant services should be removed.

    A multisource approach motivates the continuous rationalization of your vendor services and partners to determine the right mixture of in-house and outsourced resources, capabilities, and technologies.

    Benefits & Risks

    Benefits

    • Business-Focused Solution
    • Flexibility
    • Cost Optimization

    Multisource systems can be designed to support an employee's ability to select the tools they want and need.

    The environment is architected in a loosely coupled approach to allow applications to be easily added, removed, and modified with minimized impact to other integrated applications.

    Rather than investing in large solutions upfront, applications are adopted when they are needed and are removed when little value is gained. Disciplined application portfolio management is necessary to see the full value of this benefit.

    Risks

    • Manageable Sprawl
    • Policy Adherence
    • Integration & Compatibility

    The increased number and diversity of applications in multisource system environments can overwhelm system managers who do not have an effective application portfolio management practice.

    Fragmented application implementations risk inconsistent adherence to security and other quality policies, especially in situations where IT is not involved.

    Application integration can quickly become tangled, untraceable, and unmanageable because of varying team and vendor preferences for specific integration technologies and techniques.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Enable business-managed applications.

    Create the integrations to enable the easy connection of desired tools to enterprise systems with the appropriate guardrails.

    Maximizing the Return on Technology

    Enhance the functionality of existing applications.

    Complement current application capability gaps with data, features, and services from third-party applications.

    Confidently Shifting to Digital

    Use best-of-breed tools to meet specific digital needs.

    Select the best tools to meet the unique and special functional needs of the digital vision.

    Addressing Competing Priorities

    Agree on a common philosophy on system composition.

    Establish an owner of the multisource system to guide how the system should mature as the organization grows.

    Fostering a Collaborative Culture

    Discuss how applications can work together better in an ecosystem.

    Build committees to discuss how applications can better support each other and drive more value.

    Creating High-Throughput Teams

    Alleviate delivery bottlenecks and issues.

    Leverage third-party sources to fill skills and capacity gaps until a long-term solution can be implemented.

    Recommendations

    Define the goals of your applications department and product vision

    Understanding the applications team's purpose and image is critical in determining how the system they are managing and the skills and capacities they need should be sourced.

    Changing and conflicting definitions of value and goals make it challenging to convey an agreeable strategy of the multisource system. An achievable vision and practical tactics ensure all parties in the multisource system are moving in the same direction.

    Related Research:

    Develop a sourcing partner strategy

    Almost half of all sourcing initiatives do not realize projected savings, and the biggest reason is the choice of partner (Zhang et al., 2018). Making the wrong choice means inferior products, higher costs and the loss of both clients and reputation.

    Choosing the right sourcing partner involves understanding current skills and capacities, finding the right matching partner based on a desired profile, and managing a good working relationship that sees short-term gains and supports long-term goals.

    Related Research:

    Recommendations

    Strengthen enterprise integration practices

    Integration strategies that are focused solely on technology are likely to complicate rather than simplify because little consideration is given on how other systems and processes will be impacted. Enterprise integration needs to bring together business process, applications, and data – in that order.

    Kick-start the process of identifying opportunities for improvement by mapping how applications and data are coordinated to support business activities.

    Related Research:

    Manage your solution architecture and application portfolio

    Haphazardly implementing and integrating applications can generate significant security, performance, and data risks. A well-thought-through solution architecture is essential in laying the architecture quality principles and roadmap on how the multisource system can grow and evolve in a sustainable and maintainable way.

    Good application portfolio management complements the solution architecture as it indicates when low-value and unused applications should be removed to reduce system complexity.

    Related Research:

    Recommendations

    Embrace business-managed applications

    Multisource systems bring a unique opportunity to support the business and end users' desire to implement and develop their own applications. However, traditional models of managing applications may not accommodate the specific IT governance and management practices required to operate business-managed applications:

    • A collaborative and trusting business-IT relationship is key.
    • The role of IT must be reimagined.
    • Business must be accountable for its decisions.

    Related Research:

    CASE STUDY
    Cognizant

    Situation

    • Strives to be primarily an industry-aligned organization that delivers multiple service lines in multiple geographies.
    • Cognizant seeks to carefully consider client culture to create a one-team environment.
    • Value proposition is a consultative approach bringing thought leadership and mutually adding value to the relationship vs. the more traditional order-taker development partner.
    • Wants to share in solution development to facilitate shared successes. Geographic alignment drives knowledge of the client and their challenges, not just about time zone and supportability.
    • Offers one of the largest offshore capabilities in the world, supported by local and nearshore resources to drive local knowledge.
    • Today's clients don't typically want a black box, they are sophisticated and want transparency around the process and solution, to have a partner.
    • Clients do want to know where the work is being delivered from, how it's being done.

    Source: interview with Jay MacIsaac, Cognizant.

    Approach

    • Best relationship comes where teams operate as one.
    • Clients are seeking value, not a development black box.
    • Clients want to have a partner they can engage with, not just an order taker.
    • Want to build a one-team culture with shared goals and deliver business value.
    • Seek a partner that will add to their thinking not echo it.

    Results

    • Cognizant is continuing to deliver double-digit growth and continues to strive for top quartile performance.
    • Growth in the client base has seen the company grow to over 340,000 associates worldwide.

    Digital Organization as a Platform

    PRIORITY 5

    • Create a Common Digital Interface to Access All Products and Services

    A digital platform enables organizations to leverage a flexible, reliable, and scalable foundation to create a valuable DX, ease delivery and management efforts, maximize existing investments, and motivate the broader shift to digital. This approach provides a standard to architect, integrate, configure, and modernize the applications that compose the platform.

    Introduction

    What is digital organization as a platform (DOaaP)?

    Digital organization as a platform (DOaaP) is a collection of integrated digital services, products, applications, and infrastructure that is used as a vehicle to meet and exceed an organization's digital strategies. It often serves as an accessible "place for exchanges of information, goods, or services to occur between producers and consumers as well as the community that interacts
    with said platform" (Watts, 2020).

    DOaaP involves a strategy that paves the way for organizations to be digital. It helps organizations use their assets (e.g. data, processes, products, services) in the most effective ways and become more open to cooperative delivery, usage, and management. This opens opportunities for innovation and cross-department collaborations.

    How is DOaaP described?

    1. Open and Collaborative
      • Open organization: open data, open APIs, transparency, and user participation.
      • Collaboration, co-creation, crowdsourcing, and innovation
    2. Accessible and Connected
      • Digital inclusion
      • Channel ubiquity
      • Integrity and interoperability
      • Digital marketplace
    3. Digital and Programmable
      • Digital identity
      • Policies and processes as code
      • Digital products and services
      • Enabling digital platforms

    Digital organizations follow a common set of principles and practices

    Customer-centricity

    Digital organizations are driven by customer focus, meeting and exceeding customer expectations. It must design its services with a "digital first" principle, providing access through every expected channel and including seamless integration and interoperability with various departments, partners, and third-party services. It also means creating trust in its ability to provide secure services and to keep privacy and ethics as core pillars.

    Leadership, management, and strategies

    Digital leadership brings customer focus to the enterprise and its structures and organizes efficient networks and ecosystems. Accomplishing this means getting rid of silos and a siloed mentality and aligning on a digital vision to design policies and services that are efficient, cost-effective, and provide maximum benefit to the user. Asset sharing, co-creation, and being open and transparent become cornerstones of a digital organization.

    Infrastructure

    Providing digital services across demographics and geographies requires infrastructure, and that in turn requires long-term vision, smart investments, and partnerships with various source partners to create the necessary foundational infrastructure upon which to build digital services.

    Digitization and automation

    Automation and digitization of processes and services, as well as creating digital-first products, lead to increased efficiency and reach of the organization across demographics and geographies. Moreover, by taking a digital-first approach, digital organizations future-proof their services and demonstrate their commitment to stakeholders.

    Enabling platforms

    DOaaP embraces open standards, designing and developing organizational platforms and ecosystems with a cloud-first mindset and sound API strategies. Developer experience must also take center stage, providing the necessary tools and embracing Agile and DevOps practices and culture become prerequisites. Cybersecurity and privacy are central to the digital platform; hence they must be part of the design and development principles and practices.

    Signals

    The business expects support for digital products and services

    Digital transformation continues to be a high-priority initiative for many organizations, and they see DOaaP as an effective way to enable and exploit digital capabilities. However, DOaaP unleashes new strategies, opportunities, and challenges that are elusive or unfamiliar to business leaders. Barriers in current business operating models may limit DOaaP success, such as:

    • Department and functional silos
    • Dispersed, fragmented and poor-quality data
    • Ill-equipped and under-skilled resources to support DOaaP adoption
    • System fragmentation and redundancies
    • Inconsistent integration tactics employed across systems
    • Disjointed user experience leading to low engagement and adoption

    DOaaP is not just about technology, and it is not the sole responsibility of either IT or business. It is the collective responsibility of the organization.

    A circle graph is shown with 47% of the circle coloured in dark blue, with the number 47% in the centre.

    of organizations plan to unlock new value through digital. 50% of organizations are planning major transformation over the next three years.

    Source: Nash Squared, 2022.

    A circle graph is shown with 70% of the circle coloured in dark blue, with the number 70% in the centre.

    of organizations are undertaking digital expansion projects focused on scaling their business with technology. This result is up from 57% in 2021.

    Source: F5 Inc, 2022.

    Drivers

    Unified brand and experience

    Users should have the same experience and perception of a brand no matter what product or service they use. However, fragmented implementation of digital technologies and inconsistent application of design standards makes it difficult to meet this expectation. DOaaP embraces a single design and DX standard for all digital products and services, which creates a consistent perception of your organization's brand and reputation irrespective of what products and services are being used and how they are accessed.

    Accessibility

    Rapid advancement of end-user devices and changes to end-user behaviors and expectations often outpace an organization's ability to meet these requirements. This can make certain organization products and services difficult to find, access and leverage. DOaaP creates an intuitive and searchable interface to all products and services and enables the strategic combination of technologies to collectively deliver more value.

    Justification for modernization

    Many opportunities are left off the table when legacy systems are abstracted away rather than modernized. However, legacy systems may not justify the investment in modernization because their individual value is outweighed by the cost. A DOaaP initiative motivates decision makers to look at the entire system (i.e. modern and legacy) to determine which components need to be brought up to a minimum digital state. The conversation has now changed. Legacy systems should be modernized to increase the collective benefit of the entire DOaaP.

    Benefits & Risks

    Benefits

    • Look & Feel
    • User Adoption
    • Shift to Digital

    A single, modern, customizable interface enables a common look and feel no matter what and how the platform is being accessed.

    Organizations can motivate and encourage the adoption and use of all products and services through the platform and increase the adoption of underused technologies.

    DOaaP motivates and supports the modernization of data, processes, and systems to meet the goals and objectives outlined in the broader digital transformation strategy.

    Risks

    • Data Quality
    • System Stability
    • Ability to Modernize
    • Business Model Change

    Each system may have a different definition of commonly used entities (e.g. customer), which can cause data quality issues when information is shared among these systems.

    DOaaP can stress the performance of underlying systems due to the limitations of some systems to handle increased traffic.

    Some systems cannot be modernized due to cost constraints, business continuity risks, vendor lock-in, legacy and lore, or other blocking factors.

    Limited appetite to make the necessary changes to business operations in order to maximize the value of DOaaP technologies.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent Promote and showcase achievements and successes. Share the valuable and innovative work of your teams across the organization and with the public.
    Maximizing the Return on Technology Increase visibility of underused applications. Promote the adoption and use of all products and services through the platform and use the lessons learned to justify removal, updates or modernizations.
    Confidently Shifting to Digital Bring all applications up to a common digital standard. Define the baseline digital state all applications, data, and processes must be in to maximize the value of the platform.
    Addressing Competing Priorities Map to a holistic platform vision, goals and objectives. Work with relevant stakeholders, teams and end users to agree on a common directive considering all impacted perspectives.
    Fostering a Collaborative Culture Ensure the platform is configured to meet the individual needs of the users. Tailor the interface and capabilities of the platform to address users' functional and personal concerns.
    Creating High-Throughput Teams Abstract the enterprise system to expedite delivery. Use the platform to standardize application system access to simplify platform changes and quicken development and testing.

    Recommendations

    Define your platform vision

    Organizations realize that a digital model is the way to provide more effective services to their customers and end users in a cost-effective, innovative, and engaging fashion. DOaaP is a way to help support this transition.

    However, various platform stakeholders will have different interpretations of and preferences for what this platform is intended to solve, what benefits it is supposed to deliver, and what capabilities it will deliver. A grounded vision is imperative to steer the roadmap and initiatives.

    Related Research:

    Assess and modernize your applications

    Certain applications may not sufficiently support the compatibility, flexibility, and efficiency requirements of DOaaP. While workaround technologies and tactics can be employed to overcome these application challenges, the full value of the DOaaP may not be realized.

    Reviewing the current state of the application portfolio will indicate the functional and value limitations of what DOaaP can provide and an indication of the scope of investment needed to bring applications up to a minimum state.

    Related Research:

    Recommendations

    Understand and evaluate end-user needs

    Technology has reached a point where it's no longer difficult for teams to build functional and valuable digital platforms. Rather, the difficulty lies in creating an interface and platform that people want to use and use frequently.

    While it is important to increase the access and promotion of all products and services, orchestrating and configuring them in a way to deliver a satisfying experience is even more important. Applications teams must first learn about and empathize with the needs of end users.

    Related Research:

    Architect your platform

    Formalizing and constructing DOaaP just for the sake of doing so often results in an initiative that is lengthy and costly and ends up being considered a failure.

    The build and optimization of the platform must be predicated on a thorough understanding of the DOaaP's goals, objectives, and priorities and the business capabilities and process they are meant to support and enable. The appropriate architecture and delivery practices can then be defined and employed.

    Related Research:

    CASE STUDY
    e-Estonia

    Situation

    The digital strategy of Estonia resulted in e-Estonia, with the vision of "creating a society with more transparency, trust, and efficiency." Estonia has addressed the challenge by creating structures, organizations, and a culture of innovation, and then using the speed and efficiency of digital infrastructure, apps, and services. This strategy can reduce or eliminate bureaucracy through transparency and automation.

    Estonia embarked on its journey to making digital a priority in 1994-1996, focusing on a committed investment in infrastructure and digital literacy. With that infrastructure in place, they started providing digital services like an e-banking service (1996), e-tax and mobile parking (2002), and then went full steam ahead with a digital information interoperability platform in 2001, digital identity in 2002, e-health in 2008, and e-prescription in 2010. The government is now strategizing for AI.

    Results

    This image contains the results of the e-Estonia case study results

    Source: e-Estonia

    Practices employed

    The e-Estonia digital government model serves as a reference for governments across the world; this is acknowledged by the various awards it has received, like #2 in "internet freedom," awarded by Freedom House in 2019; #1 on the "digital health index," awarded by the Bertelsmann Foundation in 2019; and #1 on "start-up friendliness," awarded by Index Venture in 2018.

    References

    "15th State of Agile Report." Digital.ai, 2021. Web.
    "2022 HR Trends Report." McLean & Company, 2022.
    "2022: State of Application Strategy Report." F5 Inc, 2022.
    "Are Executives Wearing Rose-Colored Glasses Around Digital Transformation?" Cyara, 2021. Web.
    "Cost of a Data Breach Report 2022." IBM, 2022. Web.
    Dalal, Vishal, et al. "Tech Debt: Reclaiming Tech Equity." McKinsey Digital, Oct. 2020. Web.
    "Differentiating Between Intelligent Automation and Hyperautomation." IBM, 15 October 2021. Web.
    "Digital Leadership Report 2021." Harvey Nash Group, 2021.
    "Digital Leadership Report 2022: The State of Digital." Nash Squared, 2022. Web.
    Gupta, Sunil. "Driving Digital Strategy: A Guide to Reimagining Your Business." Harvard Business Review Press, 2018. Web.
    Haff, Gordon. "State of Application Modernization Report 2022." Konveyor, 2022. Web.
    "IEEE Standard for Software Maintenance: IEEE Std 1219-1998." IEEE Standard for Software Maintenance, 1998. Accessed Dec. 2015.
    "Intelligent Automation." Cognizant, n.d. Web.
    "Kofax 2022: Intelligent Automation Benchmark Study". Kofax, 2021. Web.
    McCann, Leah. "Barco's Virtual Classroom at UCL: A Case Study for the Future of All University Classrooms?" rAVe, 2 July 2020, Web.
    "Proactive Staffing and Patient Prioritization to Decompress ED and Reduce Length of Stay." University Hospitals, 2018. Web.
    "Secrets of Successful Modernization." looksoftware, 2013. Web.
    "State of Software Development." Coding Sans, 2021. Web.
    "The State of Low-Code/No-Code." Creatio, 2021. Web.
    "We Have Built a Digital Society and We Can Show You How." e-Estonia. n.d. Web.
    Zanna. "The 5 Types of Experience Series (1): Brand Experience Is Your Compass." Accelerate in Experience, 9 February 2020. Web.
    Zhang, Y. et al. "Effects of Risks on the Performance of Business Process Outsourcing Projects: The Moderating Roles of Knowledge Management Capabilities." International Journal of Project Management, 2018, vol. 36 no. 4, 627-639.

    Research Contributors and Experts

    This is a picture of Chris Harrington

    Chris Harrington
    Chief Technology Officer
    Carolinas Telco Federal Credit Union

    Chris Harrington is Chief Technology Officer (CTO) of Carolinas Telco Federal Credit Union. Harrington is a proven leader with over 20 years of experience developing and leading information technology and cybersecurity strategies and teams in the financial industry space.

    This is a picture of Benjamin Palacio

    Benjamin Palacio
    Senior Information Technology Analyst County of Placer

    Benjamin Palacio has been working in the application development space since 2007 with a strong focus on system integrations. He has seamlessly integrated applications data across multiple states into a single reporting solution for management teams to evaluate, and he has codeveloped applications to manage billions in federal funding. He is also a CSAC-credentialed IT Executive (CA, USA).

    This is a picture of Scott Rutherford

    Scott Rutherford
    Executive Vice President, Technology
    LGM Financial Services Inc.

    Scott heads the Technology division of LGM Financial Services Inc., a leading provider of warranty and financing products to automotive OEMs and dealerships in Canada. His responsibilities include strategy and execution of data and analytics, applications, and technology operations.

    This is a picture of Robert Willatts

    Robert Willatts
    IT Manager, Enterprise Business Solutions and Project Services
    Town of Newmarket

    Robert is passionate about technology, innovation, and Smart City Initiatives. He makes customer satisfaction as the top priority in every one of his responsibilities and accountabilities as an IT manager, such as developing business applications, implementing and maintaining enterprise applications, and implementing technical solutions. Robert encourages communication, collaboration, and engagement as he leads and guides IT in the Town of Newmarket.

    This is a picture of Randeep Grewal

    Randeep Grewal
    Vice President, Enterprise Applications
    Red Hat

    Randeep has over 25 years of experience in enterprise applications, advanced analytics, enterprise data management, and consulting services, having worked at numerous blue-chip companies. In his most recent role, he is the Vice President of Enterprise Applications at Red Hat. Reporting to the CIO, he is responsible for Red Hat's core business applications with a focus on enterprise transformation, application architecture, engineering, and operational excellence. He previously led the evolution of Red Hat into a data-led company by maturing the enterprise data and analytics function to include data lake, streaming data, data governance, and operationalization of analytics for decision support.

    Prior to Red Hat, Randeep was the director of global services strategy at Lenovo, where he led the strategy using market data to grow Lenovo's services business by over $400 million in three years. Prior to Lenovo, Randeep was the director of advanced analytics at Alliance One and helped build an enterprise data and analytics function. His earlier work includes seven years at SAS, helping SAS become a leader in business analytics, and at KPMG consulting, where he managed services engagements at Fortune 100 companies.

    Create a Horizontally Optimized SDLC to Better Meet Business Demands

    • Buy Link or Shortcode: {j2store}149|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Development
    • Parent Category Link: /development
    • While teams are used to optimizing their own respective areas of responsibility, there is lack of clarity on the overall core SDLC process resulting in applications being released that are of poor quality.
    • Software development teams are struggling to release on time and within budget.
    • Teams do not understand the overall process, are not communicating well, and traceability is hard to achieve.
    • Each team claims to be optimized yet the final deliverable doesn’t reflect the expected quality.

    Our Advice

    Critical Insight

    • Optimizing can make you worse. One cannot just optimize locally – the SDLC must be optimized in its entirety to ensure traceability across the process.
    • Separate process from framework.
      You don’t need to “Go Agile” or follow other industry jargon to effectively optimize your SDLC.
    • SDLC process improvement is ongoing.
      Start with your team’s current capabilities and optimize. You should set expectations that new improvements will always come in the future.

    Impact and Result

    • Use a systematic framework to bring out local optimizations as potential candidates for SDLC optimization.
    • Prioritize those candidates that will aid in optimizing the overall core SDLC process.
    • Create the necessary governance and control structures to sustain the changes.
    • Use Info-Tech tools and templates to accelerate your process optimization.

    Create a Horizontally Optimized SDLC to Better Meet Business Demands Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand Info-Tech's approach to SDLC optimization and why the SDLC must be optimized in its entirety to ensure traceability across the process.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Document the current state of the SDLC

    This phase of the blueprint will help in understanding the organization's business priorities, documenting the current SDLC process, and identifing current SDLC challenges.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 1: Document the Current State of the SDLC
    • SDLC Optimization Playbook

    2. Define root causes, determine optimization initiatives, and define target state

    This phase of the blueprint, will help with defining root causes, determining potential optimization initiatives, and defining the target state of the SDLC.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 2: Define Root Causes, Determine Optimization Initiatives, and Define Target State

    3. Develop a rollout strategy for SDLC optimization

    This phase of the blueprint will help with prioritizing initiatives in order to develop a rollout strategy, roadmap, and communication plan for the SDLC optimization.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 3: Develop a Rollout Strategy for SDLC Optimization
    • SDLC Communication Template
    [infographic]

    Workshop: Create a Horizontally Optimized SDLC to Better Meet Business Demands

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Document Your Current SDLC

    The Purpose

    Understand SDLC current state.

    Key Benefits Achieved

    Understanding of your current SDLC state and metrics to measure the success of your SDLC optimization initiative.

    Activities

    1.1 Document the key business objectives that your SDLC delivers upon.

    1.2 Document your current SDLC process using a SIPOC process map.

    1.3 Identify appropriate metrics in order to track the effectiveness of your SDLC optimization.

    1.4 Document the current state process flow of each SDLC phase.

    1.5 Document the control points and tools used within each phase.

    Outputs

    Documented business objectives

    Documented SIPOC process map

    Identified metrics to measure the effectiveness of your SDLC optimization

    Documented current state process flows of each SDLC phase

    Documented control points and tools used within each SDLC phase

    2 Assess Challenges and Define Root Causes

    The Purpose

    Understand current SDLC challenges and root causes.

    Key Benefits Achieved

    Understand the core areas of your SDLC that require optimization.

    Activities

    2.1 Identify the current challenges that exist within each SDLC phase.

    2.2 Determine the root cause of the challenges that exist within each SDLC phase.

    Outputs

    Identified current challenges

    Identified root causes of your SDLC challenges

    3 Determine Your SDLC Optimization Initiatives

    The Purpose

    Understand common best practices and the best possible optimization initiatives to help optimize your current SDLC.

    Key Benefits Achieved

    Understand the best ways to address your SDLC challenges.

    Activities

    3.1 Define optimization initiatives to address the challenges in each SDLC phase.

    Outputs

    Defined list of potential optimization initiatives to address SDLC challenges

    4 Define SDLC Target State

    The Purpose

    Define your SDLC target state while maintaining traceability across your overall SDLC process.

    Key Benefits Achieved

    Understand what will be required to reach your optimized SDLC.

    Activities

    4.1 Determine the target state of your SDLC.

    4.2 Determine the people, tools, and control points necessary to achieve your target state.

    4.3 Assess the traceability between phases to ensure a seamlessly optimized SDLC.

    Outputs

    Determined SDLC target state

    Identified people, processes, and tools necessary to achieve target state

    Completed traceability alignment map and prioritized list of initiatives

    5 Prioritize Initiatives and Develop Rollout Strategy

    The Purpose

    Define how you will reach your target state.

    Key Benefits Achieved

    Create a plan of action to achieve your desired target state.

    Activities

    5.1 Gain the full scope of effort required to implement your SDLC optimization initiatives.Gain the full scope of effort required to implement your SDLC optimization initiatives.

    5.2 Identify the enablers and blockers of your SDLC optimization.

    5.3 Define your SDLC optimization roadmap.

    5.4 Create a communication plan to share initiatives with the business.

    Outputs

    Level of effort required to implement your SDLC optimization initiatives

    Identified enablers and blockers of your SDLC optimization

    Defined optimization roadmap

    Completed communication plan to present your optimization strategy to stakeholders

    Prepare to Successfully Deploy PPM Software

    • Buy Link or Shortcode: {j2store}437|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • PPM suite deployments are complicated and challenging. Vendors and consultants can provide much needed expertise and assistance to organizations deploying new PPM suites.
    • While functional requirements are often defined during the procurement stage (for example, in an RFP), the level of detail during this stage is likely insufficient for actually configuring the solution to your specific PPM needs. Too many organizations fail to further develop these functional requirements between signing their contracts and the official start of their professional implementation engagement.
    • Many organizations fail to organize and record the PPM data they will need to populate the new PPM suite. In almost all cases, customers have the expertise and are in the best position to collect and organize their own data. Leaving this until the vendor or consultant arrives to help with the deployment can result in using your professional services in a suboptimal way.
    • Vendors and consultants want you to prepare for their implementation engagements so that you can make the best use of their expertise and assistance. They want you to deploy a PPM suite that can be sustainably adopted in the long term. All too often, however, they arrive onsite to find customers that are disorganized and underprepared.

    Our Advice

    Critical Insight

    • Preparing for a professional implementation engagement allows you to make the best use of your professional services, as well as helping to ensure that the PPM suite is deployed according to your specific PPM needs.
    • Involving your internal resources in the preparation of data and in fully defining functional requirements for the PPM suite helps to establish stakeholder buy-in early on, helping to build internal ownership of the solution from the beginning. This avoids the solution being perceived as something the vendor/consultant “forced upon us.”
    • Vendors and consultants are happy when organizations are organized and prepared for their professional implementation engagements. Preparation ensures these engagements are positive experiences for everyone involved.

    Impact and Result

    • Ensure that the data necessary to deploy the new PPM suite is recorded and organized.
    • Make your functional requirements detailed enough to ensure that the new PPM suite can be configured/customized during the deployment engagement in a way that best fits the organization’s actual PPM needs.
    • Through carefully preparing data and fully defining functional requirements, you help the solution become sustainably adopted in the long term.

    Prepare to Successfully Deploy PPM Software Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why preparing for PPM deployment will ensure that organizations get the most value out of the implementation professional services they purchased and will help drive long-term sustainable adoption of the new PPM suite.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a preparation team and plan

    Engage in purposeful and effective PPM deployment planning by clearly defining what to prepare and when exactly it is time to move from planning to execution.

    • Prepare to Successfully Deploy PPM Software – Phase 1: Create a Preparation Team and Plan
    • Prepare to Deploy PPM Suite Project Charter Template
    • PPM Suite Functional Requirements Document Template
    • PPM Suite Deployment Timeline Template (Excel)
    • PPM Suite Deployment Timeline Template (Project)
    • PPM Suite Deployment Communication Plan Template

    2. Prepare project-related requirements and deliverables

    Provide clearer definition to specific project-related functional requirements and collect the appropriate PPM data needed for an effective PPM suite deployment facilitated by vendors/consultants.

    • Prepare to Successfully Deploy PPM Software – Phase 2: Prepare Project-Related Requirements and Deliverables
    • PPM Deployment Data Workbook
    • PPM Deployment Dashboard and Report Requirements Workbook

    3. Prepare PPM resource requirements and deliverables

    Provide clearer definition to specific resource management functional requirements and data and create a communication and training plan.

    • Prepare to Successfully Deploy PPM Software – Phase 3: Prepare PPM Resource Requirements and Deliverables
    • PPM Suite Transition Plan Template
    • PPM Suite Training Plan Template
    • PPM Suite Training Management Tool

    4. Provide preparation materials to the vendor and implementation professionals

    Plan how to engage vendors/consultants by communicating functional requirements to them and evaluating changes to those requirements proposed by them.

    • Prepare to Successfully Deploy PPM Software – Phase 4: Provide Preparation Materials to the Vendor and Implementation Professionals
    [infographic]

    Workshop: Prepare to Successfully Deploy PPM Software

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Plan the Preparation Project

    The Purpose

    Select a preparation team and establish clear assignments and accountabilities.

    Establish clear deliverables, milestones, and metrics to ensure it is clear when the preparation phase is complete.

    Key Benefits Achieved

    Preparation activities will be organized and purposeful, ensuring that you do not threaten deployment success by being underprepared or waste resources by overpreparing.

    Activities

    1.1 Overview: Determine appropriate functional requirements to define and data to record in preparation for the deployment.

    1.2 Create a timeline.

    1.3 Create a charter for the PPM deployment preparation project: record lessons learned, establish metrics, etc.

    Outputs

    PPM Suite Deployment Timeline

    Charter for the PPM Suite Preparation Project Team

    2 Prepare Project-Related Requirements and Deliverables

    The Purpose

    Collect and organize relevant project-related data so that you are ready to populate the new PPM suite when the vendor/consultant begins their professional implementation engagement with you.

    Clearly define project-related functional requirements to aid in the configuration/customization of the tool.

    Key Benefits Achieved

    An up-to-date and complete record of all relevant PPM data.

    Avoidance of scrambling to find data at the last minute, risking importing out-of-date or irrelevant information into the new software.

    Clearly defined functional requirements that will ensure the suite is configured in a way that can be adoption in the long term.

    Activities

    2.1 Define project phases and categories.

    2.2 Create a list of all projects in progress.

    2.3 Record functional requirements for project requests, project charters, and business cases.

    2.4 Create a list of all existing project requests.

    2.5 Record the current project intake processes.

    2.6 Define PPM dashboard and reporting requirements.

    Outputs

    Project List (basic)

    Project Request Form Requirements (basic)

    Scoring/Requirements (basic)

    Business Case Requirements (advanced)

    Project Request List (basic)

    Project Intake Workflows (advanced)

    PPM Reporting Requirements (basic)

    3 Prepare PPM Resource Requirements and Deliverables

    The Purpose

    Collect and organize relevant resource-related data.

    Clearly define resource-related functional requirements.

    Create a purposeful transition, communication, and training plan for the deployment period.

    Key Benefits Achieved

    An up-to-date and complete record of all relevant PPM data that allows your vendor/consultant to get right to work at the start of the implementation engagement.

    Improved buy-in and adoption through transition, training, and communication activities that are tailored to the actual needs of your specific organization and users.

    Activities

    3.1 Create a portfolio-wide roster of project resources (and record their competencies and skills, if appropriate).

    3.2 Record resource management processes and workflows.

    3.3 Create a transition plan from existing PPM tools and processes to the new PPM suite.

    3.4 Identify training needs and resources to be leveraged during the deployment.

    3.5 Define training requirements.

    3.6 Create a PPM deployment training plan.

    Outputs

    Resource Roster and Competency Profile (basic)

    User Roles and Permissions (basic)

    Resource Management Workflows (advanced)

    Transition Approach and Plan (basic)

    Data Archiving Requirements (advanced)

    List of Training Modules and Attendees (basic)

    Internal Training Capabilities (advanced)

    Training Milestones and Deadlines (basic)

    4 Provide Preparation Materials to the Vendor and Implementation Professionals

    The Purpose

    Compile the data collected and the functional requirements defined so that they can be provided to the vendor and/or consultant before the implementation engagement.

    Key Benefits Achieved

    Deliverables that record the outputs of your preparation and can be provided to vendors/consultants before the implementation engagement.

    Ensures that the customer is an active and equal partner during the deployment by having the customer prepare their material and initiate communication.

    Vendors and/or consultants have a clear understanding of the customer’s needs and expectations from the beginning.

    Activities

    4.1 Collect, review, and finalize the functional requirements.

    4.2 Compile a functional requirements and data package to provide to the vendor and/or consultants.

    4.3 Discuss how proposed changes to the functional requirements will be reviewed and decided.

    Outputs

    PPM Suite Functional Requirements Documents

    PPM Deployment Data Workbook

    Govern Shared Services

    • Buy Link or Shortcode: {j2store}459|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • IT managers have come under increasing pressure to cut costs, and implementing shared services has become a popular demand from the business.
    • Business unit resistance to a shared services implementation can derail the project.
    • Shared services rearranges responsibilities within existing IT departments, potentially leaving no one accountable for project success and causing cost overruns and service performance failures.

    Our Advice

    Critical Insight

    • Over one-third of shared services implementations increase IT costs, due to implementation failures. Ineffective governance plays a major role in the breakdown of shared services, particularly when it does not overcome stakeholder resistance or define clear areas of responsibility.
    • Effective governance of a shared services implementation requires the IT leader to find the optimal combination of independence and centralization for the shared service provider.
    • Three primary models exist for governing shared services: entrepreneurial, mandated, and market-based. Each one occupies a different location in the trade-off of independence and centralization. The optimal model for a specific situation depends on the size of the organization, the number of participants, the existing trend towards centralization, and other factors.

    Impact and Result

    • Find the optimal governance model for your organization by weighing the different likely benefits and costs of each path.
    • Assign appropriate individual responsibilities to participants, so you can effectively scope your service offering and fund your implementation.
    • Support the governance effort effectively using published Info-Tech tools and templates.

    Govern Shared Services Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand each of the governance models and what each entails

    Build a plan for governing an implementation.

    • Storyboard: Govern Shared Services
    • None

    2. Choose the optimal approach to shared services governance

    Maximize the net benefit conferred by governance.

    • Shared Services Governance Strategy Roadmap Tool
    [infographic]

    Assess the Viability of M365-O365 Security Add-Ons

    • Buy Link or Shortcode: {j2store}251|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting

    The technical side of IT security demands the best security possible, but the business side of running IT demands that you determine what is cost-effective and can still do the job. You likely shrugged off the early iterations of Microsoft’s security efforts, but you may have heard that things have changed. Where do you start in evaluating Microsoft’s security products in terms of effectiveness? The value proposition sounds tremendous to the CFO, “free” security as part of your corporate license, but how does it truly measure up and how do you articulate your findings to the business?

    Our Advice

    Critical Insight

    Microsoft’s security products have improved to the point where they are often ranked competitively with mainstream security products. Depending on your organization’s licensing of Office 365/Microsoft 365, some of these products are included in what you’re already paying for. That value proposition is hard to deny.

    Impact and Result

    Determine what is important to the business, and in what order of priority.

    Take a close look at your current solution and determine what are table stakes, what features you would like to have in its replacement, and what your current solution is missing.

    Consider Microsoft’s security solutions using an objective methodology. Sentiment will still be a factor, but it shouldn’t dictate the decision you make for the good of the business.

    Assess the Viability of M365/O365 Security Add-Ons Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to assess the viability of M365/O365 security add-ons. Review Info-Tech’s methodology and understand the four key steps to completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review your current state

    Examine what you are licensed for, what you are paying, what you need, and what your constraints are.

    • Microsoft 365/Office 365 Security Add-Ons Assessment Tool

    2. Assess your needs

    Determine what is “good enough” security and assess the needs of your organization.

    3. Select your path

    Decide what you will go with and start planning your next steps.

    [infographic]

    IT Management and Policies

    • Buy Link or Shortcode: {j2store}23|cart{/j2store}
    • Related Products: {j2store}23|crosssells{/j2store}
    • InfoTech Academy Title: IT management and policies videos
    • InfoTech Academy Excerpt: More videos are available once you join. Contact us for more information.
    • Teaser Video: Visit Website
    • Teaser Video Title: Policies Academy Overview
    • member rating overall impact (scale of 10): 9.5/10
    • member rating average dollars saved: $23101
    • member rating average days saved: 11
    • Parent Category Name: Strategy and Governance
    • InfotechAcademy-Executivebrief: Visit Website
    • Parent Category Link: /strategy-and-governance
    Create policies that matter most to your organization.

    Management, policy, policies

    Optimize Your SQA Practice Using a Full Lifecycle Approach

    • Buy Link or Shortcode: {j2store}405|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • Your software quality assurance (SQA) program is using the wrong set of metrics to measure how process improvements influence product quality improvements.
    • Roles & responsibilities and quality assurance initiatives are not well defined and need to be allocated to individuals that can be held responsible for quality-related issues.
    • You are finding it hard to determine a causation between SQA process improvements and an improvement in product quality.

    Our Advice

    Critical Insight

    • Your product is only as good as your process. A robust development and SQA process creates artifacts that are highly testable, easily maintained, and strongly traceable across the development lifecycle, ensuring that the product delivered meets expectations set out by the business.
    • A small issue within your development process can have a ripple effect on the level of product quality. Discover what you don’t know and identify areas within your SQA practice that require attention.

    Impact and Result

    • SQA must be viewed as more than defect analysis and testing. Instead, place greater emphasis on preventative measures to ensure application quality across the entire development lifecycle.
    • IT must create a comprehensive SQA plan that delineates roles and responsibilities as they relate to quality assurance. Ensure tasks and procedures improve process efficiency and quality, and formalize metrics that help to implement a continuous improvement cycle for SQA.
    • Our methodology provides simple-to-follow steps to develop an SQA plan that provides clear insight into your current quality assurance practices.
    • Establish a synchronous relationship between the business and IT to help stakeholders understand the importance and relative value of quality assurance tasks to current costs.

    Optimize Your SQA Practice Using a Full Lifecycle Approach Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize your SQA practice using a full lifecycle approach, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess your current SQA capabilities

    Evaluate and understand your current SQA capabilities, as well as the degree to which metric objectives are being met.

    • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 1: Assess Your Current SQA Capabilities
    • Software Quality Assurance Current State Assessment Tool
    • Software Quality Assurance Assessment Workbook

    2. Define SQA target state processes

    Identify and define SQA processes and metrics needed to meet quality objectives set by development teams and the business.

    • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 2: Define SQA Target State Processes

    3. Determine optimization initiatives for improving your SQA practice

    Build your SQA plan and optimization roadmap.

    • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 3: Determine Optimization Initiatives
    • Software Quality Assurance Plan Template
    • Software Quality Assurance Optimization Roadmap Tool
    • Software Quality Assurance Communication Template
    [infographic]

    Workshop: Optimize Your SQA Practice Using a Full Lifecycle Approach

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Your Current SQA Capabilities

    The Purpose

    To help you assess and understand your current SQA capabilities as well as the degree to which metric objectives are being met.

    Key Benefits Achieved

    An analysis of current SQA practices to provide insight into potential inefficiencies, opportunities, and to provide the business with sufficient rationale for improving current quality assurance initiatives.

    Activities

    1.1 Conduct a high-level assessment of where to focus your current state analysis.

    1.2 Document your high-level development process.

    1.3 Create a RACI chart to understand roles and responsibilities.

    1.4 Perform a SIPOC-MC analysis for problem areas identified in your SDLC.

    1.5 Identify the individual control points involved with passing software artifacts through SDLC stages being assessed.

    1.6 Identify problem areas within your SDLC as they relate to SQA.

    Outputs

    Understanding of current overall development process and where it is most weak in the context of quality assurance

    Understanding of assigned roles and responsibilities across development teams, including individuals who are involved with making quality-related decisions for artifact hand-off

    Identification of problem areas within SQA process for further analysis

    2 Define SQA Target State Processes

    The Purpose

    To help you identify and define SQA processes and metrics needed to meet quality objectives set out by development teams and the business.

    Key Benefits Achieved

    A revised list of key SQA tasks along with metrics and associated tolerance limits used universally for all development projects.

    Activities

    2.1 Establish SQA metrics and tolerance limits across your SDLC.

    2.2 Determine your target state for SQA processes within the define/design stage of the SDLC.

    2.3 Determine your target state for SQA processes within the development stage of the SDLC.

    2.4 Determine your target state for SQA processes within the testing stage of the SDLC.

    2.5 Determine your target state for SQA processes within the deploy/release stage of the SDLC.

    Outputs

    Identification of the appropriate metrics and their associated tolerance limits to provide insights into meeting quality goals and objectives during process execution

    Identification of target state SQA processes that are required for ensuring quality across all development projects

    3 Prioritize SQA Optimization Initiatives and Develop Optimization Roadmap

    The Purpose

    Based on discovered inefficiencies, define optimization initiatives required to improve your SQA practice.

    Key Benefits Achieved

    Optimization initiatives and associated tasks required to address gaps and improve SQA capabilities.

    Activities

    3.1 Determine optimization initiatives for improving your SQA process.

    3.2 Gain the full scope of effort required to implement your SQA optimization initiatives.

    3.3 Identify the enablers and blockers of your SQA optimization.

    3.4 Define your SQA optimization roadmap.

    Outputs

    Prioritized list of optimization initiatives for SQA

    Assessment of level of effort for each SQA optimization initiative

    Identification of enablers and blockers for optimization initiatives

    Identification of roadmap timeline for implementing optimization initiatives

    Marketing Management Suite Software Selection Guide

    • Buy Link or Shortcode: {j2store}552|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Selecting and implementing the right MMS platform – one that aligns with your requirements is a significant undertaking.
    • Despite the importance of selecting and implementing the right MMS platform, many organizations struggle to define an approach to picking the most appropriate vendor and rolling out the solution in an effective and cost-efficient manner.
    • IT often finds itself in the unenviable position of taking the fall for an MMS platform that doesn’t deliver on the promise of the MMS strategy.

    Our Advice

    Critical Insight

    • MMS platform selection must be driven by your overall customer experience management strategy. Link your MMS selection to your organization’s CXM framework.
    • Determine what exactly you require from your MMS platform; leverage use cases to help guide selection.
    • Ensure strong points of integration between your MMS and other software such as CRM and POS. Your MMS solution should not live in isolation; it must be part of a wider ecosystem.

    Impact and Result

    • An MMS platform that effectively meets business needs and delivers value.
    • Reduced costs during MMS vendor platform selection and faster time to results after implementation.

    Marketing Management Suite Software Selection Guide Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Marketing Management Suite Software Selection Guide – A deck that walks you through the process of building your business case and selecting the proper MMS platform.

    This blueprint will help you build a business case for selecting the right MMS platform, define key requirements, and conduct a thorough analysis and scan of the current state of the ever-evolving MMS market space.

    • Marketing Management Suite Software Selection Guide Storyboard
    [infographic]

    Further reading

    Marketing Management Suite Software Selection Guide

    Streamline your organizational approach to selecting a right-sized marketing management platform.

    Analyst perspective

    A robustly configured and comprehensive MMS platform is a crucial ingredient to help kick-start your organization's cross-channel and multichannel marketing management initiatives.

    Modern marketing management suites (MMS) are imperative given today's complex, multitiered, and often non-standardized marketing processes. Relying on isolated methods such as lead generation or email marketing techniques for executing key cross-channel and multichannel marketing initiatives is not enough to handle the complexity of contemporary marketing management activities.

    Organizations need to invest in highly customizable and functionally extensive MMS platforms to provide value alongside the marketing value chain and a 360-degree view of the consumer's marketing journey. IT needs to be rigorously involved with the sourcing and implementation of the new MMS tool, and the necessary business units also need to own the requirements and be involved from the initial stages of software selection.

    To succeed with MMS implementation, consider drafting a detailed roadmap that outlines milestone activities for configuration, security, points of integration, and data migration capabilities and provides for ongoing application maintenance and support.

    This is a picture of Yaz Palanichamy

    Yaz Palanichamy
    Senior Research Analyst, Customer Experience Strategy
    Info-Tech Research Group

    Executive summary

    Your Challenge

    • Many organizations struggle with taking a systematic and structured approach to selecting a right-sized marketing management suite (MMS) – an indispensable part of managing an organization's specific and nuanced marketing management needs.
    • Organizations must define a clear-cut strategic approach to investing in a new MMS platform. Exercising the appropriate selection and implementation rigor for a right-sized MMS tool is a critical step in delivering concrete business value to sustain various marketing value chains across the organization.

    Common Obstacles

    • An MMS vendor that is not well aligned to marketing requirements wastes resources and causes an endless cascade of end-user frustration.
    • The MMS market is rapidly evolving, making it difficult for vendors to retain a competitive foothold in the space.
    • IT managers and/or marketing professionals often find themselves in the unenviable position of taking the fall for MMS platforms that fail to deliver on the promise of the overarching marketing management strategy.

    Info-Tech's Approach

    • MMS platform selection must be driven by your overall marketing management strategy. Email marketing techniques, social marketing, and/or lead management strategies are often not enough to satisfy the more sophisticated use cases demanded by increasingly complex customer segmentation levels.
    • For organizations with a large audience or varied product offerings, a well-integrated MMS platform enables the management of various complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.

    Info-Tech Insight

    IT must collaborate with marketing professionals and other key stakeholder groups to define a unified vision and holistic outlook for a right-sized MMS platform.

    Info-Tech's methodology for selecting a right-sized marketing management suite platform

    1. Understand Core MMS Features

    2. Build the Business Case & Streamline Requirements

    3. Discover the MMS Market Space & Prepare for Implementation

    Phase Steps

    1. Define MMS Platforms
    2. Classify Table Stakes & Differentiating Capabilities
    3. Explore Trends
    1. Build the Business Case
    2. Streamline the Requirements Elicitation Process for a New MMS Platform
    3. Develop an Inclusive RFP Approach
    1. Discover Key Players in the Vendor Landscape
    2. Engage the Shortlist & Select Finalist
    3. Prepare for Implementation

    Phase Outcomes

    1. Consensus on scope of MMS and key MMS platform capabilities
    1. MMS platform selection business case
    2. Top-level use cases and requirements
    3. Procurement vehicle best practices
    1. Market analysis of MMS platforms
    2. Overview of shortlisted vendors
    3. Implementation considerations

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Understand what a marketing management suite is. Discuss core capabilities and key trends.

    Call #2: Build the business case
    to select a right-sized MMS.

    Call #3: Define your core
    MMS requirements.

    Call #4: Build and sustain procurement vehicle best practices.

    Call #5: Evaluate the MMS vendor landscape and short-list viable options.


    Call #6: Review implementation considerations.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The MMS procurement process should be broken into segments:

    1. Create a vendor shortlist using this buyer's guide.
    2. Define a structured approach to selection.
    3. Review the contract.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    EXECUTIVE BRIEF

    What are marketing management suite platforms?

    Our Definition: Marketing management suite (MMS) platforms are core enterprise applications that provide a unified set of marketing processes for a given organization and, typically, the capability to coordinate key cross-channel marketing initiatives.

    Key product capabilities for sophisticated MMS platforms include but are not limited to:

    • Email marketing
    • Lead nurturing
    • Social media management
    • Content curation and distribution
    • Marketing reporting and analytics
    • Consistent brand messaging

    Using a robust and comprehensive MMS platform equips marketers with the appropriate tools needed to make more informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention initiatives. Moreover, such tools can help bolster effective revenue generation and ensure more viable growth initiatives for future marketing growth enablement strategies.

    Info-Tech Insight

    Feature sets are rapidly evolving over time as MMS offerings continue to proliferate in this market space. Ensure that you focus on core components such as customer conversion rates and new lead captures through maintaining well- integrated multichannel campaigns.

    Marketing Management Suite Software Selection Buyer's Guide

    Info-Tech Insight

    A right-sized MMS software selection and procurement decision should involve comprehensive requirements and needs analysis by not just Marketing but also other organizational units such as IT, in conjunction with input suppled from the internal vendor procurement team.

    MMS Software Selection & Vendor Procurement Journey. The three main steps are: Envision the Art of the Possible; Elicit Granular Requirements; Contextualize the MMS Vendor Market Space

    Phase 1

    Understand Core MMS Features

    Phase 1

    Phase 2

    Phase 3

    1.1 Define MMS Platforms

    1.2 Classify Table Stakes & Differentiating Capabilities

    1.3 Explore Trends

    2.1 Build the Business Case

    2.2 Streamline Requirements Elicitation

    2.3 Develop an Inclusive RFP Approach

    3.1 Discover Key Players in the Vendor Landscape

    3.2 Engage the Shortlist & Select Finalist

    3.3 Prepare for Implementation

    This phase will walk you through the following activities:

    • Level-set an understanding of MMS technology.
    • Define which MMS features are table stakes (standard) and which are key differentiating functionalities.
    • Identify the art of the possible in a modern MMS platform from sales, marketing, and service lenses.

    This phase involves the following participants:

    • CMO
    • Digital Marketing Project Manager
    • Marketing Data Analytics Analyst
    • Marketing Management Executive

    What are marketing management suite platforms?

    Our Definition: Marketing management suite (MMS) platforms are core enterprise applications that provide a unified set of marketing processes for a given organization and, typically, the capability to coordinate key cross-channel marketing initiatives.

    Key product capabilities for sophisticated MMS platforms include but are not limited to:

    • Email marketing
    • Lead nurturing
    • Social media management
    • Content curation and distribution
    • Marketing reporting and analytics
    • Consistent brand messaging

    Using a robust and comprehensive MMS platform equips marketers with the appropriate tools needed to make more informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention initiatives. Moreover, such tools can help bolster effective revenue generation and ensure more viable growth initiatives for future marketing growth enablement strategies.

    Info-Tech Insight

    Feature sets are rapidly evolving over time as MMS offerings continue to proliferate in this market space. Ensure that you focus on core components such as customer conversion rates and new lead captures through maintaining well- integrated multichannel campaigns.

    Marketing through the ages

    Tracing the foundational origins of marketing management practices

    Initial traction for marketing management strategies began with the need to holistically understand the effects of advertising efforts and how the media mix could be best optimized.

    1902

    1920s-1930s

    1942

    1952-1964

    1970s-1990s

    Recognizing the increasing need for focused and professional marketing efforts, the University of Pennsylvania offers the first marketing course, dubbed "The Marketing of Products."

    As broadcast media began to peak, marketers needed to manage a greater number of complex and interspersed marketing channels.

    The introduction of television ads in 1942 offered new opportunities for brands to reach consumers across a growing media landscape. To generate the highest ROI, marketers sought to understand the consumer and focus on more tailored messaging and product personalization. Thus, modern marketing practices were born.

    Following the introduction of broadcast media, marketers had to develop strategies beyond traditional spray-and-pray methods. The first modern marketing measurement concept, "marketing mix," was conceptualized in 1952 and popularized in 1964 by Neil Borden.

    This period marked the digital revolution and the new era of marketing. With the advent of new communications technology and the modern internet, marketing management strategies reached new heights of sophistication. During the early 1990s, search engines emerged to help users navigate the web, leading to early forms of search engine optimization and advertising.

    Where it's going: the future state of marketing management

    1. Increasing Complexity Driving Consumer Purchasing Decisions
      • "The main complexity is dealing with the increasing product variety and changing consumer demands, which is forcing marketers to abandon undifferentiated marketing strategies and even niche marketing strategies and to adopt a mass customization process interacting one-to-one with their customers." – Complexity, 2019
    2. Consumers Seeking More Tailored Brand Personalization
      • Financial Services marketers lead all other industries in AI application adoption, with 37% currently using them (Salesforce, 2019).
    3. The Inclusion of More AI-Enabled Marketing Strategies
      • According to a 2022 Nostro report, 70% of consumers say it is important that brands continue to offer personalized consumer experiences.
    4. Green Marketing
      • Recent studies have shown that up to 80% of all consumers are interested in green marketing strategies (Marketing Schools, 2020).

    Marketing management by the numbers

    Key trends

    6%

    As a continuously growing discipline, marketing management roles are predicted to grow faster than average, at a rate of 6% over the next decade.

    Source: U.S. Bureau of Labor Statistics, 2021

    17%

    While many marketing management vendors offer A/B testing, only 17% of marketers are actively using A/B testing on landing pages to increase conversion rates.

    Source: Oracle, 2022

    70%

    It is imperative that technology and SaaS companies begin to use marketing automation as a core component of their martech strategy to remain competitive. About 70% of technology and SaaS companies are employing integrated martech tools.

    Source: American Marketing Association, 2021

    Understand MMS table stakes features

    Organizations can expect nearly all MMS vendors to provide the following functionality

    Email Marketing

    Lead Nurturing

    Reporting, Analytics, and Marketing KPIs

    Marketing Campaign Management

    Integrational Catalog

    The use of email alongside marketing efforts to promote a business' products and services. Email marketing can be a powerful tool to maintain connections with your audience and ensure sustained brand promotion.

    The process of developing and nurturing relationships with key customer contacts at every major touchpoint in their customer journey. MMS platforms can use automated lead-nurturing functions that are triggered by customer behavior.

    The use of well-defined metrics to help curate, gather, and analyze marketing data to help track performance and improve the marketing department's future marketing decisions and strategies.

    Tools needed for the planning, execution, tracking, and analysis of direct marketing campaigns. Such tools are needed to help gauge your buyers' sentiments toward your company's product offerings and services.

    MMS platforms should generally have a comprehensive open API/integration catalog. Most MMS platforms should have dedicated integration points to interface with various tools across the marketing landscape (e.g. social media, email, SEO, CRM, CMS tools, etc.).

    Identify differentiating MMS features

    While not always deemed must-have functionality, these features may be the deciding factor when choosing between two MMS-focused vendors.

    Digital Asset Management (DAM)

    A DAM can help manage digital media asset files (e.g. photos, audio files, video).

    Customer Data Management

    Customer data management modules help your organization track essential customer information to maximize your marketing results.

    Text-Based Marketing

    Text-based marketing strategy is ideal for any organization primarily focused on coordinating structured and efficient marketing campaigns.

    Customer
    Journey Orchestration

    Customer journey orchestration enables users to orchestrate customer conversations and journeys across the entire marketing value chain.

    AI-Driven Workflows

    AI-powered workflows can help eliminate complexities and allow marketers to automate and optimize tasks across the marketing spectrum.

    Dynamic Segmentation

    Dynamic segmentation to target audience cohorts based on recent actions and stated preferences.

    Advanced Email Marketing

    These include capabilities such as A/B testing, spam filter testing, and detailed performance reporting.

    Ensure you understand the art of the possible across the MMS landscape

    Understanding the trending feature sets that encompass the broader MMS vendor landscape will best equip your organization with the knowledge needed to effectively match today's MMS platforms with your organization's marketing requirements.

    Holistically examine the potential of any MMS solution through three main lenses:

    Data-Driven
    Digital Advertising

    Adapt innovative techniques such as conversational marketing to help collect, analyze, and synthesize crucial audience information to improve the customer marketing experience and pre-screen prospects in a more conscientious manner.

    Next Best Action Marketing

    Next best action marketing (NBAM) is a customer-centric paradigm/marketing technique designed to capture specific information about customers and their individual preferences. Predicting customers' future actions by understanding their intent during their purchasing decisions stage will help improve conversion rates.

    AI-Driven Customer
    Segmentation

    The use of inclusive and innovative AI-based forecast modeling techniques can help more accurately analyze customer data to create more targeted segments. As such, marketing messages will be more accurately tailored to the customer that is reading them.

    Art of the possible: data-driven digital advertising

    CONVERSATIONAL MARKETING INTELLIGENCE

    Are you curious about the measures needed to boost engagement among your client base and other primary target audience groups? Conversational marketing intelligence metrics can help collect and disseminate key descriptive data points across a broader range of audience information.

    AI-DRIVEN CONVERSATIONAL MARKETING DEVICES

    Certain social media channels (e.g. LinkedIn and Facebook) like to take advantage of click-to-Messenger-style applications to help drive meaningful conversations with customers and learn more about their buying preferences. In addition, AI-driven chatbot applications can help the organization glean important information about the customer's persona by asking probing questions about their marketing purchase behaviors and preferences.

    METAVERSE- DRIVEN BRANDING AND ADVERTISING

    One of the newest phenomena in data-driven marketing technology and digital advertising techniques is the metaverse, where users can represent themselves and their brand via virtual avatars to further gamify their marketing strategies. Moreover, brands can create immersive experiences and engage with influencers and established communities and collect a wealth of information about their audience that can help drive customer retention and loyalty.

    Case study

    This is the logos for Gucci and Roblox.

    Metaverse marketing extends the potential for commercial brand development and representation: a deep dive into Gucci's metaverse practice

    INDUSTRY: Luxury Goods Apparel
    SOURCE: Vogue Business

    Challenge

    Beginning with a small, family-owned leather shop known as House of Gucci in Florence, Italy, businessman and fashion designer Guccio Gucci sold saddles, leather bags, and other accessories to horsemen during the 1920s. Over the years, Gucci's offerings have grown to include various other personal luxury goods.

    As consumer preferences have evolved over time, particularly with the younger generation, Gucci's professional marketing teams looked to invest in virtual technology environments to help build and sustain better brand awareness among younger consumer audiences.

    Solution

    In response to the increasing presence of metaverse-savvy gamers on the internet, Gucci began investing in developing its online metaverse presence to bolster its commercial marketing brand there.

    A recent collaboration with Roblox, an online gaming platform that offers virtual experiences, provided Gucci the means to showcase its fashion items using the Gucci Garden – a virtual art installation project for Generation Z consumers, powered by Roblox's VR technology. The Gucci Garden virtual system featured a French-styled garden environment where players could try on and buy Gucci virtual fashion items to dress up their blank avatars.

    Results

    Gucci's disruptive, innovative metaverse marketing campaign project with Roblox is proof of its commitment to tapping new marketing growth channels to showcase the brand to engage new and prospective consumers (e.g. Roblox's player base) across more unique sandboxed/simulation environments.

    The freedom and flexibility in the metaverse environments allows brands such as Gucci to execute a more flexible digital marketing approach and enables them to take advantage of innovative metaverse-driven technologies in the market to further drive their data-driven digital marketing campaigns.

    Art of the possible: next best action marketing (NBAM)

    NEXT BEST ACTION PREDICTIVE MODELING

    To improve conversion propensity, next best action techniques can use predictive modeling methods to help build a dynamic overview of the customer journey. With information sourced from actionable marketing intelligence data, MMS platforms can use NBAM techniques to identify customer needs based on their buying behavior, social media interactions, and other insights to determine what unique set of actions should be taken for each customer.

    MACHINE LEARNING–BASED RECOMMENDER SYSTEMS

    Rules-based recommender systems can help assign probabilities of purchasing behaviors based on the patterns in touchpoints of a customer's journey and interaction with your brand. For instance, a large grocery chain company such as Walmart or Whole Foods will use ML-based recommender systems to decide what coupons they should offer to their customers based on their purchasing history.

    Art of the possible: AI-driven customer segmentation

    MACHINE/DEEP LEARNING (ML/DL) ALGORITHMS

    The inclusion of AI in data analytics helps make customer targeting more accurate
    and meaningful. Organizations can analyze customer data more thoroughly and generate in-depth contextual and descriptive information about the targeted segments. In addition, they can use this information to automate the personalization of marketing campaigns for a specific target audience group.

    UNDERSTANDING CUSTOMER SENTIMENTS

    To greatly benefit from AI-powered customer segmentation, organizations must deploy specialized custom AI solutions to help organize qualitative comments into quantitative data. This approach requires companies to use custom AI models and tools that will analyze customer sentiments and experiences based on data extracted from various touchpoints (e.g. CRM systems, emails, chatbot logs).

    Phase 2

    Build the Business Case and Streamline Requirements

    Phase 1

    Phase 2

    Phase 3

    1.1 Define MMS Platforms

    1.2 Classify Table Stakes & Differentiating Capabilities

    1.3 Explore Trends

    2.1 Build the Business Case

    2.2 Streamline Requirements Elicitation

    2.3 Develop an Inclusive RFP Approach

    3.1 Discover Key Players in the Vendor Landscape

    3.2 Engage the Shortlist & Select Finalist

    3.3 Prepare for Implementation

    This phase will walk you through the following activities:

    • Define and build the business case for the selection of a right-sized MMS platform.
    • Elicit and prioritize granular requirements for your MMS platform.

    This phase involves the following participants:

    • CMO
    • Technical Marketing Analyst
    • Digital Marketing Project Manager
    • Marketing Data Analytics Analyst
    • Marketing Management Executive

    Software Selection Engagement

    5 Advisory Calls over a 5-Week Period to Accelerate Your Selection Process

    Expert analyst guidance over 5 weeks on average to select software and negotiate with the vendor.

    Save money, align stakeholders, speed up the process and make better decisions.

    Use a repeatable, formal methodology to improve your application selection process.

    Better, faster results, guaranteed, included in your membership.

    This is an image of the plan for five advisory calls over a five-week period.

    CLICK HERE to book your Selection Engagement

    Elicit and prioritize granular requirements for your marketing management suite (MMS) platform

    Understanding business needs through requirements gathering is the key to defining everything you need from your software. However, it is an area where people often make critical mistakes.

    Poorly scoped requirements

    Best practices

    • Fail to be comprehensive and miss certain areas of scope.
    • Focus on how the solution should work instead of what it must accomplish.
    • Have multiple levels of detail within the requirements, causing inconsistency and confusion.
    • Drill all the way down to system-level detail.
    • Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.
    • Omit constraints or preferences that buyers think are obvious.
    • Get a clear understanding of what the system needs to do and what it is expected to produce.
    • Test against the principle of MECE – requirements should be "mutually exclusive and collectively exhaustive."
    • Explicitly state the obvious and assume nothing.
    • Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
    • Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

    Info-Tech Insight
    Poor requirements are the number one reason projects fail. Review Info-Tech's Improve Requirements Gathering blueprint to learn how to improve your requirements analysis and get results that truly satisfy stakeholder needs.

    Info-Tech's approach

    Develop an inclusive and thorough approach to the RFP process

    Identity Need; Define Business requirements; Gain Business Authorization; Perform RFI/RFP; Negotiate Agreement; Purchase Goods and Services; Assess and Measure Performance.

    Info-Tech Insight

    Review Info-Tech's process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – by developing a standard process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on the predetermined requirements, either an RFI or an RFP is issued to vendors with a due date.

    Leverage Info-Tech's Contract Review Service to level the playing field with your shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.
    Use Info-Tech's Contract Review Service to gain insights on your agreements:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT's and the business' needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    This is an image of three screenshots from Info-Tech's Contract Review Service.

    CLICK to BOOK The Contract Review Service

    CLICK to DOWNLOAD Master Contract Review and Negotiation for Software Agreements

    Phase 3

    Discover the MMS Market Space and Prepare for Implementation

    Phase 1

    Phase 2

    Phase 3

    1.1 Define MMS Platforms

    1.2 Classify Table Stakes & Differentiating Capabilities

    1.3 Explore Trends

    2.1 Build the Business Case

    2.2 Streamline Requirements Elicitation

    2.3 Develop an Inclusive RFP Approach

    3.1 Discover Key Players in the Vendor Landscape

    3.2 Engage the Shortlist & Select Finalist

    3.3 Prepare for Implementation

    This phase will walk you through the following activities:

    • Dive into the key players of the MMS vendor landscape.
    • Understand best practices for building a vendor shortlist.
    • Understand key implementation considerations for MMS.

    This phase involves the following participants:

    • CMO
    • Marketing Management Executive
    • Applications Manager
    • Digital Marketing Project Manager
    • Sales Executive
    • Vendor Outreach and Partnerships Manager

    Review your use cases to start your shortlist

    Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

    Next steps will include:

    1. Reviewing your requirements.
    2. Checking out SoftwareReviews.
    3. Shortlisting your vendors.
    4. Conducting demos and detailed proposal reviews.
    5. Selecting and contracting with a finalist!

    Get to know the key players in the MMS landscape

    The following slides provide a top-level overview of the popular players you will encounter in your MMS shortlisting process.

    This is a series of images of the logos for the companies which will be discussed later in this blueprint.

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    This is an image of two screenshots from the Data Quadrant Report.

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    This is an image of two screenshots from the Emotional Footprint Report.

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    SoftwareReviews

    • Fact-based reviews of business software from IT professionals.
    • Product and category reports with state-of-the-art data visualization.
    • Top-tier data quality backed by a rigorous quality assurance process.
    • User-experience insight that reveals the intangibles of working with a vendor.

    CLICK HERE to ACCESS

    Comprehensive software reviews
    to make better IT decisions

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    SoftwareReviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today's technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Advanced Campaign Management
    • Email Marketing Automation
    • Multichannel Integration

    Areas to Improve:

    • Mobile Marketing Management
    • Advanced Data Segmentation
    • Pricing Sensitivity and Implementation Support Model

    This is an image of SoftwareReviews analysis for Adobe Experience Cloud.

    history

    This is the Logo for Adobe Experience Cloud

    "Adobe Experience Cloud (AEC), formerly Adobe Marketing Cloud (AMC), provides a host of innovative multichannel analytics, social, advertising, media optimization, and content management products (just to name a few). The Adobe Marketing Cloud package allows users with valid subscriptions to download the entire collection and use it directly on their computer with open access to online updates. Organizations that have a deeply ingrained Adobe footprint and have already reaped the benefits of Adobe's existing portfolio of cloud services products (e.g. Adobe Creative Cloud) will find the AEC suite a functionally robust and scalable fit for their marketing management and marketing automation needs.

    However, it is important to note that AEC's pricing model is expensive when compared to other competitors in the space (e.g. Sugar Market) and, therefore, is not as affordable for smaller or mid-sized organizations. Moreover, there is the expectation of a learning curve with the AEC platform. Newly onboarded users will need to spend some time learning how to navigate and work comfortably with AEC's marketing automaton modules. "
    - Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Adobe Experience Cloud Platform pricing is opaque.
    Request a demo.*

    *Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

    2021

    Adobe Experience Platform Launch is integrated into the Adobe Experience Platform as a suite of data collection technologies (Experience League, Adobe).

    November 2020

    Adobe announces that it will spend $1.5 billion to acquire Workfront, a provider of marketing collaboration software (TechTarget, 2020).

    September 2018

    Adobe acquires marketing automation software company Marketo (CNBC, 2018).

    June 2018

    Adobe buys e-commerce services provider Magento Commerce from private equity firm Permira for $1.68 billion (TechCrunch, 2018).

    2011

    Adobe acquires DemDex, Inc. with the intention of adding DemDex's audience-optimization software to the Adobe Online Marketing Suite (Adobe News, 2011).

    2009

    Adobe acquires online marketing and web analytics company Omniture for $1.8 billion and integrates its products into the Adobe Marketing Cloud (Zippia, 2022).

    Adobe platform launches in December 1982.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Marketing Workflow Management
    • Advanced Data Segmentation
    • Marketing Operations Management

    Areas to Improve:

    • Email Marketing Automation
    • Marketing Asset Management
    • Process of Creating and/or Managing Marketing Lists

    This is an image of SoftwareReviews analysis for Dynamics 365

    history

    This is the logo for Dynamics 365

    2021

    Microsoft Dynamics 365 suite adds customer journey orchestration as a viable key feature (Tech Target, 2021)

    2019

    Microsoft begins adding to its Dynamics 365 suite in April 2019 with new functionalities such as virtual agents, fraud detection, new mixed reality (Microsoft Dynamics 365 Blog, 2019).

    2017

    Adobe and Microsoft expand key partnership between Adobe Experience Manager and Dynamics 365 integration (TechCrunch, 2017).

    2016

    Microsoft Dynamics CRM paid seats begin growing steadily at more than 2.5x year-over-year (TechCrunch, 2016).

    2016

    On-premises application, called Dynamics 365 Customer Engagement, contains the Dynamics 365 Marketing Management platform (Learn Microsoft, 2023).

    Microsoft Dynamics 365 product suite is released on November 1, 2016.

    "Microsoft Dynamics 365 for Marketing remains a viable option for organizations that require a range of innovative MMS tools that can provide a wealth of functional capabilities (e.g. AI-powered analytics to create targeted segments, A/B testing, personalizing engagement for each customer). Moreover, Microsoft Dynamics 365 for Marketing offers trial options to sandbox their platform for free for 30 days to help users familiarize themselves with the software before buying into the product suite.

    However, ensure that you have the time to effectively train users on implementing the MS Dynamics 365 platform. The platform does not score high on customizability in SoftwareReviews reports. Developers have only a limited ability to modify the core UI, so organizations need to be fully equipped with the knowledge needed to successfully navigate MS-based applications to take full advantage of the platform. For organizations deep in the Microsoft stack, D365 Marketing is a compelling option."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Dynamics 365
    Marketing

    Dynamics 365
    Marketing (Attachment)

    • Starts from $1,500 per tenant/month*
    • Includes 10,000 contacts, 100,000 interactions, and 1,000 SMS messages
    • For organizations without any other Dynamics 365 application
    • Starts from $750 per tenant/month*
    • Includes 10,000 contacts, 100,000 interactions, and 1,000 SMS messages
    • For organizations with a qualifying Dynamics 365 application

    * Pricing correct as of October 2022. Listed in USD and absent discounts. See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Marketing Analytics
    • Marketing Workflow Management
    • Lead Nurturing

    Areas to Improve:

    • Advanced Campaign Management
    • Email Marketing Automation
    • Marketing Segmentation

    This is an image of SoftwareReviews analysis for HubSpot

    history

    This is an image of the Logo for HubSpot

    2022

    HubSpot Marketing Hub releases Campaigns 2.0 module for its Marketing Hub platform (HubSpot, 2022).

    2018


    HubSpot announces the launch of its Marketing Hub Starter platform, a new offering that aims to give growing teams the tools they need to start marketing right (HubSpot Company News, 2018).

    2014

    HubSpot celebrates its first initial public offering on the NYSE market (HubSpot Company News, 2014).

    2013

    HubSpot opens its first international office location in Dublin, Ireland
    (HubSpot News, 2013).

    2010

    Brian Halligan and Dharmesh Shah write "Inbound Marketing," a seminal book that focuses on inbound marketing principles (HubSpot, n.d.).

    HubSpot opens for business in Cambridge, MA, USA, in 2005.

    "HubSpot's Marketing Hub software ranks consistently high in scores across SoftwareReviews reports and remains a strong choice for organizations that want to run successful inbound marketing campaigns that make customers interested and engaged with their business. HubSpot Marketing Hub employs comprehensive feature sets, including the option to streamline ad tracking and management, perform various audience segmentation techniques, and build personalized and automated marketing campaigns.

    However, SoftwareReviews reports indicate end users are concerned that HubSpot Marketing Hub's platform may be slightly overpriced in recent years and not cost effective for smaller and mid-sized companies that are working with a limited budget. Moreover, when it comes to mobile user accessibility reports, HubSpot's Marketing Hub does not directly offer data usage reports in relation to how mobile users navigate various web pages on the customer's website."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    HubSpot Marketing Hub (Starter Package)

    HubSpot Marketing Hub (Professional Package)

    HubSpot Marketing Hub (Enterprise Package)

    • Starts from $50/month*
    • Includes 1,000 marketing contacts
    • All non-marketing contacts are free, up to a limit of 15 million overall contacts (marketing contacts + non-marketing contracts)
    • Starts from $890/month*
    • Includes 2,000 marketing contacts
    • Onboarding is required for a one-time fee of $3,000
    • Starts from $3600/month*
    • Includes 10,000 marketing contacts
    • Onboarding is required for a one-time fee of $6,000

    *Pricing correct as of October 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Email Marketing Automation
    • Customer Journey Mapping
    • Contacts Management

    Areas to Improve:

    • Pricing Model Flexibility
    • Integrational API Support
    • Antiquated UI/CX Design Elements

    This is an image of SoftwareReviews analysis for Maropost

    history

    This is an image of the Logo for MAROPOST Marketing Cloud

    2022

    Maropost acquires Retail Express, leading retail POS software in Australia for $55M (PRWire, 2022).

    2018


    Maropost develops innovative product feature updates to its marketing cloud platform (e.g. automated social campaign management, event segmentation for mobile apps) (Maropost, 2019).

    2015

    US-based communications organization Success selects Maropost Marketing Cloud for marketing automation use cases (Apps Run The World, 2015).

    2017

    Maropost is on track to become one of Toronto's fastest-growing companies, generating $30M in annual revenue (MarTech Series, 2017).

    2015

    Maropost is ranked as a "High Performer" in the Email Marketing category in a G2 Crowd Grid Report (VentureBeat, 2015).

    Maropost is founded in 2011 as a customer-centric ESP platform.

    Maropost Marketing Cloud – Essential

    Maropost
    Marketing Cloud –Professional

    Maropost
    Marketing Cloud –Enterprise

    • Starts from $279/month*
    • Includes baseline features such as email campaigns, A/B campaigns, transactional emails, etc.
    • Starts from $849/month*
    • Includes additional system functionalities of interest (e.g. mobile keywords, more journeys for marketing automation use cases)
    • Starts from $1,699/month*
    • Includes unlimited number of journeys
    • Upper limit for custom contact fields is increased by 100-150

    *Pricing correct as of October 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Advanced Data Segmentation
    • Marketing Analytics
    • Multichannel Integration

    Areas to Improve:

    • Marketing Operations
      Management
    • Marketing Asset Management
    • Community Marketing Management

    This is an image of SoftwareReviews analysis for Oracle Marketing Cloud.

    history

    This is an image of the Logo for Oracle Marketing Cloud

    2021

    New advanced intelligence capabilities within Oracle Eloqua Marketing Automation help deliver more targeted and personalized messages (Oracle, Marketing Automation documentation).

    2015


    Oracle revamps its marketing cloud with new feature sets, including Oracle ID Graph for cross-platform identification of customers, AppCloud Connect, etc. (Forbes, 2015).

    2014

    Oracle announces the launch of the Oracle Marketing Cloud (TechCrunch, 2014).

    2005

    Oracle acquires PeopleSoft, a company that produces human resource management systems, in 2005 for $10.3B (The Economic Times, 2016).

    1982

    Oracle becomes the first company to sell relational database management software (RDBMS). In 1982 it has revenue of $2.5M (Encyclopedia.com).

    Relational Software, Inc (RSI) – later renamed Oracle Corporation – is founded in 1977.

    "Oracle Marketing Cloud offers a comprehensive interwoven and integrated marketing management solution that can help end users launch cross-channel marketing programs and unify all prospect and customer marketing signals within one singular view. Oracle Marketing Cloud ranks consistently high across our SoftwareReviews reports and sustains top scores in overall customer experience rankings at a factor of 9.0. The emotional sentiment of users interacting with Oracle Marketing Cloud is also highly favorable, with Oracle's Emotional Footprint score at +93.

    Users should be aware that some of the reporting mechanisms and report-generation capabilities may not be as mature as those of some of its competitors in the MMS space (e.g. Salesforce, Adobe). Data exportability also presents a challenge in Oracle Marketing Cloud and requires a lot of internal tweaking between end users of the system to function properly. Finally, pricing sensitivity may be a concern for small and mid-sized organizations who may find Oracle's higher-tiered pricing plans to be out of reach. "
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Oracle Marketing Cloud pricing is opaque.
    Request a demo.*

    *Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Marketing Analytics
    • Advanced Campaign Management
    • Email Marketing Automation
    • Social Media Marketing Management

    Areas to Improve:

    • Community Marketing Management
    • Marketing Operations Management
    • Pricing Sensitivity and Vendor Support Model

    This is an image of SoftwareReviews analysis for Salesforce

    history

    This is an image of the Logo for Salesforce Marketing Cloud

    2022

    Salesforce announces sustainability as a core company value (Forbes, 2022).

    2012



    Salesforce unveils Salesforce Marketing Cloud during Dreamforce 2012, with 90,000 registered attendees (Dice, 2012).

    2009

    Salesforce launches Service Cloud, bringing customer service and support automation features to the market (TechCrunch, 2009).

    2003


    The first Dreamforce event is held at the Westin St. Francis hotel in downtown San Francisco
    (Salesforce, 2020).

    2001


    Salesforce delivers $22.4M in revenue for the fiscal year ending January 31, 2002 (Salesforce, 2020).

    Salesforce is founded in 1999.

    "Salesforce Marketing Cloud is a long-term juggernaut of the marketing management software space and is the subject of many Info-Tech member inquiries. It retains strong composite and customer experience (CX) scores in our SoftwareReviews reports. Some standout features of the platform include marketing analytics, advanced campaign management functionalities, email marketing automation, and customer journey management capabilities. In recent years Salesforce has made great strides in improving the overall user experience by investing in new product functionalities such as the Einstein What-If Analyzer, which helps test how your next email campaign will impact overall customer engagement, triggers personalized campaign messages based on an individual user's behavior, and uses powerful real-time segmentation and sophisticated AI to deliver contextually relevant experiences that inspire customers to act.

    On the downside, we commonly see Salesforce's solutions as costlier than competitors' offerings, and its commercial/sales teams tend to be overly aggressive in marketing its solutions without a distinct link to overarching business requirements. "
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Marketing Cloud Basics

    Marketing Cloud Pro

    Marketing Cloud Corporate

    Marketing Cloud Enterprise

    • Starts at $400*
    • Per org/month
    • Personalized promotional email marketing
    • Starts at $1,250*
    • Per org/month
    • Personalized marketing automation with email solutions
    • Starts at $3,750*
    • Per org/month
    • Personalized cross-channel strategic marketing solutions

    "Request a Quote"

    *Pricing correct as of October 2022. Listed in USD and absent discounts. See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Email Marketing Automation
    • Marketing Workflow Management
    • Marketing Analytics

    Areas to Improve:

    • Mobile Marketing Management
    • Marketing Operations Management
    • Advanced Data Segmentation

    This is an image of SoftwareReviews analysis for SAP

    history

    This is an image of the Logo for SAP

    2022

    SAP announces the second cycle of the 2022 SAP Customer Engagement Initiative. (SAP Community Blog, 2022).

    2020

    SAP acquires Austrian cloud marketing company Emarsys (TechCrunch, 2020).

    2015

    SAP Digital for Customer Engagement launches in May 2015 (SAP News, 2015).

    2009

    SAP begins branching out into three markets of the future (mobile technology, database technology, and cloud). SAP acquires some of its competitors (e.g. Ariba, SuccessFactors, Business Objects) to quickly establish itself as a key player in those areas (SAP, n.d.).

    1999

    SAP responds to the internet and new economy by launching its mysap.com strategy (SAP, n.d.).

    SAP is founded In 1972.

    "Over the years, SAP has positioned itself as one of the usual suspects across the enterprise applications market. While SAP has a broad range of capabilities within the CRM and customer experience space, it consistently underperforms in many of our user-driven SoftwareReviews reports for MMS and adjacent areas, ranking lower in MMS product feature capabilities such as email marketing automation and advanced campaign management than other mainstream MMS vendors, including Salesforce Marketing Cloud and Adobe Experience Cloud. The SAP Customer Engagement Marketing platform seems decidedly a secondary focus for SAP, behind its more compelling presence across the enterprise resource planning space.

    If you are approaching an MMS selection from a greenfield lens and with no legacy vendor baggage for SAP elsewhere, experience suggests that your needs will be better served by a vendor that places greater primacy on the MMS aspect of their portfolio."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    SAP Customer Engagement Marketing pricing is opaque:
    Request a demo.*

    *Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Social Media Automation
    • Email Marketing Automation
    • Marketing Analytics

    Areas to Improve:

    • Ease of Data Integration
    • Breadth of Features
    • Marketing Workflow Management

    b

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Campaign Management
    • Segmentation
    • Email Delivery

    Areas to Improve:

    • Mobile Optimization
    • A/B Testing
    • Content Authoring

    This is an image of SoftwareReviews analysis for ZOHO Campaigns.

    history

    This is an image of the Logo for ZOHO Campaigns

    2021

    Zoho announces CRM-Campaigns sync (Zoho Campaigns Community Learning, 2021).

    2020

    Zoho reaches more than 50M customers in January ( Zippia, n.d.).

    2017

    Zoho launches Zoho One, a comprehensive suite of 40+ applications (Zoho Blog, 2017).

    2012

    Zoho releases Zoho Campaigns (Business Wire, 2012).

    2007

    Zoho expands into the collaboration space with the release of Zoho Docs and Zoho Meetings (Zoho, n.d.).

    2005

    Zoho CRM is released (Zoho, n.d.).

    Zoho platform is founded in 1996.

    "Zoho maintains a long-running repertoire of end-to-end software solutions for business development purposes. In addition to its flagship CRM product, the company also offers Zoho Campaigns, which is an email marketing software platform that enables contextually driven marketing techniques via dynamic personalization, email interactivity, A/B testing, etc. For organizations that already maintain a deep imprint of Zoho solutions, Zoho Campaigns will be a natural extension to their immediate software environment.

    Zoho Campaigns is a great ecosystem play in environments that have a material Zoho footprint. In the absence of an existing Zoho environment, it's prudent to consider other affordable products as well."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Free Version

    Standard

    Professional

    • Starts at $0*
    • Per user/month billed annually
    • Up to 2,000 contacts
    • 6,000 emails/month
    • Starts at $3.75*
    • Per user/month billed annually
    • Up to 100,000 contacts
    • Advanced email templates
    • SMS marketing
    • Starts at $6*
    • Per user/month billed annually
    • Advanced segmentation
    • Dynamic content

    *Pricing correct as of October 2022. Listed in USD and absent discounts.

    See pricing on vendor's website for latest information.

    Leverage Info-Tech's research to plan and execute your MMS implementation

    Use Info-Tech's three-phase implementation process to guide your planning:

    1. Assess

    2. Prepare

    3. Govern & Course Correct

    Download Info-Tech's Governance and Management of Enterprise Software Implementation
    Establish and execute an end-to-end, agile framework to succeed with the implementation of a major enterprise application.

    Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication

    Teams must have some type of communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value to encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing them.

    Proximity

    Distributed teams create complexity as communication can break down. This can be mitigated by:

    • Location: Placing teams in proximity to eliminate the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication Tools: Having the right technology (e.g. video conference) to help bring teams closer together virtually.

    Trust

    Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role Clarity: Having a clear definition of what everyone's role is.

    Selecting a right-sized MMS platform

    This selection guide allows organizations to execute a structured methodology for picking an MMS platform that aligns with their needs. This includes:

    • Alignment and prioritization of key business and technology drivers for an MMS selection business case.
    • Identification of key use cases and requirements for a right-sized MMS platform.
    • A comprehensive market scan of key players in the MMS market space.

    This formal MMS selection initiative will drive business-IT alignment, identify pivotal sales and marketing automation priorities, and thereby allow for the rollout of a streamlined MMS platform that is highly likely to satisfy all stakeholder needs.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Summary of accomplishment

    Knowledge Gained

    • What marketing management is
    • Historical origins of marketing management
    • The future of marketing management
    • Key trends in marketing management suites

    Processes Optimized

    • Requirements gathering
    • RFPs and contract reviews
    • Marketing management suite vendor selection
    • Marketing management platform implementation

    Marketing Management

    • Adobe Experience Cloud
    • Microsoft Dynamics 365 for Marketing
    • HubSpot Marketing Hub
    • Maropost Marketing Cloud
    • Oracle Marketing Cloud

    Vendors Analyzed

    • Salesforce Marketing Cloud
    • SAP
    • Sugar Market
    • Zoho Campaigns

    Related Info-Tech Research

    Select a Marketing Management Suite

    Many organizations struggle with taking a systematic approach to selection that pairs functional requirements with specific marketing workflows, and as a result they choose a marketing management suite (MMS) that is not well aligned to their needs, wasting resources and causing end-user frustration.

    Get the Most Out of Your CRM

    Customer relationship management (CRM) application portfolios are often messy,
    with multiple integration points, distributed data, and limited ongoing end-user training. A properly optimized CRM ecosystem will reduce costs and increase productivity.

    Customer Relationship Management Platform Selection Guide

    Speed up the process to build your business case and select your CRM solution. Despite the importance of CRM selection and implementation, many organizations struggle to define an approach to picking the right vendor and rolling out the solution in an effective and cost-efficient manner.

    Bibliography

    "16 Biggest Tech Acquisitions in History." The Economic Times, 28 July 2016. Web.
    "Adobe Acquires Demdex – Brings Audience Optimization to $109 Billion Global Online Ad Market." Adobe News, 18 Jan 2011. Accessed Nov 2022.
    "Adobe Company History Timeline." Zippia, 9 Sept 2022. Accessed Nov 2022.
    "Adobe to acquire Magento for $1.68B." TechCrunch, 21 May 2018. Accessed Dec 2022.
    Anderson, Meghan Keaney. "HubSpot Launches European Headquarters." HubSpot Company News, 3 Mar 2013.
    Arenas-Gaitán, Jorge, et al. "Complexity of Understanding Consumer Behavior from the Marketing Perspective." Journal of Complexity, vol. 2019, 8 Jan 2019. Accessed Sept 2022.
    Bureau of Labor Statistics. "Advertising, Promotions, and Marketing Managers." Occupational Outlook Handbook. U.S. Department of Labor, 8 Sept 2022. Accessed 1 Nov 2022.
    "Campaigns." Marketing Hub, HubSpot, n.d. Web.
    Conklin, Bob. "Adobe report reveals best marketing practices for B2B growth in 2023 and beyond." Adobe Experience Cloud Blog, 23 Sept 2022. Web.
    "Consumer Behavior Stats 2021: The Post-Pandemic Shift in Online Shopping Habit" Nosto.com, 7 April 2022. Accessed Oct 2022.
    "Data Collection Overview." Experience League, Adobe.com, n.d. Accessed Dec 2022.
    Duduskar, Avinash. "Interview with Tony Chen, CEO at Channel Factory." MarTech Series, 16 June 2017. Accessed Nov 2022.
    "Enhanced Release of SAP Digital for Customer Engagement Helps Anyone Go Beyond CRM." SAP News, 8 Dec. 2015. Press release.
    Fang, Mingyu. "A Deep Dive into Gucci's Metaverse Practice." Medium.com, 27 Feb 2022. Accessed Oct 2022.
    Flanagan, Ellie. "HubSpot Launches Marketing Hub Starter to Give Growing Businesses the Tools They Need to Start Marketing Right." HubSpot Company News, 17 July 2018. Web.
    Fleishman, Hannah. "HubStop Announces Pricing of Initial Public Offering." HubSpot Company News, 8 Oct. 204. Web.
    Fluckinger, Don. "Adobe to acquire Workfront for $1.5 billion." TechTarget, 10 Nov 2020. Accessed Nov 2022.
    Fluckinger, Don. "Microsoft Dynamics 365 adds customer journey orchestration." TechTarget, 2 March 2021. Accessed Nov 2022.
    Green Marketing: Explore the Strategy of Green Marketing." Marketing Schools, 19 Nov 2020. Accessed Oct 2022.
    Ha, Anthony. "Oracle Announces Its Cross-Platform Marketing Cloud." TechCrunch, 30 April 2014. Web.
    Heyd, Kathrin. "Partners Welcome – SAP Customer Engagement Initiative 2022-2 is open for your registration(s)!" SAP Community Blog, 21 June 2022. Accessed Nov 2022.
    HubSpot. "Our Story." HubSpot, n.d. Web.
    Jackson, Felicia. "Salesforce Tackles Net Zero Credibility As It Adds Sustainability As A Fifth Core Value." Forbes, 16 Feb. 2022. Web.
    Kolakowski, Nick. "Salesforce CEO Marc Benioff Talks Social Future." Dice, 19 Sept. 2012. Web.
    Lardinois, Frederic. "Microsoft's Q4 earnings beat Street with $22.6B in revenue, $0.69 EPS." TechCrunch, 19 July 2016. Web.
    Levine, Barry. "G2 Crowd report finds the two email marketing tools with the highest user satisfaction." Venture Beat, 30 July 2015. Accessed Nov 2022.
    Looking Back, Moving Forward: The Evolution of Maropost for Marketing." Maropost Blog, 21 May 2019. Accessed Oct 2022.
    Maher, Sarah. "What's new with HubSpot? Inbound 2022 Feature Releases." Six & Flow, 9 July 2022. Accessed Oct 2022.
    Marketing Automation Provider, Salesfusion, Continues to Help Marketers Achieve Their Goals With Enhanced User Interface and Powerful Email Designer Updates." Yahoo Finance, 10 Dec 2013. Accessed Oct 2022.
    "Maropost Acquires Retail Express for $55 Million+ as it Continues to Dominate the Global Commerce Space." Marapost Newsroom, PRWire.com, 19 Jan 2022. Accessed Nov 2022.
    McDowell, Maghan. "Inside Gucci and Roblox's new virtual world." Vogue Business, 17 May 2021. Web.
    Miller, Ron. "Adobe and Microsoft expand partnership with Adobe Experience Manager and Dynamics 265 Integration." TechCrunch, 3 Nov 2017. Accessed Nov 2022.
    Miller, Ron. "Adobe to acquire Magento for $1.68B" TechCrunch, 21 May 2018. Accessed Nov 2022.
    Miller, Ron. "SAP continues to build out customer experience business with Emarys acquisition." TechCrunch, 1 Oct. 2020. Web.
    Miller, Ron. "SugarCRM moves into marketing automation with Salesfusion acquisition." TechCrunch, 16 May 2019.
    Novet, Jordan. "Adobe confirms it's buying Marketo for $4.75 billion." CNBC, 20 Sept 2018. Accessed Dec 2022.
    "Oracle Corp." Encyclopedia.com, n.d. Web.
    Phillips, James. "April 2019 Release launches with new AI, mixed reality, and 350+ feature updates." Microsoft Dynamics 365 Blog. Microsoft, 2 April 2019. Web.
    S., Aravindhan. "Announcing an important update to Zoho CRM-Zoho Campaigns integration." Zoho Campaigns Community Learning, Zoho, 1 Dec. 2021. Web.
    Salesforce. "The History of Salesforce." Salesforce, 19 March 2020. Web.
    "Salesfusion Integrates With NetSuite CRM to Simplify Sales and Marketing Alignment" GlobeNewswire, 6 May 2016. Accessed Oct 2022. Press release.
    "Salesfusion Integrates With NetSuite CRM to Simplify Sales and Marketing Alignment." Marketwired, 6 May 2016. Web.
    "Salesfusion is Now Sugar Market: The Customer FAQ." SugarCRM Blog, 31 July 2019. Web.
    "Salesfusion's Marketing Automation Platform Drives Awareness and ROI for Education Technology Provider" GlobeNewswire, 25 June 2015. Accessed Nov 2022. Press release.
    SAP. "SAP History." SAP, n.d. Web.
    "State of Marketing." 5th Edition, Salesforce, 15 Jan 2019. Accessed Oct 2022.
    "Success selects Maropost Marketing Cloud for Marketing Automation." Apps Run The World, 10 Jan 2015. Accessed Nov 2022.
    "SugarCRM Acquires SaaS Marketing Automation Innovator Salesfusion." SugarCRM, 16 May 2019. Press release.
    Sundaram, Vijay. "Introducing Zoho One." Zoho Blog, 25 July 2017. Web.
    "The State of MarTech: Is you MarTech stack working for you?" American Marketing Association, 29 Nov 2021. Accessed Oct 2022.
    "Top Marketing Automation Statistics for 2022." Oracle, 15 Jan 2022. Accessed Oct 2022.
    Trefis Team. "Oracle Energizes Its Marketing Cloud With New Features." Forbes, 7 April 2015. Accessed Oct 2022.
    Vivek, Kumar, et al. "Microsoft Dynamics 365 Customer Engagement (on-premises) Help, version 9.x." Learn Dynamics 365, Microsoft, 9 Jan 2023. Web.
    "What's new with HubSpot? Inbound 2022 feature releases" Six and Flow, 9 July 2022. Accessed Nov 2022.
    Widman, Jeff. "Salesforce.com Launches The Service Cloud,, A Customer Service SaaS Application." TechCrunch, 15 Jan. 2009. Web.
    "Zoho History." Zippia, n.d. Web.
    "Zoho Launches Zoho Campaigns." Business Wire, 14 Aug. 2012. Press release.
    Zoho. "About Us." Zoho, n.d. Web.

    Need hands-on assistance?

    Engage Info-Tech for a Software Selection Workshop!

    40 Hours of Advisory Assistance Delivered On-Line or In-Person

    Select Better Software, Faster.

    40 Hours of Expert Analyst Guidance
    Project & Stakeholder Management Assistance
    Save money, align stakeholders, Speed up the process & make better decisions.
    Better, faster results, guaranteed, $25K standard engagement fee

    This is an image of the plan for five advisory calls over a five week period.

    CLICK HERE to book your Workshop Engagement

    Drive Real Business Value with an HRIS Strategy

    • Buy Link or Shortcode: {j2store}586|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $43,457 Average $ Saved
    • member rating average days saved: 36 Average Days Saved
    • Parent Category Name: Human Resource Systems
    • Parent Category Link: /human-resource-systems
    • In most organizations, the HR application portfolio has evolved tactically on an as-needed basis, resulting in un-integrated systems and significant effort spent on manual workarounds.
    • The relationship between HR and IT is not optimal for technology decision making. System-related decisions are made by HR and IT is typically involved only post-purchase to fix issues as they arise and offer workarounds.
    • IT systems for HR are not viewed as a strategic differentiator or business enabler, thereby leading to a limited budget and resources for HR IT systems and subsequently hindering the adoption of a strategic, holistic perspective.
    • Some organizations overinvest, while others underinvest in lightweight, point-to-point solutions. Finding the sweet spot between a full suite and lightweight functionality is no easy task.

    Our Advice

    Critical Insight

    • Align HRIS goals with the business. Organizations must position HR as a partner prior to embarking on an HRIS initiative, aligning technology goals with organizational objectives before looking at software.
    • Communication is key. Often, HR and IT speak different languages. Maintain a high degree of communication by engaging stakeholder groups early.
    • Plan where you want to go. Designing a roadmap based on clear requirements, alignment with the business, and an understanding of priorities will contribute to success.

    Impact and Result

    • Evaluate the current state of HRIS, understand the pain points, and visualize your ideal processes prior to choosing a solution.
    • Explore the different solution alternatives: maintain current system, integrate and consolidate, augment, or replace system entirely.
    • Create a plan to engage IT and HR throughout the project. Equip HR with the decision-making tools to meet business objectives and drive business strategy. Establish a common language for IT and HR to effectively communicate.
    • Develop a practical and actionable roadmap that the entire organization can buy into.

    Drive Real Business Value with an HRIS Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop an HRIS strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Conduct an environmental scan

    Create a clear project vision that outlines the goals and objectives for the HRIS strategy. Subsequently, construct an HRIS business model that is informed by enablers, barriers, and the organizational, IT, and HR needs.

    • Drive Real Business Value with an HRIS Strategy – Phase 1: Conduct an Environmental Scan
    • Establish an HRIS Strategy Project Charter Template
    • HRIS Readiness Assessment Checklist

    2. Design the future state

    Gather high-level requirements to determine the ideal future state. Explore solution alternatives and choose the path that is best aligned with the organization's needs.

    • Drive Real Business Value with an HRIS Strategy – Phase 2: Design the Future State
    • HRIS Strategy Stakeholder Interview Guide
    • Process Owner Assignment Guide

    3. Finalize the roadmap

    Identify roadmap initiatives. Prioritize initiatives based on importance and effort.

    • Drive Real Business Value with an HRIS Strategy – Phase 3: Finalize the Roadmap
    • Initiative Roadmap Tool
    • HRIS Stakeholder Presentation Template
    [infographic]

    Workshop: Drive Real Business Value with an HRIS Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Conduct an Environmental Scan

    The Purpose

    Understand the importance of creating an HRIS strategy before proceeding with software selection and implementation.

    Learn why a large percentage of HRIS projects fail and how to avoid common mistakes.

    Set expectations for the HRIS strategy and understand Info-Tech’s HRIS methodology.

    Complete a project charter to gain buy-in, build a project team, and track project success.   

    Key Benefits Achieved

    A go/no-go decision on the project appropriateness.

    Project stakeholders identified.

    Project team created with defined roles and responsibilities.

    Finalized project charter to gain buy-in.  

    Activities

    1.1 Set a direction for the project by clarifying the focus.

    1.2 Identify the right stakeholders for your project team.

    1.3 Identify HRIS needs, barriers, and enablers.

    1.4 Map the current state of your HRIS.

    1.5 Align your business goals with your HR goals and objectives.

    Outputs

    Project vision

    Defined project roles and responsibilities

    Completed HRIS business model

    Completed current state map and thorough understanding of the HR technology landscape

    Strategy alignment between HR and the business

    2 Design the Future State

    The Purpose

    Gain a thorough understanding of the HRIS-related pains felt throughout the organization.

    Use stakeholder-identified pains to directly inform the HRIS strategy and long-term solution.

    Visualize your ideal processes and realize the art of the possible.  

    Key Benefits Achieved

    Requirements to strengthen the business case and inform the strategy.

    The art of the possible.

    Activities

    2.1 Requirements gathering.

    2.2 Sketch ideal future state processes.

    2.3 Establish process owners.

    2.4 Determine guiding principles.

    2.5 Identify metrics.

    Outputs

    Pain points classified by data, people, process, and technology

    Ideal future process vision

    Assigned process owners, guiding principles, and metrics for each HR process in scope

    3 Create Roadmap and Finalize Deliverable

    The Purpose

    Brainstorm and prioritize short- and long-term HRIS tasks.

    Key Benefits Achieved

    Understand next steps for the HRIS project.

    Activities

    3.1 Create a high-level implementation plan that shows dependencies.

    3.2 Identify risks and mitigation efforts.

    3.3 Finalize stakeholder presentation.

    Outputs

    Completed implementation plan

    Completed risk management plan

    HRIS stakeholder presentation

    Build a Strategy for Big Data Platforms

    • Buy Link or Shortcode: {j2store}203|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Big Data
    • Parent Category Link: /big-data
    • The immaturity of the big data market means that organizations lack examples and best practices to follow, and they are often left trailblazing their own paths.
    • Experienced and knowledgeable big data professionals are limited and without creative resourcing; IT might struggle to fill big data positions.
    • The term NoSQL has become a catch-all phrase for big data technologies; however, the technologies falling under the umbrella of NoSQL are disparate and often misunderstood. Organizations are at risk of adopting incorrect technologies if they don’t take the time to learn the jargon.

    Our Advice

    Critical Insight

    • NoSQL plays a key role in the emergence of the big data market, but it has not made relational databases outdated. Successful big data strategies can be conducted using SQL, NoSQL, or a combination of the two.
    • Assign a Data Architect to oversee your initiative. Hire or dedicate someone who has the ability to develop both a short-term and long-term vision and that has hands-on experience with data management, mining and modeling. You will still need someone (like a database administrator) who understands the database, the schemas, and the structure.
    • Understand your data before you attempt to use it. Take a master data management approach to ensure there are rules and standards for managing your enterprise’s data, and take extra caution when integrating external sources.

    Impact and Result

    • Assess whether SQL, NoSQL, or a combination of both technologies will provide you with the appropriate capabilities to achieve your business objectives and gain value from your data.
    • Form a Big Data Team to bring together IT and the business in order to leave a successful initiative.
    • Conduct ongoing training with your personnel to ensure up-to-date skills and end-user understanding.
    • Frequently scan the big data market space to identify new technologies and opportunities to help optimize your big data strategy.

    Build a Strategy for Big Data Platforms Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop a big data strategy

    Know where to start and where to focus attention in the implementation of a big data strategy.

    • Storyboard: Build a Strategy for Big Data Platforms

    2. Assess the appropriateness of big data technologies

    Decide the most correct tools to use in order to solve enterprise data management problems.

    • Big Data Diagnostic Tool

    3. Determine the TCO of a scale out implementation

    Compare the TCO of a SQL (scale up) with a NoSQL (scale out) deployment to determine whether NoSQL will save costs.

    • Scale Up vs. Scale Out TCO Tool
    [infographic]

    Identify and Reduce Agile Contract Risk

    • Buy Link or Shortcode: {j2store}232|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Customer maturity levels with Agile are low, with 67% of organizations using Agile for less than five years.
    • Customer competency levels with Agile are also low, with 84% of organizations stating they are below a high level of competency.
    • Contract disputes are the number one or two types of disputes faced by organizations across all industries.

    Our Advice

    Critical Insight

    • Agile contracts require different wording and protections than traditional or waterfall contracts.
    • Agile buzzwords by themselves do not create an Agile contract.
    • There is a delicate balance between being overly prescriptive in an Agile contract and too lax.

    Impact and Result

    • Identify options for Agile contract provisions.
    • Manage Agile contract risk by selecting the appropriate level of protections for an Agile project.
    • Harness the power of Agile development and collaboration with the vendor while preserving contractual flexibility.
    • Focus on the correct contract clauses to manage Agile risk.

    Identify and Reduce Agile Contract Risk Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should treat Agile contracts differently from traditional or waterfall contracts, and review Info-Tech’s methodology, and understand the twelve contract clauses that are different for Agile contracts.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify and evaluate options

    Use the information in this blueprint and Info-Tech’s Agile Contract Playbook-Checklist to review and assess your Agile contracts, ensuring that the provisions and protections are suitable for Agile contracts specifically.

    • Agile Contracts Playbook-Checklist
    [infographic]

    Workshop: Identify and Reduce Agile Contract Risk

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify and Evaluate Options

    The Purpose

    To understand Agile-specific contract clauses, to improve risk identification, and to be more effective at negotiating Agile contract terms.

    Key Benefits Achieved

    Increased awareness of how Agile contract provisions are different from traditional or waterfall contracts in 12 key areas.

    Understanding available options.

    Understanding the impact of being too prescriptive.

    Activities

    1.1 Review the Agile Contract Playbook-Checklist.

    1.2 Review 12 contract provisions and reinforce key learnings with exercises.

    Outputs

    Configured Playbook-Checklist as applicable

    Exercise results and debrief

    Define Requirements for Outsourcing the Service Desk

    • Buy Link or Shortcode: {j2store}493|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • In organizations where technical support is viewed as non-strategic, many see outsourcing as a cost-effective way to provide this support. However, outsourced projects often fall short of their goals in terms of cost savings and the quality of support. 
    • Significant administrative work and up-front costs are required to outsource the service desk, and poor planning often results in project failure and a decrease of end-user satisfaction.
    • A complete turnover of the service desk can result in lost knowledge and control over processes, and organizations without an exit strategy can struggle to bring their service desk back in house and return the confidence of end users.

    Our Advice

    Critical Insight

    • Outsourcing is easy. Realizing the expected cost, quality, and focus benefits is hard. Successful outsourcing without being directly involved in service desk management is almost impossible.
    • You don’t need to standardize before you outsource, but you still need to conduct your due diligence. If you outsource without thinking about how you want the future to work, you will likely be unsatisfied with the result.
    • If cost is your only driver for outsourcing, understand that it comes at a cost. Customer service quality will likely be less, and your outsourcer may not add on frills such as Continual Improvement. Be careful that your specialists don’t end up spending more time working on incidents and service requests.

    Impact and Result

    • First decide if outsourcing is the correct step; there may be more preliminary work to do beforehand.
    • Assess requirements and make necessary adjustments before developing an outsource RFP.
    • Clearly define the project and produce an RFP to provide to vendors.
    • Plan for long-term success, not short-term gain.
    • Prepare to retain some of the higher-level service desk work.

    Define Requirements for Outsourcing the Service Desk Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Requirements for Outsourcing the Service Desk Deck – A step-by-step document to walk you through building a strategy for efficient service desk outsourcing.

    This storyboard will help you craft a project charter, create an RFP, and outline strategies to build a long-term relationship with the vendor.

    • Define Requirements for Outsourcing the Service Desk – Storyboard
    • Service Desk Outsourcing Requirements Database Library

    2. Service Desk Outsourcing Project Charter Template and Requirements Library – Best-of-breed templates to help you determine processes and build a strategy to outsource them.

    These templates will help you determine your service desk requirements and document your proposed service desk outsourcing strategy.

    • Service Desk Outsourcing Project Charter Template

    3. Service Desk Outsourcing RFP Template – A structured document to help you outline expectations and communicate requirements to managed service providers.

    This template will allow you to create a detailed RFP for your outsourcing agreement, document the statement of work, provide service overview, record exit conditions, and document licensing model and estimated pricing.

    • Service Desk Outsourcing RFP Template

    4. Service Desk Outsourcing Reference Interview Template and Scoring Tool – Materials to help you conduct efficient briefings and select the best vendor to fulfill your service desk requirements.

    Use the Reference Interview Template to outline a list of questions for interviewing current/previous customers of your candidate vendors. These interviews will help you with unbiased vendor scoring. The RFP Vendor Scoring Tool will help you facilitate vendor briefings with your list of questions and score candidate vendors efficiently through quantifying evaluations.

    • Service Desk Outsourcing Reference Interview Template
    • Service Desk Outsourcing RFP Scoring Tool

    Infographic

    Further reading

    Define Requirements for Outsourcing the Service Desk

    Prepare your RFP for long-term success, not short-term gains

    Define Requirements for Outsourcing the Service Desk

    Prepare your RFP for long-term success, not short-term gains

    EXECUTIVE BRIEF

    Analyst Perspective

    Outsource services with your eyes wide open.

    Cost reduction has traditionally been an incentive for outsourcing the service desk. This is especially the case for organizations that don't have minimal processes in place and those that need resources and skills to fill gaps.

    Although cost reduction is usually the main reason to outsource the service desk, in most cases service desk outsourcing increases the cost in a short run. But without a proper model, you will only outsource your problems rather than solving them. A successful outsourcing strategy follows a comprehensive plan that defines objectives, assigns accountabilities, and sets expectations for service delivery prior to vendor outreach.

    For outsourcing the service desk, you should plan ahead, work as a group, define requirements, prepare a strong RFP, and contemplate tension metrics to ensure continual improvement. As you build a project charter to outline your strategy for outsourcing your IT services, ensure you focus on better customer service instead of cost optimization. Ensure that the outsourcer can support your demands, considering your long-term achievement.

    Think about outsourcing like a marriage deed. Take into account building a good relationship before beginning the contract, ensure to include expectations in the agreement, and make it possible to exit the agreement if expectations are not satisfied or service improvement is not achieved.

    This is a picture of Mahmoud Ramin, PhD, Senior Research Analyst, Infrastructure and Operations, Info-Tech Research Group

    Mahmoud Ramin, PhD
    Senior Research Analyst
    Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    In organizations where technical support is viewed as non-strategic, many see outsourcing as a cost-effective way to provide this support. However, outsourcing projects often fall short of their goals in terms of cost savings and quality of support.

    Common Obstacles

    Significant administrative work and up-front costs are required to outsource the service desk, and poor planning often results in project failure and the decrease of end-user satisfaction.

    A complete turnover of the service desk can result in lost knowledge and control over processes, and organizations without an exit strategy can struggle to bring their service desk back in house and reestablish the confidence of end users.

    Info-Tech's Approach

    • First decide if outsourcing is the correct step; there may be more preliminary work to do beforehand.
    • Assess requirements and make necessary adjustments before developing an outsource RFP.
    • Clearly define the project and produce an RFP to provide to vendors.
    • Plan for long-term success, not short-term gains.
    • Prepare to retain some of the higher-level service desk work.

    Info-Tech Insight

    Outsourcing is easy. Realizing all of the expected cost, quality, and focus benefits is hard. Successful outsourcing without being directly involved in service desk management is almost impossible.

    Your challenge

    This research is designed to help organizations that need to:

    • Outsource the service desk or portions of service management to improve service delivery.
    • Improve and repatriate existing outsourcing outcomes by becoming more engaged in the management of the function. Regular reviews of performance metrics, staffing, escalation, knowledge base content, and customer satisfaction are critical.
    • Understand the impact that outsourcing would have on the service desk.
    • Understand the potential benefits that outsourcing can bring to the organization.

    This image contains a donut chart with the following information: Salaries and Benefits - 68.50%; Technology - 9.30%; Office Space and Facilities Expense - 14.90%; Travel, Training, and Office Supplies - 7.30%

    Source: HDI 2017

    About 68.5% of the service desk fund is allocated to agent salaries, while only 9.3% of the service desk fund is spent on technology. The high ratio of salaries and expenses over other expense drives organizations to outsource their service desk without taking other considerations into account.

    Info-Tech Insight

    The outsourcing contract must preserve your control, possession, and ownership of the intellectual property involved in the service desk operation. From the beginning of the process, repatriation should be viewed as a possibility and preserved as a capability.

    Your challenge

    This research helps organizations who would like to achieve these goals:

    • Determine objectives and requirements to outsource the service desk.
    • Develop a project charter and build an outsourcing strategy to efficiently define processes to reduce risk of failure.
    • Build an outsourcing RFP and conduct interviews to identify the best candidate for service delivery.
    • Build a long-term relationship with an outsourcing vendor, making sure the vendor is able to satisfy all requirements.
    • Include a continual improvement plan in the outsourcing strategy and contain the option upon service delivery dissatisfaction.

    New hires require between 10 and 80 hours of training (Forward Bpo Inc., 2019).

    A benchmark study by Zendesk from 45,000 companies reveals that timely resolution of issues and 24/7 service are the biggest factors in customer service experience.

    This image contains a bar graph with the following data: Timely issue resolution; 24/7 support; Friendly agent; Desired contact method; Not to repeat info; Proactive support; Self-serve; Call back; Rewards & freebies

    These factors push many businesses to consider service desk outsourcing to vendors that have capabilities to fulfill such requirements.

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • In most cases, organizations must perform significant administrative work before they can make a move. Those that fail to properly prepare impede a smooth transition, the success of the vendor, and the ability to repatriate.
    • Successful outsourcing comes from the recognition that an organization is experiencing complete turnover of its service desk staff. These organizations engage the vendor to transition knowledge and process to ensure continuity of quality.
    • IT realizes the most profound hidden costs of outsourcing when the rate of ticket escalation increases, diminishing the capacity of senior technical staff for strategic project work.

    Many organizations may not get the value they expect from outsourcing in their first year.

    Common Reasons:

    • Overall lack of due diligence in the outsourcing process
    • Unsuitable or unclear service transition plan
    • Poor service provider selection and management

    Poor transition planning results in delayed benefits and a poor relationship with your outsourcing service provider. A poor relationship with your service provider results in poor communication and knowledge transfer.

    Key components of a successful plan:

    1. Determine goals and identify requirements before developing an RFP.
    2. Finalize your outsourcing project charter and get ready for vendor evaluation.
    3. Assess and select the most appropriate provider; manage the transition and vendor relationship.

    Outsource the service desk properly, and you could see a wide range of benefits

    Service Desk Outsourcing: Ability to scale up/down; Reduce fixed costs; Refocus IT efforts on core activities; Access to up-to-date technology; Adhere to  ITSM best practices; Increased process optimization; Focus IT efforts on advanced expertise; Reframe to shift-left;

    Info-Tech Insight

    In your service desk outsourcing strategy, rethink downsizing first-level IT service staff. This can be an opportunity to reassign resources to more valuable roles, such as asset management, development or project backlog. Your current service desk staff are most likely familiar with the current technology, processes, and regulations within IT. Consider the ways to better use your existing resources before reducing headcount.

    Info-Tech's Approach

    Determine Goals

    Conduct activities in the blueprint to pinpoint your current challenges with the service desk and find out objectives to outsource customer service.

    Define Requirements

    You need to be clear about the processes that will be outsourced. Considering your objectives, we'll help you discover the processes to outsource, to help you achieve your goals.

    Develop RFP

    Your expectations should be documented in a formal proposal to help vendors provide solid information about how they will satisfy your requirements and what their plan is.

    Build Long-Term Relationship

    Make sure to plan for continual improvement by setting expectations, tracking the services with proper metrics, and using efficient communication with the provider. Think about the rainy day and include exit conditions for ending the relationship if needed.

    Info-Tech's methodology

    1. Define the Goal

    2. Design an Outsourcing Strategy

    3. Develop an RFP and Make a Long-Term Relationship

    Phase Steps

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare service overview and responsibility matrix

    3.2 Define approach to vendor relationship management

    3.3 Manage the outsource relationship

    Phase Outcomes

    Service Desk Outsourcing Vision and Goals

    Service Desk Processes to Outsource

    Outsourcing Roles and Responsibilities

    Outsourcing Risks and Constraints

    Service Desk Outsourcing Project Charter

    Service Desk Outsourcing RFP

    Continual Improvement Plan

    Exit Strategy

    This is an image of the strategy which you will use to build your requirements for outsourcing the service desk.  it includes: 1. Define the Goal; 2. Design an Outsourcing Strategy; 3. Develop RFP and long-term relationship.

    Insight summary

    Focus on value

    Outsourcing is easy. Realizing all of the expected cost, quality, and focus benefits is hard. Successful outsourcing without being directly involved in service desk management is almost impossible.

    Define outsourcing requirements

    You don't need to standardize before you outsource, but you still need to conduct your due diligence. If you outsource without thinking about how you want the future to work, you will likely be unsatisfied with the result.

    Don't focus on cost

    If cost is your only driver for outsourcing, understand that there will be other challenges. Customer service quality will likely be less, and your outsourcer may not add on frills such as Continual Improvement. Be careful that your specialists don't end up spending more time working on incidents and service requests.

    Emphasize on customer service

    A bad outsourcer relationship will result in low business satisfaction with IT overall. The service desk is the face of IT, and if users are dissatisfied with the service desk, then they are much likelier to be dissatisfied with IT overall.

    Vendors are not magicians

    They have standards in place to help them succeed. Determine ITSM best practices, define your requirements, and adjust process workflows accordingly. Your staff and end users will have a much easier transition once outsourcing proceeds.

    Plan ahead to guarantee success

    Identify outsourcing goals, plan for service and system integrations, document standard incidents and requests, and track tension metrics to make sure the vendor does the work efficiently. Aim for building a long-term relationship but contemplate potential exit strategy.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    This is a screenshot from the Service Desk Outsourcing Requirements Database Library

    Service Desk Outsourcing Requirements Database Library

    Use this library to guide you through processes to outsource

    This is a screenshot from the Service Desk Outsourcing RFP Template

    Service Desk Outsourcing RFP Template

    Use this template to craft a proposal for outsourcing your service desk

    This is a screenshot from the Service Desk Outsourcing Reference Interview Template

    Service Desk Outsourcing Reference Interview Template

    Use this template to verify vendor claims on service delivery with pervious or current customers

    This is a screenshot from the Service Desk Outsourcing Vendor Proposal Scoring Tool

    Service Desk Outsourcing Vendor Proposal Scoring Tool

    Use this tool to evaluate RFP submissions

    Key deliverable:

    This is a screenshot from the key deliverable, Service Desk Outsourcing Project Charter

    Service Desk Outsourcing Project Charter

    Document your project scope and outsourcing strategy in this template to organize the project for efficient resource and requirement allocation

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Determine current challenges with the service desk and identify services to outsource.
    • Make the project charter for an efficient outsourcing strategy that will lead to higher satisfaction from IT.
    • Select the best outsource vendor that will satisfy most of the identified requirements.
    • Reduce the risk of project failure with efficient planning.
    • Understand potential feasibility of service desk outsourcing and its possible impact on business satisfaction.
    • Improve end-user satisfaction through a better service delivery.
    • Conduct more efficient resource allocation with outsourcing customer service.
    • Develop a long-term relationship between the enterprise and vendor through a continual improvement plan.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1Phase 2Phase 3

    Call #1: Scope your specific challenges and objectives

    Call #3: Identify project stakeholders, and potential risks and constraints

    Call #5: Create a detailed RFP

    Call #6: Identify strategy risks.

    Call #2: Assess outsourcing feasibility and processes to outsourceCall #4: Create a list of metrics to ensure efficient reporting

    Call #7: Prepare for vendor briefing and scoring each vendor

    Call #8: Build a communication plan

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 10 calls over the course of 4 to 6 months.

    Phase 1

    Define the goal

    Define the goal

    Design an outsourcing strategy

    Develop an RFP and make a long-term relationship

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare a service overview and responsibility matrix

    3.2 Define your approach to vendor relationship management

    3.3 Manage the outsource relationship

    This phase will walk you through the following activities:

    • Analysis outsourcing objectives
    • Assess outsourcing feasibility
    • Identify services and processes to outsource

    This phase involves the following participants:

    • Service Desk Team
    • IT Leadership

    Define requirements for outsourcing service desk support

    Step 1.1

    Identify goals and objectives

    Activities

    1.1.1 Find out why you want to outsource your service desk

    1.1.2 Document the benefits of outsourcing your service desk

    1.1.3 Identify your outsourcing vision and goals

    1.1.4 Prioritize service desk outsourcing goals to help structure your mission statement

    1.1.5 Craft a mission statement that demonstrates your decision to reach your outsourcing objectives

    Define the goal

    This step requires the following inputs:

    • List of strengths and weaknesses of the service desk
    • Challenges with the service desk

    This step involves the following participants:

    • CIO
    • IT Leadership
    • Service Desk Manager
    • IT Managers

    Outcomes of this step

    • Service desk outsourcing vision and goals
    • Benefits of outsourcing the service desk
    • Mission statement

    What is your rationale to outsource the service desk?

    Potential benefits of outsourcing the service desk:

    • Bring in the expertise and knowledge to manage tickets according to best-practice guidelines
    • Reduce the timeline to response and resolution
    • Improve IT productivity
    • Enhance IT services and improve performance
    • Augment relationship between IT and business through service-level improvement
    • Free up the internal team and focus IT on complex projects and higher priority tasks
    • Speed up service desk optimization
    • Improve end-user satisfaction through efficient IT services
    • Reduce impact of incidents through effective incident management
    • Increase service consistency via turnover reduction
    • Expand coverage hour and access points
    • Expand languages to service different geographical areas

    1.1.1 Find out why you want to outsource your service desk

    1 hour

    Service desk is the face of IT. Service desk improvement increases IT efficiency, lowers operation costs, and enhances business satisfaction.

    Common challenges that result in deciding to outsource the service desk are:

    Participants: IT Director, Service Desk Manager, Service Desk Team

    ChallengeExample
    Lack of tier 1 supportStartup does not have a dedicated service desk to handle incidents and provide services to end users.
    Inefficient ticket handlingMTTR is very high and end users are frustrated with their issues not getting solved quickly. Even if they call service desk, they are put on hold for a long time. Due to these inefficiencies, their daily work is greatly impacted.
    Restricted service hoursCompany headquartered in Texas does not have resources to provide 24/7 IT service. When users in the East Asia branch have a laptop issue, they must wait until the next day to get response from IT. This has diminished their satisfaction.
    Restricted languagesCompany X is headquartered in New York. An end user not fluent in English from Madrid calls in for support. It takes five minutes for the agent to understand the issue and log a ticket.
    Ticket backlogIT is in firefighting mode, very busy with taking care of critical incidents and requests from upper management. Almost no one is committed to the SLA because of their limited availability.

    Brainstorm your challenges with the service desk. Why have you decided to outsource your service desk? Use the above table as a sample.

    1.1.2 Document benefits of outsourcing your service desk

    1 hour

    1. Review the challenges with your current service desk identified in activity 1.1.1.
    2. Discuss possible ways to tackle these challenges. Be specific and determine ways to resolve these issues if you were to do it internally.
    3. Determine potential benefits of outsourcing the service desk to IT, business, and end users.
    4. For each benefit, describe dependencies. For instance, to reduce the number of direct calls (benefit), users should have access to service desk as a single point of contact (dependency).
    5. Document this activity in the Service Desk Outsourcing Project Charter Template.

    Download the Project Charter Template

    Input

    • List of challenges with the current service desk from activity 1.1.1

    Output

    • Benefits of outsourcing the service desk

    Materials

    • Whiteboard/flip charts
    • Markers
    • Sticky notes
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team
    • IT Managers

    Why should you not consider cost reduction as a primary incentive to outsourcing the service desk?

    Assume that some of the costs will not go away with outsourcing

    When you outsource, the vendor's staff tend to gradually become less effective as:

    • They are managed by metrics to reduce costs by escalating sooner, reducing talk time, and proposing questionable solutions.
    • Turnover results in new employees that get insufficient training.

    You must actively manage the vendor to identify and resolve these issues. Many organizations find that service desk management takes more time after they outsource.

    You need to keep spending on service desk management, and you may not get away from technology infrastructure spending.

    Info-Tech Insight

    In their first year, almost 42% of Info-Tech's clients do not get the real value of outsourcing services as expected. This iss primarily because of misalignment of organizational goals with outcomes of the outsourced services.

    Consider the hidden costs of outsourcing

    Expected Costs

    Unexpected Costs

    Example

    Transition CostsSeverance and staff retention
    • Cost to adapt to vendor standards
    • Training cost of vendor staff
    • Lost productivity
    • Format for requirements
    • Training report developers to work with vendor systems
    FeesPrice of the engagement
    • Extra fees for additional services
    • Extra charges for uploading data to cloud storage
    • Portal access
    Management CostsTime directing account
    • Time directly managing vendor staff
    • Checking deliverables for errors
    • Disputing penalty amounts
    Rework CostsDowntime, defect rate, etc. (quality metrics measured in SLAs)
    • Time spent adapting deliverables for unanticipated requirements
    • Time spent assuring the quality and usefulness of deliverables
    • Completing quality assurance and updating knowledgebase articles
    • Adapting reporting for presentation to stakeholders

    Determine strategies to avoid each hidden cost

    Costs related to transitioning into the engagementAdapting to standards and training costs

    Adapting to standards: Define the process improvements you will need to work with each potential vendor.

    Training costs for vendor staff: Reduce training costs by keeping the same vendor staff on all of your projects.

    Fee-related costs

    Fees for additional services (that you thought were included)

    Carefully review each proposed statement of work to identify and reduce extra fees. Understand why extra fees occur in the SLA, the contract, and the proposed statement of work, and take steps to protect yourself and the vendor.

    Management-related costs

    Direct management of vendor staff and dispute resolution

    Direct management of vendor staff: Avoid excessive management costs by defining a two-tier management structure on both sides of the engagement.

    Time spent resolving disputes: Avoid prolonged resolution costs by defining terms of divorce for the engagement up front.

    Rework costs

    Unanticipated requirements and integration with existing systems

    Unanticipated requirements: Use a two-stage process to define requirements, starting with business people and then with review by technical staff.

    Integration with existing systems: Obtain a commitment from vendors that deliverables will conform to standards at points of integration with your systems.

    Your outsourcing strategy should address the reasons you decided to outsource

    A clear vision of strategic objectives prior to entering an outsourcing agreement will allow you to clearly communicate these objectives to the Managed Service Provider (MSP) and use them as a contracted basis for the relationship.

    • Define the business' overall approach to outsourcing along with the priorities, rules, and principles that will drive the outsourcing strategy and every subsequent outsourcing decision and activity.
    • Define specific business, service, and technical goals for the outsourcing project and relevant measures of success.

    "People often don't have a clear direction around what they're trying to accomplish. The strategic goals should be documented. Is this a cost-savings exercise? Is it because you're deficient in one area? Is it because you don't have the tools or expertise to run the service desk yourself? Figure out what problem you're trying to solve by outsourcing, then build your strategy around that.
    – Jeremy Gagne, Application Support Delivery Manager, Allegis Group

    Most organizations are driven to consider outsourcing their service desk hoping to improve the following:

    • Ability to scale (train people and acquire skills)
    • Focus on core competencies
    • Decrease capital costs
    • Access latest technology without large investment
    • Resolve labor force constraints
    • Gain access to special expertise without paying a full salary
    • Save money overall

    Info-Tech Insight

    Use your goals and objectives as a management tool. Clearly outline your desired project outcomes to both your in-house team and the vendor during implementation and monitoring. It will allow a common ground to unite both parties as the project progresses.

    Mitigate pitfalls that lay in the way of desired outcomes of outsourcing

    Desired outcomePitfalls to overcome
    IT can focus on core competencies and strategic initiatives rather than break-fix tasks.Escalation to second- and third-level support usually increases when the first level has been outsourced. Outsourcers will have less experience with your typical incidents and will give up on trying to solve some issues more quickly than your internal level-one staff.
    Low outsourcing costs compared to the costs needed to employ internal employees in the same role. Due to lack of incentive to decrease ticket volume, costs are likely to increase. As a result, organizations often find themselves paying more overall for an outsourced service desk than if they had a few dedicated IT service desk employees in-house.
    Improved employee morale as a result of being able to focus on more interesting tasks.Management often expects existing employee morale to increase as a result of shifting their focus to core and strategic tasks, but the fear of diminished job security often spreads to the remaining non-level-one employees.

    1.1.3 Identify outsourcing vision and goals

    Identify the goals and objectives of outsourcing to inform your strategy.

    Participants: IT Director, Service Desk Manager, Service Desk Team

    1-2 hours

    1. Meet with key business stakeholders and the service desk staff who were involved in the decision to outsource.
    2. As a group, review the results from activity 1.1.1 (challenges with current service desk operations) and identify the goals and objectives of the outsourcing initiative.
    3. Determine the key performance indicator (KPI) for each goal.
    4. Identify the impacted stakeholder/s for each goal.
    5. Discuss checkpoint schedule for each goal to make sure the list stays updated.

    Use the sample table as a starting point:

    1. Document your table in the Service Desk Outsourcing Project Charter Template.
    IDGoal DescriptionKPIImpacted StakeholdersCheckpoint Schedule
    1Provide capacity to take calls outside of current service desk work hours
    • Decreased in time to response
    • Decreased time to resolve
    • IT Entire organization
    • Every month
    2Take calls in different languages
    • Improved service delivery in different geographical regions
    • Improved end-user satisfaction
    • End users
    • Every month
    3Provide field support at remote sites with no IT presence without having to fly out an employee
    • 40% faster incident resolution and request fulfillment
    • Entire organization
    • Every month
    4Improve ease of management by vendor helping with managing and optimizing service desk tasks
    • Improved service management efficiency
    • Entire organization
    • Every 3 months

    Download the Project Charter Template

    Evaluate organizational demographics to assess outsourcing rationale

    The size, complexity, and maturity of your organization are good indicators of service desk direction with regards to outsourcing.

    Organization Size

    • As more devices, applications, systems, and users are added to the mix, vendor costs will increase but their ability to meet business needs will decrease.
    • Small organizations are often either rejected by vendors for being too small or locked into a contract that is overkill for their actual needs (and budget).

    Complexity

    • Highly customized environments and organizations with specialized applications or stringent regulatory requirements are very difficult to outsource for a reasonable cost and acceptable quality.
    • In these cases, the vendor is required to train skilled support or ends up escalating more tickets back to second- and third-level support.

    Requirements

    • Organizations looking to outsource must have defined outsourcing requirements before looking at vendors.
    • Without a requirement assessment, the vendor won't have guidelines to follow and you won't be able to measure their adherence.

    Info-Tech Insight

    Although less adherence to service desk best practices can be one of the main incentives to outsourcing the service desk, IT should have minimal processes in place to be able to set expectations with targeting vendors.

    1.1.4 Prioritize service desk outsourcing goals to help structure mission statement

    0.5-1 hour

    The evaluation process for outsourcing the service desk should be done very carefully. Project leaders should make sure they won't panic internal resources and impact their performance through the transition period.

    If the outsourcing process is rushed, it will result in poor evaluation, inefficient decision making, and project failure.

    1. Refer to results in activity 1.1.3. Discuss the service desk outsourcing goals once again.
    2. Brainstorm the most important objectives. Use sticky notes to prioritize the items from the most important to the least important.
    3. Edit the order accordingly.

    Input

    • Project goals from activity 1.1.3

    Output

    • Prioritized list of outsourcing goals

    Materials

    • Whiteboard/flip charts
    • Markers
    • Sticky notes
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team
    • IT Managers

    Download the Project Charter Template

    1.1.5 Craft a mission statement that demonstrates your decision to reach outsourcing objectives

    Participants: IT Director, Service Desk Manager

    0.5-1 hour

    The IT mission statement specifies the function's purpose or reason for being. The mission should guide each day's activities and decisions. The mission statement should use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

    Strong IT mission statements:

    • Articulate the IT function's purpose and reason for existence
    • Describe what the IT function does to achieve its vision
    • Define the customers of the IT function
    • Can be described as:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Inspirational
      • Memorable
      • Concise

    Sample mission statements:

    • To help fulfill organizational goals, IT has decided to empower business stakeholders with outsourcing the service desk.
    • To support efficient IT service provision, better collaboration, and effective communication, [Company Name] has decided to outsource the service desk.
    • [Company Name] plans to outsource the service desk so it can identify bottlenecks and inefficiencies with current service desk processes and enable [Company Name] to innovate and support business growth.
    • Considering the goals and benefits determined in the previous activities, outline a mission statement.
    • Document your outsourcing mission statement in the "Project Overview" section of the Project Charter Template.

    Download the Project Charter Template

    Step 1.2

    Assess outsourcing feasibility

    Activities

    1.2.1 Create a baseline of customer experience

    1.2.2 Identify service desk processes to outsource

    1.2.3 Design an outsourcing decision matrix for service desk processes and services

    1.2.4 Discuss if you need to outsource only service desk or if additional services would benefit from outsourcing too

    Define the goal

    This step requires the following inputs:

    • List of service desk tasks and responsibilities

    This step involves the following participants:

    • CIO
    • IT Leadership
    • Service Desk Manager
    • Infrastructure Manager

    Outcomes of this step

    • End-user satisfaction with the service desk
    • List of processes and services to outsource

    1.2.1 Create a baseline of customer experience

    Solicit targeted department feedback on IT's core service capabilities, communications, and business enablement from end users. Use this feedback to assess end-user satisfaction with each service, broken down by department and seniority level.

    1. Complete an end-user satisfaction survey to define the current state of your IT services, including service desk (timeliness and effectiveness). With Info-Tech's end-user satisfaction program, an analyst will help you set up the diagnostic and will go through the report with you.
    2. Evaluate survey results.
    3. Communicate survey results with team leads and discuss the satisfaction rates and comments of the end users.
    4. Schedule to launch another survey one year after outsourcing the service desk.
    5. Your results will be compared to the following year's results to analyze the overall success/failure of your outsourcing project.

    A decrease of business and end-user satisfaction is a big drive to outsourcing the service desk. Conduct a customer service survey to discover your end-user experience prior to and after outsourcing the service desk.

    Don't get caught believing common misconceptions: outsourcing doesn't mean sending away all the work

    First-time outsourcers often assume they are transferring most of the operations over to the vendor, but this is often not the case.

    1. Management of performance, SLAs, and customer satisfaction remain the responsibility of your organization.
    2. Service desk outsource vendors provide first-line response. This includes answering the phones, troubleshooting simple problems, and redirecting requests that are more complex.
    3. The vendor is often able to provide specialized support for standard applications (and for customized applications if you'll pay for it). However, the desktop support still needs someone onsite, and that service is very expensive to outsource.
    4. Tickets that are focused on custom applications and require specialized or advanced support are escalated back to your organization's second- and third-level support teams.

    Switching to a vendor won't necessarily improve your service desk maturity

    You should have minimal requirements before moving.

    Whether managing in-house or outsourcing, it is your job to ensure core issues have been clarified, processes defined, and standards maintained. If your processes are ad-hoc or non-existent right now, outsourcing won't fix them.

    You must have the following in place before looking to outsource:

    • Defined reporting needs and plans
    • Formalized skill-set requirements
    • Problem management and escalation guidelines
    • Ticket templates and classification rules
    • Workflow details
    • Knowledge base standards

    Info-Tech Insight

    If you expect your problems to disappear with outsourcing, they might just get worse.

    Define long-term requirements

    Anticipate growth throughout the lifecycle of your outsourcing contract and build that into the RFP

    • Most outsourcing agreements typically last three to five years. In that time, you risk outgrowing your service provider by neglecting to define your long-term service desk requirements.
    • Outgrowing your vendor before your contract ends can be expensive due to high switching costs. Managing multiple vendors can also be problematic.
    • It is crucial to define your service desk requirements before developing a request for proposal to make sure the service you select can meet your organization's needs.
    • Make sure that the business is involved in this planning stage, as the goals of IT need to scale with the growth strategy of the business. You may select a vendor with no additional capacity despite the fact that your organization has a major expansion planned to begin two years from now. Assessing future requirements also allows you to culture match with the vendor. If your outlooks and practices are similar, the match will likely click.

    Info-Tech Insight

    Don't select a vendor for what your company is today – select a vendor for what your company will be years from now. Define your future service desk requirements in addition to your current requirements and leave room for growth and development.

    You can't outsource everything

    Manage the things that stay in-house well or suffer the consequences.

    "You can't outsource management; you can only outsource supervision." Barry Cousins, Practice Lead, Info-Tech Research Group

    What can be the vendor in charge of?

    What stays in-house?

    • Call and email answering
    • Ongoing daily ticket creation and tracking
    • Tier 1 support
    • Internal escalation to Level 2 support
    • External escalation to specialized Level 2 and Level 3 support
    • Knowledge base article creation
    • Service desk-related hardware acquisition and maintenance
    • Service desk software acquisition and maintenance
    • Security and access management
    • Disaster recovery
    • Staff acquisition
    • Facilities
    • The role of the Service Desk Manager
    • Skills and training standards
    • Document standardization
    • Knowledge base quality assurance and documentation standardization
    • Self-service maintenance, promotion, and ownership
    • Short and long-term tracking of vendor performance

    Info-Tech Insight

    The need for a Service Desk Manager does not go away when you outsource. In fact, the need becomes even stronger and never diminishes.

    Assess current service desk processes before outsourcing

    Process standards with areas such as documentation, workflow, and ticket escalation should be in place before the decision to outsource has been made.

    Every effective service desk has a clear definition of the services that they are performing for the end user. You can't provide a service without knowing what the services are.

    MSPs typically have their own set of standards and processes in play. If your service desk is not at a similar level of maturity, outsourcing will not be pleasant.

    Make sure that your metrics are reported consistently and that they tell a story.

    "Establish baseline before outsourcing. Those organizations that don't have enough service desk maturity before outsourcing should work with the outsourcer to establish the baseline."
    – Yev Khobrenkov, Enterprise Consultant, Solvera Solutions

    Info-Tech Insight

    Outsourcing vendors are not service desk builders; they're service desk refiners. Switching to a vendor won't improve your maturity; you must have a certain degree of process maturity and standardization before moving.

    Case Study

    INDUSTRY: Cleaning Supplies

    SOURCE: PicNet

    Challenge

    • Reckitt Benckiser of Australia determined that its core service desk needed to be outsourced.
    • It would retain its higher level service desk staff to work on strategic projects.
    • The MSP needed to fulfill key requirements outlined by Reckitt Benckiser.

    Solution

    • Reckitt Benckiser recognized that its rapidly evolving IT needs required a service desk that could fulfill the following tasks:
    • Free up internal IT staff.
    • Provide in-depth understanding of business apps.
    • Offer efficient, cost-effective support onsite.
    • Focus on continual service improvement (CSI).

    Results

    • An RFP was developed to support the outsourcing strategy.
    • With the project structure outlined and the requirements of the vendor for the business identified, Reckitt Benckiser could now focus on selecting a vendor that met its needs.

    1.2.1 Identify service desk processes to outsource

    2-3 hours

    Review your prioritized project goals from activity 1.1.4.

    Brainstorm requirements and use cases for each goal and describe each use case. For example: To improve service desk timeliness, IT should improve incident management, to resolve incidents according to the defined SLA and based on ticket priority levels.

    Discuss if you're outsourcing just incident management or both incident management and request fulfillment. If both, determine what level of service requests will be outsourced? Will you ask the vendor to provide a service catalog? Will you outsource self-serve and automation?

    Document your findings in the service desk outsourcing requirements database library.

    Input

    • Outsourcing project goals from activity 1.1.4

    Output

    • List of processes to outsource

    Materials

    • Sticky notes
    • Markers
    • Whiteboard/flip charts
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Requirements Database Library

    1.2.2 Design an outsourcing decision matrix for service desk processes and services

    Participants: IT Director, Service Desk Manager, Infrastructure manager

    2-3 hours

    Most successful service desk outsourcing engagements have a primary goal of freeing up their internal resources to work on complex tasks and projects. The key outsourcing success factor is to find out internal services and processes that are standardized or should be standardized, and then determine if they can be outsourced.

    1. Review the list of identified service desk processes from activity 1.2.1.
    2. Discuss the maturity level of each process (low, medium, high) and document under the maturity column of the Outsource the Service Desk Requirements Database Library.
    3. Use the following decision matrix for each process. Discuss which tasks are important to strategic objectives, which ones provide competitive advantage, and which ones require specialized in-house knowledge.
    4. Identify processes that receive high vendor's performance advantage. For instance, access to talent, lower cost at scale, and access to technology.
    5. In your outsourcing assessment, consider a narrow scope of engagement and a broad view of what is important to business outcome.
    6. Based on your findings, determine the priority of each process to be outsourced. Document results in the service desk outsourcing requirements database library, and section 4.1 of the service desk outsourcing project charter.
    • Important to strategic objectives
    • Provides competitive advantage
    • Specialized in-house knowledge required

    This is an image of a quadrant analysis, where the X axis is labeled Vendor's Performance Advantage, and the Y axis is labeled Importance to Business Outcomes.

    • Talent/access to skills
    • Economies of scale/lower cost at scale
    • Access to technology

    Download the Requirements Database Library

    Download the Project Charter Template

    Maintain staff and training: you need to know who is being hired, how, and why

    Define documentation rules to retain knowledge

    • Establish a standard knowledge article template and list of required information.
    • Train staff on the requirements of knowledge base creation and management. Help them understand the value of the time spent recording their work.
    • It is your responsibility to assure the quality of each knowledge article. Outline accountabilities for internal staff and track for performance evaluations.

    For information on better knowledge management, refer to Info-Tech's blueprint Optimize the Service Desk With a Shift-Left Strategy.

    Expect to manage stringent skills and training standards

    • Plan on being more formal about a Service Manager position and spending more time than you allocated previously.
    • Complete a thorough assessment of the skills you need to keep the service desk running smoothly.
    • Don't forget to account for any customized or proprietary systems. How will you train vendor staff to accommodate your needs? What does their turnaround look like: would it be more likely that you acquire a dependable employee in-house?
    • Staffing requirements need to be actively monitored to ensure the outsourcer doesn't have degradation of quality or hiring standards. Don't assume that things run well – complete regular checks and ask for access to audit results.
    • Are the systems and data being accessed by the vendor highly sensitive or subject to regulatory requirements? If so, it is your job to ensure that vendor staff are being screened appropriately.

    Does your service desk need to integrate to other IT services?

    A common challenge when outsourcing multiple services to more than one vendor is a lack of collaboration and communication between vendors.

    • Leverage SIAM capabilities to integrate service desk tasks to other IT services, if needed.
    • "Service Integration and Management (SIAM) is a management methodology that can be applied in an environment that includes services sourced from a number of service providers" (Scopism Limited, 2020).
    • SIAM supports cross-functional integrations. Organizations that look for a single provider will be less likely to get maximum benefits from SIAM.

    There are three layers of entities in SIAM:

    • Customer Organization: The customer who receives services, who defines the relationship with service providers.
    • Service Integrator: End-to-end service governance and integration is done at this layer, making sure all service providers are committed to their services.
    • Service Provider: Responsible party for service delivery according to contract. It can be combination of internal provider, managed by internal agreements, and external provider, managed by SLAs between providers and customer organization.

    Use SIAM to obtain better results from multiple service providers

    In the SIAM model, the customer organization keeps strategic, governance, and business activities, while integrating other services (either internally or externally).

    This is an image of the SIAM model

    SIAM Layers. Source: SIAM Foundation BoK

    Utilize SIAM to obtain better results from multiple service providers

    SIAM reduces service duplication and improves service delivery via managing internal and external service providers.

    To utilize the SIAM model, determine the following components:

    • Service providers
    • Service consumers
    • Service outcomes
    • Service obstacles and boundaries
    • Service dependencies
    • Technical requirements and interactions for each service
    • Service data and information including service levels

    To learn more about adopting SIAM, visit Scopism.

    1.2.3 Discuss if you need to outsource only service desk or if additional services would benefit from outsourcing too

    1-2 hours

    • Discuss principles and goals of SIAM and how integrating other services can apply within your processes.
    • Review the list of service desk processes and tasks to be outsourced from activities 1.2.1 and 1.2.2.
    • Brainstorm a list of other services that are outsourced/need to be outsourced.
    • Determine providers of each service (both internal and external). Document the other services to be integrated in the project charter template and requirements database library.

    Input

    • SIAM objectives
    • List of service desk processes to outsource

    Output

    • List of other services to outsource and integrate in the project

    Materials

    • Sticky notes
    • Markers
    • Whiteboard/flip charts
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Requirements Database Library

    Download the Project Charter Template

    Establish requirements for problem management in the outsourcing plan

    Your MSP should not just fulfill SLAs – they should be a proactive source of value.

    Problem management is a group effort. Make sure your internal team is assisted with sufficient and efficient data by the outsourcer to conduct a better problem management.

    Clearly state your organization's expectations for enabling problem management. MSPs may not necessarily need, and cannot do, problem management; however, they should provide metrics to help you discover trends, define recurring issues, and enable root cause analysis.

    For more information on problem management, refer to Info-Tech's blueprint Improve Incident and Problem Management.

    PROBLEM MANAGEMENT

    INCIDENT MANAGEMENT

    INTAKE: Ticket data from incident management is needed for incident matching to identify problems. Critical Incidents are also a main input to problem management.

    EVENT MANAGEMENT

    INTAKE: SMEs and operations teams monitoring system health events can identify indicators of potential future issues before they become incidents.

    APPLICATION, INFRASTRUCTURE, and SECURITY TEAMS

    ACTION: Problem tickets require investigation from relevant SMEs across different IT teams to identify potential solutions or workarounds.

    CHANGE MANAGEMENT

    OUTPUT: Problem resolution may need to go through Change Management for proper authorization and risk management.

    Outline problem management protocols to gain value from your service provider

    • For example, with a deep dive into ticket trend analysis, your MSP should be able to tell you that you've had a large number of tickets on a particular issue in the past month, allowing you to look into means to resolve the issue and prevent it from reoccurring.
    • A proactive MSP should be able to help your service levels improve over time. This should be built into the KPIs and metrics you ask for from the outsourcer.

    Sample Scenario

    Your MSP tracks ticket volume by platform.

    There are 100 network tickets/month, 200 systems tickets/month, and 5,000 end-user tickets/month.

    Tracking these numbers is a good start, but the real value is in the analysis. Why are there 5,000 end-user tickets? What are the trends?

    Your MSP should be providing a monthly root-cause analysis to help improve service quality.

    Outcomes:

    1. Meeting basic SLAs tells a small part of the story. The MSP is performing well in a functional sense, but this doesn't shed any insight on what kind of knowledge or value is being added.
    2. The MSP should provide routine updates on ticket trends and other insights gained through data analysis.
    3. A commitment to continual improvement will provide your organization with value throughout the duration of the outsourcing agreement.

    Phase 2

    Design an Outsourcing Strategy

    Define the goal

    Design an outsourcing strategy

    Develop an RFP and make a long-term relationship

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare a service overview and responsibility matrix

    3.2 Define your approach to vendor relationship management

    3.3 Manage the outsource relationship

    This phase will walk you through the following activities:

    • Identify roles and responsibilities
    • Determine potential risks of outsourcing the service desk
    • Build a list of metrics

    This phase involves the following participants:

    • Service Desk Team
    • IT Leadership

    Define requirements for outsourcing service desk support

    Step 2.1

    Identify project stakeholders

    Activity

    2.1.1 Identify internal outsourcing roles and responsibilities

    Design an Outsourcing Strategy

    This step requires the following inputs:

    • List of service desk roles
    • Service desk outsourcing goals

    This step involves the following participants:

    • IT Managers
    • Project Team
    • Service Desk Manager

    Outcome of this step

    • Outsourcing roles and responsibilities

    Design an outsourcing strategy to capture the vision of your service desk

    An outsourcing strategy is crucial to the proper accomplishment of an outsourcing project. By taking the time to think through your strategy beforehand, you will have a clear idea of your desired outcomes. This will make your RFP of higher quality and will result in a much easier negotiation process.

    Most MSPs are prepared to offer a standard proposal to clients who do not know what they want. These are agreements that are doomed to fail. A clearly defined set of goals (discussed in Phase 1), risks, and KPIs and metrics (covered in this phase) makes the agreement more beneficial for both parties in the long run.

    1. Identify goals and objectives
    2. Determine mission statement
    3. Define roles and responsibilities
    4. Identify risks and constraints
    5. Define KPIs and metrics
    6. Complete outsourcing strategy

    A successful outsourcing initiative depends on rigorous preparation

    Outsourcing is a garbage in, garbage out initiative. You need to give your service provider the information they need to provide an effective product.

    • Data quality is critical to your outsourcing initiative's success.
    • Your vendor will be much better equipped to help you and to better price its services if it has a thorough understanding of your IT environment.
    • This means more than just building a catalog of your hardware and software. You will need to make available documented policies and processes so you and your vendor can understand where they fit in.
    • Failure to completely document your environment can lead to a much longer time to value as your provider will have to spend much more time (and thus much more money) getting their service up and running.

    "You should fill the gap before outsourcing. You should make sure how to measure tickets, how to categorize, and what the cost of outsourcing will be. Then you'll be able to outsource the execution of the service. Start your own processes and then outsource their execution."
    – Kris Krishan, Head of IT and business systems, Waymo

    Case Study

    Digital media company built an outsourcing strategy to improve customer satisfaction

    INDUSTRY: Digital Media

    SOURCE: Auxis

    Challenge

    A Canadian multi-business company with over 13,000 employees would like to maintain a growing volume of digital content with their endpoint management.

    The client operated a tiered model service desk. Tier 1 was outsourced, and tier 2 tasks were done internally, for more complex tasks and projects.

    As a result of poor planning and defining goals, the company had issues with:

    • Low-quality ticket handling
    • High volume of tickets escalated to tier 2, restraining them from working on complex tickets
    • High turn over and a challenge with talent retention
    • Insufficient documentation to train external tier 1 team
    • Long resolution time and low end-user satisfaction

    Solution

    The company structured a strategy for outsourcing service desk and defined their expectations and requirements.

    They engaged with another outsourcer that would fulfill their requirements as planned.

    With the help of the outsourcer's consulting team, the client was able to define the gaps in their existing processes and system to:

    • Implement a better ticketing system that could follow best-practices guidelines
    • Restructure the team so they would be able to handle processes efficiently

    Results

    The proactive planning led to:

    • Significant improvement in first call resolution (82%).
    • MTTR improvement freed tier 2 to focus on business strategic objectives and allowed them to work on higher-value activities.
    • With a better strategy around outsourcing planning, the company saved 20% of cost compared to the previous outsourcer.
    • As a result of this partnership, the company is providing a 24/7 structure in multiple languages, which is aligned with the company's growth.
    • Due to having a clear strategy built for the project, the client now has better visibility into metrics that support long-term continual improvement plans.

    Define roles and responsibilities for the outsourcing transition to form the base of your outsourcing strategy

    There is no "I" in outsource; make sure the whole team is involved

    Outsourcing is a complete top-to-bottom process that involves multiple levels of engagement:

    • Management must make high-level decisions about staffing and negotiate contract details with the vendor.
    • Service desk employees must execute on the documentation and standardization of processes in an effort to increase maturity.
    • Roles and responsibilities need to be clearly defined to ensure that all aspects of the transition are completed on time.
    • Implement a full-scale effort that involves all relevant staff. The most common mistake is to have the project design follow the same top-down pattern as the decision-making process.

    Info-Tech Insight

    The service desk doesn't operate in isolation. The service desk interfaces with many other parts of the organization (such as finance, purchasing, field support, etc.), so it's important to ensure you engage stakeholders from other departments as well. If you only engage the service desk staff in your discussions around outsourcing strategy and RFP development, you may miss requirements that will come up when it's too late.

    2.1.1 Identify internal outsourcing roles and responsibilities

    2 hours

    1. The sample RACI chart in section 5 of the Project Charter Template outlines which positions are responsible, accountable, consulted, and informed for each major task within the outsourcing project.
    2. Responsible, is the group that is responsible for the execution and oversight of activities for the project. Accountable is the owner of the task/process, who is accountable for the results and outcomes. Consulted is the subject matter expert (SME) who is actively involved in the task/process and consulted on decisions. Informed is not actively involved with the task/process and is updated about decisions around the task/process.
    3. Make sure that you assign only one person as accountable per process. There can be multiple people responsible for each task. Consulted and Informed are optional for each task.
    4. Complete the RACI chart with recommended participants, and document in your service desk outsourcing project charter, under section 5.

    Input

    • RACI template
    • Org chart

    Output

    • List of roles and responsibilities for outsource project

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Project Charter Template

    Step 2.2

    Outline potential risks and constraints

    Activities

    2.2.1 Identify potential risks and constraints that may impact achievement of objectives

    2.2.2 Arrange groups of tension metrics to balance your reporting

    Design an Outsourcing Strategy

    This step will walk you through the following activities:

    • Outsourcing objectives
    • Potential risks

    This step involves the following participants:

    • IT Managers
    • Project Team
    • Service Desk Manager

    Outcomes of this step

    • Mitigation strategy for each risk
    • Service desk metrics

    Know your constraints to reduce surprises during project implementation

    No service desk is perfect; know your limits and plan accordingly

    Define your constraints to outsourcing the service desk.

    Consider all types of constraints and opportunities, including:

    • Business forces
    • Economic cycles
    • Disruptive tech
    • Regulation and compliance issues
    • Internal organizational issues

    Within the scope of a scouring decision, define your needs and objectives, measure those as much as possible, and compare them with the "as-is" situation.

    Start determining what alternative approaches/scenarios the organization could use to fill the gaps. Start a comparison of scenarios against drivers, goals, and risks.

    Constraints

    Goals and objectives

    • Budget
    • Maturity
    • Compliance
    • Regulations
    • Outsourcing Strategy

    Plan ahead for potential risks that may impede your strategy

    Risk assessment must go hand-in-hand with goal and objective planning

    Risk is inherent with any outsourcing project. Common outsourcing risks include:

    • Lack of commitment to the customer's goals from the vendor.
    • The distraction of managing the relationship with the vendor.
    • A perceived loss of control and a feeling of over-dependence on your vendor.
    • Managers may feel they have less influence on the development of strategy.
    • Retained staff may feel they have become less skilled in their specialist field.
    • Unanticipated expenses that were assumed to be offered by the vendor.
    • Savings only result from high capital investment in new projects on the part of the customer.

    Analyze the risks associated with a specific scenario. This analysis should identify and understand the most common sourcing and vendor risks using a risk-reward analysis for selected scenarios. Use tools and guidelines to assess and manage vendor risk and tailor risk evaluation criteria to the types of vendors and products.

    Info-Tech Insight

    Plan for the worst to prevent it from happening. Evaluating risk should cover a wide variety of scenarios including the worst possible cases. This type of thinking will be crucial when developing your exit strategy in a later exercise.

    2.2.1 Identify potential risks and constraints that may impact achievement of objectives

    1-3 hours

    1. Brainstorm any potential risks that may arise through the outsourcing project. Describe each risk and categorize both its probability of occurring and impact on the organization as high (H), medium (M), or low (L), using the table below:
    Risk Description

    Probability(H/M/L)

    Impact(H/M/L)Planned Mitigation
    Lack of documentationMMUse cloud-based solution to share documents.
    Knowledge transferLMDetailed knowledge-sharing agreement in place in the RFP.
    Processes not followedLHClear outline and definition of current processes.
    1. Identify any constraints for your outsourcing strategy that may restrict, limit, or place certain conditions on the outsourcing project.
      • This may include budget restrictions or staffing limitations.
      • Identifying constraints will help you be prepared for risks and will lessen their impact.
    2. Document risks and constraints in section 6 of the Service Desk Outsourcing Project Charter Template.

    Input

    • RACI template
    • Org chart

    Output

    • List of roles and responsibilities for outsource project

    Materials

    • Whiteboard/flip charts
    • Markers

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Project Charter Template

    Define service tiers and roles to develop clear vendor SLAs

    Management of performance, SLAs, and customer satisfaction remain the responsibility of your organization.

    Define the tiers and/or services that will be the responsibility of the MSP, as well as escalations and workflows across tiers. A sample outsourced structure is displayed here:

    External Vendor

    Tickets beyond the scope of the service desk staff need to be escalated back to the vendor responsible for the affected system.

    Tier 3

    Tickets that are focused on custom applications and require specialized or advanced support are escalated back to your organization's second- and third-level support teams.

    Tier 2

    The vendor is often able to provide specialized support for standard applications. However, the desktop support still needs someone onsite as that service is very expensive to outsource.

    Tier 1

    Service desk outsource vendors provide first-line response. This includes answering the phones, troubleshooting simple problems, and redirecting requests that are more complex.

    Info-Tech Insight

    If you outsource everything, you'll be at the mercy of consultancy or professional services shops later on. You won't have anyone in-house to help you deploy anything; you're at the mercy of a consultant to come in and tell you what to do and how much to spend. Keep your highly skilled people in-house to offset what you'd have to pay for consultancy. If you need to repatriate your service desk later on, you will need skills in-house to do so.

    Don't become obsessed with managing by short-term metrics – look at the big picture

    "Good" metric results may simply indicate proficient reactive fixing; long-term thinking involves implementing proactive, balanced solutions.

    KPIs demonstrate that you are running an effective service desk because:

    • You close an average of 300 tickets per week
    • Your first call resolution is above 90%
    • Your talk time is less than five minutes
    • Surveys reveal clients are satisfied

    While these results may appear great on the surface, metrics don't tell the whole story.

    The effort from any support team seeks to balance three elements:

    FCR: Time; Resources; Quality

    First-Contact Resolution (FCR) Rate

    Percentage of tickets resolved during first contact with user (e.g. before they hang up or within an hour of submitting ticket). Could be measured as first-contact, first-tier, or first-day resolution.

    End-User Satisfaction

    Perceived value of the service desk measured by a robust annual satisfaction survey of end users and/or transactional satisfaction surveys sent with a percentage of tickets.

    Ticket Volume and Cost Per Ticket

    Monthly operating expenses divided by average ticket volume per month. Report ticket volume by department or ticket category, and look at trends for context.

    Average Time to Resolve (incidents) or Fulfill (service requests)

    Time elapsed from when a ticket is "open" to "resolved." Distinguish between ticket resolution vs. closure, and measure time for incidents and service requests separately.

    Focus on tension metrics to achieve long-term success

    Tension metrics help create a balance by preventing teams from focusing on a single element.

    For example, an MSP built incentives around ticket volume for their staff, but not the quality of tickets. As a result, the MSP staff rushed through tickets and gamed the system while service quality suffered.

    Use metrics to establish baselines and benchmarking data:

    • If you know when spikes in ticket volumes occur, you can prepare to resource more appropriately for these time periods
    • Create KB articles to tackle recurring issues and assist tier 1 technicians and end users.
      • Employ a root cause analysis to eliminate recurring tickets.

    "We had an average talk time of 15 minutes per call and I wanted to ensure they could handle those calls in 15 minutes. But the behavior was opposite, [the vendor] would wrap up the call, transfer prematurely, or tell the client they'd call them back. Service levels drive behavior so make sure they are aligned with your strategic goals with no unintended consequences."
    – IT Services Manager, Banking

    Info-Tech Insight

    Make sure your metrics work cooperatively. Metrics should be chosen that cause tension on one another. It's not enough to rely on a fast service desk that doesn't have a high end-user satisfaction rate or runs at too high a cost; there needs to be balance.

    2.2.2 Arrange groups of tension metrics to balance your reporting

    1-3 hours

    1. Define KPIs and metrics that will be critical to service desk success.
    2. Distribute sticky notes of different colors to participants around the table.
    3. Select a space to place the sticky notes – a table, whiteboard, flip chart, etc. – and divide it into three zones.
    4. Refer to your defined list of goals and KPIs from activity 1.1.3 and discuss metrics to fulfill each KPI. Note that each goal (critical success factor, CSF) may have more than one KPI. For instance:
      1. Goal 1: Increase end-user satisfaction; KPI 1: Improve average transactional survey score. KPI 2: Improve annual relationship survey score.
      2. Goal 2: Improve service delivery; KPI 1: Reduce time to resolve incidents. KPI 2: Reduce time to fulfill service requests.
    5. Recall that tension metrics must form a balance between:
      1. Time
      2. Resources
      3. Quality
    6. Record the results in section 7 of the Service Desk Outsourcing Project Charter Template.

    Input

    • Service desk outsourcing goals
    • Service desk outsourcing KPIs

    Output

    • List of service desk metrics

    Materials

    • Whiteboard/flip charts
    • Sticky notes
    • Markers
    • Laptops

    Participants

    • Project Team
    • Service Desk Manager

    Download the Project Charter Template

    Phase 3

    Develop an RFP and make a long-term relationship

    Define the goal

    Design an outsourcing strategy

    Develop an RFP and make a long-term relationship

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare a service overview and responsibility matrix

    3.2 Define your approach to vendor relationship management

    3.3 Manage the outsource relationship

    This phase will walk you through the following activities:

    • Build your outsourcing RFP
    • Set expectations with candidate vendors
    • Score and select your vendor
    • Manage your relationship with the vendor

    This phase involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Define requirements for outsourcing service desk support

    Step 3.1

    Prepare a service overview and responsibility matrix

    Activities

    3.1.1 Evaluate your technology, people, and process requirements

    3.1.2 Outline which party will be responsible for which service desk processes

    This step requires the following inputs:

    • Service desk processes and requirements

    This step involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Outcomes of this step

    • Knowledge management and technology requirements
    • Self-service requirements

    Develop an RFP and make a long-term relationship

    Create a detailed RFP to ensure your candidate vendor will fulfill all your requirements

    At its core, your RFP should detail the outcomes of your outsourcing strategy and communicate your needs to the vendor.

    The RFP must cover business needs and the more detailed service desk functions required. Many enterprises only consider the functionality they need, while ignoring operational and selection requirements.

    Negotiate a supply agreement with the preferred outsourcer for delivery of the required services. Ensure your RFP covers:

    1. Service specification
    2. Service levels
    3. Roles and responsibilities
    4. Transition period and acceptance
    5. Prices, payment, and duration
    6. Agreement administration
    7. Outsourcing issues

    In addition to defining your standard requirements, don't forget to take into consideration the following factors when developing your RFP:

    • Employee onboarding and hardware imaging for new users
    • Applications you need current and future support for
    • Reporting requirements
    • Self-service options
    • Remote support needs and locations

    Although it may be tempting, don't throw everything over the wall at your vendor in the RFP. Evaluate your service desk functions in terms of quality, cost effectiveness, and the value provided from the vendor. Organizations should only outsource functions that the vendor can operate better, faster, or cheaper.

    Info-Tech Insight

    Involve the right stakeholders in developing your RFP, not just service desk. If only service desk is involved in RFP discussion, the connection between tier 1 and specialists will be broken, as some processes are not considered from IT's point of view.

    Identify ITSM solution requirements

    Your vendor probably uses a different tool to manage their processes; make sure its capabilities align with the vision of your service desk.

    Your service desk and outsourcing strategy were both designed with your current ITSM solution in mind. Before you hand the reins to an MSP, it is crucial that you outline how your current ITSM solution is being used in terms of functionality.

    Find out if it's better to have the MSP use their own ITSM tools or your ITSM solution.

    Benefits of operating within your own ITSM while outsourcing the service desk:

    Disadvantages of using your own ITSM while outsourcing the service desk:

    • If you provide the service catalog, it's easier to control your ITSM tool yourself.
    • Using your own ITSM and giving access to the outsourcer will allow you to build your dashboard and access your operational metrics rather than relying on the MSP to provide you with metrics.
    • Usage of the current tool may be extended across multiple departments, so it may be in the best interest of your business to have the vendor adopt usage of the current tool.
    • While many ITSM solutions have similar functions, innate differences do exist between them. Outsourcers mostly want to operate in their own ticketing solution. As other departments besides IT may be using the service management tool, you will need to have the same tool across the organization. This makes purchasing the new ITSM license very expensive, unless you operate in the same ITSM as the outsourcer.
    • You need your vendor to be able to use the system you have in order to meet your requirements, which will limit your options in the market.
    • If the outsourcer is using your ITSM, you should provide training to them.

    Info-Tech Insight

    Defining your tool requirements can be a great opportunity to get the tool functionality you always wanted. Many MSPs offer enterprise-level ITSM tools and highly mature processes that may tempt you to operate within their ITSM environment. However, first define your goals for such a move, as well as pros and cons of operating in their service management tool to weigh if its benefits overweigh its downfalls.

    Case Study

    Lone Star College learned that it's important to select a vendor whose tool will work with your service desk

    INDUSTRY: Education

    SOURCE: ServiceNow

    Challenge

    Lone Star College has an end-user base of over 100,000 staff and students.

    The college has six campuses across the state of Texas, and each campus was using its own service desk and ITSM solution.

    Initially, the decision was to implement a single ITSM solution, but organizational complexity prevented that initiative from succeeding.

    A decision was made to outsource and consolidate the service desks of each of the campuses to provide more uniform service to end users.

    Solution

    Lone Star College selected a vendor that implemented FrontRange.

    Unfortunately, the tool was not the right fit for Lone Star's service and reporting needs.

    After some discussion, the outsourcing vendor made the switch to ServiceNow.

    Some time later, a hybrid outsourced model was implemented, with Lone Star and the vendor combining to provide 24/7 support.

    Results

    The consolidated, standardized approach used by Lone Star College and its vendor has created numerous benefits:

    • Standardized reporting
    • High end-user satisfaction
    • All SLAs are being met
    • Improved ticket resolution times
    • Automated change management.

    Lone Star outsourced in order to consolidate its service desks quickly, but the tools didn't quite match.

    It's important to choose a tool that works well with your vendor's, otherwise the same standardization issues can persist.

    Design your RFP to help you understand what the vendor's standard offerings are and what it is capable of delivering

    Your RFP should be worded in a way that helps you understand what your vendor's standard offerings are because that's what they're most capable of delivering. Rather than laying out all your requirements in a high level of detail, carefully craft your questions in a probing way. Then, understand what your current baseline is, what your target requirements are, and assess the gap.

    Design the RFP so that responses can easily be compared against one another.

    It is common to receive responses that are very different – RFPs don't provide a response framework. Comparing vastly different responses can be like comparing apples to oranges. Not only are they immensely time consuming to score, their scores also don't end up accurately reflecting the provider's capabilities or suitability as a vendor.

    If your RFP is causing a ten minute printer backlog, you're doing something wrong.

    Your RFP should not be hundreds of pages long. If it is, there is too much detail.

    Providing too much detail can box your responses in and be overly limiting on your responses. It can deter potentially suitable provider candidates from sending a proposal.

    Request
    For
    Proposal

    "From bitter experience, if you're too descriptive, you box yourself in. If you're not descriptive enough, you'll be inundated with questions or end up with too few bidders. We needed to find the best way to get the message across without putting too much detail around it."
    – Procurement Manager, Utilities

    Info-Tech's Service Desk Outsourcing RFP Template contains nine sections

    1. Statement of work
      • Purpose, coverage, and participation ààInsert the purpose and goals of outsourcing your service desk, using steps 1.1 findings in this blueprint as reference.
    2. General information
      • Information about the document, enterprise, and schedule of events ààInsert the timeline you developed for the RFP issue and award process in this section.
    3. Proposal preparation instructions
      • The vendor's understanding of the RFP, good faith statement, points of contact, proposal submission, method of award, selection and notification.
    4. Service overview
      • Information about organizational perspective, service desk responsibility matrix, vendor requirements, and service level agreements (SLAs).
    5. Scope of work, specifications and requirements
      • Technical and functional requirements à Insert the requirements gathered in Phase 1 in this section of the RFP. Remember to include both current and future requirements.
    6. Exit conditions
      • Overview of exit strategy and transition process.
    7. Vendor qualifications and references
    8. Account management and estimated pricing
    9. Vendor certification
    This is a screenshot of the Service Desk Outsourcing RFP Template.

    The main point of focus in this document is defining your requirements (discussed in Phase 1) and developing proposal preparation instructions.

    The rest of the RFP consists mostly of standard legal language. Review the rest of the RFP template and adapt the language to suit your organization's standards. Check with your legal departments to make sure the RFP adheres to company policies.

    3.1.1 Evaluate your technology, people, and process requirements

    1-2 hours

    1. Review the outsourcing goals you identified in Phase 1 (activity 1.1.3).
    2. For each goal, divide the defined requirements from your requirements database library (activity 1.2.1) into three areas:
      1. People Requirements
      2. Process Requirements
      3. Technical Requirements
    3. Group your requirements based on characteristics (e.g. recovery capabilities, engagement methodology, personnel, etc.).
    4. Validate these requirements with the relevant stakeholders.
    5. Document your results in section 4 of the Service Desk Outsourcing RFP Template.

    Input

    • Identified key requirements

    Output

    • Refined requirements to input into the RFP

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    Assess knowledge management and technology requirements to enable the outsourcer with higher quality work

    Retain ownership of the knowledgebase to foster long-term growth of organizational intelligence

    With end users becoming more and more tech savvy, organizational intelligence is becoming an increasingly important aspect of IT support. Modern employees are able and willing to troubleshoot on their own before calling into the service desk. The knowledgebase and FAQs largely facilitate self-serve trouble shooting, both of which are not core concerns for the outsource vendor.

    Why would the vendor help you empower end users and decrease ticket volume when it will lead to less revenue in the future? Ticket avoidance is not simply about saving money by removing support. It's about the end-user community developing organizational intelligence so that it doesn't need as much technical support.

    Organizational intelligence occurs when shared knowledge and insight is used to make faster, better decisions.

    When you outsource, the flow of technical insight to your end-user community slows down or stops altogether unless you proactively drive it. Retain ownership of the knowledgebase and ensure that the content is:

    1. Validated to ensure it accurately describes the best solution.
    2. Actionable to ensure it prescribes repeatable, verifiable steps.
    3. Contextual to ensure the reader knows when NOT to apply the knowledge.
    4. Maintained to ensure the solution remains current.
    5. Applied, since knowledge is a cost with no benefit unless you apply it and turn it into organizational intelligence.

    Info-Tech Insight

    Include knowledge management process in your ticket handling workflows to make sure knowledge is transferred to the MSP and end users. For more information on knowledge management, refer to Info-Tech's Standardize the Service Desk and Optimize the Service Desk With a Shift-Left Strategy blueprints.

    Assess self-service requirements in your outsourcing plan

    When outsourcing the service desk, determine who will take ownership of the self-service portal.

    Nowadays, outsourcers provide innovative services such as self-serve options. However, bear in mind that the quality of such services is a differentiating factor. A well-maintained portal makes it easy to:

    • Report incidents efficiently via use-case-based forms
    • Place requests via a business-oriented service catalog
    • Automate request processes
    • Give visibility on ticket status
    • Access knowledgebase articles
    • Provide status on critical systems
    • Look for services by both clicking service lists and searching them
    • Provide 24/7 service via interactive communication with live agent and AI-powered machine
    • Streamline business process in multiple departments rather than only IT

    In the outsourcing process, determine your expectations from your vendor on self-serve options and discuss how they will fulfill these requirements. Similar to other processes, work internally to define a list of services your organization is providing that you can pass over to the outsourcer to convert to a service catalog.

    Use Info-Tech's Sample Enterprise Services document to start determining your business's services.

    Assess admin rights in your outsourcing plan to give access to the outsourcer while you keep ownership

    Provide accessibility to account management to improve self-service, which enables:

    • Group owners to be named who can add or remove people from their operating units
    • Users to update attributes such as photos, address, phone number
    • Synchronization with HRIS (Human Resource Information Systems) to enable two-way communication on attribute updates
    • Password reset self-service

    Ensure the vendor has access rights to execute regular clean up to help:

    • Find stale and inactive user and computer accounts (inactive, expired, stale, never logged in)
    • Bulk move and disable capabilities
    • Find empty groups and remove
    • Find and assess NTFS permissions
    • Automated tasks to search and remediate

    Give admin rights to outsourcer to enable reporting and auditing capabilities, such as:

    • Change tracking and notifications
    • Password reset attempts, account unlocks, permission and account changes
    • Anomaly detection and remediation
    • Privilege abuse, such as password sharing

    Info-Tech Insight

    Provide your MSP with access rights to enable the service desk to have account management without giving too much authentication. This way you'll enable moving tickets to the outsourcer while you keep ownership and supervision.

    3.1.2 Outline which party will be responsible for which service desk processes

    1-2 hours

    This activity is an expansion to the outcomes of activity 1.2.1, where you determined the outsourcing requirements and the party to deliver each requirement.

    1. Add your identified tasks from the requirements database library to the service desk responsibility matrix (section 4.2 of the Service Desk Outsourcing RFP Template).
    2. Break each task down into more details. For instance, incident management may include tier 1, tier 2/3, KB creation and update, reporting, and auditing.
    3. Refer to section 4.1 of your Project Charter to review the responsible party for each use case.
    4. Considering the use cases, assess whether your organization, the MSP, or both parties will be responsible for the task.
    5. Document the results in section 4.2 of the RFP.

    Input

    • Identified key requirements

    Output

    • Responsible party to deliver each task

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    Step 3.2

    Define your approach to vendor relationship management

    Activities

    3.2.1 Define your SLA requirements

    3.2.2 Score each vendor to mitigate the risk of failure

    3.2.3 Score RFP responses

    3.2.4 Get referrals, conduct reference interviews and evaluate responses for each vendor

    Develop an RFP and make a long-term relationship

    This step requires the following inputs:

    • Service desk outsourcing RFP
    • List of service desk outsourcing requirements

    This step involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Outcomes of this step

    • Service desk SLA
    • RFP scores

    Don't rush to judgment; apply due diligence when selecting your vendor

    The most common mistake in vendor evaluation is moving too quickly. The process leading to an RFP evaluation can be exhausting, and many organizations simply want to be done with the whole process and begin outsourcing.

    The most common mistake in vendor evaluation is moving too quickly. The process leading to an RFP evaluation can be exhausting, and many organizations simply want to be done with the whole process and begin outsourcing.

    1. Call around to get referrals for each vendor
    2. Create a shortlist
    3. Review SLAs and contract terms
    4. Select your vendor

    Recognize warning signs in the MSP's proposal to ensure a successful negotiation

    Vendors often include certain conditions in their proposals that masquerade as appealing but may spell disaster. Watch for these red flags:

    1. Discounted Price
      • Vendors know the market value of their competitors' services. Price is not what sets them apart; it's the type of services offered as well as the culture present.
      • A noticeably low price is often indicative of a desperate organization that is not focused on quality managed services.
    2. No Pushback
      • Vendors should work to customize their proposal to suit both their capabilities and your needs. No pushback means they are not invested in your project as deeply as they should be.
      • You should be prepared for and welcome negotiations; they're a sign that both sides are reaching a mutually beneficial agreement.
    3. Continual SLA Improvement
      • Continual improvement is a good quality that your vendor should have, but it needs to have some strategic direction.
      • Throwing continual SLA improvement into the deal may seem great, but make sure that you'll benefit from the value-added service. Otherwise, you'll be paying for services that you don't actually need.

    Clearly define core vendor qualities before looking at any options

    Vendor sales and marketing people know just what to say to sway you: don't talk to them until you know what you're looking for.

    Geography

    Do you prefer global or local data centers? Do you need multiple locations for redundancy in case of disaster? Will language barriers be a concern?

    Contract Length

    Ensure you can terminate a poor arrangement by having shorter terms with optional renewals. It's better to renew and renegotiate if one side is losing in the deal in order to keep things fair. Don't assume that proposed long-term cost savings will provide a satisfactory service.

    Target Market

    Vendors are aiming at different business segments, from startups to large enterprises. Some will accept existing virtual machines, and others enforce compliance to appeal to government and health agencies.

    SLA

    A robust SLA strengthens a vendor's reliability and accountability. Agencies with special needs should have room in negotiations for customization. Providers should also account for regular SLA reviews and updates. Vendors should be tracking call volume and making projections that should translate directly to SLAs.

    Support

    Even if you don't need a vendor with 24/7 availability, vendors who cannot support this timing should be eliminated. You may want to upgrade later and will want to avoid the hassle of switching.

    Maturity

    Vendors must have the willingness and ability to improve processes and efficiencies over time. Maintaining the status-quo isn't acceptable in the constantly evolving IT world.

    Cost

    Consider which model makes the most sense: will you go with per call or per user pricing? Which model will generate vendor motivation to continually improve and meet your long-term goals? Watch out for variable pricing models.

    Define your SLA requirements so your MSP can create a solution that fits

    SLAs ensure accountability from the service provider and determine service price

    SLAs define the performance of the service desk and clarify what the provider and customer can expect in their outsourcing relationship.

    • Service categories
    • The acceptable range of end-user satisfaction
    • The scope of what functions of the service desk are being measured (availability, time to resolve, time to respond, etc.)
    • Credits and penalties for achieving or missing targets
    • Frequency of measurement/reporting
    • Provisions and penalties for ending the contractual relationship early
    • Management and communication structure
    • Escalation protocol for incidents relating to tiers 2 or 3

    Each MSP's RFP response will help you understand their basic SLA terms and enhanced service offerings. You need to understand the MSP's basic SLA terms to make sure they are adequate enough for your requirements. A well-negotiated SLA will balance the requirements of the customer and limit the liability of the provider in a win/win scenario.

    For more information on defining service level requirements, refer to Info-Tech's blueprint Reduce Risk With Rock-Solid Service-Level Agreements.

    3.2.1 Define your SLA requirements

    2-3 hours

    • As a team, review your current service desk SLA for the following items:
      • Response time
      • Resolution time
      • Escalation time
      • End-user satisfaction
      • Service availability
    • Use the sample table as a starting point to determine your current incident management SLA:
    • Determine your SLA expectations from the outsourcer.
    • Document your SLA expectations in section 4.4 of the RFP template.

    Participants: IT Managers, Service Desk Manager, Project Team

    Response
    PriorityResponse SLOResolution SLOEscalation Time
    T1
    Severity 1CriticalWithin 10 minutes4 hours to resolveImmediate
    Severity 2HighWithin 1 business hour8 business hours to resolve20 minutes
    Severity 3MediumWithin 4 business hours24 business hours to resolveAfter 20 minutes without progress
    Severity 4LowSame day (8 hours)72 business hours to resolve After 1 hour without progress
    SLO ResponseTime it takes for service desk to respond to service request or incident. Target response is 80% of SLO
    SLO ResolutionTime it takes to resolve incident and return business services to normal. Target resolution is 80% of SLO

    Download the Service Desk Outsourcing RFP Template

    Get a detailed plan from your selected vendor before signing a contract

    Build a standard process to evaluate candidate vendors

    Use section 5 of Info-Tech's Service Desk Outsourcing RFP Template for commonly used questions and requirements for outsourcing the service desk. Ask the right questions to secure an agreement that meets your needs. If you are already in a contract with an MSP, tale the opportunity of contract renewal to improve the contract and service.

    This is a screenshot of the Service Desk Outsourcing RFP Template.

    Download the Service Desk Outsourcing RFP Template

    Add your finalized assessment questions into Info-Tech's Service Desk Outsourcing RFP Scoring Tool to aggregate responses in one repository for comparison. Since the vendors are asked to respond in a standard format, it is easier to bring together all the responses to create a complete view of your options.

    This is an image of the Service Desk Vendor Proposal Scoring Tool

    Download the Service Desk Vendor Proposal Scoring Tool

    3.2.2 Score each vendor to mitigate the risk of failure

    1-2 hours

    Include the right requirements for your organization and analyze candidate vendors on their capability to satisfy them.

    1. Use section 5 of the RFP template to convert your determined requirements into questions to address in vendor briefings.
    2. Review the questions in the context of near- and long-term service desk outsourcing needs. In the template, we have separated requirements into 7 categories:
      • Vendor Requirements (VR)
      • Vendor Qualifications/Engagement/Administration Capabilities (VQ)
      • Service Operations (SO)
      • Service Support (SS)
      • Service Level Agreement (SLA)
      • Transition Processes (TP)
      • Account Management (AM)
    3. Define the priority for each question:
      • Required
      • Desired
      • Optional
    4. Leave the compliance and comments to when you brief with vendors.

    Input

    • Technical and functional requirements

    Output

    • Priority level for each requirement
    • Completed list of requirement questions

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    3.2.3 Score RFP responses

    2-3 hours

    1. Enter the requirements questions into the RFP Scoring Tool and use it during vendor briefings.
    2. Copy the Required and Desired priority requirements from the previous activity into the RFP Questions column.
    3. Evaluate each RFP response against the RFP criteria based on the scoring scale.
    4. The Results section in the tool shows the vendor ranking based on their overall scores.
    5. Compare potential outsourcing partners considering scores on individual requirements categories and based on overall scores.

    Input

    • Completed list of requirement questions
    • Priority level for each requirement

    Output

    • List of top vendors for outsourcing the service desk

    Materials

    • Service Desk Vendor Proposal Scoring Tool

    Participants

    • Service Desk Manager
    • IT Managers
    • Project Managers
    • IT Director/CIO

    Download the Service Desk Vendor Proposal Scoring Tool

    3.2.3 Get referrals, conduct reference interviews, and evaluate responses for each vendor

    1. Outline a list of questions to conduct reference interviews with past/present clients of your candidate vendors.
    2. Use the reference interview template as a starting point. As a group review the questions and edit them to a list that will fulfill your requirements.
    3. Ask your candidate vendors to provide you with a list of three to five clients that have/had used their services. Make sure that vendors enforce the interview will be kept anonymous and names and results won't be disclosed.
    4. Ask vendors to book a 20-30 minute call with you and their client.
    5. Document your interview comments in your updated reference interview template.
    6. Update the RFP scoring tool accordingly.

    Input

    • List of top vendors for outsourcing the service desk

    Output

    • Updated list of top vendors for outsourcing the service desk

    Materials

    • Service Desk Outsourcing Reference Interview Template
    • Service Desk Vendor Proposal Scoring Tool

    Participants

    • Service Desk Manager
    • IT Managers
    • Project Managers

    Download the Service Desk Vendor Proposal Scoring Tool

    Compare pricing models of outsourcing services

    It's a common sales tactic to use a low price as an easy solution. Carefully evaluate the vendors on your short-list and ensure that SLAs, culture, and price all match to your organization.

    Research different pricing models and accurately assess which model fits your organization. Consider the following pricing models:

    Pay per technician

    In this model, a flat rate is allocated to agents tackling your service desk tickets. This is a good option for building long-term relationship with outsourcer's agents and efficient knowledge transfer to the external team; however, it's not ideal for small organizations that deal with few tickets. This is potentially an expensive model for small teams.

    Pay per ticket

    This model considers the number of tickets handled by the outsourcer. This model is ideal if you only want to pay for your requirement. Although the internal team needs to have a close monitoring strategy to make sure the outsourcer's efficiency in ticket resolution.

    Pay per call

    This is based on outbound and inbound calls. This model is proper for call centers and can be less expensive than the other models; however, tracking is not easy, as you should ensure service desk calls result in efficient resolution rather than unnecessary follow-up.

    Pay per time (minutes or hours)

    The time spent on tickets is considered in this model. With this model, you pay for the work done by agents, so that it may be a good and relatively cheap option. As quicker resolution SLA is usually set by the organization, customer satisfaction may drop, as agents will be driven to faster resolution, not necessarily quality of work.

    Pay per user

    This model is based on number of all users, or number of users for particular applications. In this model, correlation between number of users and number of tickets should be taken into account. This is an ideal model if you want to deal with impact of staffing changes on service price. Although you should first track metrics such as mean time to resolve and average number of tickets so you can prevent unnecessary payment based on number of users when most users are not submitting tickets.

    Step 3.3

    Manage the outsource relationship

    Activities

    3.3.1 Analyze your outsourced service desk for continual improvement

    3.3.2 Make a case to either rehabilitate your outsourcing agreement or exit

    3.3.3 Develop an exit strategy in case you need to end your contract early

    Develop an RFP and make a long-term relationship

    This step requires the following inputs:

    • Service desk SLA
    • List of impacted stakeholder groups
    • List of impacts and benefits of the outsourced service desk

    This step involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Outcomes of this step

    • Communication plan
    • Vendor management strategy

    Ensure formality of your vendor management practice

    A service desk outsourcing project is an ongoing initiative. Build a relationship plan to make sure the outsourcer complies with the agreement.

    This is an iamge of the cycle of relationship management and pre-contract management.

    Monitor Vendor Performance

    Key Activity:

    Measure performance levels with an agreed upon standard scorecard.

    Manage Vendor Risk

    Key Activity:

    Periodical assessment of the vendors to ensure they are meeting compliance standards.

    Manage Vendor Contracts and Relationships

    Key Activity:
    Manage the contracts and renewal dates, the level of demand for the services/products provided, and the costs accrued.

    COMPLETE Identify and Evaluate Vendors

    Key Activity:
    Develop a plan with procurement and key internal stakeholders to define clear, consistent, and stable requirements.

    COMPLETE Select a Vendor

    Key Activity:
    Develop a consistent and effective process for selecting the most appropriate vendor.

    Manage Vendor Contracts and Relationships

    Key Activity:
    Contracts are consistently negotiated to ensure the vendor and the client have a documented and consistent understanding of mutual expectations.

    Expect the vendor to manage processes according to your standards

    You need this level of visibility into the service desk process, whether in-house or outsourced

    Each of these steps requires documentation – either through standard operating procedures, SLAs, logs, or workflow diagrams.

    • Define key operating procedures and workflows
    • Record, classify, and prioritize tickets
    • Verify, approve, and fulfill tickets
    • Investigate, diagnose, and allocate tickets
    • Resolve, recover, and close tickets
    • Track and report

    "Make sure what they've presented to you is exactly what's happening."
    – Service Desk Manager, Financial Services

    Manage the vendor relationship through regular communication

    Regular contact with your MSP provides opportunities to address issues that emerge

    Designate a relationship manager to act as a liaison at the business to be a conduit between the business and the MSP.

    • The relationship manager will take feedback from the MSP and relate it back to you to bridge the technical and business gap between the two.

    Who should be involved

    • Routine review meetings should involve the MSP and your relationship manager.
    • Technical knowledge may be needed to address specific issues, but business knowledge and relationship management skills are absolutely required.
    • Other stakeholders and people who are deeply invested in the vendor relationship should be invited or at least asked to contribute questions and concerns.

    What is involved

    • Full review of the service desk statistics, escalations, staffing changes, process changes, and drivers of extra billing or cost.
    • Updates to key documentation for the issues listed above and changes to the knowledgebase.
    • Significant drivers of customer satisfaction and dissatisfaction.
    • Changes that have/are being proposed that can impact any of the above.

    Communicate changes to end users to avoid push back and get buy-in

    Top-down processes for outsourcing will leave end users in the dark

    • Your service desk staff has been involved in the outsourcing process the entire time, but end users are affected all the same.
    • The service desk is the face of IT. A radical shift in service processes and points of contact can be detrimental to not only the service desk, but all of IT.
    • Communicating the changes early to end users will both help them cope with the change and help the MSP achieve better results.
      • An internal communication plan should be rolled out in order to inform and educate end users about the changes associated with outsourcing the service desk.
    • Your relationship manager should be tasked with communicating the changes to end users. The focus should be on addressing questions or concerns about the transition while highlighting the value gained through outsourcing to an MSP.
    • Service quality is a two-way street; the end user needs to be informed of proper protocols and points of contact so that the service desk technicians can fulfill their duties to the best of their ability.

    "When my company decided to outsource, I performed the same role but for a different company. There was a huge disruption to the business flow and a lack of communication to manage the change. The transition took weeks before any end users figured out what the new processes were for submitting a ticket and who to ask for help, and from a personal side, it became difficult to maintain relationships with colleagues."
    – IT Specialist for a financial institution

    Info-Tech Insight

    Educate the enterprise on expectations and processes that are handled by the MSP. Identify stakeholder groups affected by the outsourced processes then build a communication plan on what's been changed, what the benefits are, and how they will be impacted. Determine a timeline for communicating these initiatives and how these announcements will be made. Use InfoTech's Sample Communication Plan as a starting point.

    Build a continual improvement plan to make sure your MSP is efficiently delivering services according to expectations

    Ensure that your quality assurance program is repeatable and applicable to the outsourced services

    1. Design a QA scorecard that can help you assess steps the outsourcer agents should follow. Keep the questionnaire high level but specific to your environment. The scorecard should include questions that follow the steps to take considering your intake channels. For instance, if end users can reach the service desk via phone, chat, and email, build your QA around assessing customer service for call, chat, and ticket quality.
    2. Build a training program for agents: Develop an internal monitoring plan to relay detailed feedback to your MSP. Assess performance and utilize KBs as training materials for coaching agents on challenging transactions.
    3. Everything that goes to your service desk has to be documented; there will be no organic transfer of knowledge and experience.
    4. You need to let your MSP know how their efforts are impacting the performance of your organization. Measure your internal performance against the external performance of your service desk.
    5. Constant internal check-ins ensure that your MSP is meeting the SLAs outlined in the RFP.
    6. Routine reporting of metrics and ticket trends allow you to enact problem management. Otherwise, you risk your MSP operating your service desk with no internal feedback from its owner.
    7. Use metrics to determine the service desk functionality.

    Consider the success story of your outsourced service desk

    Build a feedback program for your outsourced services. Utilize transactional surveys to discover and tell outsourcing success to the impacted stakeholders.

    Ensure you apply steps for providing feedback to make sure processes are handled as expected. Service desk is the face of IT. Customer satisfaction on ticket transactions reflects satisfaction with IT and the organization.

    Build customer satisfaction surveys and conduct them for every transaction to get a better sense of outsourced service desk functionality. Collaborate with the vendor to make sure you build a proper strategy.

    • Build a right list of questions. Multiple and lengthy questions may lead to survey taking fatigue. Make sure you ask the right questions and give an option to the customer to comment any additional notes.
    • Give the option to users to rate the transaction. Make the whole process very seamless and doable in a few seconds.
    • Ensure to follow-up on negative feedback. This will help you find gaps in services and provide training to improve customer service.

    3.3.1 Analyze your outsourced service desk for continual improvement

    1 hour

    1. In this project, you determined the KPIs based on your service desk objectives (activity 2.2.2).
    2. Refer to your list of metrics in section 7 of the Service Desk Outsourcing Project Charter.
    3. Think about what story you want to tell and determine what factors will help move the narrative.
    4. Discuss how often you would like to track these metrics. Determine the audience for each metric.
    5. Provide the list to the MSP to create reports with auto-distribution.

    Input

    • Determined CSFs and KPIs

    Output

    • List of metrics to track, including frequency to report and audience to report to

    Materials

    • Service Desk Outsourcing Project Charter

    Participants

    • Service Desk Manager
    • IT Managers
    • Project Managers

    Download the Project Charter Template

    Reward the MSP for performance instead of "punishing" them for service failure

    Turn your vendor into a true partner by including an "earn back" condition in the contract

    MSPs often offer clients credit requests (service credits) for their service failures, which are applied to the previous month's monthly recurring charge. They are applied to the last month's MRC (monthly reoccurring charges) at the end of term and then the vendor pays out the residual.

    However, while common, service credits are not always perceived to be a strong incentive for the provider to continually focus on improvement of mean-time-to-respond/mean-time-to-resolve.

    • Engage the vendor as a true partner within a relationship only based upon Service Credits.
    • Suggest the vendor include a minor change to the non-performance processes within the final agreement: the vendor implements an "earn back" condition in the agreement.
    • Where a bank of service credits exists because of non-performance, if the provider exceeds the SLA performance metrics for a number of consecutive months (two is common), then an amount of any prior credits received by client is returned to the provider as an earn back for improved performance.
    • This can be a useful mechanism to drive improved performance.

    Measure the outsourced service desk ROI constantly to drive efficient decisions for continual improvement or an exit plan

    Efficient outsourced service desk causes positive impacts on business satisfaction. To address the true value of the services outsourced, you should evaluate the return on investment (ROI) in these areas: Emotional ROI, Time ROI, Financial ROI

    Emotional ROI

    Service desk's main purpose should be to provide topnotch services to end users. Build a customer experience program and leverage transactional surveys and relationship surveys to constantly analyze customer feedback on service quality.

    Ask yourself:

    • How have the outsourced services improved customer satisfaction?
    • How has the service desk impacted the business brand?
    • Have these services improved agents' job satisfaction?
    • What is the NPS score of the service desk?
    • What should we do to reduce the detractor rate and improve satisfaction leveraging the outsourced service desk?

    Time ROI

    Besides customer satisfaction, SLA commitment is a big factor to consider when conducting ROI analysis.

    Ask these questions:

    • Have we had improvement in FCR?
    • What are the mean time to resolve incidents and mean time to fulfill requests?
    • Is the cost incurred to outsourced services worth improvement in such metrics?

    Financial ROI

    As already mentioned in Phase 1, the main motivation for outsourcing the service desk should not be around cost reduction, but to improve performance. Regardless, it's still important to understand the financial implications of your decision.

    To evaluate the financial impact of your outsourced service desk, ask these questions:

    • How much have the outsourced services impacted our business financially?
    • How much are we paying compared to when it was done internally?
    • Considering the emotional, time, and effort factors, is it worth bringing the services in house or changing the vendor?

    3.3.2 Make a case to either rehabilitate your outsourcing agreement or exit

    3-4 hours

    1. Refer to the results of activity 2.2.2. for the list of metrics and the metrics dashboard over the past quarter.
    2. Consider emotional and time ROI, assess end-user satisfaction and SLA, and run a report comparison with the baseline that you built prior to outsourcing the service desk.
    3. Estimate the organization's IT operating expenses over the next five years if you stay with the vendor.
    4. Estimate the organization's IT operating expenses over the next five years if you switch the vendor.
    5. Estimate the organization's IT operating expenses over the next five years if you repatriate the service desk.
    6. Estimate the non-recurring costs associated with the move, such as the penalty for early contract termination, data center moving costs, and cost of potential business downtime during the move. Sum them to determine the investment.
    7. Calculate the return on investment. Discuss and decide whether the organization should consider rehabilitating the vendor agreement or ending the partnership.

    Input

    • Outsourced service desk metrics
    • Operating expenses

    Output

    • Return on investment

    Materials

    • List of metrics
    • Laptop
    • Markers
    • Flip chart/whiteboard

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    For more information on conducting this activity, refer to InfoTech's blueprint Terminate the IT Infrastructure Outsourcing Relationship

    Define exit conditions to complete your contract with your MSP

    The end of outsourcing is difficult. Your organization needs to maintain continuity of service during the transition. Your MSP needs to ensure that its resources can be effectively transitioned to the next deployment with minimal downtime. It is crucial to define your exit conditions so that both sides can prepare accordingly.

    • Your exit conditions must be clearly laid out in the contract. Create a list of service desk functions and metrics that are important to your organization's success. If your MSP is not meeting those needs or performance levels, you should terminate your services.
    • Most organizations accomplish this through a clear definition of hard and measurable KPIs and metrics that must be achieved and what will happen in the case these metrics are not being regularly met. If your vendor doesn't meet these requirements as defined in your contract, you then have a valid reason and the ability to leave the agreement.

    Examples of exit conditions:

    • Your MSP did not meet their SLAs on priority 1 or 2 tickets two times within a month.
    • If they didn't meet the SLA twice in that 30 days, you could terminate the contract penalty-free.

    Info-Tech Insight

    If things start going south with your MSP, negotiate a "get well plan." Outline your problems to the MSP and have them come back to you with a list of how they're going to fix these problems to get well before you move forward with the contract.

    Try to rehabilitate before you repatriate

    Switching service providers or ending the contract can be expensive and may not solve your problems. Try to rehabilitate your vendor relationship before immediately ending it.

    You may consider terminating your outsourcing agreement if you are dissatisfied with the current agreement or there has been a change in circumstances (either the vendor has changed, or your organization has changed).

    Before doing so, consider the challenges:

    1. It can be very expensive to switch providers or end a contract.
    2. Switching vendors can be a large project involving transfer of knowledge, documentation, and data.
    3. It can be difficult to maintain service desk availability, functionality, and reliability during the transition.

    Diagnose the cause of the problem before assuming it's the MSP's fault. The issue may lie with poorly defined requirements and processes, lack of communication, poor vendor management, or inappropriate SLAs. Re-assess your strategy and re-negotiate your contract if necessary.

    Info-Tech Insight

    There are many reasons why outsourcing relationships fail, but it's not always the vendor's fault.

    Clients often think their MSP isn't doing a great job, but a lot of the time the reason comes back to the client. They may not have provided sufficient documentation on processes, were not communicating well, didn't have a regular point of contact, and weren't doing regular service reviews. Before exiting the relationship, evaluate why it's not working and try to fix things first.

    Don't stop with an exit strategy, you also need to develop a transition plan

    Plan out your transition timeline, taking into account current contract terms and key steps required. Be prepared to handle tickets immediately upon giving notice.

    • Review your outsourcing contract with legal counsel to identify areas of concern for lock-in or breech.
    • Complete a cost/benefit analysis.
    • Bring intellectual property (including ticket data, knowledge base articles, and reports) back in-house (if you'd like to repatriate the service desk) or transfer to the next service desk vendor (if you're outsourcing to another MSP).
    • Review and update service desk standard processes (escalation, service levels, ticket templates, etc.).
    • Procure service desk software, licenses, and necessary hardware as needed.
    • Train the staff (internal for repatriating the service desk, or external for the prospective MSP).
    • Communicate the transition plan and be prepared to start responding to tickets immediately.

    Info-Tech Insight

    Develop a transition plan about six months before the contract notice date. Be proactive by constantly tracking the MSP, running ROI analyses and training staff before moving the services to the internal team or the next MSP. This will help you manage the transition smoothly and handle intake channels so that upon potential exit, users won't be disrupted.

    3.3.3 Develop an exit strategy in case you need to end your contract early

    3-4 hours

    Create a plan to be prepared in case you need to end your contract with the MSP early.

    Your exit strategy should encompass both the conditions under which you would need to end your contract with the MSP and the next steps you will take to transition your services.

    1. Define the exit conditions you plan to negotiate into your contract with the MSP:
      • Identify the performance levels you will require your MSP to meet.
      • Identify the actions you expect the MSP to take if they fail to meet these performance levels.
      • Identify the conditions under which you would leave the contract early.
    2. Develop a strategy for transitioning services in the event you need to leave your contract with the MSP:
      • Will you hand the responsibility to a new MSP or repatriate the service desk back in-house?
      • How will you maintain services through the transition?
    3. Document your exit strategy in section 6 of the Service Desk Outsourcing RFP Template.

    Input

    • Outsourced service desk metrics
    • Operating expenses

    Output

    • Return on investment

    Materials

    • List of metrics
    • Laptop
    • Markers
    • Flip chart/whiteboard

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    Summary of Accomplishment

    Problem Solved

    You have now re-envisioned your service desk by building a solid strategy for outsourcing it to a vendor. You first analyzed your challenges with the current service desk and evaluated the benefits of outsourcing services. Then you went through requirements assessment to find out which processes should be outsourced. Thereafter, you developed an RFP to communicate your proposal and evaluate the best candidates.

    You have also developed a continual improvement plan to ensure the outsourcer provides services according to your expectations. Through this plan, you're making sure to build a good relationship through incentivizing the vendor for accomplishments rather than punishing for service failures. However, you've also contemplated an exit plan in the RFP for potential consistent service failures.

    Ideally, this blueprint has helped you go beyond requirements identification and served as a means to change your mindset and strategy for outsourcing the service desk efficiently to gain long-term benefits.

    if you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

    This is a picture of Info-Tech analyst Mahmoud Ramin

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    This is a screenshot of activity 1.2.1 found in this blueprint

    Identify Processes to Outsource
    Identify service desk tasks that will provide the most value upon outsourcing.

    This is a screenshot of activity 3.2.2 found in this blueprint

    Score Candidate Vendors
    Evaluate vendors on their capabilities for satisfying your service desk requirements.

    Related Info-Tech Research

    Standardize the Service Desk

    • Improve customer service by driving consistency in your support approach and meeting SLAs.

    Outsource IT Infrastructure to Improve System Availability, Reliability, and Recovery

    • There are very few IT infrastructure components you should be housing internally – outsource everything else.

    Terminate the IT Infrastructure Outsourcing Relationship

    • There must be 50 ways to leave your vendor.

    Research Contributors and Experts

    Yev Khovrenkov; Enterprise Consultant, Solvera Solutions

    Kamil Salagan; I&O Manager, Bartek Ingredients

    Satish Mekerira; VP of IT, Coherus BioSciences

    Kris Krishan; Head of IT and Business Systems, Waymo

    Kris Arthur; Infra & Security Director, SEKO Logistics

    Valance Howden; Principal Research Advisor, Info-Tech Research Group

    Sandi Conrad; Principal Research Director, Info-Tech Research Group

    Graham Price; Senior Director of Executive Services, Info-Tech Research Group

    Barry Cousins; Practice Lead, Info-Tech Research Group

    Mark Tauschek; VP of I&O Research, Info-Tech Research Group

    Darin Stahl; Principal Research Advisor, Info-Tech Research Group

    Scott Yong; Principal Research Advisor, Info-Tech Research Group

    A special thank-you to five anonymous contributors

    Bibliography

    Allnutt, Charles. "The Ultimate List of Outsourcing Statistics." MicroSourcing, 2022. Accessed July 2022.
    "Considerations for outsourcing the service desk. A guide to improving your service desk and service delivery performance through outsourcing." Giva. Accessed May 2022.
    Hurley, Allison. "Service Desk Outsourcing | Statistics, Challenges, & Benefits." Forward BPO Inc., 2019. Accessed June 2022.
    Mtsweni, Patricia, et al. "The impact of outsourcing information technology services on business operations." South African Journal of Information Management, 2021, Accessed May 2022.
    "Offshore, Onshore or Hybrid–Choosing the Best IT Outsourcing Model." Calance, 2021. Accessed June 2022. Web.
    "Service Integration and Management (SIAM) Foundation Body of Knowledge." Scopism, 2020. Accessed May 2022.
    Shultz, Aaron. "IT Help Desk Outsourcing Pricing Models Comparison." Global Help Desk Services. Accessed June 2022. Web.
    Shultz, Aaron. "4 Steps to Accurately Measure the ROI of Outsourced Help Desk Services" Global Help Desk Services, Accessed June 2022. Web.
    Sunberg, John. "Great Expectations: What to Look for from Outsourced Service Providers Today." HDI. Accessed June 2022. Web.
    Walters, Grover. "Pivotal Decisions in outsourcing." Muma Case Review, 2019. Accessed May 2022.
    Wetherell, Steve. "Outsourced IT Support Services: 10 Steps to Better QA" Global Held Desk Services. Accessed May 2022. Web.

    Measure IT Project Value

    • Buy Link or Shortcode: {j2store}431|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $5,549 Average $ Saved
    • member rating average days saved: 6 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • People treat benefits as a box to tick on the business case, deflating or inflating them to facilitate project approval.
    • Even if benefits are properly defined, they are usually forgotten once the project is underway.
    • Subsequent changes to project scope may impact the viability of the project’s business benefits, resulting in solutions that do not deliver expected value.

    Our Advice

    Critical Insight

    • It is rare for project teams or sponsors to be held accountable for managing and/or measuring benefits. The assumption is often that no one will ask if benefits have been realized after the project is closed.
    • The focus is largely on the project’s schedule, budget, and scope, with little attention paid to the value that the project is meant to deliver to the organization.
    • Without an objective stakeholder to hold people accountable for defining benefits and demonstrating their delivery, benefits will continue to be treated as red tape.
    • Sponsors will not take the time to define benefits properly, if at all. The project team will not take the time to ensure they are still achievable as the project progresses. When the project is complete, no one will investigate actual project success.

    Impact and Result

    • The project sponsor and business unit leaders must own project benefits; IT is only accountable for delivering the solution.
    • IT can play a key role in this process by establishing and supporting a benefits realization process. They can help business unit leaders and sponsors define benefits properly, identify meaningful metrics, and report on benefits realization effectively.
    • The project management office is ideally suited to facilitate this process by providing tools and templates, and a consistent and comparable view across projects.
    • Project managers are accountable for delivering the project, not for delivering the benefits of the project itself. However, they must ensure that changes to project scope are assessed for impact on benefits viability.

    Measure IT Project Value Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should establish a benefits legitimacy practice, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish benefits legitimacy during portfolio Intake

    This phase will help you define a benefits management process to help support effective benefits definition during portfolio intake.

    • Deliver Project Value With a Benefits Legitimacy Initiative – Phase 1: Establish Benefits Legitimacy During Portfolio Intake
    • Project Sponsor Role Description Template
    • Benefits Commitment Form Template
    • Right-Sized Business Case Template

    2. Maintain benefits legitimacy throughout project planning and execution

    This phase will help you define a process for effective benefits management during project planning and the execution intake phase.

    • Deliver Project Value With a Benefits Legitimacy Initiative – Phase 2: Maintain Benefits Legitimacy Throughout Project Planning and Execution
    • Project Benefits Documentation Workbook
    • Benefits Legitimacy Workflow Template (PDF)
    • Benefits Legitimacy Workflow Template (Visio)

    3. Close the deal on project benefits

    This phase will help you define a process for effectively tracking and reporting on benefits realization post-project.

    • Deliver Project Value With a Benefits Legitimacy Initiative – Phase 3: Close the Deal on Project Benefits
    • Portfolio Benefits Tracking Tool
    • Benefits Lag Report Template
    • Benefits Legitimacy Handbook Template
    [infographic]

    Workshop: Measure IT Project Value

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Analyze the Current State of Benefits Management

    The Purpose

    Assess the current state of benefits management at your organization and establish a realistic target state.

    Establish project and portfolio baselines for benefits management.

    Key Benefits Achieved

    Set achievable workshop goals and align stakeholder expectations.

    Establish a solid foundation for benefits management success.

    Activities

    1.1 Introductions and overview.

    1.2 Discuss attendee expectations and goals.

    1.3 Complete Info-Tech’s PPM Current State Scorecard.

    1.4 Perform right-wrong-confusing-missing analysis.

    1.5 Define target state for benefits management.

    1.6 Refine project levels.

    Outputs

    Info-Tech’s PPM Current State Scorecard report

    Right-wrong-confusing-missing analysis

    Stakeholder alignment around workshop goals and target state

    Info-Tech’s Project Intake Classification Matrix

    2 Establish Benefits Legitimacy During Portfolio Intake

    The Purpose

    Establish organizationally specific benefit metrics and KPIs.

    Develop clear roles and accountabilities for benefits management.

    Key Benefits Achieved

    An articulation of project benefits and measurements.

    Clear checkpoints for benefits communication during the project are defined.

    Activities

    2.1 Map the current portfolio intake process.

    2.2 Establish project sponsor responsibilities and accountabilities for benefits management.

    2.3 Develop organizationally specific benefit metrics and KPIs.

    2.4 Integrate intake legitimacy into portfolio intake processes.

    Outputs

    Info-Tech’s Project Sponsor Role Description Template

    Info-Tech’s Benefits Commitment Form Template

    Intake legitimacy process flow and RASCI chart

    Intake legitimacy SOP

    3 Maintain Benefits Legitimacy Throughout Project Planning and Execution

    The Purpose

    Develop a customized SOP for benefits management during project planning and execution.

    Key Benefits Achieved

    Ensure that all changes to the project have been recorded and benefits have been updated in preparation for deployment.

    Updated benefits expectations are included in the final sign-off package.

    Activities

    3.1 Map current project management process and audit project management documentation.

    3.2 Identify appropriate benefits control points.

    3.3 Customize project management documentation to integrate benefits.

    3.4 Develop a deployment legitimacy process flow.

    Outputs

    Customized project management toolkit

    Info-Tech’s Project Benefits Documentation Workbook

    Deployment of legitimacy process flow and RASCI chart

    Deployment of legitimacy SOP

    4 Close the Deal on Project Benefits

    The Purpose

    Develop a post-project benefits realization process.

    Key Benefits Achieved

    Clear project sponsorship accountabilities for post-project benefits tracking and reporting.

    A portfolio level benefits tracking tool for reporting on benefits attainment.

    Activities

    4.1 Identify appropriate benefits control points in the post-project process.

    4.2 Configure Info-Tech’s Portfolio Benefits Tracking Tool.

    4.3 Define a post-project benefits reporting process.

    4.4 Formalize protocol for reporting on, and course correcting, benefit lags.

    4.5 Develop a post-project legitimacy process flow.

    Outputs

    Info-Tech’s Portfolio Benefits Tracking Tool

    Post-Project legitimacy process flow and RASCI chart

    Post-Project Legitimacy SOP

    Info-Tech’s Benefits Legitimacy Handbook

    Info-Tech’s Benefits Legitimacy Workflow Template

    Acquire the Right Hires with Effective Interviewing

    • Buy Link or Shortcode: {j2store}576|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $15,749 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select
    • Scope: Acquiring the best talent relies heavily on an effective interviewing process, which involves the strategic preparation of stakeholders, including interviewers. Asking the most effective questions will draw out the most appropriate information to best assess the candidate. Evaluating the interview process and recording best practices will inspire continuous interviewing improvement within the organization.
    • Challenge: The majority of organizations do not have a solid interviewing process in place, and most interviewers are not practiced at interviewing. This results in many poor hiring decisions, costing the organization in many ways. Upsizing is on the horizon, the competition for good talent is escalating, and distinguishing between a good interviewee and a good candidate fit for a position is becoming more difficult.
    • Pain/Risk: Although properly preparing for and conducting an interview requires additional time on the part of HR, the hiring manager, and all interviewers involved, the long-term benefits of an effective interview process positively affect the organization’s bottom line and company morale.

    Our Advice

    Critical Insight

    • Most interviewers are not as good as they think they are, resulting in many poor hiring decisions. A poor hire can cost an organization up to 15 times the position’s annual salary, as well as hurt employee morale.
    • The Human Resources department needs to take responsibility for an effective interview process, but the business needs to take responsibility for developing its new hire needs, and assessing the candidates using the best questions and the most effective interview types and techniques.
    • All individuals with a stake in the interview process need to invest sufficient time to help define the ideal candidate, understand their roles and decision rights in the process, and prepare individually to interview effectively.
    • There are hundreds of different interview types, techniques, and tools for an organization to use, but the most practiced and most effective is behavioral interviewing.
    • There is no right interview type and technique. Each hiring scenario needs to be evaluated to pick the appropriate type and technique that should be practiced, and the right questions that should be asked.

    Impact and Result

    • Gain insight into and understand the need for a strong interview process.
    • Strategize and plan your organization’s interview process, including how to make up an ideal candidate profile, who should be involved in the process, and how to effectively match interview types, techniques, and questions to assess the ideal candidate attributes.
    • Understand various hiring scenarios, and how an interview process may be modified to reflect your organization’s scenario.
    • Learn about the most common interview types and techniques, when they are appropriate to use, and best practices around using them effectively.
    • Evaluate your interview process and yourself as an interviewer to better inform future candidate interviewing strategy.

    Acquire the Right Hires with Effective Interviewing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Implement an effective interview and continuous improvement process

    Acquire the right hire.

    • Storyboard: Acquire the Right Hires with Effective Interviewing

    2. Document all aspects of your interview strategy and plan with stakeholders

    Ensure an effective and seamless interview process.

    • Candidate Interview Strategy and Planning Guide

    3. Recognize common interviewing errors and study best practices to address these errors

    Be an effective interviewer.

    • Screening Interview Template
    • Interview Guide Template
    • Supplement: Quick Fixes to Common Interview Errors
    • Pre-interview Guide for Interviewers
    • Candidate Communication Template
    [infographic]

    Passwordless Authentication

    • Buy Link or Shortcode: {j2store}466|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing
    • Parent Category Link: /end-user-computing
    • Stakeholders believe that passwords are still good enough.
    • You don’t know how the vendor products match to the capabilities you need to offer.
    • What do you need to test when you prototype these new technologies?
    • What associated processes/IT domains will be impacted or need to be considered?

    Our Advice

    Critical Insight

    Passwordless is the right direction even if it’s not your final destination.

    Impact and Result

    • Be able to handle objections from those who believe passwords are still “fine.”
    • Prioritize the capabilities you need to offer the enterprise, and match them to products/features you can buy from vendors.
    • Integrate passwordless initiatives with other key functions (cloud, IDaM, app rationalization, etc.).

    Passwordless Authentication Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Passwordless Authentication – Know when you’ve been beaten!

    Back in 2004 we were promised "the end of passwords" – why, then, are we still struggling with them today?

    • Passwordless Authentication Storyboard
    [infographic]

    Further reading

    Passwordless Authentication

    Know when you've been beaten!

    Executive Summary

    Your Challenge

    • The IT world is an increasingly dangerous place.
    • Every year literally billions of credentials are compromised and exposed on the internet.
    • The average employee has between 27 and 191 passwords to manage.
    • The line between business persona and personal persona has been blurred into irrelevancy.
    • You need a method of authenticating users that is up to these challenges

    Common Obstacles

    • Legacy systems aside (wouldn't that be nice) this still won't be easy.
    • Social inertia – passwords worked before, so surely, they can still work today! Besides, users don't want to change.
    • Analysis paralysis – I don't want to get this wrong! How do I choose something that is going to be at the core of my infrastructure for the next 10 years?
    • Identity management – how can you fix authentication when people have multiple usernames?

    Info-Tech's Approach

    • Inaction is not an option.
    • Most commercial, off-the-shelf apps are moving to a SaaS model, so start your efforts with them.
    • Your existing vendors already have technologies you are underusing or ignoring – stop that!
    • Your users want this change – they just might not know it yet…
    • Much like zero trust network access, the journey is more important than the destination. Incremental steps on the path toward passwordless authentication will still yield significant benefits.

    Info-Tech Insight

    Users have been burdened with unrealistic expectations when it comes to their part in maintaining enterprise security. Given the massive rise in the threat landscape, it is time for Infrastructure to adopt a user-experience-based approach if we want to move the needle on improving security posture.

    Password Security Fallacy

    "If you buy the premise…you buy the bit."
    Johnny Carson

    We've had plenty of time to see this coming.

    Why haven't we done something?

    • Passwords are a 1970s construct.
    • End-users are complexity averse.
    • Credentials are leaked all the time.
    • New technologies will defeat even the most complex passwords.

    Build the case, both to business stakeholders and end users, that "password" is not a synonym for "security."

    Be ready for some objection handling!

    This is an image of Bill Gates and Gavin Jancke at the 2004 RSA Conference in San Francisco, CA

    Image courtesy of Microsoft

    RSA Conference, 2004
    San Francisco, CA

    "There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure."
    Bill Gates

    What about "strong" passwords?

    There has been a password arms race going on since 1988

    A massive worm attack against ARPANET prompted the initial research into password strength

    Password strength can be expressed as a function of randomness or entropy. The greater the entropy the harder for an attacker to guess the password.

    This is an image of Table 1 from Google Cloud Solutions Architects.  it shows the number of bits of entropy for a number of Charsets.

    Table: Modern password security for users
    Ian Maddox and Kyle Moschetto, Google Cloud Solutions Architects

    From this research, increasing password complexity (length, special characters, etc.) became the "best practice" to secure critical systems.

    How many passwords??

    XKCD Comic #936 (published in 2011)

    This is an image of XKCD Comic # 936.

    Image courtesy of Randall Munroe XKCD Comics (CC BY-NC 2.5)

    It turns out that humans however are really bad at remembering complex passwords.

    An Intel study (2016) suggested that the average enterprise employee needed to remember 27 passwords. A more recent study from LastPass puts that number closer to 191.

    PEBKAC
    Problem Exists Between Keyboard and Chair

    Increasing entropy is the wrong way to fight this battle – which is good because we'd lose anyway.

    Over the course of a single year, researchers at the University of California, Berkeley identified and tracked nearly 2 billion compromised credentials.

    3.8 million were obtained via social engineering, another 788K from keyloggers. That's approx. 250,000 clear text credentials harvested every week!

    The entirety of the password ecosystem has significant vulnerabilities in multiple areas:

    • Unencrypted server- and client-side storage
    • Sharing
    • Reuse
    • Phishing
    • Keylogging
    • Question-based resets

    Even the 36M encrypted credentials compromised every week are just going to be stored and cracked later.

    Source: Google, University of California, Berkeley, International Computer Science Institute

     data-verified=22B hash/s">

    Image courtesy of NVIDIA, NVIDIA Grace

    • Current GPUs (2021) have 200+ times more cracking power than CPU systems.

    <8h 2040-bit RSA Key

    Image: IBM Quantum System One (CES 2020) by IBM Research is licensed under CC BY-ND 2.0

    • Quantum computing can smash current encryption methods.
    • Google engineers have demonstrated techniques that reduce the number of qubits required from 1B to a mere 20 million

    Enabling Technologies

    "Give me a place to stand, and a lever long enough, and I will move the world."
    Archimedes

    Technology gives us (too many) options

    The time to prototype is NOW!

    Chances are you are already paying for one or more of these technologies from a current vendor:

    • SSO, password managers
    • Conditional access
    • Multifactor
    • Hardware tokens
    • Biometrics
    • PINs

    Address all three factors of authentication

    • Something the user knows
    • Something the user has
    • Something the user is

    Global Market of $12.8B
    ~16.7% CAGR
    Source: Report Linker, 2022.

    Focus your prototype efforts in four key testing areas

    • Deployment
    • User adoption/training
    • Architecture (points of failure)
    • Disaster recovery

    Three factors for positive identification

    Passwordless technologies focus on alternate authentication factors to supplement or replace shared secrets.

    Knows: A secret shared between the user and the system; Has: A token possessed by the user and identifiable as unique by the system; Is: A distinctive and repeatable attribute of the user sampled by the system

    Something you know

    Shared secrets have well-known significant modern-day problems, but only when used in isolation. For end users, consider time-limited single use options, password managers, rate-limited login attempts, and reset rather than retrieval requests. On the system side, never forget strong cryptographic hashing along with a side of salt and pepper when storing passwords.

    Something you have

    A token (now known as a cryptographic identification device) such as a pass card, fob, smartphone, or USB key that is expected to be physically under the control of the user and is uniquely identifiable by the system. Easily decoupled in the event the token is lost, but potentially expensive and time-consuming to reprovision.

    Something you are or do

    Commonly referred to as biometrics, there are two primary classes. The first is measurable physical characteristics of the user such as a fingerprint, facial image, or retinal scan. The second class is a series of behavioral traits such as expected location, time of day, or device. These traits can be linked together in a conditional access policy.

    Unlike other authentication factors, biometrics DO NOT provide for exact matches and instead rely on a confidence interval. A balance must be struck against the user experience of false negatives and the security risk of a false positive.

    Prototype testing criteria

    Deployment

    Does the solution support the full variety of end-user devices you have in use?

    Can the solution be configured with your existing single sign-on or central identity broker?

    User Experience

    Users already want a better experience than passwords.

    What new behavior are you expecting (compelling) from the user?

    How often and under what conditions will that behavior occur?

    Architecture

    Where are the points of failure in the solution?

    Consider technical elements like session thresholds for reauthorization, but also elements like automation and self-service.

    Disaster Recovery

    Understand the exact responsibilities Infra&Ops have in the event of a system or user failure.

    As many solutions are based in the public cloud, manage stakeholder expectations accordingly.

    Next Steps

    "Move the goalposts…and declare victory."
    Informal Fallacy (yet very effective…)

    It is more a direction than a destination…

    Get the easy wins in the bank and then lay the groundwork for the long campaign ahead.

    You're not going to get to a passwordless world overnight. You might not even get there for many years. But an agile approach to the journey ensures you will realize value every step of the way:

    • Start in the cloud:
    • Choose a single sign-on platform such as Azure Active Directory, Okta, Auth0, AWS IAM, TruSONA, HYPR, or others. Document Your Cloud Strategy.
    • Integrate the SaaS applications from your portfolio with your chosen platform.
    • Establish visibility and rationalize identity management:
      • Accounts with elevated privileges present the most risk – evaluate your authentication factors for these accounts first.
      • There is elegance (and deployment success) in Simplifying Identity & Access Management.
    • Pay your tech debt:

    Fast IDentity Online (2) is now part of the web's DNA and is critical for digital transformation

    • IoT
    • Anywhere remote work
    • Government identity services
    • Digital wallets

    Bibliography

    "Backup Vs. Archiving: Know the Difference." Open-E. Accessed 05 Mar 2022.Web.
    G, Denis. "How to Build Retention Policy." MSP360, Jan 3, 2020. Accessed 10 Mar 2022.
    Ipsen, Adam. "Archive Vs. Backup: What's the Difference? A Definition Guide." BackupAssist, 28 Mar 2017. Accessed 04 Mar 2022.
    Kang, Soo. "Mitigating the Expense of E-Discovery; Recognizing the Difference Between Back-Ups and Archived Data." Zasio Enterprises, 08 Oct 2015. Accessed 3 Mar 2022.
    Mayer, Alex. "The 3-2-1 Backup Rule – An Efficient Data Protection Strategy." Naviko. Accessed 12 Mar 2022.
    Steel, Amber. "LastPass Reveals 8 Truths about Passwords in the New Password Exposé." LastPass Blog, 1 Nov. 2017. Web.
    "The Global Passwordless Authentication Market Size Is Estimated to Be USD 12.79 Billion in 2021 and Is Predicted to Reach USD 53.64 Billion by 2030 With a CAGR of 16.7% From 2022-2030." Report Linker, 9 June 2022. Web.
    "What Is Data-Archiving?" Proofpoint. Accessed 07 Mar 2022.

    Map Technical Skills for a Changing Infrastructure & Operations Organization

    • Buy Link or Shortcode: {j2store}333|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: 5 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • Infrastructure & Operations is changing rapidly. It’s a constant challenge to find the right skills to support the next new technology while at the same time maintaining the skills in house that allow you to support your existing platforms.
    • A lack of clarity around required skills makes finding the right skills difficult, and it’s not clear whether you should train, hire, contract, or outsource to address gaps.
    • You need to keep up with changes and new strategy while continuing to support your existing environment.

    Our Advice

    Critical Insight

    • Take a strategic approach to acquiring skills – looking only as far as the needs of the next project will lead to a constant skills shortage with no plan for it to be addressed.
    • Begin by identifying your future state. Identify needed skills in the organization to support planned projects and initiatives, and to mitigate skills-related risks.

    Impact and Result

    • Leverage your infrastructure roadmap and cloud strategy to identify needed skills in your future state environment.
    • Decide how you’ll acquire needed skills based on the characteristics of need for each skill.
    • Communicate the change and create a plan of action for the skills transformation.

    Map Technical Skills for a Changing Infrastructure & Operations Organization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should map technical skills for a changing Infrastructure & Operations organization, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify skills needs for the future state environment

    Identify what skills are needed based on where the organization is going.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 1: Identify Skills Needs for Your Future State Environment
    • Future State Playbook
    • IT/Cloud Solutions Architect
    • IT/Cloud Engineer
    • IT/Cloud Administrator
    • IT/Cloud Demand Billing & Accounting Analyst

    2. Acquire needed skills

    Ground skills acquisition decisions in the characteristics of need.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 2: Acquire Needed Skills
    • Technical Skills Map

    3. Maximize the value of the skills map

    Get stakeholder buy-in; leverage the skills map in other processes.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 3: Maximize the Value of Your Skills Map
    • Technical Skills Map Communication Deck Template
    [infographic]

    Workshop: Map Technical Skills for a Changing Infrastructure & Operations Organization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Initiatives and Skills-Related Risks

    The Purpose

    Identify process and skills changes required by the future state of your environment.

    Key Benefits Achieved

    Set foundation for alignment between strategy-defined technology initiatives and needed skills.

    Activities

    1.1 Review the list of initiatives and projects with the group.

    1.2 Identify how key support, operational, and deployment processes will change through planned initiatives.

    1.3 Identify skills-related risks and pain points.

    Outputs

    Future State Playbook

    2 Identify Needed Skills and Roles

    The Purpose

    Identify process and skills changes required by the future state of your environment.

    Key Benefits Achieved

    Set foundation for alignment between strategy-defined technology initiatives and needed skills.

    Activities

    2.1 Identify skills required to support the new environment.

    2.2 Map required skills to roles.

    Outputs

    IT/Cloud Architect Role Description

    IT/Cloud Engineer Role Description

    IT/Cloud Administrator Role Description

    3 Create a Plan to Acquire Needed Skills

    The Purpose

    Create a skills acquisition strategy based on the characteristics of need.

    Key Benefits Achieved

    Optimal skills acquisition strategy defined.

    Activities

    3.1 Modify impact scoring scale for key skills decision factors.

    3.2 Apply impact scoring scales to needed skills

    3.3 Decide whether to train, hire, contract, or outsource to acquire needed skills.

    Outputs

    Technical Skills Map

    4 Develop a Communication Plan

    The Purpose

    Create an effective communication plan for different stakeholders across the organization.

    Identify opportunities to leverage the skills map elsewhere.

    Key Benefits Achieved

    Create a concise, clear, consistent, and relevant change message for stakeholders across the organization.

    Activities

    4.1 Review skills decisions and decide how you will acquire skills in each role.

    4.2 Update roles descriptions.

    4.3 Create a change message.

    4.4 Identify opportunities to leverage the skills map in other processes.

    Outputs

    Technical Skills Map Communication Deck

    Create a Buyer Persona and Journey

    • Buy Link or Shortcode: {j2store}558|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Contacts fail to convert to leads because messaging fails to resonate with buyers.
    • Products fail to reach targets given shallow understanding of buyer needs.
    • Sellers' emails go unopened and attempts at discovery fail due to no understanding of buyer challenges, pain points, and needs.

    Our Advice

    Critical Insight

    • Marketing leaders in possession of well-researched and up-to-date buyer personas and journeys dramatically improve product market fit, lead gen, and sales results.
    • Success starts with product, marketing, and sales alignment on targeted personas.
    • Speed to deploy is enabled via initial buyer persona attribute discovery internally.
    • However, ultimate success requires buyer interviews, especially for the buyer journey.
    • Leading marketers update journey maps every six months as disruptive events such as COVID-19 and new media and tech platform advancements require continual innovation.

    Impact and Result

    • Reduce time and treasure wasted chasing the wrong prospects.
    • Improve product-market fit.
    • Increase open and click-through rates in your lead gen engine.
    • Perform more effective sales discovery and increase eventual win rates.

    Create a Buyer Persona and Journey Research & Tools

    Start here – read the Executive Brief

    Our Executive Brief summarizes the challenges faced when buyer persona and journeys are ill-defined. It describes the attributes of, and the benefits that accrue from, a well-defined persona and journey and the key steps to take to achieve success.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive an aligned initial draft of buyer persona

    Define and align your team on target persona, outline steps to capture and document a robust buyer persona and journey, and capture current team buyer knowledge.

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and Data Capture Tool

    2. Interview buyers and validate persona and journey

    Hold initial buyer interviews, test initial results, and continue with interviews.

    3. Prepare communications and educate stakeholders

    Consolidate interview findings, present to product, marketing, and sales teams. Work with them to apply to product design, marketing launch/campaigning, and sales and customer success enablement.

    • Buyer Persona and Journey Summary Template
    [infographic]

    Workshop: Create a Buyer Persona and Journey

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Align Team, Identify Persona, and Document Current Knowledge

    The Purpose

    Organize, drive alignment on target persona, and capture initial views.

    Key Benefits Achieved

    Steering committee and project team roles and responsibilities clarified.

    Product, marketing, and sales aligned on target persona.

    Build initial team understanding of persona.

    Activities

    1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.

    1.2 Identify buyer persona choices and settle on an initial target.

    1.3 Document team knowledge about buyer persona (and journey where possible).

    Outputs

    Documented steering committee and working team

    Executive Brief on personas and journey

    Personas and initial targets

    Documented team knowledge

    2 Validate Initial Work and Identify Buyer Interviewees

    The Purpose

    Build list of buyer interviewees, finalize interview guide, and validate current findings with analyst input.

    Key Benefits Achieved

    Interview efficiently using 75-question interview guide.

    Gain analyst help in persona validation, reducing workload.

    Activities

    2.1 Share initial insights with covering industry analyst.

    2.2 Hear from industry analyst their perspectives on the buyer persona attributes.

    2.3 Reconcile differences; update “current understanding.”

    2.4 Identify interviewee types by segment, region, etc.

    Outputs

    Analyst-validated initial findings

    Target interviewee types

    3 Schedule and Hold Buyer Interviews

    The Purpose

    Validate current persona hypothesis and flush out those attributes only derived from interviews.

    Key Benefits Achieved

    Get to a critical mass of persona and journey understanding quickly.

    Activities

    3.1 Identify actual list of 15-20 interviewees.

    3.2 Hold interviews and use interview guides over the course of weeks.

    3.3 Hold review session after initial 3-4 interviews to make adjustments.

    3.4 Complete interviews.

    Outputs

    List of interviewees; calls scheduled

    Initial review – “are you going in the right direction?”

    Completed interviews

    4 Summarize Findings and Provide Actionable Guidance to Colleagues

    The Purpose

    Summarize persona and journey attributes and provide activation guidance to team.

    Key Benefits Achieved

    Understanding of product market fit requirements, messaging, and marketing, and sales asset content.

    Activities

    4.1 Summarize findings.

    4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.

    4.3 Convene steering committee/executives and working team for final review.

    4.4 Schedule meetings with colleagues to action results.

    Outputs

    Complete findings

    Action items for team members

    Plan for activation

    5 Measure Impact and Results

    The Purpose

    Measure results, adjust, and improve.

    Key Benefits Achieved

    Activation of outcomes; measured results.

    Activities

    5.1 Review final copy, assets, launch/campaign plans, etc.

    5.2 Develop/review implementation plan.

    5.3 Reconvene team to review results.

    Outputs

    Activation review

    List of suggested next steps

    Further reading

    Create a Buyer Persona and Journey

    Make it easier to market, sell, and achieve product-market fit with deeper buyer understanding.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    B2B marketers without documented personas and journeys often experience the following:

    • Contacts fail to convert to leads because messaging fails to resonate with buyers.
    • Products fail to reach targets given shallow understanding of buyer needs.
    • Sellers’ emails go unopened, and attempts at discovery fail due to no understanding of buyer challenges, pain points, and needs.

    Without a deeper understanding of buyer needs and how they buy, B2B marketers will waste time and precious resources targeting the incorrect personas.

    Common Obstacles

    Despite being critical elements, organizations struggle to build personas due to:

    • A lack of alignment and collaboration among marketing, product, and sales.
    • An internal focus; or a lack of true customer centricity.
    • A lack of tools and techniques for building personas and buyer journeys.

    In today’s Agile development environment, combined with the pressure to generate revenues quickly, high tech marketers often skip the steps necessary to go deeper to build buyer understanding.

    SoftwareReviews’ Approach

    With a common framework and target output, clients will:

    • Align marketing, sales, and product, and collaborate together to share current knowledge on buyer personas and journeys.
    • Target 12-15 customers and prospects to interview and validate insights. Share that with customer-facing staff.
    • Activate the insights for more customer-centric lead generation, product development, and selling.

    Clients who activate findings from buyer personas and journeys will see a 50% results improvement.

    SoftwareReviews Insight:
    Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.

    Buyer personas and journeys: A go-to-market critical success factor

    Marketers – large and small – will fail to optimize product-market fit, lead generation, and sales effectiveness without well-defined buyer personas and a buyer journey.

    Critical Success Factors of a Successful G2M Strategy:

    • Opportunity size and business case
    • Buyer personas and journey
    • Competitively differentiated product hypothesis
    • Buyer-validated commercial concept
    • Sales revenue plan and program cost budget
    • Consolidated communications to steering committee

    Jeff Golterman, Managing Director, SoftwareReviews Advisory

    “44% of B2B marketers have already discovered the power of Personas.”
    – Hasse Jansen, Boardview.io!, 2016

    Documenting buyer personas enables success beyond marketing

    Documenting buyer personas has several essential benefits to marketing, sales, and product teams:

    • Achieve a better understanding of your target buyer – by building a detailed buyer persona for each type of buyer and keeping it fresh, you take a giant step toward becoming a customer-centric organization.
    • Team alignment on a common definition – will happen when you build buyer personas collaboratively and among those teams that touch the customer.
    • Improved lead generation – increases dramatically when messaging and marketing assets across your lead generation engine better resonate with buyers because you have taken the time to understand them deeply.
    • More effective selling – is possible when sellers apply persona development output to their interactions with prospects and customers.
    • Better product-market fit – increases when product teams more deeply understand for whom they are designing products. Documenting buyer challenges, pain points, and unmet needs gives product teams what they need to optimize product adoption.

    “It’s easier buying gifts for your best friend or partner than it is for a stranger, right? You know their likes and dislikes, you know the kind of gifts they’ll have use for, or the kinds of gifts they’ll get a kick out of. Customer personas work the same way, by knowing what your customer wants and needs, you can present them with content targeted specifically to their wants and needs.”
    – Emma Bilardi, Product Marketing Alliance, 2020

    Buyer understanding activates just about everything

    Without the deep buyer insights that persona and journey capture enables, marketers are suboptimized.

    Buyer Persona and Journey

    • Product design
    • Customer targeting
    • Personalization
    • Messaging
    • Content marketing
    • Lead gen & scoring
    • Sales Effectiveness
    • Customer retention

    “Marketing eutopia is striking the all-critical sweet spot that adds real value and makes customers feel recognized and appreciated, while not going so far as to appear ‘big brother’. To do this, you need a deep understanding of your audience coming from a range of different data sets and the capability to extract meaning.”
    – Plexure, 2020

    Does your organization need buyer persona and journey updating?

    “Yes,” if experiencing one or more key challenges:

    • Sales time is wasted on unqualified leads
    • Website abandon rates are high
    • Lead gen engine click-through rates are low
    • Ideal customer profile is ill defined
    • Marketing asset downloads are low
    • Seller discovery with prospects is ineffective
    • Sales win/loss rates drop due to poor product-market fit
    • Higher than desired customer churn

    SoftwareReviews Advisory Insight:
    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    Outcomes and benefits

    Building your buyer persona and journey using our methodology will enable:

    • Greater stakeholder alignment – when marketing, product, and sales agree on personas, less time is wasted on targeting alternate personas.
    • Improved product-market fit – when buyers see both pain-relieving features and value-based pricing, “because you asked vs. guessed,” win rates increase.
    • Greater open and click-through rates – because you understood buyer pain points and motivations for solution seeking, you’ll see higher visits and engagement with your lead gen engine, and because you asked “what asset types do you find most helpful” your CTAs become ”lead-gen magnets” because you’ve offered the right asset types in your content marketing strategy.
    • More qualified leads – because you defined a more accurate ideal customer profile (ICP) and your lead scoring algorithm has improved, sellers see more qualified leads.
    • Increased sales cycle velocity – since you learned from personas their content and engagement preferences and what collateral types they need during the down-funnel sales discussions, sales calls are more productive and sales cycles shrink.

    Our methodology for buyer persona and journey creation

    1. Document Team Knowledge of Buyer Persona and Drive Alignment 2. Interview Target Buyer Prospects and Customers 3. Create Outputs and Apply to Marketing, Sales, and Product
    Phase Steps
    1. Outline a vision for buyer persona and journey creation and identify stakeholders.
    2. Pull stakeholders together, identify initial buyer persona, and begin to document team knowledge about buyer persona (and journey where possible).
    3. Validate with industry and marketing analyst’s initial buyer persona, and identify list of buyer interviewees.
    1. Hold interviews and document and share findings.
    2. Validate initial drafts of buyer persona and create initial documented buyer journey. Review findings among key stakeholders, steering committee, and supporting analysts.
    3. Complete remaining interviews.
    1. Summarize findings.
    2. Convene steering committee/exec. and working team for final review.
    3. Communicate to key stakeholders in product, marketing, sales, and customer success for activation.
    Phase Outcomes
    1. Steering committee and team selection
    2. Team insights about buyer persona documented
    3. Buyer persona validation with industry and marketing analysts
    4. Sales, marketing, and product alignment
    1. Interview guide
    2. Target interviewee list
    3. Buyer-validated buyer persona
    4. Buyer journey documented with asset types, channels, and “how buyers buy” fully documented
    1. Education deck on buyer persona and journey ready for use with all stakeholders: product, field marketing, sales, executives, customer success, partners
    2. Activation will update product-market fit, optimize lead gen, and improve sales effectiveness

    Our approach provides interview guides and templates to help rebuild buyer persona

    Our methodology will enable you to align your team on why it’s important to capture the most important attributes of buyer persona including:

    • Functional – helps you find and locate your target personas
    • Emotive – deepens team understanding of buyer initiatives, motivations for seeking alternatives, challenges they face, pain points for your offerings to address, and terminology that describes the “space”
    • Solution – enables greater product market fit
    • Behavioral – clarifies how to communicate with personas and understand their content preferences
    Functional – “to find them”
    Job Role Title Org. Chart Dynamics Buying Center Firmographics
    Emotive – “what they do and jobs to be done”
    Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer Need: They may have multiple needs; which need is most likely met with the offering? Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue?
    Decision Criteria – “how they decide”
    Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through?
    Solution Attributes – “what does the ideal solution look like”
    Steps in “Jobs to Be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope; other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing: channel, where to buy
    Behavioral Attributes – “how to approach them successfully”
    Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)?

    Buyer journeys are constantly shifting

    If you didn’t remap buyer journeys in 2021, you may be losing to competitors that did. Leaders remap buyer journey frequently.

    • The multi-channel buyer journey is constantly changing. Today’s B2B buyer uses industry research sites, vendor content marketing assets, software reviews sites, contacts with vendor salespeople, events participation, peer networking, consultants, emails, social media sites, and electronic media to research purchasing decisions.
    • COVID-19 has dramatically decreased face-to-face interaction. We estimate a B2B buyer spent 20-25% more time online in 2021 than pre-COVID-19 researching software buying decisions. This has diminished the importance of face-to-face selling and given dramatic rise to digital selling and outbound marketing.
    • Content marketing has exploded, but without mapping the buyer journey and knowing where – by channel –and when – by buyer journey step – to offer content marketing assets, we will fail to convert prospects into buyers.

    “~2/3 of [B2B] buyers prefer remote human interactions or digital self-service.” And during Aug. ‘20 to Feb. ‘21, use of digital self-service to interact with sales reps leapt by more than 10% for both researching and evaluating new suppliers.”
    – Liz Harrison, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai McKinsey & Company, 2021

    SoftwareReviews Advisory Insight:
    Marketers are advised to update their buyer journey annually and with greater frequency when the human vs. digital mix is affected due to events such as COVID-19 and as emerging media such as AR shifts asset-type usage and engagement options.

    Our approach helps you define the buyer journey

    Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.

    You’ll be more successful by following our overall guidance

    Overarching insight

    Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.

    Align Your Team

    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    Jump-Start Persona Development

    Marketing leaders leverage the buyer persona knowledge not only from in-house experts in areas such as sales and executives but from analysts that speak with their buyers each and every day.

    Buyer Interviews Are a Must

    While leaders will get a fast start by interviewing sellers, executives, and analysts, you will fail to craft the right messages, build the right marketing assets, and design the best buyer journey if you skip buyer interviews.

    Watch for Disruption

    Leaders will update their buyer journey annually and with greater frequency when the human vs. digital mix is effected due to events such as COVID-19 and as emerging media such as AR and VR shifts the way buyers engage.

    Advanced Buyer Journey Discovery

    Digital marketers that ramp up lead gen engine capabilities to capture “wins” and measure engagement back through the lead gen and nurturing engines will build a more data-driven view of the buyer journey. Target to build this advanced capability in your initial design.

    Tools and templates to speed your success

    This blueprint is accompanied by supporting deliverables to help you gather team insights, interview customers and prospects, and summarize results for ease in communications.

    To support your buyer persona and journey creation, we’ve created the enclosed tools

    Buyer Persona Creation Template

    A PowerPoint template to aid the capture and summarizing of your team’s insights on the buyer persona.

    Buyer Persona and Journey Interview Guide and Data Capture Tool

    For interviewing customers and prospects, this tool is designed to help you interview personas and summarize results for up to 15 interviewees.

    Buyer Persona and Journey Summary Template

    A PowerPoint template into which you can drop your buyer persona and journey interviewees list and summary findings.

    SoftwareReviews offers two levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    The "do-it-yourself" step-by-step instructions begin with Phase 1.

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    A Guided Implementation is a series of analysts inquiries with you and your team.

    Diagnostics and consistent frameworks are used throughout each option.

    Guided Implementation

    A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.

    For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.

    Your engagement managers will work with you to schedule analyst calls.

    What does our GI on buyer persona and journey mapping look like?

    Drive an Aligned Initial Draft of Buyer Persona

    • Call #1: Collaborate on vision for buyer persona and the buyer journey. Review templates and sample outputs. Identify your team.
    • Call #2: Review work in progress on capturing working team knowledge of buyer persona elements.
    • Call #3: (Optional) Review Info-Tech’s research-sourced persona insights.
    • Call #4: Validate the persona WIP with Info-Tech analysts. Review buyer interview approach and target list.

    Interview Buyers and Validate Persona and Journey

    • Call #5: Revise/review interview guide and final interviewee list; schedule interviews.
    • Call #6: Review interim interview finds; adjust interview guide.
    • Call #7: Use interview findings to validate/update persona and build journey map.
    • Call #8: Add supporting analysts to final stakeholder review.

    Prepare Communications and Educate Stakeholders

    • Call #9: Review output templates completed with final persona and journey findings.
    • Call #10: Add supporting analysts to stakeholder education meetings for support and help with addressing questions/issues.

    Workshop overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day1 Day 2 Day 3 Day 4 Day 5
    Align Team, Identify Persona, and Document Current Knowledge Validate Initial Work and Identify Buyer Interviewees Schedule and Hold Buyer interviews Summarize Findings and Provide Actionable Guidance to Colleagues Measure Impact and Results
    Activities

    1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.

    1.2 Identify buyer persona choices and settle on an initial target.

    1.3 Document team knowledge about buyer persona (and journey where possible).

    2.1 Share initial insights with covering industry analyst.

    2.2 Hear from industry analyst their perspectives on the buyer persona attributes.

    2.3 Reconcile differences; update “current understanding.”

    2.4 Identify interviewee types by segment, region, etc.

    3.1 Identify actual list of 15-20 interviewees.

    A gap of up to a week for scheduling of interviews.

    3.2 Hold interviews and use interview guides (over the course of weeks).

    3.3 Hold review session after initial 3-4 interviews to make adjustments.

    3.4 Complete interviews.

    4.1 Summarize findings.

    4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.

    4.3 Convene steering committee/exec. and working team for final review.

    4.4 Schedule meetings with colleagues to action results.

    5.1 Review final copy, assets, launch/campaign plans, etc.

    5.2 Develop/review implementation plan.

    A period of weeks will likely intervene to execute and gather results.

    5.3 Reconvene team to review results.

    Deliverables
    1. Documented steering committee and working team
    2. Executive Brief on personas and journey
    3. Personas and initial targets
    4. Documented team knowledge
    1. Analyst-validated initial findings
    2. Target interviewee types
    1. List of interviewees; calls scheduled
    2. Initial review – “are we going in the right direction?”
    3. Completed interviews
    1. Complete findings
    2. Action items for team members
    3. Plan for activation
    1. Activation review
    2. List of suggested next steps

    Phase 1
    Drive an Aligned Initial Draft of Buyer Persona

    This Phase walks you through the following activities:

    • Develop an understanding of what comprises a buyer persona and journey, including their importance to overall go-to-market strategy and execution.
    • Sample outputs.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Product Management
    • Representative(s) from Sales
    • Executive Leadership

    1.1 Establish the team and align on shared vision

    Input

    • Typically a joint recognition that buyer personas have not been fully documented.
    • Identify working team members/participants (see below), and an executive sponsor.

    Output

    • Communication of team members involved and the make-up of steering committee and working team
    • Alignment of team members on a shared vision of “Why Build Buyer Personas and Journey” and what key attributes define both.

    Materials

    • N/A

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    60 minutes

    1. Schedule inquiry with working team members and walk the team through the Buyer Persona and Journey Executive Brief PowerPoint presentation.
    2. Optional: Have the (SoftwareReviews Advisory) SRA analyst walk the team through the Buyer Persona and Journey Executive Brief PowerPoint presentation as part of your session.

    Review the Create a Buyer Persona Executive Brief (Slides 3-14)

    1.2 Document team knowledge of buyer persona

    Input

    • Working team member knowledge

    Output

    • Initial draft of your buyer persona

    Materials

    • Buyer Persona Creation Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    2-3 sessions of 60 minutes each

    1. Schedule meeting with working team members and, using the Buyer Persona Template, lead the team in a discussion that documents current team knowledge of the target buyer persona.
    2. Lead the team to prioritize an initial, single, most important persona and to collaborate to complete the template (and later, the buyer journey). Once the team learns the process for working on the initial persona, the development of additional personas will become more efficient.
    3. Place the PowerPoint template in a shared drive for team collaboration. Expect to schedule several 60-minute meets. Quicken collaboration by encouraging team to “do their homework” by sharing persona knowledge within the shared drive version of the template. Your goal is to get to an initial agreed upon version that can be shared for additional validation with industry analyst(s) in the next step.

    Download the Buyer Persona Creation Template

    1.3 Validate with industry analysts

    Input

    • Identify gaps in persona from previous steps

    Output

    • Further validated buyer persona

    Materials

    • Bring your Buyer Persona Creation Template to the meeting to share with analysts

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (Optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • Info-Tech analyst covering your product category and SoftwareReviews marketing analyst

    30 minutes

    1. Schedule meeting with working team members and discuss which persona areas require further validation from an Info-Tech analyst who has worked closely with those buyers within your persona.

    60 minutes

    1. Schedule an inquiry with the appropriate Info-Tech analyst and SoftwareReviews Advisory analyst to share current findings and see:
      1. Info-Tech analyst provide content feedback given what they know about your target persona and product category.
      2. SoftwareReviews Advisory analyst provide feedback on persona approach and to coach any gaps or important omissions.
    2. Tabulate results and update your persona summary. At this point you will likely require additional validation through interviews with customers and prospects.

    1.4 Identify interviewees and prepare for interviews

    Input

    • Identify segments within which you require persona knowledge
    • Understand your persona insight gaps

    Output

    • List of interviewees

    Materials

    • Interviewee recording template on following slide
    • Interview guide questions found within the Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Identify the types of customers and prospects that will best represent your target persona. Choose interviewees that when interviewed will inform key differences among key segments (geographies, company size, mix of customers and prospects, etc.).
    2. Recruit interviewees and schedule interviews for 45 minutes.
    3. Keep track of Interviewees using the slide following this one.
    4. In preparation for interviews, review the Buyer Persona and Journey Interview Guide and Data Capture Tool. Review the two sets of questions:
      1. Buyer Persona-Related – use to validate areas where you still have gaps in your persona, OR if you are starting with a blank persona and wish to build your personas entirely based on customer and prospect interviews.
      2. Buyer-Journey Related, which we will focus on in the next phase.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    The image shows a table titled ‘Interviewee List.’ A note next to the title indicates: Here you will document your interviewee list and outreach plan. A note in the Segment column indicates: Ensure you are interviewing personas across segments that will give you the insights you need, e.g. by size, by region, mix of customers and prospects. A note in the Title column reads: Vary your title types up or down in the “buying center” if you are seeking to strengthen buying center dynamics understanding. A note in the Roles column reads: Vary your role types according to decision-making roles (decision maker, influencer, ratifier, coach, user) if you are seeking to strengthen decision-making dynamics understanding.

    Phase 2
    Interview Buyers and Validate Persona and Journey

    This Phase walks you through the following activities:

    • Developing final interview guide.
    • Interviewing buyers and customers.
    • Adjusting approach.
    • Validating buyer persona.
    • Crafting buyer journey
    • Gaining analyst feedback.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Representative(s) from Sales

    2.1 Hold interviews

    Input

    • List of interviewees
    • Final list of questions

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Hold interviews and adjust your interviewing approach as you go along. Uncover where you are not getting the right answers, check with working team and analysts, and adjust.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    2.2 Use interview findings to validate what’s needed for activation

    Input

    • List of interviewees
    • Final list of questions

    Output

    • Buyer perspectives on their personas and buyer journeys
    • Stakeholder feedback that actionable insights are resulting from interviews

    Materials

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and Data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    2 hours

    1. Convene your team, with marketing analysts, and test early findings: It’s wise to test initial interview results to check that you are getting the right insights to understand and validate key challenges, pain points, needs, and other vital areas pertaining to the buyer persona. Are the answers you are getting enabling you to complete the Summary slides for later communications and training for Sales?
    2. Check when doing buyer journey interviews that you are getting actionable answers that drive messaging, what asset types are needed, what the marketing channel mix is, and other vital insights to activate the results. Are the answers you are getting adequate to give guidance to campaigners, content marketers, and sales enablement?
    3. See the following slides for detailed questions that need to be answered satisfactorily by your team members that need to “activate” the results.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    2.2.1 Are you getting what you need from interviews to inform the buyer persona?

    Test that you are on the right track:

    1. Are you getting the functional answers so you can guide sellers to the right roles? Can you guide marketers/campaigners to the right “Ideal Customer Profile” for lead scoring?
    2. Are you capturing the right emotive areas that will support message crafting? Solutioning? SEM/SEO?
    3. Are you capturing insights into “how they decide” so sellers are well informed on the decision-making dynamics?
    4. Are you getting a strong understanding of content, interaction preferences, and news and information sources so sellers can outreach more effectively, you can pinpoint media spend, and content marketing can create the right assets?
    Functional – “to find them”
    Job Role Title Org. Chart Dynamics Buying Center Firmographics
    Emotive – “what they do and jobs to be done”
    Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer Need: They may have multiple needs; which need is most likely met with the offering? Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue?
    Decision Criteria – “how they decide”
    Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through?
    Solution Attributes – “what does the ideal solution look like”
    Steps in “Jobs to Be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope; other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing: channel, where to buy
    Behavioral Attributes – “how to approach them successfully”
    Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)?

    2.2.2 Are you getting what you need from interviews to support the buyer journey?

    Our approach helps you define the buyer journey

    Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.

    2.3 Continue interviews

    Input

    • Final adjustments to list of interview questions

    Output

    • Final buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Continue customer and prospect interviews.
    2. Ensure you are gaining the segment perspectives needed.
    3. Complete the “Summary” columns within the Buyer Persona and Journey Interview Guide and Data Capture Tool.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    Phase 3
    Prepare Communications and Educate Stakeholders

    This Phase walks you through the following activities:

    • Creating outputs for key stakeholders
    • Communicating final findings and supporting marketing, sales, and product activation.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Product Management
    • Sales
    • Field Marketing/Campaign Management
    • Executive Leadership

    3.1 Summarize interview results and convene full working team and steering committee for final review

    Input

    • Buyer persona and journey interviews detail

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Interview Guide and Data Capture Tool
    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (Optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    1-2 hours

    1. Summarize interview results within the Buyer Persona and Journey Summary Template.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    Download the Buyer Persona and Journey Summary Template

    3.2 Convene executive steering committee and working team to review results

    Input

    • Buyer persona and journey interviews summary

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 hours

    1. Present final persona and journey results to the steering committee/executives and to working group using the summary slides interview results within the Buyer Persona and Journey Summary Template to finalize results.

    Download the Buyer Persona and Journey Summary Template

    3.3 Convene stakeholder meetings to activate results

    Input

    • Buyer persona and journey interviews summary

    Output

    Activation of key learnings to drive:

    • Better product –market fit
    • Lead gen
    • Sales effectiveness
    • Awareness

    Materials

    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • Stakeholder team members (see left)

    4-5 hours

    Present final persona and journey results to each stakeholder team. Key presentations include:

    1. Product team to validate product market fit.
    2. Content marketing to provide messaging direction for the creation of awareness and lead gen assets.
    3. Campaigners/Field Marketing for campaign-related messaging and to identify asset types required to be designed and delivered to support the buyer journey.
    4. Social media strategists for social post copy, and PR for other awareness-building copy.
    5. Sales enablement/training to enable updating of sales collateral, proposals, and sales training materials. Sellers to help with their targeting, prospecting, and crafting of outbound messaging and talk tracks.

    Download the Buyer Persona and Journey Summary Template

    Summary of Accomplishment

    Problem Solved

    With the help of this blueprint, you have deepened your and your colleagues’ buyer understanding at both the persona “who they are” level and the buyer journey “how do they buy” level. You are among the minority of marketing leaders that have fully documented a buyer persona and journey – congratulations!

    The benefits of having led your team through the process are significant and include the following:

    • Better alignment of customer/buyer-facing teams such as in product, marketing, sales, and customer success.
    • Messaging that can be used by marketing, sales, and social teams that will resonate with buyer initiatives, pain points, sought-after “pain relief,” and value.
    • Places in the digital and physical universe where your prospects “hang out” so you can optimize your media spend.
    • More effective use of marketing assets and sales collateral that align with the way your prospect needs to consume information throughout their buyer journey to make a decision in your solution area.

    And by capturing and documenting your buyer persona and journey even for a single buyer type, you have started to build the “institutional strength” to apply the process to other roles in the decision-making process or for when you go after new and different buyer types for new products. And finally, by bringing your team along with you in this process, you have also led your team in becoming a more customer-focused organization – a strategic shift that all organizations should pursue.

    If you would like additional support, contact us and we’ll make sure you get the professional expertise you need.

    Contact your account representative for more information.

    info@softwarereviews.com

    1-888-670-8889

    Related Software Reviews Research

    Optimize Lead Generation With Lead Scoring

    • Save time and money and improve your sales win rates when you apply our methodology to score contacts with your lead gen engine more accurately and pass better qualified leads over to your sellers.
    • Our methodology teaches marketers to develop your own lead scoring approach based upon lead/contact profile vs. your Ideal Customer Profile (ICP) and scores contact engagement. Applying the methodology to arrive at your own approach to scoring will mean reduced lead gen costs, higher conversion rates, and increased marketing-influenced wins.

    Bibliography

    Bilardi, Emma. “How to Create Buyer Personas.” Product Marketing Alliance, July 2020. Accessed Dec. 2021.

    Harrison, Liz, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai. “Omnichannel in B2B sales: The new normal in a year that has been anything but.” McKinsey & Company, 15 March 2021. Accessed Dec. 2021.

    Jansen, Hasse. “Buyer Personas – 33 Mind Blowing Stats.” Boardview.io!, 19 Feb. 2016. Accessed Jan. 2022.

    Raynor, Lilah. “Understanding The Changing B2B Buyer Journey.” Forbes Agency Council, 18 July 2021. Accessed Dec. 2021.

    Simpson, Jon. “Finding Your Audience: The Importance of Developing a Buyer Persona.” Forbes Agency Council, 16 May 2017. Accessed Dec. 2021.

    “Successfully Executing Personalized Marketing Campaigns at Scale.” Plexure, 6 Jan. 2020. Accessed Dec 2020.

    Ulwick, Anthony W. JOBS TO BE DONE: Theory to Practice. E-book, Strategyn, 1 Jan. 2017. Accessed Jan. 2022.

    Adopt Design Thinking in Your Organization

    • Buy Link or Shortcode: {j2store}327|cart{/j2store}
    • member rating overall impact (scale of 10): 9.6/10 Overall Impact
    • member rating average dollars saved: $23,245 Average $ Saved
    • member rating average days saved: 13 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • End users often have a disjointed experience while interacting with your organization in using its products and services.
    • You have been asked by your senior leadership to start a new or revive an existing design or innovation function within your organization. However, your organization has dismissed design thinking as the latest “management fad” and does not buy into the depth and rigor that design thinking brings.
    • The design or innovation function lives on the fringes of your organization due to its apathy towards design thinking or tumultuous internal politics.
    • You, as a CIO, want to improve the user satisfaction with the IT services your team provides to both internal and external users.

    Our Advice

    Critical Insight

    • A user’s perspective while interacting with the products and services is very different from the organization’s internal perspective while implementing and provisioning those. A design-based organization balances the two perspectives to drive user-satisfaction over end-to-end journeys.
    • Top management must have a design thinker – the guardian angel of the balance between exploration (i.e. discovering new business models) and exploitation (i.e. leveraging existing business models).
    • Your approach to adopt design thinking must consider your organization’s specific goals and culture. There’s no one-size-fits-all approach.

    Impact and Result

    • User satisfaction, with the end-to-end journeys orchestrated by your organization, will significantly increase.
    • Design-centric organizations enjoy disproportionate financial rewards.

    Adopt Design Thinking in Your Organization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should adopt design thinking in your organization, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. What is design thinking?

    The focus of this phase is on revealing what designers do during the activity of designing, and on building an understanding of the nature of design ability. We will formally examine the many definitions of design thinking from experts in this field. At the core of this phase are several case studies that illuminate the various aspects of design thinking.

    • Adopt Design Thinking in Your Organization – Phase 1: What Is Design Thinking?
    • Victor Scheinman's Experiment for Design

    2. How does an organization benefit from design thinking?

    This phase will illustrate the relevance of design in strategy formulation and in service-design. At the core of this phase are several case studies that illuminate these aspects of design thinking. We will also identify the trends impacting your organization and establish a baseline of user-experience with the journeys orchestrated by your organization.

    • Adopt Design Thinking in Your Organization – Phase 2: How Does an Organization Benefit From Design Thinking?
    • Trends Matrix (Sample)

    3. How do you build a design organization?

    The focus of this phase is to:

  • Measure the design-centricity of your organization and subsequently, identify the areas for improvement.
  • Define an approach for a design program that suites your organization’s specific goals and culture.
    • Adopt Design Thinking in Your Organization – Phase 3: How Do You Build a Design Organization?
    • Report on How Design-Centric Is Your Organization (Sample)
    • Approach for the Design Program (Sample)
    • Interview With David Dunne on Design Thinking
    • Interview With David Dunne on Design Thinking (mp3)
    [infographic]

    Workshop: Adopt Design Thinking in Your Organization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 What Is Design Thinking?

    The Purpose

    The focus of this module is on revealing what designers do during the activity of designing, and on building an understanding of the nature of design ability. We will also review the report on the design-centricity of your organization and subsequently, earmark the areas for improvement.

    Key Benefits Achieved

    An intimate understanding of the design thinking

    An assessment of design-centricity of your organization and identification of areas for improvement

    Activities

    1.1 Discuss case studies on how designers think and work

    1.2 Define design thinking

    1.3 Review report from Info-Tech’s diagnostic: How design-centric is your organization?

    1.4 Earmark areas for improvement to raise the design-centricity of your organization

    Outputs

    Report from Info-Tech’s diagnostic: ‘How design-centric is your organization?’ with identified areas for improvement.

    2 How Does an Organization Benefit From Design Thinking?

    The Purpose

    In this module, we will discuss the relevance of design in strategy formulation and service design. At the core of this module are several case studies that illuminate these aspects of design thinking. We will also identify the trends impacting your organization. We will establish a baseline of user experience with the journeys orchestrated by your organization.

    Key Benefits Achieved

    An in-depth understanding of the relevance of design in strategy formulation and service design

    An understanding of the trends that impact your organization

    A taxonomy of critical customer journeys and a baseline of customers’ satisfaction with those

    Activities

    2.1 Discuss relevance of design in strategy through case studies

    2.2 Articulate trends that impact your organization

    2.3 Discuss service design through case studies

    2.4 Identify critical customer journeys and baseline customers’ satisfaction with those

    2.5 Run a simulation of design in practice

    Outputs

    Trends that impact your organization.

    Taxonomy of critical customer journeys and a baseline of customers’ satisfaction with those.

    3 How to Build a Design Organization

    The Purpose

    The focus of this module is to define an approach for a design program that suits your organization’s specific goals and culture.

    Key Benefits Achieved

    An approach for the design program in your organization. This includes aspects of the design program such as its objectives and measures, its model (one of the five archetypes or a hybrid one), and its governance.

    Activities

    3.1 Identify objectives and key measures for your design thinking program

    3.2 Structure your program after reviewing five main archetypes of a design program

    3.3 Balance between incremental and disruptive innovation

    3.4 Review best practices of a design organization

    Outputs

    An approach for your design thinking program: objectives and key measures; structure of the program, etc.

    Build Your BizDevOps Playbook

    • Buy Link or Shortcode: {j2store}177|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality.
    • Many organizations see BizDevOps as a solution to help meet this demand. However, they often lack the critical cross-functional collaboration and team-sport culture that are critical for success.
    • The industry provides little consensus and guidance on how to prepare for the transition to BizDevOps.

    Our Advice

    Critical Insight

    • BizDevOps is cultural, not driven by tools. It is about delivering high-quality and valuable releases to stakeholders through collective ownership, continuous collaboration, and team-first behaviors supported by tools.
    • BizDevOps begins with a strong foundation in five key areas. The crux of successful BizDevOps is centered on the strategic adoption and optimization of building great requirements, collaborative practices, iterative delivery, application management, and high-fidelity environments.
    • Teams take STOCK of what it takes to collaborate effectively. Teams and stakeholders must show up, trust the delivery method and people, orchestrate facilitated activities, clearly communicate and knowledge share every time they collaborate.

    Impact and Result

    • Bring the right people to the table. BizDevOps brings significant organizational, process and technology changes to improve delivery effectiveness. Include the key roles in the definition and validation of your BizDevOps vision and practices.
    • Focus on the areas that matter. Review your current circumstances and incorporate the right practices that addresses your key challenges and blockers to becoming BizDevOps.
    • Build your BizDevOps playbook. Gain a broad understanding of the key plays and practices that makes a successful BizDevOps organization. Verify and validate these practices in order to tailor them to your context. Keep your playbook live.

    Build Your BizDevOps Playbook Research & Tools

    Start here – read the Executive Brief

    Find out why you should implement BizDevOps, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get started with BizDevOps

    Set the right expectations with your stakeholders and define the context of your BizDevOps implementation.

    • Build Your BizDevOps Playbook – Phase 1: Get Started With BizDevOps
    • BizDevOps Playbook

    2. Tailor your BizDevOps playbook

    Tailor the plays in your BizDevOps playbook to your circumstances and vision.

    • Build Your BizDevOps Playbook – Phase 2: Tailor Your BizDevOps Playbook
    [infographic]

    Workshop: Build Your BizDevOps Playbook

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Set Your Expectations

    The Purpose

    Discuss the goals of your BizDevOps playbook.

    Identify the various perspectives who should be included in the BizDevOps discussion.

    Level set expectations of your BizDevOps implementation.

    Key Benefits Achieved

    Identification of the key roles who should be included in the BizDevOps discussion.

    Learning of key practices to support your BizDevOps vision and goals.

    Your vision of BizDevOps in your organization.

    Activities

    1.1 Define BizDevOps.

    1.2 Understand your key stakeholders.

    1.3 Define your objectives.

    Outputs

    Your BizDevOps definition

    List of BizDevOps stakeholders

    BizDevOps vision and objectives

    2 Set the Context

    The Purpose

    Understand the various methods to initiate the structuring of facilitated collaboration.

    Share a common way of thinking and behaving with a set of principles.

    Focus BizDevOps adoption on key areas of software product delivery.

    Key Benefits Achieved

    A chosen collaboration method (Scrum, Kanban, Scrumban) to facilitate collaboration

    A mutually understanding and beneficial set of guiding principles

    Areas where BizDevOps will see the most benefit

    Activities

    2.1 Select your foundation method.

    2.2 Define your guiding principles.

    2.3 Focus on the areas that matter.

    Outputs

    Chosen collaboration model

    List of guiding principles

    High-level assessment of delivery practices and its fit for BizDevOps

    3 Tailor Your BizDevOps Playbook

    The Purpose

    Review the good practices within Info-Tech’s BizDevOps Playbook.

    Tailor your playbook to reflect your circumstances.

    Key Benefits Achieved

    Understanding of the key plays involved in product delivery

    Product delivery plays that reflect the challenges and opportunities of your organization and support your BizDevOps vision

    Activities

    3.1 Review and tailor the plays in your playbook

    Outputs

    High-level discussion of key product delivery plays and its optimization to support BizDevOps

    Business Value

    • Buy Link or Shortcode: {j2store}7|cart{/j2store}
    • Related Products: {j2store}7|crosssells{/j2store}
    • Up-Sell: {j2store}7|upsells{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Financial Management
    • Parent Category Link: /financial-management
    Maximize your ROI on IT through benefits realization

    Implement Your Negotiation Strategy More Effectively

    • Buy Link or Shortcode: {j2store}225|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Forty-eight percent of CIOs believe their budgets are inadequate.
    • CIOs and IT departments are getting more involved with negotiations to reduce costs and risk.
    • Not all negotiators are created equal, and the gap between a skilled negotiator and an average negotiator is not always easy to identify objectively.
    • Skilled negotiators are in short supply.

    Our Advice

    Critical Insight

    • Preparation is critical for the success of your negotiation, but you cannot prepare for every eventuality.
    • Communication is the heart and soul of negotiations, but what is being “said” is only part of the picture.
    • Skilled negotiators separate themselves based on skillsets, and outcomes alone may not provide an accurate assessment of a negotiator.

    Impact and Result

    Addressing and managing critical negotiation elements helps:

    • Improve negotiation skills.
    • Implement your negotiation strategy more effectively.
    • Improve negotiation results.

    Implement Your Negotiation Strategy More Effectively Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create and follow a scalable process for preparing to negotiate with vendors, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. During

    Throughout this phase, ten essential negotiation elements are identified and reviewed.

    • Implement Your Negotiation Strategy More Effectively – Phase 1: During
    • During Negotiations Tool
    [infographic]

    Workshop: Implement Your Negotiation Strategy More Effectively

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 12 Steps to Better Negotiation Preparation

    The Purpose

    Improve negotiation skills and outcomes.

    Understand how to use the Info-Tech During Negotiations Tool.

    Key Benefits Achieved

    A better understanding of the subtleties of the negotiation process and an identification of where the negotiation strategy can go awry.

    The During Negotiation Tool will be reviewed and configured for the customer’s environment (as applicable).

    Activities

    1.1 Manage six key items during the negotiation process.

    1.2 Set the right tone and environment for the negotiation.

    1.3 Focus on improving three categories of intangibles.

    1.4 Improve communication skills to improve negotiation skills.

    1.5 Customize your negotiation approach to interact with different personality traits and styles.

    1.6 Maximize the value of your discussions by focusing on seven components.

    1.7 Understand the value of impasses and deadlocks and how to work through them.

    1.8 Use concessions as part of your negotiation strategy.

    1.9 Identify and defeat common vendor negotiation ploys.

    1.10 Review progress and determine next steps.

    Outputs

    Sample negotiation ground rules

    Sample vendor negotiation ploys

    Sample discussion questions and evaluation matrix

    Drive Digital Transformation With Platform Strategies

    • Buy Link or Shortcode: {j2store}78|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $3,750 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • Enterprise is grappling with the challenges of existing business models and strategies not leading to desired outcomes.
    • Enterprise is struggling to remain competitive.
    • Enterprise wants to understand how to leverage platform strategies and a digital platform.

    Our Advice

    Critical Insight

    To remain competitive enterprises must renew and refresh their business model strategies and design/develop digital platforms – this requires enterprises to:

    • Understand how digital-native enterprises are using platform business models and associated strategies.
    • Understand their core assets and strengths and how these can be leveraged for transformation.
    • Understand the core characteristics and components of a digital platform so that they can design digital platform(s) for their enterprise.
    • Ask if the client’s digital transformation (DX) strategy is aligned with a digital platform enablement strategy.
    • Ask if the enterprise has paid attention to the structure, culture, principles, and practices of platform teams.

    Impact and Result

    Organizations that implement this project will gain benefits in five ways:

    • Awareness and understanding of various platform strategies.
    • Application of specific platform strategies within the context of the enterprise.
    • Awareness of their existing business mode, core assets, value proposition, and strengths.
    • Alignment between DX themes and platform enablement themes so enterprises can develop roadmaps that gauge successful DX.
    • Design of a digital platform, including characteristics, components, and team characteristics, culture, principles, and practices.

    Drive Digital Transformation With Platform Strategies Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should consider the platform business model and a digital platform to remain competitive.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Set goals for your platform business model

    Understand the platform business model and strategies and then set your platform business model goals.

    • Drive Digital Transformation With Platform Strategies – Phase 1: Set Goals for Your Platform Business Model
    • Business Platform Playbook

    2. Configure digital platform

    Define design goals for your digital platform. Align your DX strategy with digital platform capabilities and understand key components of the digital platform.

    • Drive Digital Transformation With Platform Strategies – Phase 2: Configure Your Digital Platform
    • Digital Platform Playbook
    [infographic]

    Workshop: Drive Digital Transformation With Platform Strategies

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Platform Business Model and Strategies

    The Purpose

    Understand existing business model, value proposition, and key assets.

    Understand platform business model and strategies.

    Key Benefits Achieved

    Understanding the current assets helps with knowing what can be leveraged in the new business model/transformation.

    Understanding the platform strategies can help the enterprise renew/refresh their business model.

    Activities

    1.1 Document the current business model along with value proposition and key assets (that provide competitive advantage).

    1.2 Transformation narrative.

    1.3 Platform model canvas.

    1.4 Document the platform strategies in the context of the enterprise.

    Outputs

    Documentation of current business model along with value proposition and key assets (that provide competitive advantage).

    Documentation of the selected platform strategies.

    2 Planning for Platform Business Model

    The Purpose

    Understand transformation approaches.

    Understand various layers of platforms.

    Ask fundamental and evolutionary questions about the platform.

    Key Benefits Achieved

    Understanding of the transformational model so that the enterprise can realize the differences.

    Understanding of the organization’s strengths and weaknesses for a DX.

    Extraction of strategic themes to plan and develop a digital platform roadmap.

    Activities

    2.1 Discuss and document decision about DX approach and next steps.

    2.2 Discuss and document high-level strategic themes for platform business model and associated roadmap.

    Outputs

    Documented decision about DX approach and next steps.

    Documented high-level strategic themes for platform business model and associated roadmap.

    3 Digital Platform Strategy

    The Purpose

    Understand the design goals for the digital platform.

    Understand gaps between the platform’s capabilities and the DX strategy.

    Key Benefits Achieved

    Design goals set for the digital platform that are visible to all stakeholders.

    Gap analysis performed between enterprise’s digital strategy and platform capabilities; this helps understand the current situation and thus informs strategies and roadmaps.

    Activities

    3.1 Discuss and document design goals for digital platform.

    3.2 Discuss DX themes and platform capabilities – document the gaps.

    3.3 Discuss gaps and strategies along with timelines.

    Outputs

    Documented design goals for digital platform.

    Documented DX themes and platform capabilities.

    DX themes and platform capabilities map.

    4 Digital Platform Design: Key Components

    The Purpose

    Understanding of key components of a digital platform, including technology and teams.

    Key Benefits Achieved

    Understanding of the key components of a digital platform and designing the platform.

    Understanding of the team structure, culture, and practices needed for successful platform engineering teams.

    Activities

    4.1 Confirmation and discussion on existing UX/UI and API strategies.

    4.2 Understanding of microservices architecture and filling of microservices canvas.

    4.3 Real-time stream processing data pipeline and tool map.

    4.4 High-level architectural view.

    4.5 Discussion on platform engineering teams, including culture, structure, principles, and practices.

    Outputs

    Filled microservices canvas.

    Documented real-time stream processing data pipeline and tool map.

    Documented high-level architectural view.

    Establish Realistic IT Resource Management Practices

    • Buy Link or Shortcode: {j2store}435|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $36,337 Average $ Saved
    • member rating average days saved: 28 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • As CIO, you oversee a department that lacks the resource capacity to adequately meet organizational demand for new projects and services.
    • More projects are approved by the steering committee (or equivalent) than your department realistically has the capacity for, and you and your staff have little recourse to push back. If you have a PMO – and that PMO is one of the few that provides usable resource capacity projections – that information is rarely used to make strategic approval and prioritization decisions.
    • As a result, project quality and timelines suffer, and service delivery lags. Your staff are overallocated, but you lack statistical evidence because of incomplete estimates, allocations, and very little accurate data.

    Our Advice

    Critical Insight

    • IT’s capacity for new project work is largely overestimated. Much of IT’s time is lost to tasks that go unregulated and untracked (e.g. operations and support work, break-fixes and other reactive work) before project work is ever approved. When projects are approved, it is done so with little insight or concern for IT’s capacity to realistically complete that work.
    • The shift to matrix work structures has strained traditional methods of time tracking. Day-to-day demand is chaotic, and staff are pulled in multiple directions by numerous people. As fast-paced, rapidly changing, interruption-driven environments become the new normal, distractions and inefficiencies interfere with productive project work and usable capacity data.
    • The executive team approves too many projects, but it is not held to account for this malinvestment of time. Instead, it’s up to individual workers to sink or swim, as they attempt to reconcile, day after day, seemingly infinite organizational demand for new services and projects with their finite supply of working hours.

    Impact and Result

    • Instill a culture of capacity awareness. For years, the project portfolio management (PPM) industry has helped IT departments report on demand and usage, but has largely failed to make capacity part of the conversation. This research helps inject capacity awareness into project and service portfolio planning, enabling IT to get proactive about constraints before overallocation spirals, and project and service delivery suffers.
    • Build a sustainable process. Efforts to improve resource management often falter when you try to get too granular too quickly. Info-Tech’s approach starts at a high level, ensuring that capacity data is accurate and usable, and that IT’s process discipline is mature enough to maintain the data, before drilling down into greater levels of precision.
    • Establish a capacity book of record. You will ultimately need a tool to help provide ongoing resource visibility. Follow the advice in this blueprint to help with your tool selection, and ensure you meet the reporting needs of both your team and executives.

    Establish Realistic IT Resource Management Practices Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop a resource management strategy, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take stock of organizational supply and demand

    Set the right resource management approach for your team and create a realistic estimate of your resource supply and organizational demand.

    • Balance Supply and Demand with Realistic Resource Management Practices – Phase 1: Take Stock of Organizational Supply and Demand
    • Resource Management Supply-Demand Calculator
    • Time Audit Workbook
    • Time-Tracking Survey Email Template

    2. Design a realistic resource management process

    Build a resource management process to ensure data accuracy and sustainability, and make the best tool selection to support your processes.

    • Balance Supply and Demand with Realistic Resource Management Practices – Phase 2: Design a Realistic Resource Management Process
    • Resource Management Playbook
    • PPM Solution Vendor Demo Script
    • Portfolio Manager Lite 2017

    3. Implement sustainable resource management practices

    Develop a plan to pilot your resource management processes to achieve maximum adoption, and anticipate challenges that could inhibit you from keeping supply and demand continually balanced.

    • Balance Supply and Demand with Realistic Resource Management Practices – Phase 3: Implement Sustainable Resource Management Practices
    • Process Pilot Plan Template
    • Project Portfolio Analyst / PMO Analyst
    • Resource Management Communications Template
    [infographic]

    Workshop: Establish Realistic IT Resource Management Practices

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Take Stock of Organizational Supply and Demand

    The Purpose

    Obtain a high-level view of current resource management practices.

    Identify current and target states of resource management maturity.

    Perform an in-depth time-tracking audit and gain insight into how time is spent on project versus non-project work to calculate realized capacity.

    Key Benefits Achieved

    Assess current distribution of accountabilities in resource management.

    Delve into your current problems to uncover root causes.

    Validate capacity and demand estimations with a time-tracking survey.

    Activities

    1.1 Perform a root-cause analysis of resourcing challenges facing the organization.

    1.2 Create a realistic estimate of project capacity.

    1.3 Map all sources of demand on resources at a high level.

    1.4 Validate your supply and demand assumptions by directly surveying your resources.

    Outputs

    Root-cause analysis

    Tab 2 of the Resource Management Supply-Demand Calculator, the Time Audit Workbook, and survey templates

    Tabs 3 and 4 of the Resource Management Supply-Demand Calculator

    Complete the Time Audit Workbook

    2 Design a Realistic Resource Management Process

    The Purpose

    Construct a resource management strategy that aligns with your team’s process maturity levels.

    Determine the resource management tool that will best support your processes.

    Key Benefits Achieved

    Activities

    2.1 Action the decision points in Info-Tech’s seven dimensions of resource management.

    2.2 Review resource management tool options, and depending on your selection, prepare a vendor demo script or review and set up Info-Tech’s Portfolio Manager Lite.

    2.3 Customize a workflow and process steps within the bounds of your seven dimensions and informed by your tool selection.

    Outputs

    A wireframe for a right-sized resource management strategy

    A vendor demo script or Info-Tech’s Portfolio Manager Lite.

    A customized resource management process and Resource Management Playbook.

    3 Implement Sustainable Resource Management Practices

    The Purpose

    Develop a plan to pilot your new processes to test whether you have chosen the right dimensions for maintaining resource data.

    Develop a communication plan to guide you through the implementation of the strategy and manage any resistance you may encounter.

    Key Benefits Achieved

    Identify and address improvements before officially instituting the new resource management strategy.

    Identify the other factors that affect resource productivity.

    Implement a completed resource management solution.

    Activities

    3.1 Develop a pilot plan.

    3.2 Perform a resource management start/stop/continue exercise.

    3.3 Develop plans to mitigate executive stakeholder, team, and structural factors that could inhibit your implementation.

    3.4 Finalize the playbook and customize a presentation to help explain your new processes to the organization.

    Outputs

    Process Pilot Plan Template

    A refined resource management process informed by feedback and lessons learned

    Stakeholder management plan

    Resource Management Communications Template

    Further reading

    Establish Realistic IT Resource Management Practices

    Holistically balance IT supply and demand to avoid overallocation.

    Analyst perspective

    Restore the right accountabilities for reconciling supply and demand.

    "Who gets in trouble at the organization when too many projects are approved?

    We’ve just exited a period of about 20-25 years where the answer to the above question was usually “nobody.” The officers of the corporation held nobody to account for the malinvestment of resources that comes from approving too many projects or having systemically unrealistic project due dates. Boards of directors failed to hold the officers accountable for that. And shareholders failed to hold boards of directors accountable for that.

    But this is shifting right under our feet. Increasingly, PMOs are being managed with the mentality previously reserved for those in the finance department. In many cases, the PMOs are now reporting to the CFO! This represents a very simple and basic reversion to the concept of fiduciary duty: somebody will be held to account for the consumption of all those hours, and somebody should be the approver of projects who created the excess demand." – Barry Cousins Senior Director of Research, PMO Practice Info-Tech Research Group

    Our understanding of the problem

    This Research Is Designed For:

    • IT leaders who lack actionable evidence of a resource-supply, work-demand imbalance.
    • CIOs whose departments struggle to meet service and project delivery expectations with given resources.
    • Portfolio managers, PMO directors, and project managers whose portfolio and project plans suffer due to unstable resource availability.

    This Research Will Help You:

    • Build trustworthy resource capacity data to support service and project portfolio management.
    • Develop sustainable resource management practices to help you estimate, and continually validate, your true resource capacity for services and projects.
    • Identify the demands that deplete your resource capacity without creating value for IT.

    This Research Will Also Assist:

    • Steering committee and C-suite management who want to improve IT’s delivery of projects.
    • Project sponsors that want to ensure their projects get the promised resource time by their project managers.

    This Research Will Help Them:

    • Ensure sufficient supply of time for projects to be successfully completed with high quality.
    • Communicate the new resource management practice and get stakeholder buy-in.

    Executive summary

    Situation

    • As CIO, you oversee a department that lacks the resource capacity to adequately meet organizational demand for new projects and services. As a result, project quality and timelines suffer, and service delivery lags.
    • You need a resource management strategy to help bring balance to supply and demand in order to improve IT’s ability to deliver.

    Complication

    • The shift to matrix work structures has strained traditional methods of time tracking. Day-to-day demand is chaotic; staff are pulled in multiple directions by numerous people, making usable capacity data elusive.
    • The executive team approves too many projects, but is not held to account for the overspend on time. Instead, the IT worker is made liable, expected to simply get things done under excessive demands.

    Resolution

    • Instill a culture of capacity awareness. For years, the project portfolio management (PPM) industry has helped IT departments report on demand and usage, but it has largely failed to make capacity part of the conversation. This research helps inject capacity awareness into project and service portfolio planning, enabling IT to get proactive about constraints before overallocation spirals, and project and service delivery suffers.
    • Build a sustainable process. Efforts to get better at resource management often falter when you try to get too granular too quickly. Info-Tech’s approach starts at a high level, ensuring that capacity data is accurate and usable, and that IT’s process discipline is mature enough to maintain the data, before drilling down into greater levels of precision.
    • Establish a capacity hub. You will ultimately need a tool to help provide ongoing resource visibility. Follow the advice in this blueprint to help with your tool selection and ensure the reporting needs of both your team and executives are met.

    Info-Tech Insight

    1. Take a realistic approach to resource management. New organizational realities have made traditional, rigorous resource projections impossible to maintain. Accept reality and get realistic about where IT’s time goes.
    2. Make IT’s capacity perpetually transparent. The best way to ensure projects are approved and scheduled based upon the availability of the right teams and skills is to shine a light into IT’s capacity and hold decision makers to account with usable capacity reports.

    The availability of staff time is rarely factored into IT project and service delivery commitments

    As a result, a lot gets promised and worked on, and staff are always busy, but very little actually gets done – at least not within given timelines or to expected levels of quality.

    Organizations tend to bite off more than they can chew when it comes to project and service delivery commitments involving IT resources.

    While the need for businesses to make an excess of IT commitments is understandable, the impacts of systemically overallocating IT are clearly negative:

    • Stakeholder relations suffer. Promises are made to the business that can’t be met by IT.
    • IT delivery suffers. Project timelines and quality frequently suffer, and service support regularly lags.
    • Employee engagement suffers. Anxiety and stress levels are consistently high among IT staff, while morale and engagement levels are low.

    76% of organizations say they have too many projects on the go and an unmanageable and ever-growing backlog of things to get to. (Cooper, 2014)

    Almost 70% of workers feel as though they have too much work on their plates and not enough time to do it. (Reynolds, 2016)

    Resource management can help to improve workloads and project results, but traditional approaches commonly fall short

    Traditional approaches to resource management suffer from a fundamental misconception about the availability of time in 2017.

    The concept of resource management comes from a pre-World Wide Web era, when resource and project plans could be based on a relatively stable set of assumptions.

    In the old paradigm, the availability of time was fairly predictable, as was the demand for IT services, so there was value to investing time into rigorous demand forecasts and planning.

    Resource projections could be based in a secure set of assumptions – i.e. 8 hour days, 40 hour weeks – and staff had the time to support detailed resource management processes that provided accurate usage data.

    Old Realities

    • Predictability. Change tended to be slow and deliberate, providing more stability for advanced, rigorous demand forecasts and planning.
    • Fixed hierarchy. Tasks, priorities, and decisions were communicated through a fixed chain of command.
    • Single-task focus. The old reality was more accommodating to sustained focus on one task at a time.

    96% of organizations report problems with the accuracy of information on employee timesheets. (Dimensional, 2013)

    Old reality resource forecasting inevitably falters under the weight of unpredictable demands and constant distractions

    New realities are causing demands on workers’ time to be unpredictable and unrelenting, making a sustained focus on a specific task for any length of time elusive.

    Part of the old resource management mythology is the idea that a person can do (for example) eight different one-hour tasks in eight hours of continuous work. This idea has gone from harmlessly mistaken to grossly unrealistic.

    The predictability and focus have given way to more chaotic workplace realities. Technology is ubiquitous, and the demand for IT services is constant.

    A day in IT is characterized by frequent task-switching, regular interruptions, and an influx of technology-enabled distractions.

    Every 3 minutes and 5 seconds: How often the typical office worker switches tasks, either through self-directed or other-directed interruptions. (Schulte, 2015)

    12 minutes, 40 seconds: The average amount of time in-between face-to-face interruptions in matrix organizations. (Anderson, 2015)

    23 minutes, 15 seconds: The average amount of time it takes to become on task, productive, and focused again after an interruption. (Schulte, 2015)

    759 hours: The average number of hours lost per employee annually due to distractions and interruptions. (Huth, 2015)

    The validity of traditional, rigorous resource planning has long been an illusion. New realities are making the sustained focus and stable assumptions that old reality projections relied on all but impossible to maintain.

    For resource management practices to be effective, they need to evolve to meet new realities

    New organizational realities have exacerbated traditional approaches to time tracking, making accurate and usable resource data elusive.

    The technology revolution that began in the 1990s ushered in a new paradigm in organizational structures. Matrix reporting structures, diminished supervision of knowledge workers, massive multi-tasking, and a continuous stream of information and communications from the outside world have smashed the predictability and stability of the old paradigm.

    The resource management industry has largely failed to evolve. It remains stubbornly rooted in old realities, relying on calculations and rollups that become increasingly unsustainable and irrelevant in our high-autonomy staff cultures and interruption-driven work days.

    New Realities

    • Unpredictable. Technologies and organizational strategies change before traditional IT demand forecasts and project plans can be realized.
    • Matrix management. Staff can be accountable to multiple project managers and functional managers at any given time.
    • Multi-task focus. In the new reality, workers’ attentions are scattered across multiple tasks and projects at any given time.

    87% of organizations report challenges with traditional methods of time tracking and reporting. (Dimensional, 2013)

    40% of working time is not tracked or tracked inaccurately by staff. (actiTIME, 2016)

    Poor resource management practices cost organizations dearly

    While time is money, the statistics around resource visibility and utilization suggest that the vast majority of organizations don’t spend their available time all that wisely.

    Research shows that ineffective resource management directly impacts an organization’s bottom line, contributing to such cost drains as the systemic late delivery of projects and increased project costs.

    Despite this, the majority of organizations fail to treat staff time like the precious commodity it is.

    As the results of a 2016 survey show, the top three pain points for IT and PMO leaders all revolve around a wider cultural negligence concerning staff time (Alexander, TechRepublic, 2016):

    • Overcommitted resources
    • Constant change that affects staff assignments
    • An inability to prioritize shared resources

    Top risks associated with poor resource management

    Inability to complete projects on time – 52%

    Inability to innovate fast enough – 39%

    Increased project costs – 38%

    Missed business opportunities – 34%

    Dissatisfied customers or clients – 32%

    12 times more waste – Organizations with poor resource management practices waste nearly 12 times more resource hours than high-performing organizations. (PMI, 2014)

    The concept of fiduciary duty represents the best way to bring balance to supply and demand, and improve project outcomes

    Unless someone is accountable for controlling the consumption of staff hours, too much work will get approved and committed to without evidence of sufficient resourcing.

    Who is accountable for controlling the consumption of staff hours?

    In many ways, no question is more important to the organization’s bottom line – and certainly, to the effectiveness of a resource management strategy.

    Historically, the answer would have been the executive layer of the organization. However, in the 1990s management largely abdicated its obligation to control resources and expenditures via “employee empowerment.”

    Controls on approvals became less rigid, and accountability for choosing what to do (and not do) shifted onto the shoulders of the individual worker. This creates a current paradigm where no one is accountable for the malinvestment…

    …of resources that comes from approving too many projects. Instead, it’s up to individual workers to sink-or-swim, as they attempt to reconcile, day after day, seemingly infinite organizational demand with their finite supply of working hours.

    If your organization has higher demand (i.e. approved project work) than supply (i.e. people’s time), your staff will be the final decision makers on what does and does NOT get worked on.

    Effective time leadership distinguishes top performing senior executives

    "Everything requires time… It is the one truly universal condition. All work takes place in time and uses up time. Yet most people take for granted this unique, irreplaceable and necessary resource. Nothing else, perhaps, distinguishes effective executives as much as their tender loving care of time." – Peter Drucker (quoted in Frank)

    67% of employees surveyed believe their CEOs focus too much on decisions based in short-term financial results and not enough time on decisions that create a stable, positive workplace for staff. (2016 Edelman Trust Barometer)

    Bring balance to supply and demand with realistic resource management practices

    Use Info-Tech’s approach to resource management to capture an accurate view of where your time goes and achieve sustained visibility into your capacity for new projects.

    Realistic project resource management starts by aligning demand with capacity, and then developing tactics to sustain alignment, even in the chaos of our fast-paced, rapidly changing, interruption-driven project environments.

    This blueprint will help you develop practices to promote and maintain accurate resourcing data, while developing tactics to continually inform decision makers’ assumptions about how much capacity is realistically available for project work.

    This research follows a three-phase approach to sustainable practices:

    1. Take Stock of Organizational Supply and Demand
    2. Design a Realistic Resource Management Process
    3. Implement Sustainable Resource Management Practices

    Info-Tech’s three-phase framework is structured around a practical, tactical approach to resource management. It’s not about what you put together as a one-time snapshot. It’s about what you can and will maintain every week, even during a crisis. When you stop maintaining resource management data, it’s nearly impossible to catch up and you’re usually forced to start fresh.

    Info-Tech’s approach is rooted in our seven dimensions of resource management

    Action the decision points across Info-Tech’s seven dimensions to ensure your resource management process is guided by realistic data and process goals.

    Default project vs. non-project ratio

    How much time is available for projects once non-project demands are factored in?

    Reporting frequency

    How often is the allocation data verified, reconciled, and reported for use?

    Forecast horizon

    How far into the future can you realistically predict resource supply?

    Scope of allocation

    To whom is time allocated?

    Allocation cadence

    How long is each allocation period?

    Granularity of time allocation

    What’s the smallest unit of time to allocate?

    Granularity of work assignment

    What is time allocated to?

    This blueprint will help you make the right decisions for your organization across each of these dimensions to ensure your resource management practices match your current process maturity levels.

    Once your framework is defined, we’ll equip you with a tactical plan to help keep supply and demand continually balanced

    This blueprint will help you customize a playbook to ensure your allocations are perpetually balanced week after week, month after month.

    Developing a process is one thing, sustaining it is another.

    The goal of this research isn’t just to achieve a one-time balancing of workloads and expect that this will stand the test of time.

    The true test of a resource management process is how well it facilitates the flow of accurate and usable data as workloads become chaotic, and fires and crises erupt.

    • Info-Tech’s approach will help you develop a playbook and a “rebalancing routine” that will help ensure your allocations remain perpetually current and balanced.
    • The sample routine to the right shows you an example of what this rebalancing process will look like (customizing this process is covered in Phase 3 of the blueprint).

    Sample “rebalancing” routine

    • Maintain a comprehensive list of the sources of demand (i.e. document the matrix).
    • Catalog the demand.
    • Allocate the supply.
    • Forecast the capacity to your forecast horizon.
    • Identify and prepare work packages or tasks for unsatisfied demand to ensure that supply can be utilized if it becomes free.
    • Reconcile any imbalance by repeating steps 1-5 on update frequency, say, weekly or monthly.

    Info-Tech’s method is complemented by a suite of resource management tools and templates

    Each phase of this blueprint is accompanied by supporting deliverables to help plan your resource management strategy and sustain your process implementation.

    Resource management depends on the flow of information and data from the project level up to functional managers, project managers, and beyond – CIOs, steering committees, and senior executives.

    Tools are required to help plan, organize, and facilitate this flow, and each phase of this blueprint is centered around tools and templates to help you successfully support your process implementation.

    Take Stock of Organizational Supply and Demand

    Tools and Templates:

    Design a Realistic Resource Management Process

    Tools and Templates:

    Implement Sustainable Resource Management Practices

    Tools and Templates:

    Use Info-Tech’s Portfolio Manager Lite to support your new process without a heavy upfront investment in tools

    Spreadsheets can provide a viable alternative for organizations not ready to invest in an expensive tool, or for those not getting what they need from their commercial selections.

    While homegrown solutions like spreadsheets and intranet sites lack the robust functionality of commercial offerings, they have dramatically lower complexity and cost-in-use.

    Info-Tech’s Portfolio Manager Lite is a sophisticated, scalable, and highly customizable spreadsheet-based solution that will get your new resource management process up and running, without a heavy upfront cost.

    Kinds of PPM solutions used by Info-Tech clients

    Homemade – 46%

    Commercial – 33%

    No Solution – 21%

    (Info-Tech Research Group (2016), N=433)

    The image shows 3 sheets with charts and graphs.

    Samples of Portfolio Manager Lite's output and reporting tabs

    Info-Tech’s approach to resource management is part of our larger project portfolio management framework

    This blueprint will help you master the art of resource management and set you up for greater success in other project portfolio management capabilities.

    Resource management is one capability within Info-Tech’s larger project portfolio management (PPM) framework.

    Resource visibility and capacity awareness permeates the whole of PPM, helping to ensure the right intake decisions get made, and projects are scheduled according to resource and skill availability.

    Whether you have an existing PPM strategy that you are looking to optimize or you are just starting on your PPM journey, this blueprint will help you situate your resource management processes within a larger project and portfolio framework.

    Info-Tech’ s PPM framework is based on extensive research and practical application, and complements industry standards such as those offered by PMI and ISACA.

    Project Portfolio Management
    Status & Progress Reporting
    Intake, Approval, & Prioritization Resource Management Project Management Project Closure Benefits Tracking
    Organizational Change Management
    Intake → Execution→ Closure

    Realize the value that improved resource management practices could bring to your organization

    Spend your company’s HR dollars more efficiently.

    Improved resource management and capacity awareness will allow your organization to improve resource utilization and increase project throughput.

    CIOs, PMOs, and portfolio managers can use this blueprint to improve the alignment between supply and demand. You should be able to gauge the value through the following metrics:

    Near-Term Success Metrics (6 to 12 months)

    • Increased frequency of currency (i.e. more accurate and usable resource data and reports).
    • Improved job satisfaction from project resources due to more even workloads.
    • Better ability to schedule project start dates and estimate end dates due to recourse visibility.

    Long-Term Success Metrics (12 to 24 months)

    • More projects completed on time.
    • Reclaimed capacity for project work.
    • A reduction in resource waste and increased resource utilization on productive project work.
    • Ability to track estimated vs. actual budget and work effort on projects.

    In the past 12 months, Info-Tech clients have reported an average measured value rating of $550,000 from the purchase of workshops based on this research.

    Info-Tech client masters resource management by shifting the focus to capacity forecasting

    CASE STUDY

    Industry Education

    Source Info-Tech Client

    Situation

    • There are more than 200 people in the IT organization.
    • IT is essentially a shared services environment with clients spanning multiple institutions across a wide geography.
    • The PMO identified dedicated resources for resource management.

    Complication

    • The definition of “resource management” was constantly shifting between accounting the past (i.e. time records), the present (i.e. work assignments), and the future (i.e. long term project allocations).
    • The task data set (i.e. for current work assignments) was not aligned to the historic time records or future capacity.
    • It was difficult to predict or account for the spend, which exceeded 30,000 hours per month.

    “We’re told we can’t say NO to projects. But this new tool set and approach allows us to give an informed WHEN.” – Senior PMO Director, Education

    Resolution

    • The leadership decided to forecast and communicate their resource capacity on a 3-4 month forecast horizon using Info-Tech’s Portfolio Manager 2017.
    • Unallocated resource capacity was identified within certain skill sets that had previously been assessed as fully allocated. While some of the more high-visibility staff were indeed overallocated, other more junior personnel had been systemically underutilized on projects.
    • The high demand for IT project resourcing was immediately placed in the context of a believable, credible expression of supply.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Establish Realistic IT Resource Management Practices – project overview

    1. Take Stock of Organizational Supply and Demand 2. Design a Realistic Resource Management Process 3. Implement Sustainable Resource Management Practices
    Best-Practice Toolkit

    1.1 Set a resource management course of action

    1.2 Create realistic estimates of supply and demand

    2.1 Customize the seven dimensions of resource management

    2.2 Determine the resource management tool that will best support your process

    2.3 Build process steps to ensure data accuracy and sustainability

    3.1 Pilot your resource management process to assess viability

    3.2 Plan to engage your stakeholders with your playbook

    Guided Implementations
    • Scoping call
    • Assess how accountability for resource management is currently distributed
    • Create a realistic estimate of project capacity
    • Map all sources of demand on resources at a high level
    • Set your seven dimensions of resource management
    • Jump-start spreadsheet-based resource management with Portfolio Manager Lite
    • Build on the workflow to determine how data will be collected and who will support the process
    • Define the scope of a pilot and determine logistics
    • Finalize resource management roles and responsibilities
    • Brainstorm and plan for potential resistance to change, objections, and fatigue from stakeholders
    Onsite Workshop

    Module 1:

    • Take Stock of Organizational Supply and Demand

    Module 2:

    • Design a Realistic Resource Management Process

    Module 3:

    • Implement Sustainable Resource Management Practices

    Phase 1 Outcome:

    • Resource Management Supply-Demand Calculator

    Phase 2 Outcome:

    • Resource Management Playbook

    Phase 3 Outcome:

    • Resource Management Communications Template

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4 Workshop Day 5
    Activities

    Introduction to PPM and resource management

    1.1 Complete and review PPM Current State Scorecard Assessment

    1.2 Perform root cause analysis of resource management challenges

    1.3 Initiate time audit survey of management and staff

    Take stock of supply and demand

    2.1 Review the outputs of the time audit survey and analyze the data

    2.2 Analyze project and non-project demands, including the sources of those demands

    2.3 Set the seven dimensions of resource management

    Design a resource management process

    3.1 Review resource management tool options

    3.2 Prepare a vendor demo script or review Portfolio Manager Lite

    3.3 Build process steps to ensure data accuracy and sustainability

    Pilot and refine the process

    4.1 Define methods for piloting the strategy (after the workshop)

    4.2 Complete the Process Pilot Plan Template

    4.3 Conduct a mock resource management meeting

    4.4 Perform a RACI exercise

    Communicate and implement the process

    5.1 Brainstorm potential implications of the new strategy and develop a plan to manage stakeholder and staff resistance to the strategy

    5.2 Customize the Resource Management Communications Template

    5.3 Finalize the playbook

    Deliverables
    1. PPM Current State Scorecard Assessment
    2. Root cause analysis
    3. Time Audit Workbook and survey templates
    1. Resource Management Supply-Demand Calculator
    1. Portfolio Manager Lite
    2. PPM Solution Vendor Demo Script
    3. Tentative Resource Management Playbook
    1. Process Pilot Plan Template
    2. RACI chart
    1. Resource Management Communications Template
    2. Finalized Resource Management Playbook

    Phase 1

    Take Stock of Organizational Resource Supply and Demand

    Phase 1 Outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Take Stock of Organizational Resource Supply and Demand

    Proposed Time to Completion (in weeks): 1-2 weeks

    Step 1.1: Analyze the current state

    Start with an analyst kick-off call:

    • Discuss the goals, aims, benefits, and challenges of resource management
    • Identify who is currently accountable for balancing resource supply and demand

    Then complete these activities…

    • Assess the current distribution of accountabilities in resource management
    • Delve into your current problems to uncover root causes
    • Make a go/no-go decision on developing a new resource management practice
    Step 1.2: Estimate your supply and demand

    Review findings with analyst:

    • Root causes of resource management
    • Your current impression about the resource supply-demand imbalance

    Then complete these activities…

    • Estimate your resource capacity for each role
    • Estimate your project/non-project demand on resources
    • Validate the findings with a time-tracking survey

    With these tools & templates:

    • Resource Management Supply-Demand Calculator
    • Time-Tracking Survey Email Template

    Phase 1 Results & Insights:

    A matrix organization creates many small, untraceable demands that are often overlooked in resource management efforts, which leads to underestimating total demand and overcommitting resources. To capture them and enhance the success of your resource management effort, focus on completeness rather than precision. Precision of data will improve over time as your process maturity grows.

    Step 1.1: Set a resource management course of action

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:
    • Determine your resource management process capability level
    • Assess how accountability for resource management is currently distributed
    This step involves the following participants:
    • CIO / IT Director
    • PMO Director/ Portfolio Manager
    • Functional / Resource Managers
    • Project Managers
    Outcomes of this step
    • Current distribution of accountability for resource management practice
    • Root-cause analysis of resourcing challenges facing the organization
    • Commitment to implementing a right-sized resource management practice

    “Too many projects, not enough resources” is the reality of most IT environments

    A profound imbalance between demand (i.e. approved project work and service delivery commitments) and supply (i.e. people’s time) is the top challenge IT departments face today..

    In today’s organizations, the desires of business units for new products and enhancements, and the appetites of senior leadership to approve more and more projects for those products and services, far outstrip IT’s ability to realistically deliver on everything.

    The vast majority of IT departments lack the resourcing to meet project demand – especially given the fact that day-to-day operational demands frequently trump project work.

    As a result, project throughput suffers – and with it, IT’s reputation within the organization.

    Info-Tech Insight

    Where does the time go? The portfolio manager (or equivalent) should function as the accounting department for time, showing what’s available in IT’s human resources budget for projects and providing ongoing visibility into how that budget of time is being spent.

    Resource management can help to even out staff workloads and improve project and service delivery results

    As the results of a recent survey* show, the top three pain points for IT and PMO leaders all revolve around a wider cultural negligence concerning staff time:

    • Overcommitted resources
    • Constant change that affects staff assignments
    • An inability to prioritize shared resources

    A resource management strategy can help to alleviate these pain points and reconcile the imbalance between supply and demand by achieving the following outcomes:

    • Improving resource visibility
    • Reducing overallocation, and accordingly, resource stress
    • Reducing project delay
    • Improving resource efficiency and productivity

    Top risks associated with poor resource management

    Inability to complete projects on time – 52%

    Inability to innovate fast enough – 39%

    Increased project costs – 38%

    Missed business opportunities – 34%

    Dissatisfied customers or clients – 32%

    12 times more waste – Organizations with poor resource management practices waste nearly 12 times more resource hours than high-performing organizations. (PMI, 2014)

    Resource management is a core process in Info-Tech’s project portfolio management framework

    Project portfolio management (PPM) creates a stable and secure infrastructure around projects.

    PPM’s goal is to maximize the throughput of projects that provide strategic and operational value to the organization. To do this, a PPM strategy must help to:

    Info-Tech's Project Portfolio Management Process Model
    3. Status & Progress Reporting [make sure the projects are okay]
    1. Intake, Approval, & Prioritization [select the right projects] 2. Resource Management [Pick the right time and people to execute the projects Project Management

    4. Project Closure

    [make sure the projects get done]

    5. Benefits Tracking

    [make sure they were worth doing]

    Organizational Change Management
    Intake → Execution→ Closure

    If you don’t yet have a PPM strategy in place, or would like to revisit your existing PPM strategy before implementing resource management practices, see Info-Tech’s blueprint, Develop a Project Portfolio Management Strategy.

    Effective resource management is rooted in a relatively simple set of questions

    However, while the questions are rather simple, the answers become complicated by challenges unique to matrix organizations and other workplace realities in 2017.

    To support the goals of PPM more generally, resource management must (1) supply quality work-hours to approved and ongoing projects, and (2) supply reliable data with which to steer the project portfolio.

    To do this, a resource management strategy must address a relatively straightforward set of questions.

    Key Questions

    • Who assigns the resources?
    • Who feeds the data on resources?
    • How do we make sure it’s valid?
    • How do we handle contingencies when projects are late or when availability changes?

    Challenges

    • Matrix organizations require project workers to answer to many masters and balance project work with “keep the lights on” activities and other administrative work.
    • Interruptions, distractions, and divided attention create consistent challenges for workplace productivity.

    "In matrix organizations, complicated processes and tools get implemented to answer the deceptively simple question “what’s Bob going to work on over the next few months?” Inevitably, the data captured becomes the focus of scrutiny as functional and project managers complain about data inaccuracy while simultaneously remaining reluctant to invest the effort necessary to improve quality." – Kiron Bondale

    Determine your organization’s resource management capability level with a maturity assessment

    1.1.1
    10 minutes

    Input

    • Organizational strategy and culture

    Output

    • Resource management capability level

    Materials

    • N/A

    Participants

    • PMO Director/ Portfolio Manager
    • Project Managers
    • Resource Managers

    Kick-off the discussion on the resource management process by deciding which capability level most accurately describes your organization’s current state.

    Capability Level Descriptions
    Capability Level 5: Optimized Our organization has an accurate picture of project versus non-project workloads and allocates resources accordingly. We periodically reclaim lost capacity through organizational and behavioral change.
    Capability Level 4: Aligned We have an accurate picture of how much time is spent on project versus non-project work. We allocate resources to these projects accordingly. We are checking in on project progress bi-weekly.
    Capability Level 3: Pixelated We are allocating resources to projects and tracking progress monthly. We have a rough estimate of how much time is spent on project versus non-project work.
    Capability Level 2: Opaque We match resource teams to projects and check in annually, but we do not forecast future resource needs or track project versus non-project work.
    Capability Level 1: Unmanaged Our organization expects projects to be finished, but there is no process in place for allocating resources or tracking project progress.

    If resources are poorly managed, they prioritize work based on consequences rather than on meeting demand

    As a result, matrix organizations are collectively steered by each resource and its individual motives, not by managers, executives, or organizational strategy.

    In a matrix organization, demands on a resource’s time come from many directions, each demand unaware of the others. Resources are expected to prioritize their work, but they typically lack the authority to formally reject demand, so demand frequently outstrips the supply of work-hours the resource can deliver.

    When this happens, the resource has three options:

    1. Work more hours, typically without compensation.
    2. Choose tasks not to do in a way that minimizes personal consequences.
    3. Diminish work quality to meet quantity demands.

    The result is an unsustainable system for those involved:

    1. Resources cannot meet expectations, leading to frustration and disengagement.
    2. Managers cannot deliver on the projects or services they manage and struggle to retain skilled resources who are looking elsewhere for “greener pastures.”
    3. Executives cannot execute strategic plans as they lose decision-making power over their resources.

    Scope your resource management practices within a matrix organization by asking “who?”

    Resource management boils down to a seemingly simple question: how do we balance supply and demand? Balancing requires a decision maker to make choices; however, in a matrix organization, identifying this decision maker is not straightforward:

    Balance

    • Who decides how much capacity should be dedicated to project work versus administrative or operational work?
    • Who decides how to respond to unexpected changes in supply or demand?

    Supply

    • Who decides how much total capacity we have for each necessary skill set?
    • Who manages the contingency, or redundancy, of capacity?
    • Who validates the capacity supply as a whole?
    • Who decides what to report as unexpected changes in supply (and to whom)?

    Demand

    • Who generates demand on the resource that can be controlled by their manager?
    • Who generates demand on the capacity that cannot be controlled by their manager?
    • Who validates the demand on capacity as a whole?
    • Who decides what to report as unexpected changes in demand (and to whom)?

    The individual who has the authority to make choices, and who is ultimately liable for those decisions, is an accountable person. In a matrix organization, accountability is dispersed, sometimes spilling over to those without the necessary authority.

    To effectively balance supply and demand, senior management must be held accountable

    Differentiate between responsibility and accountability to manage the organization’s project portfolio effectively.

    Responsibility

    The responsible party is the individual (or group) who actually completes the task.

    Responsibility can be shared.

    VS.

    Accountability

    The accountable person is the individual who has the authority to make choices, and is ultimately answerable for the decision.

    Accountability cannot be shared.

    Resources often do not have the necessary scope of authority to make resource management choices, so they can never be truly accountable for the project portfolio. Instead, resources are accountable for making available trustworthy data, so the right people can make choices driven by organizational strategy.

    The next activity will assess how accountability for resource management is currently distributed in your organization.

    Assess the current distribution of accountability for resource management practice

    1.1.2
    15 minutes

    Input

    • Organizational strategy and culture

    Output

    • Current distribution of accountabilities for resource management

    Materials

    • Whiteboard/flip chart
    • Markers

    Participants

    • CIO
    • PMO Director/ Portfolio Manager

    Below is a list of tasks in resource management that require choices. Discuss who is currently accountable and whether they have the right authority and ability to deliver on that accountability.

    Resource management tasks that require choices Accountability
    Current Effective?
    Identify all demands on resources
    Prioritize identified project demands
    Prioritize identified operational demands
    Prioritize identified administrative demands
    Prioritize all of the above demands
    Enumerate resource supply
    Validate resource supply
    Collect and validate supply and demand data
    Defer or reject work beyond available supply
    Adjust resource supply to meet demand

    Develop coordination between project and functional managers to optimize resource management

    Because resources are invariably responsible for both project and non-project work, efforts to procure capacity for projects cannot exist in isolation.

    IT departments need many different technical skill sets at their disposal for their day-to-day operations and services, as well as for projects. A limited hiring budget for IT restricts the number of hires with any given skill, forcing IT to share resources between service and project portfolios.

    This resource sharing produces a matrix organization divided along the lines of service and projects. Functional and project managers provide respective oversight for services and projects. Resources split their available work-hours toward service and project tasks according to priority – in theory.

    However, in practice, two major challenges exist:

    1. Poor coordination between functional and project managers causes commitments beyond resource capacity, disputes about resource oversight, and animosity among management, all while resources struggle to balance unclear priorities.
    2. Resources have a “third boss,” namely uncontrolled demands from the rest of the business, which lack both visibility and accountability.

    The image shows a board balanced on a ball (labelled Resource Management), with two balls on either end of it (Capacity Supply on the left, and Demand on the right), and another board balanced on top of the right ball, with two more balls balanced on either side of it (Projects on the left and Operational, Administrative, Etc. on the right).

    Resource management processes must account for the numerous small demands generated in a matrix organization

    Avoid going bankrupt $20 at a time: small demands add up to a significant chunk of work-hours.

    Because resource managers must cover both projects and services within IT, the typical solution to allocation problems in matrix organizations is to escalate the urgency and severity of demands by involving the executive steering committee. Unfortunately, the steering committee cannot expend time and resources on all demands. Instead, they often set a minimum threshold for cases – 100-1,000 work-hours depending on the organization.

    Under this resource management practice, small demands – especially the quick-fixes and little projects from “the third boss” – continue to erode project capacity. Eventually, projects fail to get resources because pesky small demands have no restrictions on the resources they consumed.

    Realistic resource management needs to account for demand from all three bosses; however…

    Info-Tech Insight

    Excess project or service request intake channels lead to the proliferation of “off-the-grid” projects and tasks that lack visibility from the IT leadership. This can indicate that there may be too much red tape: that is, the request process is made too complex or cumbersome. Consider simplifying the request process and bring IT’s visibility into those requests.

    Interrogate your resource management problems to uncover root causes

    1.1.3
    30 minutes to 1 hour

    Input

    • Organizational strategy and culture

    Output

    • Root causes of resource management failures

    Materials

    • Whiteboard/flip chart
    • Sticky notes
    • Markers

    Participants

    • CIO
    • PMO Director/ Portfolio Manager
    • Functional Managers
    • Project Managers
    1. Pick a starting problem statement in resource management. e.g. projects can’t get resource work-hours.
    2. Ask the participants “why”? Use three generic headings – people, processes, and technology – to keep participants focused. Keep the responses solution-agnostic: do not jump to solutions. If you have a large group, divide into smaller groups and use sticky notes to encourage more participation in this brainstorming step.
    People Processes Technology
    • We don’t have enough people/skills.
    • People are tied up on projects that run late.
    • Functional and project managers appear to hoard resources.
    • Resources cannot prioritize work.
    • Resources are too busy responding to 911s from the business.
    • Resources cannot prioritize projects vs. operational tasks.
    • “Soft-closed” projects do not release resources for other work.
    • We don’t have tools that show resource availability.
    • Tools we have for showing resource availability are not being used.
    • Data is inaccurate and unreliable.
    1. Determine the root cause by iteratively asking “why?” up to five times, or until the chain of whys comes full circle. (i.e. Why A? B. Why B? C. Why C? A.) See below for an example.

    1.1.2 Example of a root-cause analysis: people

    The following is a non-exhaustive example:

    The image shows an example of a root-cause analysis. It begins on the left with the header People, and then lists a series of challenges below. Moving toward the right, there are a series of headers that read Why? at the top of the chart, and listing reasons for the challenges below each one. As you read through the chart from left to right, the reasons for challenges become increasingly specific.

    Right-size your resource management strategy with Info-Tech’s realistic resource management practice

    If precise, accurate, and complete data on resource supply and demand was consistently available, reporting on project capacity would be easy. Such data would provide managers complete control over a resource’s time, like a foreman at a construction site. However, this theoretical scenario is incompatible with today’s matrixed workplace:

    • Sources of demand can lie outside IT’s control.
    • Demand is generated chaotically, with little predictability.
    • Resources work with minimal supervision.

    Collecting and maintaining resource data is therefore nearly impossible:

    • Achieving perfect data accuracy creates unnecessary overhead.
    • Non-compliance by one project or resource makes your entire data set unusable for resource management.

    This blueprint will guide you through right-sizing your resource management efforts to achieve maximum value-to-effort ratio and sustainability.


    The image shows a graph with Quality, Value on the Y axis, and Required Effort on the X-Axis. The graph is divided into 3 categories, based on the criteria: Value-to-effort Ratio and Sustainability. The three sections are labelled at the top of the graph as: Reactive, “gut feel”-driven; Right-sized resource management; Full control, complete data. The 2nd section is bolded. The line in the graph starts low, rising through the 2nd section, and is stable at the top of the chart in the final section.

    Choose your resource management course of action

    Portfolio managers looking for a resource management solution have three mutually exclusive options:

    Option A: Do Nothing

    • Rely on expert judgment and intuition to make portfolio choices.
    • Allow the third boss to dictate the demands of your resources.

    Option B: Get Precise

    • Aim for granularity and precision of data with a solution that may demand more capacity than is realistically available by hiring, outsourcing, or over-allocating people’s time.
    • Require detailed, accurate time sheets for all project tasks.
    • For those choosing this option, proceed to Info-Tech’s Select and Implement a PPM Solution.

    Option C: Get Realistic

    • Balance capacity supply and demand using abstraction.
    • Implement right-sized resource management practices that rely on realistic, high-level capacity estimates.
    • Reduce instability in data by focusing on resource capacity, rather than granular project demands and task level details.

    This blueprint takes you through the steps necessary to accomplish Option C, using Info-Tech’s tools and templates for managing your resources.

    Step 1.2: Create realistic estimates of supply and demand

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:
    • Create a realistic estimate of project capacity
    • Map all sources of demand on resources at a high level
    • Validate your supply and demand assumptions by directly surveying your resources
    This step involves the following participants:
    • PMO Director / Portfolio Manager
    • Project Managers (optional)
    • Functional / Resource Managers (optional)
    • Project Resources (optional)
    Outcomes of this step
    • A realistic estimate of your total and project capacity, as well as project and non-project demand on their time
    • Quantitative insight into the resourcing challenges facing the organization
    • Results from a time-tracking survey, which are used to validate the assumptions made for estimating resource supply and demand

    Create a realistic estimate of your project capacity with Info-Tech’s Resource Management Supply-Demand Calculator

    Take an iterative approach to capacity estimates: use your assumptions to create a meaningful estimate, and then validate with your staff to improve its accuracy.

    Use Info-Tech’s Resource Management Supply-Demand Calculator to create a realistic estimate of your project capacity.

    The calculator tool requires minimal upfront staff participation: you can obtain meaningful results with participation from even a single person, with insight on the distribution of your resources and their average work week or month. As the number of participants increases, the quality of analysis will improve.

    The first half of this step guides you through how to use the calculator. The second half provides tactical advice on how to gather additional data and validate your resourcing data with your staff.

    Download Info-Tech’s Resource Management Supply-Demand Calculator

    Info-Tech Insight

    What’s first, process or tools? Remember that process determines the quality of your data while data quality limits the tool’s utility. Without quality data, you cannot evaluate the success of the tool, so nail down your collection process first.

    Break down your resource capacity into high-level buckets of time for each role

    1.2.1
    30 minutes - 1 hour

    Input

    • Staff resource types
    • Average work week
    • Estimated allocations

    Output

    A realistic estimate of project capacity

    Materials

    Resource Management Supply-Demand Calculator

    Participants

    • PMO Director
    • Resource/Functional Managers (optional)

    We define four high-level buckets of resource time:

    • Absence: on average, a resource spends 14% of the year on vacation, statutory holidays, business holidays and other forms of absenteeism.
    • Administrative: time spent on meetings, recordkeeping, etc.
    • Operational: keeping the lights on; reactive work.
    • Projects: time to work on projects; typically, this bucket of time is whatever’s left from the above.

    The image shows a pie chart with four sections: Absence - 6,698 14%; Admin - 10,286 22%; Keep the Lights On - 15, 026 31%; Project Capacity 15, 831 33%.

    Instructions for working through Tab 2 of the Resource Management Supply-Demand Calculator are provided in the next two sections. Follow along to obtain your breakdown of annual resource capacity in a pie chart.

    Break down your resource capacity into high-level buckets of time for each role

    1.2.1
    Resource Management Supply-Demand Calculator, Tab 2: Capacity Supply

    Discover how many work-hours are at your disposal by first accounting for absences.

    The image shows a section of the Resource Management Supply-Demand Calculator, for calculating absences, with sample information filled in.

    1. Compile a list of each of the roles within your department.
    2. Enter the number of staff currently performing each role.
    3. Enter the number of hours in a typical work week for each role.
    4. Enter the foreseeable out-of-office time (vacation, sick time, etc.) Typically, this value is 12-16% depending on the region.

    Hours per Year represents your total resource capacity for each role, as well as the entire department. This column is automatically calculated.

    Working Time per Year represents your total resource capacity minus time employees are expected to spend out of office. This column is automatically calculated.

    Info-Tech Insight

    Example for a five-day work week:

    • 2 weeks (10 days) of statutory holidays
    • 3 weeks of vacation
    • 1.4 weeks (7 days) of sick days on average
    • 1 week (5 days) for company holidays

    Result: 7.4/52 weeks’ absence = 14.2%

    Break down your resource capacity into high-level buckets of time for each role (continued)

    1.2.1
    Resource Management Supply-Demand Calculator, Tab 2: Capacity Supply

    Determine the current distribution of your resources’ time and your confidence in whether the resources indeed supply those times.

    The image is a screen capture of the Working Time section of the calculator, with sample information filled in.

    5. Enter the percentage of working time across each role that, on an annual basis, goes toward administrative duties (non-project meetings, training, time spent checking email, etc.) and keep-the-lights-on work (e.g. support and maintenance work).

    While these percentages will vary by individual, a high-level estimate across each role will suffice for the purposes of this activity.

    6. Express how confident you are in each resource being able to deliver the calculated project work hours in percentages.

    Another interpretation for supply confidence is “supply control”: estimate your current ability to control this distribution of working time to meet the changing needs in percentages.

    Percentage of your working time that goes toward project work is calculated based upon what’s left after your non-project working time allocations have been subtracted.

    Create a realistic estimate of the demand from your project portfolio with the T-shirt sizing technique

    1.2.2
    15 minutes - 30 minutes

    Input

    • Average work-hours for a project
    • List of projects
    • PPM Current State Scorecard

    Output

    A realistic estimate of resource demand from your project portfolio

    Materials

    Resource Management Supply-Demand Calculator

    Participants

    • PMO Director
    • Project Managers (optional)

    Quickly re-express the size of your project portfolio in resource hours required.

    Estimating the resources required for a project in a project backlog can take a lot of effort. Rather than trying to create an accurate estimate for each project, a set of standard project sizes (often referred to as the “T-shirt sizing” technique) will be sufficiently accurate for estimating your project backlog’s overall demand.

    Instructions for working through Tab 3 of the tool are provided here and in the next section.

    1. For each type of project, enter the average number for work-hours.

    Project Types Average Number of Work Hours for a Project
    Small 80
    Medium 200
    Large 500
    Extra-Large 1000

    Improve your estimate of demand from your project portfolio by accounting for unproductive capacity spending

    1.2.2
    Resource Management Supply-Demand Calculator, Tab 3: Project Demand

    2. Using your list of projects, enter the number of projects for each appropriate field.

    The image shows a screen capture of the number of projects section of the Resource Management Supply-Demand Calculator, with sample information filled in.

    3. Enter your resource waste data from the PPM Current State Scorecard (see next section). Alternatively, enter your best guess on how much project capacity is spent wastefully per category.

    The image shows a screen capture of the Waste Assessment section of the Resource Management Supply-Demand Calculator, with sample information filled in, and a pie chart on the right based on the sample data.

    Info-Tech Insight

    The calculator estimates the project demand by T-shirt-sizing the work-hours required by projects to be delivered within the next 12 months and then adding the corresponding wasted capacity. This may be a pessimistic estimate, but it is more realistic because projects tend to be delivered late more than early.

    Estimate how much project capacity is wasted with Info-Tech’s PPM Current State Scorecard

    Call 1-888-670-8889 or contact your Account Manager for more information.

    This step is highly recommended but not required.

    Info-Tech’s PPM Current State Scorecard diagnostic provides a comprehensive view of your portfolio management strengths and weaknesses, including project portfolio management, project management, customer management, and resource utilization.

    Use the wisdom-of-the-crowd to estimate resource waste in:

    • Cancelled projects
    • Inefficiency
    • Suboptimal assignment of resources
    • Unassigned resources
    • Analyzing, fixing, and redeploying

    50% of PPM resource is wasted on average, effectively halving your available project capacity.

    Estimate non-project demand on your resources by role

    1.2.3
    45 minutes - 1 hour

    Input

    • Organizational chart
    • Knowledge of staff non-project demand

    Output

    Documented non-project demands and their estimated degree of fluctuation

    Materials

    Resource Management Supply-Demand Calculator

    Participants

    • PMO Director
    • Functional Managers (optional)
    Document non-project demand that could eat into your project capacity.

    When discussing project demands, non-project demands (administrative and operational) are often underestimated and downplayed – even though, in reality, they take a de facto higher priority to project work. Use Tab 4 of the tool to document these non-project demands, as well as their sources.

    The image shows a screen capture from Tab 4 of the tool, with sample information filled in.

    1. Choose a role using a drop-down list.

    2. Enter the type and the source of the demand.

    3. Enter the size and the frequency of the demand in hours.

    4. Estimate how stable the non-project demands are for each role.

    Examine and discuss your supply-demand analysis report

    1.2.4
    30 minutes - 1 hour

    Input

    Completed Resource Management Supply-Demand Calculator

    Output

    Supply-Demand Analysis Report

    Materials

    Resource Management Supply-Demand Calculator

    Participants

    • PMO Director
    • Functional Managers
    • Project Managers

    Start a data-driven discussion on resource management using the capacity supply-demand analysis report.

    Tab 5 of the calculator is a report that contains the following analysis:

    1. Overall resource capacity supply and demand gap
    2. Project capacity supply vs. demand gap
    3. Non-project capacity supply vs. demand balance
    4. Resource capacity confidence

    Each analysis is described and explained in the following four sections. Examine the report and discuss the following among the activity participants:

    1. How is your perception of the current resource capacity supply-demand balance affected by this analysis? How is it confirmed? Is it changed?
    2. Perform a root-cause analysis of problems revealed by the report. For each observation, ask “why?” repeatedly – generally, you can arrive at the root cause in four iterations.
    3. Refer back to Activity 1.1.2: current distribution of accountability for resource management. In your situation, how would you prioritize which resource management tasks to improve? Who are the involved stakeholders?

    Examine your supply-demand analysis report: overall resource capacity gap

    1.2.4
    Resource Management Supply-Demand Calculator, Tab 5: Supply-Demand Analysis

    1. Examine your resource capacity supply and demand gap.

    The top of the report on Tab 5 shows a breakdown of your annual resource supply and demand, with resource capacity shown in both total hours and percentage of the total. For the purposes of the analysis, absence is averaged. If total demand is less than available resource supply, the surplus capacity will be displayed as “Free Capacity” on the demand side.

    The Supply & Demand Analysis table displays the realistic project capacity, which is calculated by subtracting non-project supply deficit from the project capacity. This is based on the assumption that all non-project work must get done. The difference between the project demand and the realistic project capacity is your supply-demand gap, in work-hours.

    If your supply-demand gap is zero, recognize that the project demand does not take into account the project backlog: it only takes into account the projects that are expected to be delivered within the next 12 months.

    Examine your supply-demand analysis report: project capacity gap

    1.2.4
    Resource Management Supply-Demand Calculator, Tab 5: Supply-Demand Analysis

    2. Examine your project capacity supply vs. demand gap.

    The project capacity supply and demand analysis compares your available annual project capacity with the size of your project portfolio, expressed in work-hours.

    The supply side is further broken down to productive vs. wasted project capacity. The demand side is broken down to three buckets of projects: those that are active, those that sit in the backlog, and those that are expected to be added within 12 months. Percentage values are expressed in terms of total project capacity.

    A key observation here is the limitation to which reducing wasteful spending of resources can get to the project portfolio backlog. In this example, even a theoretical scenario of 100% productive project capacity will not likely result in net shrinkage of the project portfolio backlog. To achieve that, either the total project capacity must be increased, or less projects must be approved.

    Note: the work-hours necessary for delivering projects that are expected to be completed within 12 months is not shown in this visualization, as they should be represented within the other three categories of projects.

    Examine your supply-demand analysis report: non-project capacity gap

    1.2.4
    Resource Management Supply-Demand Calculator, Tab 5: Supply-Demand Analysis

    3. Drill down on the non-project capacity supply-demand balance by each role.

    The non-project capacity supply and demand analysis compares your available non-project capacity and their demands in a year, for each role, in work-hours.

    With this chart, you can:

    1. Observe which roles are “running hot,” (i.e. they have more demand than available supply).
    2. Verify your non-project/project supply ratio assumptions in Tab 2 of the tool / Activity 1.2.1.

    Tab 5 also provides similar breakdowns for administrative and keep-the-lights-on capacity supply and demand by each role.

    Examine your supply-demand analysis report: resource capacity confidence (RCC)

    1.2.4
    Resource Management Supply-Demand Calculator, Tab 5: Supply-Demand Analysis

    4. Examine your resource capacity confidence.

    In our approach, we introduce a metric called Resource Capacity Confidence (RCC). Conceptually, RCC is defined as follows:

    Resource Capacity Confidence = SC × DS × SDR

    Term Name Description
    SC Supply Control How confident are you that the supply of your resources’ project capacity will be delivered?
    DS Demand Stability How wildly does demand fluctuate? If it cannot be controlled, can it be predicted?
    SDR Supply-Demand Ratio How severely does demand outstrip supply?

    In this context, RCC can be defined as follows:

    "Given the uncertainty that our resources can supply hours according to the assumed project/non-project ratio, the fluctuations in non-project demand, and the overall deficit in project capacity, there is about 50% chance that we will be able to deliver the projects we are expected to deliver within the next 12 months."

    Case study: Non-project work is probably taking far more time than you might like

    CASE STUDY

    Industry Government

    Source Info-Tech Client

    "When our customers get a budget for a project, it’s all in capital. It never occurs to them that IT has a limited number of hours. "

    Challenge

    • A small municipal government was servicing a wide geographic area for information technology and infrastructure services.
    • There was no meaningful division of IT resources between support and project work.
    • Previous IT leadership tried a commercial PPM tool and stopped paying maintenance fees for it because of lack of adoption.
    • Projects were tracked inconsistently in multiple places.

    Solution

    • New project requests were approved with IT involvement.
    • Project approvals were entirely associated with the capital budget required and resourcing was never considered to be a constraint.
    • The broad assumption was that IT time was generally available for project work.
    • In reality, the IT personnel had almost no time for project work.

    Results

    • The organization introduced Info-Tech’s Grow Your Own PPM Solution template with minor modifications.
    • They established delivery dates for projects based on available time.
    • Time was allocated for projects based on person, project, percentage of time, and month.
    • They prioritized project allocations above reactive support work.

    Validate your resourcing assumptions with your staff by surveying their use of time

    Embrace the reality of imperfect IT labor efficiency to improve your understanding of resource time spend.

    Use Info-Tech’s time-tracking survey to validate your resourcing assumptions and get additional information to improve your understanding of resource time spent: imperfect labor efficiency and continuous partial attention.

    Causes of imperfect IT labor inefficiency
    • Most IT tasks are unique to their respective projects and contexts. A component that took 30 minutes to install last year might take two hours to install this year due to system changes that occurred since then.
    • Many IT tasks come up unexpectedly due to the need to maintain and support systems implemented on past projects. This work is unpredictable in terms of specifics (what will break where, when, or how).
    • Task switching slows people down and consumes time.
    • Problem solving and solution design often requires unstructured time to think more openly. Some of the most valuable solutions are conceived or discovered when people aren’t regimented and focused on getting things done.

    Info-Tech Insight

    Part of the old resource management mythology is the idea that a person can do (for example) eight different one-hour tasks in eight hours of continuous work. This idea has gone from harmlessly mistaken to grossly unrealistic.

    Constant interruptions lead to continuous partial attention that threatens real productivity

    There’s a difference between being busy and getting things done.

    “Working” on multiple tasks at once can often feel extremely gratifying in the short term because it distracts people from thinking about work that isn’t being done.

    The bottom line is that continuous partial attention impedes the progress of project work.

    Research on continuous partial attention
    • A study that analyzed interruptions and their effects on individuals in the workplace found that that “41% of the time an interrupted task was not resumed right away” (Mark, 2015).
    • Research has also shown that it can take people an average of 23 minutes to return to a task after being interrupted (Schulte, 2015).
    • Delays following interruptions are typically due to switching between multiple other activities before returning to the original task. In many cases, those tasks are much lower priorities – and in some cases not even work-related.

    Info-Tech Insight

    It may not be possible to minimize interruptions in the workplace, as many of these are considered to be urgent at the time. However, setting guidelines for how and when individuals can be interrupted may help to limit the amount of lost project time.

    "Like so many things, in small doses, continuous partial attention can be a very functional behavior. However, in large doses, it contributes to a stressful lifestyle, to operating in crisis management mode, and to a compromised ability to reflect, to make decisions, and to think creatively."

    – Linda Stone, Continuous Partial Attention

    Define the goals and the scope of the time-tracking survey

    1.2.5
    30 minutes

    Input

    Completed Resource Management Supply-Demand Calculator

    Output

    Survey design for the time-tracking survey

    Materials

    N/A

    Participants

    • PMO Director
    • Functional Managers
    • Project Managers

    Discuss the following with the activity participants:

    1. Define the scope of the survey
      • Respondents: Comprehensive survey of individuals vs. a representative sample using roles.
      • Granularity: decide how in-depth the questions will be and how often the survey will be delivered.
      • Data Collection: what information do you want to collect?
        • Proportion of project vs. non-project work.
        • Time spent on administrative tasks.
        • Prevalence and impact of distractions.
        • Worker satisfaction.
    2. Determine the sample time period covered by the survey
      • Info-Tech recommends 2-4 weeks. Less than 2 weeks might not be a representative sample, especially during vacation seasons.
      • More than 4 weeks will impose unreasonable time and effort for diminishing returns; data quality will begin to deteriorate as participation declines.
    3. Determine the survey method
      • Use your organization’s preferred survey distributor/online survey tool, or conduct one-on-one interviews to capture data.

    1.2.5 continued - Refine the questionnaire to improve the relevance and quality of insights produced by the survey

    Start with Info-Tech’s recommended weekly survey questions:

    1. Estimate your daily average for number of hours spent on:
      1. Total work
      2. Project work
      3. Non-project work
    2. How many times are you interrupted with “urgent” requests requiring immediate response in a given day?
    3. How many people or projects did you complete tasks for this week?
    4. Rate your overall satisfaction with work this week.
    5. Describe any special tasks, interruptions, or requests that took your time and attention away from project work this week.

    Customize these questions to suit your needs.

    Info-Tech Insight

    Maximize the number of survey responses you get by limiting the number of questions you ask. Info-Tech finds that participation drops off rapidly after five questions.

    1.2.5 continued - Communicate the survey goals and steps, and conduct the survey

    1. Communicate the purpose and goals of the survey to maximize participation and satisfaction.
      • Provide background for why the survey is taking place. Clarify that the intention is to improve working conditions and management capabilities, not to play “gotcha” or hold workers accountable.
    2. Provide a timeline so expectations are clear about when possible next steps will occur, such as
      • Sharing and analyzing results
      • Making decisions
      • Taking action
    3. Reiterate what people are required or expected to do and how much effort is required. Provide reasonable and realistic estimates of how much time and effort people should spend on audit participation.
    4. Distribute the survey; collect and analyze the data.

    Info-Tech Insight

    Make sure that employees understand the purpose of the survey. It is important that they give honest responses that reflect the struggles they are encountering with balancing project and non-project work, not simply telling management what they want to hear.

    Ensuring that employees know this survey is being used to help them, rather than scolding them for not completing work, will give you useful, insightful data on employee time.

    Use Info-Tech’s Time-Tracking Survey Email Template for facilitating your communications.

    Info-Tech Best Practice

    Provide guidance to your resources with examples on how to differentiate project work vs. non-project work, administrative vs. keep-the-lights-on work, what counts as interruptions, etc.

    Optimize your project portfolio to maintain continuous visibility into capacity

    Now that you have a realistic picture of your realized project capacity and demand amounts, it’s time to use these values to tailor and optimize your resource management practices.

    Based on desired outcomes for this phase, we have

    1. Determined the correct course of action to resolve your supply/demand imbalances.
    2. Assessed the overall project capacity of your portfolio.
    3. Cataloged sources of project and non-project demands.
    4. Performed a time audit to create an accurate and realistic picture of the time spent on different types of work.

    In the next phase, we will:

    1. Wireframe a resource management process.
    2. Choose a resource management tool.
    3. Define data collection, analysis, and reporting steps within a sustainable resource management process.

    The image is a screenshot from tab 6 of the Time Audit Workbook. The image shows two pie charts.

    The image is a screenshot from tab 6 of the Time Audit Workbook. The image shows a pie chart.

    Screenshots from tab 6 of the Time Audit Workbook.

    Info-Tech Insight

    The validity of traditional, rigorous resource planning has long been an illusion because the resource projections were typically not maintained. New realities such as faster project cycles, matrix organizations, and high-autonomy staff cultures have made the illusion impossible to maintain.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.2 Assess the current distribution of accountability for resource management practice

    Discuss who is currently accountable for various facets of resource management, and whether they have the right authority and ability to deliver on that accountability.

    1.2.1 Create realistic estimates of supply and demand using Info-Tech’s Supply-Demand Calculator

    Derive actionable, quantitative insight into the resourcing challenges facing the organization by using Info-Tech’s methodology that prioritizes completeness over precision.

    Phase 2

    Design a Realistic Resource Management Process

    Phase 2 Outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Draft a Resource Management Process

    Proposed Time to Completion (in weeks): 3-6 weeks

    Step 2.1: Determine the dimensions of resource management

    Start with an analyst kick-off call:

    • Introduce the seven dimensions of resource management
    • Trade-off between granularity and utility of data

    Then complete these activities…

    • Decide on the seven dimensions
    • Examine the strategy’s cost-of-use

    With these tools & templates:

    Resource Management Playbook

    Step 2.2: Support your process with a resource management tool

    Discuss with the analyst:

    • Inventory of available PPM tools
    • Overview of Portfolio Manager Lite 2017

    Then complete these activities…

    • Populate the tool with data
    • Explore portfolio data with the workbook’s output tabs

    With these tools & templates:

    • Portfolio Manager Lite
    • PPM Solution Vendor Demo Script
    Step 2.3: Build process steps

    Discuss with the analyst:

    • Common challenges of resource management practice
    • Recommendations for a pilot initiative

    Then complete these activities…

    • Review and customize contents of the Resource Management Playbook

    With these tools & templates:

    • Resource Management Playbook

    Phase 2 Results & Insights:

    Draft the resource management practice with sustainability in mind. It is about what you can and will maintain every week, even during a crisis: it is not about what you put together as a one-time snapshot. Once you stop maintaining resource data, it's nearly impossible to catch up.

    Step 2.1: Customize the seven dimensions of resource management

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:
    • Establish a default project vs. non-project work ratio
    • Decide the scope of allocation for your strategy
    • Set your allocation cadence
    • Limit the granularity of time allocation
    • Define the granularity of work assignment
    • Apply a forecast horizon
    • Determine the update frequency
    This step involves the following participants:
    • CIO / IT Director
    • PMO Director / Portfolio Manager
    • Functional / Resource Managers
    • Project Managers
    Outcomes of this step
    • Seven dimensions of resource management, chosen to fit the current needs and culture of the organization
    • Parameters for creating a resource management process (downstream)

    There is no one-size-fits-all resource management strategy

    Don’t get boxed into a canned solution that doesn’t make sense for your department’s maturity level and culture.

    Resource management strategies are commonly implemented “out-of-the-box,” via a commercial PPM or time-tracking tool, or an external third-party consultant in partnership with those types of tools.

    While these solutions and best practices have insights to offer – and provide admirable maturity targets – they often outstrip the near-term abilities of IT teams to successfully implement, adopt, and support them.

    Tailor an approach that makes sense for your department and organization. You don’t need complex and granular processes to get usable resourcing data; you just need to make sure that you’ve carved out a process that works in terms of providing data you can use.

    • In this step, we will walk you through Info-Tech’s seven dimensions of resource management to help wireframe your resource management process.
    • In the subsequent steps in this phase, we will develop these dimensions from a wireframe into a functioning process.

    Info-Tech Insight

    Put processes before tools. Most commercial PPM tools include a resource management function that was designed for hourly granularity. This is part of the fallacy of an old reality that was never real. Determine which goals are realistic and fit your solution to your problem.

    Wireframe a strategy that will work for your department using Info-Tech’s seven dimensions of resource management

    Action the decision points across Info-Tech’s seven dimensions to ensure your resource management process is guided by realistic data and process goals.

    In this step, we will walk you through the decision points in each dimension to determine the departmental specificities of your resource management strategy

    Default project vs. non-project ratio

    How much time is available for projects once non-project demands are factored in?

    Reporting frequency

    How often is the allocation data verified, reconciled, and reported for use?

    Forecast horizon

    How far into the future can you realistically predict resource supply?

    Scope of allocation

    To whom is time allocated?

    Allocation cadence

    How long is each allocation period?

    Granularity of time allocation

    What’s the smallest unit of time to allocate?

    Granularity of work assignment

    What is time allocated to?

    Info-Tech Best Practice

    Ensure that both the functional managers and the project managers participate in the following discussions. Without buy-in from both dimensions of the matrix organization, you will have difficulty making meaningful resource management data and process decisions.

    Establish your default project versus non-project work ratio

    2.1.1
    30 minutes

    Input

    • Completed Resource Management Supply-Demand Calculator

    Output

    • Default organizational P-NP ratio and role-specific P-NP ratios

    Materials

    • Resource Management Supply-Demand Calculator
    • Time Audit Workbook
    • Resource Management Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    How much time is available for projects once non-project demands are factored in?

    The default project vs. non-project work ratio (P-NP Ratio) is a starting point for functional and project managers to budget the work-hours at their disposal as well as for resources to split their time – if not directed otherwise by their managers.

    How to set this dimension. The Resource Management Supply-Demand Calculator from step 1.2 shows the current P-NP ratio for the department, and how the percentages translate into work-hours. The Time Audit Workbook from step 1.2 shows the ratio for specific roles.

    For the work of setting this dimension, you can choose to keep the current ratio from step 1.2 as your default, or choose a new ratio based on the advice below.

    • Discuss and decide how the supply-demand gap should be reconciled from the project side vs. the functional side.
      • Use the current organizational priority as a guide, and keep in mind that the default P-NP ratio is to be adjusted over time to respond to changing needs and priorities of the organization.
      • Once the organizational default P-NP ratio is chosen, defining role-specific ratios may be helpful. A help desk employee may spend only 10% of their time on project work, while an analyst may spend 80% of their time on project work.

    Decide the scope of allocation for your strategy

    2.1.2
    15-30 minutes

    Input

    • Current practices for assigning work and allocating time
    • Distribution of RM accountability (Activity 1.1.2)

    Output

    • Resource management scope of allocation

    Materials

    • RM Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    To whom is time allocated?

    Scope of allocation is the “who” of the equation. At the lowest and most detailed level, allocations are made to individual resources. At the highest and most abstract level, though, allocations can be made to a department. Other “whos” in scope of allocation can include teams, roles, or skills.

    How to set this dimension. Consider how much granularity is required for your overall project capacity visibility, and the process overhead you’re willing to commit to support this visibility. The more low-level and detailed the scope of allocation (e.g. skills or individuals) the more data maintenance required to keep it current.

    • Discuss and decide to whom time will be allocated for the purposes of resource management.
      • Recall your prior discussion from activity 1.1.2 on how accountabilities for resource management are distributed within your organization.
      • The benefit of allocating teams to projects is that it is much easier to avoid overallocation. When a team is overallocated, it is visible. Individual overallocations can go unnoticed.
      • Once you have mastered the art of keeping resource data current and accurate at a higher level (e.g. team), it can be easier move lower level and assign and track allocations in a per-role or per-person basis.

    Set your allocation cadence

    2.1.3
    15-30 minutes

    Input

    • Current practices for assigning work and allocating time
    • Scope of allocation (Activity 2.1.2)

    Output

    • Determination of temporal frames over which time will be allotted

    Materials

    • RM Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    How long is each allocation period?

    How long is each individual allocation period? In what “buckets of time” do you plan to spend time – week by week, month by month, or quarter by quarter? The typical allocation cadence is monthly; however, depending on the scope of allocation and the nature of work assigned, this cadence can differ.

    How to set this dimension. Allocation cadence can depend on a number of factors. For instance, if you’re allocating time to agile teams, the cadence would most naturally be bi-weekly; if work is assigned via programs, you might allocate time by quarters.

    • Discuss and decide the appropriate allocation cadence for the purposes of resource management. You could even be an environment that currently has different cadences for different teams. If so, it will be helpful to standardize a cadence for the purposes of centralized project portfolio resource management.
      • If the cadence is too short (e.g. days or weeks), it will require a dedicated effort to maintain the data.
      • If the cadence is too long (e.g. quarters or bi-annual), your resource management strategy could fail to produce actionable insight and lack the appropriate agility in being responsive to changes in direction.
      • Ultimately, your allocation cadence may be contingent upon the limitations of your resource management solution (see step 2.2).

    Limit the granularity of time allocation

    2.1.3
    15-30 minutes

    Input

    • Requirements for granularity of data
    • Resource management scope of allocation (Activity 2.1.2)

    Output

    • Determination of lowest level of granularity for time allocation

    Materials

    • RM Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    What’s the smallest unit of time that will be allocated?

    Granularity of time allocation refers to the smallest unit of time that can be allocated. You may not need to set firm limits on this, given that it could differ from PM to PM, and resource manager to resource manager. Nevertheless, it can be helpful to articulate an “as-low-as-you’ll-go” limit to help avoid getting too granular too soon in your data aspirations.

    How to set this dimension. At a high level, the granularity of allocation could be as high as a week. At its lowest level, it could be an hour. Other options include a full day (e.g. 8 hours), a half day (4 hours), or 2-hour increments.

    • Discuss and decide the appropriate granularity for all allocations in the new resource management practice.
      • As a guideline, granularity of allocation should be one order of magnitude smaller than the allocation cadence to provide enough precision for meaningfully dividing up each allocation cadence, without imposing an unreasonably rigorous expectation for resources to manage their time.
      • The purpose of codifying this dimension is to help provide a guideline for how granular allocations should be. Hourly granularity can be difficult to maintain, so (for instance) by setting a half-day granularity you can help avoid project managers and resource managers getting too granular.

    Define the granularity of work assignments

    2.1.4
    15-30 minutes

    Input

    • Requirements for granularity of work assignment
    • Resource management scope of allocation (Activity 2.1.2)

    Output

    • Determination of work assignment

    Materials

    • RM Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    To what is time allocated?

    Determine a realistic granularity for your allocation. This is the “what” of the equation: what your resources are working on or the size of work for which allocations are managed.

    How to set this dimension. A high level granularity of work assignment would assign an entire program, a mid-level scope would involve allocating a project or a phase of a project, and a low level, rigorous scope would involve allocating an individual task.

    • Discuss and decide the appropriate granularity for all work assignments in the new resource management strategy.
      • The higher granularity that is assigned, the more difficult it becomes to maintain the data. However, assigning at program level might not lead to useful, practical data.
      • Begin by allocating to projects to help you mature your organization, and once you have mastered data maintenance at this level, you can move on to a more granular work assignment.
        • If you are at a maturity level of 1 or 2, Info-Tech recommends beginning by assigning by project. If you are at a maturity level 3-4, it may be time to start allocating by phase or task.

    Apply a forecast horizon

    2.1.5
    15-30 minutes

    Input

    • Current practices for work planning, capacity forecasting
    • Allocation scope, cadence, and granularity (Activities 2.1.2-4)

    Output

    • Resource management forecast horizon

    Materials

    • RM Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    How far into the future can you realistically predict resource supply?

    Determine a realistic forecasting horizon for your allocation. At this point you have decided “what” “who” is working on and how frequently this will be updated. Now it is time to decide how far resource needs will be forecasted, e.g. “what will this person be working on in 3 months?”

    How to set this dimension. A high-level forecast horizon would only look forward week-to-week, with little consideration of the long-term future. A mid-level forecast would involve predicting one quarter in advance and a low-level, rigorous scope would involve forecasting one or more years in advance.

    • Discuss and decide the appropriate forecast horizon that will apply to all allocations in the new resource management practice. It’s important that your forecast horizon helps to foster accurate data. If you can’t ensure data accuracy for a set period, make your forecast horizon shorter.
      • If you are at a maturity level of 1 or 2, Info-Tech recommends forecasting one month in advance.
      • If you are already at level 3-4 on the resource management maturity model, Info-Tech recommends forecasting one quarter to one year in advance.

    See the diagram below for further explanation

    2.1.5 Forecast horizon diagram

    Between today and the forecast horizon (“forecast window”), all stakeholders in resource management commit to reasonable accuracy of data. The aim is to create a reliable data set that can be used to determine true resource capacity, as well as the available resource capacity to meet unplanned, urgent demands.

    The image shows a Forecast horizon diagram, with Time on the x-axis and Data completeness on the Y-axis. The time between today and the forecast horizon is labelled as the forecast window. there is a line which descends in small degrees until the Forecast Horizon point, where the line is labelled Reasonable level of completeness.

    The image shows a chart that lines up with the sections before and after the Forecast Horizon. In the accuracy row, Data is accurate before the forecast horizon and a rough estimate after. In the planning row, before the horizon is reliable for planning, and can inform high-level planning after the horizon. In the free capacity row, before the horizon, it can be committed to urgent demands, and after the horizon, negotiate for capacity.

    Info-Tech Insight

    Ensure data accuracy. It is important to note that forecasting a year in advance does not necessarily make your organization more mature, unless you can actually rely on these estimates and use them. It is important to only forecast as far in advance as you can accurately predict.

    Determine the update frequency

    2.1.6
    30 minutes

    Input

    • Current practices for work planning, capacity reporting
    • Current practices for project intake, prioritization, and approval
    • RM core dimensions (Activities 2.1.1)

    Output

    • Resource management update frequency

    Materials

    • RM Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    How often is the allocation data verified, reconciled, and reported for use?

    How often will you reconcile and rebalance your allocations? Your update frequency will determine this. It is very much the heartbeat of resource management, dictating how often reports on allocations will be updated and published for stakeholders’ consumption.

    How to set this dimension. Determine a realistic frequency with which to update project reports. This will be how you determine who is working on what during each measurement period.

    • Discuss and decide how often the supply-demand gap should be reconciled from the project side vs. the functional side.
      • Keep in mind that the more frequent the reporting period, the more time must go into data maintenance. A monthly frequency requires maintenance at the end of the month, while weekly requires it at the end of each week.
      • Also think about how accurately you can maintain the data. Having a quarterly update frequency may require less maintenance time than monthly, but this information may not stay up to date in between these long stretches.
      • Reports generated at each update frequency should both inform resources on what to work on, what not to work on, and how to prioritize tasks if something unexpected comes up, as well as the steering committee, to help inform project approval decisions.

    Finalize the dimensions for your provisional resource management process

    2.1.7
    10 minutes

    Input

    • 7 core dimensions of resource management (Activities 2.1.1-6)

    Output

    • Provisional resource management strategy

    Materials

    • Resource Management Playbook

    Participants

    • CIO
    • PMO Director
    • Project Managers
    • Resource Managers

    Document the outputs from the preceding seven activities. These determinations will form the foundation of your resource management strategy, which we will go on to define in more detail in the subsequent steps of this phase.

    • Keep in mind, at this stage your dimensions are provisional and subject to change, pending the outcomes of steps 2.2 and 2.3.
    RM Core Dimensions Decision
    Default P-NP ratio 40%-60$ + exception by roles
    Scope of allocation Individual resource
    Allocation cadence Monthly
    Granularity of time allocation 4 hours
    Granularity of work assignment Projects
    Forecast horizon 3 months
    Reporting frequency Twice a month

    Document these dimensions in Section 1.1 of Info-Tech’s Resource Management Playbook. We will be further customizing this template in steps 2.3 and 3.1.

    Step 2.2: Determine the resource management tool that will best support your process

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:

    • Consider the pros and cons of commercial tools vs. spreadsheets as a resource management tool
    • Review the PPM Solution Vendor Demo Script to ensure your investment in a commercial tool meets your resource management needs
    • Jump-start spreadsheet-based resource management with Portfolio Manager Lite

    This step involves the following participants:

    • PMO Director / Portfolio Manager
    • Functional / Resource Managers
    • Project Managers

    Outcomes of this step

    • Choice of tool to support the resource management process
    • Examination of the commercial tool’s ability to support the resource management process chosen
    • Set-up and initial use of Portfolio Manager Lite for a spreadsheet-based resource management solution

    Effective resource management practices require an effective resource management tool

    The discipline of resource management has largely become inextricable from the tools that help support it. Ensure that you choose the right tool for your environment.

    Resource management depends on the flow of information and data from the project level up to functional managers, project managers, and beyond.

    Tools are required to help facilitate this flow, and the project portfolio management landscape is littered with endless time-tracking and capacity management options.

    These options can each have their merits and their drawbacks. The success of implementing a resource management strategy very much hinges upon weighing these, and then choosing the right solution for your project eco-system.

    • This first part of this step will help you assess the tool landscape and make the right choice to help support your resource management practices.
    • In the second part of this step, we’ll take a deep-dive into Info-Tech’s Excel-based resource management solution. If you are implementing our solution, these sections will help you understand and set up the tool.

    Info-Tech Insight

    Establish a book of record. While it is possible to succeed using ad hoc tools and data sources, a centralized repository for capacity data works best. Your tool choice should help establish a capacity book of record to help ensure ongoing reconciliation of supply and demand at the portfolio level.

    Get to know your resource management tool options

    At a high level, those looking for a resource management solution have two broad options: a commercial project portfolio management (PPM) or time-tracking software on the one hand, and a spreadsheet-based tool, like Google Sheets or Excel, on the other.

    Obviously, if your team or department already has access to a PPM or time-tracking software, it makes sense to continue using this, as long as it will accommodate the process that was wireframed in the previous step.

    Otherwise, pursue the tool option that makes the most sense given both the strategy that you’ve wireframed and other organizational factors. See the table below and the next section for guidance.

    If you’re planning on doing resource allocation by hand, you’re not going to get very far.”

    Rachel Burger

    Commercial Solutions Spreadsheet-Based Solutions
    Description
    • These highly powerful solutions are purchased from a software/service provider.
    • These can be as simple as a list of current projects on a spreadsheet or a more advanced solution with resource capacity analysis.
    Pros
    • Extraordinary function
    • Potential for automated roll-ups
    • Collaboration functionality
    • Easy to deploy: high process maturity or organization-wide adoption not required.
    • Lower cost-in-use – in many cases, they are free.
    • Highly customizable.
    Cons
    • High process maturity required
    • High cost-in-use
    • Generally expensive to customize
    • Comprehensive, continual, and organization-wide adoption required
    • Easy to break.
    • Typically, they require a centralized deployment with a single administrator responsible for data entry.

    Option A: When pursuing commercial options, don’t bite off more functionality than your people can sustain

    While commercial options offer the most robust functionality for automation, collaboration, and reporting, they are also costly, difficult to implement, and onerous to sustain over the long run.

    It’s not uncommon for organizations to sink vast amounts of money into commercial PPM tools, year after year, and never actually get any usable resource or forecasting data from these tools.

    The reasons for this can vary, but in many cases it is because organizations mistake a tool for a PPM or a resource management strategy.

    A tool is no substitute for having a clearly defined process that staff can support. Be aware of these two factors before investing in a commercial tool:

    • Visibility cannot be automated. It is not uncommon for CIOs to believe that because they’ve invested in a tool, they have an automated portfolio that enables them to sit back and wait for the data to roll in. With many tools, the challenge is that the calculations driving the rollups have become increasingly unsustainable and irrelevant in our high-autonomy staff cultures and interruption-driven work days.
    • Information does not equal knowledge. While commercial tools have robust reporting features, the data outputs can lead to information overload – and, subsequently, disinterest – unless they are curated and filtered to suit your executive’s needs and expectations.

    47%
    Of those companies using automated software to assist in resource management, almost half report that those systems failed to accurately calculate resource forecasts.

    PM Solutions

    Info-Tech Insight

    Put process sustainability before enhanced tool functionality.

    Ensure that you have sustainable processes in place before investing in an expensive commercial tool. Your tool selection should help facilitate capability-matched processes and serve user adoption.

    Trying to establish processes around a tool with a functionality that exceeds your process maturity is a recipe for failure.

    Before jumping into a commercial tool, consider some basic parameters for your selection

    Use the table below as a starting point to help ensure you are pursuing a resource management tool that is right for your organization’s size and process maturity level.

    Tool Category Characteristics # of Users PPM Maturity Sample Vendors
    Enterprise tools
    • Higher professional services requirements for enterprise deployment
    • Larger reference customers
    1,000> High
    • MS Project Server
    • Oracle Primavera
    • Planisware
    Mid-market tools
    • Lower expectation of professional services engaged in initial deployment contract
    • Fewer globally recognizable reference clients
    • Faster deployments
    100> Intermediate-to-High
    • Workfront
    • Project Insight
    • Innotas
    Entry-level tools
    • Lower cost than mid-market and enterprise PPM tools
    • Limited configurability, reporting, and resource management functionalities
    • Compelling solutions to the organizations that want to get a fast start to a trial deployment
    <100 Low-to-Intermediate
    • 5PM
    • AceProject
    • Liquid Planner

    For a more in-depth treatment of choosing and implementing a commercial PPM tool to assist with your resource management practice, see Info-Tech’s blueprint, Select and Implement a PPM Solution.

    Use Info-Tech’s PPM Solution Vendor Demo Script to help ensure you get the functionality you need

    PPM Solution Vendor Demo Script (optional)

    To ensure your investment in a commercial tool meets your resource management needs, use Info-Tech’s PPM Solution Vendor Demo Script to structure your tool demos and interactions with vendors.

    For instance, some important scenarios to consider when looking at potential tools include:

    • How are overallocation and underallocation situations identified and reconciled in the solution?
    • How are users motivated to maintain their own timesheets (beyond simply being mandated as part of their job); how does the solution and timesheet functionality help team members do their job?
    • How will portfolio-level reports remain useful and accurate despite “zero-adoption” scenarios, in which some or all teams do not actively maintain task and timesheet data?

    Any deficiencies in answering these types of questions should alert you to the fact that a potential solution may not adequately meet the needs of your resource management strategy.

    Download Info-Tech’s PPM Solution Vendor Demo Script

    "[H]ow (are PPM solutions) performing in a matrix organization? Well, there are gaps. There will be employees who do not submit timesheets, who share their time between project and operational activities, and whose reporting relationships do not fit neatly into the PPM database structure. This creates exceptions in the PPM application, and you may just have the perfect solution to a small subset of your problems." – Vilmos Rajda

    Option B: When managing resourcing via spreadsheets, you don’t have to feel like you’re settling for the lesser option

    Spreadsheets can provide a viable alternative for organizations not ready to invest in an expensive tool or for those not getting what they need from their commercial selections.

    When it comes to resource management at a portfolio level, spreadsheets can be just as effective as commercial tools for facilitating the flow of accurate and maintainable resourcing data and for communicating resource usage and availability.

    Some of the benefits of spreadsheets over commercials tools include:

    • They are easy to set up and deploy. High process maturity or organization-wide user adoption are not required.
    • They have a low cost-in-use. In the case of Excel, the tool itself comes at no additional cost.
    • They are highly customizable. No development time/costs are required to tweak the solution to suit your needs.

    To be clear: spreadsheets have their drawbacks (for instance, they are easy to break, require a centralized data administrator, and are yours and yours alone to maintain). If your department has the budget and the process maturity to support a commercial tool, you should pursue the options covered in the previous sections.

    However, if you are looking for a viable alternative to an expensive tool, spreadsheets have the ability to support a rigorous resource management practice.

    "Because we already have enterprise licensing for an expensive commercial tool, everyone else thinks it’s logical to start there. I think we’re going to start with something quick and dirty like Excel." – EPMO Director, Law Enforcement Services

    Info-Tech Insight

    Make the choice to ensure adoption.

    When making your selection, the most important consideration across all the solution categories is data maintenance. You must be assured that you and your team can maintain the data.

    As soon as your portfolio data becomes inconsistent and unreliable, decision makers will lose trust in your resource data, and the authority of your resource management strategy will become very tenuous.

    While spreadsheets offer a viable resource management option, not all spreadsheets are created equal

    Lean on Info-Tech’s experience and expertise to get up and running quickly with a superior resource management Excel-based tool: Portfolio Manager Lite 2017.

    Spreadsheets are the most common PPM tool – and it’s not hard to understand why: they can be created with minimal cost and effort.

    But when something is easy to do, it’s important to keep in mind that it’s also easy to do badly. As James Kwak says in his article, “The Importance of Excel,” “The biggest problem is that anyone can create Excel Spreadsheets—badly.”

    • Info-Tech’s Portfolio Manager Lite 2017 offers an antidote to the deficiencies that can haunt home-grown resource management tools.
    • As an easy-to-deploy, highly evolved spreadsheet-based option, Portfolio Manager Lite enables you to mature your resource management processes, and provide effective resource visibility without the costly upfront investment.

    Download Info-Tech’s Portfolio Manager Lite 2017

    Info-Tech Insight

    Balance functionality and adoption. Clients often find it difficult to gain adoption with commercial tools. Though homegrown solutions may have less functionality, the higher adoption level can make up for this and also potentially save your organization thousands a year in licensing fees.

    Determine your resource management solution and revisit your seven dimensions of resource management

    2.2.1
    Times will vary

    Participants

    • PMO Director

    Based on input from the previous slides, determine the resource management solution option you will pursue and implement to help support your resource management strategy. Record this selection in section 1.2 of the Resource Management Playbook.

    • You may need to revisit the decisions made in step 2.1 to consider if the default values for your seven core dimensions of resource management are still sound. Keep these current and relevant as you become more familiar with your resource management solution.
    RM Core Dimensions Default Value
    Default P-NP ratio Role-specific
    Scope of allocation Individual resource
    Allocation cadence Monthly
    Granularity of allocation (not defined)
    Granularity of work assignment Project
    Forecast horizon 6 months
    Reporting frequency (not defined)

    Portfolio Manager Lite has comprehensive sample data to help you understand its functions.

    As you can see in this table, the tool itself assumes five of the seven resource management core dimensions. You will need to determine departmental values for granularity of allocation and reporting frequency. The other dimensions are determined by the tool.

    If you’re piloting Info-Tech’s Portfolio Manager Lite, review the subsequent slides in this step before proceeding to step 2.3. If you are not piloting Portfolio Manager Lite, proceed directly to step 2.3.

    Overview of Portfolio Manager Lite

    Portfolio Manager Lite has two set-up tabs, three data entry tabs, and six output-only tabs. The next 15 slides show how to use them. To use this tool, you need Excel 2013 or 2016. If you’re using Excel 2013, you must download and install Microsoft Power Query version 2.64 or later, available for download from Microsoft.

    The image shows an overview of the Portfolio Manager Lite tool. It shows the Input and Data Tabs on the left, and output tabs on the right. The middle of the graphic includes guidance to ensure that you refresh the outputs after each data entry, by using the Refresh All button

    Observe “table manners” to maintain table integrity and prevent Portfolio Manager Lite malfunctions

    Excel tables enable you to manage and analyze a group of related data. Since Portfolio Manager Lite uses tables extensively, maintaining the table’s integrity is critical. Here are some things to know for working with Excel tables.

    Do not leave empty rows at the end.

    Adjust the sizing handle to eliminate empty rows.

    Always paste values.

    Default pasting behavior can interrupt formula references and introduce unwanted external links. Always right-click and select Paste Values.

    Correctly add/remove rows within a table.

    Do not use row headings; instead, always right-click inside a table to manipulate table rows.

    Set up Portfolio Manager Lite

    2.2.1
    Portfolio Manager Lite, Tab 2a: Org Setup

    The Org Setup tab is divided into two sections, Resources and Projects. Each section contains several categories to group your resources and projects. Items listed under each category will be available via drop-down lists in the data tabs.

    These categorizations will be used later to “slice” your resource allocation data. For example, you’ll be able to visualize the resource allocations for each team, for each division, or for each role.

    The image shows a screenshot of Tab 2a, with sample information filled in.

    1. Role and Default Non-Project Ratio columns: From the Supply-Demand Calculator, copy the list of roles, and how much of each role’s time is spent on non-projects by default (see below; add the values marked with yellow arrows).

    2. Resource Type column: List the type of resource you have available.

    3. Team and Skill columns: List the teams, and skills for your resources.

    In the Resources tab, items in drop-down lists will appear in the same order as shown here. Sort them to make things easy to find.

    Do not delete tables you won’t use. Instead, leave or hide tables.

    Set up Portfolio Manager Lite (continued)

    2.2.1
    Portfolio Manager Lite, Tab 2a: Org Setup

    The projects section of the Org Setup tab contains several categories for entering project data. Items listed under each category will be available via drop-down lists in the Projects tab. These categorizations will be used later to analyze how your resources are allocated.

    The image shows the projects sections of Tab 2a.

    1. Project Type: Enter the names of project types, in which projects will be grouped. All projects must belong to a type. Examples of types may include sub-portfolios or programs.

    2. Project Category: Enter the names of project categories, in which projects will be grouped. Unlike types, category is an optional grouping.

    3. Phase: Enter the project phases. Ensure that your phases list has “In Progress” and “Complete” options. They are needed for the portfolio-wide Gantt chart (the Gantt tab).

    4. Priority and Status: Define the choices for project priorities and statuses if necessary (optional).

    5. Unused: An extra column with predefined choices is left for customization (optional).

    Set up Portfolio Manager Lite (continued)

    2.2.1
    Portfolio Manager Lite, Tab 2b: Calendar Setup

    Portfolio Manager Lite is set up for a monthly allocation cadence out of the box. Use this tab to set up the start date, the default resource potential capacity, and the months to include in your reports.

    The image shows fields in the calendar set-up section of Tab 2a, with a Start Date and Hours Assumed per day.

    1. Enter a start date for the calendar, e.g. start of your fiscal or calendar year.

    2. Enter how many hours are assumed in a working day. It is used to calculate the default maximum available hours in a month.

    The image shows the Calendar section of tab 2a, with sample information filled in.

    Maximum Available Hours, Weekdays, and Business Days are automatically generated.

    The current month is highlighted in green.

    3. Enter the number of holidays to correct the number of business days for each month.

    Year to Date Reporting and Forecast Reporting ranges are controlled by this table. Use the period above Maximum Available Hours.

    The image shows the Year-to-Date and Forecast Reporting sections.

    Info-Tech Best Practice

    Both Portfolio Manager Lite and Portfolio Manager 2017 can be customized for non-monthly resource allocation. Speak to an Info-Tech analyst to ask for more information.

    Enter resource information and their total capacity

    2.2.2
    Portfolio Manager Lite, Tab 3: Resources

    Portfolio Manager Lite is set up for allocating time to individual resources out of the box. Information on these resources is entered in the Resources tab. It has four sections, arranged horizontally.

    1. Enter basic information on your resources. Resource type, team, role, and skill will be used to help you analyze your resource data.

    The image shows a screenshot of the Resources tab with sample information filled in.

    Ensure that the resource names are unique.

    Sort or filter the table using the filter button in the header row.

    2. Their total capacity in work-hours is automatically calculated for each month, using the default numbers from the Calendar Setup tab. If necessary, overwrite the formula and enter in custom values.

    The image shows a screenshot of the total capacity in work-hours, with sample info filled in.

    Cells with less than 120 hours are highlighted in blue.

    Do not add or delete any columns, or modify this header row.

    Enter out-of-office time and non-project time for your resources

    2.2.2
    Portfolio Manager Lite, Tab 3: Resources

    3. Enter the resources’ out-of-office time for each month, as they are reported.

    The image shows the Absence (hours) section, with sample information filled in.

    Do not add or delete any columns, or modify the header row, below the dates.

    4. Resources’ percentages of time spent on non-projects are automatically calculated, based on their roles’ default P-NP ratios. If necessary, overwrite the formula and enter in custom values.

    The image shows the Non-Project Ratio section, with sample information filled in.

    Do not add or delete any columns, or modify the header row, below the dates.

    Populate your project records

    2.2.3
    Portfolio Manager Lite, Tab 4: Projects

    Portfolio Manager Lite is set up for allocating time to projects out of the box. Information on these projects is entered in the Projects tab.

    1. Enter project names and some basic information. These fields are mandatory.

    The image shows the section for filling in project names and basic information in the Projects tab. The image shows the table with sample information.

    Ensure that the project names are unique.

    Do not modify or change the headers of the first seven columns. Do not add to or delete these columns.

    2. Continue entering more information about projects. These fields are optional and can be customized.

    The image shows a section of the Projects tab, where you fill in more information.

    Headers of these columns can be changed. Extra columns can be added to the right of the Status column if desired. However, Info-Tech strongly recommends that you speak to an Info-Tech analyst before customizing.

    The Project Category, Phase, and Priority fields are entered using drop-down lists from the Org Setup tab.

    Allocate your resource project capacity to projects

    2.2.4
    Portfolio Manager Lite, Tab 5: Allocations

    Project capacity for each resource is calculated as follows, using the data from the Resources tab:

    Project capacity = (total project capacity – absence) x (100% – non-project%)

    In the Allocations tab, project capacity is allocated in percentages with 100% representing the allocation of all available project time of a resource to a project.

    This allocation-by-percentage model has some advantages and drawbacks:

    Advantages

    • Allocating all available project capacity to project is straightforward
    • Easy for project managers to coordinate with each other (e.g. “Jon’s project time will be split 50%-50% between two projects” = enter 50% allocation to each project)

    Drawbacks

    • How many hours is represented by a percentage of someone’s capacity is unclear
    • Must check whether enough work-hours are allocated for what’s needed (e.g. “Deliverable A needs 20 hours of work from Jon in November. Is 50% of his project capacity enough?”)

    The Allocations tab has a few features to help you mitigate these disadvantages.

    Info-Tech Best Practice

    For organizations with lower resource management practice maturity, start with percentages. In Portfolio Manager 2017, allocations are entered in work-hours to avoid the above drawbacks altogether, but this may require a higher practice maturity.

    Enter your resource project capacity allocations

    2.2.4
    Portfolio Manager Lite, Tab 5: Allocations

    A line item in the Allocations tab requires three pieces of information: a project, a resource, and the percentage of project capacity for each month.

    The image shows a screenshot from the Allocations tab, with sample information filled in.

    1. Choose a project. Type, Start date, and End date are automatically displayed.

    2. Choose a resource. Team is automatically displayed.

    This image is another screenshot of the Allocations tab, showing the section with dates, with sample information filled in.

    3. Enter the resource’s allocated hours for the project in percentages.

    Built-in functions in the Allocations tab display helpful information for balancing project supply and demand

    2.2.4
    Portfolio Manager Lite, Tab 5: Allocations

    The Allocations tab helps you preview the available project capacity of a resource, as well as the work-hours represented by each allocation line item, to mitigate the drawbacks of percentage allocations.

    In addition, overallocations (allocations for a given month add up to over 100%) are highlighted in red. These functions help resource managers balance the project supply and demand.

    The image shows a screenshot of the Allocations tab, with sample information filled in.

    To preview a resource’s project capacity in work-hours, choose a resource using a drop down. The resource’s available project capacity for each month is displayed to the right.

    Sort or filter the table using the filter button in the header row. Here, the Time table is sorted by Resource.

    The total work-hours for each line item is shown in the Hours column. Here, 25% of Bethel’s project capacity for 4 months adds up to only 16 work-hours for this project.

    A resource is overallocated when project capacity allocations add up to more than 100% for a given month. Overallocations are highlighted in red.

    Get the timeline of your project portfolio with the Gantt chart tab

    2.2.5
    Portfolio Manager Lite, Tab 6: Gantt

    The Gantt tab is a pivot-table-driven chart that graphically represents the start and end dates of projects and their project statuses.

    The image shows a screenshot of the Gantt tab, with sample information filled in.

    Filter entries by project type above the chart.

    The current month (9-17) is highlighted.

    You can filter and sort entries by project name, sponsor, or project manager.

    In progress (under Phase column) projects show the color of their overall status.

    Projects that are neither completed nor in progress are shown in grey.

    Completed (under Phase column) projects are displayed as black.

    Get a bird’s-eye view of your available project capacity with the Resource Load tab

    2.2.6
    Portfolio Manager Lite, Tab 7: Resource Load

    The Resource Load tab is a PivotTable showing the available project capacity for each resource.

    The image is a screenshot of the Resource Load tab, with sample information filled in.

    Change the thresholds for indicating project overallocation at the top right.

    You can filter and sort entries by resource or role.

    Values in yellow and red highlight overallocation.

    Values in green indicate resource availability.

    This table provides a bird’s-eye view of all available project capacity. Highlights for overallocated resources yield a simple heat map that indicates resourcing conflicts that need attention.

    The next two tabs contain graphical dashboards of available capacity.

    Tip: Add more resource information by dragging a column name into the Rows box in the PivotTable field view pane.

    Example: add the Team column by dragging it into the Rows box

    The image shows a screenshot demonstrating that you can add a Team column.

    Analyze your resource allocation landscape with the Capacity Slicer tab

    2.2.7
    Portfolio Manager Lite, Tab 8: Capacity Slicer

    The Capacity Slicer tab is a set of pivot charts showing the distribution of resource allocation and how they compare against the potential capacity.

    The image shows a collection of 5 graphs and charts, showing the distribution of resource allocation, and compared against potential capacity.

    At the top left of each chart, you can turn Forecast Reporting on (true) or off (false). For Year to Date reporting, replace Forecast with YTD in the Field View pane’s Filter field.

    In the Allocated Capacity, in % chart, capacity is shown as a % of total available capacity. Exceeding 100% indicates overallocation.

    In the Realized Project Capacity, in hours chart, the vertical axis is in work-hours. This gap between allocation and capacity represents available project capacity.

    The bottom plots show how allocated project capacity is distributed. If the boxes are empty, no allocation data is available.

    Use the Team slicer to drill down on resource capacity and allocation by groups of resources

    2.2.7
    Portfolio Manager Lite, Tab 8: Capacity Slicer

    A slicer filters the data shown in a PivotTable, a PivotChart, or other slicers. In this tab, the team slicer enables you to view resource capacity and allocation by each team or for multiple teams.

    The image shows a sample graph.

    The button next to the Team header enables multiple selection.

    The next button to the right clears the filter set by this slicer.

    All teams with capacity or allocation data are listed in the slicers.

    For example, if you select "App Dev":

    The image shows the same graph as previously shown, but this time with only App Dev selected in the left-hand column.

    The vertical axis scales automatically for filtered data.

    The capacity and allocation data for all application division teams is shown.

    Resources not in the App Dev team are filtered out.

    Drill down on individual-level resource allocation and demand with the Capacity Locator tab

    2.2.8
    Portfolio Manager Lite, Tab 9: Capacity Locator

    The Capacity Locator tab is a group of PivotCharts with multiple slicers to view available project capacity.

    For example: click on “Developer” under Role:

    The image shows the list of slicers available using the Capacity Locator tab.

    The image shows a series of graphs produced in the Capacity Locator tab.

    Primary skills of all developers are displayed on the left in the Primary Skill column. You can choose a skill to narrow down the list of resources from all developers to all developers with that skill.

    The selected resources are shown in the Resources column. Data on the right pertains to these resources.

    • The top left graph shows the average available project capacity for all selected resources.
    • The top right graph shows the sum of all available capacity from all selected resources.
    • In the lower left graph, pay attention to available total capacity, as selected resources may have significant non-project demands.
    • The lower right graph shows the number of assigned projects. Control the number of concurrent projects to reduce the need for multitasking and optimize your resource use.

    Where you see the filter button with an x, you can clear the filter imposed by this slicer.

    Check how your projects are resourced with the Project Viewer tab

    2.2.9
    Portfolio Manager Lite
    , Tab 10: Project Viewer

    The Project Viewer tab is a set of PivotCharts with multiple slicers to view how resources are allocated to different projects.

    The image shows a screenshot of the Project Viewer tab, with a bar graph at the top, filter selections at the bottom left, and four pie charts at the bottom right.

    Filtering by sponsor or project manager is useful for examining a group of projects by accountability (sponsor) or responsibility (project manager).

    The graphs show how project budgets are distributed across different categories and priorities of projects, and how resource allocations are distributed across different categories and priorities of projects.

    Report on your project portfolio status with the Project Updates tab

    2.2.10
    Portfolio Manager Lite
    , Tab 11: Project Updates

    The Project Updates tab is a PivotTable showing various fields from the Projects table to rapidly generate a portfolio-wide status report. You can add or remove fields from the Projects table using the PivotTable’s Field View pane.

    The image shows a screenshot of a large table, which is the Project Updates tab. A selection is open, showing how you can filter entries.

    Filter entries by phase. The screenshot shows an expansion of this drop down at the top left.

    Rearrange the columns by first clicking just below the header to select all cells in the column, and then dragging it to the desired position. Alternatively, arrange them in the Field View pane.

    Tools and other requirements needed to complete the resource management strategy

    2.2.11
    10 minutes

    • Recommended: If you are below a level 4 on Info-Tech’s resource management maturity scale, use Info-Tech’s Portfolio Manager Lite to start.
    • Use a commercial PPM tool if you already have one in use and feel that you can accurately maintain the data in this tool.
    • Use this chart to estimate the amount of time it will take to accurately maintain the data for each reporting period.
      • Determine who will be responsible for this maintenance.
      • If there is no one currently available to maintain the data, allocate time for someone or you may even need a portfolio analyst.
      • We will confirm roles and responsibilities in phase 3.
    Maturity Level Dimensions Time needed per month
    Small (1-25 employees) Medium (25-75) Large (75-100) Enterprise (100+)
    1-2 %, team, project, monthly update, 1 month forecast 2 hours 6 hours 20 hours 50 hours
    3-4 %, person, phase, weekly update, 1 quarter forecast 4 hours 12 hours 50 hours 150 hours
    5 %, person, task, continuous update, 1 year forecast 8+ hours 20+ hours 100+ hours 400+ hours

    See also: Grow Your Own PPM Solution with Info-Tech’s Portfolio Manager 2017

    Join hundreds of Info-Tech clients who are successfully growing their own PPM solution.

    If you are looking for a more robust resource management solution, or prefer to allocate staff time in hours rather than percentages, see Info-Tech’s Portfolio Manager 2017.

    Similar to Portfolio Manager Lite, Portfolio Manager 2017 is a Microsoft Excel-based PPM solution that provides project visibility, forecasting, historical insight, and portfolio analytics capabilities for your PMO without a large upfront investment for a commercial solution.

    Watch Info-Tech’s Portfolio Manager 2017 Video – Introduction and Demonstration.

    System Requirements

    To use all functions of Portfolio Manager 2017, you need Excel 2013 or Excel 2016 running on Windows, with the following add-ins:

    • Power Query (Excel 2013 only)
    • Power Pivot
    • Power View

    Power View is only available on select editions of Excel 2013 and 2016, but you can still use Portfolio Manager 2017 without Power View.

    If you are unsure, speak to your IT help desk or an Info-Tech analyst for help.

    For a new PMO, start with the new reality

    CASE STUDY

    Industry Law Enforcement

    Source Info-Tech Client

    Because we already have enterprise licensing for an expensive commercial tool, everyone else thinks it’s logical to start there. I think we’re going to start with something quick and dirty like Excel.” – EPMO Director, Law Enforcement Services

    Situation

    • This was an enterprise PMO, but with relatively low organizational maturity.
    • The IT department had relatively high project management maturity, but the enterprise was under-evolved at the portfolio level.
    • Other areas of the organization already had licensing and deployment of a top-tier commercial PPM tool.
    • There were no examples of a resource management practice.

    Complication

    • There was executive visibility on larger and more strategic projects.
    • There were no constraints on the use of resources for smaller projects.
    • The PMO was generally expected to provide project governance with their limited resources.
    • The organization lacked an understanding of the difference between project and portfolio management. Consequently, it was difficult to create resource management practices at the portfolio level due to a lack of resourcing.

    Resolution

    • The organization deferred the implementation of the commercial PPM tool.
    • They added high-level resource management using spreadsheets.
    • Executive focus was reoriented around overall resource capacity as the principle constraint for project approvals.
    • They introduced deeper levels of planning granularity over time.
    • When the planning granularity gets down to the task level, they move toward the commercial solution.

    Step 2.3: Build process steps to ensure data accuracy and sustainability

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:
    • Draft a high-level resource management workflow
    • Build on the workflow to determine how data will be collected at each step, and who will support the process
    • Document your provisional resource management process
    This step involves the following participants:
    • PMO Director / Portfolio Manager
    • Functional / Resource Managers
    • Project Managers
    Outcomes of this step
    • A high-level resource management workflow, customized from Info-Tech’s sample workflow
    • Process for collecting resource supply data for each reporting period
    • Process for capturing the project demand within each reporting period
    • Process for identifying and documenting resource constraints and issues for each reporting period
    • Standard protocol for resolving resource issues within each reporting period
    • Process for finalizing and communicating resource allocations for the forecast window
    • A customized Resource Management Playbook, documenting the standard operating procedure for the processes

    Make sustainability the goal of your resource management practices

    A resource management process is doing more harm than good if it doesn’t facilitate the flow of accurate and usable data week after week, month after month, year after year.

    When resource management strategies fail, it can typically be tied back to the same culprit: unrealistic expectations from the outset.

    If a resource management process strives for a level of data precision that staff cannot juggle day to day, over the long run, then things will eventually fall apart as staff and decision makers alike lose faith in the data and the relevancy of the process.

    Two things can be done to help avoid this fate:

    1. Strive for accuracy over precision. If your department’s process maturity is low, and staff are ping-ponged from task to task, fire to fire, throughout any given day, then striving for precise data is ill advised. Keep your granularity of allocation more high level, and strive for data that is “maintainably” accurate rather than “unmaintainably” precise.
    2. Keep the process simple. Use the advice in this step to develop a sustainable process, one that is easy to follow with clearly defined responsibilities and accountabilities at each step.

    Info-Tech Insight

    It's not about what you put together as a one-time snapshot. It's about what you can and will maintain every week, even during a crisis. When you stop maintaining resource management data, it’s nearly impossible to catch up and you’re usually forced to start fresh.

    Maintain reliable resourcing data with an easy-to-follow, repeatable process

    Info-Tech recommends following a simple five-step process for resource management.

    1. Collect resource supply data

    • Resources
    • Resource Managers

    2. Collect project demand data

    • Resource Managers
    • Project Managers
    • PMO

    3. Identify sources of supply/demand imbalance

    • PMO

    4. Resolve conflicts and balance project and non-project allocations

    • Resource Managers
    • Project Managers
    • PMO
    • Steering Committee, CIO, other executives

    5. Approve allocations for forecast window

    • PMO
    • Steering Committee, CIO, other executives

    This is a sample workflow with sample roles and responsibilities. This step will help you customize the appropriate steps for your department.

    Info-Tech Insight

    This process aims to control the resource supply to meet the demand – project and non-project alike. Coordinate this process with other portfolio management processes, ensuring that up-to-date resource data is available for project approval, portfolio reporting, closure, etc.

    Draft your own high-level resource management workflow

    2.3.1
    60 to 90 minutes

    Participants

    • Portfolio Manager
    • Project Managers
    • Resource Managers
    • Business Analysts

    Input

    • Process data requirements

    Output

    • High-level description of your target-state process

    Materials

    • Whiteboard or recipe cards

    Conduct a table-top planning exercise to map out, at a high-level, your required and desired process steps.

    While Info-Tech recommends a simple five-step process (see previous slide), you may need to flesh out your process into additional steps, depending upon the granularity of your seven dimensions and the complexity of your resource management tool. A table-top planning exercise can be helpful to ensure the right process steps are covered.

    1. On a whiteboard or using white 4x6 recipe cards, write the unique steps of a resource management process. Use the process example at the bottom of this slide as a guide.
    2. Use a green marker or green cards to write artifacts or deliverables that result from each step.
    3. Use a red marker or red cards to address potential issues, problems, or risks that you can foresee at each step.

    For the purposes of this activity, avoid getting into too much detail by keeping to your focus on the high-level data points that will be required to keep supply and demand balanced on an ongoing basis.

    "[I]t’s important not to get too granular with your time tracking. While it might be great to get lots of insight into how your team is performing, being too detailed can eat into your team’s productive work time. A good rule of thumb to work by is if your employees’ timesheets include time spent time tracking, then you’ve gone too granular."

    Nicolas Jacobeus

    Use Info-Tech’s Resource Management Playbook to help evolve your high-level steps into a repeatable practice

    Once you’ve determined a high-level workflow, you’ll need to flesh out the organizational details for how data will be collected at each step and who will support the process.

    Use Info-Tech’s Resource Management Playbook to help determine and communicate the “who, what, when, where, why, and how” of each of your high-level process steps.

    The playbook template is intended to function as your resource management standard operating procedure. Customize Section 3 of the template to record the specific organizational details of how data will be collected at each process step, and the actions and decisions the data collection process will necessitate.

    • Activities 2.3.2-2.3.6 in this step will help you customize the process steps in Info-Tech’s five-step resource management model and record these in the template. If you developed a customized process in activity 2.3.1, you will need to add to/take away from the activity slides and customize the template accordingly.
    • Lean on the seven dimensions of resource management that you developed in step 2.1 to determine the cadence and frequency of data collection. For instance, if your update frequency is monthly, you will need to ensure you collect your supply-demand data prior to that, giving yourself enough time to analyze it and reconcile imbalances with stakeholders before refreshing your monthly reporting data.

    Download Info-Tech’s Resource Management Playbook

    How the next five activities will help you develop your playbook

    2.3 Resource Management Playbook

    Each of the slides for activities 2.3.2-2.3.6 are comprised of a task-at-a glance box as well as “important decisions to document” for each step.

    Work as a group to complete the task-at-a-glance boxes for each step. Use the “important decisions to document” notes to help brainstorm the “how” for each step. These details should be recorded below the task-at-a-glance boxes in the playbook – see point 6 in the legend below.

    Screenshot of Section 3 of the RM Playbook.

    The image shows a screenshot of Section 3 of the RM Playbook. A legend is included below.

    Screenshot Legend:

    1. Review your existing steps, tools, and templates used for this task. Alternatively, review the example provided in the RM Playbook.
    2. Designate the responsible party/parties for this process. Who carries out the task?
    3. Document the inputs and outputs for the task: artifacts, consulted and informed parties.
    4. If applicable, document the tools and templates used for the task.
    5. Designate the accountable party for this task. Only a single party can be accountable.
    6. Describe the “how” of the task below the Task-at-a-Glance table.

    Step one: determine the logistics for collecting resource supply data for each reporting period

    2.3.2
    20 minutes

    Step one in your resource management process should be ensuring a perpetually current view into your resource supply.

    Resource supply in this context should be understood as the time, per your scope of allocation (i.e. individual, team, skill, etc.) that is leftover or available once non-project demands have been taken out of the equation. In short, the goal of this process step is to determine the non-project demands for the forecast period.

    The important decisions to document for this step include:

    1. What data will be collected and from whom? For example, functional managers to update resource potential capacity and non-project resource allocations.
    2. How often will data be collected and when? For example, data will be collected third Monday of the month, three days before our monthly update frequency.
    3. How will the data be collected? For example, tool admin to send out data to update on third Monday; resource managers update the data and email back to tool admin.

    Document your process for determining resource supply in Section 3.1 of Info-Tech’s Resource Management Playbook.

    Task-at-a-glance:

    Inputs Artifacts i.e. historical usage data
    Consulted i.e. project resources
    Tools & Templates i.e. time tracking template
    Outputs Artifacts i.e. updated template
    Informed i.e. portfolio analyst
    Timing i.e. every second Monday
    Responsible i.e. functional managers
    Accountable i.e. IT directors

    Step two: map out how project demand will be captured within each reporting period

    2.3.3
    20 minutes

    Step two in your resource management process will be to determine the full extent of project demand for your forecast period.

    Project demand in this context can entail both in-flight projects as well as new project plans or new project requests that are proposing to consume capacity during the forecast period. In short, the goal of this process step is to determine all of the project demands for the forecast period.

    The important decisions to document for this step include:

    1. What data will be collected and from whom? For example, project managers to update project allocations for in-flight projects, and PMO will provide proposed allocations for new project requests.
    2. How often will data be collected and when? For example, data will be collected third Tuesday of the month, two days before our monthly update frequency.
    3. How will the data be collected? For example, tool admin to send out data to update on third Tuesday; project managers update the data and email back to tool admin.

    Document your process for determining project demand in Section 3.2 of Info-Tech’s Resource Management Playbook.

    Task-at-a-glance

    Inputs Artifacts i.e. historical usage data
    Consulted i.e. project resources
    Tools & Templates i.e. project demand template
    Outputs Artifacts i.e. updated demand table
    Informed i.e. portfolio analyst
    Timing i.e. every second Monday
    Responsible i.e. project managers
    Accountable i.e. PMO director

    Step three: record how resource constraints and issues for each reporting period will be identified and documented

    2.3.4
    20 minutes

    Step three in your resource management process will be to analyze your resource supply and project demand data to identify points of conflict.

    Once the supply-demand data has been compiled, it will need to be analyzed for points of imbalance and conflict. The goal of this process step is to analyze the raw data and to make it consumable by other stakeholders in preparation for a reconciliation or rebalancing process.

    The important decisions to document for this step include:

    1. How will the data be checked for inaccuracies? For example, tool admin to enter and QA data; reach out by the following Wednesday at noon with inconsistencies; managers to respond no later than next day by noon.
    2. What reports will employed? For example, a refreshed demand spreadsheet will be made available.
    3. What is an acceptable range for over- and under-allocations? For example, the acceptable tolerance for allocation is 15%; that is, report only those resources that are less than 85% allocated, or more than 115% allocated.

    Document your process for identifying resource constraints and issues in Section 3.3 of Info-Tech’s Resource Management Playbook.

    Task-at-a-glance

    Inputs Artifacts i.e. supply/demand data
    Consulted i.e. no one
    Tools & Templates i.e. Portfolio Manager Lite
    Outputs Artifacts i.e. list of issues
    Informed i.e. no one
    Timing i.e. every second Tuesday
    Responsible i.e. portfolio analyst
    Accountable i.e. PMO director

    Step four: establish a standard protocol for resolving resource issues within each reporting period

    2.3.5
    20 minutes

    Step four in your resource management process should be to finalize your capacity management book of record for the reporting period and prepare recommendations for resolving conflicts and issues.

    The reconciliation process will likely take place at a meeting amongst the management of the PMO and representatives from the various functional groups within the department. The goal of this step is to get the right roles and individuals to agree upon proposed reconciliations and to sign-off on resource allocations.

    The important decisions to document for this step include:

    1. What reports will be distributed and in what form? For example, refreshed spreadsheet will be available on the PMO SharePoint site.
    2. When will the reports be generated and for whom? For example, fourth Tuesday of the month, end of day – accessible for all managers.
    3. Who has input into how conflicts should be resolved? For example, conflicts will be resolved at monthly resource management meeting. All meeting participants have input, but the PMO director will have ultimate decision-making authority.

    Document your process for resolving resource constraints and issues in Section 3.4 of Info-Tech’s Resource Management Playbook.

    Inputs Artifacts i.e. meeting agenda
    Consulted i.e. meeting participants
    Tools & Templates i.e. capacity reports
    Outputs Artifacts i.e. minutes and resolutions
    Informed i.e. steering committee
    Timing i.e. every second Thursday
    Responsible i.e. PMO director
    Accountable i.e. CIO

    Step five: record how resource allocations will be finalized and communicated for the forecast window

    2.3.6
    20 minutes

    The final step in your resource management process is to clarify how resource allocations will be documented in your resource management solution and reported to the department.

    Once a plan to rebalance supply and demand for the reporting period has been agreed on, you will need to ensure that the appropriate data is updated in your resource management book of record, and that allocation decisions are communicated to the appropriate stakeholders.

    The important decisions to document for this step include:

    1. Who has ultimate authority for allocation decisions? For example, the CIO has final authority when conflicts need to be escalated and must approve all allocations for the forecast period.
    2. Who will update the book of record and when? For example, the tool admin will update the data before the end of the day following the resource management meeting.
    3. Who needs to be informed and of what? For example, resource plans will be updated in SharePoint for resources and managers to review.

    Document your process for approving and finalizing allocation in Section 3.5 of Info-Tech’s Resource Management Playbook.

    Task-at-a-glance

    Inputs Artifacts i.e. minutes and resolutions
    Consulted i.e. CIO, IT directors
    Tools & Templates i.e. Portfolio Manager Lite
    Outputs Artifacts i.e. updated availability table
    Informed i.e. steering committee
    Timing i.e. every second Friday
    Responsible i.e. portfolio analyst
    Accountable i.e. PMO director

    Finalize your provisional resource management process in the Playbook Template

    2.3 Resource Management Playbook

    Use Info-Tech’s Resource Management Playbook to solidify your processes in a formalized operating plan.

    Throughout this phase, we have been customizing sections 1, 2, and 3 of the Resource Management Playbook.

    Before we move to pilot and implement your resource management strategy in the next phase of this blueprint, ensure that sections 1-3 of your playbook have been drafted and are ready to be communicated and shared with stakeholders.

    • Avoid getting too granular in your process requirements. Keep it to high-level data requirements. Imposing too much detail in your playbook is a recipe for failure.
    • The playbook should remain provisional throughout your pilot phase. Aspects of your process will likely need to be changed or tweaked as they are met with some day-to-day realities. As with any “living document,” it can be helpful to explicitly assign responsibilities for updating the playbook over the long term to ensure it stays relevant.

    "People are spending far more time creating these elaborate [time-tracking] systems than it would have taken just to do the task. You’re constantly on your app refiguring, recalculating, re-categorizing... A better strategy would be [returning] to the core principles of good time management…Block out your calendar for the non-negotiable things. [Or] have an organized prioritized task list." – Laura Stack (quoted in Zawacki)

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1 Wireframe a resource management strategy using Info-Tech’s seven dimensions of resource management

    Action the decision points across Info-Tech’s seven dimensions to ensure your resource management process is guided by realistic data and process goals.

    2.3 Draft a high-level resource management workflow and elaborate it into a repeatable practice

    Customize Info-Tech’s five-step resource management process model. Then, document how the process will operate by customizing the Resource Management Playbook.

    Phase 3

    Implement Sustainable Resource Management Practices

    Phase 3 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Implement Sustainable Resource Management Practices

    Proposed Time to Completion (in weeks): 4-12 weeks

    Step 3.1: Pilot your resource management process

    Start with an analyst kick-off call:

    • Review your resource management dimensions and tools
    • Review your provisional resource management processes
    • Discuss your ideas for a pilot

    Then complete these activities…

    • Select receptive project/functional managers to work with
    • Define the scope of your pilot and determine logistics
    • Finalize resource management roles and responsibilities

    With these tools & templates:

    • Process Pilot Plan Template
    • Resource Management Playbook
    • Project Portfolio Analyst Job Description
    Step 3.2: Plan to engage your stakeholders

    Review findings with analyst:

    • Results of your pilot, team feedback, and lessons learned
    • Your stakeholder landscape

    Then complete these activities…

    • Brainstorm and plan for potential resistance to change, objections, and fatigue from stakeholders
    • Plan for next steps

    With these tools & templates:

    • Resource Management Playbook

    Phase 3 Results & Insights:

    Engagement paves the way for smoother adoption. An engagement approach (rather than simply communication) turns stakeholders into advocates who can help boost your message, sustain the change, and realize benefits without constant intervention or process command-and-control.

    Step 3.1: Pilot your resource management process to assess viability

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:

    • Select receptive project and functional managers to work with during your pilot
    • Define the scope of your pilot and determine logistics
    • Plan to obtain feedback, document lessons learned, and create an action plan for any changes
    • Finalize resource management roles and responsibilities

    This step involves the following participants:

    • CIO
    • PMO Director / Portfolio Manager
    • Project Managers
    • Resource Managers

    Outcomes of this step

    • A pilot team
    • A process pilot plan that defines the scope, logistics, and process for retrospection
    • Roles, responsibilities, and accountabilities for resource management
    • Project Portfolio Analyst job description template

    Pilot your new processes to test feasibility and address issues before a full deployment

    Adopting the right set of practices requires a significant degree of change that necessitates buy-in from varied stakeholders throughout IT and the business.

    Rome wasn’t built in a day. Similarly, your visibility into resource usage and availability won’t happen overnight.

    Resist the urge to deploy a big-bang rollout of your research management practices. This approach is ill advised for two main reasons:

    • It will put more of a strain on the implementation team in the near term, with a larger pool of end users to train and collect data from.
    • Putting untested practices in a department-wide spotlight could lead to mass confusion in the near-term and color the new processes in a negative light, leading to a loss of stakeholder trust and engagement right out of the gate.

    Start with a pilot phase. Identify receptive project managers and functional managers to work with, and leverage their insights to help iron out the kinks in your process before unveiling your practices to IT and business users at large.

    This step will help you:

    • Plan and execute a pilot of the processes we developed in Phase 2.
    • Incorporate the lessons learned from that pilot to strengthen your playbook and ease the communication process.

    Info-Tech Insight

    Engagement paves the way for smoother adoption. An engagement approach (rather than simply communication) turns stakeholders into advocates who can help boost your message, sustain the change, and realize benefits without constant intervention or process command-and-control.

    Plan your pilot like you would any project to ensure it’s well defined and its goals are clearly articulated

    Use Info-Tech’s Process Pilot Plan Template to help define the scope of your pilot and set appropriate goals for the test run of your new processes.

    A process pilot is a limited scope of an implementation (constrained by time and resources involved) to test the viability and effectiveness of the process as it has been designed.

    • Investing time and energy into a pilot phase can help to lower implementation risk, enhance the details and steps within a process, and improve stakeholder relations prior to a full scale rollout.
    • More than a dry run, however, a pilot should be approached strategically and planned out to limit the scope of it and achieve specific outcomes.
    • Leverage a planning document to ensure your process pilot is grounded in a common set of definitions, that the pilot is delivering value and insight, and that ultimately the pilot can serve as a starting point for a full-scale process implementation.

    "The advantages to a pilot are several. First, risk is constrained. Pilots are closely monitored so if a problem does occur, it can be fixed immediately. Second, the people working in the pilot can become trainers as you roll the process out to the rest of the organization. Third, the pilot is another opportunity for skeptics to visit the pilot process and learn from those working in it. There’s nothing like seeing a new process working for people to change their minds." – Daniel Madison

    Download Info-Tech’s Process Pilot Plan Template

    Select receptive project and functional managers to work with during your pilot

    3.1.1
    20 to 60 minutes

    Input

    • Project management staff and functional managers

    Output

    • Pilot project teams

    Materials

    • Stakeholder Engagement Workbook
    • Process Pilot Plan Template

    Participants

    • Process owner (PMO director or portfolio owner)
    • CIO

    Info-Tech recommends selecting project managers and functional managers who are aware of your role and some of the supply-demand challenges to assist in the implementation process.

    1. If receptive project and functional managers are known, schedule a 15-minute meeting with them to inquire if they would be willing to be part of the pilot process.
    2. If receptive project managers are not known, use Info-Tech’s Stakeholder Engagement Workbook to conduct a formal selection process.
      1. Enter a list of potential pilot project managers in tab 3.
      2. Rate project managers in terms of influence, pilot interest, and potential deployment contribution within tab 4.
      3. Review tab 5 in the workbook. Receptive project managers will appear in the top quadrants. Ideal project managers for the pilot are located in the top right quadrant of the graph.

    Document the project and functional managers involved in your pilot in Section 3 of Info-Tech’s Process Pilot Plan Template.

    Define the scope of your pilot and determine logistics

    Input

    • Sections 1 through 4 of the Process Pilot Plan Template

    Output

    • A process pilot plan

    Materials

    • Process Pilot Plan Template

    Participants

    • Process Owner (PMO Director or Portfolio Owner)
    • CIO
    • Project and Resource Managers

    Use Info-Tech’s Process Pilot Plan Template to design the details of your pilot.

    Investing time into planning your pilot phase strategically will ensure a clear scope, better communications for those piloting the processes, and overall, better, more actionable results during the pilot phase. The Process Pilot Plan Template is broken into five sections to assist in these goals:

      • Pilot Overview and Scope
      • Success and Risk Factors
      • Stakeholders Involved and Communications Plan
      • Pilot Retrospective and Feedback Protocol
      • Lessons Learned
    • The duration of your pilot should go at least one allocation period, depending on your frequency of updates, e.g. one week or month.
    • Estimates of time commitments should be captured for each stakeholder. During the retrospective at the end of the pilot, you should capture actuals to help determine the time-cost of the process itself and measure its sustainability.
    • Once the template is completed, schedule time to share and communicate it with the pilot team and executive sponsors of the process.

    While you should invest time in this planning document, continue to lean on the Resource Management Playbook as well as a process guide throughout the pilot phase.

    Execute your pilot and prepare to make process revisions before the full rollout

    Hit play! Begin the process pilot and get familiar with the work routine and resource management solution.

    Some things to keep in mind during the pilot include:

    • Depending on the solution you’re using, you will likely need to spend one day or less to populate the tool. During the pilot, measure the time and effort required to manage the data within the tool. Compare with the original estimate from activity 2.2.2. Determine whether time and effort required are viable on an ongoing basis (i.e. can you do it every week or month) and have value.
    • Meet with the pilot team and other stakeholders regularly during the pilot – at least weekly. Allow the team (and yourself) to speak honestly and openly about what isn’t working. The pilot is your chance to make things better.
    • Keep notes about what will need to change in the RM Playbook. For major changes, you may have to tweak the process during the pilot itself. Update the process documents as needed and communicate the changes and why they’re being made. If required, update the scope of the pilot in the Process Pilot Plan Template.

    Obtain feedback from the pilot group to improve your processes before a wider rollout

    3.1.3
    30 minutes

    Input

    • What’s working and what isn’t in the process

    Output

    • Ideas to improve process

    Materials

    • Whiteboard
    • Sticky notes
    • Process Pilot Plan Template

    Participants

    • Process Owner (PMO Director or Portfolio Owner)
    • Pilot Team

    Pilot projects allow you to validate your assumptions and leverage lessons learned. During the planning of the pilot, you should have scheduled a retrospective meeting with the pilot team to formally assess strengths and weaknesses in the process you have drafted.

    • Schedule the retrospective shortly after the pilot is completed. Info-Tech recommends a stop/start/continue activity with pilot participants to obtain and capture feedback.
    • Have members of the meeting record any processes/activities on sticky notes that should:
      • Stop: because they are ineffective or not useful
      • Start: because they would be useful for the tool and have not been incorporated into current processes
      • Continue: because they are useful and positively contribute to intended process outcomes

    An example of how to structure a stop/start/continue activity on a whiteboard using sticky notes.

    The image shows three black squares, each with three brightly coloured sticky notes in it. The three squares are labelled: Stop; Start; Continue.

    See below for additional instructions

    Document lessons learned and create an action plan for any changes to the resource management processes

    3.1.4
    30 minutes

    As a group, discuss everyone’s responses and organize according to top priority (mark with a 1) and lower priority/next steps (mark with a 2). At this point, you can also remove any sticky notes that are repetitive or no longer relevant.

    Once you have organized based on priority, be sure to come to a consensus with the group regarding which actions to take. For example, if the group agrees that they should “stop holding meetings weekly,” come to a consensus regarding how often meetings will be held, i.e. monthly.

    Create an action plan for the top priority items that require changes (the stops and starts). Record in this slide or your preferred medium. Be sure to include who is responsible for the action and the date that it will be implemented.

    Priority Action Required Who is Responsible Implementation Date
    Stop: Holding meetings weekly Hold meetings monthly Jane Doe, PMO Next Meeting: November 1, 2017
    Start: Discussing backlog during meetings Ensure that backlog data is up to date for discussion on date of next meeting John Doe, Portfolio Manager November 1, 2017

    Document the outcomes of the start/stop/continue exercise and your action plan in Section 6 of Info-Tech’s Process Pilot Plan Template.

    Review actions that can be taken based on the results of your pilot

    Situation Action Next Steps
    The dimensions that we chose for our strategy have proven to be too difficult to accurately maintain. The dimensions that we chose for our strategy have proven to be too difficult to accurately maintain. Reassess the dimensions that you chose for your strategy. Make sure that you are not overcommitting yourself based on your maturity level. You can always go back and adjust for a higher level of resource management maturity once you have mastered your current level. For example, if you chose “weekly” as your update frequency and this has proven to be too much to maintain, try updating monthly for a few months. Once you have mastered this update frequency, it will be easier to adjust to a weekly update process.
    We were able to maintain the data for our pilot based on the dimensions that we chose. However, allocating projects based on realized capacity did not alleviate any of our resourcing issues and resources still seem to be working on more projects than they can handle. Determine other factors at the organization that would help to maintain the data and work toward reclaiming capacity. Continue working with the dimensions that you chose and maintain the accuracy of this data. The next step is to identify other factors that are contributing to your resource allocation problems and begin reclaiming capacity. Continue forward to the resource management roadmap section and work on changing organizational structures and worker behavior to maximize capacity for project work.
    We were able to easily and accurately maintain the data, which led to positive results and improvement in resource allocation issues. If your strategy is easily maintained, identify factors that will help your organization reclaim capacity. Continue to maintain this data, and eventually work toward maintaining it at a more precise level. For example, if you are currently using an update frequency of “monthly” and succeeding, think about moving toward a “weekly” frequency within a few months. Once you feel confident that you can maintain project and resource data, continue on to the roadmap section to discover ways to reclaim resource capacity through organizational and behavioral change.

    Finalize resource management roles and responsibilities

    3.1.5
    15 to 30 minutes

    Input

    • Tasks for resource management
    • Stakeholder involved

    Output

    • Roles, responsibilities, and accountabilities for resource management

    Materials

    • Resource Management Playbook

    Participants

    • PMO Director/ Portfolio Manager
    • Functional Managers
    • Project Managers

    Perform a RACI exercise to help standardize terminology around roles and responsibilities and to ensure that expectations are consistent across stakeholders and teams.

    • A RACI will help create a clear understanding of the tasks and expectations for each stakeholder at each process step, assigning responsibilities and accountability for resource management outcomes.

    Responsible

    Accountable

    Consulted

    Informed

    Roles CIO PMO Portfolio Analyst Project Manager Functional Manager
    Collect supply data I A R I C
    Collect demand data I A R C I
    Identify conflicts I C/A R C C
    Resolve conflicts C A/R I R R
    Approve allocations A R I R I

    Document your roles and responsibilities in Section 2 of Info-Tech’s Resource Management Playbook.

    Use Info-Tech’s Portfolio Analyst job description to help fill any staffing needs around data maintenance

    3.1 Project Portfolio Analyst/PMO Analyst Job Description

    You will need to determine responsibilities and accountabilities for portfolio management functions within your team.

    If you do not have a clearly identifiable portfolio manager at this time, you will need to clarify who will wear which hats in terms of facilitating intake and prioritization, high-level capacity awareness, and portfolio reporting.

    • Use Info-Tech’s Project Portfolio Analyst job description template to help clarify some of the required responsibilities to support your PPM strategy.
      • If you need to bring in an additional staff member to help support the strategy, you can customize the job description template to help advertise the position. Simply edit the text in grey within the template.
    • If you have other PPM tasks that you need to define responsibilities for, you can use the RASCI chart on the final tab of the PPM Strategy Development Tool.

    Download Info-Tech’s Project Portfolio Analyst Job Description Template

    Finalize the Resource Management Playbook and prepare to communicate your processes

    Once you’ve completed the pilot process and made the necessary tweaks, you should finalize your Resource Management Playbook and prepare to communicate it.

    Revisit your RM Playbook from step 2.3 and ensure it has been updated to reflect the process changes that were identified in activity 3.1.4.

    • If during the pilot process the data was too difficult or time consuming to maintain, revisit the dimensions you have chosen and select dimensions that are easier to accurately maintain. Tweak your process steps in the playbook accordingly.
    • In the long term, if you are not observing any capacity being reclaimed, revisit the roadmap that we’ll prepare in step 3.2 and address some of these inhibitors to organizational change.
    • In the next step, we will also be repurposing some of the content from the playbook, as well as from previous activities, to include them in your presentation to stakeholders, using Info-Tech’s Resource Management Communications Template.

    Download Info-Tech’s Resource Management Playbook

    Info-Tech Best Practice

    Make your process standardization comprehensive. The RM Playbook should serve as your resource management standard operating procedure. In addition to providing a walk-through of the process, an SOP also clarifies project governance by clearly defining roles and responsibilities.

    Step 3.2: Plan to engage your stakeholders with your playbook

    PHASE 1

    1.1 Set a course of action

    1.2 Estimate supply and demand

    PHASE 2

    2.1 Select resource management dimensions

    2.2 Select resource management tools

    2.3 Build process steps

    PHASE 3

    3.1 Pilot your process for viability

    3.2 Plan stakeholder engagement

    This step will walk you through the following activities:

    • Brainstorm and plan for potential resistance to change, objections, and fatigue from stakeholders
    • Plan for next steps in reclaiming project capacity
    • Plan for next steps in overcoming supply-demand reconciliation challenges

    This step involves the following participants:

    • CIO
    • PMO Director / Portfolio Manager
    • Pilot Team from Step 3.1

    Outcomes of this step

    • Plan for communicating responses and objections from stakeholders and staff
    • Plan to manage structural/enabling factors that influence success of the resource management strategy
    • Description of next steps in reclaiming project capacity and overcoming supply-demand reconciliation challenges
    • Final draft of the customized Resource Management Playbook

    Develop a resource management roadmap to communicate and reinforce the strategy

    A roadmap will help anticipate, plan, and address barriers and opportunities that influence the success of the resource management strategy.

    This step of the project will ensure the new strategy is adopted and applied with maximum success by helping you manage challenges and opportunities across three dimensions:

    1. Executive Stakeholder Factors

    For example, resistance to adopting new assumptions about ratio of project versus non-project work.

    2. Workforce/Team Factors

    For example, resistance to moving from individual- to team-based allocations.

    3. Structural Factors

    For example, ensuring priorities are stable within the chosen resource planning horizon.

    See Info-Tech’s Drive Organizational Change from the PMOfor comprehensive tools and guidance on achieving organizational buy-in for your new resource management practices.

    Info-Tech Insight

    Communicate, communicate, communicate. Staff are 34% more likely to adapt to change quickly during the implementation and adoption phases when they are provided with a timeline of impending changes specific to their department. (McLean & Company)

    Anticipate a wide range of responses toward your new processes

    While your mandate may be backed by an executive sponsor, you will need to influence stakeholders from throughout the organization in order to succeed. Indeed, as EPMO leader, success will depend upon your ability to confirm and reaffirm commitments on soft or informal grounds. Prepare an engagement strategy that anticipates a wide range of responses.

    Enthusiasts Fence-sitters Skeptics Saboteurs
    What they look like: Put all their energy into learning new skills and behaviors. Start to use new skills and behaviors at a sluggish pace. Look for alternate ways of implementing the change. Refuse to learn anything new or try new behaviors.
    How they contribute: Lead the rest of the group. Provide an undercurrent of movement from old behaviors to new. Challenge decisions and raise risk points with managers. May raise valid points about the process that should be fixed.
    How to manage them: Give them space to learn and lead others. Keep them moving forward by testing their progress. Listen to them, but don’t give in to their demands. Keep communicating with them until you convert them.
    How to leverage them: Have them lead discussions and training sessions. Use them as an example to forecast the state once the change is adopted. Test new processes by having them try to poke holes in them. If you can convert them, they will lead the Skeptics and Fence-sitters.

    Info-Tech Insight

    Hone your stakeholder engagement strategy. Most people affected by an IT-enabled change tend to be fence-sitters. Small minorities will be enthusiasts, saboteurs, and skeptics. Your communication strategy should focus on engaging the skeptics, saboteurs, and enthusiasts. Fence-sitters will follow.

    Define plans to deal with resistance to change, objections, and fatigue

    Be prepared to confront skeptics and saboteurs when communicating the change.

    1. Use the templates on the following slide to:
      1. Brainstorm possible objections from stakeholders and staff. Prioritize objections that are likely to occur.
      2. Develop responses to objections.
    2. Develop a document and plan for proactively communicating responses and objections to show people that you understand their point of view.
      1. Revise the communications messaging and plan to include proactive objection handling.
    3. Discuss the likelihood and impact of “saboteurs” who aren’t convinced or affected by change management efforts.
      1. Explore contingency plans for dealing with difficult saboteurs. These individuals can negate the progress of the rest of the team by continuing to resist the process and spreading toxic energy. If necessary, be ruthless with these individuals. Let them know that the rest of the group is moving on without them, and if they can’t or won’t adopt the new standards, then they can leave.

    Info-Tech Insight

    Communicate well and engage often. Agility and continuous improvement are good, but can degenerate into volatility if change isn’t managed properly. People will perceive change to be volatile if their expectations aren’t managed through communications and engagement planning.

    Info-Tech Best Practice

    The individuals best positioned to provide insight and influence change positively are also best positioned to create resistance.

    These people should be engaged early and often in the implementation process – not just to make them feel included or part of the change, but also because their insight could very likely identify risks, barriers, and opportunities that need to be addressed.

    Develop a plan to manage stakeholder resistance to the new resource management strategy

    3.2.1
    30 minutes

    Brainstorm potential implications and objections that executive stakeholders might raise about your new processes.

    Dimension Decision Potential Impact, Implications, and Objections Possible Responses and Actions
    i.e. Default Project Ratio 50% “This can’t be right...” “We conducted a thorough time audit to establish this ratio.”
    “We need to spend more time on project work.” “Realistic estimates will help us control new project intake, which will help us optimize time allocated to projects.”
    i.e. Frequency Monthly “This data isn’t detailed enough, we need to know what people are working on right now.” “Maintaining an update frequency of weekly would require approximately [X] extra hours of PMO effort. We can work toward weekly as we mature.”
    i.e. Scope Person “That is a lot of people to keep track of.” “Managing individuals is still the job of the project manager; we are responsible for allocating individuals to projects.”
    i.e. Granularity of Work Assignment Project “We need to know exactly what tasks are being worked on and what the progress is.” “Assigning at task level is very difficult to accurately maintain. Once we have mastered a project-level granularity we can move toward task level.”
    i.e. Forecast Horizon One month “We need to know what each resource is working on next year.” “With a monthly forecast, our estimates are dependable. If we forecast a year in advance, this estimate will not be accurate.”

    Document the outcomes of this activity on slide 26 of Info-Tech’s Resource Management Communications Template.

    Develop a plan to manage staff/team resistance to the new resource management strategy

    3.2.2
    30 minutes

    Brainstorm potential implications and objections that individual staff and members of project teams might raise about your new processes.

    Dimension Decision Potential Impact, Implications, and Objections Possible Responses and Actions
    i.e. Default Project Ratio 50% “There’s too much support work.” “We conducted a thorough time audit to establish this ratio. Realistic estimates will help us control new project intake, which will help us optimize your project time.”
    i.e. Frequency Monthly “I don’t have time to give you updates on project progress.” “This update frequency requires only [X] amount of time from you per week/month.”
    i.e. Granularity Project “I need more clarity on what I’m working on.” “Team members and project managers are in the best position to define and assign (or self-select) individual tasks.”
    i.e. Forecast Horizon One month “I need to know what my workload will be further in advance.” “You will still have a high-level understanding of what you will be working on in the future, but projects will only be officially forecasted one month in advance.”
    i.e. Allocation Cadence Monthly “We need a more frequent cadence.” “We can work toward weekly cadence as we mature.”

    Document the outcomes of this activity on slide 27 of Info-Tech’s Resource Management Communications Template.

    Develop a plan to manage structural/enabling factors that influence success of the resource management strategy

    3.2.3
    30 minutes

    Brainstorm a plan to manage other risks and challenges to implementing your processes.

    Dimension Decision Potential Impact, Implications, and Objections Possible Responses and Actions
    i.e. Default Project Ratio 50% “We have approved too many projects to allocate so little time to project work.” Nothing has changed – this was always the amount of time that would actually go toward projects. If you are worried about a backlog, stop approving projects until you have completed the current workload.
    i.e. Frequency Monthly “Status reports aren’t reliably accurate and up to date more than quarterly.” Enforce strict requirements to provide monthly status updates for 1-3 key KPIs.
    i.e. Scope Person “How can we keep track of what each individual is working on?” Establish a simple, easy reporting mechanism so that resources are reporting their own progress.
    i.e. Granularity Project “How will we know the status of a project without knowing what tasks are completed?” It is in the domain of the project manager to know what tasks have been completed and to report overall project progress.
    i.e. Forecast Horizon One Month “It will be difficult to plan for resource needs in advance.” Planning a month in advance allows you to address conflicts or issues before they are urgent.

    Document the outcomes of this activity on slide 28 of Info-Tech’s Resource Management Communications Template.

    Finalize your communications plan and prepare to present the new processes to the organization

    Use Info-Tech’s Resource Management Communications Template to record the challenges your resource management strategy is addressing and how it is addressing them.

    Highlight organizational factors that necessitated the change.

    • Stakeholders and staff understandably tend to dislike change for the sake of change. Use Info-Tech’s Resource Management Communications Template to document the pain points that your process change is addressing and explain the intended benefits for all who will be subject to the new procedures.

    Determine goals and benefits for implementation success.

    • Provide metrics by which the implementation will be deemed a success. Providing this horizon will provide some structure for stakeholders and hopefully help to encourage process discipline.

    Clearly indicate what is required of people to adopt new processes.

    • Document your Resource Management Playbook. Be sure to include specific roles and responsibilities so there is no doubt regarding who is accountable for what.

    Download Info-Tech’s Resource Management Communications Template

    "You need to be able to communicate effectively with major stakeholders – you really need their buy-in. You need to demonstrate credibility with your audience in the way you communicate and show how portfolio [management] is a structured decision-making process." – Dr. Shan Rajegopal (quoted in Akass, “What Makes a Successful Portfolio Manager”)

    Review tactics for keeping your processes on track

    Once the strategy is adopted, the next step is to be prepared to address challenges as they come up. Review the tactics in the table below for assistance.

    Challenge Resolution Next Step
    Workers are distracted because they are working on too many projects at once; their attention is split and they are unproductive. Workers are distracted because they are working on too many projects at once; their attention is split and they are unproductive. Review portfolio practices for ways to limit work in progress (WIP).
    Employees are telling project managers what they want to hear and not giving honest estimates about the way their time is spent. Ensure that employees understand the value of honest time tracking. If you’re allocating your hours to the wrong projects, it is your projects that suffer. If you are overallocated, be honest and share this with management. Display employee time-tracking reports on a public board so that everyone will see where their time is spent. If they are struggling to complete projects by their deadlines they must be able to demonstrate the other work that is taking up their time.
    Resources are struggling with projects because they do not have the necessary expertise. Perform a skills audit to determine what skills employees have and assign them to projects accordingly. If an employee with a certain skill is in high demand, consider hiring more resources who are able to complete this work.

    See below for additional challenges and tactics

    Review tactics for keeping supply and demand aligned

    Once the strategy is adopted, the next step is to use the outputs of the strategy to reclaim capacity and ensure supply and demand remain aligned. Review the tactics in the table below for assistance.

    Challenge Resolution Next Step
    There is insufficient project capacity to take on new work, but demand continues to grow. Extend project due date and manage the expectations of project sponsors with data. If possible, reclaim capacity from non-project work. Customize the playbook to address insufficient project capacity.
    There is significant fluctuation in demand, making it extremely challenging to stick to allocations. Project managers can build in additional contingencies to project plans based on resourcing data, with plans for over-delivering with surplus capacity. In addition, the CIO can leverage business relationships to curb chaotic demand. The portfolio manager should analyze the project portfolio for clues on expanding demand. Customize the playbook to address large fluctuations in demand.
    On a constant basis, there are conflicting project demands over specific skills. Re-evaluate the definition of a project to guard the value of the portfolio. Continually prioritize projects based on their business values as of today. Customize the playbook to address conflicting project demands. Feed into any near- and long-term staffing plans.

    Prepare to communicate your new resource management practices and reap their benefits

    As you roll out your resource management strategy, familiarize yourself with the capability improvements that will drive your resource management success metrics.

    1. Increased capacity awareness through the ability to more efficiently and more effectively collect and track complex, diverse, and dynamic project data across the project portfolio.
    2. Improved supply management. Increased awareness of resource capacity (current and forecasted) combined with the ability to see the results of resource allocations across the portfolio will help ensure that project resources are used as effectively as possible.
    3. Improved demand management. Increased capacity awareness, combined with reliable supply management, will help PMOs set realistic limits on the amount and kind of IT projects the organization can take on at any given time. The ability to present user-friendly reports to key decision makers will help the PMO to ensure that the projects that are approved are realistically attainable and strategically aligned.
    4. Increased portfolio success. Improvements in the three areas indicated above should result in more realistic demands on project workers/managers, better products, and better service to all stakeholders. While successfully implemented PPM solutions should produce more efficient PPM processes, ideally they should also drive improved project stakeholder satisfaction across the organization.

    The image shows a series on concentric circles, labelled (from the inside out): Capacity Awareness; Supply Management; Demand Management; Project Success.

    Info-Tech client achieves resource management success by right-sizing its data requirements and focusing on reporting

    CASE STUDY

    Industry Manufacturing

    Source Info-Tech Client

    We were concerned that the staff would not want to do timesheets. With one level of task definition, it’s not really timesheets. It’s more about reconciling our allocations.” – PMO Director, Manufacturing

    Challenge

    • In a very fast-paced environment, the PMO had developed a meaningful level of process maturity.
    • There had never been time to slow down enough to introduce a mature PPM tool set.
    • The executive leadership had started to ask for more throughput of highly visible IT projects.

    Solution

    • There had never been oversight on how much IT time went toward escalated support issues and smaller enhancement requests.
    • Staff had grown accustomed to a lack of documentation rigor surrounding the portfolio.
    • Despite a historic baseline of the ratio between strategic projects, small projects, and support, the lack of recordkeeping made it hard to validate or reconcile these ratios.

    Results

    • The organization introduced a robust commercial PPM tool.
    • They were able to restrict the granularity of data to a high level in order to limit the time required to enter and manage, and track the actuals.
    • They prepared executive leadership for their renewed focus on the allocation of resources to strategically important projects.
    • Approval of projects was right-sized based on the actual capacity and realized through improved timesheet recordkeeping.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1 Define the scope of your pilot and set appropriate goals for the test-run of your new processes

    An effective pilot lowers implementation risk, enhances the details and steps within a process, and improves stakeholder relations prior to a full scale rollout.

    3.2 Develop a plan to manage stakeholder and staff resistance to the new resource management practice

    Proactively plan for communicating responses and objections to show people that you understand their point of view and win their buy-in.

    Insight breakdown

    Insight 1

    A matrix organization creates many small, untraceable demands that are often overlooked in resource management efforts, which lead to underestimating total demand and overcommitting resources. To capture them and enhance the success of your resource management effort, focus on completeness rather than precision. Precision of data will improve over time as your process maturity grows.

    Insight 2

    Draft the resource management practice with sustainability in mind. It is about what you can and will maintain every week, even during a crisis: it is not about what you put together as a one-time snapshot. Once you stop maintaining resource data, it’s nearly impossible to catch up.

    Insight 3

    Engagement paves the way for smoother adoption. An engagement approach (rather than simply communication) turns stakeholders into advocates who can help boost your message, sustain the change, and realize benefits without constant intervention or process command-and-control.

    Summary of accomplishment

    Knowledge Gained

    • Disconnect between traditional resource management paradigms and today’s reality of work environment
    • Differentiation of accuracy and precision in capacity data
    • Snapshot of resource capacity supply and demand
    • Seven dimensions of resource management strategy
    • How to create sustainability of a resource management practice

    Processes Optimized

    • Collecting resource supply data
    • Capturing the project demand
    • Identifying and documenting resource constraints and issues
    • Resolving resource issues
    • Finalizing and communicating resource allocations for the forecast window

    Deliverable Completed

    • Resource Management Supply-Demand Calculator, to create an initial estimate of resource capacity supply and demand
    • Time-tracking survey emails, to validate assumptions made for creating the initial snapshot of resource capacity supply and demand
    • Resource Management Playbook, which documents your resource management strategy dimensions, process steps, and responses to challenges
    • PPM Solution Vendor Demo Script, to structure your resource management tool demos and interactions with vendors to ensure that their solutions can fully support your resource management practices
    • Portfolio Manager Lite, a spreadsheet-based resource management solution to facilitate the flow of data
    • Process Pilot Plan, to ensure that the pilot delivers value and insight necessary for a wider rollout
    • Project Portfolio Analyst job description, to help your efforts in bringing in additional staff to provide support for the new resource management practice
    • Resource Management Communications presentation, with which to engage your stakeholders during the new process rollout

    Research contributors and experts

    Trevor Bramwell, ICT Project Manager Viridor Waste Management

    John Hansknecht, Director of Technology University of Detroit Jesuit High School & Academy

    Brian Lasby, Project Manager Toronto Catholic District School Board

    Jean Charles Parise, CIO & DSO Office of the Auditor General of Canada

    Darren Schell, Associate Executive Director of IT Services University of Lethbridge

    Related Info-Tech research

    Develop a Project Portfolio Management Strategy

    Grow Your Own PPM Solution

    Optimize Project Intake, Approval, and Prioritization

    Maintain and Organized Portfolio

    Manage a Minimum-Viable PMO

    Establish the Benefits Realization Process

    Manage an Agile Portfolio

    Tailor Project Management Processes to Fit Your Projects

    Project Portfolio Management Diagnostic Program

    The Project Portfolio Management Diagnostic Program is a low-effort, high-impact program designed to help project owners assess and improve their PPM practices. Gather and report on all aspects of your PPM environment to understand where you stand and how you can improve.

    Bibliography

    actiTIME. “How Poor Tracking of Work Time Affects Your Business.” N.p., Oct. 2016. Web.

    Akass, Amanda. “What Makes a Successful Portfolio Manager.” Pcubed, n.d. Web.

    Alexander, Moira. “5 Steps to avoid overcommitting resources on your IT projects.” TechRepublic. 18 July 2016. Web.

    Anderson, Ryan. “Some Shocking Statistics About Interruptions in Your Work Environment.” Filevine, 9 July 2015. Web.

    Bondale, Kiron. “Focus less on management and more on the resources with resource management.” Easy in Theory, Difficult in Practice. 16 July 2014. Web.

    Burger, Rachel. “10 Software Options that Will Make Your Project Resource Allocation Troubles Disappear.” Capterra Project Management Blog, 6 January 2016. Web.

    Cooper, Robert, G. “Effective Gating: Make product innovation more productive by using gates with teeth.” Stage-Gate International and Product Development Institute. March/April 2009. Web.

    Dimensional Research. “Lies, Damned Lies and Timesheet Data.” Replicon, July 2013. Web.

    Edelman Trust Barometer. “Leadership in a Divided World.” 2016. Web.

    Frank, T.A. “10 Execs with Time-Management Secrets You Should Steal.” Monday*. Issue 2: Nov-Dec 2014. Drucker Institute. Web.

    Huth, Susanna. “Employees waste 759 hours each year due to workplace distractions.” The Telegraph, 22 Jun 2015. Web.

    Jacobeus, Nicolas. “How Detailed Does Your Agency Time Tracking Need to Be?” Scale Blog, 18 Jul 2016. Web.

    Lessing, Lawrence. Free Culture. Lulu Press Inc.: 30 July 2016.

    Kwak, James. “The Importance of Excel. The Baseline Scenario, 9 Feb 2013. Web.

    Madison, Daniel. “The Five Implementation Options to Manage the Risk in a New Process.” BPMInstitute.org. n.d. Web.

    Mark, Gloria. Multitasking in the Digital Age. Morgan & Claypool Publishers. 1 April 2015

    Maron, Shim. “Accountability Vs. Responsibility In Project Management.” Workfront, 10 June 2016. Web.

    PM Solutions. “Resource Management and the PMO: Three Strategies for Addressing Your Biggest Challenge.” N.p., 2009. Web.

    Project Management Institute. “Pulse of the Profession 2014.” PMI, 2014. Web.

    Planview. “Capacity Planning Fuels Innovation Speed.” 2016. Web.

    Rajda, Vilmos. “The Case Against Project Portfolio Management.” PMtimes, 1 Dec 2010. Web.

    Reynolds, Justin. “The Sad Truth about Nap Pods at Work.” TINYpulse, 22 Aug 2016. Web.

    Schulte, Brigid. “Work interrupts can cost you 6 hours a day. An efficiency expert explains how to avoid them.” Washington Post, 1 June 2015. Web.

    Stone, Linda. "Continuous Partial Attention." Lindastone.net. N.p., n.d. Web.

    Zawacki, Kevin. “The Perils of Time Tracking.” Fast Company, 26 Jan 2015. Web.

    Understand the Data and Analytics Landscape

    • Buy Link or Shortcode: {j2store}131|cart{/j2store}
    • member rating overall impact (scale of 10): 9.8/10 Overall Impact
    • member rating average dollars saved: $2,000 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • The data and analytics landscape comprises many disciplines and components; organizations may find themselves unsure of where to start or what data topic or area they should be addressing.
    • Organizations want to better understand the components of the data and analytics landscape and how they are connected.

    Our Advice

    Critical Insight

    • This deck will provide a base understanding of the core data disciplines and will point to the various Info-Tech blueprints that dive deeper into each of the areas.

    Impact and Result

    • This deck will provide a base understanding of the core disciplines of the data and analytics landscape and will point to the various Info-Tech blueprints that dive deeper into each of the areas.

    Understand the Data and Analytics Landscape Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the data and analytics landscape

    Get an overview of the core disciplines of the data and analytics landscape.

    • Understand the Data and Analytics Landscape Storyboard

    Infographic

    Build an IT Risk Management Program

    • Buy Link or Shortcode: {j2store}192|cart{/j2store}
    • member rating overall impact (scale of 10): 8.3/10 Overall Impact
    • member rating average dollars saved: $31,532 Average $ Saved
    • member rating average days saved: 17 Average Days Saved
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • Risk is unavoidable. Without a formal program to manage IT risk, you may be unaware of your severest IT risks.
    • The business could be making decisions that are not informed by risk.
    • Reacting to risks AFTER they occur can be costly and crippling, yet it is one of the most common tactics used by IT departments.

    Our Advice

    Critical Insight

    • IT risk is business risk. Every IT risk has business implications. Create an IT risk management program that shares accountability with the business.

    Impact and Result

    • Transform your ad hoc IT risk management processes into a formalized, ongoing program, and increase risk management success.
    • Take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s greatest risks before they occur.
    • Involve key stakeholders including the business senior management team to gain buy-in and to focus on IT risks most critical to the organization.

    Build an IT Risk Management Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build an IT Risk Management Program – A holistic approach to managing IT risks within your organization and involving key business stakeholders.

    Gain business buy-in to understanding the key IT risks that could negatively impact the organization and create an IT risk management program to properly identify, assess, respond, monitor, and report on those risks.

    • Build an IT Risk Management Program – Phases 1-3

    2. Risk Management Program Manual – A single source of truth for the risk management program to exist and be updated to reflect changes.

    Leverage this Risk Management Program Manual to ensure that the decisions around how IT risks will be governed and managed can be documented in a single source accessible by those involved.

    • Risk Management Program Manual

    3. Risk Register & Risk Costing Tool – A set of tools to document identified risk events. Assess each risk event and consider the appropriate response based on your organization’s threshold for risk.

    Engage these tools in your organization if you do not currently have a GRC tool to document risk events as they relate to the IT function. Consider the best risk response to high severity risk events to ensure all possible situations are considered.

    • Risk Register Tool
    • Risk Costing Tool

    4. Risk Event Action Plan and Risk Report – A template to document the chosen risk responses and ensure accountable owners agree on selected response method.

    Establish clear guidelines and responses to risk events that will leave your organization vulnerable to unwanted threats. Ensure risk owners have agreed to the risk responses and are willing to take accountability for that response.

    • Risk Event Action Plan
    • Risk Report

    Infographic

    Workshop: Build an IT Risk Management Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review IT Risk Fundamentals and Governance

    The Purpose

    To assess current risk management maturity, develop goals, and establish IT risk governance.

    Key Benefits Achieved

    Identified obstacles to effective IT risk management.

    Established attainable goals to increase maturity.

    Clearly laid out risk management accountabilities and responsibilities for IT and business stakeholders.

    Activities

    1.1 Assess current program maturity

    1.2 Complete RACI chart

    1.3 Create the IT risk council

    1.4 Identify and engage key stakeholders

    1.5 Add organization-specific risk scenarios

    1.6 Identify risk events

    Outputs

    Maturity Assessment

    Risk Management Program Manual

    Risk Register

    2 Identify IT Risks

    The Purpose

    Identify and assess all IT risks.

    Key Benefits Achieved

    Created a comprehensive list of all IT risk events.

    Risk events prioritized according to risk severity – as defined by the business.

    Activities

    2.1 Identify risk events (continued)

    2.2 Augment risk event list using COBIT 5 processes

    2.3 Determine the threshold for (un)acceptable risk

    2.4 Create impact and probability scales

    2.5 Select a technique to measure reputational cost

    2.6 Conduct risk severity level assessment

    Outputs

    Finalized List of IT Risk Events

    Risk Register

    Risk Management Program Manual

    3 Identify IT Risks (continued)

    The Purpose

    Prioritize risks, establish monitoring responsibilities, and develop risk responses for top risks.

    Key Benefits Achieved

    Risk monitoring responsibilities are established.

    Risk response strategies have been identified for all key risks.

    Activities

    3.1 Conduct risk severity level assessment

    3.2 Document the proximity of the risk event

    3.3 Conduct expected cost assessment

    3.4 Develop key risk indicators (KRIs) and escalation protocols

    3.5 Root cause analysis

    3.6 Identify and assess risk responses

    Outputs

    Risk Register

    Risk Management Program Manual

    Risk Event Action Plans

    4 Monitor, Report, and Respond to IT Risk

    The Purpose

    Assess and select risk responses for top risks and effectively communicate recommendations and priorities to the business.

    Key Benefits Achieved

    Thorough analysis has been conducted on the value and effectiveness of risk responses for high severity risk events.

    Authoritative risk response recommendations can be made to senior leadership.

    A finalized Risk Management Program Manual is ready for distribution to key stakeholders.

    Activities

    4.1 Identify and assess risk responses

    4.2 Risk response cost-benefit analysis

    4.3 Create multi-year cost projections

    4.4 Review techniques for embedding risk management in IT

    4.5 Finalize the Risk Report and Risk Management Program Manual

    4.6 Transfer ownership of risk responses to project managers

    Outputs

    Risk Report

    Risk Management Program Manual

    Further reading

    Build an IT Risk Management Program

    Mitigate the IT risks that could negatively impact your organization.

    Table of Contents

    3 Executive Brief

    4 Analyst Perspective

    5 Executive Summary

    19 Phase 1: Review IT Risk Fundamentals & Governance

    43 Phase 2: Identify and Assess IT Risk

    74 Phase 3: Monitor, Communicate, and Respond to IT Risk

    102 Appendix

    108 Bibliography

    Build an IT Risk Management Program

    Mitigate the IT risks that could negatively impact your organization.

    EXECUTIVE BRIEF

    Analyst Perspective

    Siloed risks are risky business for any enterprise.

    Photo of Valence Howden, Principal Research Director, CIO Practice.
    Valence Howden
    Principal Research Director, CIO Practice
    Photo of Brittany Lutes, Senior Research Analyst, CIO Practice.
    Brittany Lutes
    Senior Research Analyst, CIO Practice

    Risk is an inherent part of life but not very well understood or executed within organizations. This has led to risk being avoided or, when it’s implemented, being performed in isolated siloes with inconsistencies in understanding of impact and terminology.

    Looking at risk in an integrated way within an organization drives a truer sense of the thresholds and levels of risks an organization is facing – making it easier to manage and leverage risk while reducing risks associated with different mitigation responses to the same risk events.

    This opens the door to using risk information – not only to prevent negative impacts but as a strategic differentiator in decision making. It helps you know which risks are worth taking, driving strong positive outcomes for your organization.

    Executive Summary

    Your Challenge

    IT has several challenges when it comes to addressing risk management:

    • Risk is unavoidable. Without a formal program to manage IT risk, you may be unaware of your severest IT risks.
    • The business could be making decisions that are not informed by risk.
    • Reacting to risks after they occur can be costly and crippling, yet it is one of the most common tactics used by IT departments.

    Common Obstacles

    Many IT organizations realize these obstacles:

    • IT risks and business risks are often addressed separately, causing inconsistencies in the approach.
    • Security risk receives such a high profile that it often eclipses other important IT risks, leaving the organization vulnerable.
    • Failing to include the business in IT risk management leaves IT leaders too accountable; the business must have accountability as well.

    Info-Tech’s Approach

    • Transform your ad hoc IT risk management processes into a formalized, ongoing program and increase risk management success.
    • Take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s greatest risks before they occur.
    • Involve key stakeholders, including the business senior management team, to gain buy-in and to focus on the IT risks most critical to the organization.

    Info-Tech Insight

    IT risk is business risk. Every IT risk has business implications. Create an IT risk management program that shares accountability with the business.

    Ad hoc approaches to managing risk fail because…

    If you are like the majority of IT departments, you do not have a consistent and comprehensive strategy for managing IT risk.

    1. Ad hoc risk management is reactionary.
    2. Ad hoc risk management is often focused only on IT security.
    3. Ad hoc risk management lacks alignment with business objectives.

    The results:

    • Increased business risk exposure caused by a lack of understanding of the impact of IT risks on the business.
    • Increased IT non-compliance, resulting in costly settlements and fines.
    • IT audit failure.
    • Ineffective management of risk caused by poor risk information and wrong risk response decisions.
    • Increased unnecessary and avoidable IT failures and fixes.

    58% of organizations still lack a systematic and robust method to actually report on risks (Source: AICPA, 2021)

    Data is an invaluable asset – ensure it’s protected

    Case Studies

    Logo for Cognyte.

    Cognyte, a vendor hired to be a cybersecurity analytics company, had over five billion records exposed in Spring 2021. The data was compromised for four days, providing attackers with plenty of opportunities to obtain personally identifying information. (SecureBlink., 2021 & Security Magazine, 2021)

    Logo for Facebook.

    Facebook, the world’s largest social media giant, had over 533 million Facebook users’ personal data breached when data sets were able to be cross-listed with one another. (Business Insider, 2021 & Security Magazine, 2021)

    Logo for MGM Resorts.

    In 2020, over 10.6 million customers experienced some sort of data being accessible, with 1,300 having serious personally identifying information breached. (The New York Times, 2020)

    Risk management is a business enabler

    Formalize risk management to increase your likelihood of success.

    By identifying areas of risk exposure and creating solutions proactively, obstacles can be removed or circumvented before they become a real problem.

    A certain amount of risk is healthy and can stimulate innovation:

    • A formal risk management strategy doesn’t mean trying to mitigate every possible risk; it means exposing the organization to the right amount of risk.
    • Taking a formal risk management approach allows an organization to thoughtfully choose which risks it is willing to accept.
    • Organizations with high risk management maturity will vault themselves ahead of the competition because they will be aware of which risks to prepare for, which risks to ignore, and which risks to take.

    Only 12% of organizations are using risk as a strategic tool most or all of the time (Source: AICPA, 2021)

    IT risk is enterprise risk

    Accountability for IT risks and the decisions made to address them should be shared between IT and the business.

    Multiple types of risk, 'Finance', 'IT', 'People', and 'Digital', funneling into 'ENTERPRISE RISKS'. IT risks have a direct and often aggregated impact on enterprise risks and opportunities in the same way other business risks can. This relationship must be understood and addressed through integrated risk management to ensure a consistent approach to risk.

    Follow the steps of this blueprint to build or optimize your IT risk management program

    Cycle of 'Goverance' beginning with '1. Identify', '2. Assess', '3. Respond', '4. Monitor', '5. Report'.

    Start Here

    PHASE 1
    Review IT Risk Fundamentals and Governance
    PHASE 2
    Identify and Assess IT Risk
    PHASE 3
    Monitor, Report, and Respond to IT Risk

    1.1

    Review IT Risk Management Fundamentals

    1.2

    Establish a Risk Governance Framework

    2.1

    Identify IT Risks

    2.2

    Assess and Prioritize IT Risks

    3.1

    Monitor IT Risks and Develop Risk Responses

    3.2

    Report IT Risk Priorities

    Integrate Risk and Use It to Your Advantage

    Accelerate and optimize your organization by leveraging meaningful risk data to make intelligent enterprise risk decisions.

    Risk management is more than checking an audit box or demonstrating project due diligence.

    Risk Drivers
    • Audit & compliance
    • Preserve value & avoid loss
    • Previous risk impact driver
    • Major transformation
    • Strategic opportunities
    Arrow pointing right. Only 7% of organizations are in a “leading” or “aspirational” level of risk maturity. (OECD, 2021) 63% of organizations struggle when it comes to defining their appetite toward strategy related risks. (“Global Risk Management Survey,” Deloitte, 2021) Late adopters of risk management were 70% more likely to use instinct over data or facts to inform an efficient process. (Clear Risk, 2020) 55% of organizations have little to no training on ERM to properly implement such practices. (AICPA, NC State Poole College of Management, 2021)
    1. Assess Enterprise Risk Maturity 3. Build a Risk Management Program Plan 4. Establish Risk Management Processes 5. Implement a Risk Management Program
    2. Determine Authority with Governance
    Unfortunately, less than 50% of those in risk focused roles are also in a governance role where they have the authority to provide risk oversight. (Governance Institute of Australia, 2020)
    IT can improve the maturity of the organization’s risk governance and help identify risk owners who have authority and accountability.

    Governance and related decision making is optimized with integrated and aligned risk data.

    List of 'Integrated Risk Maturity Categories': '1. Context & Strategic Direction', '2. Risk Culture and Authority', '3. Risk Management Process', and '4. Risk Program Optimization'. The five types of a risk in 'Enterprise Risk Management (ERM)': 'IT', 'Security', 'Digital', 'Vendor/TPRM', and 'Other'.

    ERM incorporates the different types of risk, including IT, security, digital, vendor, and other risk types.

    The program plan is meant to consider all the major risk types in a unified approach.

    The 'Risk Process' cycle starting with '1. Identify', '2. Assess', '3. Respond', '4. Monitor', '5. Report', and back to the beginning. Implementation of an integrated risk management program requires ongoing access to risk data by those with decision making authority who can take action.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverable:

    Risk Management Program Manual

    Use the tools and activities in each phase of the blueprint to create a comprehensive, customized program manual for the ongoing management of IT risk.

    Sample of the key deliverable, Risk Manangement Program Fund.
    Integrated Risk Maturity Assessment

    Assess the organization's current maturity and readiness for integrated risk management (IRM).

    Sample of the Integrated Risk Maturity Assessment blueprint. Centralized Risk Register

    The repository for all the risks that have been identified within your environment.

    Sample of the Centralized Risk Register blueprint.
    Risk Costing Tool

    A potential cost-benefit analysis of possible risk responses to determine a good method to move forward.

    Sample of the Risk Costing Tool blueprint. Risk Report & Risk Event Action Plan

    A method to report risk severity and hold risk owners accountable for chosen method of responding.

    Samples of the Risk Report & Risk Event Action Plan blueprints.

    Benefit from industry-leading best practices

    As a part of our research process, we used the COSO, ISO 31000, and COBIT 2019 frameworks. Contextualizing IT risk management within these frameworks ensured that our project-focused approach is grounded in industry-leading best practices for managing IT risk.

    Logo for COSO.

    COSO’s Enterprise Risk Management — Integrating with Strategy and Performance addresses the evolution of enterprise risk management and the need for organizations to improve their approach to managing risk to meet the demands of an evolving business environment. (COSO)

    Logo for ISO.

    ISO 31000
    Risk Management can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats, and effectively allocate and use resources for risk treatment. (ISO 31000)

    Logo for COBIT.

    COBIT 2019’s IT functions were used to develop and refine our Ten IT Risk Categories used in our top-down risk identification methodology. (COBIT 2019)

    Abandon ad hoc risk management

    A strong risk management foundation is valuable when building your IT risk management program.

    This research covers the following IT risk fundamentals:

    • Benefits of formalized risk management
    • Key terms and definitions
    • Risk management within ERM
    • Risk management independent of ERM
    • Four key principles of IT risk management
    • Importance of a risk management program manual
    • Importance of buy-in and support from the business

    Drivers of Formalized Risk Management:

    Drivers External to IT
    External Audit Internal Audit
    Mandated by ERM
    Occurrence of Risk Event
    Demonstrating IT’s value to the business Proactive initiative
    Emerging IT risk awareness
    Grassroots Drivers

    Blueprint benefits

    IT Benefits

    • Increased on-time, in-scope, and on-budget completion of IT projects.
    • Meet the business’ service requirements.
    • Improved satisfaction with IT by senior leadership and business units.
    • Fewer resources wasted on fire-fighting.
    • Improved availability, integrity, and confidentiality of sensitive data.
    • More efficient use of resources.
    • Greater ability to respond to evolving threats.

    Business Benefits

    • Reduced operational surprises or failures.
    • Improved IT flexibility when responding to risk events and market fluctuations.
    • Reduced budget uncertainty.
    • Improved ability to make decisions when developing long-term strategies.
    • Improved stakeholder and shareholder confidence.
    • Achieved compliance with external regulations.
    • Competitive advantage over organizations with immature risk management practices.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 6 to 8 calls over the course of 3 to 6 months.

    What does a typical GI on this topic look like?

      Phase 1

    • Call #1: Assess current risk maturity and organizational buy-in.
    • Call #2: Establish an IT risk council and determine IT risk management program goals.
    • Phase 2

    • Call #3: Identify the risk categories used to organize risk events.
    • Call #4: Identify the threshold for risk the organization can withstand.
    • Phase 3

    • Call #5: Create a method to assess risk event severity.
    • Call #6: Establish a method to monitor priority risks and consider possible risk responses.
    • Call #7: Communicate risk priorities to the business and implement risk management plan.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Activities
    Review IT Risk Fundamentals and Governance

    1.1 Assess current program maturity

    1.2 Complete RACI chart

    1.3 Create the IT risk council

    1.4 Identify and engage key stakeholders

    1.5 Add organization-specific risk scenarios

    1.6 Identify risk events

    Identify IT Risks

    2.1 Identify risk events (continued)

    2.2 Augment risk event list using COBIT5 processes

    2.3 Determine the threshold for (un)acceptable risk

    2.4 Create impact and probability scales

    2.5 Select a technique to measure reputational cost

    2.6 Conduct risk severity level assessment

    Assess IT Risks

    3.1 Conduct risk severity level assessment

    3.2 Document the proximity of the risk event

    3.3 Conduct expected cost assessment

    3.4 Develop key risk indicators (KRIs) and escalation protocols

    3.5 Perform root cause analysis

    3.6 Identify and assess risk responses

    Monitor, Report, and Respond to IT Risk

    4.1 Identify and assess risk responses

    4.2 Risk response cost-benefit analysis

    4.3 Create multi-year cost projections

    4.4 Review techniques for embedding risk management in IT

    4.5 Finalize the Risk Report and Risk Management Program Manual

    4.6 Transfer ownership of risk responses to project managers

    Next Steps and Wrap-Up (offsite)

    5.1 Complete in-progress deliverables from previous four days

    5.2 Set up review time for workshop deliverables and to discuss next steps

    Outcomes
    1. Maturity Assessment
    2. Risk Management Program Manual
    1. Finalized List of IT Risk Events
    2. Risk Register
    3. Risk Management Program Manual
    1. Risk Register
    2. Risk Event Action Plans
    3. Risk Management Program Manual
    1. Risk Report
    2. Risk Management Program Manual
    1. Workshop Report
    2. Risk Management Program Manual

    Build an IT Risk Management Program

    Phase 1

    Review IT Risk Fundamentals and Governance

    Phase 1

    • 1.1 Review IT Risk Management Fundamentals
    • 1.2 Establish a Risk Governance Framework

    Phase 2

    • 2.1 Identify IT Risks
    • 2.2 Assess and Prioritize IT Risks

    Phase 3

    • 3.1 Develop Risk Responses and Monitor IT Risks
    • 3.2 Report IT Risk Priorities

    This phase will walk you through the following activities:

    • Gain buy-in from senior leadership
    • Assess current program maturity
    • Identify obstacles and pain points
    • Determine the risk culture of the organization
    • Develop risk management goals
    • Develop SMART project metrics
    • Create the IT risk council
    • Complete a RACI chart

    This phase involves the following participants:

    • IT executive leadership
    • Business executive leadership

    Step 1.1

    Review IT Risk Management Fundamentals

    Activities
    • 1.1.1 Gain buy-in from senior leadership
    • 1.1.2 Assess current program maturity

    This step involves the following participants:

    • IT executive leadership
    • Business executive leadership

    Outcomes of this step

    • Reviewed key IT principles and terminology
    • Gained understanding of the relationship between IT risk management and ERM
    • Introduced to Info-Tech’s IT Risk Management Framework
    • Obtained the support of senior leadership
    Step 1.1 Step 1.2

    Effective IT risk management is possible with or without ERM

    Whether or not your organization has ERM, integrating your IT risk management program with the business is possible.

    Most IT departments find themselves in one of these two organizational frameworks for managing IT risk:

    Core Responsibilities With an ERM Without an ERM
    • Risk Decision-Making Authority
    • Final Accountability
    Senior Leadership Team Senior Leadership Team
    • Risk Governance
    • Risk Prioritization & Communication
    ERM IT Risk Management
    • Risk Identification
    • Risk Assessment
    • Risk Monitoring
    IT Risk Management
    Pro: IT’s risk management responsibilities are defined (assessment schedules, escalation and reporting procedures).
    Con: IT may lack autonomy to implement IT risk management best practices.
    Pro: IT is free to create its own IT risk council and develop customized processes that serve its unique needs.
    Con: Lack of clear reporting procedures and mechanisms to share accountability with the business.

    Info-Tech’s IT risk management framework walks you through each step to achieve risk readiness

    IT Risk Management Framework

    Risk Governance
    • Optimize Risk Management Processes
    • Assess Risk Maturity
    • Measure the Success of the Program
    A cycle surrounds the words 'Business Objectives', referring to the surrounding lists. On the top half is 'Communication', and the bottom is 'Monitoring'. Risk Identification
    • Engage Stakeholder Participation
    • Use Risk Identification Frameworks
    • Compile IT-Related Risks
    Risk Response
    • Establish Monitoring Responsibilities
    • Perform Cost-Benefit Analysis
    • Report Risk Response Actions
    Risk Assessment
    • Establish Thresholds for Unacceptable Risk
    • Calculate Expected Cost
    • Determine Risk Severity & Prioritize IT Risks

    Effective IT risk management benefits

    Obtain the support of the senior leadership team or IT steering committee by communicating how IT risk impacts their priorities.

    Risk management benefits To engage the business...
    IT is compliant with external laws and regulations. Identify the industry or legal legislation and regulations your organization abides by.
    IT provides support for business compliance. Find relevant business compliance issues, and relate compliance failures to cost.
    IT regularly communicates costs, benefits, and risks to the business. Acknowledge the number of times IT and the business miscommunicate critical information.
    Information and processing infrastructure are very secure. Point to past security breaches or potential vulnerabilities in your systems.
    IT services are usually delivered in line with business requirements. Bring up IT services that the business was unsatisfied with. Explain that their inputs in identifying risks are correlated with project quality.
    IT related business risks are managed very well. Make it clear that with no risk tracking process, business processes become exposed and tend to slow down.
    IT projects are completed on time and within budget. Point out late or over-budget projects due to the occurrence of unforeseen risks.

    1.1.1 Gain buy-in from senior leadership

    1-4 hours

    Input: List of IT personnel and business stakeholders

    Output: Buy-in from senior leadership for an IT risk management program

    Materials: Risk Management Program Manual

    Participants: IT executive leadership, Business executive leadership

    The resource demands of IT risk management will vary from organization to organization. Here are typical requirements:

    • Occasional participation of key IT personnel and select business stakeholders in IT risk council meetings (e.g. once every two weeks).
    • Periodic risk assessments (e.g. 4 days, twice a year).
    • IT personnel must take on risk monitoring responsibilities (e.g. 1-4 hours per week).
    • Record the results in the Program Manual sections 3.3, 3.4 and 3.5.

    Record the results in the Risk Management Program Manual.

    Integrated Risk Maturity Assessment

    The purpose of the Integrated Risk Maturity Assessment is to assess the organization's current maturity and readiness for integrated risk management (IRM)

    Frequently and continually assessing your organization’s maturity toward integrated risk ensures the right risk management program can be adopted by your organization.

    Integrated Risk Maturity Assessment
    A simple tool to understand if your organization is ready to embrace integrated risk management by measuring maturity across four key categories: Context & Strategic Direction, Risk Culture & Authority, Risk Management Process, and Risk Program Optimization.
    Sample of the Integrated Risk Maturity Assessment deliverable.

    Use the results from this integrated risk maturity assessment to determine the type of risk management program that can and should be adopted by your organizations.

    Some organizations will need to remain siloed and focused on IT risk management only, while others will be able to integrate risk-related information to start enabling automatic controls that respond to this data.

    1.1.2 Assess current program maturity

    1-4 hours

    Input: List of IT personnel and business stakeholders

    Output: Maturity scores across four key risk categories

    Materials: Integrated Risk Maturity Assessment Tool

    Participants: IT executive leadership, Business executive leadership

    This assessment is intended for frequent use; process completeness should be re-evaluated on a regular basis.

    How to Use This Assessment:

    1. Download the Integrated Risk Management Maturity Assessment Tool.
    2. Tab 2, "Data Entry:" This is a qualitative assessment of your integrated risk management process and is organized by the categories of integrated risk maturity. You will be asked to rate the extent to which you are executing the activities required to successfully complete each phase of the assessment. Use the drop-down menus provided to select the appropriate level of execution for each activity listed.
    3. Tab 3, "Results:" This tab will display your rate of IRM completeness/maturity. You will receive a score for each category as well as an overall score. The results will be displayed numerically, by percentage, and graphically.

    Record the results in the Integrated Risk Maturity Assessment.

    Integrated Risk Maturity Categories

    Semi-circle with colored points indicating four categories.

    1

    Context & Strategic Direction Understanding of the organization’s main objectives and how risk can support or enhance those objectives.

    2

    Risk Culture and Authority Examine if risk-based decisions are being made by those with the right level of authority and if the organization’s risk appetite is embedded in the culture.

    3

    Risk Management Process Determine if the current process to identify, assess, respond to, monitor, and report on risks is benefitting the organization.

    4

    Risk Program Optimization Consider opportunities where risk-related data is being gathered, reported, and used to make informed decisions across the enterprise.

    Step 1.2

    Establish a Risk Governance Framework

    Activities
    • 1.2.1 Identify pain points/obstacles and opportunities
    • 1.2.2 Determine the risk culture of the organization
    • 1.2.3 Develop risk management goals
    • 1.2.4 Develop SMART project metrics
    • 1.2.5 Create the IT risk council
    • 1.2.6 Complete a RACI chart

    This step involves the following participants:

    • IT executive leadership
    • Business executive leadership

    Outcomes of this step

    • Developed goals for the risk management program
    • Established the IT risk council
    • Assigned accountability and responsibility for risk management processes

    Review IT Risk Fundamentals and Governance

    Step 1.1 Step 1.2

    Create an IT risk governance framework that integrates with the business

    Follow these best practices to make sure your requirements are solid:

    1. Self-assess your current approach to IT risk management.
    2. Identify organizational obstacles and set attainable risk management goals.
    3. Track the effectiveness and success of the program using SMART risk management metrics.
    4. Establish an IT risk council tasked with managing IT risk.
    5. Set clear risk management accountabilities and responsibilities for IT and business stakeholders.

    Key metrics for your IT risk governance framework

    Challenges:
    • Key stakeholders are left out or consulted once risks have already occurred.
    • Failure to employ consistent risk identification methodologies results in omitted and unknown risks.
    • Risk assessments do not reflect organizational priorities and may not align with thresholds for acceptable risk.
    • Risk assessment occurs sporadically or only after a major risk event has already occurred.
    Key metrics:
    • Number of risk management processes done ad hoc.
    • Frequency that IT risk appears as an agenda item at IT steering committee meetings.
    • Percentage of IT employees whose performance evaluations reflect risk management objectives.
    • Percentage of IT risk council members who are trained in risk management activities.
    • Number of open positions in the IT risk council.
    • Cost of risk management program operations per year.

    Info-Tech Insight

    Metrics provide the foundation for determining the success of your IT risk management program and ensure ongoing funding to support appropriate risk responses.

    IT risk management success factors

    Support and sponsorship from senior leadership

    IT risk management has more success when initiated by a member of the senior leadership team or the board, rather than emerging from IT as a grassroots initiative.

    Sponsorship increases the likelihood that risk management is prioritized and receives the necessary resources and attention. It also ensures that IT risk accountability is assumed by senior leadership.

    Risk culture and awareness

    A risk-aware organizational culture embraces new policies and processes that reflect a proactive approach to risk.

    An organization with a risk-aware culture is better equipped to facilitate communication vertically within the organization.

    Risk awareness can be embedded by revising job descriptions and performance assessments to reflect IT risk management responsibilities.

    Organization size

    Smaller organizations can often institute a mature risk management program much more quickly than larger organizations.

    It is common for key personnel within smaller organizations to be responsible for multiple roles associated with risk management, making it easier to integrate IT and business risk management.

    Larger organizations may find it more difficult to integrate a more complex and dispersed network of individuals responsible for various risk management responsibilities.

    1.2.1 Identify obstacles and pain points

    1-4 hours

    Input: Integrated Risk Maturity Assessment

    Output: Obstacles and pain points identified

    Materials: IT Risk Management Success Factors

    Participants: IT executive leadership, Business executive leadership

    Anticipate potential challenges and “blind spots” by determining which success factors are missing from your current situation.

    Instructions:

    1. List the potential obstacles and missing success factors that you must overcome to effectively manage IT risk and build a risk management program.
    2. Consider some opportunities that could be leveraged to increase the success of this program.
    3. Use this list in Activity 1.2.3 to develop program goals.

    Risk Management

    Replace the example pain points and opportunities with real scenarios in your organization.

    Pain Points/Obstacles
    • Lack of leadership buy-in
    • Skills and understanding around risk management within IT
    • Skills and understanding around risk management within the organization
    • Lack of a defined risk management posture
    Opportunities
    • Changes in regulations related to risk
    • Organization moving toward an integrated risk management program
    • Ability to leverage lessons learned from similar companies
    • Strong process management and adherence to policies by employees in the organization

    1.2.2 Determine the risk culture of your organization

    1-3 hours

    Determine how your organization fits the criteria listed below. Descriptions and examples do not have to match your organization perfectly.

    Risk Tolerant
    • You have no compliance requirements.
    • You have no sensitive data.
    • Customers do not expect you to have strong security controls.
    • Revenue generation and innovative products take priority and risk is acceptable.
    • The organization does not have remote locations.
    • It is likely that your organization does not operate within the following industries:
      • Finance
      • Health care
      • Telecom
      • Government
      • Research
      • Education
    Moderate
    • You have some compliance requirements, e.g.:
      • HIPAA
      • PIPEDA
    • You have sensitive data, and are required to retain records.
    • Customers expect strong security controls.
    • Information security is visible to senior leadership.
    • The organization has some remote locations.
    • Your organization most likely operates within the following industries:
      • Government
      • Research
      • Education
    Risk Averse
    • You have multiple, strict compliance and/or regulatory requirements.
    • You house sensitive data, such as medical records.
    • Customers expect your organization to maintain strong and current security controls.
    • Information security is highly visible to senior management and public investors.
    • The organization has multiple remote locations.
    • Your organization operates within the following industries:
      • Finance
      • Healthcare
      • Telecom

    Be aware of the organization’s attitude towards risk

    Risk culture is an organization’s attitude towards taking risks. This attitude manifests itself in two ways:

    One element of risk culture is what levels of risk the organization is willing to accept to pursue its objectives and what levels of risk are deemed unacceptable. This is often called risk appetite.
    Risk tolerant

    Risk-tolerant organizations embrace the potential of accelerating growth and the attainment of business objectives by taking calculated risks.

    Risk averse

    Risk-averse organizations prefer consistent, gradual growth and goal attainment by embracing a more cautious stance toward risk.

    The other component of risk culture is the degree to which risk factors into decision making.
    Risk conscious

    Risk-conscious organizations place a high priority on being aware of all risks impacting business objectives, regardless of whether they choose to accept or respond to those risks.

    Unaware

    Organizations that are largely unaware of the impact of risk generally believe there are few major risks impacting business objectives and choose to invest resources elsewhere.

    Info-Tech Insight

    Organizations typically fall in the middle of these spectrums. While risk culture will vary depending on the industry and maturity of the organization, a culture with a balanced risk appetite that is extremely risk conscious is able to make creative, dynamic decisions with reasonable limits placed on risk-related decision making.

    1.2.3 Develop goals for the IT risk management program

    1-4 hours

    Input: Integrated Risk Maturity Assessment, Risk Culture, Pain Points and Opportunities

    Output: Goals for the IT risk management program

    Materials: Risk Management Program Manual

    Participants: IT executive leadership, Business executive leadership

    Translate your maturity assessment and knowledge about organizational risk culture, potential obstacles, and success factors to develop goals for your IT risk management program.

    Instructions:

    1. In the Risk Management Program Manual, revise, replace, or add to the high-level goals provided in section 2.4.
    2. Make sure that you have three to five high-level goals that reflect the current and targeted maturity of IT risk management processes.
    3. Integrate potential obstacles, pain points, and insights from the organization’s risk culture.

    Record the results in the Risk Management Program Manual.

    1.2.4 Develop SMART project metrics

    1-3 hours

    Create metrics for measuring the success of the IT risk management program.

    Ensure that all success metrics are SMART Instructions
    1. Document a list of appropriate metrics to assess the success of the IT risk management program on a whiteboard.
    2. Use the sample metrics listed in the table on the next slide as a starting point.
    3. Fill in the chart to indicate the:
      1. Name of the success metric
      2. Method for measuring success
      3. Baseline measurement
      4. Target measurement
      5. Actual measurements at various points throughout the process of improving the risk management program
      6. A deadline for each metric to meet the target measurement
    Strong Make sure the objective is clear and detailed.
    Measurable Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.
    Actionable Objectives become actionable when specific initiatives designed to achieve the objective are identified.
    Realistic Objectives must be achievable given your current resources or known available resources.
    Time-Bound An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.

    1.2.4 Develop SMART project metrics (continued)

    1-3 hours

    Attach metrics to your goals to gauge the success of the IT risk management program.

    Replace the example metrics with accurate KPIs or metrics for your organization.

    Sample Metrics
    Name Method Baseline Target Deadline Checkpoint 1 Checkpoint 2 Final
    Number of risks identified (per year) Risk register 0 100 Dec. 31
    Number of business units represented (risk identification) Meeting minutes 0 5 Dec. 31
    Frequency of risk assessment Assessments recorded in risk management program manual 0 2 per year Year 2
    Percentage of identified risk events that undergo expected cost assessment Ratio of risks assessed in the risk costing tool to risks assessed in the risk register 0 20% Dec. 31
    Number of top risks without an identified risk response Risk register 5 0 March 1
    Cost of risk management program operations per year Meeting frequency and duration, multiplied by the cost of participation $2,000 $5,000 Dec. 31

    Create the IT risk committee (ITRC)

    Responsibilities of the ITRC:
    1. Formalize risk management processes.
    2. Identify and review major risks throughout the IT department.
    3. Recommend an appropriate risk appetite or level of exposure.
    4. Review the assessment of the impact and likelihood of identified risks.
    5. Review the prioritized list of risks.
    6. Create a mitigation plan to minimize risk likelihood and impact.
    7. Review and communicate overall risk impact and risk management success.
    8. Assign risk ownership responsibilities of key risks to ensure key risks are monitored and risk responses are effectively implemented.
    9. Address any concerns in regards to the risk management program, including, but not limited to, reviewing their risk management duties and resourcing.
    10. Communicate risk reports to senior management annually.
    11. Make any alterations to the committee roster and the individuals’ responsibilities as needed and document changes.
    Must be on the ITRC:
    • CIO
    • CRO (if applicable)
    • Senior Directors
    • Security Officer
    • Head of Operations

    Must be on the ITRC:

    • CFO
    • Senior representation from every business unit impacted by IT risk

    1.2.5 Create the IT risk council

    1-4 hours

    Input: List of IT personnel and business stakeholders

    Output: Goals for the IT risk management program

    Materials: Risk Management Program Manual

    Participants: CIO, CRO (if applicable), Senior Directors, Head of Operations

    Identify the essential individuals from both the IT department and the business to create a permanent committee that meets regularly and carries out IT risk management activities.

    Instructions:

    1. Review sections 3.1 (Mandate) and 3.2 (Agenda and Responsibilities) of the IT Risk Committee Charter, located in the Risk Management Program Manual. Make any necessary revisions.
    2. In section 3.3, document how frequently the council is scheduled to meet.
    3. In section 3.4, document members of the IT risk council.
    4. Obtain sign-off for the IT risk council from the CIO or another member of the senior leadership team in section 3.5 of the manual.

    Record the results in the Risk Management Program Manual.

    1.2.6 Complete RACI chart

    1-3 hours

    A RACI diagram is a useful visualization that identifies redundancies and ensures that every role, project, or task has an accountable party.

    RACI is an acronym made up of four participatory roles: Instructions
    1. Use the template provided on the following slide, and add key stakeholders who do not appear and are relevant for your organization.
    2. For each activity, assign each stakeholder a letter.
    3. There must be an accountable party for each activity (every activity must have an “A”).
    4. For activities that do not apply to a particular stakeholder, leave the space blank.
    5. Once the chart is complete, copy/paste it into section 4.1 of the Risk Management Program Manual.
    Responsible Stakeholders who undertake the activity.
    Accountable Stakeholders who are held responsible for failure or take credit for success.
    Consulted Stakeholders whose opinions are sought.
    Informed Stakeholders who receive updates.

    1.2.6 Complete RACI chart (continued)

    1-3 hours

    Assign risk management accountabilities and responsibilities to key stakeholders:

    Stakeholder Coordination Risk Identification Risk Thresholds Risk Assessment Identify Responses Cost-Benefit Analysis Monitoring Risk Decision Making
    ITRC A R I R R R A C
    ERM C I C I I I I C
    CIO I A A A A A I R
    CRO I R C I R
    CFO I R C I R
    CEO I R C I A
    Business Units I C C C
    IT I I I I I I R C
    PMO C C C
    Legend: Responsible Accountable Consulted Informed

    Build an IT Risk Management Program

    Phase 2

    Identify and Assess IT Risk

    Phase 1

    • 1.1 Review IT Risk Management Fundamentals
    • 1.2 Establish a Risk Governance Framework

    Phase 2

    • 2.1 Identify IT Risks
    • 2.2 Assess and Prioritize IT Risks

    Phase 3

    • 3.1 Develop Risk Responses and Monitor IT Risks
    • 3.2 Report IT Risk Priorities

    This phase will walk you through the following activities:

    • Add organization-specific risk scenarios
    • Identify risk events
    • Augment risk event list using COBIT 2019 processes
    • Conduct a PESTLE analysis
    • Determine the threshold for (un)acceptable risk
    • Create a financial impact assessment scale
    • Select a technique to measure reputational cost
    • Create a likelihood scale
    • Assess risk severity level
    • Assess expected cost

    This phase involves the following participants:

    • IT risk council
    • Relevant business stakeholders
    • Representation from senior management team
    • Business Risk Owners

    Step 2.1

    Identify IT Risks

    Activities
    • 2.1.1 Add organization-specific risk scenarios
    • 2.1.2 Identify risk events
    • 2.1.3 Augment risk event list using COBIT 19 processes
    • 2.1.4 Conduct a PESTLE analysis

    This step involves the following participants:

    • IT executive leadership
    • IT Risk Council
    • Business executive leadership
    • Business risk owners

    Outcomes of this step

    • Participation of key stakeholders
    • Comprehensive list of IT risk events
    Identify and Assess IT Risk
    Step 2.1 Step 2.2

    Get to know what you don’t know

    1. Engage the right stakeholders in risk identification.
    2. Employ Info-Tech’s top-down approach to risk identification.
    3. Augment your risk event list using alternative frameworks.
    Key metrics:
    • Total risks identified
    • New risks identified
    • Frequency of updates to the Risk Register Tool
    • Number of realized risk events not identified in the Risk Register Tool
    • Level of business participation in enterprise IT risk identification
      • Number of business units represented
      • Number of meetings attended in person
      • Number of risk reports received

    Info-Tech Insight

    What you don’t know CAN hurt you. How do you identify IT-related threats and vulnerabilities that you are not already aware of? Now that you have created a strong risk governance framework that formalizes risk management within IT and connects it to the enterprise, follow the steps outlined in this section to reveal all of IT’s risks.

    Engage key stakeholders

    Ensure that all key risks are identified by engaging key business stakeholders.

    Benefits of obtaining business involvement during the risk identification stage:
    • You will identify risk events you had not considered or you weren’t aware of.
    • You will identify risks more accurately.
    • Risk identification is an opportunity to raise awareness of IT risk management early in the process.

    Executive Participation:

    • CIO participation is integral when building a comprehensive register of risk events impacting IT.
    • CIOs and IT directors possess a holistic view of all of IT’s functions.
    • CIOs and IT directors are uniquely placed to identify how IT affects other business units and the attainment of business objectives. If applicable, CRO and CTO participation is also critical.

    Prioritizing and Selecting Stakeholders

    1. Reliance on IT services and technologies to achieve business objectives.
    2. Relationship with IT, and willingness to engage in risk management activities.
    3. Unique perspectives, skills, and experiences that IT may not possess.

    Info-Tech Insight

    While IT personnel are better equipped to identify IT risk than anyone, IT does not always have an accurate view of the business’ exposure to IT risk. Strive to maintain a 3 to 1 ratio of IT to non-IT personnel involved in the process.

    Enable IT to target risk holistically

    Take a top-down approach to risk identification to guide brainstorming

    Info-Tech’s risk categories are consistent with a risk identification method called Risk Prompting.

    A risk prompt list is a list that categorizes risks into types or areas. The n10 risk categories encapsulate the services, activities, responsibilities, and functions of most IT departments. Use these categories and the example risk scenarios provided as prompts to guide brainstorming and organize risks.

    Risk Category: High-level groupings that describe risk pertaining to major IT functions. See the following slide for all ten of Info-Tech’s IT risk categories. Risk Scenario: An abstract profile representing common risk groups that are more specific than risk categories. Typically, organizations are able to identify two to five scenarios for each category. Risk Event: Specific threats and vulnerabilities that fall under a particular risk scenario. Organizations are able to identify anywhere between 1 and 20 events for each scenario. See the Appendix of the Risk Management Program Manual for a list of risk event examples.

    Risk Category

    Risk Scenario

    Risk Event

    Compliance Regulatory compliance Being fined for not complying/being aware of a new regulation.
    Externally originated attack Phishing attack on the organization.
    Operational Technology evaluation & selection Partnering with a vendor that is not in compliance with a key regulation.
    Capacity planning Not having sufficient resources to support a DRP.
    Third-Party Risk Vendor management Vendor performance requirements are improperly defined.
    Vendor selection Vendors are improperly selected to meet the defined use case.

    2.1.1 Add organization-specific risk scenarios

    1-3 hours

    Review Info-Tech’s ten IT risk categories and add risk scenarios to the examples provided.

    IT Reputational
    • Negative PR
    • Consumers writing negative reviews
    • Employees writing negative reviews
    IT Financial
    • Stock prices drop
    • Value of the organization is reduced
    IT Strategic
    • Organization prioritizes innovation but remains focused on operational
    • Unable to access data to support strategic initiative
    Operational
    • Enterprise architecture
    • Technology evaluation and selection
    • Capacity planning
    • Operational errors
    Availability
    • Power outage
    • Increased data workload
    • Single source of truth
    • Lacking knowledge transfer processes for critical tasks
    Performance
    • Network failure
    • Service levels not being met
    • Capacity overload
    Compliance
    • Regulatory compliance
    • Standards compliance
    • Audit compliance
    Security
    • Malware
    • Internally originated attack
    Third Party
    • Vendor selection
    • Vendor management
    • Contract termination
    Digital
    • No back-up process if automation fails

    2.1.2 Identify risk events

    1-4 hours

    Input: IT risk categories

    Output: Risk events identified and categorized

    Materials: Risk Register Tool

    Participants: IT risk council, Relevant business stakeholders, Representation from senior management team, Business risk owners, CRO (if applicable)

    Use Info-Tech’s IT risk categories and scenarios to brainstorm a comprehensive list of IT-related threats and vulnerabilities impacting your organization.

    Instructions:

    1. Document risk events in the Risk Register Tool.
    2. List risk scenarios (organized by risk category) in the Risk Events/Threats column.
    3. Disseminate the list to key stakeholders who were unable to participate and solicit their feedback.
      • Consult the RACI chart located in section 4.1 of the Risk Management Program Manual.
    4. Attack one scenario at a time, exhausting all realistic risk events for that grouping before moving onto the next scenario. Each scenario should take approximately 45-60 minutes.

    Tip: If disagreement arises regarding whether a specific risk event is relevant to the organization or not and it cannot be resolved quickly, include it in the list. The applicability of these risks will become apparent during the assessment process.

    Record the results in the Risk Register Tool.

    2.1.3 Augment the risk event list using COBIT 2019 processes (Optional)

    1-3 hours

    Other industry-leading frameworks provide alternative ways of conceptualizing the functions and responsibilities of IT and may help you uncover additional risk events.

    1. Managed IT Management Framework
    2. Managed Strategy
    3. Managed Enterprise Architecture
    4. Managed Innovation
    5. Managed Portfolio
    6. Managed Budget and Costs
    7. Managed Human Resources
    8. Managed Relationships
    9. Managed Service Agreements
    10. Managed Vendors
    11. Managed Quality
    12. Managed Risk
    13. Managed Security
    14. Managed Data
    15. Managed Programs
    16. Managed Requirements Definition
    17. Managed Solutions Identification and Build
    18. Managed Availability and Capacity
    19. Managed Organizational Change Enablement
    20. Managed IT Changes
    1. Managed IT Change Acceptance and Transitioning
    2. Managed Knowledge
    3. Managed Assets
    4. Managed Configuration
    5. Managed Projects
    6. Managed Operations
    7. Managed Service Requests and Incidents
    8. Managed Problems
    9. Managed Continuity
    10. Managed Security Services
    11. Managed Business Process Controls
    12. Managed Performance and Conformance Monitoring
    13. Managed System of Internal Control
    14. Managed Compliance with External Requirements
    15. Managed Assurance
    16. Ensured Governance Framework Setting and Maintenance
    17. Ensured Benefits Delivery
    18. Ensured Risk Optimization
    19. Ensured Resource Optimization
    20. Ensured Stakeholder Engagement

    Instructions:

    1. Review COBIT 2019’s 40 IT processes and identify additional risk events.
    2. Match risk events to the corresponding risk category and scenario and add them to the Risk Register Tool.

    2.1.4 Finalize your risk register by conducting a PESTLE analysis (Optional)

    1-3 hours

    Explore alternative identification techniques to incorporate external factors and avoid “groupthink.”

    Consider the External Environment – PESTLE Analysis

    Despite efforts to encourage equal participation in the risk identification process, key risks may not have been shared in previous exercises.

    Conduct a PESTLE analysis as a final safety net to ensure that all key risk events have been identified.

    Avoid “Groupthink” – Nominal Group Technique

    The Nominal Group Technique uses the silent generation of ideas and an enforced “safe” period of time where ideas are shared but not discussed to encourage judgement-free idea generation.

    • Ideas are generated silently and independently.
    • Ideas are then shared and documented; however, discussion is delayed until all of the group’s ideas have been recorded.
    • Idea generation can occur before the meeting and be kept anonymous.

    Note: Employing either of these techniques will lengthen an already time-consuming process. Only consider these techniques if you have concerns regarding the homogeneity of the ideas being generated or if select individuals are dominating the exercise.

    List the following factors influencing the risk event:
    • Political factors
    • Economic factors
    • Social factors
    • Technological factors
    • Legal factors
    • Environmental factors
    'PESTLE Analysis' presented as a wheel with the acronym's meanings surrounding the title. 'Political Factors', 'Economic Factors', 'Social Factors', 'Technological Factors', 'Legal Factors', and 'Environmental Factors'.

    Step 2.2

    Assess and Prioritize IT Risks

    Activities
    • 2.2.1 Determine the threshold for (un)acceptable risk
    • 2.2.2 Create a financial impact assessment scale
    • 2.2.3 Select a technique to measure reputational cost
    • 2.2.4 Create a likelihood scale
    • 2.2.5 Risk severity level assessment
    • 2.2.6 Expected cost assessment

    This step involves the following participants:

    • IT risk council
    • Relevant business stakeholders
    • Representation from senior management team
    • Business risk owners

    Outcomes of this step

    • Business-approved thresholds for unacceptable risk
    • Completed Risk Register Tool with risks prioritized according to severity
    • Expected cost calculations for high-priority risks

    Identify and Assess IT Risk

    Step 2.1 Step 2.2

    Reveal the organization’s greatest IT threats and vulnerabilities

    1. Establish business-approved risk thresholds for acceptable and unacceptable risk.
    2. Conduct a streamlined assessment of all risks to separate acceptable and unacceptable risks.
    3. Perform a deeper, cost-based assessment of prioritized risks.
    Key metrics:
    • Frequency of IT risk assessments
      • (Annually, bi-annually, etc.)
    • Assessment accuracy
      • Percentage of risk assessments that are substantiated by later occurrences or testing
      • Ratio of cumulative actual costs to expected costs
    • Assessment consistency
      • Percentage of risk assessments that are substantiated by third-party audit
    • Assessment rigor
      • Percentage of identified risk events that undergo first-level assessment (severity scores)
      • Percentage of identified risk events that undergo second-level assessment (expected cost)
    • Stakeholder oversight and participation
      • Level of executive participation in IT risk assessment (attend in person, receive report, etc.)
      • Number of business stakeholder reviews per risk assessment

    Info-Tech Insight

    Risk is money. It’s impossible to make intelligent decisions about risks without knowing what their financial impact will be.

    Review risk assessment fundamentals

    Risk assessment provides you with the raw materials to conduct an informed cost-benefit analysis and make robust risk response decisions.

    In this section, you will be prioritizing your IT risks according to their risk severity, which is a reflection of their expected cost.

    Calculating risk severity

    How much you expect a risk event to cost if it were to occur:

    Likelihood of Risk Impact

    e.g. $250,000 or “High”

    X

    Calibrated by how likely the risk is to occur:

    Likelihood of Risk Occurrence

    e.g. 10% or “Low”

    =

    Produces a dollar value or “severity level” for comparing risks:

    Risk Severity

    e.g. $25,000 or “Medium”
    Which must be evaluated against thresholds for acceptable risk and the cost of risk responses.

    Risk Tolerance
    Risk Response

    CBA
    Cost-benefit analysis

    Maintain the engagement of key stakeholders in the risk assessment process

    1

    Engage the Business During Assessment Process

    Asking business stakeholders to make significant contributions to the assessment exercise may be unrealistic (particularly for members of the senior leadership team, other than the CIO).

    Ensure that they work with you to finalize thresholds for acceptable or unacceptable risk.

    2

    Verify the Risk Impact and Assessment

    If IT has ranked risk events appropriately, the business will be more likely to offer their input. Share impact and likelihood values for key risks to see if they agree with the calculated risk severity scores.

    3

    Identify Where the Business Focuses Attention

    While verifying, pay attention to the risk events that the business stresses as key risks. Keep these risks in mind when prioritizing risk responses as they are more likely to receive funding.

    Try to communicate the assessments of these risk events in terms of expected cost to attract the attention of business leaders.

    Info-Tech Insight

    If business executives still won’t provide the necessary information to update your initial risk assessments, IT should approach business unit leaders and lower-level management. Lean on strong relationships forged over time between IT and business managers or supervisors to obtain any additional information.

    Info-Tech recommends a two-level approach to risk assessment

    Review the two levels of risk assessment offered in this blueprint.

    Risk severity level assessment (mandatory)

    1

    Information

    Number of risks: Assess all risk events identified in Phase 1.
    Units of measurement: Use customized likelihood and impact “levels.”
    Time required: One to five minutes per risk event.

    Assess Likelihood

    Negligible
    Low
    Moderate
    High
    Very High

    X

    Assess Likelihood

    Negligible
    Low
    Moderate
    High
    Very High

    =

    Output


    Risk Security Level:

    Moderate

    Example of a risk severity level assessment chart.
    Chart risk events according to risk severity as this allows you to organize and prioritize IT risks.

    Assess all of your identified risk events with a risk severity-level assessment.

    • By creating a likelihood and impact assessment scale divided into three to nine “levels” (sometimes referred to as “buckets”), you can evaluate every risk event quickly while being confident that risks are being assessed accurately.
    • In the following activities, you will create likelihood and impact scales that align with your organizational risk appetite and tolerance.
    • Severity-level assessment is a “first pass” of your risk list, revealing your organization’s most severe IT risks, which can be assessed in greater detail by incorporating expected cost into your evaluation.

    Info-Tech recommends a two-level approach to risk assessment (continued)

    Expected cost assessment (optional)

    2

    Information

    Number of risks: Only assess high-priority risks revealed by severity-level assessment.
    Units of measurement: Use actual likelihood values (%) and impact costs ($).
    Time required: 10-20 minutes per risk event.

    Assess Likelihood

    15%

    Moderate

    X

    Assess Likelihood

    $100,000

    High

    =

    Output


    Expected Cost:

    $15,000

    Expected cost is useful for conducting cost-benefit analysis and comparing IT risks to non-IT risks and other budget priorities for the business.

    Conduct expected cost assessments for IT’s greatest risks.

    For risk events warranting further analysis, translate risk severity levels into hard expected-cost numbers.

    Why conduct expected cost assessments?
    • Expected cost represents how much you would expect to pay in an average year for each risk event.
    • Communicate risk priorities to the business in language they can understand.
    • While risk severity levels are useful for comparing one IT risk to another, expected cost data allows the business to compare IT risks to non-IT risks that may not use the same scales.
    Why is expected cost assessment optional?
    • Determining robust likelihood values and precise impact estimates can be challenging and time consuming.
    • Some risk events may require extensive data gathering and industry analysis.

    Implement and leverage a centralized risk register

    The purpose of the risk register is to act as the repository for all the risks that have been identified within your environment.

    Use this tool to:

    1. Collect and maintain a repository for all IT risk events impacting the organization and relevant information for each risk.
      • Capture all relevant IT risk information in one location.
      • Organize risk identification and assessment information for transparent risk management, stakeholder review, and/or internal audit.
    2. Calculate risk severity scores to prioritize risk events and determine which risks require a risk response.
      • Separate acceptable and unacceptable risks (as determined by the business).
      • Rank risks based on severity levels.
    3. Assess risk responses and calculate residual risk.
      • Evaluate the effect that proposed risk response actions will have on top risk events and quantify residual risk magnitude.
      • This step will be completed in section 3.1

    2.2.1 Determine the threshold for (un)acceptable risk

    1-4 hours

    Input: Risk events, Risk appetite

    Output: Threshold for risk identified

    Materials: Risk Register Tool, Risk Management Program Manual

    Participants: IT risk council, Relevant business stakeholders, Representation from senior management team, Business risk owner

    Instructions:

    There are times when the business needs to know about IT risks with high expected costs.

    1. Create an expected cost threshold that defines what constitutes an acceptable and unacceptable risk for the organization. This figure should be a concrete dollar value. In the next exercises, you will build risk impact and likelihood scales with this value in mind, ensuring that “high” or “extreme” risks are immediately communicated to senior leadership.
    2. Do not consider IT budget restrictions when developing this number. The acceptable risk threshold should reflect the business’ tolerance/appetite for risk.

    This threshold is typically based on the organization’s ability to absorb financial losses, and its tolerance/appetite towards risk.

    If your organization has ERM, adopt the existing acceptability threshold.

    Record this threshold in section 5.3 of the Risk Management Program Manual

    2.2.2 Create a financial impact assessment scale

    1-4 hours

    Input: Risk events, Risk threshold

    Output: Financial impact scale created

    Materials: Risk Register Tool, Risk Management Program Manual

    Participants: IT risk council, Relevant business stakeholders, Representation from senior management team, Business risk owner

    Instructions:

    1. Create a scale to assess the financial impact of risk events.
      • Typically, risk impacts are assessed on a scale of 1-5; however, some organizations may prefer to assess risks using 3, 4, 7, or 9-point scales.
    2. Ensure that the unacceptable risk threshold is reflected in the scale.
      • In the example provided, the unacceptable risk threshold ($100,000) is represented as “High” on the impact scale.
    3. Attach labels to each point on the scale. Effective labels will easily distinguish between risks on either side of the unacceptable risk threshold.

    Record the risk impact scale in section 5.3 of the Risk Management Program Manual

    Convert project overruns and service outages into costs

    Use the tables below to quickly convert impacts typically measured in units of time to financial cost. Replace the values in the table with those that reflect your own costs.

    • While project overruns and service outages may have intangible impacts beyond the unexpected costs stemming from paying employees and lost revenue (such as adding complexity to project management and undermining the business’ confidence in IT), these measurements will provide adequate impact estimations for risk assessment.
    • Remember, complex risk events can be analyzed further with an expected cost assessment.
    Project Overruns Scale for the use of cost assessment with dollar amounts associated with impact levels. '$250,000 - Extreme', '$100,000 - High', '$60,000 - Moderate', '$35,000 - Low', '$10,000 - Negligible'.

    Project

    Time (days)

    20 days

    Number of employees

    8

    Average cost per employee (per day)

    $300

    Estimated cost

    $48,000
    Service Outages

    Service

    Time (hours)

    4 hours

    Lost revenue (per hour)

    $10,000

    Estimated cost

    $40,000

    Impact scale

    Low

    2.2.3 Select a technique to measure reputational cost (1 of 3)

    1-3 hours

    Realized risk events may have profound reputational costs that do not immediately impact your bottom line.

    Reputational cost can take several forms, including the internal and external perception of:
    1. Brand likeability
    2. Product quality
    3. Leadership capability
    4. Social responsibility

    Based on your industry and the nature of the risk, select one of the three techniques described in this section to incorporate reputational costs into your risk assessment.

    Technique #1 – Use financial indicators:

    For-profit companies typically experience reputational loss as a gradual decline in the strength of their brand, exclusion from industry groups, or lost revenue.

    If possible, use these measures to put a price on reputational loss:

    • Lost revenue attributable to reputation loss
    • Loss of market share attributable to reputation loss
    • Drops in share price attributable to reputation loss (for public companies)

    Match this dollar value to the corresponding level on the impact scale created in Activity 2.2.2.

    • If you are not able to effectively translate all reputational costs into financial costs, proceed to techniques 2 and 3 on the following slides.

    2.2.3 Select a technique to measure reputational cost (2 of 3)

    1-3 hours
    It is common for public sector or not-for-profit organizations to have difficulty putting a price tag on intangible reputational costs.
    • For example, a government organization may be unable to directly quantify the cost of losing the confidence and/or support of the public.
    • A helpful technique is to reframe how reputation is assigned value.
    Technique #2 – Calculate the value of avoiding reputational cost:
    1. Imagine that the particular risk event you are assessing has occurred. Describe the resulting reputational cost using qualitative language.

    For example:

    A data breach, which caused the unsanctioned disclosure of 2,000 client files, has inflicted high reputational costs on the organization. These have impacted the organization in the following ways:

    • Loss of organizational trust in IT
    • IT’s reputation as a value provider to the organization is tarnished
    • Loss of client trust in the organization
    • Potential for a public reprimand of the organization by the government to restore public trust
  • Then, determine (hypothetically) how much money the organization would be willing to spend to prevent the reputational cost from being incurred.
  • Match this dollar value to the corresponding level on the impact scale created in Activity 2.2.2.
  • 2.2.3 Select a technique to measure reputational cost (3 of 3)

    1-3 hours

    If you feel that the other techniques have not reflected reputational impacts in the overall severity level of the risk, create a parallel scale that roughly matches your financial impact scale.

    Technique #3 – Create a parallel scale for reputational impact:

    Visibility is a useful metric for measuring reputational impact. Visibility measures how widely knowledge of the risk event has spread and how negatively the organization is perceived. Visibility has two main dimensions:

    • Internal vs. External
    • Low Amplification vs. High Amplification
    • Internal/External: The further outside of the organization that the risk event is visible, the higher the reputational impact.
      Low/High Amplification: The greater the ability of the actor to communicate and amplify the occurrence of a risk event, the higher the reputational impact.
      After establishing a scale for reputational impact, test whether it reflects the severity of the financial impact levels in the financial impact scale.

    • For example, if the media learns about a recent data breach, does that feel like a $100,000 loss?
    Example:
    Scale for the use of cost assessment  of reputational impact with dimension combinations associated with impact levels. 'External, High Amp, (regulators, lawsuits) - Extreme', 'Internal, High Amp, (CEO) - Low', 'Internal, Low Amp (IT) - Negligible'.

    2.2.4 Create a likelihood scale

    1-3 hours

    Instructions:
    1. Create a scale to assess the likelihood that a risk event will occur over a given period of time.
      • Info-Tech recommends assessing the likelihood that the risk event will occur over a period of one year (the IT risk council should be reassessing the risk event no less than once per year).
    2. Ensure that the likelihood scale contains the same number of levels as the financial impact scale (3, 4, 5, 7, or 9).
    3. The example provided is likely to satisfy most IT departments; however, you may customize the distribution of likelihood values to reflect the organization’s aversion towards uncertainty.
      • For example, an extremely risk-averse organization may consider any risk event with a likelihood greater than 20% to have a “High” likelihood of occurrence.
    4. Attach the same labels used for the financial impact scale (Low, Moderate, High, etc.)

    Record the risk impact scale in section 5.3 of the Risk Management Program Manual

    Scale to assess the likelihood that a risk event will occur. '80-99% - Extreme', '60-79% - High', '40-59% - Moderate' '20-39% - Low', '1-19% - Negligible'.

    Info-Tech Insight

    Note: Info-Tech endorses the use of likelihood values (1-99%) rather than frequency (3 times per year) as a measurement.
    For an explanation of why likelihood values lead to more precise and robust risk assessment, see the Appendix.

    2.2.5 Risk severity level assessment

    6-10 hours

    Input: Risk events identified

    Output: Assessed the likelihood of occurrence and impact for all identified risk events

    Materials: Risk Register Tool

    Participants: IT risk council, Relevant business stakeholders, Representation from senior management team, Business risk owner

    Instructions:

    1. Document the “Risk Category” and “Existing Controls.” in the Risk Register Tool.
      • (See the slide following this activity for tips on identifying existing controls.)
    2. Assign each risk event a likelihood and impact level.
      • Remember, you are assessing the impact that a risk event will have on the organization as a whole, not just on IT.
    3. When assigning a financial impact level to a risk event, factor in the likely number of instances that the event will occur within the time frame for which you are assessing (usually one year).
      • For risk events like third-party service outages that typically occur a few times each year, assign them an impact level that reflects the likelihood of financial impact the risk event will have over the entire year.
      • E.g. If your organization is likely to experience two major service outages next year and each outage costs the organization approximately $15,000, the total financial impact is $30,000.

    Record results in the Risk Register Tool

    2.2.5 Risk severity level assessment (continued)

    Instructions (continued):
    1. Assign a risk owner to non-negligible risk events.
      • For organizations that practice ongoing risk management and frequently reassess their risk portfolio (minimum once per year), risk ownership does not need to be assigned to “Negligible” or low-level risks.
      • View the following slides for advice on how to select a risk owner and information on their responsibilities.
    2. As you input the first few likelihood and impact values, compare them to one another to ensure consistency and accuracy:
      • Is a service outage really twice as impactful as our primary software provider going out of business?
      • Is a data breach far more likely than a ›1 hour web-services outage?
    Tips for Selecting Likelihood Values:

    Does ~10% sound right?

    Test a likelihood estimate by assessing the truth of the following statements:

    • The risk event will likely occur once in the next ten years (if the environment remains nearly identical).
    • If ten organizations existed that were nearly identical to our own, it is likely that one out of ten would experience the risk event this year.

    Screenshot of a risk severity level assessment.

    Identify current risk controls

    Consider how IT is already addressing key risks.

    Types of current risk control

    Tactical controls

    Apply to individual risks only.

    Example: A tactical control for backup/replication failure is faster WAN lines.

    Tactical risk control Strategic controls

    Apply to multiple risks.

    Example: A strategic control for backup/replication failure is implementing formal DR plans.

    Strategic risk control
    Risk event Risk event Risk event

    Screenshot of the column headings on the risk severity level assessment with 'Current Controls' highlighted.
    Consider both tactical and strategic controls already in place when filling out risk event information in the Risk Register Tool.

    Info-Tech Insight

    Identifying existing risk controls (past risk responses) provides a clear picture of the measures already in place to avoid, mitigate, or transfer key risks. This reveals opportunities to improve existing risk controls, or where new strategies are needed, to reduce risk severity levels below business thresholds.

    Assign a risk owner for each risk event

    Designate a member of the IT risk council to be responsible for each risk event.

    Selecting the Appropriate Risk Owner

    Use the following considerations to determine the best owner for each risk:

    • The risk owner should be familiar with the process, project, or IT function related to the risk event.
    • The risk owner should have access to the necessary data to monitor and measure the severity of the risk event.
    • The risk owner’s performance assessment should reflect their ability to demonstrate the ongoing management of their assigned risk events.

    Screenshot of the column headings on the risk severity level assessment with 'Risk Owner' highlighted.

    Risk Owner Responsibilities

    Risk ownership means that an individual is responsible for the following activities:

    • Monitoring the threat or vulnerability for changes in the likelihood of occurrence and/or likely impact.
    • Monitoring changes in the market and external environment that may alter the severity of the risk event.
    • Monitoring changes of closely related risks with interdependencies.
    • Developing and using key risk indicators (KRIs) to measure changes in risk severity.
    • Regularly reporting changes in risk severity to the IT risk council.
    • If necessary, escalating the risk event to other IT risk council personnel or senior management for reassessment.
    • Monitoring risk severity levels for risk events after a risk response has been implemented.

    Use Info-Tech’s Risk Costing Tool to calculate the expected cost of IT’s high-priority risks (optional)

    Sample of the Risk Costing Tool.

    Use this tool to:

    1. Conduct a deeper analysis of severe risks.
      • Determine specific likelihood and financial impact values to communicate the severity of the risk in the Expected Cost tab.
      • Identify the maximum financial impact that the risk event may inflict.
    2. Assess the effectiveness of multiple risk responses for each risk event.
      • Determine how proposed risk events will change the likelihood of occurrence and financial impact of the risk event.
    3. Incorporate risk proximity into your cost-benefit analysis of risk responses.
      • Illustrate how spending decisions will impact the expected cost of the risk event over time.

    2.2.6 Expected cost assessment (optional)

    Assign likelihood and financial impact values to high-priority risks.

    Select risks with these characteristics:

    Strongly consider conducting an expected cost assessment for risk events that meet one or more of the following criteria.

    The risk:

    • Has been assigned to the highest risk severity level.
    • Has exposed the organization previously and had severe implications.
    • Exceeds the organization’s threshold for financial impact.
    • Involves an IT function that is highly visible to the business.
    • Will likely require risk response actions that will exceed current IT budgetary constraints.
    • Is conducive to expected cost assessment:
      • There is general consensus on likelihood estimates.
      • There is general consensus on financial impact estimates.
      • Historical data exists to support estimates.
    Determine which risks require a deeper assessment:

    Info-Tech recommends conducting a second-level assessment for 5-15% of your IT risk register.

    Communicating the expected cost of high-priority risks significantly increases awareness of IT risks by the business.

    Communicating risks to the business using their language also increases the likelihood that risk responses will receive the necessary support and investment


    Record the list of risk events requiring second-level assessment in the Risk Costing Tool.

    • Transfer the likelihood and impact levels for each event into the Risk Costing Tool using data from the Risk Register Tool.

    2.2.6 Expected cost assessment (continued)

    Assign likelihood and financial impact values to high-priority risks.

    Instructions:
    1. Go through the list of prioritized risks in the Risk Costing Tool one by one. Indicate the likelihood and impact level (from the Risk Register Tool) for the risk event being assessed.
    2. Record likelihood values (1-99%) and impact values ($) from participants.
      • Only record values from individuals that indicate they are fairly confident with their estimates.
      • Keep likelihood estimates to values that are multiples of five.
    3. Estimate and record the maximum impact that the risk event could inflict.
      • See Appendix III for information on how the possibility of high-impact scenarios may influence your decision making.
    4. Discuss the estimates provided. Eliminate outliers and retracted estimates.
      • If you are unable to achieve consensus, take the average of the values provided.
    5. If you are having difficulty arriving at a likelihood or impact value, select the median value of the level assigned to the risk during the risk severity level assessment.
      • E.g. Risk event assigned to likelihood level “Moderate” (20-39%). Select a likelihood value of 30%.

    Screenshot of the column headings on the risk severity level assessment with 'Optional Inherent Likelihood Parameters' and 'Optional Inherent Impact Parameters' highlighted.

    Who should participate?
    • Depending on the size of your IT risk council, you may want to consider conducting this exercise in a smaller group.
    • Ideally, you should try to find the right balance between ensuring that the necessary experience and knowledge is in the room while insulating the exercise from outlier opinions, noise, and distractions.

    Evaluate likelihood and impact

    Refine your risk assessment process by developing more accurate measurements of likelihood and impact.

    Intersubjective likelihood

    The goal of the expected cost assessment is to develop robust intersubjective estimates of likelihood and financial impact.

    By aggregating a number of expert opinions of what they deem to be the “correct” value, you will arrive at a collectively determined value that better reflects reality than an individual opinion.

    Example: The Delphi Method

    The Delphi Method is a common technique to produce a judgement that is representative of the collective opinion of a group.

    • Participants are sent a series of sequential questionnaires (typically by email).
    • The first questionnaire asks them what the likelihood, likely impact, and expected cost is for a specific risk event.
    • Data from the questionnaire is compiled and then communicated in a subsequent questionnaire, which encourages participants to restate or revise their estimates given the group’s judgements.
    • With each successive questionnaire, responses will typically converge around a single intersubjective value.
    Justifying Your Estimates:

    When asked to explain the numbers you arrived at during the risk assessment, pointing to an assessment methodology gives greater credibility to your estimates.

    • Assign one individual to take notes during the assessment exercise.
    • Have them document the main rationale behind each value and the level of consensus.

    Info-Tech Insight

    The underlying assumption behind intersubjective forecasting is that group judgements are more accurate than individual judgements. However, this may not be the case at all.

    Sometimes, a single expert opinion is more valuable than many uninformed opinions. Defining whose opinion is valuable and whose is not is an unpleasant exercise; therefore, selecting the right personnel to participate in the exercise is crucially important.

    Build an IT Risk Management Program

    Phase 3

    Monitor, Respond, and Report on IT Risk

    Phase 1

    • 1.1 Review IT Risk Management Fundamentals
    • 1.2 Establish a Risk Governance Framework

    Phase 2

    • 2.1 Identify IT Risks
    • 2.2 Assess and Prioritize IT Risks

    Phase 3

    • 3.1 Develop Risk Responses and Monitor IT Risks
    • 3.2 Report IT Risk Priorities

    This phase will walk you through the following activities:

    • Develop key risk indicators (KRIs) and escalation protocols
    • Establish the reporting schedule
    • Identify and assess risk responses
    • Analyze risk response cost-benefit
    • Create multi-year cost projections
    • Obtain executive approval for risk action plans
    • Socialize the Risk Report
    • Transfer ownership of risk responses to project managers
    • Finalize the Risk Management Program Manual

    This phase involves the following participants:

    • IT risk council
    • Relevant business stakeholders
    • Representation from senior management team
    • Risk business owner

    Step 3.1

    Monitor IT Risks and Develop Risk Responses

    Activities
    • 3.1.1 Develop key risk indicators (KRIs) and escalation protocols
    • 3.1.2 Establish the reporting schedule
    • 3.1.3 Identify and assess risk responses
    • 3.1.4 Risk response cost-benefit analysis
    • 3.1.5 Create multi-year cost projections

    This step involves the following participants:

    • IT risk council
    • Relevant business stakeholders
    • Representation from senior management team
    • Business risk owner

    Outcomes of this step

    • Completed risk event action plans
    • Risk responses identified and assessed for top risks
    • Risk response selected for top risks

    Monitor, Respond, and Report on IT Risk

    Step 3.1 Step 3.2

    Use Info-Tech’s Risk Event Action Plan to manage high-priority risks

    Manage risks in between risk assessments and create a paper trail for key risks that exceed the unacceptable risk threshold. Use a new form for every high-priority risk that requires tracking.

    Risk Event Action Plan Sample of the Risk Event Action Plan deliverable.

    Obtaining sign-off from the senior leadership team or from the ERM office is an important step of the risk management process. The Risk Event Action Plan ensures that high-priority risks are closely monitored and that changes in risk severity are detected and reported.

    Clear documentation is a way to ensure that critical information is shared with management so that they can make informed risk decisions. These reports should be succinct yet comprehensive; depending on time and resources, it is good practice to fill out this form and obtain sign-off for the majority of IT risks.

    3.1.1 Develop key risk indicators (KRIs) and escalation protocols

    The risk owner should be held accountable for monitoring their assigned risks but may delegate responsibility for these tasks.

    Instructions:
    1. Design key risk indicators (KRIs) for risks that measure changes in their severity and document them in the Risk Event Action Plan.
      • See the following slide for examples.
    2. Clearly document the risk owner and the individual(s) carrying out risk monitoring activities (delegates) in the Risk Event Action Plan.

    Note: Examples of KRIs can be found on the following slide.

    What are KRIs?
    • KRIs should be observable metrics that alert the IT risk council and management when risk severity exceeds acceptable risk thresholds.
    • KRIs should serve as tripwires or early-warning indicators that trigger further actions to be taken on the risk.
    • Further actions may include:
      • Escalation to the risk owner (if delegated) or to a member of the senior leadership team.
      • Reporting to the IT risk council or IT steering committee.
      • Reassessment.
      • Updating the risk monitoring schedule.

    Document KRIs, escalation thresholds, and escalation protocols for each risk in a Risk Event Action Plan.

    Developing KRIs for success

    Visualization of KRI development, from the 'Risk Event' to the 'Intermediate Steps' with 'KRI Measurements' to the image of a growing seed.

    Examples of KRIs

    • Number of resources who quit or were fired who had access to critical data
    • Number of risk mitigation initiatives unfunded
    • Changes in time horizon of mitigation implementation
    • Number of employees who did not report phishing attempts
    • Amount of time required to get critical operations access to necessary data
    • Number of days it takes to implement a new regulation or compliance control

    3.1.2 Establish the reporting schedule

    For each risk event, document how frequently the risk owner must report to the IT risk council in the Risk Event Action Plan.

    • A clear reporting schedule enforces accountability for each risk event, ensuring that risk owners are fulfilling their monitoring responsibilities.
    • The ongoing discussion of risks between assessment cycles also increases overall awareness of how IT risks are not static but constantly evolving.
    Reporting Risk Event
    Weekly reports to ITRC Risk event severity represented as a thermometer with levels 'Extreme', 'High', 'Moderate', 'Low', and 'Negligible'.
    Bi-weekly reports to ITRC
    Monthly reports to ITRC
    Report to ITRC only if KRI thresholds triggered
    No reports; reassessed bi-annually

    Use Info-Tech’s tools to identify, analyze, and select risk responses

    1

    (Mandatory)
    Tool

    Screenshot of the Risk Register Tool.

    Risk Register Tool

    Information
    • Develop risk responses for all risk events pre-populated on the “2. Risk Register” sheet of the Risk Register Tool.
    • Document the root cause of the risk (Activity 3.1.3) and other contributing factors (Activity 3.1.4).
    • Identify risk responses (Activity 3.1.5).
    • Predict the effectiveness of the risk response, if implemented, by estimating the residual likelihood and impact of the risk (Activity 3.1.5).
    • The tool will calculate the residual severity of the risk after applying the risk response.

    2

    (Optional)
    Tool

    Screenshot of the Risk Costing Tool.

    Risk Costing Tool

    Information
    • Continue your second-level risk analysis for top risks for which you calculated expected cost in section 2.2.
    • Activity 3.1.5:
      • Identify between one and four risk response options for each risk.
      • Develop precise values for residual likelihood and impact.
      • Compare expected cost of the risk event to expected residual cost.
      • Select the risk response to recommend to senior leadership and document it in the Risk Register Tool.

    Determine the root cause of IT risks

    Root cause analysis

    Use the “Five Whys” methodology to identify the root cause and contributing/exacerbating factors for each risk event.

    Diagnosing the root cause of a risk as well as the environmental factors that increase its potential impact and likelihood of occurring allow you to identify more effective risk responses.

    Risk responses that only address the symptoms of the risk are less likely to succeed than responses that address the core issue.

    Concentric circles with 'Root Cause' at the center, 'Contributing Factors' around it, and 'Symptoms' on the outer circle.

    Example of 'The Five Whys Methodology', tracing symptoms to their root cause. In 'Symptoms' we see 'Risk Event: Network outage', Why? 'Network congestion', Why? Then on to 'Contributing Factors' the answer is 'Inadequate bandwidth for latency-sensitive applications', Why? 'Increased business use of latency-sensitive applications', Why? And finally to the 'Root Cause', 'Business units rely on 'real-time' data gathered from latency-sensitive applications', Why?

    Identify factors that contribute to the severity of the risk

    Environmental factors interact with the root cause to increase the likelihood or impact of the risk event.

    What factors matter?

    Identify relevant actors and assets that amplify or diminish the severity of the risk.

    Actors

    • Internal (business units)
    • External (vendor, regulator, market, competitor, hostile actor)

    Assets/Resources

    • Infrastructure
    • Applications
    • Processes
    • Information/data
    • Personnel
    • Reputation
    • Operations
    Develop risk responses that target contributing factors.
    Root cause:
    Business units rely on “real-time” data gathered from latency-sensitive applications

    Actors: Enterprise App users (Finance, Product Development, Product Management)

    Asset/resource: Applications, network

    Risk response:
    Decrease the use of latency-sensitive applications.

    X

    Decreasing the use of key apps contradicts business objectives.

    Contributing factors:
    Unreliable router software

    Actors: Network provider, router vendor, router software vendor, IT department

    Asset/resource: Network, router, router software

    Risk response:
    Replace the vendor that provides routers and router software.

    Replacing the vendor would reduce network outages at a relatively low cost.

    Symptoms:
    Network outage

    Actors: All business units, network provider

    Asset/resource: Network, business operations, employee productivity

    Risk response:
    Replace legacy systems.

    X

    Replacing legacy systems would be too costly.

    3.1.3 Identify and assess risk responses

    Instructions:
    Complete the following steps for each risk event.
    1. Identify a risk response action that will help reduce the likelihood of occurrence or the impact if the event were to occur.
      • Indicate the type of risk response (avoidance, mitigation, transfer, acceptance, or no risk exists).
    2. Assign each risk response action a residual likelihood level and a residual impact level.
      • This is the same step performed in Activity 2.2.6, when initial likelihood and impact levels were determined; however, now you are estimating the likelihood and impact of the risk event after the risk response action has been implemented successfully.
      • The Risk Register Tool will generate a residual risk severity level for each risk event.
    3. Identify the potential Risk Action Owner (Project Manager) if the response is selected and turned into an IT project, and document this in the Risk Register Tool.
    Document the following in the Risk Event Action Plan for each risk event:
      • Risk response actions
      • Residual likelihood and impact levels
      • Residual risk severity level
    • Review the following slides about the four types of risk response to help complete the activity.
      1. Avoidance
      2. Mitigation
      3. Transfer
      4. Acceptance

    Record the results in the Risk Event Action Plan.

    Take actions to avoid the risk entirely

    Risk Avoidance

    • Risk avoidance involves taking evasive maneuvers to avoid the risk event.
    • Risk avoidance targets risk likelihood, decreasing the likelihood of the risk event occurring.
    • Since risk avoidance measures are fairly drastic, the likelihood is often reduced to negligible levels.
    • However, risk avoidance response actions often sacrifice potential benefits to eliminate the possibility of the risk entirely.
    • Typically, risk avoidance measures should only be taken for risk events with extremely high severity and when the severity (expected cost) of the risk event exceeds the cost (benefits sacrificed) of avoiding the risk.

    Example

    Risk event: Information security vulnerability from third-party cloud services provider.

    • Risk avoidance action: Store all data in-house.
    • Benefits sacrificed: Cost savings, storage flexibility, etc.
    Stock photo of a person hikiing along a damp, foggy, valley path.

    Pursue projects that reduce the likelihood or impact of the risk event

    Risk Mitigation

    • Risk mitigation actions are risk responses that reduce the likelihood and impact of the risk event.
    • Risk mitigation actions can be to either implement new controls or enhance existing ones.
    Example 1

    Most risk responses will reduce both the likelihood of the risk event occurring and its potential impact.

    Example

    Mitigation: Purchase and implement enterprise mobility management (EMM) software with remote wipe capability.

    • EMM reduces the likelihood that sensitive data is accessed by a nefarious actor.
    • The remote-wipe capability reduces the impact by closing the window that sensitive data can be accessed from.
    Example 2

    However, some risk responses will have a greater effect on decreasing the likelihood of a risk event with little effect on decreasing impact.

    Example

    Mitigation: Create policies that restrict which personnel can access sensitive data on mobile devices.

    • This mitigation decreases the number of corporate phones that have access to (or are storing) sensitive data, thereby decreasing the likelihood that a device is compromised.
    Example 3

    Others will reduce the potential impact without decreasing its likelihood of occurring.

    Example

    Mitigation: Use robust encryption for all sensitive data.

    • Corporate-issued mobile phones are just as likely to fall into the hands of nefarious actors, but the financial impact they can inflict on the organization is greatly reduced.

    Pursue projects that reduce the likelihood or impact of the risk event (continued)

    Use the following IT functions to guide your selection of risk mitigation actions:

    Process Improvement

    Key processes that would most directly improve the risk profile:

    • Change Management
    • Project Management
    • Vendor Management
    Infrastructure Management
    • Disaster Recovery Plan/Business Continuity Plan
    • Redundancy and Resilience
    • Preventative Maintenance
    • Physical Environment Security
    Personnel
    • Greater staff depth in key areas
    • Increased discipline around documentation
    • Knowledge Management
    • Training
    Rationalization and Simplification

    This is a foundational activity, as complexity is a major source of risk:

    • Application Rationalization – reducing the number of applications
    • Data Management – reducing the volume and locations of data

    Transfer risks to a third party

    Risk transfer: the exchange of uncertain future costs for fixed present costs.

    Insurance

    The most common form of risk transfer is the purchase of insurance.

    • The uncertain future cost of an IT risk event can be transferred to an insurance company who assumes the risk in exchange for insurance premiums.
    • The most common form of IT-relevant insurance is cyberinsurance.

    Not all risks can be insured. Insurable risks typically possess the following five characteristics:

    1. The loss must be accidental (the risk event cannot be insured if it could have been avoided by taking reasonable actions).
    2. The insured cannot profit from the occurrence of the risk event.
    3. The loss must be able to be measured in monetary terms.
    4. The organization must have an insurable interest (it must be the party that incurs the loss).
    5. An insurance company must offer insurance against that risk.
    Other Forms of Risk Transfer

    Other forms of risk transfer include:

    • Self-insurance
      • Appropriate funds can be set aside in advance to address the financial impact of a risk event should it occur.
    • Warranties
    • Contractual transfer
      • The financial impact of a risk event can be transferred to a third party through clauses agreed to in a contract.
      • For example, a vendor can be contractually obligated to assume all costs resulting from failing to secure the organization’s data.
    • Example email addressing fields of an IT Risk Transfer to an insurance company.

    Accept risks that fall below established thresholds

    Risk Acceptance

    Accepting a risk means tolerating the expected cost of a risk event. It is a conscious and deliberate decision to retain the threat.

    You may choose to accept a risk event for one of the following three reasons:

    1. The risk severity (expected cost) of the risk event falls below acceptability thresholds and does not justify an investment in a risk avoidance, mitigation, or transfer measure.
    2. The risk severity (expected cost) exceeds acceptability thresholds but all effective risk avoidance, mitigation, and transfer measures are ineffective or prohibitively expensive.
    3. The risk severity (expected cost) exceeds acceptability thresholds but there are no feasible risk avoidance, mitigation, and transfer measures to be implemented.

    Info-Tech Insight

    Constant monitoring and the assignment of responsibility and accountability for accepted risk events is crucial for effective management of these risks. No IT risk should be accepted without detailed documentation outlining the reasoning behind that decision and evidence of approval by senior management.

    3.1.4 Risk response cost-benefit analysis (optional)

    The purpose of a cost-benefit analysis (CBA) is to guide financial decision making.

    This helps IT make risk-conscious investment decisions that fall within the IT budget and helps the organization make sound budgetary decisions for risk response projects that cannot be addressed by IT’s existing budget.

    Instructions:
    1. Reopen the Risk Costing Tool. For each risk that you conducted an expected cost assessment in section 2.2 for, find the Excel sheet that corresponds to the risk number (e.g. R001).
    2. Identify between one and four risk response options for the risk event and document them in the Risk Costing Tool.
      • The “Risk Response 1” field will be automatically populated with expected cost data for a scenario where no action was taken (risk acceptance). This will serve as a baseline for comparing alternative responses.
      • For the following steps, go through the risk responses one by one.
    3. Estimate the first-year cost for the risk response.
      • This cost should reflect initial capital expenditures and first-year operating expenditures.
    Screenshot of the Risk Response cost-benefit-analysis from the Risk Costing Tool with 'Capital Expenditures' and 'Operating Expenditures' highlighted.

    Record the results in the Risk Costing Tool.

    3.1.4 Risk response cost-benefit analysis (continued)

    The purpose of a cost-benefit analysis (CBA) is to guide financial decision making.

    Instructions:

    1. Estimate residual risk likelihood and financial impact for Year 1 with the risk response in place.
      • Rather than estimating the likelihood level (low, medium, high), determine a precise likelihood value of the risk event occurring once the response has been implemented.
      • Estimate the dollar value of financial impacts if the risk event were to occur with the risk response in place.
      • Screenshot of the Risk Response cost-benefit-analysis from the Risk Costing Tool with figured for 'Financial Impact' and 'Probability' highlighted. The tool will calculate the expected residual cost of the risk event: (Financial Impact x Likelihood) - Costs = Expected Residual Cost
    2. Select the highest value risk response and document it in the Risk Register Tool.
    3. Document your analysis and recommendations in the Risk Event Action Plan.

    Note: See Activity 3.1.5 to build multi-year cost projections for risk responses.

    3.1.5 Create multi-year cost projections (optional)

    Select between risk response options by projecting their costs and benefits over multiple years.

    • It can be difficult to choose between risk response options that require different payment schedules. A risk response project with costs spread out over more than one year (e.g. incremental upgrades to an IT system) may be more advantageous than a project with costs concentrated up front that may cost less in the long run (e.g. replacing the system).
    • However, the impact that risk response projects have on reducing risk severity is not necessarily static. For example, an expensive project like replacing a system may drastically reduce the risk severity of a system failure. Whereas, incremental system upgrades may only marginally reduce risk severity in the short term but reach similar levels as a full system replacement in a few years.
    Instructions:

    Calculate expected cost for multiple years using the Risk Costing Tool for:

    • Risk events that are subject to change in severity over time.
    • Risk responses that reduce the severity of the risk gradually.
    • Risk responses that cannot be implemented immediately.

    Copy and paste the graphs into the Risk Report and the Risk Event Action Plan for the risk event.

    Sample charts on the cost of risk responses from the Risk Costing Tool.

    Record the results in the Risk Costing Tool.

    Step 3.2

    Report IT Risk Priorities

    Activities
    • 3.2.1 Obtain executive approval for risk action plans
    • 3.2.2 Socialize the Risk Report
    • 3.2.3 Transfer ownership of risk responses to project managers
    • 3.2.4 Finalize the Risk Management Program Manual

    This step involves the following participants:

    • IT risk council
    • Relevant business stakeholders
    • Representation from senior management team

    Outcomes of this step

    • Obtained approval for risk action plans
    • Communicated IT’s risk recommendations to senior leadership
    • Embedded risk management into day-to-day IT operations

    Monitor, Respond, and Report on IT Risk

    Step 3.1 Step 3.2

    Effectively deliver IT risk expertise to the business

    Communicate IT risk management in two directions:

    1. Up to senior leadership (and ERM if applicable)
    2. Down to IT employees (embedding risk awareness)
    3. Visualization of communicating Up to 'Senior Leadership' and Down to 'IT Personnel'.

    Create a strong paper trail and obtain sign-off for the ITRC’s recommendations.

    Now that you have collected all of the necessary raw data, you must communicate your insights and recommendations effectively.

    A fundamental task of risk management is communicating risk information to senior management. It is your responsibility to enable them to make informed risk decisions. This can be considered upward communication.

    The two primary goals of upward communication are:

    1. Transferring accountability for high-priority IT risks to the ERM or to senior leadership.
    2. Obtaining funds for risk response projects recommended by the ITRC.

    Good risk management also has a trickle-down effect impacting all of IT. This can be considered downward communication.

    The two primary goals of downward communication are:

    1. Fostering a risk-aware IT culture.
    2. Ensuring that the IT risk management program maintains momentum and runs effectively.

    3.2.1 Obtain executive approval for risk action plans

    Best Practices and Key Benefits

    Best practice is for all acceptable risks to also be signed-off by senior leadership. However, for ITRCs that brainstorm 100+ risks, this may not be possible. If this is the case, prioritize accepted risks that were assessed to be closest to the organization’s thresholds.

    By receiving a stamp of approval for each key risk from senior management, you ensure that:

    1. The organization is aware of important IT risks that may impact business objectives.
    2. The organization supports the risk assessment conducted by the ITRC.
    3. The organization supports the plan of action and monitoring responsibilities proposed by the ITRC.
    4. If a risk event were to occur, the organization holds ultimate accountability.
    Sample of the Risk Event Action Plan template.

    Task:
    All IT risks that were flagged for exceeding the organization’s severity thresholds must obtain sign-off by the CIO or another member of the senior leadership team.

    • In the assessment phase, you evaluated risks using severity thresholds approved by the business and determined whether or not they justified a risk response.
    • Whether your recommendation was to accept the risk or to analyze possible risk responses, the business should be made aware of most IT risks.

    3.2.2 Socialize the risk report

    Create a succinct, impactful document that summarizes the outcomes of risk assessment and highlights the IT risk council’s top recommendations to the senior leadership team.

    The Risk Report contains:
    • An executive summary page highlighting the main takeaways for senior management:
      • A short summary of results from the most recent risk assessment
      • Dashboard
      • A list of top 10 risks ordered from most severe to least
    • Subsequent individual risk analyses (1 to 10)
      • Detailed risk assessment data
      • Risk responses
      • Risk response analysis
      • Multi-year cost projection (see the following slide)
      • Dashboard
      • Recommendations
    Sample of the Risk Report template.

    Risk Report

    Pursue projects that reduce the likelihood or impact of the risk event

    Encourage risk awareness to extend the benefits of risk management to every aspect of IT.

    Benefits of risk awareness:

    • More preventative and proactive approaches to IT projects are discussed and considered.
    • Changes to the IT threat landscape are more likely to be detected, communicated, and acted upon.
    • IT possesses a realistic perception of its ability to perform functions and provide services.
    • Contingency plans are put in place to hedge against risk events.
    • Fewer IT risks go unidentified.
    • CIOs and business executives make better risk decisions.

    Consequences of low risk awareness:

    • False confidence about the number of IT risks impacting the organization and their severity.
    • Risk-relevant information is not communicated to the ITRC, which may result in inaccurate risk assessments.
    • Confusion surrounding whose responsibility it is to consider how risk impacts IT decision making.
    • Uncertainty and panic when unanticipated risks impact the IT department and the organization.

    Embedding risk management in the IT department is a full-time job

    Take concrete steps to increase risk-aware decision making in IT.

    The IT risk council plays an instrumental role in fostering a culture of risk awareness throughout the IT department. In addition to periodic risk assessments, fulfilling reporting requirements, and undertaking ongoing monitoring responsibilities, members of the ITRC can take a number of actions to encourage other IT employees to adopt a risk-focused approach, particularly at the project planning stage.

    Embed risk management in project planning

    Make time for discussing project risks at every project kick-off.
    • A main benefit of including senior personnel from across IT in the ITRC is that they are able to disseminate the IT risk council’s findings to their respective practices.
    • At project kick-off meetings, schedule time to identify and assess project-specific risks.
    • Encourage the project team to identify strategies to reduce the likelihood and impact of those risks and document these in the project charter.
    • Lead by example by being clear and open about what constitutes acceptable and unacceptable risks.

    Embed risk management with employee

    Train IT staff on the ITRC’s planned responses to specific risk events.
    • If a response to a particular risk event is not to implement a project but rather to institute new policies or procedures, ensure that changes are communicated to employees and that they receive training.
    Provide risk management education opportunities.
    • Remember that a more risk-aware IT employee provides more value to the organization.
    • Invest in your employees by encouraging them to pursue education opportunities like receiving risk management accreditation or providing them with educational experiences such as workshops, seminars, and eLearning.

    Embedding risk management in the IT department is a full-time job (continued)

    Encourage risk awareness by adjusting performance metrics and job titles.

    Performance metrics:

    Depending on the size of your IT department and the amount of resources dedicated to ongoing risk management, you may consider embedding risk management responsibilities into the performance assessments of certain ITRC members or other IT personnel.

    • Personalize the risk management program metrics you have documented in your Risk Management Program Manual.
    • Evidence that KPIs are monitored and frequently reported is also a good indicator that risk owners are fulfilling their risk management responsibilities.
    • Info-Tech Insight

      If risk management responsibilities are not built into performance assessments, it is less likely that they will invest time and energy into these tasks. Adding risk management metrics to performance assessments directly links good job performance with good risk management, making it more likely that ITRC activities and initiatives gain traction throughout the IT department.

    Job descriptions:

    Changing job titles to reflect the focus of an individual’s role on managing IT risk may be a good way to distinguish personnel tasked with developing KRIs and monitoring risks on a week-to-week basis.

    • Some examples include IT Risk Officer, IT Risk Manager, and IT Risk Analyst.

    3.2.3 Transfer ownership of risk responses to project managers

    Once risk responses have obtained approval and funding, it is time to transform them into fully-fledged projects.

    Image of a hand giving a key to another hand and a circle split into quadrants of Governance with 'Governance of Risks' being put into 'Governance of Projects'.

    3.2.4 Finalize the Risk Management Program Manual

    Go back through the Risk Management Program Manual and ensure that the material will accurately reflect your approach to risk management going forward.

    Remember, the program manual is a living document that should be evolving alongside your risk management program, reflecting best practices, knowledge, and experiences accrued from your own assessments and experienced risk events.

    The best way to ensure that the program manual continues to guide and document your risk management program is to make it the focal point of every ITRC meeting and ensure that one participant is tasked with making necessary adjustments and additions.

    Sample of the Risk Management Program Manual. Risk Management Program Manual

    “Upon completing the Info-Tech workshop, the deliverables that we were left with were really outstanding. We put together a 3-year project plan from a high level, outlining projects that will touch upon our high risk areas.” (Director of Security & Risk, Water Management Company)

    Don’t allow your risk management program to flatline

    54% of small businesses haven’t implemented controls to respond to the threat of cyber attacks (Source: Insurance Bureau of Canada, 2021)

    Don’t be lulled into a false sense of security. It might be your greatest risk.

    So you’ve identified the most important IT risks and implemented projects to protect IT and the business.

    Unfortunately, your risk assessment is already outdated.

    Perform regular health checks to keep your finger on the pulse of the key risks threatening the business and your reputation.

    To continue the momentum of your newly forged IT risk management program, read Info-Tech’s research on conducting periodic risk assessments and “health checks”:

    Revive Your Risk Management Program With a Regular Health Check

    • Complete Info-Tech’s Risk Management Health Check to seize the momentum you created by building a robust IT risk management program and create a process for conducting periodic health checks and embedding ongoing risk management into every aspect of IT.
    • Our focus is on using data to make IT risk assessment less like an art and more like a science. Ongoing data-driven risk management is self-improving and grounded in historical data.

    Appendix I: Familiarize yourself with key risk terminology

    Review important risk management terms and definitions.

    Risk

    An uncertain event or set of events which, should it occur, will have an effect on the achievement of objectives. A risk consists of a combination of the likelihood of a perceived threat or opportunity occurring and the magnitude of its impact on objectives (Office of Government Commerce, 2007).

    Threat

    An event that can create a negative outcome (e.g. hostile cyber/physical attacks, human errors).

    Vulnerability

    A weakness that can be taken advantage of in a system (e.g. weakness in hardware, software, business processes).

    Risk Management

    The systematic application of principles, approaches, and processes to the tasks of identifying and assessing risks, and then planning and implementing risk responses. This provides a disciplined environment for proactive decision making (Office of Government Commerce, 2007).

    Risk Category

    Distinct from a risk event, a category is an abstract profile of risk. It represents a common group of risks. For example, you can group certain types of risks under the risk category of IT Operations Risks.

    Risk Event

    A specific occurrence of an event that falls under a particular risk category. For example, a phishing attack is a risk event that falls under the risk category of IT Security Risks.

    Risk Appetite

    An organization’s attitude towards risk taking, which determines the amount of risk that it considers acceptable. Risk appetite also refers to an organization’s willingness to take on certain levels of exposure to risk, which is influenced by the organization’s capacity to financially bear risk.

    Enterprise Risk Management

    (ERM) – A strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of organizational risks and managing the combined impact of those risks as an interrelated risk portfolio (RIMS, 2015).

    Appendix II: Likelihood vs. Frequency

    Why we measure likelihood, not frequency:

    The basic formula of Likelihood x Impact = Severity is a common methodology used across risk management frameworks. However, some frameworks measure likelihood using Frequency rather than Likelihood.

    Frequency is typically measured as the number of instances an event occurs over a given period of time (e.g. once per month).

    • For risk assessment, historical data regarding the frequency of a risk event is commonly used to indicate the likelihood that the event will happen in the future.

    Likelihood is a numerical representation of the “degree of belief” that the risk event will occur in a given future timeframe (e.g. 25% likelihood that the event will occur within the next year).

    False Objectivity

    While some may argue that frequency provides an objective measurement of likelihood, it is well understood in the field of likelihood theory that historical data regarding the frequency of a risk event may have little bearing over the likelihood of that event happening in the future. Frequency is often an indication of future likelihood but should not be considered an objective measurement of it.

    Likelihood scales that use frequency underestimate the magnitude of risks that lack historical precedent. For example, an IT department that has never experienced a high-impact data breach would adopt a very low likelihood score using the frequentist approach. However, if all of the organization’s major competitors have suffered a major breach within the last two years, they ought to possess a much higher degree of belief that the risk event will occur within the next year.

    Likelihood is a more comprehensive measurement of future likelihood, as frequency can be used to inform the selection of a likelihood value. The process of selecting intersubjective likelihood values will naturally internalize historical data such as the frequency that the event occurred in the past. Further, the frequency that the event is expected to occur in the future can be captured by the expected impact value. For example, a risk event that has an expected impact per occurrence of $10,000 that is expected to occur three times over the next year has an expected impact of $30,000.

    Appendix III: Should max impacts sway decision making?

    Don’t just fixate on the most likely impact – be aware of high-impact outcomes.

    During assessment, risks are evaluated according to their most likely financial impact.

    • For example, a service outage will likely last for two hours and may have an expected cost of $14,000.

    Naturally, focusing on the most likely financial impact will exclude higher impacts that – while theoretically possible – are so unlikely that they do not warrant any real consideration.

    • For example, it is possible that a service outage could last for days; however, the likelihood for such an event may be well below 1%.

    While the risk severity level assessment allows you to present impacts as a range of values (e.g. $50,000 to $75,000), the expected cost assessment requires you to select specific values.

    • However, this analysis may fail to consider much higher potential impacts that have non-negligible likelihood values (likelihood values that you cannot ignore).
    • What you consider “non-negligible” will depend on your organizational risk tolerance/appetite.

    Sometimes called Black Swan events or Fat-Tailed outcomes, high-impact events may occur when the far right of the likelihood distribution – or the “tail” – is thicker than a normal distribution (see fig. 2).

    • A good example is a data breach. While small to medium impacts are far more likely to occur than a devastating intrusion, the high-impact scenario cannot be ignored completely.

    For risk events that contain non-negligible likelihoods (too high to be ignored) consider elevating the risk severity level or expected cost.

    Figure 1 is a graph presenting a 'Normal Likelihood Distribution', the axes being 'Likelihood' and 'Financial Impact'.
    Figure 2 is a graph presenting a 'Fat-Tailed Likelihood Distribution' with a point at the top of the parabola labelled 'Most Likely Impact' but with a much wider bottom labelled 'Fat-Tailed Outcomes', the axes being 'Likelihood' and 'Financial Impact'.

    Leverage Info-Tech’s research on security and compliance risk to identify additional risk events

    Title card of the Info-tech blueprint 'Take Control of Compliance Improvement to Conquer Every Audit' with subtitle 'Don't gamble recklessly with external compliance. Play a winning system and take calculated risks to stack the odds in your favor.


    Take Control of Compliance Improvement to Conquer Every Audit

    Info-Tech Insight

    Don’t gamble recklessly with external compliance. Play a winning system and take calculated risks to stack the odds in your favor.

    Take an agile approach to analyze your gaps and prioritize your remediations. You don’t always have to be fully compliant as long as your organization understands and can live with the consequences.

    Stock photo of a woman sitting at a computer surrounded by rows of computers.


    Develop and Implement a Security Risk Management Program

    Info-Tech Insight

    Security risk management equals cost effectiveness.

    Time spent upfront identifying and prioritizing risks can mean the difference between spending too much and staying on budget.

    Research Contributors and Experts

    Sandi Conrad
    Principal Research Director
    Info-Tech Research Group

    Christine Coz
    Executive Counsellor
    Info-Tech Research Group

    Milena Litoiu
    Principal Research Director
    Info-Tech Research Group

    Scott Magerfleisch
    Executive Advisor
    Info-Tech Research Group

    Aadil Nanji
    Research Director
    Info-Tech Research Group

    Andy Neill
    Associate Vice-President of Research
    Info-Tech Research Group

    Daisha Pennie
    IT Risk Management
    Oklahoma State University

    Ken Piddington
    CIO and Executive Advisor
    MRE Consulting

    Frank Sewell
    Research Director
    Info-Tech Research Group

    Andrew Sharpe
    Research Director
    Info-Tech Research Group

    Chris Warner
    Consulting Director- Security
    Info-Tech Research Group

    Sterling Bjorndahl
    Director of IT Operations
    eHealth Saskatchewan

    Research Contributors and Experts

    Ibrahim Abdel-Kader
    Research Analyst
    Info-Tech Research Group

    Tamara Dwarika
    Internal Auditor
    A leading North American Utility

    Anne Leroux
    Director
    ES Computer Training

    Ian Mulholland
    Research Director
    Info-Tech Research Group

    Michel Fossé
    Consulting Services Manager
    IBM Canada (LGS)

    Petar Hristov
    Research Director
    Info-Tech Research Group

    Steve Woodward
    Research Director
    CEO, Cloud Perspectives

    *Plus 10 additional interviewees who wish to remain anonymous.

    Bibliography

    “2021 State of the CIO.” IDG, 28 January 2021. Web.

    “4 Reasons Why CIOs Lose Their Jobs.” Silverton Consulting, 2012. Web.

    Beasley, Mark, Bruce Branson, and Bonnie Hancock. “The State of Risk Oversight,” AICPA, April 2021. Web.

    COBIT 2019. ISACA, 2019. Web.

    “Cognyte jeopardized its database exposing 5 billion records, including earlier data breaches.” SecureBlink, 21 June 2021. Web.

    Culp, Steve. “Accenture 2019 Global Risk Management Study, Financial Services Report.” Accenture, 2019. Web.

    Curtis, Patchin, and Mark Carey. “Risk Assessment in Practice.” COSO Committee of Sponsoring Organizations of the Treadway Commission, Deloitte & Touche LLP, 2012. Web.

    “Cyber Risk Management.” Insurance Bureau of Canada (IBC), 2022. Web.

    Eccles, Robert G., Scott C. Newquist, and Roland Schatz. “Reputation and Its Risks.” Harvard Business Review, February 2007. Web.

    Eden, C. and F. Ackermann. Making Strategy: The Journey of Strategic Management. Sage Publications, 1998.

    “Enterprise Risk Management Maturity Model.” OECD, 9 February 2021. Web.

    Ganguly, Saptarshi, Holger Harreis, Ben Margolis, and Kayvaun Rowshankish. “Digital Risks: Transforming risk management for the 2020s.” McKinsey & Company, 10 February 2017. Web.

    “Governance Institute of Australia Risk Management Survey 2020.” Governance Institute of Australia, 2020. Web.

    “Guidance on Enterprise Risk Management.” COSO, 2022. Web.

    Henriquez, Maria. “The Top 10 Data Breaches of 2021” Security Magazine, 9 December 2021. Web.

    Holmes, Aaron. “533 million Facebook users’ phone numbers and personal data have been leaked online.” Business Insider, 3 April 2021. Web.

    Bibliography

    “Integrated Risk and Compliance Management for Banks and Financial Services Organizations: Benefits of a Holistic Approach.” MetricStream, 2022. Web.

    “ISACA’s Risk IT Framework Offers a Structured Methodology for Enterprises to Manage Information and Technology Risk.” ISACA, 25 June 2020. Web.

    ISO 31000 Risk Management. ISO, 2018. Web.

    Lawton, George. “10 Enterprise Risk Management Trends in 2022.” TechTarget, 2 February 2022. Web.

    Levenson, Michael. “MGM Resorts Says Data Breach Exposed Some Guests’ Personal Information.” The New York Times, 19 February 2020. Web.

    Management of Risk (M_o_R): Guidance for Practitioners. Office of Government Commerce, 2007. Web.

    “Many small businesses vulnerable to cyber attacks.” Insurance Bureau of Canada (IBC), 5 October 2021.

    Maxwell, Phil. “Why risk-informed decision-making matters.” EY, 3 December 2019. Web.

    “Measuring and Mitigating Reputational Risk.” Marsh, September 2014. Web.

    Natarajan, Aarthi. “The Top 6 Business Risks you should Prepare for in 2022.” Diligent, 22 December 2021. Web.

    “Operational Risk Management Excellence – Get to Strong Survey: Executive Report.” KMPG and RMA, 2014. Web.

    “Third-party risk is becoming a first priority challenge.” Deloitte, 2022. Web.

    Thomas, Adam, and Dan Kinsella. “Extended Enterprise Risk Management Survey, 2020.” Deloitte, 2021. Web.

    Treasury Board Secretariat. “Guide to Integrated Risk Management.” Government of Canada, 12 May 2016. Web.

    Webb, Rebecca. “6 Reasons Data is Key for Risk Management.” ClearRisk, 13 January 2021. Web.

    “What is Enterprise Risk Management (ERM)?” RIMS, 2015. Web.

    Wiggins, Perry. “Do you spend enough time assessing strategic risks?” CFO, 26 January 2022. Web.

    Demystify Oracle Licensing and Optimize Spend

    • Buy Link or Shortcode: {j2store}136|cart{/j2store}
    • member rating overall impact (scale of 10): 9.9/10 Overall Impact
    • member rating average dollars saved: $85,754 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • License keys are not needed with optional features accessible upon install. Conducting quarterly checks of the Oracle environment is critical because if products or features are installed, even if they are not actively in use, it constitutes use by Oracle and requires a license.
    • Ambiguous license models and definitions abound: terminology and licensing rules can be vague, making it difficult to purchase licensing even with the best of intentions to keep compliant.
    • Oracle has aggressively started to force new Oracle License and Service Agreements (OLSA) on customers that slightly modify language and remove pre-existing allowances to tilt the contract terms in Oracle's favor.

    Our Advice

    Critical Insight

    • Focus on needs first. Conduct a thorough requirements assessment and document the results. Well-documented license needs will be your core asset in navigating Oracle licensing and negotiating your agreement.
    • Communicate effectively. Be aware that Oracle will reach out to employees at your organization at various levels. Having your executives on the same page will help send a strong message.
    • Manage the relationship. If Oracle is managing you, there is a high probability you are over paying or providing information that may result in an audit.

    Impact and Result

    • Conducting business with Oracle is not typical compared to other vendors. To emerge successfully from a commercial transaction with Oracle, customers must learn the "Oracle way" of conducting business, which includes a best-in-class sales structure, highly unique contracts and license use policies, and a hyper-aggressive compliance function.
    • Map out the process of how to negotiate from a position of strength, examining terms and conditions, discount percentages, and agreement pitfalls.
    • Develop a strategy that leverages and utilizes an experienced Oracle DBA to gather accurate information, and then optimizes it to mitigate and meet the top challenges.

    Demystify Oracle Licensing and Optimize Spend Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you need to understand and document your Oracle licensing strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish licensing requirements

    Begin your proactive Oracle licensing journey by understanding which information to gather and assessing the current state and gaps.

    • Demystify Oracle Licensing and Optimize Spend – Phase 1: Establish Licensing Requirements
    • Oracle Licensing Purchase Reference Guide
    • Oracle Database Inventory Tool
    • Effective Licensing Position Tool
    • RASCI Chart

    2. Evaluate licensing options

    Review current licensing models and determine which licensing models will most appropriately fit your environment.

    • Demystify Oracle Licensing and Optimize Spend – Phase 2: Evaluate Licensing Options

    3. Evaluate agreement options

    Review Oracle’s contract types and assess which best fit the organization’s licensing needs.

    • Demystify Oracle Licensing and Optimize Spend – Phase 3: Evaluate Agreement Options
    • Oracle TCO Calculator

    4. Purchase and manage licenses

    Conduct negotiations, purchase licensing, and finalize a licensing management strategy.

    • Demystify Oracle Licensing and Optimize Spend – Phase 4: Purchase and Manage Licenses
    • Oracle Terms & Conditions Evaluation Tool
    • Controlled Vendor Communications Letter
    • Vendor Communication Management Plan
    [infographic]

    Workshop: Demystify Oracle Licensing and Optimize Spend

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Licensing Requirements

    The Purpose

    Assess current state and align goals; review business feedback

    Interview key stakeholders to define business objectives and drivers

    Key Benefits Achieved

    Have a baseline for requirements

    Assess the current state

    Determine licensing position

    Examine cloud options

    Activities

    1.1 Gather software licensing data

    1.2 Conduct a software inventory

    1.3 Perform manual checks

    1.4 Reconcile licenses

    1.5 Create your Oracle licensing team

    1.6 Meet with stakeholders to discuss the licensing position, cloud offerings, and budget allocation

    Outputs

    Copy of your Oracle License Statement

    Software inventory report from software asset management (SAM) tool

    Oracle Database Inventory Tool

    RASCI Chart

    Oracle Licensing Effective License Position (ELP) Template

    Oracle Licensing Purchase Reference Guide

    2 Evaluate Licensing Options

    The Purpose

    Review licensing options

    Review licensing rules

    Key Benefits Achieved

    Understand how licensing works

    Determine if you need software assurance

    Discuss licensing rules, application to current environment.

    Examine cloud licensing

    Understand the importance of documenting changes

    Meet with desktop product owners to determine product strategies

    Activities

    2.1 Review full, limited, restricted, and AST use licenses

    2.2 Calculate license costs

    2.3 Determine which database platform to use

    2.4 Evaluate moving to the cloud

    2.5 Examine disaster recovery strategies

    2.6 Understand purchasing support

    2.7 Meet with stakeholders to discuss the licensing position, cloud offerings, and budget allocation

    Outputs

    Oracle TCO Calculator

    Oracle Licensing Purchase Reference Guide

    3 Evaluate Agreement Options

    The Purpose

    Review contract option types

    Review vendors

    Key Benefits Achieved

    Understand why a type of contract is best for you

    Determine if ULA or term agreement is best

    The benefits of other types and when you should change

    Activities

    3.1 Prepare to sign or renew your ULA

    3.2 Decide on an agreement type that nets the maximum benefit

    Outputs

    Type of contract to be used

    Oracle TCO Calculator

    Oracle Licensing Purchase Reference Guide

    4 Purchase and Manage Licenses

    The Purpose

    Finalize the contract

    Prepare negotiation points

    Discuss license management

    Evaluate and develop a roadmap for future licensing

    Key Benefits Achieved

    Negotiation strategies

    Licensing management

    Introduction of SAM

    Leverage the work done on Oracle licensing to get started on SAM

    Activities

    4.1 Control the flow of communication terms and conditions

    4.2 Use Info-Tech’s readiness assessment in preparation for the audit

    4.3 Assign the right people to manage the environment

    4.4 Meet with stakeholders to discuss the licensing position, cloud offerings, and budget allocation

    Outputs

    Controlled Vendor Communications Letter

    Vendor Communication Management Plan

    Oracle Terms & Conditions Evaluation Tool

    RASCI Chart

    Oracle Licensing Purchase Reference Guide

    Drive Customer Convenience by Enabling Text-Based Customer Support

    • Buy Link or Shortcode: {j2store}531|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Text messaging services and applications (such as SMS, iMessage, WhatsApp, and Facebook Messenger) have seen explosive growth over the last decade. They are an entrenched part of consumers’ daily lives. For many demographics, text messaging rather than audio calls is the preferred medium of communication via smartphone.
    • Despite the popularity of text messaging services and applications with consumers, organizations have been slow to adequately incorporate these channels into their customer service strategy.
    • The result is a major disconnect between the channel preferences of consumers and the customer service options being offered by businesses.

    Our Advice

    Critical Insight

    • IT must work with their counterparts in customer service to build a technology roadmap that incorporates text messaging services and apps as a core channel for customer interaction. Doing so will increase IT’s stature as an innovator in the eyes of the business, while allowing the broader organization to leapfrog competitors that have not yet added text-based support to their repertoire of service channels. Incorporating text messaging as a customer service channel will increase customer satisfaction, improve retention, and reduce cost-to-serve.
    • A prudent strategy for text-based customer service begins with defining the value proposition and creating objectives: is there a strong fit with the organization’s customers and service use cases? Next, organizations must create a technology enablement roadmap for text-based support that incorporates the right tools and applications to deliver it. Finally, the strategy must address best practices for text-based customer service workflows and appropriate resourcing.

    Impact and Result

    • Understand the value and use cases for text-based customer support.
    • Create a framework for enabling technologies that will support scalable text-based customer service.
    • Improve underlying business metrics such as customer satisfaction, retention, and time to resolution by having a plan for text-based support.
    • Better align IT with customer service and support needs.

    Drive Customer Convenience by Enabling Text-Based Customer Support Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should be leveraging text-based services for customer support, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create the business case for text-based customer support

    Understand the use cases and benefits of using text-based services for customer support, and establish how they align to the organization’s current service strategy.

    • Drive Customer Convenience by Enabling Text-Based Customer Support – Phase 1: Create the Business Case for Text-Based Customer Support
    • Text-Based Customer Support Strategic Summary Template
    • Text-Based Customer Support Project Charter Template
    • Text-Based Customer Support Business Case Assessment

    2. Create a technology enablement framework for text-based customer support

    Identify the right applications that will be needed to adequately support a text-based support strategy.

    • Drive Customer Convenience by Enabling Text-Based Customer Support – Phase 2: Create a Technology Enablement Framework for Text-Based Customer Support
    • Text-Based Customer Support Requirements Traceability Matrix

    3. Create customer service workflows for text-based support

    Create repeatable workflows and escalation policies for text-centric support.

    • Drive Customer Convenience by Enabling Text-Based Customer Support – Phase 3: Create Customer Service Workflows for Text-Based Support
    • Text-Based Customer Support TCO Tool
    • Text-Based Customer Support Acceptable Use Policy
    [infographic]

    Workshop: Drive Customer Convenience by Enabling Text-Based Customer Support

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Create the Business Case for Text-Based Support

    The Purpose

    Create the business case for text-based support.

    Key Benefits Achieved

    A clear direction on the drivers and value proposition of text-based customer support for your organization.

    Activities

    1.1 Identify customer personas.

    1.2 Define business and IT drivers.

    Outputs

    Identification of IT and business drivers.

    Project framework and guiding principles for the project.

    2 Create a Technology Enablement Framework for Text-Based Support

    The Purpose

    Create a technology enablement framework for text-based support.

    Key Benefits Achieved

    Prioritized requirements for text-based support and a vetted shortlist of the technologies needed to enable it.

    Activities

    2.1 Determine the correct migration strategy based on the current version of Exchange.

    2.2 Plan the user groups for a gradual deployment.

    Outputs

    Exchange migration strategy.

    User group organization by priority of migration.

    3 Create Service Workflows for Text-Based Support

    The Purpose

    Create service workflows for text-based support.

    Key Benefits Achieved

    Customer service workflows and escalation policies, as well as risk mitigation considerations.

    Present final deliverable to key stakeholders.

    Activities

    3.1 Review the text channel matrix.

    3.2 Build the inventory of customer service applications that are needed to support text-based service.

    Outputs

    Extract requirements for text-based customer support.

    4 Finalize Your Text Service Strategy

    The Purpose

    Finalize the text service strategy.

    Key Benefits Achieved

    Resource and risk mitigation plan.

    Activities

    4.1 Build core customer service workflows for text-based support.

    4.2 Identify text-centric risks and create a mitigation plan.

    4.3 Identify metrics for text-based support.

    Outputs

    Business process models assigned to text-based support.

    Formulation of risk mitigation plan.

    Key metrics for text-based support.

    Deliver a Customer Service Training Program to Your IT Department

    • Buy Link or Shortcode: {j2store}484|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $4,339 Average $ Saved
    • member rating average days saved: 6 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • The scope of service that the service desk must provide has expanded. With the growing complexity of technologies to support, it becomes easy to forget the customer service side of the equation. Meanwhile, customer expectations for prompt, frictionless, and exceptional service from anywhere have grown.
    • IT departments struggle to hire and retain talented service desk agents with the right mix of technical and customer service skills.
    • Some service desk agents don’t believe or understand that customer service is an integral part of their role.
    • Many IT leaders don’t ask for feedback from users to know if there even is a customer service problem.

    Our Advice

    Critical Insight

    • There’s a common misconception that customer service skills can’t be taught, so no effort is made to improve those skills.
    • Even when there is a desire to improve customer service, it’s hard for IT teams to make time for training and improvement when they’re too busy trying to keep up with tickets.
    • A talented service desk agent with both great technical and customer service skills doesn’t have to be a rare unicorn, and an agent without innate customer service skills isn’t a lost cause. Relevant and impactful customer service habits, techniques, and skills can be taught through practical, role-based training.
    • IT leaders can make time for this training through targeted, short modules along with continual on-the-job coaching and development.

    Impact and Result

    • Good customer service is critical to the success of the service desk. How a service desk treats its customers will determine its customers' satisfaction with not only IT but also the company as a whole.
    • Not every technician has innate customer service skills. IT managers need to provide targeted, practical training on what good customer service looks like at the service desk.
    • One training session is not enough to make a change. Leaders must embed the habits, create a culture of engagement and positivity, provide continual coaching and development, regularly gather customer feedback, and seek ways to improve.

    Deliver a Customer Service Training Program to Your IT Department Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should deliver customer service training to your team, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Deliver a Customer Service Training Program to Your IT Department – Executive Brief
    • Deliver a Customer Service Training Program to Your IT Department Storyboard

    1. Deliver customer service training to your IT team

    Understand the importance of customer service training, then deliver Info-Tech's training program to your IT team.

    • Customer Service Training for the Service Desk – Training Deck
    • Customer Focus Competency Worksheet
    • Cheat Sheet: Service Desk Communication
    • Cheat Sheet: Service Desk Written Communication
    [infographic]

    Get the Best Discount Possible With a Data-Driven Negotiation Approach

    • Buy Link or Shortcode: {j2store}610|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Vendors have well-honed negotiation strategies that don’t prioritize the customer’s best interest, and they will take advantage of your weaknesses to extract as much money as they can from the deal.
    • IT teams are often working with time pressure and limited resources or experience in negotiation. Even those with an experienced procurement team aren’t evenly matched with the vendor when it comes to the ins and outs of the product.
    • As a result, many have a poor negotiation experience and fail to get the discount they wanted, ultimately leading to dissatisfaction with the vendor.

    Our Advice

    Critical Insight

    • Requirements should always come first, but IT leaders are under pressure to get discounts and cost ends up playing a big role in decision making.
    • Cost is one of the top factors influencing satisfaction with software and the decision to leave a vendor.
    • The majority of software customers are receiving a discount. If you’re in the minority who are not, there are strategies you can and should be using to improve your negotiating skills. Discounts of up to 40% off list price are available to those who enter negotiations prepared.

    Impact and Result

    • SoftwareReviews data shows that there are multiple benefits to taking a concerted approach to negotiating a discount on your software.
    • The most common ways of getting a discount (e.g. volume purchasing) aren’t necessarily the best methods. Choose a strategy that is appropriate for your organization and vendor relationship and that focuses on maximizing the value of your investment for the long term. Optimizing usage or licenses as a discount strategy leads to the highest software satisfaction.
    • Using a vendor negotiation service or advisory group was one of the most successful strategies for receiving a discount. If your team doesn’t have the right negotiation expertise, Info-Tech can help.

    Get the Best Discount Possible With a Data-Driven Negotiation Approach Research & Tools

    Prepare to negotiate

    Leverage insights from SoftwareReviews data to best position yourself to receive a discount through your software negotiations.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Get the Best Discount Possible with a Data-Driven Negotiation Approach Storyboard
    [infographic]

    Mandate Data Valuation Before It’s Mandated

    • Buy Link or Shortcode: {j2store}121|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $25,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Data can be valuable if used properly or dangerous when mishandled.
    • The organization needs to understand the value of their data before they can establish proper data management practice.
    • Data is not considered a capital asset unless there is a financial transaction (e.g. buying or selling data assets).
    • Data valuation is not easy, and it costs money to collect, store, and maintain data.

    Our Advice

    Critical Insight

    • Data always outlives people, processes, and technology. They all come and go, while data remains.
    • Oil is a limited resource, data is not. Contrary to oil, data is likely to grow over time.
    • Data is likely to outlast all other current popular financial instruments including currency, assets, or commodities.
    • Data is used internally and externally and can easily be replicated or combined.
    • Data is beyond currency, assets, or commodities and needs to be a category of its own.

    Impact and Result

    • Every organization must calculate the value of their data. This will enable organizations to become truly data-driven.
    • Too much time has been spent arguing different methods of valuation. An organization must settle on valuation that is acceptable to all its stakeholders.
    • Align data governance and data management to data valuation. Often organizations struggle to justify data initiatives due to lack of visibility in data valuation.
    • Establish appropriate roles and responsibilities and ensure alignment to a common set of goals as a foundation to get the most accurate future data valuation for your organization.
    • Assess organization data assets and implementation roadmap that considers the necessary competencies and capabilities and their dependencies in moving towards the higher maturity of data assets.

    Mandate Data Valuation Before It’s Mandated Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand the value associated with the organization's data. Review Info-Tech’s methodology for assessing data value and justifying your data initiatives with a value proposition.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Demystify data valuation

    Understand the benefits of data valuation.

    • Mandate Data Valuation Before It’s Mandated – Phase 1: Demystify Data Valuation

    2. Data value chain

    Learn about the data value chain framework and preview the step-by-step guide to start collecting data sources.

    • Mandate Data Valuation Before It’s Mandated – Phase 2: Data Value Chain

    3. Data value assessment

    Mature your data valuation by putting in the valuation dimensions and metrics. Establish documented results that can be leveraged to demonstrate value in your data assets.

    • Mandate Data Valuation Before It’s Mandated – Phase 3: Data Value Assessment
    [infographic]

    Workshop: Mandate Data Valuation Before It’s Mandated

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Value of Data Valuation

    The Purpose

    Explain data valuation approach and value proposition.

    Key Benefits Achieved

    A clear understanding and case for data valuation.

    Activities

    1.1 Review common business data sources and how the organization will benefit from data valuation assessment.

    1.2 Understand Info-Tech’s data valuation framework.

    Outputs

    Organization data valuation priorities

    2 Capture Organization Data Value Chain

    The Purpose

    Capture data sources and data collection methods.

    Key Benefits Achieved

    A clear understanding of the data value chain.

    Activities

    2.1 Assess data sources and data collection methods.

    2.2 Understand key insights and value proposition.

    2.3 Capture data value chain.

    Outputs

    Data Valuation Tool

    3 Data Valuation Framework

    The Purpose

    Leverage the data valuation framework.

    Key Benefits Achieved

    Capture key data valuation dimensions and align with data value chain.

    Activities

    3.1 Introduce data valuation framework.

    3.2 Discuss key data valuation dimensions.

    3.3 Align data value dimension to data value chain.

    Outputs

    Data Valuation Tool

    4 Plan for Continuous Improvement

    The Purpose

    Improve organization’s data value.

    Key Benefits Achieved

    Continue to improve data value.

    Activities

    4.1 Capture data valuation metrics.

    4.2 Define data valuation for continuous monitoring.

    4.3 Create a communication plan.

    4.4 Define a plan for continuous improvements.

    Outputs

    Data valuation metrics

    Data Valuation Communication Plan

    Optimize Applications Release Management

    • Buy Link or Shortcode: {j2store}406|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $44,874 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • The business demands high service and IT needs to respond. Rapid customer response through efficient release and deployment is critical to maintain high business satisfaction.
    • The lack of process ownership leads to chaotic and uncoordinated releases, resulting in costly rework and poor hand-offs.
    • IT emphasizes tools but release tools and technologies alone will not fix the problem. Tools are integrated into the processes they support – if the process challenges aren’t addressed first, then the tool won’t help.
    • Releases are traditionally executed in silos with limited communication across the entire release pipeline. Culturally, there is little motivation for cross-functional collaboration and holistic process optimization.

    Our Advice

    Critical Insight

    • Release management is not solely driven by tools. It is about delivering high quality releases on time through accountability and governance aided by the support of tools.
    • Release management is independent of your software development lifecycle (SDLC). Release management practices sit as an agnostic umbrella over your chosen development methodology.
    • Ownership of the entire process is vital. Release managers ensure standards are upheld and the pipeline operates efficiently.

    Impact and Result

    • Acquire release management ownership. Ensure there is appropriate accountability for speed and quality of the releases passing through the entire pipeline. A release manager has oversight over the entire release process and facilitates the necessary communication between business stakeholders and various IT roles.
    • Instill holistic thinking. Release management includes all steps required to push release and change requests to production along with the hand-off to Operations and Support. Increase the transparency and visibility of the entire pipeline to ensure local optimizations do not generate bottlenecks in other areas.
    • Standardize and lay a strong release management foundation. Optimize the key areas where you are experiencing the most pain and continually improve.

    Optimize Applications Release Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize release management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review your release management objectives

    Assess the current state and define the drivers behind your release management optimizations.

    • Optimize Applications Release Management – Phase 1: Review Your Release Management Objectives
    • Release Management Process Standard Template
    • Release Management Maturity Assessment

    2. Standardize release management

    Design your release processes, program framework, and release change management standards, and define your release management team.

    • Optimize Applications Release Management – Phase 2: Standardize Release Management
    • Release Manager

    3. Roll out release management enhancements

    Create an optimization roadmap that fits your context.

    • Optimize Applications Release Management – Phase 3: Roll Out Release Management Enhancements
    [infographic]

    Workshop: Optimize Applications Release Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Your Release Management Objectives

    The Purpose

    Reveal the motivators behind the optimization of release management.

    Identify the root causes of current release issues and challenges.

    Key Benefits Achieved

    Ensure business alignment of optimization efforts.

    Firm grasp of why teams are facing release issues and the impacts they have on the organization.

    Activities

    1.1 Identify the objectives for application release.

    1.2 Conduct a current state assessment of release practices.

    Outputs

    Release management business objectives and technical drivers

    Current state assessment of release processes, communication flows, and tools and technologies

    2 Standardize Release Management

    The Purpose

    Alleviate current release issues and challenges with best practices.

    Standardize a core set of processes, tools, and roles & responsibilities to achieve consistency, cadence, and transparency.

    Key Benefits Achieved

    Repeatable execution of the same set of processes to increase the predictability of release delivery.

    Defined ownership of release management.

    Adaptable and flexible release management practices to changing business and technical environments.

    Activities

    2.1 Strengthen your release process.

    2.2 Coordinate releases with a program framework.

    2.3 Manage release issues with change management practices.

    2.4 Define your release management team.

    Outputs

    Processes accommodating each release type and approach the team is required to complete

    Release calendars and program framework

    Release change management process

    Defined responsibilities and accountabilities of release manager and release management team

    3 Roll Out Release Management Enhancements

    The Purpose

    Define metrics to validate release management improvements.

    Identify the degree of oversight and involvement of the release management team.

    Prioritize optimization roadmap against business needs and effort.

    Key Benefits Achieved

    Easy-to-gather metrics to measure success that can be communicated to stakeholders.

    Understanding of how involved release management teams are in enforcing release management standards.

    Practical and achievable optimization roadmap.

    Activities

    3.1 Define your release management metrics.

    3.2 Ensure adherence to standards.

    3.3 Create your optimization roadmap.

    Outputs

    List of metrics to gauge success

    Oversight and reporting structure of release management team

    Release management optimization roadmap

    Achieve Digital Resilience by Managing Digital Risk

    • Buy Link or Shortcode: {j2store}375|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $123,999 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance

    Businesses are expected to balance achieving innovation through initiatives that transform the organization with effective risk management. While this is nothing new, added challenges arise due to:

    • An increasingly large vendor ecosystem within which to manage risk.
    • A fragmented approach to risk management that separates cyber and IT risk from enterprise risk.
    • A rapidly growing number of threat actors and a larger attack surface.

    Our Advice

    Critical Insight

    • All risks are digital risks.
    • Manage digital risk with a collaborative approach that supports digital transformation, ensures digital resilience, and distributes responsibility for digital risk management across the organization.

    Impact and Result

    Address digital risk to build digital resilience. In the process, you will drive transformation and maintain digital trust among your employees, end users, and consumers by:

    • Defining digital risk, including primary risk categories and prevalent risk factors.
    • Leveraging industry examples to help identify external risk considerations.
    • Building a digital risk profile, addressing core risk categories, and creating a correlating plan for digital risk management.

    Achieve Digital Resilience by Managing Digital Risk Research & Tools

    Start here – read the Executive Brief

    Risk does not exist in isolation and must extend beyond your cyber and IT teams. Read our concise Executive Brief to find out how to manage digital risk to help drive digital transformation and build your organization's digital resilience.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Redefine digital risk and resilience

    Discover an overview of what digital risk is, learn how to assess risk factors for the five primary categories of digital risk, see several industry-specific scenarios, and explore how to plan for and mitigate identified risks.

    • Achieve Digital Resilience by Managing Digital Risk – Phases 1-2
    • Digital Risk Management Charter

    2. Build your digital risk profile

    Begin building the digital risk profile for your organization, identify where your key areas of risk exposure exist, and assign ownership and accountability among the organization’s business units.

    • Digital Risk Profile Tool
    • Digital Risk Management Executive Report
    [infographic]

    Workshop: Achieve Digital Resilience by Managing Digital Risk

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Scope and Define Digital Risk

    The Purpose

    Develop an understanding and standard definition of what digital risk is, who it impacts, and its relevance to the organization.

    Key Benefits Achieved

    Understand what digital risk means and how it differs from traditional enterprise or cybersecurity risk.

    Develop a definition of digital risk that recognizes the unique external and internal considerations of your organization.

    Activities

    1.1 Review the business context

    1.2 Review the current roles of enterprise, IT, and cyber risk management within the organization

    1.3 Define digital transformation and list transformation initiatives

    1.4 Define digital risk in the context of the organization

    1.5 Define digital resilience in the context of the organization

    Outputs

    Digital risk drivers

    Applicable definition of digital risk

    Applicable definition of digital resilience

    2 Make the Case for Digital Risk Management

    The Purpose

    Understand the roles digital risk management and your digital risk profile have in helping your organization achieve safe, transformative growth.

    Key Benefits Achieved

    An overview and understanding of digital risk categories and subsequent individual digital risk factors for the organization

    Industry considerations that highlight the importance of managing digital risk

    A structured approach to managing the categories of digital risk

    Activities

    2.1 Review and discuss industry case studies and industry examples of digital transformation and digital risk

    2.2 Revise the organization's list of digital transformation initiatives (past, current, and future)

    2.3 Begin to build your organization's Digital Risk Management Charter (with inputs from Module 1)

    2.4 Revise, customize, and complete a Digital Risk Management Charter for the organization

    Outputs

    Digital Risk Management Charter

    Industry-specific digital risks, factors, considerations, and scenarios

    The organization's digital risks mapped to its digital transformation initiatives

    3 Build Your Digital Risk Profile

    The Purpose

    Develop an initial digital risk profile that identifies the organization’s core areas of focus in managing digital risk.

    Key Benefits Achieved

    A unique digital risk profile for the organization

    Digital risk management initiatives that are mapped against the organization's current strategic initiatives and aligned to meet your digital resilience objectives and benchmarks

    Activities

    3.1 Review category control questions within the Digital Risk Profile Tool

    3.2 Complete all sections (tabs) within the Digital Risk Profile Tool

    3.3 Assess the results of your Digital Risk Profile Tool

    3.4 Discuss and assign initial weightings for ownership of digital risk among the organization's stakeholders

    Outputs

    Completion of all category tabs within the Digital Risk Profile Tool

    Initial stakeholder ownership assignments of digital risk categories

    4 Manage Your Digital Risk

    The Purpose

    Refine the digital risk management plan for the organization.

    Key Benefits Achieved

    A targeted, organization-specific approach to managing digital risk as a part of the organization's projects and initiatives on an ongoing basis

    An executive presentation that outlines digital risk management for your senior leadership team

    Activities

    4.1 Conduct brief information sessions with the relevant digital risk stakeholders identified in Module 3.

    4.2 Review and revise the organization's Digital Risk Profile as necessary, including adjusting weightings for the digital risk categories

    4.3 Begin to build an actionable digital risk management plan

    4.4 Present your findings to the organization's relevant risk leaders and executive team

    Outputs

    A finalized and assessed Digital Risk Profile Tool

    Stakeholder ownership for digital risk management

    A draft Digital Risk Management plan and Digital Risk Management Executive Report

    Assess Infrastructure Readiness for Digital Transformation

    • Buy Link or Shortcode: {j2store}300|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    There are many challenges for I&O when it comes to digital transformation, including:

    • Legacy infrastructure technical debt
    • Skills and talent in the IT team
    • A culture that resists change
    • Fear of job loss

    These and many more will hinder your progress, which demonstrates the need to invest in modernizing your infrastructure, investing in training and hiring talent, and cultivating a culture that supports digital transformation.

    Our Advice

    Critical Insight

    By using the framework of culture, competencies, collaboration and capabilities, organizations can create dimensions in their I&O structure in order to shift from traditional infrastructure management to becoming a strategic enabler, driving agility, innovation, and operational excellence though the effective integration of people, process, and technology.

    Impact and Result

    By driving a customer-centric approach, delivering a successful transformation can be tailored to the business goals and drive adoption and engagement. Refining your roadmap through data and analytics will drive this change. Use third-party expertise to guide your transformation and help build that vision of the future.

    Assess Infrastructure Readiness for Digital Transformation Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess Infrastructure Readiness for Digital Transformation – Unlock the full potential of your infrastructure with a digital transformation strategy and clear the barriers for success.

  • Be customer centric as opposed to being technology driven.
  • Understanding business needs and pain points is key to delivering solutions.
  • Approach infrastructure digital transformation in iterations and look at this as a journey.
    • Assess Infrastructure Readiness for Digital Transformation Storyboard
    • I&O Digital Transformation Maturity Assessment Tool

    Infographic

    Further reading

    Assess Infrastructure Readiness for Digital Transformation

    Unlock the full potential of your infrastructure with a digital transformation strategy and clear the barriers to success.

    Analyst Perspective

    It’s not just about the technology!

    Many businesses fail in their endeavors to complete a digital transformation, but the reasons are complex, and there are many ways to fail, whether it is people, process, or technology. In fact, according to many surveys, 70% of digital transformations fail, and it’s mainly down to strategy – or the lack thereof.

    A lot of organizations think of digital transformation as just an investment in technology, with no vision of what they are trying to achieve or transform. So, out of the gate, many organizations fail to undergo a meaningful transformation, change their business model, or bring about a culture of digital transformation needed to be seriously competitive in their given market.

    When it comes to I&O leaders who have been given a mandate to drive digital transformation projects, they still must align to the vision and mission of the organization; they must still train and hire staff that will be experts in their field; they must still drive process improvements and align the right technology to meet the needs of a digital transformation.

    John Donovan

    John Donovan

    Principal Research Director, I&O
    Info-Tech Research Group

    Insight summary

    Overarching insight

    Digital transformation requires I&O teams to shift from traditional infrastructure management to becoming a strategic enabler, driving agility, innovation, and operational excellence through effective integration of people, process, and technology.

    Insight 1

    Collaboration is a key component of I&O – Promote strong collaboration between I&O and other business functions. When doing a digital transformation, it is clear that this is a cross-functional effort. Business leaders and IT teams need to align their objectives, prioritize initiatives, and ensure that you are seamlessly integrating technologies with the new business functions.

    Insight 2

    Embrace agility and adaptability as core principles – As the digital landscape continues to evolve, it is paramount that I&O leaders are agile and adaptable to changing business needs, adopting new technology and implementing new innovative solutions. The culture of continuous improvement and openness to experimentation and learning will assist the I&O leaders in their journey.

    Insight 3

    Future-proof your infrastructure and operations – By anticipating emerging technologies and trends, you can proactively plan and organize your team for future needs. By investing in scalable, flexible infrastructure such as cloud services, automation, AI technologies, and continuously upskilling the IT staff, you can stay relevant and forward-looking in the digital space.

    Tactical insight

    An IT infrastructure maturity assessment is a foundational step in the journey of digital transformation. The demand will be on performance, resilience, and scalability. IT infrastructure must be able to support innovation and rapid deployment of services.

    Tactical insight

    Having a clear strategy, with leadership commitment along with hiring and training the right people, monitoring and measuring your progress, and ensuring it is a business-led journey will increase your chances of success.

    Executive Summary

    Your Challenge

    There are a lot of challenges for I&O when it comes to digital transformation, including:

    • Legacy infrastructure technical debt.
    • Skills and talent in the IT team.
    • A culture that resists change.
    • Fear of job loss.

    These and many more will hinder your progress, which demonstrates the need to invest in modernizing your infrastructure, investing in training and hiring talent, and cultivating a culture that supports digital transformation.

    Common Obstacles

    Many obstacles to digital transformation begin with non-I&O activities, including:

    • Lack of a clear vision and strategy.
    • Siloed organizational structure.
    • Lack of governance and data management.
    • Limited budget and resources.

    By addressing these obstacles, I&O will have a better chance of a successful transformation and delivering the full potential of digital technologies.

    Info-Tech's Approach

    Building a culture of innovation by developing clear goals and creating a vision will be key.

    • Be customer centric as opposed to being technology driven.
    • Understand the business needs and pain points in order to effectively deliver solutions.
    • Approach infrastructure digital transformation in iterations and look at it as a journey.

    By completing the Info-Tech digital readiness questionnaire, you will see where you are in terms of maturity and areas you need to concentrate on.

    Info-Tech Insight

    By driving a customer-centric approach, delivering a successful transformation can be tailored to the business goals and drive adoption and engagement. Refining your roadmap through data and analytics will drive this change. Use third-party expertise to guide your transformation and help build that vision of the future.

    The cost of digital transformation

    The challenges that stand in the way of your success, and what is needed to reverse the risk

    What CIOs are saying about their challenges

    26% of those CIOs surveyed cite resistance to change, with entrenched viewpoints demonstrating a real need for a cultural shift to enhance the digital transformation journey.

    Source: Prophet, 2019.

    70% of digital transformation projects fall short of their objectives – even when their leadership is aligned, often with serious consequences.

    Source: BCG, 2020.

    Having a clear strategy and commitment from leadership, hiring and training the right people, monitoring and measuring your progress, and ensuring it is a business-led journey will increase your chances of success.

    Info-Tech Insight

    Cultural change, business alignment, skills training, and setting a clear strategy with KPIs to demonstrate success are all key to being successful in your digital journey.

    Small and medium-sized enterprises

    What business owners and CEOs are saying about their digital transformation

    57% of small business owners feel they must improve their IT infrastructure to optimize their operations.

    Source: SMB Story, 2023.

    64% of CEOs believe driving digital transformation at a rapid pace is critical to attracting and retaining talent and customers.

    Source: KPMG, 2022.

    Info-Tech Insight

    An IT infrastructure maturity assessment is a foundational step in the journey of digital transformation. The demand will be on performance, resilience, and scalability. IT infrastructure must be able to support innovation and rapid deployments.