Take a Realistic Approach to Disaster Recovery Testing

Reduce costly downtime with a right-sized testing program that improves IT resilience.

Analyst Perspective

Reduce costly downtime with a right-sized testing program that improves IT resilience.

Most businesses make significant investments in disaster recovery and technology resilience. Redundant sites and systems, monitoring, intrusion prevention, backups, training, documentation: it all costs time and money.

But does this investment deliver expected value? Specifically, can you deliver service continuity in a way that meets business requirements?

You can’t know the answer without regularly testing recovery processes and systems. And more than just validation, testing helps you deliver service continuity by finding and addressing gaps in your plans and training your staff on recovery procedures.

Use the insights, tools, and templates in this research to create a streamlined and effective resilience testing program that helps validate recovery capabilities and enhance service reliability, availability, and continuity.

Andrew Sharp

Research Director, Infrastructure & Operations
Info-Tech Research Group

Executive Summary

Info-Tech Insight

If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience. Focus on identifying gaps and risks so you can address them before a real disaster hits.

Process and Outputs

This research is accompanied by templates to help you achieve your goals faster.

1 - Establish the business rationale for DR testing.
2 - Review a range of options for testing.
3 - Prioritize tests that are most valuable to your business.
4 - Create a disaster recovery test plan.
5 - Establish a Test Program to support a regular testing cycle.

Outputs:

Orange activity slides like the one on the left provide directions to help you make key decisions.

Key Deliverable:

Disaster Recovery Test Plan Template

Build a plan for your first disaster recovery test.

This document provides a complete example you can use to quickly build your own plan, including goals, milestones, participants, the test-day schedule, and findings from the after-action review.

Why test?

Testing helps you avoid costly downtime

• In a disaster scenario, speed matters. Immediately after an outage, the impact on the organization is small, but impact increases rapidly the longer the outage continues.
• A quick and reliable response and recovery can protect the organization from significant losses.
• A DRP testing and maintenance program helps ensure you’re ready to recover when you need to, rather than figuring it out as you go.

“Routine testing is vital to survive a disaster… that’s when muscle memory sets in. If you don’t test your DR plan it falls [in importance], and you never see how routine changes impact it.”

– Jennifer Goshorn
Chief Administrative Officer
Gunderson Dettmer LLP

Info-Tech members estimated even one day of system downtime could lead to significant revenue losses.

Average estimated potential loss* in thousands of USD due to a 24-hour outage (N=41)

*Data aggregated from 41 business impact analyses (BIAs) conducted with Info-Tech advisory assistance. BIAs evaluate potential revenue loss due to a full day of system downtime, at the worst possible time.

Run tests to enhance disaster recovery plans

Testing improves organizational resilience

• Identify and address gaps in your plans before a real disaster strikes.
• Cross-train staff on systems recovery.
• Go beyond testing technology to test recovery processes.
• Establish a culture that centers resilience in everyday decision-making.

Testing keeps DR documentation ready for action

• Update documentation ahead of tests to prepare for the testing exercise.
• Update documentation after testing to incorporate any lessons learned.

Testing validates that investments in resilience deliver value

• Confirm your organization can meet defined recovery time objectives (RTOs) and recovery point objectives (RPOs).
• Provide proof of testing for auditors, prospective customers, and insurance applications

Overcome testing challenges

Despite the value of effective recovery testing, most IT organizations struggle to test recovery plans

Common challenges

• Key resources don’t have time for testing exercises.
• You don’t have the technology to support live recovery testing.
• Tests are done ad hoc and lessons learned are lost.
• A lack of business support for test exercises as the value isn’t understood.
• Tests are always artificially simple because RTOs and RPOs must be met to satisfy customer or auditor inquiries

Overcome challenges with a realistic approach:

• Start small with tabletop and recovery tests for specific systems.
• Include recovery tests in operational tasks (e.g. restore systems when you have a maintenance window).
• Create testing plans for larger testing exercises.
• Build on successful tests to streamline testing exercises in the future.
• Don’t make testing a pass-fail exercise. Focus on identifying gaps and risks so you can address them before a real disaster hits.

Go beyond traditional testing

Different test techniques help validate recovery against different threats

• There are many threats to service continuity, including ransomware, severe weather events, geopolitical conflict, legacy systems, staff turnover, and day-to-day outages caused by human error, software updates, hardware failures, or network outages.
• At its core, disaster recovery planning is about recovery. A plan for service recovery will help you mitigate against many threats at once. The testing approaches on the right will help you validate different aspects of that recovery process.
• This research will provide an overview of the approaches outlined on the right and help you prioritize tests that are most valuable to your organization.

00 Identify a working group

30 minutes

Identify a group of participants who can fill the following roles and inform the discussions around testing in this research. A single person could fill multiple roles and some roles could be filled by multiple people. Many participants will be drawn from the larger DRP team.

Start by updating your disaster recovery plan (DRP)

Use Info-Tech’s Create a Right-Sized Disaster Recovery Plan research to identify recovery objectives based on business impact and outline recovery processes. Both are tremendously valuable inputs to your test plans.

Overall Business Continuity Plan

01 Confirm: why test at all?

15-30 minutes

Identify the value recovery testing for your organization. Use language appropriate for a nontechnical audience. Start with the list below and add, modify, or delete bullet points to reflect your own organization.

Drivers for testing – Examples:

• Improve service continuity.
• Identify and address gaps in recovery plans before a real disaster strikes.
• Cross-train staff on systems recovery to minimize single points of failure.
• Identify how we coordinate across teams during a major systems outage.
• Exercise both recovery processes and technology.
• Support a culture that centers system resilience in everyday decision-making.
• Keep recovery documentation up-to-date and ready for action.
• Confirm that our stated recovery objectives can be met.
• Provide proof of testing for auditors, prospective customers, and insurance applications.
• We require proof of testing to pass audits and renew cybersecurity insurance.

Info-Tech Insight

Time-strapped technical staff will sometimes push back on planning and testing, objecting that the team will “figure it out” in a disaster. But the question isn’t whether recovery is possible – it’s whether the recovery aligns with business needs. If your plan is to “MacGyver” a solution on the fly, you can’t know if it’s the right solution for your organization.

Think about what and how you test

Find gaps and risks with tabletop testing

In a tabletop planning exercise, the team walks through a disaster scenario to outline the recovery workflow, and risks or gaps that could disrupt that workflow.

Tabletops are particularly effective because:

• It enables you to play out a wider range of scenarios than technology-based testing (e.g. full-scale, parallel) due to cost and complexity factors.
• It is non-intrusive, so it can be executed more easily than other testing methodologies.
• The exercise translates into recovery documentation: you create a workflow as you go.
• A major site or service recovery scenario will review all aspects of the recovery process and create the backbone of your recovery plan.

02 Run a tabletop exercise

2 hours

Tabletop testing is part of our core DRP methodology, Create a Right-Sized Disaster Recovery Plan. This exercise can be run using cue cards, sticky notes, or on a whiteboard; many of our facilitators find building the workflow directly in flowchart software to be very effective.

Use our Recovery Workflow Template as a starting point.

Some tips for running your first tabletop exercise:

1. Ahead of the exercise, decide on a scenario, identify participants, and book a meeting time.
   • For your first walkthrough of a DR scenario, we often recommend a scenario that considers a site failure requiring failover to a DR site.
   • For the first exercise, focus on technical aspects of recovery before bringing in members of the business. The technical team may need space to discuss the appropriate steps in the recovery process before you bring in business liaisons to discuss user acceptance testing (UAT).
   • A complete failover considers all systems, the viability of your second site, and can help identify parts of the process that require additional exercises.
2. Review the scenario with participants. Then, discuss and document the recovery process, starting with initial notification of an event.
   • Record steps in the process on white cards or boxes.
   • On yellow and red cards, document gaps and risks in people process and technology requirements.
3. Once you’ve walked through the process, return to the start.
   • Record the time required to complete each step. Consider identifying who is responsible for key steps. Identify any additional gaps and risks.
4. Clean up and record the results of the workflow. Save a copy with your DRP documentation.

Move from tabletop testing to functional exercises

See how your plans fare in the real world

In live exercises, some portion of your recovery plans are executed in a way that mimics a real recovery scenario. Some advantages of live testing:

• See how standby systems behave. A tabletop exercise can miss small issues that can make or break the recovery process. For example, connectivity or integration issues on a new subnet might be difficult to predict prior to actually running services in that environment.
• Hands-on practice: Familiarize the team with the steps, commands, and interfaces of your recovery toolset.
• Manage the pressure of the DR scenario: Nothing’s quite like the real thing, but a live exercise may be the closest your team can get to a disaster situation without experiencing it firsthand.

Examples of live exercises

Run local tests ahead of releases

Think small

Most unacceptable downtime is caused by localized issues, such as hardware or software failures, rather than widespread destructive events. Regular local testing can help validate the recovery plan for local issues and improve overall service continuity.

Make local testing a standard step in maintenance work and new deployments to embed resilience considerations in day-to-day activities. Run the same tests in both your primary and your DR environment.

Some examples of localized tests:

• Review backup logs and check for errors.
• Restore files or whole systems from backup.
• Run application-based tests as part of release management, including unit, regression, and performance tests.
  • Ensure application tests are run for both the primary and DR environment.
  • For a deep-dive on application testing, see Info-Tech’s research Automate Testing to Get More Done.

Info-Tech Insight

Local tests will vary between different services, and local test design is usually best left to the system SMEs. At the same time, centralize reporting to understand where tests are being done.

Investigate whether your IT Service Management or ticketing system can create recurring tasks or work orders to schedule, document, and track test exercises. Tasks can be pre-populated with checklists and documentation to support the test and provide a record of completed tests to support oversight and reporting.

Have the business validate recovery

If your business doesn’t think a system’s recovered, it’s not recovered.

User acceptance testing (UAT) after system recovery is a key step in the recovery process. Like any step in the process, there’s value in testing it before it actually needs to be done. Assign responsibility for building UATs to the person who will be responsible for executing them.

An acceptance test script might look something like the checklist below.

• Does the application open?
• Does the interface look right?
• Do you see any unusual notifications or warnings?
• Can you conduct a key transaction with dummy data?
• Can you run key reports?

“I cannot stress how important it is to assign ownership of responsibilities in a test; this is the only way to truly mitigate against issues in a test.”

– Robert Nardella
IT Service Management
Certified z/OS Mainframe Professional

Info-Tech Insight

Build test scripts and test transactions ahead of time to minimize the amount of new work required during a recovery scenario.

Beyond the Basics: Full Failover Testing

• A failover test – a full failover of your production environment to a secondary environment – is what many IT and businesspeople think about when they think of disaster recovery testing.
• A full test can validate previous local or tabletop tests, identify additional gaps and risks, and provide hands-on training experience with recovery processes and technologies.
• Setting a date for failover testing can also inject some urgency into otherwise low-priority (but high importance) disaster recovery planning and documentation exercises, which need to be completed prior to the test.
• Despite these benefits, full failover tests carry significant risk and require a great deal of effort and cost. Typically, only businesses that already have an active-active environment capable of supporting in-scope production systems are able to run a full environment failover.
• This is especially true the first time you test. While in theory a DR plan should be ready to go at any time, there will be documents to update, gaps to address, and risks to mitigate before you go ahead with the test.

Full Failover Testing

What you get:

• Provide hands-on experience with recovery processes and technology.
• Confirm that site failover works in practice as you assumed in tabletop or local testing exercises.
• Identify critical gaps you might have missed without a full failover test.

What you need:

• An active-active secondary site, with sufficient standby equipment, data, and licensed standby software to support production.
• A completed tabletop exercise and documented recovery workflow.
• A documented test plan, backout plan, and formal sign-off.
• An off-hours downtime window.
• Time from technical SMEs and business resources, both for creating the plan and executing the test.

Beyond the Basics: Site Reliability Engineering

• Site reliability engineering (SRE) is an application of skills and approaches from software engineering to improve system resilience.
• SRE is focused on “availability, latency, performance, efficiency, change management, monitoring, emergency response, and capacity planning” across a set portfolio of services (Sloss, 2017).
• In many organizations, SRE is implemented as a team that supports separate applications teams.
• Applications must have defined and granular resilience requirements, translated into service objectives. The SRE team and applications teams will work together to meet these objectives.
• Site reliability engineers (the folks that do SRE, and often also abbreviated as SREs) are expected to build solutions and processes to ensure services remain stable and performant, not just respond when they fail. For example, Google allows their SREs to spend just half their time on incident response, with the rest of their time focused on development and automation tasks.

Site Reliability Testing

What you get:

• Improved reliability and reduced frequency and impact of downtime.
• Increased use of automation to address problems before they cause an incident.
• Granular resilience objectives.

What you need:

• Systems running on software-defined infrastructure.
• Specialized skills in programming, infrastructure-as-code.
• Business & product owners able to define and fund acceptable and appropriate resilience objectives.
• Technical experts able to translate product requirements into technical design requirements.

Beyond the Basics: Chaos Engineering

• Chaos engineering, a term and approach first popularized by the team at Netflix, aims to improve the resilience of particularly large and distributed systems by simulating system failures and evaluating performance against a baseline.
• Experiments simulate a variety of real-world events that could cause outages (e.g. network slowdowns or server failures). Experiments run continuously, and the recommendation is to run them in production where feasible while minimizing the impact on customers.
• Tools to help you run chaos testing exist, including open-source toolkits like Chaos Monkey or Mangle and paid software as a service (SaaS) solutions like Gremlin.
• Deciding whether the long-term benefits of tests that can degrade production are worth the potential risk of system slowdowns or outages is a business or product decision. Technical considerations aside, if the business owner of a particular system doesn’t see the value of continuous testing outweighing the introduced risk, this approach to testing isn’t going to happen.

Chaos Engineering

What you get:

• Confidence that systems can weather volatile and unpredictable conditions in a production environment.
• An embedded resilience culture.

What you need:

• High-maturity IT incident, monitoring and event practices.
• Standby/resilient systems to minimize downtime impact.
• Business buy-in for introducing risk into the production environment.
• Specialized skills to identify, develop, and run tests that degrade production performance in a controlled way.
• Budget and time to act on issues identified through testing.

Beyond the Basics: Security Event Simulations

• Ransomware is driving demands for proof of recovery testing from customers, executives, auditors, and insurance companies. Systems recovery is part of ransomware recovery, but recovering from a breach includes detection, analysis, containment, and eradication of the attack vector before systems recovery can begin.
• Beyond technical recovery, internal legal and communications teams will have a role, as will your insurance provider, consultants specialized in ransomware recovery, or professional ransom negotiators.
• A tabletop exercise focused on ransomware incident response is a key first step. You can find Info-Tech’s methodology for a ransomware tabletop in Phase 3 of Build Resilience Against Ransomware Attacks.
• Live testing approaches can offer hands-on experience and further insight into how your systems are vulnerable to malware. A variety of open source and proprietary tools can simulate ransomware and help you identify problems, though it’s important to understand the limitations of different simulators (Allon, 2022).
• A “red team” exercise simulates an adversarial attack against your processes and systems. A specialized penetration tester will often take on the role of the red team and provide a report of identified gaps and risks after the engagement.

Security Event Simulation

What you get:

• Hands-on experience managing and recovering from a ransomware attack in a controlled environment.
• A better understanding of gaps in your response process.

What you need:

• A completed ransomware tabletop exercise and mature security incident response processes.
• For Ransomware Simulators: An air-gapped sandbox environment hosting a copy of your production systems and security tools, and time from your technical SMEs.
• For Red Team Exercises: A trusted provider, scope for your testing plans, and time from your security incident response team.

Prioritize tests by asking these three questions

1. Will the scope of this test deliver sufficient value?

• Yes, these are critical systems with low tolerance for downtime or data loss.
• Yes, major changes or new systems require validation of DR capabilities.
• Yes, there’s high probability of an outage, or recent experience of an outage.
• •Yes, we have audit requirements or customer demands for testing.

2. Are we ready for this test?

• Yes, recovery plans and recovery objectives are documented.
• Yes, key technical and business resources have time to commit to testing exercises.
• Yes, technology is currently able to support proposed tests.

3. Is it easy to do?

• Yes, effort required to complete the test is low (i.e. minimal work, few participants).
• Yes, the risks related to testing are low.
• Yes, it won’t cost much.

Info-Tech Insight

More complex, challenging, risky, or costly tests, such as full failover tests, can deliver value. But do the high-value, low-effort stuff first!

03 Brainstorm and prioritize test ideas

30-60 minutes

Even if you have an idea of what you need to test and how you want to run those tests, this brainstorming exercise can generate useful ideas for testing that might otherwise have been missed.

1. Review the slides above to develop ideas on how and what you want to test. These slides may be enough to kickstart a brainstorming process. Don’t debate or discount ideas at this point. Write down these ideas in a space where all participants can see them (e.g. whiteboard or shared screen).

The next steps will help you prioritize the list – if needed – to tests that are highest value and lowest effort.

1. Discuss where you have the greatest need to test. Assign a score of 0 – 3 for each test, with a score of 3 being high-need and a score of zero being low-need. Consider whether:
   • These applications have a low tolerance for downtime.
   • There’s a high chance of an outage, or recent experience with an outage.
   • There’s a need to train or cross-train staff on recovery for the system(s) in question.
   • Major changes require a review or validation of DR capabilities.
   • Audit requirements or customer/executive demands can be met via testing.
2. Discuss which tests will require the least effort to complete – where readiness is high and tests are easier to do. Assign a score between 0 and 3 for each test, with a score of 3 being least effort and a score of 0 being high effort. Consider whether:
   • Recovery plans and recovery objectives are documented for these systems.
   • Technical experts are available to work on testing exercises.
   • For active testing, standby/sandbox systems are available and capable of supporting proposed tests.
   • The effort required to complete the test is low (e.g. minimal new work, few participants).
   • The risks related to testing are low.
   • You will need to secure additional funding.
3. Sum together the assigned scores for each test. Higher scores should be the highest priority, but of course use your judgement to validate the results and select one or two tests to execute in the coming year.

“There are different levels of testing and it is very progressive. I do not recommend my clients to do anything, unless they do it in a progressive fashion. Don’t try to do a live failover test with your users, right out of the box.”

– Steve Tower
Principal Consultant
Prompta Consulting Group

04 Build a test plan

3-5 days

Building a test plan helps the test run smoothly and can uncover issues with the underlying DRP as you dig into the details.

The test coordinator will own the plan document but will rely on the sponsor to confirm scope and goals, technical SMEs to develop system recovery plans, and business liaisons to create UAT scripts.

Download Info-Tech’s Disaster Recovery Test Plan Template. Use the structure of the template to build your own document, deleting example data as you go. Consider saving a separate copy of this document as an example and working from a second copy.

Key sections of the document include:

• Goals, scenario, and scope of the test.
• Assumptions, constraints, risks, and mitigation strategies.
• Test participants.
• Key pre-test milestones, and test-day schedule.
• After-action review.

Download the Disaster Recovery Test Plan Template

05 Run an after-action review

30-60 minutes

Take time after test exercises – especially large-scale tests with many participants – to consider what went well, what didn’t, and where you can improve future testing exercises. Track lessons learned and next steps at the bottom of your test plan.

1. Start with a short (5-10 minute) debrief of the test and allow participants to ask questions. Confirm:
   • Did we meet the goals we set for the exercise, including RTOs and RPOs?
   • What was done well? What issues, gaps, and risks were identified?
2. Work through variations of the following questions:
   • Was the test plan effective, and was the test well organized?
   • Was the documentation effective? Where did we follow the plan as documented, and where did we deviate from the plan?
   • Was our communication/collaboration during the test effective?
   • Have gaps and issues found during the test been reported to the testing coordinator? Could some of the issues uncovered apply more broadly to other IT services as well?
   • What could we test next, based on what was discovered?
   • Are there other tools or approaches that could be useful?

Follow a testing cycle

All tests are expected to drive actions to improve resilience, as appropriate. Experience from previous tests will be applied to future testing exercises.

Use your experience to simplify testing

The fifth testing exercise should be easier than the first

Outputs and lessons learned from testing should help you run future tests.

• With past experience under their belt, participants should have a better understanding of their role, and of their peers’ roles, and the goal of the exercise.
• Facilitators will be more comfortable facilitating the exercise, and everyone should be more confident in the steps required to recover their systems.
• Gather feedback from participants through after-action reviews to identify what worked and what didn’t.
• Documentation from previous tests can provide a template for future tests.
• Gaps identified in previous tests can provide ideas for future tests.

Info-Tech Insight

Testing should get easier over time. But if you’re easily passing every test, it’s a sign that you’re ready to run more challenging tests.

06 Create a test program summary

2-4 hours

Regular testing allows you to build on prior tests and helps keep plans current despite changes to your environment.

Keeping a regular testing schedule requires expertise, a process to coordinate your efforts, and a level of governance to provide oversight and ensure testing continues to deliver value. Create a call to action using Info-Tech’s Disaster Recovery Testing Program Summary Template.

The result is a summary document that:

• Identifies key takeaways and testing goals
• Presents key elements of the testing program
• Outlines the testing cycle
• Lists expected milestones for the next year
• Identifies participants
• Recommends next steps

“It is extremely important in the early stages of development to concentrate the focus on actual recoverability and data protection, enhancing these capabilities over time into a fully matured program that can truly test the recovery, and not simply focusing on the testing process itself.”

– Joe Starzyk
Senior Business Development Executive
IBM Global Services

Research Contributors and Experts

• Bernard A. Jones, Business Continuity & Disaster Recovery Expert
• Robert Nardella, IT Service Management, Certified z/OS Mainframe Professional
• Larry Liss, Chief Technology Officer, Blank Rome LLP
• Jennifer Goshorn, Chief Administrative and Chief Compliance Officer, Gunderson Dettmer LLP
• Paul Kirvan, FBCI, CISA, Independent IT Consultant/Auditor, Paul Kirvan Associates
• Steve Tower, Principal Consultant, Prompta Consulting Group
• Joe Starzyk, Senior Business Development Executive, IBM Global Services
• Thomas Bronack, Enterprise Resiliency and Corporate Certification Consultant, DCAG
• Paul S. Randal, CEO & Owner, SQLskills.com
• Tom Baumgartner, Disaster Recovery Analyst, Catholic Health

Bibliography

Alton, Yoni. “Ransomware simulators – reality or a bluff?” Palo Alto Blog, 2 May 2022. Accessed 31 Jan 2023.
https://www.paloaltonetworks.com/blog/security-operations/ransomware-simulators-reality-or-a-bluff/

Brathwaite, Shimon. “How to Test your Business Continuity and Disaster Recovery Plan,” Security Made Simple, 13 Nov 2022. Accessed 31 Jan 2023.
https://www.securitymadesimple.org/cybersecurity-blog/how-to-test-your-business-continuity-and-disaster-recovery-plan

The Business Continuity Institute. Good Practice Guidelines: 2018 Edition. The Business Continuity Institute, 2017.

Emigh, Jacqueline. “Disaster Recovery Testing: Ensuring Your DR Plan Works,” Enterprise Storage Forum, 28 May 2019. Accessed 31 Jan 2023.
Disaster Recovery Testing: Ensuring Your DR Plan Works | Enterprise Storage Forum

Gardner, Dana. "Case Study: Strategic Approach to Disaster Recovery and Data Lifecycle Management Pays off for Australia's SAI Global." ZDNet. BriefingsDirect, 26 Apr 2012. Accessed 31 Jan 2023.
http://www.zdnet.com/article/case-study-strategic-approach-to-disaster-recovery-and-data-lifecycle-management-pays-off-for-australias-sai-global/.

IBM. “Section 11. Testing the Disaster Recovery Plan.” IBM, 2 Aug 2021. Accessed 31 Jan 2023. Section 11. Testing the disaster recovery plan - IBM Documentation Lutkevich, Ben and Alexander Gillis. “Chaos Engineering”. TechTarget, Jun 2021. Accessed 31 Jan 2023.
https://www.techtarget.com/searchitoperations/definition/chaos-engineering

Monperrus, Martin. “Principles of Antifragility.” Arxiv Forum, 7 June 2017. Accessed 31 Jan 2023.
https://arxiv.org/ftp/arxiv/papers/1404/1404.3056.pdf

“Principles of Chaos Engineering.” Principles of Chaos Engineering, 2019 March. Accessed 31 Jan 2023.
https://principlesofchaos.org/

Sloss, Benjamin Treynor. “Introduction.” Site Reliability Engineering. Ed. Betsy Beyer. O’Reilly Media, 2017. Accessed 31 Jan 2023.
https://sre.google/sre-book/introduction/

Build a Data Integration Strategy

Integrate your data or disintegrate your business.

ANALYST PERSPECTIVE

Integrate your data or disintegrate your business.

"Point-to-point integration is an evil that builds up overtime due to ongoing business changes and a lack of integration strategy. At the same time most businesses are demanding consistent, timely, and high-quality data to fuel business processes and decision making.

A good recipe for successful data integration is to discover the common data elements to share across the business by establishing an integration platform and a canonical data model.

Place yourself in one of our use cases and see how you fit into a common framework to simplify your problem and build a data-centric integration environment to eliminate your data silos."

Rajesh Parab, Director, Research & Advisory Services

Info-Tech Research Group

Our understanding of the problem

This Research Is Designed For:

• Data engineers feeling the pains of poor integration from inaccuracies and inefficiencies during the data integration lifecycle.
• Business analysts communicating the need for improved integration of data.
• Data architects looking to design and facilitate improvements in the holistic data environment.
• Data architects putting high-level architectural design changes into action.

This Research Will Also Assist:

• CIOs concerned with the costs, benefits, and the overall structure of their organization’s data flow.
• Enterprise architects trying to understand how improved integration will affect overall organizational architecture.

This Research Will Help You:

• Understand what integration is, and how it fits into your organization.
• Identify opportunities for leveraging improved integration for data-driven insights.
• Design a loosely coupled integration architecture that is flexible to changing needs.
• Determine the needs of the business for integration and design solutions for the gaps that fit the requirements.

This Research Will Help Them:

• Get a handle on the current data situation and how data interacts within the organization.
• Understand how data architecture affects operations within the enterprise.

Executive summary

Situation

• As organizations process more information at faster rates, there is increased pressure for faster and more efficient data integration.
• Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.

Complication

• Investments in integration can be a tough sell for the business, and it is difficult to get support for integration as a standalone project.
• Evolving business models and uses of data are growing rapidly at rates that often exceed the investment in data management and integration tools. As a result, there is often a gap between data availability and the business’ latency demands.

Resolution

• Create a data-centric integration solution that supports the flow of data through the organization and meets the organization’s requirements for data accuracy, relevance, availability, and timeliness.
• Build your data-centric integration practice with a firm foundation in governance and reference architecture; use best-fit reference architecture patterns and the related technology and resources to ensure that your process is scalable and sustainable.
• The business’ uses of data are constantly changing and evolving, and as a result the integration processes that ensure data availability must be frequently reviewed and repositioned to continue to grow with the business.

Info-Tech Insight

1. Every IT project requires data integration.Any change in the application and database ecosystem requires you to solve a data integration problem.
2. Integration problem solving needs to start with business activity. After understanding the business activity, move to application and system integration to drive optimal data integration activities.
3. Integration initiatives need to be backed by requirements that depend on use cases. Info-Tech’s use cases will help identify organizational requirements and the ideal data-centric integration solution.

Your data is the foundation of your organization’s knowledge and ability to make decisions

Integrate the Data, Not the Applications

Data is one of the most important assets in a modern organization. Contained within an organization’s data are the customers, the products, and the operational details that make an organization function. Every organization has data, and this data might serve the needs of the business today.

However, the only constant in the world is change. Changes in addresses, amounts, product details, partners, and more occur at a rapid rate. If your data is isolated, it will quickly become stale. Getting up-to-date data to the right place at the right time is where data-centric integration comes in.

"Data is the new oil." – Clive Humby, Chief Data Scientist Source: Medium, 2016

Organizations are having trouble keeping up with the rapid increases in data growth and complexity

To keep up with increasing business demands and profitability targets and decreasing cost targets, organizations are processing and exchanging more data than ever before.

To get more value from their information, organizations are relying on more and more complex data sources. These diverse data sources have to be properly integrated to unlock the full potential of your data:

The most difficult integration problems are caused by semantic heterogeneity (Database Research Technology Group, n.d.).

80% of business decisions are made using unstructured data (Concept Searching, 2015).

85% of businesses are struggling to implement the correct integration solution to accurately interpret their data (KPMG, 2014).

Break Down Your Silos

Integrating large volumes of data from the many varied sources in an organization has incredible potential to yield insights, but many organizations struggle with creating the right structure for that blending to take place, and data silos form.

Data-centric integration capabilities can break down organizational silos. Once data silos are removed and all the information that is relevant to a given problem is available, problems with operational and transactional efficiencies can be solved, and value from business intelligence (BI) and analytics can be fully realized.

Data-centric integration is the solution you need to bring data together to break down data silos

On one hand…

Data has massive potential to bring insight to an organization when combined and analyzed in creative ways.

On the other hand…

It is difficult to bring data together from different sources to generate insights and prevent stale data.

How can these two ideas be reconciled?

Answer: Info-Tech’s Data Integration Onion Framework summarizes an organization’s data environment at a conceptual level, and is used to design a common data-centric integration environment.

Info-Tech’s Data Integration Onion Framework

Poor integration will lead to problems felt by the business and IT

The following are pains reported by the business due to poor integration:

59% Of managers said they experience missing data every day due to poor distribution results in data sets that are valuable to their central work functions. (Experian, 2016)

42% Reported accidentally using the wrong information, at least once a week. (Computerworld, 2017)

37% Of the 85% of companies trying to be more data driven, only 37% achieved their goal. (Information Age, 2019)

"I never guess. It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts." – Sir Arthur Conan Doyle, Sherlock Holmes

Poor integration can make IT less efficient as well:

90% Of all company generated data is “dark.” Getting value out of dark data is not difficult or costly. (Deloitte Insights, 2017)

5% As data sits in a database, up to 5% of customer data changes per month. (Data.com, 2016)

"Most traditional machine learning techniques are not inherently efficient or scalable enough to handle the data. Machine learning needs to reinvent itself for big data processing primarily in pre-processing of data." – J. Qiu et al., ‎2016

Understand the common challenges of integration to avoid the pains

There are three types of challenges that organizations face when integrating data:

1. Disconnect from the business

Poor understanding of the integration problem and requirements lead to integrations being built that are not effective for quality data.

50% of project rework is attributable to problems with requirements. (Info-Tech Research Group)

45% of IT professionals admit to being “fuzzy” about the details of a project’s business objectives. (Blueprint Software Systems Inc., 2012)

2. Lack of strategy

90% Of organizations will lack an integration strategy through to 2018. (Virtual Logistics, 2017)

Integrating data without a long-term plan is a recipe for point-to-point integration spaghettification:

3. Data complexity

Data architects and other data professionals are increasingly expected to be able to connect data using whatever interface is provided, at any volume, and in any format – all without affecting the quality of the data.

36% Of developers report problems integrating data due to different standards interpretations. (DZone, 2015)

These challenges lead to organizations building a data architecture and integration environment that is tightly coupled.

A loose coupling integration strategy helps mitigate the challenges and realize the benefits of well-connected data

Loose Coupling

Most organizations don’t have the foresight to design their architecture correctly the first time. In a perfect world, organizations would design their application and data architecture to be scalable, modular, and format-neutral – like building blocks.

Benefits of a loosely coupled architecture:

• Increased ability to support business needs by adapting easily to changes.
• Added ability to incorporate new vendors and new technology due to increased flexibility.
• Potential for automated, real-time integration.
• Elimination of re-keying/manual entry of data.
• Federation of data.

Vs. Tight Coupling

However, this is rarely the case. Most architectures are more like a brick wall – permanent, hard to add to and subtract from, and susceptible to weathering.

Problems with a tightly coupled architecture:

• Delays in combining data for analysis.
• Manual/Suboptimal DI in the face of changing business needs.
• Lack of federation.
• Lack of flexibility.
• Fragility of integrated platforms.
• Limited ability to explore new functionalities.

Enterprise Storage Solution Considerations

Narrow your focus with the right product type and realize efficiencies.

Analyst Perspective

The vendor landscape is continually evolving, as are the solutions they offer. The options and features are increasing and appealing.

To say that the current enterprise storage landscape looks interesting would be an understatement. The solutions offered by vendors continue to grow and evolve. Flash and NVMe are increasing the speed of storage media and reducing latency. Software-defined storage is finding the most efficient use of media to store data where it is best served while managing a variety of vendor storage and older storage area networks and network-attached storage devices. Storage as a service is taking on a new meaning with creative solutions that let you keep the storage appliance on premises or in a colocated data center while administration, management, and support are performed by the vendor for a nominal monthly fee. We cannot discuss enterprise storage without mentioning the cloud. Bring a thermometer because you must understand the difference between hot, warm, and cold storage when discussing the cloud options. Very hot and very cold may also come into play. Storage hardware can assume a higher total cost of ownership with support options that replace the controllers on a regular basis. The options with this type of service are also varied, but the concept of not having to replace all disks and chassis nor go through a data migration is very appealing to many companies. The cloud is growing in popularity when it comes to enterprise storage, but on-premises solutions are still in demand, and whether you choose cloud or on premises, you can be guaranteed an array of features and options to add stability, security, and efficiency to your enterprise storage. P.J. Ryan Research Director, Infrastructure & Operations Info-Tech Research Group

Executive Summary

Info-Tech Insight

Enterprise storage has evolved, with more options than ever

Data is growing, data security will always be a concern, and vendors are providing more and more options for enterprise storage.

“By 2025, it’s estimated that 463 exabytes of data will be created each day globally – that’s the equivalent of 212,765,957 DVDs per day!” (Visual Capitalist)

“Modern criminal groups target not only endpoints and servers, but also central storage systems and their backup infrastructure.” (Continuity Software)

Cloud or on premises? Maybe a hybrid approach with both cloud and on premises is best for you. Do you want to remove the headaches of storage administration, management, and support with a fully managed storage-as-a-service solution? Would you like to upgrade your controllers every three or four years without a major service interruption? The options are increasing and appealing.

High-Level Considerations

1. Understand Your Data

Understand how much data you have and where it is located. This will be crucial when evaluating enterprise storage solutions.

2. Plan for Growth

Your enterprise storage considerations should include your data needs now and in the future.

3. Understand the Mechanics

Take the time to understand the various data storage formats, disk types, and associated technology, as well as the cloud-based and on-premises options. This will help you select the right tool for your needs.

Storage formats, disk drives, and technology

Common data storage formats, technology, and drive types are outlined below. Understanding how data is stored as well as the core building blocks for larger systems will help you decide which solution is best for your storage needs.

Narrow your focus with the right product type

On-premises enterprise storage solutions fit into a few distinct product types.

Cloud storage

• Cloud storage is online storage offered by a cloud provider. Cloud storage is available almost anywhere and is set up with high availability features such as data duplication, redundancy, backup, and power failure protection.
• Cloud storage is very scalable and typically is offered as object storage, block storage, or file storage. Cloud storage vendors may have their own naming scheme for object, block, or file storage.
• Cloud-hosted data is marketed according to the frequency of access and length of time in storage. There are typically three main levels of storage: hot, warm, or cold. Vendors may have their own naming convention for hot, warm, and cold storage. Some may also add more layers such as very hot or very cold.
  • Hot storage is for data that is frequently accessed and modified. It is available on demand and is the most costly of the storage levels.
  • Cold storage is for data that will sit for a long period of time and not need to be accessed. Cold storage is usually only available after several hours or days. Cold storage is very low cost and, in some cases, even free, but retrieval or restoration for the free services can be costly.
  • Warm storage sits in between hot and cold storage. It is for data that is infrequently needed. The cost of warm storage is also in between hot and cold storage costs, and access times are measured in terms of minutes or hours.
  • It is not uncommon for data to start in hot storage and, as it ages, move to warm and eventually cold storage.

“Enterprise cloud storage offers nearly unlimited scalability. Enterprises can add storage quickly and easily as it is needed, eliminating the risk and cost of over-provisioning.”

– Spectrum Enterprise

“Hot data will operate on fresh data. Cold data will operate on less frequent data and [is] used mainly for reporting and planning. Warm data is a balance between the two.”

– TechBlost

Enterprise storage features

The features listed below, while not intended to cover all features offered by all vendors, should be considered and could act as a baseline for discussions with storage providers when evaluating enterprise storage offerings.

What’s new in enterprise storage

• Data warehouses are not a new concept, but the data storage evolution and growth of data means that data lakes and data lakehouses are growing in popularity.
  • “A data lake is a centralized repository that allows you to store all your structured and unstructured data at any scale. You can store your data as-is, without having to first structure the data” (Amazon Web Services).
  • Analytics with a data lake is possible, but manipulation of the data is hindered due to the nature of the data. A data lakehouse adds data management and analytics to a data lake, similar to the data warehouse functionality added to databases.
• Options for on-premises hardware support is changing.
  • Pure Storage was the first to shake up the SAN support model with its Evergreen support option. Evergreen//Forever support allows for storage controller upgrades without having to migrate data or replace your disks or chassis (Pure Storage).
  • In response to the Pure Storage Evergreen offering, Dell, HPE, NetApp, and others have come out with similar programs that offer controller upgrades while maintaining the data, disks, and chassis.
• “As a service” is available as a hybrid solution.
  • Storage as a service (STaaS) originally referred to hosted, fully cloud-based offerings without the need for any on-premises hardware.
  • The latest STaaS offerings provide on-premises or colocated hardware with pay-as-you-go subscription pricing for data consumption. Administration, management, and support are included. The vendor will supply support and manage everything on your behalf.
  • Most of the major storage vendors offer a variation of storage as a service.

“Because data lakes mostly consist of raw unprocessed data, a data scientist with specialized expertise is typically needed to manipulate and translate the data.”

– DevIQ

“A Lakehouse is also a type of centralized data repository, integrated from heterogeneous sources. As can be expected from its name, It shares features with both datawarehouses and data lakes.”

– Cesare

“Storage as a service (STaaS) eliminates Capex, simplifies management and offers extensive flexibility.”

– TechTarget

Major vendors

The current vendor landscape for enterprise storage solutions represents a range of industry veterans and the brands they’ve aggregated along the way, as well as some relative newcomers who have come to the forefront within the past ten years.

Vendors like Dell EMC and HPE are longstanding veterans of storage appliances with established offerings and a back catalogue of acquisitions fueling their growth. Others such as Pure Storage offer creative solutions like all-flash arrays, which are becoming more and more appealing as flash storage becomes more commoditized.

Cloud-based vendors have become popular options in recent years. Cloud storage provides many options and has attracted many other vendors to provide a cloud option in addition to their on-premises solutions. Some software and hardware vendors also partner with cloud vendors to offer a complete solution that includes storage.

Info-Tech Insight

Explore your current vendor’s solutions as a starting point, then use that understanding as a reference point to dive into other players in the market

Key Players

• Amazon
• Cisco
• Dell EMC
• Google
• Hewlett Packard Enterprise
• Hitachi Vantara
• IBM
• Microsoft
• NetApp
• Nutanix
• Pure Storage

Enterprise Storage Use Cases

Block, object, or file storage? NAS, SAN, SDS, or HCI? Cloud or on prem? Hot, warm, or cold?
Which one do you choose?
The following use cases based on actual Info-Tech analyst calls may help you decide.

1. Offsite backup solution
2. Infrastructure consolidation
3. DR/BCP datacenter duplication
4. Expansion of existing storage
5. Complete backup solution
6. Existing storage solution going out of support soon
7. Video storage
8. Classify and offload storage

Offsite backup solution

“Offsite” may make you think of geographical separation or even cloud-based storage, but what is the best option and why?

Use Case: How a manufacturing company dealt with retired applications

• A leading manufacturing company had to preserve older applications no longer in use.
• The company had completed several acquisitions and ended up with multiple legacy applications that had been merged or migrated into replacement solutions. These legacy applications were very important to the original companies, and although the data they held had been migrated to a replacement solution, executives felt they should hold on to these applications for a period of time, just in case.
• A modern archiving solution was considered, but a research advisor from Info-Tech Research joined a call with the manufacturing company and helped the client realize that the solution was a modified backup. The application data had already been preserved through the migration, so data could be accessed in the production environment.
• The data could be exported from the legacy application into a nonsequential database, compressed, and stored in cloud-based cold storage for less than $5 per terabyte per month. The manufacturing company staff realized that they could apply this same approach to several of their legacy applications and save tens of thousands of dollars in the process.
• Cold storage is inexpensive until you start retrieving that data frequently. The manufacturing company knew they did not have a requirement to retrieve the application and data for a very long time, so cloud-based cold storage was ideal.

“Data retrieval from cold storage is harder and slower than it is from hot storage. … Because of the longer retrieval time, online cold storage plans are often much cheaper. … The downside is that you’d incur additional costs when retrieving the data.”

– Ben Stockton, Cloudwards

Infrastructure consolidation

Hyperconverged infrastructure combines storage, virtual infrastructure, and associated management into one piece of equipment.

Use Case: How one company dealt with equipment and storage needs

• One Info-Tech client had recently started in the role of IT director and realized he had inherited aging infrastructure along with a serious data challenge. The storage appliances were old and out of support. The appliances were performing inadequately, and the client was in need of more data due to ongoing growth, but he also realized that the virtual environment was running on very old servers that were no longer supported. The IT director reached out to Info-Tech to find solutions to the virtualization challenge, but the storage problem also came up throughout the course of the conversation with an analyst.
• The analyst quickly realized that the IT director was an ideal candidate for a hyperconverged infrastructure (HCI) storage solution, which would also provide the necessary virtual environment.
• The analyst explained the benefits of having a single appliance that would provide virtualization needs as well as storage needs. The built-in management features would ease the burden of administration, and the software-defined nature of the HCI would allow for the migration of data as well as future expansion options.
• Hyperconverged infrastructure is offered by many vendors under a variety of names. Most are similar but some may have a better interface or other features. The expansion process is simple, and HCI is a good fit for many organizations looking to consolidate virtual infrastructure and storage.

“HCI environments use a hypervisor, usually running on a server that uses direct-attached storage (DAS), to create a data center pool of systems and resources.”

– Samuel Greengard, Datamation

Datacenter duplication

SAN providers offer a varied range of options for their products, and those options are constantly evolving.

Use Case: Independent school district provides better data access using SAN technology

• An independent school district was expanding by adding a second data center in a new school. This new data center would be approximately 20 miles away from the original data center used by the district. The intent was not to replace the original data center but to use both centers to store data and provide services concurrently. The district’s ideal scenario would be that users would not know or care which data center they were reaching, and there would be no difference in the service received from each data center. The school district reached out to Info-Tech when planning discussions reached the topic of data duplication and replication software.
• An Info-Tech analyst joined a call with the school district and guided the conversation toward the existing environment to understand what options might be available. The analyst quickly discovered that all the district’s servers were virtual, and all associated data was stored on a single SAN.
• The analyst informed the school district staff about SAN options, including SAN-to-SAN replication. If the school district had a sufficient link between the two data centers, SAN-to-SAN replication would work for them and provide the two identical copies of data at two locations.
• The analyst continued to offer explanations of other features that some vendors offer with their SANs, such as the ability to turn on or off deduplication and compression, as well as disk options such as flash or NVMe.
• The school district was moving to the request for proposal (RFP) stage but hoped to have SAN-to-SAN replication implemented before the next academic year started.

“SAN-to-SAN replication is a low-cost, highly efficient way to manage mounting quantities of stored data.”

– Secure Infrastructure & Services

Expansion of existing storage

That old storage area network may still have some useful life left in it.

Use Case: Municipality solves data storage aging and growth challenge

• A municipality in the United States reached out to Info-Tech for guidance on its storage challenge. The municipality had accumulated multiple SANs from different vendors over the years. These SANs were running out of storage, and more data storage was needed. The municipality’s data was growing at a rapid pace, thanks to municipal growth and expansion of services. The IT team was also concerned with modernizing their storage and not hindering their long-term growth by making the wrong purchase decision for their current storage needs.
• An analyst from Info-Tech discussed several options with the municipality but in the end advised that software-defined storage may be the best solution.
• Software-defined storage (SDS) would allow the municipality to gain better visibility into existing storage while making more efficient use of existing and new storage. SDS could take over the management of the existing storage from multiple vendors and add additional storage as required. SDS would also be able to integrate cloud-based storage if that was the direction taken by the municipality in the future.
• The municipality moved forward with an SDS solution and added some additional storage capacity. They used some of their existing SANs but retired the more troublesome ones. The SDS system managed all the storage instances and data management. The administration of the storage environment was easier for the storage admins, and long-term savings were achieved through better storage management.

“Often enterprises have added storage on an ad hoc basis as they needed it for various applications. That can result in a mishmash of heterogenous storage hardware from a wide variety of vendors. SDS offers the ability to unify management of these different storage devices, allowing IT to be more efficient.”

– Cynthia Harvey, Enterprise Storage Forum (“What Is Software Defined Storage?”, 2018)

Complete backup solution

Many backup software solutions can provide backups to multiple locations, making two-location backups simple.

Use Case: How an oil refinery modernized its backup solution

• A large oil refinery needed a better solution for the storage of backups. The refinery was replacing its backup software solution but also wanted to improve the backup storage situation and move away from tape-based storage. All other infrastructure was reasonably modern and not in need of replacement at this time.
• A research analyst from Info-Tech helped the client realize that the solution was a modified backup. The general guidance for backups is have a least one copy offsite, so the cloud was the obvious focal point. The analyst also explained that it would be beneficial to have a recent copy of the backup available on site for common restoration requests in addition to having the offsite copy for disaster recovery (DR) purposes.
• The refinery staff conducted a data analysis to determine how much data was being backed up on a daily basis. The solution proposed by the analyst included network-attached storage (NAS) with adequate storage to hold 30 days' worth of on-premises data. The backup software would also simultaneously copy each backup to a cloud-based storage repository. The backup software was smart enough to only back up and transfer data that had changed since the previous backup, so transfer time and capacity was not a factor.
• The NAS would allow for the restoration of any local, on-premises data while the cloud storage would provide a safe location offsite for backup data. It could also serve as the backup location for other cloud-based services that required a backup.

“Data protection demands that enterprises have multiple methods of keeping data safe and replicating it in case of disaster or loss.”

– Drew Robb, Enterprise Storage Forum, 2021

Storage going out of support

SAN solutions have come a long way with improvements in how data is stored and what is used to store the data.

Use Case: How one organization replaced its old storage with a similar solution

• A government organization was looking for a solution for its aging storage area network appliances. The SANs were old and would be no longer supported by the manufacturer within four months. The SANs had slower spinning disks and their individual capacity was at its limit through the addition of extra shelves and disks over the years.
• The organization reached out to Info-Tech for guidance. An analyst arranged a call with them, and they discussed the storage situation in detail, including desired benefits from a storage solution and growth requirements. They also discussed cloud storage, but the government organization was not in a position to move its data to the cloud for a variety of reasons.
• Although the individual SANs were at their storage capacity limit, the total amount of data was well within the limits of many modern on-premises storage solutions. SSD and flash or NVMe storage can store large amounts of data in small footprints and form factors.
• The analyst reviewed several vendors with the client and discussed some advantages and disadvantages of each. They explored the features offered as well as scalability options.
• SANs have been around for a long time but the features and capabilities that come with them has evolved. They are still a very viable solution for many organizations in a variety of scenarios.

“A rapidly growing portion of SAN deployments leverages all-flash storage to gain its high performance, consistent low latency, and lower total cost when compared to spinning disk.”

– NetApp

Video storage

Cloud storage would not be sufficient if you were using a dial up connection, just as on-premises storage solutions would not suffice if they were using floppy disks.

Use Case: Body cams and public cameras in municipalities are driving storage growth

• Municipal law enforcement agencies are wearing body cameras more frequently, for their own protection as well as for the protection of the public. Camera footage can be useful in legal situations as well. Municipalities are also installing more and more public cameras for the purposes of public safety. The recorded video footage from these cameras can result in large data files, which in turn drive data storage requirements.
• Info-Tech analysts are joining calls about video data storage with increasing frequency. The concerns are repetitive, and the guidance is similar on most of these calls.
• The “object” storage format is ideal for video and media data. Most cloud-based storage solutions use object storage, but it is also available with on-premises solutions such as NAS or SAN. The challenges clients are expressing are typically related to inadequate bandwidth for cloud-based storage or other storage formats instead of “object” storage. Cloud-based storage can also grow beyond the budgeted numbers, causing an increase in the monthly cloud cost. Older, slower on-premises hardware sometimes reveals itself as the latency culprit.
• Object storage is well suited for the unstructured data that is video footage. It uses metadata to tag the video file for future retrieval and is easily expandable, which also makes it cost effective.
• Video data stored in a cloud-based repository will work fine as long as the bandwidth is adequate. On-premises storage of video data is also quite adequate on the right storage format, with fast disks and a reasonably up-to-date network infrastructure.

“The captured video is stored for days, weeks, months and sometimes years and consumes a lot of space. Data storage plays a new and important role in these systems. Object storage is ideal to store the video data.”

– Object-Storage.Info

Classify and offload primary storage

Some software products have storage options available as a result of agreements with other storage vendors. Several backup and archive software products fall into this category.

Use Case: Enterprise storage can help reduce data sprawl

• A large engineering firm was trying to manage its data sprawl. The team sampled a small percentage of their data and quickly realized that when they applied their findings on the 1% of data to their entire data estate, the sheer volume of personal files, older files, and unclassified data was going to be a challenge.
• They found a solution in archiving software. The archiving software would tag data based on several factors. The software would move older files away from primary storage to an alternate storage platform but still leave a stub of the moved file in place and maintain limited access to those files. This would reduce primary storage requirements and allow the firm to eliminate multiple file servers
• The engineering firm reached out to Info-Tech and participated in an analyst call. During that call, they laid out their plans, and the analyst made them aware of cloud storage. The positive and negative aspects of cloud storage were discussed, and the firm fully understood that the colder the storage tier, the slower the recovery. The firm's stance was if the files had not been accessed in the past six months, waiting a day or two for retrieval would not be a concern, and the firm was content with cold storage in the cloud.
• The firm had not purchased the archiving software at the time of the analyst call, and the analyst also explained to them that the archiving software may have an existing agreement with a cloud provider for storage options, which could be more cost effective than purchasing cloud storage separately.
• Cold cloud-based storage was the preferred solution for this firm, but this use case also highlights the option that some software products carry regarding storage. Several backup and archive products have a cloud storage option that should be investigated, as they may be cost-effective options.

“Cold storage is perfect for archiving your data. Online backup providers offer low-cost, off-site data backups at the expense of fast speeds and easy access, even though data retrieval often comes at an added cost. If you need to keep your data long-term, but don’t need to access it often, this is the kind of storage you need.”

– Ben Stockton, Cloudwards

Understand your data requirements

Activity

The first step in solving your enterprise storage challenge is identifying your data sources or drivers, data volume size, and growth rates. This information will give you insight into what data sources could be stored on premises or in the cloud, how much storage you will require for the coming five to ten years, and what to consider when exploring enterprise storage solutions.

• Info-Tech’s Modernize Enterprise Storage Workbook can be a valuable asset for determining your current storage drivers and future storage needs, structuring a plan for future storage purchases, and determining timelines and total cost of ownership.
• An example of the Storage Capacity Calculator tab from that workbook is displayed on the right. Using the Storage Capacity Requirements Calculator requires minimal steps.

1. Enter the current date and planning timeline (horizon) in months
2. Identify the top sources of data within the business – the current data drivers. Areas of focus could include business applications, file shares, backup, and archives.
3. For each of these data drivers, include your best estimate of:

• Current data volume
• Growth rate

• Initial data volumes
• Projected growth rates
• Planned implementation date

Download the Modernize Enterprise Storage Workbook and take the first step toward understanding your data requirements.

Download the Modernize Enterprise Storage Workbook

Related Info-Tech Research

Modernize Enterprise Storage

Current and emerging storage technologies are disrupting the status quo – prepare your infrastructure for the exponential rise in data and its storage requirements.

Modernize Enterprise Storage Workbook

This workbook will complement the discussions and activities found in the Modernize Enterprise Storage blueprint. Use this workbook in conjunction with the blueprint to develop a strategy for storage modernization.

Bibliography

Bakkianathan, Raghunathan. “What is the difference between Hot Warm and Cold data storage?” TechBlost, n.d.. Accessed 14 July 2022.
Cesare. “Data warehouse vs Data lake vs Lakehouse… and DeltaLake?“ Medium, 14 June 2021. Accessed 26 July 2022.
Davison, Shawn and Ryan Sappenfield. “Data Lake Vs Lakehouse Vs Data Mesh: The Evolution of Data Transformation.” DevIQ, May 2022. Accessed 23 July 2022.
Desjardins, Jeff. “Infographic: How Much Data is Generated Each Day?” Visual Capitalist, 15 April 2019. Accessed 26 July 2022.
Greengard, Samuel. “Top 10 Hyperconverged Infrastructure (HCI) Solutions.” Datamation, 22 December 2020. Accessed 23 July 2022.
Harvey, Cynthia. “Flash vs. SSD Storage: Is there a Difference?” Enterprise Storage Forum, 10 July 2018. Accessed 23 July 2022.
Harvey, Cynthia. “What Is Software Defined Storage? Features & Benefits.” Enterprise Storage Forum, 22 February 2018. Accessed 23 July 2022.
Hecht, Gil. “4 Predictions for storage and backup security in 2022.” Continuity Software, 09 January 2022. Accessed 22 July 2022.
Jacobi, Jonl. “NVMe SSDs: Everything you need to know about this insanely fast storage.” PCWorld, 10 March 2019. Accessed 22 July 2022
Pritchard, Stephen. “Briefing: Cloud storage performance metrics.” Computer Weekly, 16 July 2021. Accessed 23 July 2022
Robb, Drew. “Best Enterprise Backup Software & Solutions 2022.” Enterprise Storage Forum, 09 April 2021. Accessed 23 July 2022.
Sheldon, Robert. “On-premises STaaS shifts storage buying to Opex model.” TechTarget, 10 August 2020. Accessed 22 July 2022.
“Simplify Your Storage Ownership, Forever.” PureStorage. Accessed 20 July 2022.
Stockton, Ben. “Hot Storage vs Cold Storage in 2022: Instant Access vs Long-Term Archives.” Cloudwards, 29 September 2021. Accessed 22 July 2022.
“The Cost Savings of SAN-to-SAN Replication.” Secure Infrastructure and Services, 31 March 2016. Accessed 16 July 2022.
“Video Surveillance.” Object-Storage.Info, 18 December 2019. Accessed 25 July 2022.
“What is a Data Lake?” Amazon Web Services, n.d. Accessed 17 July 2022.
“What is enterprise cloud storage?” Spectrum Enterprise, n.d. Accessed 28 July 2022.
“What is SAN (Storage Area Network).” NetApp, n.d. Accessed 25 July 2022.
“What is software-defined storage?” RedHat, 08 March 2018. Accessed 16 July 2022.

Position and Agree on ROI to Maximize the Impact of Data and Analytics

Data and analytics ROI strategy is based on the business problem being solved and agreed-upon value being generated.

Analyst Perspective

Missing out on a significant opportunity for returns could be the biggest cost to the project and its sponsor.

		This research is directed to the key decision makers tasked with addressing business problems. It also informs stakeholders that have any interest in ROI, especially when applying it to a data and analytics platform and practice. While organizations typically use ROI to measure the performance of their investments, the key to determining what investment makes sense is opportunity cost. Missing out on a significant opportunity for return could be the biggest cost to the project and its sponsor. By making sure you appropriately estimate costs and value returned for all data and analytics activities, you can prioritize the ones that bring in the greatest returns.
Ibrahim Abdel-Kader Research Analyst, Data & Analytics Practice Info-Tech Research Group	Ben Abrishami-Shirazi Technical Counselor Info-Tech Research Group

Executive Summary – ROI on Data and Analytics

Info-Tech Insight

ROI doesn’t have to be perfect. Parameters and measures of success need to be agreed upon with the key decision makers.

Glossary

Return on Investment (ROI): A financial term used to determine how much value has been or will be gained or lost based on the total cost of investment. It is typically expressed as a percentage and is supported by the following formula:

Payback: How quickly money is paid back (or returned) on the initial investment.
Business Problem Owner (BPO): A leader in the organization who is accountable and is the key decision maker tasked with addressing a business problem through a series of investments. BPOs may use ROI as a reference for how their financial investments have performed and to influence future investment decisions.
Problem Solver: A key stakeholder tasked with collaborating with the BPO in addressing the business problem at hand. One of the problem solver’s responsibilities is to ensure that there is an improved return on the BPO’s investments.
Return Enhancers: A category for capabilities that directly or indirectly enhance the return of an investment.
Cost Savers: A category for capabilities that directly or indirectly save costs in relation of an investment.
Investment Opportunity Enablers: A category for capabilities that create or enable a new investment opportunity that may yield a potential return.
Game Changing Components: The components of a capability that directly yield value in solving a business problem.

ROI strategy on data and analytics

ROI roles

Typical roles involved in the ROI strategy across the organization

CDOs and CAOs typically have their budget allocated from both IT and business units.

This is evidenced by the “State of the CIO Survey 2023” reporting that up to 63% of CDOs and CAOs have some budget allocated from within IT; therefore, up to 37% of budgets are entirely funded by business executives.

This signifies the need to be aligned with peer executives and to use mechanisms like ROI to maximize the performance of investments.

Source: Foundry, “State of the CIO Survey 2023.”

Transition Projects Over to the Service Desk

Increase the success of project support by aligning your service desk and project team.

Executive Summary

Info-Tech Insight

Make sure to build a strong knowledge management strategy to identify, capture, and transfer knowledge from project delivery to the service desk.

A lack of formal service transition process presents additional challenges

When there is no formal transition process following a project delivery, it will negatively impact project success and customer satisfaction.

Link how improvement in project transitioning to the service desk can help service support

A successful launch can still be a failure if the support team isn't fully informed and prepared.

Integrate the service desk into the project management lifecycle for a smooth transition of service support

Service desk involvement in the development, testing, and maintenance/change activity steps of your project lifecycle will help you logically define the category and priority level of the service and enable service level improvement accordingly after the project goes live.

As some of the support and project processes can be integrated, responsibility silos should be broken

Processes are done by different roles. Determine roles and responsibilities for the overlapping processes to streamline service support transition to the service desk.

Determine the interfaces

At the project level, get a clear understanding of support capabilities and demands, and communicate them to the service desk to proactively bring them into the planning step.

Clear responsibilities help you define the level of involvement in the overlapping processes

Conduct a stakeholder analysis to identify the people that can help ensure the success of the transition.

Goal: Create a prioritized list of people who are affected by the new service and will provide support.

Why is stakeholder analysis essential?

Identify the tasks that are required for a successful project handover

Embed the tasks that the project team should deliver before handing support to the service desk.

Integrate project description and service priority throughout development phase

Include the service desk in discussions about project description, so it will be enabled to define service priority level.

Document project description and service priority in the Project Handover Template.

Embed service levels and maintenance information

Include the service desk in discussions about project description, so it will be enabled to define service priority level.

Document service level objectives and maintenance in the Project Handover Template.

Enhance communication between the project team and the service desk

Communicating with the service desk early and often will ensure that agents fully get a deep knowledge of the new technology.

Transition of a project to the service desk includes both knowledge transfer and execution transfer.

01

Provide training and mentoring to ensure technical knowledge is passed on.

02

Transfer leadership responsibilities by appointing the right people.

03

Transfer support by strategically assigning workers with the right technical and interpersonal skills.

04

Transfer admin rights to ensure technicians have access rights for troubleshooting.

05

Create support and a system to transfer work process. For example, using an online platform to store knowledge assets is a great way for support to access project information.

Info-Tech Insight

A communication plan and executive presentation will help project managers outline recommendations and communicate their benefits.

Communicate reasons for projects and how they will be implemented

Proactive communication of the project to affected stakeholders will help get their buy-in for the new technology and feedback for better support.

Implement knowledge transfer to the service desk to ensure tickets won’t be unnecessarily escalated

The support team usually uses an ITSM solution, while the project team mostly uses a project management solution. End users’ support is done and documented in the ITSM tool.

Even terminologies used by these teams are different. For instance, service desk’s “incident” is equivalent to a project manager’s “defect.” Without proper integration of the development and support processes, the contents get siloed and outdated over time.

Potential ways to deal with this challenge:

Use the same platform for both project and service support

This helps you document information in a single platform and provides better visibility of the project status to the support team as well. It also helps project team find out change-related incidents for a faster rollback.

Note: This is not always feasible because of the high costs incurred in purchasing a new application with both ITSM and PM capabilities and the long time it takes for implementing such a solution.

Integrate the PM and ITSM tools to improve transition efficiency

Note: Consider the processes that should be integrated. Don’t integrate unnecessary steps in the development stage, such as design, which will not be helpful for support transition.

Build a training plan for the new service

When a new system is introduced or significant changes are applied, describe the steps and timeline for training.

Integrate knowledge management in the transition plan

Build a knowledge transfer process to streamline service support for the newly developed technology.

Use the following steps to ensure the service desk gets trained on the new project.

Identify training functions and plan for a formal knowledge transfer

1. Brainstorm training functions for each group.
2. Determine the timeline needed to conduct training for the identified training topics.

Document your knowledge transfer plan in the Project Handover Template.

Build a checklist of the transition action items

At this stage, the project is ready to go live and support needs to be independently done by the service desk.

Activity: Prepare a checklist of initiatives before support transition

Download the Project Handover Template

Download the Service Support Transitioning Checklist

Define metrics to track the success of project transition

Consider key metrics to speak the language of targeted end users.

You won’t know if transitioning support processes are successful unless you measure their impact. Find out your objectives for project transition and then track metrics that will allow you to fulfill these goals.

Summary of Accomplishment

Problem Solved

Following the steps outlined in this research has helped you build a strategy to shift service support from the project team to the service desk, resulting in an improvement in customer service and agent satisfaction.

You have also developed a plan to break the silo between the service desk and specialists and enable knowledge transfer so the service desk will not need to unnecessarily escalate tickets to developers. In the meantime, specialists are also responsible for service desk training on the new application.

Efficient communication of service levels has helped the project team set clear expectations for managers to create a balance between their projects and service support.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information

workshops@infotech.com

1-888-670-8889

Related Info-Tech Research

Improve customer service by driving consistency in your support approach and meeting SLAs.

The best type of service desk ticket is the one that doesn’t exist.

Right-size PMBOK for all of your IT projects.

Works Cited

Brown, Josh. “Knowledge Transfer: What it is & How to Use it Effectively.” Helpjuice, 2021. Accessed November 2022.

Magowan, Kirstie. “Top ITSM Metrics & KPIs: Measuring for Success, Aiming for Improvement.” BMC Blogs, 2020. Accessed November 2022.

“The Complete Blueprint for Aligning Your Service Desk and Development Teams (Process Integration and Best Practices).” Exalate, 2021. Accessed October 2022.

“The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2010. Web.

Map Your Business Architecture to Define Your Strategy

Plan your organization’s capabilities for best impact and value.

Info-Tech Research Group

Info-Tech is a provider of best-practice IT research advisory services that make every IT leader’s job easier.

Analyst perspective

Know your organization’s capabilities to build a digital and customer-driven culture.

Business architecture provides a holistic and unified view of:

• All the organization’s activities that provide value to their clients (value streams).
• The resources that make them possible and effective (capabilities, i.e. its employees, software, processes, information).
• How they inter-relate, i.e. depend on and impact each other to help deliver value.

Without a business architecture it is difficult to see the connections between the business’s activities for the customer and the IT resources supporting them – to demonstrate that what we do in IT is customer-driven.

As a map of your business, the business architecture is an essential input to the digital strategy:

• Develop a plan to transform the business by investing in the most important capabilities.
• Ensure project initiatives are aligned with business goals as they evolve.
• Respond more quickly to customer requirements and to disruptions in the industry by streamlining operations and information sharing across the enterprise.

Crystal Singh
Research Director, Data and Analytics
Info-Tech Research Group

Andrea Malick
Research Director, Data and Analytics
Info-Tech Research Group

Executive summary

Info-Tech Insight
Business architecture is the set of strategic planning techniques that connects organization strategy to execution in a manner that is accurate and traceable and promotes the efficient use of organizational resources.

Blueprint activities summary

Info-Tech’s workshop methodology

Key concepts for this blueprint

Info-Tech’s approach

Business architecture is a planning function that connects strategy to execution

Business architecture provides a framework that connects business strategy and IT strategy to project execution through a set of models that provide clarity and actionable insights. How well do you know your business?

Business architecture is:

• Inter-disciplinary: Business architecture is a core planning activity that supports all important decisions in the organization, for example, organizational resources planning. It’s not just about IT.
• Foundational: The best way to answer the question, “Where do we start?” or “Where is our investment best directed?”, comes from knowing your organization, what its core functions and capabilities are (i.e. what’s important to us as an organization), and where there is work to do.
• Connecting: Digital transformation and modernization cannot work with siloes. Connecting siloes means first knowing the organization and its functions and recognizing where the siloes are not communicating.

Business architecture must be branded as a front-end planning function to be appropriately embedded in the organization’s planning process.

Brand business architecture as an early planning pre-requisite on the basis of maintaining clarity of communication and spreading an accurate awareness of how strategic decisions are being made.

As an organization moves from strategy toward execution, it is often unclear as to exactly how decisions pertaining to execution are being made, why priority is given to certain areas, and how the planning function operates.

The business architect’s primary role is to model this process and document it.

In doing so, the business architect creates a unified view as to how strategy connects to execution so it is clearly understood by all levels of the organization.

Business architecture is part of the enterprise architecture framework

Business architecture is a set of shared and practical views of the enterprise

The key characteristic of the business architecture is that it represents real-world aspects of a business, along with how they interact.

Many different views of an organization are typically developed. Each view is a diagram that illustrates a way of understanding the enterprise by highlighting specific information about it:

• Business strategy view captures the tactical and strategic goals that drive an organization forward.
• Business capabilities view describes the primary business functions of an enterprise and the pieces of the organization that perform those functions.
• Value stream view defines the end-to-end set of activities that deliver value to external and internal stakeholders.
• Business knowledge view establishes the shared semantics (e.g. customer, order, and supplier) within an organization and relationships between those semantics (e.g. customer name, order date, supplier name) – an information map.
• Organizational view captures the relationships among roles, capabilities, and business units, the decomposition of those business units into subunits, and the internal or external management of those units.

Business architect connects all the pieces

The business owns the strategy and operating model; the business architect connects all the pieces together.

Choose a key business challenge to address with business architecture

Picking the right project is critical to setting the tone for business architecture work in the organization.

Best practices for business architecture success

Consider these best practices to maintain a high level of engagement from key stakeholders throughout the process of establishing or applying business architecture.

Balance short-term cost savings with long-term benefits

Participate in project governance to facilitate compliance

Create a center of excellence to foster dialogue

Value streams: Understand how you deliver value today

It is important to understand the different value-generating activities that deliver an outcome for and from your customers.

We do this by looking at value streams, which refer to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer (and so the question to ask is, how do you make money as an organization?).

Our approach helps you to strengthen and transform those value streams that generate the most value for your organization.

An organization can have more than one set of streams.
For example, an enterprise can provide both retail shopping and financial services, such as credit cards.

Define the organization’s value streams

• Value streams connect business goals to the organization’s value realization activities. They enable an organization to create and capture value in the market place by engaging in a set of interconnected activities. Those activities are dependent on the specific industry segment an organization operates within. Value streams can extend beyond the organization into the supporting ecosystem, whereas business processes are contained within and the organization has complete control over them.
• There are two types of value streams: core value streams and support value streams. Core value streams are mostly externally facing: they deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map. Support value streams are internally facing and provide the foundational support for an organization to operate.
• An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers. Info-Tech recommends identifying and organizing the value streams with customers and partners as end-value receivers.

Example: Value stream descriptions for the retail industry

Value streams describe your core business

Value streams – the activities we do to provide value to customers – require business capabilities.

Value streams are broken down further into value stages, for example, the Sell Product value stream has value stages Evaluate Options, Place Order, and Make Payment.

Think of value streams as the core operations: the reason for your organization’s being. A professional consulting organization may have a legal team but it does not brand itself as a law firm. A core value stream is providing research products and services; a business capability that supports it is legal counsel.

Decompose the value stream into stages

The stages of a value stream are usually action-oriented statements or verbs that make up the individual steps involved throughout the scope of the value stream, e.g. Place Order or Make Payment.

Each value stream should have a trigger or starting point and an end result for a client or receiver.

There should be measurable value or benefits at each stage. These are key performance indicators (KPIs). Spot problem areas in the stream.

Value streams usually fall into one of these categories:

1. Fulfillment of products and services
2. Manufacturing
3. Software products
4. Supporting value streams (procurement of supplies, product planning)

Value streams need capabilities

• Value streams connect business goals to the organization’s value realization activities. They enable an organization to create and capture value in the market place by engaging in a set of interconnected activities.
• There are two types of value streams: core value streams and support value streams. Core value streams are mostly externally facing: they deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map. Support value streams are internally facing and provide the foundational support for an organization to operate.
• There can be different end-value receivers. Info-Tech recommends identifying and organizing the value streams with customers and partners as end-value receivers.

Value streams need business capabilities

Business capabilities are built up to allow the business to perform the activities that bring value to customers. Map capabilities to the value-add activities in the value stream. Business capabilities lie at the top layer of the business architecture:

• They are the most stable reference for planning organizations.
• They make strategy more tangible.
• If properly defined, they can help overcome organizational silos.

Example business capability map – Higher Education

A business capability map can be thought of as a visual representation of your organization’s business capabilities and represents a view of what your data program must support.

Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

Example business capability map for: Higher Education

Example business capability map – Local Government

Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

A business capability map can be thought of as a visual representation of your organization’s business capabilities and represents a view of what your data program must support.

Example business capability map for: Local Government

Value streams need business capabilities

Value streams – the activities we do to provide value to customers – require business capabilities. Value streams are broken down further into value stages.

Business capabilities are built up to allow the business to perform the activities that bring value to customers. Map capabilities to the activities in the value stage to spot opportunities and problems in delivering services and value.

Business processes fulfill capabilities. They are a step-by-step description of who is performing what to achieve a goal. Capabilities consist of networks of processes and the resources – people, technology, materials – to execute them.

Capability = Processes + Software, Infrastructure + People

Prioritize a value stream and identify its supporting capabilities

Prioritize your improvement objectives and business goals and identify a value stream to transform.

Align the business objectives of your organization to your value streams (the critical actions that take place within your organization to add value to a customer).

Prioritize a value stream to transform based on the number of priorities aligned to a value stream, and/or the business value (e.g. revenue, EBITDA earnings, competitive differentiation, or cost efficiency).

Decompose the selected value stream into value stages.

Align capabilities level 1 and 2 to value stages. One capability may support several value stages in the stream.

Build a business architecture for the prioritized value stream with a map of business capabilities up to level 2.

NOTE: We can’t map all capabilities all at once: business architecture is an ongoing practice; select key mapping initiatives each year based on business goals.

Map business capabilities to Level 2

Map capabilities to value stage

Business value realization

Business value defines the success criteria of an organization as manifested through organizational goals and outcomes, and it is interpreted from four perspectives:

• Profit generation: The revenue generated from a business capability with a product that is enabled with modern technologies.
• Cost reduction: The cost reduction when performing business capabilities with a product that is enabled with modern technologies.
• Service enablement: The productivity and efficiency gains of internal business operations from products and capabilities enhanced with modern technologies.
• Customer and market reach: The improved reach and insights of the business in existing or new markets.

Value, goals, and outcomes cannot be achieved without business capabilities

Break down your business goals into strategic and achievable initiatives focused on specific value streams and business capabilities.

Accelerate the process with an industry business architecture

It’s never a good idea to start with a blank page.

The business capability map available from Info-Tech and with industry standard models can be used as an accelerator. Assemble the relevant stakeholders – business unit leads and product/service owners – and modify the business capability map to suit your organization’s context.

Acceleration path: Customize generic capability maps with the assistance of our industry analysts.

Identify goals and drivers

Consider organizational goals and industry forces when planning.

Use inputs from business goals and strategies to understand priorities.

It is not necessary to have a comprehensive business strategy document to start – with key stakeholders, the business architect should be able to gather a one-page business value canvas or customer journey.

Determine how the organization creates value

Begin the process by identifying and locating the business mission and vision statements.

What is business context?

“The business context encompasses an understanding of the factors impacting the business from various perspectives, including how decisions are made and what the business is ultimately trying to achieve. The business context is used by IT to identify key implications for the execution of its strategic initiatives.”

Source: Businesswire, 2018

Identify the key stakeholders who can help you promote the value of business architecture

First, as the CIO, you must engage executive stakeholders and secure their support.
Focus on key players who have high power and high interest in business architecture.

Engage the stakeholders who are impacted the most and have the power to impede the success of business architecture.

For example, if the CFO – who has the power to block funding – is disengaged, business architecture will be put at risk.

Use Info-Tech’s Stakeholder Power Map Template to help prioritize time spent with stakeholders.

Identify the key stakeholders concerned with the business architecture project

A business architecture project may involve the following stakeholders:

You must identify who the stakeholders are for your business architecture work.

Think about:

• Who are the decision makers and key influencers?
• Who will impact the business architecture work? Who will the work impact?
• Who has vested interest in the success or failure of the practice?
• Who has the skills and competencies necessary to help us be successful?

Avoid these common mistakes:

• Don’t focus on the organizational structure and hierarchy. Often stakeholder groups don’t fit the traditional structure.
• Don’t ignore subject-matter experts on either the business or IT side. You will need to consider both.

1.1 Identify and assemble key stakeholders

1-3 hours

Build an accurate depiction of the business.

1. It is important to make sure the right stakeholders participate in this exercise. The exercise of identifying capabilities for an organization is very introspective and requires deep analysis.
2. Consider:
1. Who are the decision makers and key influencers?
2. Who will impact the business capability work? Who has a vested interest in the success or failure of the outcome?
3. Who has the skills and competencies necessary to help you be successful?
3. Avoid:
1. Don’t focus on the organizational structure and hierarchy. Often stakeholder groups don’t fit the traditional structure.
2. Don’t ignore subject matter experts on either the business or IT side. You will need to consider both.

Conduct interviews with the business to gather intelligence for strategy

Talking to key stakeholders will allow you to get a holistic view of the business strategy.

Build a strategy on a page through executive interviews and document reviews

Understanding the business mandate and priorities ensures alignment across the enterprise.

A business strategy must articulate the long-term destination the business is moving into. This illustration shapes all the strategies and activities in every other part of the business, including what IT capabilities and resources are required to support business goals. Ultimately, the benefits of a well-defined business strategy increase as the organization scales and as business units or functions are better equipped to align the strategic planning process in a manner that reflects the complexity of the organization.

Using the Business Strategy on a Page canvas, consider the questions in each bucket to elicit the overall strategic context of the organization and uncover the right information to build your digital strategy. Interview key executives including your CEO, CIO, CMO, COO, CFO, and CRO, and review documents from your board or overall organizational strategy to uncover insights.

Info-Tech Insight
A well-articulated and clear business strategy helps different functional and business units work together and ensures that individual decisions support the overall direction of the business.

Focus on business value and establish a common goal

Business architecture is a strategic planning function and the focus must be on delivering business value.

Examples business objectives:

• Digitally transform the business, redefining its customer interactions.
• Identify the root cause for escalating customer complaints and eroding satisfaction.
• Identify reuse opportunities to increase operational efficiency.
• Identify capabilities to efficiently leverage suppliers to handle demand fluctuations.

Info-Tech Insight
CIOs are ideally positioned to be the sponsors of business architecture given that their current top priorities are digital transformation, innovation catalyzation, and business alignment.

1.2 Collect and understand business objectives

1-3 hours

Having a clear understanding of the business is crucial to executing on the strategic IT initiatives.

1. Discover the strategic CIO initiatives your organization will pursue:

• Schedule interviews.
• Use the CIO Business Vision diagnostic or Business Context Discovery Tool.

CIO Business Vision Diagnostic

CEO

Interview the following executives for each business goal area.

Craft a strategy to increase stakeholder support and participation

The BA practice’s supporters are potential champions who will help you market the value of BA; engage with them first to create positive momentum. Map out the concerns of each group of stakeholders so you can develop marketing tactics and communications vehicles to address them.

Example Communication Strategy

1.3 Craft a strategy to increase stakeholder support and participation

1-2 hours

Now that you have organized and categorized your stakeholders based on their power, influence, interest, and knowledge of business architecture, it is time to brainstorm how you are going to gain their support and participation.

Think about the following:

• What are your stakeholders’ concerns?
• How can you address them?
• How will you deliver the message?
• How often will you deliver the message?

Avoid these common mistakes:

• Your communication strategy development should be an iterative process. Do not assume to know the absolute best way to get through to every resistor right away. Instead, engage with your supporters for their input on how to communicate to resistors and repeat the process for indifferent stakeholders as well.

Download the Stakeholder Engagement Strategy Template for this project.

Engaging the right stakeholders

CASE STUDY

Source
Anonymous

1.4 Develop a plan to engage key stakeholders

1 hour

Using your stakeholder power map as a starting point, focus on the three most important quadrants: those that contain stakeholders you must keep informed, those to keep satisfied, and the key players.

Plot the stakeholders from those quadrants on a stakeholder engagement map.

Think about the following:

• Who are your resistors? These individuals will actively detract from project’s success if you don’t address their concerns.
• Who is indifferent? These individuals need to be educated more on the benefits of business architecture to have an opinion either way.
• Who are your supporters? These individuals will support you and spread your message if you equip them to do so.

Avoid these common mistakes:

• Do not jump to addressing resistor concerns first. Instead, equip your supporters with the info they need to help your cause and gain positive momentum before approaching resistors.

Download the Stakeholder Engagement Strategy Template for this project.

1.5 Craft a strategy to increase stakeholder support and participation

1-2 hours

Now that you have organized and categorized your stakeholders based on their power, influence, interest, and knowledge of business architecture, it is time to brainstorm how you are going to gain their support and participation.

Think about the following:

• What are your stakeholders’ concerns?
• How can you address them?
• How will you deliver the message?
• How often will you deliver the message?

Avoid these common mistakes:

• Your communication strategy development should be an iterative process. Do not assume to know the absolute best way to get through to every resistor right away. Instead, engage with your supporters for their input on how to communicate to resistors and repeat the process for indifferent stakeholders as well.

Download the Stakeholder Engagement Strategy Template for this project.

Define value streams

Identify the core activities your organization does to provide value to your customers.

This phase will walk you through the following activities:

• Note: It is recommended that you gather and leverage relevant industry standard business architecture models you may have available to you. Example: Info-Tech Industry Business Architecture, BIZBOK, APQC.
• Defining or updating the organization’s value streams.
• Selecting priority value streams for deeper analysis.

This phase involves the following participants:

• Business Architect, Enterprise Architect
• Relevant Business Stakeholder(s): Business Unit Leads, Departmental Executives, Senior Mangers, Business Analysts

Define the organization’s value streams

• Value streams connect business goals to the organization’s value realization activities. They enable an organization to create and capture value in the marketplace by engaging in a set of interconnected activities. Those activities are dependent on the specific industry segment an organization operates within. Value streams can extend beyond the organization into the supporting ecosystem, whereas business processes are contained within and the organization has complete control over them.
• There are two types of value streams: core value streams and support value streams. Core value streams are mostly externally facing: they deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map. Support value streams are internally facing and provide the foundational support for an organization to operate.
• An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers. Info-Tech recommends identifying and organizing the value streams with customers and partners as end-value receivers.

Connect business goals to value streams

Identifying value streams

Value streams connect business goals to organization’s value realization activities. They enable an organization to create and capture value in the market place by engaging in a set of interconnected activities.

There are several key questions to ask when endeavoring to identify value streams.

Example: Value stream descriptions for the retail industry

Value streams describe your core business

Value streams – the activities we do to provide value to customers – require business capabilities.

Value streams are broken down further into value stages, for example, Sell Product value stream has value stages Evaluate Options, Place Order, and Make Payment.

Think of value streams as the core operations, the reason for our organization’s being. A professional consulting organization may have a legal team but it does not brand itself as a law firm. A core value stream is providing research products and services – a business capability that supports it is legal counsel.

2.1 Define value streams

1-3 hours

Unify the organization’s perspective on how it creates value.

1. Write a short description of the value stream that includes a statement about the value provided and a clear start and end for the value stream. Validate the accuracy of the descriptions with your key stakeholders.
2. Consider:
1. How does the organization deliver those benefits?
2. How does the customer receive the benefits?
3. What is the scope of your value stream? What will trigger the stream to start and what will the final value be?
3. Avoid: Don’t start with a blank page. Use Info-Tech’s business architecture models for sample value streams.

See your Info-Tech Account Representative for access to the Reference Architecture Template

Decompose the value stream into stages

The stages of a value stream are usually action-oriented statements or verbs that make up the individual steps involved throughout the scope of the value stream, e.g. Place Order or Make Payment.

Each value stream should have a trigger or starting point and an end result for a client or receiver.

There should be measurable value or benefits at each stage.
These are key performance indicators (KPIs).
Spot problem areas in the stream.

Value streams usually fall into one of these categories:

1. Fulfillment of products and services
2. Manufacturing
3. Software products
4. Supporting value streams (procurement of supplies, product planning)

Value stream and value stages examples

Customer Acquisitions
Identify Prospects > Contact Prospects > Verify Interests

Sell Product
Identify Options > Evaluate Options > Negotiate Price and Delivery Date > Place Order > Get Invoice > Make Payment

Product Delivery
Confirm Order > Plan Load > Receive Warehouse > Fill Order > Ship Order > Deliver Order > Invoice Customer

Product Financing
Initiate Loan Application > Decide on Application > Submit Documents > Review & Satisfy T&C > Finalize Documents > Conduct Funding > Conduct Funding Audits

Product Release
Ideate > Design > Build > Release

Sell Product is a value stream, made up of value stages Identify options, Evaluate options, and so on.

2.2 Decompose selected value streams

1-3 hours

Once we have a good understanding of our value streams, we need to decide which ones to focus on for deeper analysis and modeling, e.g. extend the business architecture to more detailed level 2 capabilities.

Organization has goals and delivers products or services.

1. Identify which value propositions are most important, e.g. be more productive or manage money more simply.
2. Identify the value stream(s) that create the value proposition.
3. Break the selected value stream into value stages.
4. Analyze value stages for opportunities.

Build your value stream one layer at a time to ensure clarity and comprehensiveness

The first step of creating a value stream is defining it.

• In this step, you create the parameters around the value stream and document them in a list format.
• This allows you to know where each value stream starts and ends and the unique value it provides.

The second step is the value stream mapping.

• The majority of the mapping is done here where you break down your value stream into each of its component stages.
• Analysis of these stages allows for a deeper understanding of the value stream.
• The mapping layer connects the value stream to organizational capabilities.

Define the value streams that are tied to your strategic goals and document them in a list

Title

• Create a title for your value stream that indicates the value it achieves.
• Ensure your title is clear and will be understood the same way across the organization.
• The common naming convention for value streams is to use nouns, e.g. product purchase.

Scope

• Determine the scope of your value stream by defining the trigger to start the value stream and final value delivered to end the value stream.
• Be precise with your trigger to ensure you do not mistakenly include actions that would not trigger your value stream.
• A useful tip is creating a decision tree and outlining the path that results in your trigger.

Objectives

• Determine the objectives of the value stream by highlighting the outcome it delivers.
• Identify the desired outcomes of the value stream from the perspective of your organization.

Example Value Streams List

Create a value stream map

Decompose the value stream into its value stages

The first step in creating a value stream map is breaking it up into its component stages.

The stages of a value stream are usually action-oriented statements or verbs that make up the individual steps involved throughout the scope of the value stream.

The Benefit
Segmenting your value stream into individual stages will give you a better understanding of the steps involved in creating value.

Connect the stages of the value stream to a specific customer perspective

The Benefit
Adding the customer’s perspective will inform you of their priorities at each stage of the value stream.

Connect the stages of the value stream to a desired outcome

The Benefit
Understanding the organization’s desired outcome at each stage of the value stream will help set objectives and establish metrics.

Define the entry and exit criteria of each stage

The Benefit
Establishing the entry and exit criteria for each stage will help you understand how the customer experience flows from one end of the stream to the other.

Outline the key metric(s) for each stage

The Benefit
Setting metrics for each stage will facilitate the tracking of success and inform the business architecture practitioner of where investments should be made.

Example value stream map: Sell Product

Assess the stages of your value stream map to determine which capabilities to examine further

To determine which specific business capabilities you should seek to assess and potentially refine, you must review performance toward target metrics at each stage of the value stream.

Stages that are not performing to their targets should be examined further by assessing the capabilities that enable them.

Determine the business capabilities that support the value stage corresponding with the failing metric

Sell Product

Identify Options > Evaluate Options > Negotiate Price and Delivery Date > Place Order > Get Invoice > Make Payment

The value stage(s) that doesn’t meet its objective metrics should be examined further.

• This is done through business capability mapping and assessment.
• Starting at the highest level (level 0) view of a business, the business architecture practitioner must drill down into the lower level capabilities that support the specific value stage to diagnose/improve an issue.

Info-Tech Insight
In the absence of tangible metrics, you will have to make a qualitative judgement about which stage(s) of the value stream warrant further examination for problems and opportunities.

Build business capability map

Align supporting capabilities to priority activities.

This step will walk you through the following activities:

• Determine which business capabilities support value streams
• Accelerate the process with an industry reference architecture
• Validate the business capability map
• Establish level 2 capability

This step involves the following participants:

• Enterprise/Business Architect
• Business Analysts
• Business Unit Leads
• CIO
• Departmental Executives & Senior Managers

Outcomes of this step

Develop a business capability map – level 1

• Business architecture consists of a set of techniques to create multiple views of an organization; the primary view is known as a business capability map.
• A business capability defines what a business does to enable value creation and achieve outcomes, rather than how. Business capabilities are business terms defined using descriptive nouns such as “Marketing” or “Research and Development.” They represent stable business functions, are unique and independent of each other, and typically will have a defined business outcome. Business capabilities should not be defined as organizational units and are typically longer lasting than organizational structures.
• A business capability mapping process should begin at the highest-level view of an organization, the level 1, which presents the entire business on a page.
• An effective method of organizing business capabilities is to split them into logical groupings or categories. At the highest level, capabilities are either “core” (customer-facing functions) or “enabling” (supporting functions).
• As a best practice, Info-Tech recommends dividing business capabilities into the categories illustrated to the right.

The Business Capability Map is the primary visual representation of the organization’s key abilities or services that are delivered to stakeholders. This model forms the basis of strategic planning discussions.

Example business capability map – Higher Education

A business capability map can be thought of as a visual representation of your organization’s business capabilities and represents a view of what your data program must support.

Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

Example business capability map for: Higher Education

Example business capability map – Local Government

A business capability map can be thought of as a visual representation of your organization’s business capabilities and represents a view of what your data program must support.

Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

Example business capability map for: Local Government

Map capabilities to value stage

Source: Lambert, “Practical Guide to Agile Strategy Execution”

3.1 Build level 1 business capability map

1-3 hours

1. Analyze the value streams to identify and describe the organization’s capabilities that support them. This stage requires a good understanding of the business and will be a critical foundation for the business capability map. Use the reference business architecture’s business capability map for your industry for examples of level 1 and 2 business capabilities and the capability map template to work in.
2. Avoid:
1. Don’t repeat capabilities. Capabilities are typically mutually exclusive activities.
2. Don’t include temporary initiatives. Capabilities should be stable over time. The people, processes, and technologies that support capabilities will change continuously.

Ensure you engage with the right stakeholders:

Don’t waste your efforts building an inaccurate depiction of the business: The exercise of identifying capabilities for an organization is very introspective and requires deep analysis.

It is challenging to develop a common language that everyone will understand and be able to apply. Invest in the time to ensure the right stakeholders are brought into the fold and bring their business area expertise and understanding to the table.

Prioritize one value stream and build a business architecture to level 2 capabilities

Prioritize your innovation objectives and business goals, and identify a value stream to transform.

Align the innovation goals and business objectives of your organization to your value streams (the critical actions that take place within your organization to add value to a customer).
Prioritize a value stream to transform based on the number of priorities aligned to a value stream and/or the business value (e.g. revenue, EBITDA earnings, competitive differentiation, or cost efficiency).
Working alongside a business or enterprise architect, build a reference architecture for the prioritized value stream up to level 2.

Info-Tech Insight
To produce maximum impact, focus on value streams that provide two-thirds of your enterprise value (EBITDA earnings).

From level 1 to level 2 business capabilities

3.2 Build level 2 business capability map

1-3 hours

It is only at level 2 and further that we can pinpoint the business capabilities – the exact resources, whether applications or data or processes – that we need to focus on to realize improvements in the organization’s performance and customer experience.

1. Gather industry reference models and any existing business capability maps.
2. For the selected value stream, further break down its level 1 business capabilities into level 2 capabilities.
3. You can often represent the business capabilities on a single page, providing a holistic visual for decision makers.
4. Use meaningful names for business capabilities so that planners, stakeholders, and subject matter experts can easily search the map.

Download: See your Account Representative for access to Info-Tech’s Reference Architecture Template

3.3 Heatmap business capability map

1-3 hours

Determine the organization’s key capabilities.

1. Determine cost advantage creators. If your organization has a cost advantage over competitors, the capabilities that enable it should be identified and prioritized. Highlight these capabilities and prioritize the programs that support them.
2. Determine competitive advantage creators. If your organization does not have a cost advantage over competitors, determine if it can deliver differentiated end-customer experiences. Once you have identified the competitive advantages, understand which capabilities enable them. These capabilities are critical to the success of the organization and should be highly supported.
3. Define key future state capabilities. In addition to the current and competitive advantage creators, the organization may have the intention to enhance new capabilities. Discuss and select the capabilities that will help drive the attainment of future goals.
4. Assess how well information, applications, and processes support capabilities.

Download: See your Account Representative for access to Info-Tech’s Reference Architecture Template

Business capability map: Education

Define key capabilities

Note: Illustrative Example

Business process review

Note: Illustrative Example

Information assessment

Note: Illustrative Example

Application assessment

Note: Illustrative Example

MoSCoW analysis for business capabilities

Note: Illustrative Example

Ranked list of IT implications

3.4 Roadmap business architecture initiatives

1-3 hours

Unify the organization’s perspective on how it creates value.

1. Write a short description of the value stream that includes a statement about the value provided and a clear start and end for the value stream. Validate the accuracy of the descriptions with your key stakeholders.
2. Consider:
1. How does the organization deliver those benefits?
2. How does the customer receive the benefits?
3. What is the scope of your value stream? What will trigger the stream to start and what will the final value be?
3. Don’t start with a blank page. Use Info-Tech’s business architecture models for sample value streams.