Build a Data Classification MVP for M365

Kickstart your governance with data classification users will actually use!

Executive Summary

Info-Tech Insight

• Creating an MVP gets you started in data governance
  Information protection and governance are not something you do once and then you are done. It is a constant process where you start with the basics (a minimum-viable product or MVP) and enhance your schema over time. The objective of the MVP is reducing obstacles to establishing an initial governance position, and then enabling rapid development of the solution to address a variety of real risks, including data loss prevention (DLP), data retention, legal holds, and data labeling.
• Define your information and protection strategy
  The initial strategy is to start looking across your organization and identifying your customer data, regulatory data, and sensitive information. To have a successful data protection strategy you will include lifecycle management, risk management, data protection policies, and DLP. All key stakeholders need to be kept in the loop. Ensure you keep track of all available data and conduct a risk analysis early. Remember, data is your highest valued intangible asset.
• Planning and resourcing are central to getting started on MVP
  A governance plan and governance decisions are your initial focus. Create a team of stakeholders that include IT and business leaders (including Legal, Finance, HR, and Risk), and ensure there is a top-level leader who is the champion of the governance objective, which is to ensure your data is safe, secure, and not prone to leakage or theft, and maintain confidentiality where it is warranted.

Executive Summary

Info-Tech Insight

Data classification is the lynchpin to any effective governance of O/M365 and your objective is to navigate through this easily and effectively and build a robust, secure, and viable governance model. Start your journey by identifying what and where your data is and how much data do you have. You need to understand what sensitive data you have and where it is stored before you can protect or govern it. Ensure there is a high-level leader who is the champion of the governance objectives. Data classification fulfills the governance objectives of risk mitigation, governance and compliance, efficiency and optimization, and analytics.

Questions you need to ask

Four key questions to kick off your MVP.

Classification tiers

Build your schema.

Info-Tech Insight

Deciding on how granular you go into data classification will chiefly be governed by what industry you are in and your regulatory obligations – the more highly regulated your industry, the more classification levels you will be mandated to enforce. The more complexity you introduce into your organization, the more operational overhead both in cost and resources you will have to endure and build.

Microsoft MIP Topology

Microsoft Information Protection (MIP), which is Microsoft’s Data Classification Services, is the key to achieving your governance goals. Without an MVP, data classification will be overwhelming; simplifying is the first step in achieving governance.

(Source: Microsoft, “Microsoft Purview compliance portal”)

Info-Tech Insight

Using least-complex sensitivity labels in your classification are your building blocks to compliance and security in your data management schema; they are your foundational steps.

MVP RACI Chart

Data governance is a "takes a whole village" kind of effort.

Clarify who is expected to do what with a RACI chart.

What and where your data resides Data types that require classification.

M365 Workload Containers
Email Attachments	Site Collections, Sites	Sites	Project Databases
Contacts	Teams and Group Site Collections, Sites	Libraries and Lists	Sites
Metadata	Libraries and Lists	Documents Versions	Libraries and Lists
Teams Conversations	Documents Versions	Metadata	Documents Versions
Teams Chats	Metadata	Permissions Internal Sharing External Sharing	Metadata
	Permissions Internal Sharing External Sharing	Files Shared via Teams Chats	Permissions Internal Sharing External Sharing

Info-Tech Insight

Knowing where your data resides will ensure you do not miss any applicable data that needs to be classified. These are examples of the workload containers; you may have others.

Discover and classify on- premises files using AIP

AIP helps you manage sensitive data prior to migrating to Office 365: Use discover mode to identify and report on files containing sensitive data. Use enforce mode to automatically classify, label, and protect files with sensitive data. Can be configured to scan: SMB files SharePoint Server 2016, 2013

Map your network and find over-exposed file shares. Protect files using MIP encryption. Inspect the content in file repositories and discover sensitive information. Classify and label file per MIP policy.

Azure Information Protection scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data. Discover mode helps you identify and report on files containing sensitive data (Microsoft Inside Track and CIAOPS, 2022). Enforce mode automatically classifies, labels, and protects files with sensitive data.

Info-Tech Insight

Any asset deployed to the cloud must have approved data classification. Enforcing this policy is a must to control your data.

Understanding governance

Microsoft Information Governance

Retention and backup policy decision

Retention is not backup.

Understand retention policy

What are retention policies used for? Why you need them as part of your MVP?

Do not confuse retention labels and policies with backup.

Remember: “retention [policies are] auto-applied whereas retention label policies are only applied if the content is tagged with the associated retention label” (AvePoint Blog, 2021).

E-discovery tool retention policies are not turned on automatically.

Retention policies are not a backup tool – when you activate this feature you are unable to delete anyone.

“Data retention policy tools enable a business to:

• “Decide proactively whether to retain content, delete content, or retain and then delete the content when needed.
• “Apply a policy to all content or just content meeting certain conditions, such as items with specific keywords or specific types of sensitive information.
• “Apply a single policy to the entire organization or specific locations or users.
• “Maintain discoverability of content for lawyers and auditors, while protecting it from change or access by other users. […] ‘Retention Policies’ are different than ‘Retention Label Policies’ – they do the same thing – but a retention policy is auto-applied, whereas retention label policies are only applied if the content is tagged with the associated retention label.

“It is also important to remember that ‘Retention Label Policies’ do not move a copy of the content to the ‘Preservation Holds’ folder until the content under policy is changed next.” (Source: AvePoint Blog, 2021)

Definitions

Data classification is a focused term used in the fields of cybersecurity and information governance to describe the process of identifying, categorizing, and protecting content according to its sensitivity or impact level. In its most basic form, data classification is a means of protecting your data from unauthorized disclosure, alteration, or destruction based on how sensitive or impactful it is.

Once data is classified, you can then create policies; sensitive data types, trainable classifiers, and sensitivity labels function as inputs to policies. Policies define behaviors, like if there will be a default label, if labeling is mandatory, what locations the label will be applied to, and under what conditions. A policy is created when you configure Microsoft 365 to publish or automatically apply sensitive information types, trainable classifiers, or labels.

Sensitivity label policies show one or more labels to Office apps (like Outlook and Word), SharePoint sites, and Office 365 groups. Once published, users can apply the labels to protect their content.

Data loss prevention (DLP) policies help identify and protect your organization's sensitive info (Microsoft Docs, April 2022). For example, you can set up policies to help make sure information in email and documents is not shared with the wrong people. DLP policies can use sensitive information types and retention labels to identify content containing information that might need protection.

Retention policies and retention label policies help you keep what you want and get rid of what you do not. They also play a significant role in records management.

Data examples for MVP classification

• Examples of the type of data you consider to be Confidential, Internal, or Public.
• This will help you determine what to classify and where it is.

New container sensitivity labels (MIP)

New container sensitivity labels

What users will see when they create or label a Team/Group/Site

(Source: Microsoft, “Microsoft Purview compliance portal”)

Info-Tech Insights

• Manage privacy of Teams Sites and M365 Groups
• Manage external user access to SPO sites and teams
• Manage external sharing from SPO sites
• Manage access from unmanaged devices

Data protection and security baselines

Info-Tech Insights

• Controls are already in place to set data protection policy. This assists in the MVP activities.
• Finally, you need to set your security baseline to ensure proper permissions are in place.

Prerequisite baseline

Security MFA or SSO to access from anywhere, any device Banned password list BYOD sync with corporate network

Users Sign out inactive users automatically Enable guest users External sharing Block client forwarding rules

Resources Account lockout threshold OneDrive SharePoint

Controls Sensitivity labels, retention labels and policies, DLP Mobile application management policy

Building baselines

Sensitivity Profiles: Public, Internal, Confidential; Subcategory: Highly Confidential

Microsoft 365 Collaboration Protection Profiles

Please Note: Global/Compliance Admins go to the 365 Groups platform, the compliance center (Purview), and Teams services (Source: Microsoft Documentation, “Microsoft Purview compliance documentation”)

Info-Tech Insights

• Building baseline profiles will be a part of your MVP. You will understand what type of information you are addressing and label it accordingly.
• Sensitivity labels are a way to classify your organization's data in a way that specifies how sensitive the data is. This helps you decrease risks in sharing information that shouldn't be accessible to anyone outside your organization or department. Applying sensitivity labels allows you to protect all your data easily.

MVP activities

ACME Company MVP for M/O365

Related Blueprints

Govern Office 365

Office 365 is as difficult to wrangle as it is valuable. Leverage best practices to produce governance outcomes aligned with your goals.

Map your organizational goals to the administration features available in the Office 365 console. Your governance should reflect your requirements.

Migrate to Office 365 Now

Jumping into an Office 365 migration project without careful thought of the risks of a cloud migration will lead to project halt and interruption. Intentionally plan in order to expose risk and to develop project foresight for a smooth migration.

Microsoft Teams Cookbook

IT Governance, Risk & Compliance

Several blueprints are available on a broader topic of governance, from Make Your IT Governance Adaptable to Improve IT Governance to Drive Business Results and Build an IT Risk Management Program.

Bibliography

“Best practices for sharing files and folders with unauthenticated users.” Microsoft Build, 28 April 2022. Accessed 2 April 2022.

“Build and manage assessments in Compliance Manager.” Microsoft Docs, 15 June 2022. Web.

“Building a modern workplace with Microsoft 365.” Microsoft Inside Track, n.d. Web.

Crane, Robert. “June 2020 Microsoft 365 Need to Know Webinar.” CIAOPS, SlideShare, 26 June 2020. Web.

“Data Classification: Overview, Types, and Examples.” Simplilearn, 27 Dec. 2021. Accessed 11 April 2022.

“Data loss prevention in Exchange Online.” Microsoft Docs, 19 April 2022. Web.

Davies, Nahla. “5 Common Data Governance Challenges (and How to Overcome Them).” Dataversity. 25 October 2021. Accessed 5 April 2022.

“Default labels and policies to protect your data.” Microsoft Build, April 2022. Accessed 3 April 2022.

M., Peter. "Guide: The difference between Microsoft Backup and Retention." AvePoint Blog, 9 Oct. 2021. Accessed 4 April 2022.

Meyer, Guillaume. “Sensitivity Labels: What They Are, Why You Need Them, and How to Apply Them.” nBold, 6 October 2021. Accessed 2 April 2022.

“Microsoft 365 guidance for security & compliance.” Microsoft, 27 April 2022. Accessed 28 April 2022.

“Microsoft Purview compliance portal.” Microsoft, 19 April 2022. Accessed 22 April 2022.

“Microsoft Purview compliance documentation.” Microsoft, n.d. Accessed 22 April 2022.

“Microsoft Trust Center: Products and services that run on trust.” Microsoft, 2022. Accessed 3 April 2022.

“Protect your sensitive data with Microsoft Purview.” Microsoft Build, April 2022. Accessed 3 April 2022.

Zimmergren, Tobias. “4 steps to successful cloud governance in Office 365.” Rencore, 9 Sept. 2021. Accessed 5 April 2022.

The ESG Imperative and Its Impact on Organizations

Design to enable an active response to changing conditions.

Analyst Perspective

Environmental, social, and governance (ESG) is a corporate imperative that is tied to long-term value creation. An organization's social license to operate and future corporate performance depends on managing ESG factors well.

Central to an ESG program is having a good understanding of the ESG factors that may have a material impact on enterprise value and key internal and external stakeholders. A comprehensive ESG strategy supported by strong governance and risk management is also essential to success.

Capturing relevant data and applying it within risk models, metrics, and internal and external reports is necessary for sharing your ESG story and measuring your progress toward meeting ESG commitments. Consequently, the data challenges have received a lot of attention, and IT leaders have a role to play as strategic partner and enabler to help address these challenges. However, ESG is more than a data challenge, and IT leaders need to consider the wider implications in managing third parties, selecting tools, developing supporting IT architecture, and ensuring ethical design.

For many organizations, the ESG program journey has just begun, and collaboration between IT and risk, procurement, and compliance will be critical in shaping program success.

Donna Bales
Principal Research Director
Info-Tech Research Group

Executive Summary

Your Challenge

• Global regulatory climate disclosure requirements are still evolving and are not consistent.
• Sustainability is becoming a corporate imperative, but IT's role is not fully clear.
• The ESG data challenge is large and continually expanding in scope.
• Collecting the necessary data and managing ethical issues across supply chains is a daunting task.
• Communicating long-term value is difficult when customer and employee expectations are shifting.

Common Obstacles

• The data necessary for data-driven insights and accurate disclosure is often hampered by inaccurate and incomplete primary data.
• Other challenges include:
  • Approaching ESG holistically and embedding it into existing governance, risk, and IT capabilities.
  • Building knowledge and adapting culture throughout all levels of the organization.
  • Monitoring stakeholder sentiment and keeping strategy aligned to expectations.

Info-Tech's Approach

• Use this blueprint to educate yourself on ESG factors and the broader concept of sustainability.
• Learn about Info-Tech's ESG program approach and use it as a framework to begin your ESG program journey.
• Identify changes that may be needed in your organizational operating model, strategy, governance, and risk management approach.
• Discover areas of IT that may need to be prioritized and resourced.

Info-Tech Insight

An organization's approach to ESG cannot be static or tactical. ESG is a moving landscape that requires a flexible, holistic approach across the organization. It must become part of the way you work and enable an active response to changing conditions.

Putting ESG in context

ESG has moved beyond the tipping point to corporate table stakes

• In recent years, ESG issues have moved from voluntary initiatives driven by corporate responsibility teams to an enterprise-wide strategic imperative.
• Organizations are no longer being measured by financial performance but by how they contribute to a sustainable and equitable future, such as how they support sustainable innovation through their business models and their focus on collaboration and inclusion.
• A corporation's efforts toward sustainability is measured by three components: environmental, social, and governance.

Sustainability

The ability of a corporation and broader society to endure and survive over the long term by managing adverse impacts well and promoting positive opportunities.

Source: United Nations

Putting "E," "S," and "G" in context

Corporate sustainability depends on managing ESG factors well

• Environmental, social, and governance are the component pieces of a sustainability framework that is used to understand and measure how an organization impacts or is affected by society as a whole.
• Human activities, particularly fossil fuel burning since the mid twentieth century, have increased greenhouse gas concentration, resulting in observable changes to the atmosphere, ocean, cryosphere, and biosphere.
• The E in ESG relates to the positive and negative impacts an organization may have on the environment, such as the energy it takes in and the waste it discharges.
• The S in ESG is the most ambiguous component in the framework, as social impact relates not only to risks but also prosocial behaviour. It's the most difficult to measure but can have significant financial and reputational impact on corporations if material and poorly managed.
• The G in ESG is foundational to the realization of S and E. It encompasses how well an organization integrates these considerations into the business and how well the organization engages with key stakeholders, receives feedback, and is transparent with its intentions.

Understanding the drivers behind ESG

$30 trillion is expected to be transferred from the baby boomers to Generation Z and millennials over the next decade
– Accenture

Drivers

• The rapid rise of ESG investing
• The visibility of climate change is driving governments, society, and corporations to act and to initiate and support net zero goals.
• A younger demographic that has strong convictions and financial influence
• A growing trend toward mandatory climate and diversity, equity, and inclusion (DEI) disclosures required by global regulators
• Recent emphasis by regulators on board accountability and fiduciary duty
• Greater societal awareness of social issues and sustainability
• A new generation of corporate leadership that is focused on sustainable innovation

The evolving regulatory landscape

Global regulators are mobilizing toward mandatory regulatory climate disclosure

Canada

• Canadian Securities Administrators (CSA) NI 51-107 Disclosure of Climate-related Matters

Europe

• European Commission, Sustainable Finance Disclosure Regulation (SFDR)
• European Commission, EU Supply Chain Act
• Germany – The German Supply Chain Act (GSCA)
• Financial Conduct Authority UK, Proposal (DP 21/4) Sustainability Disclosure Requirements and investment labels
• UK Modern Slavery Act, 2015

United States

• Securities and Exchange Commission (SEC) 33-11042– The Enhancement and Standardization of Climate-Related Disclosures for Investors
• SEC 33-11038 Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
• Nasdaq Board Diversity Rule (5605(f))

New Zealand

• New Zealand, The Financial Sector (Climate-related Disclosures and Other Matters) Amendment Act 2021

Begin by setting your purpose

Consider your role as a corporation in society and your impact on key stakeholders

• The impact of a corporation can no longer be solely measured by financial impact but also its impact on social good. Corporations have become real-world actors that impact and are affected by the environment, people, and society.
• An ESG program should start with defining your organization's purpose in terms of corporate responsibility, the role it will play, and how it will endure over time through managing adverse impacts and promoting positive impacts.
• Corporations should look inward and outward to assess the material impact of ESG factors on their organization and key internal and external stakeholders.
• Once stakeholders are identified, consider how the ESG factors might be perceived by delving into what matters to stakeholders and what drives their behavior.

Understanding your stakeholder landscape is essential to achieving ESG goals

Assess ESG impact

Materiality assessments help to prioritize your ESG strategy and enable effective reporting

• The concept of materiality as it relates to ESG is the process of gaining different perspectives on ESG issues and risks that may have significant impact (both positive and negative) on or relevance to company performance.
• The objective of a materiality assessment is to identify material ESG issues most critical to your organization by looking a broad range of social and environmental factors. Its purpose is to narrow strategic focus and enable an organization to assess the impact of financial and non-financial risks aggregately.
• It helps to make the case for ESG action and strategy, assess financial impact, get ahead of long-term risks, and inform communication strategies.
• Organizations can leverage assessment tools from Sustainalytics or SASB Standards to help assess ESG risks or use guidance or benchmarking information from industry associations.

Info-Tech Insight

Survey key stakeholders to obtain a more holistic viewpoint of expectations and the industry landscape and gain credibility through the process.

Use a materiality matrix to understand ESG exposure

Example: Beverage Company

Follow a holistic approach

To deliver on your purpose, sustainability must be integrated throughout the organization

• An ESG program cannot be implemented in a silo. It must be anchored on its purpose and supported by a strong governance structure that is intertwined with other functional areas.
• Effective governance is essential to instill trust, support sound decision making, and manage ESG.
• Governance extends beyond shareholder rights to include many other factors, such as companies' interactions with competitors, suppliers, and governments. More transparency is sought on:
  • Corporate behavior, executive pay, and oversight of controls.
  • Board diversity, compensation, and skill set.
  • Oversight of risk management, particularly risks related to fraud, product, data, and cybersecurity

"If ESG is the framework of non-financial risks that may have a material impact on the company's stakeholders, corporate governance is the process by which the company's directors and officers manage those risks."
– Zurich Insurance

Governance and organization approach

There is no one-size-fits-all approach

47% of companies reported that the full board most commonly oversees climate related risks and opportunities while 20% delegate to an existing board governance committee (EY Research, 2021).

• The organizational approach to ESG will differ across industry segments and corporations depending on material risks and their upstream and downstream value change. However, the accountability for ESG sits squarely at the CEO and board level.
• Some organizations have taken the approach of hiring a Chief Sustainability Officer to work alongside the CEO on execution of ESG goals and stakeholder communication, while others use other members of the strategic leadership to drive the desired outcomes.

Strategy alignment

"74% of finance leaders say that investors increasingly use nonfinancial information in their decision-making."

– "Aligning nonfinancial reporting..." EY, 2020

• Like any journey, the ESG journey requires knowing where you are starting from and where you are heading to.
• Once your purpose is crystalized, identify and surface gaps between where you want to go as an organization (your purpose and goals) and what you need to deliver as an organization to meet the expectations of your internal and external stakeholders (your output).
• Using the results of the materiality assessment, weigh the risk, opportunities, and financial impact to help prioritize and determine vulnerabilities and where you might excel.
• Finally, evaluate and make changes to areas of your business that need development to be successful (culture, accountability and board structure, ethics committee, etc.)

Gap analysis example for delivering reporting requirements

Organizational Goals

• Regulatory Disclosure
  • Climate
  • DEI
  • Cyber governance
• Performance Tracking/Annual Reporting
  • Corporate transparency on ESG performance via social, annual circular
• Evidence-Based Business Reporting
  • Risk
  • Board
  • Suppliers

Risk-size your ESG goals

When integrating ESG risks, stick with a proven approach

• Managing ESG risks is central to making sound organizational decisions regarding sustainability but also to anticipating future risks.
• Like any new risk type, ESG risk should be interwoven into your current risk management and control framework via a risk-based approach.
• Yet ESG presents some new risk challenges, and some risk areas may need new control processes or enhancements.

Info-Tech Insight

Integrate ESG risks early, embrace uncertainty by staying flexible, and strive for continual improvement.

Managing supplier risks

Suppliers are a critical input into an organization's ESG footprint

"The typical consumer company's supply chain ... [accounts] for more than 80% of greenhouse-gas emissions and more than 90% of the impact on air, land, water, biodiversity, and geological resources."
– McKinsey & Company, 2016

• Although companies are accustomed to managing third parties via procurement processes, voluntary due-diligence, and contractual provisions, COVID-19 surfaced fragility across global supply chains.
• The mismanagement of upstream and downstream risks of supply chains can harm the reputation, operations, and financial performance of businesses.
• To build resiliency to and visibility of supply chain risk, organizations need to adapt current risk management programs, procurement practices, and risk assessment tools and techniques.
• Procurement departments have an enhanced function, effectively acting as gatekeepers by performing due diligence, evaluating performance, and strengthening the supplier relationship through continual feedback and dialogue.
• Technologies such as blockchain and IoT are starting to play a more dominant role in supply chain transparency.

"Forty-five percent of survey respondents say that they either have no visibility into their upstream supply chain or that they can see only as far as their first-tier suppliers."
– "Taking the pulse of shifting supply chains," McKinsey & Company, 2022

Metrics and targets

Metrics are key to stakeholder transparency, measuring performance against goals, and surfacing organizational blind spots

• ESG metrics are qualitative or quantitative insights that measure organizations' performance against ESG goals. Along with traditional business metrics, they assist investors with assessing the long-term performance of companies based on non-financial ESG risks and opportunities.
• Metrics, key performance indicators (KPIs), and key risk indicators (KRIs) are used to measure how ESG factors affect an organization and how an organization may impact any of the underlying issues related to each ESG factor.
• There are several reporting standards that offer specific ESG performance metrics, such as the Global Reporting Institute (GRI), Sustainability Accounting Standards Board (SASB), and World Economic Forum (WEF).
• For climate-related disclosures, global regulators are converging on the Task Force for Climate-related Disclosures (TCFD) and the International Sustainability Standards Board (ISSB).

Example metrics for ESG factors

The impact of ESG on IT

IT plays a critical role in achieving ESG goals

• IT groups have a critical role to play in helping organizations develop strategic plans to meet ESG goals, measure performance, monitor risks, and deliver on disclosure requirements.
• IT's involvement extends from the CIO providing input at a strategic level to leading the charge within IT to instill new goals and adapt the culture toward one focused on sustainability.
• To set the tone, CIOs should begin by updating their IT governance structure and setting ESG goals for IT.
• IT leaders will need to think about resource use and efficiency and incorporate this into their IT strategy.

Info-Tech Insight

IT leaders need to work collaboratively with risk management to optimize decision making and continually improve ESG performance and disclosure.

"A great strategy meeting is a meeting of the minds."
– Max McKeown

The data challenge

The ESG data requirement is large and continually expanding in scope

• To meet ESG objectives, corporations are challenged with collecting non-financial data from across functional business and geographical locations and from their supplier base and supply chains.
• One of the biggest impediments to ESG implementation is the lack of high-quality data and of mature processes and tools to support data collection.
• The data challenge is compounded by the availability and usability of data, immature and fragmented standards that hinder comparability, and workflow integration.

Info-Tech Insight

Keep your data model flexible and digital where possible to enable data interoperability.

"You can have data without information, but you cannot have information without data."
– Daniel Keys Moran

It's more than a data challenge

Organizations will rely on IT for execution, and IT leaders will need to be ready

Top impacts on IT departments

1. ESG requires corporations to keep track of ESG-related risks of third parties. This will mean more robust assessments and monitoring.
2. Many areas of ESG are new and will require new processes and tools.
3. The SEC has upped the ante recently, requiring more rigorous accountability and reporting on cyber incidents.
4. New IT systems and architecture may be needed to support ESG programs.
5. Current reporting frameworks may need updating as regulators move to digital.
6. Ethical design will need to be considered when AI is used to support risk/data management and when it is used as part of product solutions.

Key takeaways

• It's critical for organizations to look inward and outward to assess the material impact of ESG factors on their organization and key internal and external stakeholders.
• ESG requires a flexible, holistic approach across the organization. It must become part of the way you work and enable an active response to changing conditions.
• ESG introduces new risks that should not be viewed in isolation but interwoven into your current risk management and control framework via a risk-based approach.
• Identify and integrate risks early, embrace uncertainty by staying flexible, and strive for continual improvement.
• Metrics are key to telling your ESG story. Place the appropriate importance on the information that will be reported.
• Recognize that the data challenge is complex and evolving and design your data model to be flexible, interoperable, and digital.
• IT's role is far reaching, and IT will have a critical part in managing third parties, selecting tools, developing supporting IT architecture, and using ethical design.

Definitions

Reporting & standard frameworks

Bibliography

Anne-Titia Bove and Steven Swartz, McKinsey, "Starting at the source: Sustainability in supply chains", 11 November 2016

Accenture, "The Greater Wealth Transfer – Capitalizing on the intergenerational shift in wealth", 2012

Beth Kaplan, Deloitte, "Preparing for the ESG Landscape, Readiness and reporting ESG strategies through controllership playbook", 15 February 2022

Bjorn Nilsson et al, McKinsey & Company, "Financial institutions and nonfinancial risk: How corporates build resilience," 28 February 2022

Bolden, Kyle, Ernst and Young, "Aligning nonfinancial reporting with your ESG strategy to communicate long-term value", 18 Dec. 2020

Canadian Securities Administrators, "Canadian securities regulators seek comment on climate-related disclosure requirements", 18 October 2021

Carol A. Adams et al., Global Risk Institute, "The double-materiality concept, Application and issues", May 2021

Dunstan Allison-Hope et al, BSR, "Impact-Based Materiality, Why Companies Should-Focus Their Assessments on Impacts Rather than Perception", 3 February 2022

EcoVadis, "The World's Most Trusted Business Sustainability Ratings",

Ernst and Young, "Four opportunities for enhancing ESG oversight", 29 June 2021

Federal Ministry of Labour and Social Affairs, The Act on Corporate Due Diligence Obligations in Supply Chains (Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten)", Published into Federal Law Gazette, 22, July 2021

"What Every Company Needs to Know", Sustainalytics

Global Risk Institute, The GRI Perspective, "The materiality madness: why definitions matter", 22 February 2022

John P Angkaw "Applying ERM to ESG Risk Management", 1 August 2022

Hillary Flynn et al., Wellington Management, "A guide to ESG materiality assessments", June 2022

Katie Kummer and Kyle Lawless, Ernst and Young, "Five priorities to build trust in ESG", 14 July 2022

Knut Alicke et al., McKinsey & Company, "Taking the pulse of shifting supply chains", 26 August 2022

Kosmas Papadopoulos and Rodolfo Arauj. The Harvard School Forum on Corporate Governance, "The Seven Sins of ESG Management", 23 September 2020

KPMG, Sustainable Insight, "The essentials of materiality assessment", 2014

Lorraine Waters, The Stack, "ESG is not an environmental issue, it's a data one", 20 May 2021

Marcel Meyer, Deloitte, "What is TCFD and why does it matter? Understanding the various layers and implications of the recommendations",

Michael W Peregnne et al., "The Harvard Law School Forum on Corporate Governance, The Important Legacy of the Sarbanes Oxley Act," 30 August 2022

Michael Posner, Forbes, "Business and Human Rights: Looking Ahead To The Challenges Of 2022", 15 December 2021

Myles Corson and Tony Kilmas, Ernst and Young, "How the CFO can balance competing demands and drive future growth", 3 November 2020

Novisto, "Navigating Climate Data Disclosure", 2022

Novisto, "XBRL is coming to corporate sustainability reporting", 17 April 2022

"Official Journal of the European Union, Regulation (EU) 2019/2088 of the European Parliament and of the Council of 27 November 2019 on sustainability-related disclosures in the financial services sector", 9 December 2019

Osler, "ESG and the future of sustainability", Podcast, 01 June 2022

Osler, "The Rapidly Evolving World of ESG Disclosure: ISSB draft standards for sustainability and climate related disclosures", 19 May 2022

Sarwar Choudhury and Zach Johnston, Ernst and Young "Preparing for Sox-Like ESG Regulation", 7 June 2022

Securities and Exchange Commission, "The Enhancement and Standardization of Climate-related Disclosures for Investors", 12 May 2022

"Securities and Exchange Commission, SEC Proposes Rules on Cybersecurity, Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, 9 May 2022

Sean Brown and Robin Nuttall, McKinsey & Company, "The role of ESG and purpose", 4 January 2022

Statement by Chair Gary Gensler, "Statement on ESG Disclosure Proposal", 25 May 2022

Svetlana Zenkin and Peter Hennig, Forbes, "Managing Supply Chain Risk, Reap ESG Rewards", 22 June 2022

Task Force on Climate Related Financial Disclosures, "Final Report, Recommendations of the Task Force on Climate-related Financial Disclosures", June 2017

World Economic Forum, "Why sustainable governance and corporate integrity are crucial for ESG", 29 July 2022

World Economic Forum (in collaboration with PwC) "How to Set Up Effective Climate Governance on Corporate Boards, Guiding Principles and questions", January 2019

World Economic Forum, "Defining the "G" in ESG Governance Factors at the Heart of Sustainable Business", June 2022

World Economic Forum, "The Risk and Role of the Chief Integrity Officer: Leadership Imperatives in and ESG-Driven World", December 2021

World Economic Forum, "How to Set Up Effective Climate Governance on Corporate Boards Guiding principles and questions", January 2019

Zurich Insurance, "ESG and the new mandate for corporate governance", 2022

Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

Table of Contents

Make Your IT Governance Adaptable

Governance isn't optional, so keep it simple and make it flexible.

EXECUTIVE BRIEF

Analyst Perspective

Governance will always be part of the fabric of your organization. Make it adaptable so it doesn’t constrain your success.

Far too often, the purpose of information and technology (I&T) governance is misunderstood. Instead of being seen as a way to align the organization’s vision to its investment in information and technology, it has become so synonymous with compliance and control that even mentioning the word “governance” elicits a negative reaction.

Success in modern digital organizations depends on their ability to adjust for velocity and uncertainty, requiring a dynamic and responsive approach to governance – one that is embedded and automated in your organization to enable new ways of working, innovation, and change.

Evolutionary theory describes adaptability as the way an organism adjusts to fit a new environment, or changes to its existing environment, to survive. Applied to organizations, adaptable governance is critical to the ability to survive and succeed.

If your governance doesn’t adjust to enable your changing business environment and customer needs, it will quickly become misaligned with your goals and drive you to failure.

It is critical that people build an approach to governance that is effective and relevant today while building in adaptability to keep it relevant tomorrow.

Valence Howden
Principal Research Director, Info-Tech Research Group

Executive Summary

Your Challenge

• People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
• Governance is delegated to people and practices that don’t have the ability or authority to make decisions.
• Decisions are made within committees that don’t meet frequently enough to support business velocity.
• It is difficult to allocate time and resources to build or execute governance effectively

Common Obstacles

• You are unable to clearly communicate how governance adds value to your organization.
• Your IT governance approach no longer aligns with or supports your organizational direction, goals, and work practices.
• Governance is seen and performed as a bureaucratic control-based exercise.
• Governance activities are not transparent.
• The governance committee gets too deeply involved with project deep dives and daily management, derailing its effectiveness and ability to produce value.

Info-Tech’s Approach

• Use Info-Tech’s IT governance models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.
• Adjust the model based on industry needs, your principles, regulatory requirements, and your future direction.
• Identify where to embed or automate decision making and compliance and what is required to do so effectively.
• Implement your governance model for success.

Info-Tech Insight

IT governance must be embedded and automated, where possible, to effectively meet the needs and velocity of digital organizations and modern practices and to drive success and value.

What is governance?

IT governance is a critical and embedded practice that ensures that information and technology investments, risks, and resources are aligned in the best interests of the organization and produce business value.

Effective governance ensures that the right technology investments are made at the right time to support and enable your organization’s mission, vision, and goals.

Why is this necessary?

• Governance is not simply a committee or an activity that you perform at a specific point in time; it is a critical and continuously active practice that drives the success of your organization. It is part of your organization’s DNA and is just as unique, with some attributes common to all (IT governance elements), some specific to your family (industry refinements), and some specific to you (individual organization).
• Your approach to governance needs to change over time in order to remain relevant and continue to enable value and success, but organizations rarely want to change governance once it’s in place.
• To meet the speed and flow of practices like Lean, DevOps, and Agile, your IT governance needs to be done differently and become embedded into the way your organization works. You must adjust your governance model based on key moments of change – organizational triggers – to maintain the effectiveness of your model.

Info-Tech Insight

Build an optimal model quickly and implement the core elements using an iterative approach to ensure the changes provide the most value.

The Technology Value Trinity

Delivery of Business Value & Strategic Needs

• DIGITAL & TECHNOLOGY STRATEGY
  The identification of objectives and initiatives necessary to achieve business goals.
• IT OPERATING MODEL
  The model for how IT is organized to deliver on business needs and strategies.
• INFORMATION & TECHNOLOGY GOVERNANCE
  The governance to ensure the organization and its customers get maximum value from the use of information and technology.

All three elements of the Technology Value Trinity work in harmony to deliver business value and meet strategic needs. As one changes, the others need to change as well.

• Digital and IT Strategy tells you what you need to achieve to be successful.
• IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
• Information & Technology Governance is the confirmation that IT’s goals and strategy align with the business’ strategy. It is the mechanism by which you continuously prioritize work to ensure that what you deliver is in line with the strategy. This oversight involves evaluating, directing, and monitoring the delivery of outcomes to ensure that the use of resources results in achieving the organization’s goals.

Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest rather than on what is in the best interest of the organization.

Where information & technology governance fits within an organization

I&T governance hasn’t achieved its purpose

Governance is the means by which IT ensures that information and technology delivery and spend is aligned to business goals and delivers business outcomes. However, most CEOs continue to perceive IT as being poorly aligned to the business’ strategic goals, which indicates that governance is not implemented or executed properly.

For I&T governance to be effective you need a clear understanding of the things that drive your organization and its success. This understanding becomes your guiding star, which is critical for effective governance. It also requires participation by all parts of the organization, not just IT.

Info-Tech CIO/CEO Alignment Diagnostics (N=124)

43% of CEOs believe that business goals are going unsupported by IT.

60% of CEOs believe that improvement is required around IT’s understanding of business goals.

80% of CIOs/CEOs are misaligned on the target role for IT.

30% of business stakeholders are supporters (N=32,536) of their IT departments

Common causes of poor governance

Key causes of poor or misaligned governance

1. Governance and its value to your organization is not well understood, often being confused or integrated with more granular management activities.
2. Business executives fail to understand that IT governance is a function of the business and not the IT department.
3. Poor past experiences have made “governance” a bad word in the organization. People see it as a constraint and barrier that must be circumvented to get work done.
4. There is misalignment between accountability and authority throughout the organization, and the wrong people are involved in governance practices.
5. There is an unwillingness to change a governance approach that has served the organization well in the past, leading to challenges when the organization starts to change practices and speed of delivery.
6. There is a lack of data and data-related capabilities required to support good decision making and the automation of governance decisions.
7. The goals and strategy of the organization are not known or understood, leaving nothing for IT governance to orient around.

Key symptoms of ineffective governance committees

1. No actions or decisions are generated. The committee produces no value and makes no decisions after it meets. The lack of value output makes the usefulness of the committee questionable.
2. Resources are overallocated. There is a lack of clear understanding of capacity and value in work to be done, leading to consistent underestimation of required resources and poor resource allocation.
3. Decisions are changed outside of committee. Decisions made or initiatives approved by the committee are later changed when the proper decision makers are involved or the right information becomes available.
4. Governance decisions conflict with organizational direction. This shows an obvious lack of alignment and behavioral disconnect that work against organizational success. It is often due to not accounting for where power really exists within the structure.
5. Consistently poor outcomes are produced from governance direction. Committee members’ lack of business acumen, relevant data, or understanding of organizational goals results in decisions that fail to drive successful measured outcomes.

Mature your governance by transitioning from ad hoc to automated

Organizations should look to progress in their governance stages. Ad hoc and controlled governance practices tend to be more rigid, making these a poor fit for organizations requiring higher velocity delivery or using more agile and adaptive practices.

The goal as you progress through these stages is to delegate governance and empower teams based on your fit and culture, enabling teams where needed to make optimal decisions in real time, ensuring that they are aligned with the best interests of the organization.

Automate governance for optimal velocity while mitigating risks and driving value.

This puts your organization in the best position to be adaptive, able to react effectively to volatility and uncertainty.

Stages of governance

Make Governance Adaptable and Automated to Drive Success and Value

Governance adaptiveness ensures the success of digital organizations and modern practice implementation.

THE PROBLEM

• The wrong people are making decisions.
• Organizations don't understand what governance is or why it's done.
• Governance scope and design is a bad fit, damaging the organization.
• People think governance is optional.

THE SOLUTION

ESTABLISH YOUR GUIDING PRINCIPLES

Define and establish the guiding principle that drive your organization toward success.

• Mission & Vision
• Business Goals & Success Criteria
• Operating Model & Work Practices
• Governance Scope
• Principles

SELECT AND REFINE YOUR MODEL

Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

IDENTIFY MODEL UPDATE TRIGGERS

Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

• Principles
  Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
• Responsibilities
  Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
• Structure
  Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
• Processes
  Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
• Membership
  Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
• Policies
  Confirm any governing policies that need to be adhered to and considered to manage risk.

DETERMINE AUTOMATION OPTIONS AND DECISION RULES

Identify where to embed or automate decision making and compliance and what is required to do so effectively.

STAGES OF GOVERNANCE

Traditional (People- and document-centric)

1. AD HOC GOVERNANCE
   Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people or bodies.
2. CONTROLLED GOVERNANCE
   Governance focused on compliance and hierarchy-based, authority-driven control of decisions. Levels of Authority are defined and often driven by regulatory requirements.

Adaptive (Data Centric)

3. AGILE GOVERNANCE
   Governance that is flexible to support different needs and quick responses in the organization. Driven by principles and delegated throughout the company.
4. AUTOMATED GOVERNANCE
   Governance that is entrenched and automated into the organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival.

KEY INSIGHT

Governance must actively adapt to changes in your organization, environment, and practices or it will drive you to failure.

Developing governance principles

Governance principles support the move from controlled to automated governance by providing guardrails that guide your decisions. They provide the ethical boundaries and cultural perspectives that contextualize your decisions and keep you in line with organizational values. Determining principles are global in nature.

Find your guiding star

Your mission and vision define your goals and objectives. These are reinforced by your guiding principles, including ethical considerations, your culture, and expected behaviors. They provide the boundaries and guardrails for enabling adaptive governance, ensuring you continue to move in the right direction for organizational success.

To paraphrase Lewis Carroll, “If you don't know where you want to get to, it doesn't much matter which way you go.” Once you know what matters, where value resides, and which considerations are necessary to make decisions, you have consistent directional alignment that allows you to delegate empowered governance throughout the organization, taking you to the places you want to go.

Understand governance versus management

Don’t blur the lines between governance and management; each has a unique role to play. Confusing them results in wasted time and confusion around ownership.

Governance I&T governance defines WHAT should be done and sets direction through prioritization and decision making, monitoring overall IT performance. Governance aligns with the mission and vision of the organization to guide IT.

Management Management focuses on HOW to do things to achieve the WHAT. It is responsible for executing on, operating, and monitoring activities as determined by I&T governance. Management makes decisions for implementation based on governance direction.

Data is critical to automating governance

Documents and subjective/non-transparent decisions do not create sufficient structure to allow for the true automation of governance. Data related to decisions and aggregated risk allow you to define decision logic and rules and algorithmically embed them into your organization.

People- and Document-Centric

Governance drives activities through specific actors (individuals/committees) and unstructured data in processes and documents that are manually executed, assessed, and revised. There are often constraints caused by gaps or lack of adequate and integrated information in support of good decisions.

Data-Centric

Governance actors provide principles, parameters, and decision logic that enable the creation of code, rulesets, and algorithms that leverage organizational data. Attestation is automatic – validated and managed within the process, product, or service.

Info-Tech’s Approach

Define your context and build your model

ESTABLISH YOUR GUIDING PRINCIPLES

Define and establish the guiding principle that drive your organization toward success.

• Mission & Vision
• Business Goals & Success Criteria
• Operating Model & Work Practices
• Governance Scope
• Principles

SELECT AND REFINE YOUR MODEL

Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

MODEL UPDATE TRIGGERS

Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

• Principles
  Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
• Responsibilities
  Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
• Structure
  Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
• Processes
  Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
• Membership
  Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
• Policies
  Confirm any governing policies that need to be adhered to and considered to manage risk.

AUTOMATION OPTIONS AND DECISION RULES

Identify where to embed or automate decision making and compliance and what is required to do so effectively.

The Info-Tech Difference

Define your context and build your model

1. Quickly identify the organizational needs driving governance and your guiding star.
2. Select and refine a base governance model based on our templates.
3. Define and document the key changes in your organization that will trigger a need to update or revise your governance.
4. Determine where you might be able to automate aspects of your governance.
5. Design your decision rules where appropriate to support automated and adaptive governance.

How to use this research

Where are you in your governance optimization journey?

Related Research:

If you are looking for details on specific associated practices, please see our related research:

1. I need to establish data governance.
2. I need to manage my project portfolio, from intake to confirmation of value.
3. I need better risk information to support decision making.
4. I need to ensure I am getting the expected outcomes and benefits from IT spend.
5. I need to prioritize my product backlog or service portfolio.

Info-Tech’s methodology for building and embedding adaptive governance

Insight summary

Value

To remain valuable, I&T governance must actively adapt to changes in your organization, environment, and practices, or it will drive you to failure instead of success.

Focus

I&T governance does not focus on the IT department. Rather, its intent is to ensure your organization makes sound decisions around investment in and use of information and technology.

Maturity

Your governance approach progresses in stages from ad hoc to automated as your organization matures. Your stage depends on your organizational needs and ways of working.

Good governance

Good governance does not equate to control and does not stifle innovation.

Automation

Automating governance must be done in stages, based on your capabilities, level of maturity, and amount of usable data.

Strategy

Establish the least amount of governance required to allow you to achieve your goals.

Guiding star

If you don’t establish a guiding star to align the different stakeholders in your organization, governance practices will create conflict and confusion.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Blueprint benefits

IT Benefits

• Stronger, traceable alignment of IT decisions and initiatives to business needs.
• Improved ability for IT to meet the changing demands and velocity of the business.
• Better support and enablement of innovation – removing constraints and barriers.
• Optimized governance that supports and enables modern work practices.
• Increased value generation from IT initiatives and optimal use of IT resources.
• Designed adaptability to ensure you remain in alignment as your business and IT environments change.

Business Benefits

• Clear transparent focus of IT initiatives on generating strategic business value.
• Improved ability to measure the value and contribution of IT to business goals.
• Alignment and integration of business/IT strategy.
• Optimized development and use of IT capabilities to meet business needs.
• Improved integration with corporate/enterprise governance.

Executive Brief Case Study

INDUSTRY Manufacturing
SOURCE Info-Tech analyst experience

Improving the governance approach and delegating decision making to support a change in business operation

Challenge

The large, multi-national organization has locations across the world but has two primary headquarters, in Europe and the United States.

Market shifts drove an organizational shift in strategy, leading to a change in operating models, a product focus, and new work approaches across the organization.

Much of the implementation and execution was done in isolation, and effectiveness was slowed by poor integration and conflicting activities that worked against each other.

The product owner role was not well defined.

Solution

After reviewing the organization’s challenges and governance approach, we redefined and realigned its organizational and regional goals and identified outcomes that needed to be driven into their strategies.

We also reviewed their span of control and integration requirements and properly defined decisions that could be made regionally versus globally, so that decisions could be made to support new work practices.

We defined the product and service owner roles and the decisions each needed to make.

Results

We saw an improvement in the alignment of organizational activities and the right people and bodies making decisions.

Work and practices were aimed at the same key outcomes and alignment between teams toward organizational goal improved.

Within one year, the success rate of the organization’s initiatives increased by 22%, and the percentage of product-related decisions made by product owners increased by 50%.

Info-Tech offers various levels of support to best suit your needs

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

What does a typical GI on this topic look like?

Phase 1: Identify Your Governance Needs

• Call #1: Confirm your organization’s mission and vision and review your strategy and goals.
• Call #2: Identify considerations and governance needs. Develop your guiding star and governing principles.

Phase 2: Select and Refine Your Model

• Call #3: Select your base model and optimize it to meet your governance needs.
• Call #4: Define your adjustment triggers and develop your implementation plan.

Phase 3: Embed and Automate

• Call #5: Identify decisions and standards you can automate and where to embed them.
• Call #6: Confirm levels of authority and data requirements. Establish your approach and update the implementation plan.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com1-888-670-8889

Make Your IT Governance Adaptable

Phase 1

Identify your Governance Needs

This phase will walk you through the following activities:

Identify the organization’s goals, mission, and vision that will guide governance.

Define the scope of your governance model and the principles that will guide how it works.

Account for organizational attitudes, behaviors, and culture related to governance and finalize your context.

This phase involves the following participants:

• Senior IT leadership
• Governance leads

Step 1.1

Define Your Guiding Star

Activities

• 1.1.1 Document and interpret your strategy, mission, and vision
• 1.1.2 Document and interpret the business and IT goals and outcomes
• 1.1.3 Identify your operating model and work processes

This step will walk you through the following activities:

Review your business and IT strategy, mission, and vision to ensure understanding of organizational direction.

Identify the business and IT goals that governance needs to align.

Confirm your operating model and any work practices that need to be accounted for in your model.

This step involves the following participants:

• Senior IT leadership
• Governance leads

Outcomes of this step

Identified guiding star outcomes to align governance outcomes with

Defined operating model type and work style that impact governance design

Identify Your Governance Needs

Govern by intent

Find the balance for your designed governance approach

Organic governance occurs during the formation of an organization and shifts with challenges, but it is rarely transparent and understood. It changes your culture in uncontrolled ways.	Intentional governance is triggered by changes in organizational needs, working approaches, goals, and structures. It is deliberate and changes your culture to enable success.

Info-Tech Insight

Your approach to governance needs to be designed, even if your execution of governance is adaptable and delegated.

What is your guiding star?

Your guiding star is a combination of your organization’s mission, vision, and strategy and the goals that have been defined to meet them.

It provides you with a consistent focal point around which I&T-related activities and projects orbit, like planets around a star.

It generates the gravity that governance uses to keep things from straying too far away from the goal of achieving relevant value.

1. Mission & Vision
2. Business Goals & Success Criteria
3. Operating Model & Work Practices
4. Governance Scope
5. Principles

1.1.1 Document and interpret your strategy, mission, and vision

Input: Business strategy, IT strategy, Mission and vision statements

Output: Updated Governance Workbook, Documented strategic outcomes and organizational aims that governance needs to achieve

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

1. Gather your available business, digital, and IT strategy, mission, and vision information and document everything in your Governance Workbook. It’s ok if you don’t have all of it.
2. Review and your mission and vision as a group. Discuss and document key points, including:
   • Which activities do you perform as an organization that embody your vision?
   • What key decisions and behaviors are required to ensure that your mission and vision are achievable?
   • What do you require from leadership to enable you to govern effectively?
   • What are the implications of the mission and vision on how the organization needs to work? What are the implications on decisions around opportunities and risks?

Download the Governance Workbook

1.1.2 Document and interpret the business and IT goals and outcomes

60 minutes

Input: Business strategy, Business and IT goals and related initiatives

Output: Required success outcomes for goals, Links between IT and business goals that governance needs to align

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Document the business and IT goals that have been created to achieve the mission and vision.
2. Discuss if there are any gaps between the goals and the mission and vision. Ask yourself – if we accomplish these goals will we have successfully achieved the mission?
3. For each goal, define what successful achievement of the goal looks like. Starting with one goal or objective, ask:
   • How would I know I am on the right path and how will I know I have gotten there?
   • How would I know if I am not on the right path and what does a bad result look like?
Document your success criteria.
4. Brainstorm some examples of decisions that support or constrain the achievement of your goals.
5. Repeat this exercise for your remaining goals.
6. As a group, map IT goals to business goals.

What is your operating model and why is it important?

An IT operating model is a visual representation of the way your IT organization needs to be designed and the capabilities it requires to deliver on the business mission, strategic objectives, and technological ambitions.

The model is critical in the optimization and alignment of the IT organization’s structure in order to deliver the capabilities required to achieve business goals. It is a key determinant of how governance needs to be designed and where it is implemented.

1.1.3 Identify your operating model and work practices

60 minutes

Input: Organizational structure, Operating model (if available)

Output: Confirmed operating approach, Defined work practices

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Identify the way your organization functions:
   • How do we currently operate? Are we centralized, decentralized or a hybrid? Are we focused on delivering products and services? Do we provide service ourselves or do we use vendors for delivery?
   • Can we achieve our mission, goals, and strategies, if we continue to operate this way? What would we have to change in how we operate to be successful in the future?
2. Identify your governance needs. Do we need to be more structured or more flexible to support our future ways of working?
   • If you operate in a more traditional way, consider whether you are implementing or moving toward more modern practices (e.g. Agile, DevOps, enterprise service management). Do you need to make more frequent but lower-risk decisions?
   • Is your organization ready to delegate governance culturally and in terms of business understanding? Is there enough available information to support adaptive decisions and actions?
3. Document your operating style, expected changes in work style, and cultural readiness. You will need to consider the implications on design.

Step 1.2

Define Scope and Principles

Activities

• 1.2.1 Determine the proper scope for your governance
• 1.2.2 Confirm your determining governing principles
• 1.2.3 Develop your specific governing principles

This step will walk you through the following activities:

Identify what is included and excluded within the scope of your governance.

Develop the determining and specific principles that provide guardrails for governance activities and decisions.

This step involves the following participants:

• Senior IT leadership
• Governance leads

Outcomes of this step

Documented governance scope and principles to apply

Identify Your Governance Needs

Define the context for governance

Based on the goals and principles you defined and the operating model you selected, confirm where oversight will be necessary and at what level. Focus on the necessity to expedite and clear barriers to the achievement of goals and on the ownership of risks and compliance. Some key considerations:

• Where in the organization will you need to decide on work that needs to be done?
• What type of work will you need to do?
• In what areas could there be conflicts in prioritization/resource allocation to address?
• Who is accountable for risks to the organization and its objectives?
• Where are your regional or business-unit-specific concerns that require focused local attention?
• Are we using more agile, rapid delivery methods to produce work?

Understand your governance scope

Your governance scope helps you define the boundaries of what your governance model and practices will cover. This includes key characteristics of your organization that impact what governance needs to address.

Sample Considerations

• Organizational Span
  • The geographical area the organization operates within. Regional laws and requirements will affect governance delegation and standards/policy development.
• Level of Regulation
  • Higher levels of regulation create more standards and controls for risk and compliance, impacting how authority can be delegated or automated.
• Sourcing Model
  • Changing technology sourcing introduces additional vendor governance requirements and may impact compliance and audit.
• Risk Posture
  • The appetite for risk organizationally, and in pockets, impacts the level of uncertainty you are willing to work within and impact decision-making authority positioning.
• Size
  • The size of your organization impacts the approach to governance, practice implementation, and delegation of authority.
• What Is Working Today?
  • Which elements of your current governance approach should be retained, and what are the biggest pain points that need to be addressed?

1.2.1 Determine the proper scope for your governance

60 minutes

Input: Context information from Activity 1.1, Scoping areas

Output: Defined scope and span of control

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Determine the scope/span of control required for your governance by:
   • Reviewing your key IT capabilities. Identify the ones where the responsibilities and decisions require oversight to ensure they meet the needs of the organization.
   • Identify what works well or poorly in your current governance approach.
   • Discuss and document the level and type of knowledge and business understanding required.
   • Identify and document any regulations, standards, or laws that apply to your organization/industry and how broadly they have to be applied.
   • Identify the organization’s risk appetite, where known, and areas where acceptable thresholds of risk have been defined. Where are key risk and opportunity decisions made? Who owns risk in your organization?
   • Identify and document the perceived role of the IT group in your organization (e.g. support, innovator, partner) and sourcing model (e.g. insource, outsource).
   • Is there sufficient information and data available in your organization to support effective decision making?

How should your governance be structured?

Organizations often have too many governance bodies, creating friction without value. Where that isn’t the case, the bodies are often inefficient, with gaps or overlaps in accountability and authority. Structure your governance to optimize its effectiveness, designing with the intent to have the fewest number of governing bodies to be effective, but no less than is necessary.

Start with your operating model.

• Understand what’s different about your governance based on whether your organization in centralized, distributed, or a different model (e.g. hybrid, product).
• Identify and include governance structures that are mandatory due to regulation or industry.
• Based on your context, identify how many of your governance activities should be performed together.

Determine whether your governance should be controlled or adaptive.

• Do you have the capability to distribute governance and is your organization empowered enough culturally?
• Do you have sufficient standards and data to leverage? Do you have the tools and capabilities?
• Identify governance structures that are required due to regulation or industry.

Info-Tech Insight

Your approach to governance needs to be designed and structured, even if your execution of governance is adaptable and delegated.

Identify and Refine your Principles

Confirm your defining principles based on your selection of controlled or adaptive governance. Create specific principles to clarify boundaries or provide specific guidance for teams within the organization.

Determining Principle: Delegate and empower.

Specific Principle: Decisions should be made at the lowest reasonable level of the organization with clarity.

Rationale: To govern effectively with the velocity required to address business needs, governance needs to be executed deeper into the organization and organizational goals need to be clearly understood everywhere.

Implication: Decision making needs to be delegated throughout the organization, so information and data requirements need to be identified, decision-making approach and principles need to be shared, and authority needs to be delegated clearly.

1.2.2 Confirm your determining governance principles

30-45 minutes

Input: Governance Framework Model– Governance Principles

Output: Governance workbook - Finalized list of determining principles

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

1. Review the IT governance principles in your Governance Workbook.
2. Within your IT senior leadership team (or IT governance working group) assign one or two principles to teams of two to three participants. Have each team identify what this would mean for your organization. Answering the questions:
   • In what ways do our current governance practices support this?
   • What are some examples of changes that would need to be made to make this a reality?
   • How would applying this principle improve your governance?
3. Have each team present their results and compile the findings and implications in the Governance Workbook to use for future communication of the change.

Specific governing principles

Specific governing principles are refined principles derived from a determining principle, when additional specificity and detail is necessary. It allows you to define an approach for specific behaviors and activities. Multiple specific principles may underpin the determining one.

Specific Principles – Related principles that may be required to ensure the implications of the determining principal are addressed within the organization. They may be specific to individual areas and may be addressed in policies. Implications – The implications of this principle on the organization, specific to how and where governance is executed and the level of information and authority that would be necessary. Rationale – The reason(s) driving the determining principle. Determining Principle – A core overarching principle – a defining aspect of your governance model.

1.2.3 Develop your specific governing principles

30 minutes

Input: Updated determining principles

Output: List of specific principles linked to determining principles

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

1. Confirm the determining principles for your governance model based on your previous discussions.
2. Identify where to apply the principles. This is based on:
   1. Your governance scope (how much is within your span of control)
   2. The amount of data you have available
   3. Your cultural readiness for delegation
3. Create specific principles to support the determining principles:
   1. Document the rationale driving the determining principles.
   2. Identify the implications.
   3. Create specific principles that will support the success in achieving the goals of each determining principle.
4. Document all information on the “Governance guiding star” slide in the Governance Workbook.

Download the Governance Workbook

Step 1.3

Adjust for Culture and Finalize Context

Activities

• 1.3.1 Identify and address the impact of attitude, behavior, and culture
• 1.3.2 Finalize your context

This step will walk you through the following activities:

Identify your organizational attitude, behavior, and culture related to governance.

Identify positives that can be leveraged and develop means to address negatives.

Finalize the context that your model will leverage and align to.

This step involves the following participants:

• Senior IT leadership
• Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Identify Your Governance Needs

Understanding attitude, behavior, and culture

What people think and feel. It can be seen in their demeanor and how they react to change initiatives, colleagues, and users. This manifests in the belief that governance is a constraint that needs to be avoided or ignored – often with unintended consequences.

New Results'.">

Any form of organizational change involves adjusting people’s attitudes to create buy-in and commitment.

You need to identify and address attitudes that can lead to negative behaviors and actions or that are counter-productive.

Understanding attitude, behavior, and culture

What people do. This is influenced by attitude and the culture of the organization. In governance, this manifests as people’s willingness to be governed, who pushes back, and who tries to bypass it.

To implement change within IT, especially at a tactical and strategic level, organizational behavior needs to change.

This is relevant because people gravitate toward stability and will resist change in an active or passive way unless you can sell the need, value, and benefit of changing their behavior and way of working.

Understanding attitude, behavior, and culture

The accepted and understood ways of working in an organization. The values and standards that people find normal and what would be tacitly identified to new resources. In governance terms, this is how decisions are really made and where responsibility really exists rather than what is identified formally.

The impact of the organizational or corporate “attitude” on employee behavior and attitude is often not fully understood.

Culture is an invisible element, which makes it difficult to identify, but it has a strong impact and must be addressed to successfully embed governance models. In the case of automating governance, cultural readiness for automation is a critical success factor.

1.3.1 Identify and address the impact of attitude, behavior, and culture

45 minutes

Input: Senior leadership knowledge

Output: Updated Governance Workbook

Materials: Governance Workbook

Participants: IT senior leadership

1. Break into three groups. Each group will discuss and document the positive and negative aspects of one of attitude, behavior, or culture related to governance in your organization.
2. Each group will present and explain their list to the group.
3. Add any additional suggestions in each area that are identified by the other groups.
4. Identify the positive elements of attitude, behavior, and culture that would help with changing or implementing your updated governance model.
5. Identify any challenges that will need to be addressed for the change to be successful.
6. As a group, brainstorm some mitigations or solutions to these challenges. Document them in the Governance Workbook to be incorporated into the implementation plan.

Download the Governance Workbook

Attitude, behavior, and culture

Evaluate the organization across the three contexts. The positive items represent opportunities for leveraging these characteristics with the implementation of the governance model, while the negative items must be considered and/or mitigated.

1.3.2 Finalize your governance context

30 minutes

Input: Documented governance principles and scope from previous exercises

Output: Finalized governance context in the Governance Workbook

Materials: Whiteboard/flip charts, Governance Workbook

Participants: IT senior leadership

1. Use the information that has been gathered throughout this section to update and finalize your IT governance context.
2. Document it in your Governance Workbook.

Download the Governance Workbook

Make Your IT Governance Adaptable

Phase 2

Select and Refine Your Governance Model

This phase will walk you through the following activities:

Select a base governance model and refine it to suit your organization.

Identify scenarios and changes that will trigger updates to your governance model.

Build your implementation plan.

This phase involves the following participants:

• Senior IT leadership
• Governance resources

Step 2.1

Choose and Adapt Your Model

Activities

• 2.1.1 Choose your base governance model
• 2.1.2 Confirm and adjust the structure of your model
• 2.1.3 Define the governance responsibilities
• 2.1.4 Validate the governance mandates and membership
• 2.1.5 Update your committee processes
• 2.1.6 Adjust your associated policies
• 2.1.7 Adjust and confirm your governance model

This step will walk you through the following activities:

Review and selecting your base governance model.

Adjust the structure, responsibilities, policies, mandate, and membership to best support your organization.

This step involves the following participants:

• Senior IT leadership
• Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Select and Refine Your Governance Model

Your governance framework has six key components

GOVERNANCE FRAMEWORK

• GUIDELINES
  The key behavioral factors that ground your governance framework
• MEMBERSHIP
  Formalization of who has authority and accountability to make specific governance decisions
• RESPONSIBILITIES
  The definition of which decisions and outcomes your governance structure and each governance body is accountable for
• STRUCTURE
  Which governance bodies and roles are in place to articulate where decisions are made in the organization
• PROCESS
  Identification of the how your governance will be executed, how decisions are made, and the inputs, outputs, and connections to related processes
• POLICY
  Set of principles established to address risk and drive expected and required behavior

4 layers of governance bodies

There are traditionally 4 layers of governance in an enterprise, and organizations have governing bodies or individuals at each level

2.1.1 Choose your base governance model

30 minutes

Input: Governance models templates

Output: Selected governance model

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Download Info-Tech’s base governance models (Controlled Governance Models Template and IT Governance Program Overview) and review them to find a template that most closely matches your context from Phase 1. You can start with a centralized, decentralized, or product/service hybrid IT organization. Remove unneeded models.
2. If you do not have documented governance today, start with a controlled model as your foundation. Continue working through this phase if you have a documented governance framework you wish to optimize using our best practices or move to Phase 3 if you are looking to automate or embed your governance activities.

Controlled Governance Models Template

Adaptive Governance Models Template

2.1.2 Confirm and adjust the structure of your model

30-45 minutes

Input: Selected base governance model, Governance context/scope

Output: Updated governance bodies and relationships

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Validate your selected governance body structural model.
   • Are there any governing bodies you must maintain that should replace the ones listed? In part or in full?
   • Are there any missing bodies? Look at alternative committees for examples.
   • Document the adjustments.
2. Are there any governing bodies that are not required?
   • Based on your size and needs, can they be done within one committee?
   • Is the capability or data not in place to perform the work?
   • Document the required changes.

There are five key areas of governance responsibility

STRATEGIC ALIGNMENT Ensures that technology investments and portfolios are aligned with the organization’s needs. VALUE DELIVERY Reviews the outcomes of technology investments and portfolios to ensure benefits realization. RISK MANAGEMENT Defines and owns the risk thresholds and register to ensure that decisions made are in line with the posture of the organization.

RESOURCE MANAGEMENT Ensures that people, financial knowledge, and technology resources are appropriately allocated across the organization. PERFORMANCE MEASUREMENT Monitors and directs the performance or technology investments to determine corrective actions and understand successes.

2.1.3 Define the governance responsibilities

Ensure you have the right responsibilities in the right place

45-60 minutes

Input: Selected governance base model, Governance context

Output: Updated responsibilities and activities, Updated activities for selected governance bodies, New or removed governing bodies

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Based on your context and model, review the responsibilities identified for each committee and confirm that they align with the mandate and the stated outcome.
2. Identify and highlight any responsibilities and activities that would not be involved in informing and enabling the mandate of the committee.
3. Adjust the wording of confirmed responsibilities and activities to reflect your organizational language.
4. Review each highlighted “bad fit” activity and move it to a committee whose mandate it would support or remove it if it’s not performed in your organization.
5. If an additional committee is required, define the mandate and scope, then include any additional responsibilities that might have been a bad fit elsewhere

2.1.4 Validate the governance mandates and membership

30 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Adjusted mandates and refined committee membership

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Review the mandate and membership slides in your selected governance model.
2. Adjust the mandate to ensure that it aligns to and conveys:
   1. The outcome that the committee is meant to generate for the organization.
   2. Its scope/span of control.
3. Discuss the type of information members would require for the committee to be successful in achieving its mandate.
4. Document the member knowledge requirement in the mandate slide of the model template.

Determine the right membership for your governance

One of the biggest benefits of governance committees is the perspective provided by people from various parts of the organization, which helps to ensure technology investments are aligned with strategic goals. However, having too many people – or the wrong people – involved prevents the committee from being effective. Avoid this by following these principles.

Three principles for selecting committee membership

1. Determine membership based on responsibilities and required knowledge.
   Organizations often make the mistake of creating committees and selecting members before defining what they will do. This results in poor governance because members don’t have the knowledge required to make decisions. Define the mandate of the committee to determine which members are the right fit.
2. Ensure members are accountable and authorized to make the decisions.
   Effective governance requires the members to have the authority and accountability to make decisions. This ensures meetings achieve their outcome and produce value, which improves the committee’s chances of survival.
3. Select leaders who see the big picture.
   Often committee decisions and responsibilities become tangled in the web of organizational politics. Include people, often C-level, whose attendance is critical and who have the requisite knowledge, mindset, and understanding to put business needs ahead of their own.

2.1.5 Update your committee processes

20 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Updated committee processes

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Review the committee details based on the changes you have made in goals, mandate, and responsibilities.
2. Identify and document changes required to the committee outputs (outcomes) and adjust the consumer of the outputs to match.
3. Review the high-level process steps required to get to the modified output. Add required activities or remove unnecessary ones. Review the process flow. Does it make sense? Are there unnecessary steps?
4. Review and update inputs required for the process steps and update the information/data sources.
5. Adjust the detailed process steps to reflect the work that needs to be done to support each high-level process step that changed.

2.1.6 Adjust your associated policies

20 minutes

Input: Selected governance base model, Updated structure and responsibilities

Output: Adjusted mandates and refined committee membership

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Review the policies associated with the governing bodies in your base model. Identify the policies that apply to your organization, those that are missing, and those that are not necessary.
2. Confirm the policies that you require.
3. Make sure the policies and policy purposes (or risks and related behaviors the policy addresses) are matched to the governance committee that has responsibilities in that area. Move policies to the right committee.

2.1.7 Adjust and confirm your governance model

1. Confirm the adjustment of governance bodies, structure, and input/output linkages.
2. Confirm revisions to decisions and responsibilities.
3. Confirm policy and regulation/standards associations.
4. Select related governance committee charters from the provided set and revise the charters to reflect the elements defined in your updated model.
5. Finalize your governance model.

Step 2.2

Identify and Document Your Governance Triggers

Activities

• 2.2.1 Identify and document update triggers
• 2.2.2 Embed triggers into the review cycle

This step will walk you through the following activities:

Identify scenarios that will create a need to review or change your governance model.

Update your review/update approach to receiving trigger notifications.

This step involves the following participants:

• Senior IT leadership
• Governance leads

Outcomes of this step

Downloaded tool ready to select the base governance model for your organization

Select and Refine Your Governance Model

What are governance triggers

Governance triggers are organizational or environmental changes within or around an organization that are inflection points that start the review and revision of governance models to maintain their fit with the organization. This is the key to adaptive governance design.

2.2.1 Identify and document update triggers

30 minutes

Input: Governance Workbook

Output: Updated workbook with defined and documented governance triggers, points of origin, and integration

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Open the Governance Workbook to the “Triggers” slides.
2. Review the list of governance triggers. Retain the ones that apply to your organization, remove those you feel are unnecessary, and add any change scenarios you feel should be included.
3. Identify where you would receive notifications of these changes and the related processes or activities that would generate these notifications, if applicable.
4. Document any points of integration required between governance processes and the source process. Highlight any where the integration is not currently in place.

2.2.2 Embed triggers into the review cycle

30 minutes

Input: Governance model

Output: Review cycle update

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. Identify which triggers impact the entire governance model and which impact specific committees.
2. Add an activity for triggered review of the impacted governance model into your governance committee process.

Step 2.3

Build Your Implementation Approach

Activities

• 2.3.1 Identify and document your implementation plan
• 2.3.2 Build your roadmap
• 2.3.3 Build your sunshine diagram

This step will walk you through the following activities:

Transfer changes to the Governance Implementation Plan Template.

Determine the timing for the implementation phases.

This step involves the following participants:

• Senior IT leadership
• Governance process owner

Outcomes of this step

Implementation plan for adaptive governance framework model

2.3.1 Identify and document your implementation plan

60 minutes

Input: Governance model, Guiding principles, Update triggers, Cultural factors and mitigations

Output: Implementation roadmap

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. As a group, discuss the changes required to implement the governance model, the cultural items that need to be addressed, and the anticipated timing.
2. Document the implementation activities and consolidate them into groupings/themes based on similarities or shared outcomes.
3. Name the grouped themes for clarity and identify key dependencies between activities in each area and across themes.
4. Identify and document your approach (e.g. continuous, phased) and high-level timeline for implementation.
5. Document the themes and initiatives in the Governance Implementation Plan.

Download the Governance Implementation Plan

Illustrate the implementation plan using roadmaps

Info-Tech recommends two different methods to roadmap the initiatives in your Governance Implementation Plan.

Gantt Chart This type of roadmap depicts themes, related initiatives, the associated goals, and exact start and end dates for each initiative. This diagram is useful for outlining a larger number of activities and initiatives and has an easily digestible and repeatable format.

Sunshine Diagram This type of roadmap depicts themes and their associated initiatives. The start and end dates for the initiatives are approximated based on years or phases. This diagram is useful for highlighting key initiatives on one page.

2.3.2 Build your roadmap

Input: Governance themes and initiatives

Output: roadmap visual

Materials: Governance Roadmap Workbook, Governance Workbook

Participants: CIO, IT senior leadership

1. Open the Governance Implementation Plan and review themes and initiatives.
2. Open the Governance Roadmap Workbook.
3. Discuss whether the implementation roadmap should be developed as a Gantt chart, a sunshine diagram, or both.
   For the Gantt chart:
   • Input the roadmap start year and date.
   • Change the months and year in the Gantt chart to reflect the same roadmap start year.
   • Input and populate the planned start and end dates for the list of high-priority initiatives.

Develop your Gantt chart in the Governance Roadmap Workbook

2.3.3 Build your sunshine diagram

30 minutes

Input: Governance themes and initiatives

Output: Sunshine diagram visual

Materials: Whiteboard/flip charts, Markers, Governance Implementation Plan

Participants: CIO, IT senior leadership

1. Review your list of themes and initiatives.
2. Build a model with “rays” radiating out from a central theme or objective.
3. Using curved arcs, break the grid into timeline periods or phases.
4. Complete your sunshine diagram in the Governance Implementation Plan.

Customize your sunshine diagram in the Governance Implementation Plan

Make Your IT Governance Adaptable

Phase 3

Embed and Automate

This phase will walk you through the following activities:

Identify which decisions you are ready to automate.

Identify standards and policies that can be embedded and automated.

Identify integration points.

Confirm data requirements to enable success.

This phase involves the following participants:

• IT senior leadership
• Governance process owner
• Product and service owners
• Policy owners

Step 3.1

Identify Decisions to Embed and Automate

Activities

• 3.1.1 Review governance decisions and standards and the required level of authority
• 3.1.2 Build your decision logic
• 3.1.3 identify constraints and mitigation approaches
• 3.1.4 Develop decision rules and principles

This step will walk you through the following activities:

Identify your key decisions.

Develop your decision logic.

Confirm decisions that could be automated.

Identify and address constraints.

Develop decision rules and principles.

This step involves the following participants:

• IT senior leadership

Outcomes of this step

Developed decision rules, rulesets, and principles that can be leveraged to automate governance

Defined integration points

Embed and Automate

What is decision automation?

Decision automation is the codifying of rules that connect the logic of how decisions are made with the data required to make those decisions. This is then embedded and automated into processes and the design of products and services.

• It is well suited to governance where the same types of decisions are made on a recurring basis, using the same set of data. It requires clean, high-quality data to be effective.
• Improvements in artificial intelligence (AI) and machine learning (ML) have allowed the creation of scenarios where a hybrid of rules and learning can improve decision outcomes.

Key Considerations

• Data Availability
• Legality
• Contingencies
• Decision Transparency
• Data Quality
• Auditability

How complexity impacts decisions

Decision complexity impacts the type of rule(s) you create and the amount of data required. It also helps define where or if decisions can be automated.

1. SIMPLE
   Known and repeatable with consistent and familiar outcomes – structured, causal, and easy to standardize and automate.
2. COMPLICATED
   Less known and outcomes are not consistently repeatable. Expertise can drive standards and guidelines that can be used to automate decisions.
3. COMPLEX
   Unknown and new, highly uncertain in terms of outcomes, impact, and data. Requires more exploration and data. Difficult to automate but can be built into the design of products and services.
4. CHAOTIC
   Unstructured and unknown situation. Requires adaptive and immediate action without active data – requires retained human governance
(Based on Dave Snowden’s Cynefin framework)

Governance Automation Criteria Checklist

The Governance Automation Criteria Checklist provides a view of key considerations for determining whether a governing activity or decision is a good candidate for automation.

The criteria identify key qualifiers/disqualifiers to make it easier to identify eligibility.

Download the Governance Automation Criteria Checklist

Governance Automation Worksheet

The Governance Automation Worksheet provides a way to document your governance and systematically identify information about the decisions to help determine if automation is possible.

From there, decision rules, logic, and rulesets can be designed in support of building a structure flow to allow for automation.

Download the Governance Automation Worksheet

3.1.1 Review governance decisions and standards and the required level of authority

30 minutes

Input: Automation Criteria Checklist, Governance Automation Worksheet, Updated governance model

Output: Documented decisions and related authority, Selected options for automation, Updated Governance Automation Worksheet

Materials: Whiteboard/flip charts, Governance Automation Worksheet

Participants: IT senior leadership

1. Identify the decisions that are made within each committee in your updated governance model and document them in the Governance Automation Worksheet.
2. Confirm the level of authority required to make each decision.
3. Review the automation checklist to confirm whether each decision is positioned well for automation.
4. Select and document the decisions that are the strongest options for automation/embedding and document them in the Governance Automation Worksheet.

What are decision rules?

Decision rules provide specific instructions and constraints that must be considered in making decisions and are critical for automating governance.

They provide the logical path to assess governance inputs to make effective decisions with positive business outputs.

Inputs would include key information such as known risks, your defined prioritization matrix, portfolio value scoring, and compliance controls.

Individual rules can be leveraged in different places.

Some decision rule types are listed here.

1. Statement Rules
   Natural expression of logical progression, written through logical elements
2. Decision Tree Rules
   Decision tree with two axes that overlap to generate a decision
3. Sequential Rules
   A sequence of decisions that move from one step to the next
4. Expression Rule
   A particular set of rules triggered by a particular rule condition being met
5. Truth table rules
   Combines many decision factors into one place; produces different outputs

What are decision rulesets

Rulesets are created to make complex decisions. Individual rule types are combined to create rulesets that are applied together to generate effective decisions. One rule will provide contextual information required for additional rules to execute in a Rule-Result-Rule-Result-Rule-Decision flow.

3.1.2 Build your decision logic

30 minutes

Input: Governance Automation Worksheet

Output: Documented decision logic to support selected decision types and data requirements

Materials: Whiteboard/flip charts

Participants: IT senior leadership

1. For each selected decision, identify the principles that drive the considerations around the decision.
2. For each decision, develop the decision logic by defining the steps and information inputs involved in making the decision and documenting the flow from beginning to end.
3. Determine whether this is one specific decision or a combination of different decisions (in sequence or based on decisions).
4. Name your decision rule.

3.1.3 Identify constraints and mitigation approaches

1. Document constraints to automation of decisions related to:
   • Availability of decision automation tools
   • Decision authority change requirements
   • Data constraints
   • Knowledge requirements
   • Process adjustment requirements
   • Product/service design levels
2. Brainstorm and identify approaches to mitigate constraints and score based on likelihood of success.
3. Identify mitigation owners and initial timeline expectations.
4. Document the constraints and mitigations in the Governance Workbook on the constraints and mitigations slide.

3.1.4 Develop decision rules and principles

1.5-2 hours

Input: Governance Automation Worksheet

Output: Defined decision integration points, Confirmed data availability sets, Decision rules, rulesets, and principles with control indicators

Materials: Whiteboard/flip charts, Governance Automation Worksheet

Participants: IT senior leadership

1. Review the decision logic for those decisions that you have confirmed for automation. Identify the processes where the decision should be executed.
2. Associate each decision with specific process steps or stages or how it would be included in software/product design.
3. For each selected decision, identify the availability of data required to support the decision logic and the level of complexity and apply governing principles.
4. Create the decision rules and identify data gaps.
5. Define the decision flow and create rulesets as needed.
6. Confirm automation requirements and define control indicators.

Step 3.2

Plan Validation and Verification

Activities

• 3.2.1 Define verification approach for embedded and automated governance
• 3.2.2 Define validation approach for embedded and automated governance

This step will walk you through the following activities:

Define how decision outcomes will be measured.

Determine how the effectiveness of automated governance will be reported.

This step involves the following participants:

• IT senior leadership

Outcomes of this step

Tested and verified automation of decisions

Embed and Automate

Decision rule relationship through to verification

3.2.1 Define verification approach for embedded and automated governance

60 minutes

Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

Output: A defined measurement of effective decision outcomes, Approach to automate and/or report the effectiveness of automated governance

Materials: Whiteboard/flip charts

Participants: IT senior leadership

Verify

1. Confirm expected outcome of rules.
2. Select a sampling of new required decisions or recently performed decisions related to areas of automation.
3. Run the decisions through the decision rules or rule groupings that were developed and compare to parallel decisions made using the traditional approach. (These must be segregated activities.)
4. Review the outcome of the rules and adjust based on the output. Identify areas of adjustment. Confirm that the automation meets your requirements.

3.2.2 Define validation approach for embedded and automated governance

60 minutes

Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

Output: Defined assurance and attestation requirements, Key control indicators that can be automated

Materials: Whiteboard/flip charts

Participants: IT senior leadership

Validate

1. Develop an approach to measure automated decisions. Align success criteria to current governance KPIs and metrics.
2. If no such metrics exist, define expected outcome. Define key risk indicators based on the expected points of automation.
3. Establish quality assurance checkpoints within the delivery lifecycles to adjust for variance.
4. Create triggers back to rule owners to drive changes and improvements to rules and rule groupings.

Step 3.3

Update Implementation Plan

Activities

• 3.3.1 Finalize the implementation plan

This step will walk you through the following activities:

Review implications and mitigations to make sure all have been considered.

Finalize the implementation plan and roadmap.

This step involves the following participants:

• Senior IT leadership

Outcomes of this step

Completed Governance implementation plan and roadmap

Embed and Automate

3.3.1 Finalize the implementation plan

30 minutes

Input: Governance workbook, Updated governance model, Draft implementation plan and roadmap

Output: Finalized implementation plan and roadmap

Materials: Whiteboard/flip charts, Governance Implementation Plan

Participants: IT senior leadership

1. Document automation activities within phases in a governance automation theme in the Governance Implementation Plan.
2. Review timelines in the implementation plan and where automation fits within the roadmap.
3. Updated the implementation plan and roadmap.

Governance Implementation Plan

Summary of Accomplishment

Problem Solved

Through this project we have:

• Improved your governance model to ensure a better fit for your organization, while creating adaptivity for the future.
• Ensured your governance operates as an enabler of success with the proper bodies and levels of authority established.
• Established triggers to ensure your governance model is actively adjusted to maintain its fit.
• Developed a plan to embed and automate governance.
• Created decision rules and principles and identified where to embed them within your practices.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Additional Support

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

Related Info-Tech Research

Improve IT Governance to Drive Business Results

Avoid bureaucracy and achieve alignment with a minimalist approach. Align with your organizational context.

Establish Data Governance

Establish data trust and accountability with strong governance.

Maximize Business Value From IT Through Benefits Realization

Embed value and alignment confirmation into your governance to ensure you optimize IT value achievement for resource spend.

Build a Better Product Owner

Strengthen the product/service owner role in your organization by focusing on core capabilities and proper alignment.

Research contributors and experts

Sidney Hodgson Senior Director, Industry Info-Tech Research Group Sidney has over 30 years of experience in IT leadership roles as CIO of three organizations in Canada and the US as well as international consulting experience in the US and Asia. Sid has a breadth of knowledge in IT governance, project management, strategic and operational planning, enterprise architecture, business process re-engineering, IT cost reduction, and IT turnaround management.

David Tomljenovic Principal Research Advisor, Industry Info-Tech Research Group David brings extensive experience from the Financial Services sector, having worked 25 years on Bay Street. Most recently he was a Corporate Finance and Strategy Advisor for Infiniti Labs (Toronto/Hong Kong), Automotive, and Smart City Accelerator, where he provided financial and mergers & acquisitions advisory services to accelerator participants with a focus on early-stage fundraising activities.

Research contributors and experts

Cole Cioran Practice Lead, Applications and Agile Development Info-Tech Research Group Over the past 25 years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.

Crystal Singh Research Director, Applications – Data and Information Management Info-Tech Research Group Crystal brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

Research contributors and experts

Carlene McCubbin Practice Lead, CIO Info-Tech Research Group Carlene covers key topics in organization and leadership and specializes in governance, organizational design, relationship management, and human capital development. She led the development of Info-Tech’s Organization and Leadership practice.

Denis Goulet Senior Workshop Director Info-Tech Research Group Denis is a transformational leader and experienced strategist who focuses on helping clients communicate, relate, and adapt for success. Having developed Governance Model and IT strategies in organizations ranging from small to billion-dollar multi-nationals, he firmly believes in a collaborative value-driven approach to work.

Bibliography

“2020 State of Data Governance and Automation Report.” Erwin.com, 28 Jan. 2020. Web.

“Adaptive IT Governance.” Google search, 15 Nov. 2020.

“Adaptive IT Governance Framework.” CIO Index, 3 Nov. 2011. Accessed 15 Nov. 2020.

“Agile Governance Made Easy.” Agilist, n.d. Accessed 15 Nov. 2020.

“Automating Governance — Our Work.” Humanising Machine Intelligence, n.d. Accessed 15 Nov. 2020.

“Automation – Decisions.” IBM, 2020. Accessed 15 Oct. 2020.

Chang, Charlotte. “Accelerating Agile through effective governance.” Medium, 22 Sept. 2020. Web.

“COBIT 5: Enabling Processes.” ISACA, 2012. Web. Oct. 2016.

COBIT 2019. ISACA, Dec. 2018. Web.

Curtis, Blake. “The Value of IT Governance.” ISACA, 29 June 2020. Accessed 15 Nov. 2020.

De Smet, Aaron. “Three Keys to Faster, Better Decisions.” McKinsey & Company, 1 May 2019. Accessed 15 Nov. 2020.

“Decision Rules and Decision Analysis.” Navex Global, 2020. Web.

“Decisions Automation with Business Rules Management Solution.” Sumerge, 4 Feb. 2020. Accessed 15 Nov. 2020.

“DevGovOps – Key factors for IT governance for enterprises in a DevOps world.” Capgemini, 27 Sept. 2019. Web.

Eisenstein, Lena. “IT Governance Checklist.” BoardEffect, 19 Feb. 2020. Accessed 15 Nov. 2020.

“Establishing Effective IT and Data Governance.” Chartered Professional Accountants Canada, n.d. Accessed 15 Nov. 2020.

Gandzeichuk, Ilya. “Augmented Analytics: From Decision Support To Intelligent Decision-Making.” Forbes, 8 Jan. 2020. Accessed 15 Nov. 2020.

Georgescu, Vlad. “What Is IT Governance? Understanding From First Principles.” Plutora, 18 Oct. 2019. Web.

Goodwin, Bill. “IT Governance in the Era of Shadow IT.” ComputerWeekly, 5 Aug. 2014. Accessed 15 Nov. 2020.

“Governance of IT, OT and IOT.” ISACA Journal, 2019. Web.

Gritsenko, Daria, and Matthew Wood. “Algorithmic Governance: A Modes of Governance Approach.” Regulation & Governance, 10 Nov. 2020. Web.

Hansert, Philipp. “Adaptive IT Governance with Clausmark’s Bee4IT.” Bee360, 25 Oct. 2019. Accessed 15 Nov. 2020.

Havelock, Kylie. “What Does Good Product Governance Look Like?” Medium. 8 Jan. 2020. Web.

Haven, Dolf van der. “Governance of IT with ISO 38500 - A More Detailed View” LinkedIn article, 24 Oct. 2016. Accessed 15 Nov. 2020.

Hong, Sounman, and Sanghyun Lee. “Adaptive Governance and Decentralization: Evidence from Regulation of the Sharing Economy in Multi-Level Governance.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 299–305. Web.

ISACA. “Monthly Seminar & Networking Dinner: CIO Dashboard.” Cvent, Feb. 2012. Accessed 15 Nov. 2020.

ISO/IEC 38500, ISO, 2018 and ongoing.

“IT Governance.” Kenway Consulting, n.d. Accessed 15 Nov. 2020.

“IT Governance in the Age of COVID 19.” Union of Arab Banks Webinar, 19-21 Oct. 2020. Accessed 15 Nov. 2020.

Jaffe, Dennis T. “Introducing the Seven Pillars of Governance.” Triple Pundit, 15 Nov. 2011. Accessed 15 Nov. 2020.

Janssen, Marijn, and Haiko van der Voort. “Agile and Adaptive Governance in Crisis Response: Lessons from the COVID-19 Pandemic.” International Journal of Information Management, vol. 55, December 2020. Web.

Jodya, Tiffany. “Automating Enterprise Governance within Delivery Pipelines.” Harness.io, 14 May 2020. Web.

Kumar, Sarvesh. “AI-Based Decision-Making Automation.” Singular Intelligence, 17 June 2019. Web.

“Lean IT Governance.” Disciplined Agile, n.d. Accessed 15 Nov. 2020.

Lerner, Mark. “Government Tech Projects Fail by Default. It Doesn’t Have to Be This Way.” Belfer Center for Science and International Affairs, 21 Oct. 2020. Accessed 15 Nov. 2020.

Levstek, Aleš, Tomaž Hovelja, and Andreja Pucihar. “IT Governance Mechanisms and Contingency Factors: Towards an Adaptive IT Governance Model.” Organizacija, vol. 51, no. 4, Nov. 2018. Web.

Maccani, Giovanni, et al. “An Emerging Typology of IT Governance Structural Mechanisms in Smart Cities.” Government Information Quarterly, vol. 37, no. 4, Oct. 2020. Web.

Magowan, Kirstie. “IT Governance vs IT Management: Mastering the Differences.” BMC Blogs, 18 May 2020. Accessed 15 Nov. 2020.

Mazmanian, Adam. “Is It Time to Rethink IT Governance? ” Washington Technology, 26 Oct. 2020. Accessed 15 Nov. 2020.

Mukherjee, Jayanto. “6 Components of an Automation (DevOps) Governance Model.” Sogeti, n.d. Accessed 15 Nov. 2020.

Ng, Cindy. “The Difference Between Data Governance and IT Governance.” Inside Out Security, updated 17 June 2020. Web.

Pearson, Garry. “Agile or Adaptive Governance Required?” Taking Care of the Present (blog), 30 Oct. 2020. Accessed 15 Nov. 2020.

Peregrine, Michael, et al. “The Long-Term Impact of the Pandemic on Corporate Governance.” Harvard Law School Forum on Corporate Governance, 16 July 2020. Web.

Raymond, Louis, et al. “Determinants and Outcomes of IT Governance in Manufacturing SMEs: A Strategic IT Management Perspective.” International Journal of Accounting Information Systems, vol. 35, December 2019. Web.

Rentrop, Christopher. “Adaptive IT Governance – Foundation of a Successful Digitalization.” Business IT Cooperation Coordination Controlling (blog). May 2, 2018. Web.

Schultz, Lisen, et al. “Adaptive Governance, Ecosystem Management, and Natural Capital.” Proceedings of the National Academy of Sciences, vol. 112, no. 24, 2015, pp. 7369–74. Web.

Selig, Gad J. Implementing IT Governance: A Practical Guide to Global Best Practices in IT Management. Van Haren Publishing, 2008. Accessed 15 Nov. 2020.

Sharma, Chiatan. “Rule Governance for Enterprise-Wide Adoption of Business Rules: Why Does a BRMS Implementation Need a Governance Framework?” Business Rules Journal, vol. 13, no. 4, April 2012. Accessed 15 Nov. 2020.

Smallwood, Robert. “Information Governance, IT Governance, Data Governance – What’s the Difference?” The Data Administration Newsletter, 3 June 2020. Accessed 15 Nov. 2020.

Snowden, Dave. "Cynefin – weaving sense-making into the fabric of our world", Cognitive Edge, 20 October 2020.

“The Place of IT Governance in the Enterprise Governance.” Institut de la Gouvernance des Systemes d’Information, 2005. Accessed 15 Nov. 2020.

Thomas, Mark. “Demystifying IT Governance Roles in a Dynamic Business Environment.” APMG International, 29 Oct. 2020. Webinar. Accessed 15 Nov. 2020.

“The Four Pillars of Governance Best Practice.” The Institute of Directors in New Zealand, 4 Nov. 2019. Web.

Wang, Cancan, Rony Medaglia, and Lei Zheng. “Towards a Typology of Adaptive Governance in the Digital Government Context: The Role of Decision-Making and Accountability.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 306–22.

Westland, Jason. “IT Governance: Definitions, Frameworks and Planning.” ProjectManager.com, 17 Dec. 2019. Web.

Wilkin, Carla L., and Jon Riddett. “IT Governance Challenges in a Large Not-for-Profit Healthcare Organization: The Role of Intranets.” Electronic Commerce Research vol. 9, no. 4, 2009, pp. 351-74. Web.

Zalnieriute, Monika, et al. “The Rule of Law and Automation of Government Decision Making.” Modern Law Review, 25 Feb. 2019. Web.

Accelerate Business Growth and Valuation By Building Brand Awareness

Develop and deploy comprehensive, multi-touchpoint brand awareness strategies to become the trusted brand that buyers think of first.

EXECUTIVE BRIEF

Analyst perspective

Building brand awareness

Achieving high brand awareness in a given market and becoming the benchmark for buyers

is what every brand wants to achieve, as it is a guarantee of success. Building brand awareness,

even though its immediate benefits are often difficult to see and measure, is essential for companies that want to stand out from their competitors and continue to grow in a sustainable way. The return on investment (ROI) may take longer, but the benefits are also greater than those achieved through short-term initiatives with the expectation of immediate, albeit often limited, results.

Brands that are familiar to their target market have greater credibility, generate more sales,

and have a more loyal customer base. CMOs that successfully execute brand awareness programs

build brand equity and grow company valuation.

Nathalie Vezina
Marketing Research Director
SoftwareReviews Advisory

Executive summary

Brand leaders know that brand awareness is essential to the success of all marketing and sales activities. Brands that fail to invest in brand awareness are likely to face some, if not all these problems:

• Lack of brand visibility and compelling storytelling.
• Inability to reach the target audience.
• Low engagement on digital platforms and with ads.
• Difficulties generating and converting leads, or closing/winning sales/deals, and facing a high cost per acquisition.
• Low/no interest or brand recognition, trust level, and customer retention rate.
• Inability to justify higher pricing.

Convincing stakeholders of the benefits of strong brand awareness can be difficult when the positive outcomes are hard to quantify, and the return on investment (ROI) is often long-term. Among the many obstacles brand leaders must overcome are:

• Lack of longer-term corporate vision, focusing all efforts and resources on short-term growth strategies for a quick ROI.
• Insufficient market and target buyers' information and understanding of the brand's key differentiator.
• Misalignment of brand message, and difficulties creating compelling content that resonates with the target audience, generates interest, and keeps them engaged.
• Limited or no resources dedicated to the development of the brand.

Inspired by top-performing businesses and best practices, this blueprint provides the guidance and tools needed to successfully build awareness and help businesses grow. By following these guidelines, brand leaders can expect to:

• Gain market intelligence and a clear understanding of the buyer's needs, your competitive advantage, and key differentiator.
• Develop a clear and compelling value proposition and a human-centric brand messaging driven by the brand's values.
• Increase online presence and brand awareness to attract and engage with buyers.
• Develop a long-term brand strategy and execution plan.

"A brand is the set of expectations, memories, stories, and relationships that, taken together, account for a consumer's decision to choose one product or service over another."

– Seth Godin

What is brand awareness?

The act of making a brand visible and memorable.

Brand awareness is the degree to which buyers are familiar with and recognize the attributes and image of a particular brand, product, or service. The higher the level of awareness, the more likely the brand is to come into play when a target audience enters the " buying consideration" phase of the buyer's journey.

Brand awareness also plays an important role in building equity and increasing business valuation. Brands that are familiar to their target market have greater credibility, drive more sales and have a more loyal customer base.
Building brand awareness allows increasing:

• Brand visibility, perception, recognition, and reputation
• Interactions and engagement with the target audience
• Digital advertising performance and ROI
• Conversion rates and sales wins
• Revenue and profitability
• Market share and share of voice (SOV)
• Talents, partners, and investors attraction and retention
• Brand equity, business growth, and market valuation

"Products are made in a factory, but brands are created in the mind."
Source: Walter Landor

Capitalizing on a powerful brand

A longer-term approach for an increased and more sustainable ROI.

Market leader position

Developing brand awareness is essential to increase the visibility and traction of a brand.

Several factors may cause a brand to be not well-known. One reason might be that the brand recently launched, such as a startup. Another reason could be that the brand has rebranded or entered a new market.

To become the trusted brand that buyers think of first in their target markets, it is critical for these brands to develop and deploy comprehensive, multi-touchpoint brand awareness strategies.

A relationship leading to loyalty

A longer-term brand awareness strategy helps build a strong relationship between the brand and the buyer, fostering a lasting and rewarding alliance.

It also enables brands to reach and engage with their target audience effectively by using compelling storytelling and meaningful content.

Adopting a more human-centric approach and emphasizing shared values makes the brand more attractive to buyers and can drive sales and gain loyalty.

Sustainable business growth

For brands that are not well established in their target market, short-term tactics that focus on immediate benefits can be ineffective. In contrast, long-term brand awareness strategies provide a more sustainable ROI (return on investment).

Investing in building brand awareness can impact a business's ability to interact with its target audience, generate leads, and increase sales. Moreover, it can significantly contribute to boosting the business's brand equity and market valuation.

"Quick wins may work in the short term, but they're not an ideal substitute for long-term tactics and continued success."
Source: Forbes

Impacts of low brand awareness on businesses

Unfamiliar brands, despite their strong potential, won't thrive unless they invest in their notoriety.

Brands that choose not to invest in longer-term awareness strategies and rely solely on short-term growth tactics in hopes of an immediate gain will see their ability to grow diminished and their longevity reduced due to a lack of market presence and recognition.

Symptoms of a weakening brand include:

• High marketing spending and limited result
• Low market share or penetration
• Low sales, revenue, and gross margin
• Weak renewal rate, customer retention, and loyalty
• Difficulties delivering on the brand promise, low/no trust in the brand
• Limited brand equity, business valuation, and sustainability
• Unattractive brand to partners and investors

"Your brand is the single most important investment you can make in your business."
Source: Steve Forbes

Most common obstacles to increasing brand awareness

Successfully building brand awareness requires careful preparation and planning.

• Limited market intelligence
• Unclear competitive advantage/key differentiator
• Misaligned and inconsistent messaging and storytelling
• Lack of long-term vision
• and low prioritization
• Limited resources to develop and execute brand awareness building tactics
• Unattractive content that does not resonate, generates little or no interest and engagement

Investing in the notoriety of the brand

Become the top-of-mind brand in your target market.

To stand out, be recognized by their target audience, and become major players in their industry, brands must adopt a winning strategy that includes the following elements:

• In-depth knowledge and understanding of the market and audience
• Strengthening digital presence and activities
• Creating and publishing content relevant to the target audience
• Reaching out through multiple touchpoints
• Using a more human-centric approach
• Ensure consistency in all aspects of the brand, across all media and channels

How far are you from being the brand buyers think of first in your target market?

Brand awareness pyramid

Based on David Aaker's brand loyalty pyramid

Tactics for building brand awareness

Focus on effective ways to gain brand recognition in the minds of buyers.

Brand recognition requires in-depth knowledge of the target market, the creation of strong brand attributes, and increased presence and visibility.

Understand the market and audience you're targeting

Be prepared. Act smart.

To implement a winning brand awareness-building strategy, you must:

• Be aware of your competitor's strengths and weaknesses, as well as yours.
• Find out who is behind the keyboard, and the user experience they expect to have.
• Plan and continuously adapt your tactics accordingly.
• Make your buyer the hero.

Identify the brands' uniqueness

Find your "winning zone" and how your brand uniquely addresses buyers' pain points.

Focus on your key differentiator

A brand has found its "winning zone" or key differentiator when its value proposition clearly shows that it uniquely solves its buyers' specific pain points.

Align with your target audience's real expectations and successfully interact with them by understanding their persona and buyer's journey. Know:

• How you uniquely address their pain points.
• Their values and what motivates them.
• Who they see as authorities in your field.
• Their buying habits and trends.
• How they like brands to engage with them.

Give your brand a voice

Define and present a consistent voice across all channels and assets.

The voice reflects the personality of the brand and the emotion to be transmitted. That's why it's crucial to establish strict rules that define the language to use when communicating through the brand's voice, the type of words, and do's and don'ts.

To be recognizable it is imperative to avoid inconsistencies. No matter how many people are behind the brand voice, the brand must show a unique, distinctive personality. As for the tone, it may vary according to circumstances, from lighter to more serious.

Up to 80% Increased customer recognition when the brand uses a signature color scheme across multiple platforms
Source: startup Bonsai
23% of revenue increase is what consistent branding across channels leads to.
Source: Harvard Business Review

When we close our eyes and listen, we all recognize Ella Fitzgerald's rich and unique singing voice.

We expect to recognize the writing of Stephen King when we read his books. For the brand's voice, it's the same. People want to be able to recognize it.

Adopt a more human-centric approach

If your brand was a person, who would it be?

Human attributes

Physically attractive

• Brand identity
• Logo and tagline
• Product design

Intellectually stimulating

• Knowledge and ideas
• Continuous innovation
• Thought leadership

Sociable

• Friendly, likeable and fun
• Confidently engage with audience through multiple touchpoints
• Posts and shares meaningful content
• Responsive

Emotionally connected

• Inspiring
• Powerful influencer
• Triggers emotional reactions

Morally sound

• Ethical and responsible
• Value driven
• Deliver on its promise

Personable

• Honest
• Self-confident and motivated
• Accountable

0.05 Seconds is what it takes for someone to form an opinion about a website, and a brand.
Source: 8ways

90% of the time, our initial gut reaction to products is based on color alone.
Source: startup Bonsai

56% of the final b2b purchasing decision is based on emotional factors.
Source: B@B International

Put values at the heart of the brand-buyers relationship

Highlight values that will resonate with your audience.

Brands that focus on the values they share with their buyers, rather than simply on a product or service, succeed in making meaningful emotional connections with them and keep them actively engaged.

Shared values such as transparency, sustainability, diversity, environmental protection, and social responsibility become the foundation of a solid relationship between a brand and its audience.

The key is to know what motivates the target audience.

86% of consumers claim that authenticity is one of the key factors they consider when deciding which brands they like and support.
Source: Business Wire

56% of the final decision is based on having a strong emotional connection with the supplier.
Source: B2B International

64% of today's customers are belief-driven buyers; they want to support brands that "can be a powerful force for change."
Source: Edelman

"If people believe they share values with a company, they will stay loyal to the brand."
– Howard Schultz
Source: Lokus Design

Double-down on digital

Develop your digital presence and reach out to your target audiences through multiple touchpoints.

Beyond engaging content, reaching the target audience requires brands to connect and interact with their audience in multiple ways so that potential buyers can form an opinion.

With the right message consistently delivered across multiple channels, brands increase their reach, create a buzz around their brand and raise awareness.

73% of today's consumers confirm they use more than one channel during a shopping journey
Source: Harvard Business Review

Platforms

• Website and apps
• Social media
• Group discussions

Multimedia

• Webinars
• Podcasts
• Publication

Campaign

• Ads and advertising
• Landing pages
• Emails, surveys drip campaigns

Network

• Tradeshows, events, sponsorships
• Conferences, speaking opportunities
• Partners and influencers

Use social media to connect

Reach out to the masses with a social media presence.

Social media platforms represent a cost-effective opportunity for businesses to connect and influence their audience and tell their story by posting relevant and search-engine-optimized content regularly on their account and groups. It's also a nice gateway to their website.

Building a relationship with their target buyer through social media is also an easy way for businesses to:

• Understand the buyers.
• Receive feedback on how the buyers perceive the brand and how to improve it.
• Show great user experience and responsiveness.
• Build trust.
• Create awareness.

75% of B2B buyers and 84% of C-Suite executives use social media when considering a purchase
Source: LinkedIn Business

92% of B2B buyers use social media to connect with leaders in the sales industry.
Source: Techjury

With over 4.5 billion social media users worldwide, and 13 new users signing up to their first social media account every second, social media is fast becoming a primary channel of communication and social interaction for many.
Source: McKinsey

Become the expert subject matter

Raise awareness with thought leadership content.

Thought leadership is about building credibility
by creating and publishing meaningful, relevant content that resonates with a target audience.
Thought leaders write and publish all kinds of relevant content such as white papers, ebooks, case studies, infographics, video and audio content, webinars, and research reports.
They also participate in speaking opportunities, live presentations, and other high-visibility forums.
Well-executed thought leadership strategies contribute to:

• Raise awareness.
• Build credibility.
• Be recognized as a subject expert matter.
• Become an industry leader.

60% of buyers say thought leadership builds credibility when entering a new category where the brand is not already known.
Source: Edelman | LinkedIn

70% of people would rather learn about a company through articles rather than advertising.
Source: Brew Interactive

57% of buyers say that thought leadership builds awareness for a new or little-known brand.
Source: Edelman | LinkedIn

To achieve best results

• Know the buyers' persona and journey.
• Create original content that matches the persona of the target audience and that is close to their values.
• Be Truthful and insightful.
• Find the right tone and balance between being human-centric, authoritative, and bold.
• Be mindful of people's attention span and value their time.
• Create content for each phase of the buyer's journey.
• Ensure content is SEO, keyword-loaded, and add calls-to-action (CTAs).
• Add reason to believe, data to support, and proof points.
• Address the buyers' pain points in a unique way.

Avoid

• Focusing on product features and on selling.
• Publishing generic content.
• Using an overly corporate tone.

Promote personal branding

Rely on your most powerful brand ambassadors and influencers: your employees.

The strength of personal branding is amplified when individuals and companies collaborate to pursue personal branding initiatives that offer mutual benefits. By training and positioning key employees as brand ambassadors and industry influencers, brands can boost their brand awareness through influencer marketing strategies.

Personal branding, when well aligned with business goals, helps brands leverage their key employee's brands to:

• Increase the organization's brand awareness.
• Broaden their reach and circle of influence.
• Show value, gain credibility, and build trust.
• Stand out from the competition.
• Build employee loyalty and pride.
• Become a reference to other businesses.
• Increase speaking opportunities.
• Boost qualified leads and sales.

About 90% of organizations' employee network tends to be completely new to the brand.
Source: Everyone Social

8X more engagement comes from social media content shared by employees rather than brand accounts.
Source: Entrepreneur

561% more reach when brand messages are shared by employees on social media, than the same message shared by the Brand's social media.
Source: Entrepreneur

"Personal branding is the art of becoming knowable, likable and trustable."
Source: Founder Jar, John Jantsch

Invest in B2B influencer marketing

Broaden your reach and audiences by leveraging the voice of influencers.

Influencers are trusted industry experts and analysts who buyers can count on to provide reliable information when looking to make a purchase.

Influencer marketing can be very effective to reach new audiences, increase awareness, and build trust. But finding the right influencers with the level of credibility and visibility brands are expecting can sometimes be challenging.

Search for influencers that have:

• Relevance of audience and size.
• Industry expertise and credibility.
• Ability to create meaningful content (written, video, audio).
• Charismatic personality with values consistent with the brand.
• Frequent publications on at least one leading media platform.

76% of people say that they trust content shared by people over a brand.
Source: Adweek

44% increased media mention of the brand using B2B influencer marketers.
Source: TopRank Marketing

Turn your customers into brand advocates

Establish customer advocacy programs and deliver a great customer experience.

Retain your customers and turn them into brand advocates by building trust, providing an exceptional experience, and most importantly, continuously delivering on the brand promise.

Implement a strong customer advocacy program, based on personalized experiences, the value provided, and mutual exchange, and reap the benefits of developing and growing long-term relationships.

92% of individuals trust word-of-mouth recommendations, making it one of the most trust-rich forms of advertising.
Source: SocialToaster

Word-of-mouth (advocacy) marketing increases marketing effectiveness by 54%
Source: SocialToaster

Make your brand known and make it stick in people's minds

Building and maintaining high brand awareness requires that each individual within the organization carry and deliver the brand message clearly and consistently across all media whether in person, in written communications, or otherwise.

To achieve this, brand leaders must first develop a powerful, researched narrative that people will embrace and convey, which requires careful preparation.

Target market and audience intel

• Target market Intel
• Buyer persona and journey/pain points
• Uniqueness and positioning

Brand attributes

• Values at the heart of the relationship
• Brand's human attributes

Brand visibly and recall

• Digital and social media presence
• Thought leadership
• Personal branding
• Influencer marketing

Brand awareness building plan

• Long-term awareness and multi-touchpoint approach
• Monitoring and optimization

Short and long-term benefits of increasing brand awareness

Brands are built over the long term but the rewards are high.

• Stronger brand perception
• Improved engagement and brand associations
• Enhanced credibility, reputation, and trust
• Better connection with customers
• Increased repeat business
• High-quality leads
• Higher and faster conversion rate
• More sales closed/ deals won
• Greater brand equity
• Accelerated growth

"Strong brands outperform their less recognizable competitors by as much as 73%."
Source: McKinsey

Brand awareness building

Building brand awareness, even though immediate benefits are often difficult to see and measure, is essential for companies to stand out from their competitors and continue to grow in a sustainable way.

To successfully raise awareness, brands need to have:

• A longer-term vision and strategy.
• Market Intelligence, a clear value proposition, and key differentiator.
• Consistent, well-aligned messaging and storytelling.
• Digital presence and content.
• The ability to reach out through multiple touchpoints.
• Necessary resources.

Without brand awareness, brands become less attractive to buyers, talent, and investors, and their ability to grow, increase their market value, and be sustainable is reduced.

Brand awareness building methodology

Define brands' personality and message

• Gather market intel and analyze the market.
• Determine the value proposition and positioning.
• Define the brand archetype and voice.
• Craft a compelling brand message and story.
• Get all the key elements of your brand guidelines.

Start building brand awareness

• Achieve strategy alignment and readiness.
• Create and manage assets.
• Deploy your tactics, assets, and workflows.
• Establish key performance indicators (KPIs).
• Monitor and optimize on an ongoing basis.

Toolkit

• Market and Influencing Factors Analysis
• Recognition Survey and Best Practices
• Buyer Personas and Journeys
• Purpose, Mission, Vision, Values
• Value Proposition and Positioning
• Brand Message, Voice, and Writing Style
• Brand Strategy and Tactics
• Asset Creation and Management
• Strategy Rollout Plan

Short and long-term benefits of increasing brand awareness

Increase:

• Brand perception
• Brand associations and engagement
• Credibility, reputation, and trust
• Connection with customers
• Repeat business
• Quality leads
• Conversion rate
• Sales closed / deals won
• Brand equity and growth

It typically takes 5-7 brand interactions before a buyer remembers the brand.
Source: Startup Bonsai

Who benefits from this brand awareness research?

This research is being designed for:
Brand and marketing leaders who:

• Know that brand awareness is essential to the success of all marketing and sales activities.
• Want to make their brand unique, recognizable, meaningful, and highly visible.
• Seek to increase their digital presence, connect and engage with their target audience.
• Are looking at reaching a new segment of the market.

This research will also assist:

• Sales with qualified lead generation and customer retention and loyalty.
• Human Resources in their efforts to attract and retain talent.
• The overall business with growth and increased market value.

This research will help you:

• Gain market intelligence and a clear understanding of the target audience's needs and trends, competitive advantage, and key differentiator.
• The ability to develop clear and compelling, human-centric messaging and compelling story driven by brand values.
• Increase online presence and brand awareness activities to attract and engage with buyers.
• Develop a long-term brand awareness strategy and deployment plan.

This research will help them:

• Increase campaign ROI.
• Develop a longer-term vision and benefits of investing in longer-term initiatives.
• Build brand equity and increase business valuation.
• Grow your business in a more sustainable way.

SoftwareReviews' brand awareness building methodology

Insight summary

Brands to adapt their strategies to achieve longer-term growth
Brands must adapt and adjust their strategies to attract informed buyers who have access to a wealth of products, services, and brands from all over. Building brand awareness, even though immediate benefits are often difficult to see and measure, has become essential for companies that want to stand out from their competitors and continue to grow in a sustainable way.

A more human-centric approach
Brand personalities matter. Brands placing human values at the heart of the customer-brand relationship will drive interest in their brand and build trust with their target audience.

Stand out from the crowd
Brands that develop and promote a clear and consistent message across all platforms and channels, along with a unique value proposition, stand out from their competitors and get noticed.

A multi-touchpoints strategy
Engage buyers with relevant content across multiple media to address their pain points. Analyze touchpoints to determine where to invest your efforts.

Going social
Buyers expect brands to be active and responsive in their interactions with their audience. To build awareness, brands are expected to develop a strong presence on social media by regularly posting relevant content, engaging with their followers and influencers, and using paid advertising. They also need to establish thought leadership through content such as white papers, case studies, and webinars.

Thought leaders wanted
To enhance their overall brand awareness strategy, organizations should consider developing the personal brand of key executives. Thought leadership can be a valuable method to gain credibility, build trust, and drive conversion. By establishing thought leadership, businesses can increase brand mentions, social engagement, website traffic, lead generation, return on investment (ROI), and Net Promoter Score (NPS).

Save time and money with SoftwareReviews' branding advice

Collaborating with SoftwareReviews analysts for inquiries not only provides valuable advice but also leads to substantial cost savings during branding activities, particularly when partnering with an agency.

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with a SoftwareReviews Marketing Analyst to help implement our best practices in your organization.

Your engagement managers will work with you to schedule analyst calls.

Brand awareness building tools

Each step of this blueprint comes with tools to help you build brand awareness.

Brand Awareness Tool Kit

This kit includes a comprehensive set of tools to help you better understand your target market and buyers, define your brand's personality and message, and develop an actionable brand awareness strategy, workflows, and rollout plan.

The set includes these templates: Market and Influencing Factors Analysis Recognition Survey and Best Practices Buyer Personas and Journeys Purpose, Mission, Vision, and Values Value Proposition and Positioning Brand Message, Voice, and Writing Style Brand Strategy and Tactics Asset Creation and Management Strategy Rollout Plan

Get started!

Know your target market and audience, deploy well-designed strategies based on shared values, and make meaningful connections with people.

Phase 1

Define brands' personality and message

Phase 2

Start building brand awareness

Phase 1

Define brands' personality and message

Steps

1.1 Gather market intelligence and analyze the market.
1.2 Develop and document the buyer's persona and journey.
1.3 Uncover the brand mission, vision statement, core values, positioning, and value proposition.
1.4 Define the brand's archetype and tone of voice, then craft a compelling brand messaging.

Phase outcome

• Target market and audience are identified and documented.
• A clear value proposition and positioning are determined.
• The brand personality, voice, and messaging are developed.
• All the key elements of the brand guidelines are in place. and ready to use, along with the existing logo, typography, color palette, and imagery..

Build brands' personality and message

Step 1.1 Gather market intelligence and analyze the market.

Total duration: 2.5-8 hours

Objective

Analyze and document your competitive landscape, assess your strengths, weaknesses, opportunities,
and threats, gauge the buyers' familiarity with your brand, and identify the forces of influence.

Output

This exercise will allow you to understand your market and is essential to developing your value proposition.

Participants

• Head of branding and key stakeholders

MarTech
May require you to:

• Register to a Survey Platform.
• Use, setup, or install platforms like CRM and/or Marketing Automation Platform.

Tools

• Market Analysis Template
• Brand Recognition Survey Questionnaire and List Template and Survey Emails Best Practices Guidelines
• External and Internal Factors Analysis Template

Consult SoftwareReviews website to find the best survey and MarTech platforms or contact one of our analysts for more personalized assistance and guidance

Brand performance diagnostic

Have you considered diagnosing your brand's current performance before you begin building brand awareness?

Audit your brand using the Diagnose Brand Health to Improve Business Growth blueprint.Collect and interpret qualitative and quantitative brand performance measures.

The toolkit includes the following templates:

• Surveys and interviews questions and lists
• External and internal factor analysis
• Digital and financial metrics analysis

Also included is an executive presentation template to communicate the results to key stakeholders and recommendations to fix the uncovered issues.

Build brands' personality and message

Step 1.2 Develop and document the buyer's persona and journey.

Total duration: 4-8 hours

Objective

Gather existing and desired customer insights and conduct market research to define and personify your buyers' personas and their buying behaviors.

Output

Provide people in your organization with clear direction on who your target buyers are and guidance on how to effectively reach and engage with them throughout their journey.
Participants

• Head of branding
• Key stakeholders from sales and product marketing

MarTech
May require you to:

• Register to an Online Survey Platform (free version or subscription).
• Use, setup, or installation of platforms like CRM and/or Marketing Automation Platform.

Tools

• Buyer Personas and Journeys Presentation Template
• Ideal Customer Profile (ICP) Workbook
• Buyer Persona and Journey Interview Guide and Data Capture

Consult SoftwareReviews website to find the best survey platform for your needs or contact one of our analysts for more personalized assistance and guidance

Buyer Personas and Journeys

A well-defined buyer persona and journey is a great way for brands to ensure they are effectively reaching and engaging their ideal buyers through a personalized buying experience.

When properly documented, it provides valuable insights about the ideal customers, their needs, challenges, and buying decision processes allowing the development of initiatives that correspond to the target buyers.

Build brands' personality and message

Step 1.3 Uncover the brand mission, vision statement, core values, value proposition, and positioning.

Total duration: 4-5.5 hours

Objective
Define the "raison d'être" and fundamental principles of your brand, your positioning in the marketplace, and your unique competitive advantage.

Output
Allows everyone in an organization to understand and align with the brand's raison d'être beyond the financial dimension, its current positioning and objectives, and how it intends to achieve them.
It also serves to communicate a clear and appealing value proposition to buyers.

Participants

• Head of branding
• Chief Executive Officer (CEO)
• Key stakeholders

Tools

• Brand Purpose, Mission, Vision, and Values Template
• Value Proposition and Positioning Statement Template

Build brands' personality and message

Steps 1.4 Define the brand's archetype and tone of voice, and craft a compelling brand messaging.

Total duration: 5-8 hours

Objective

Define your unique brand voice and develop a set of guidelines, brand story, and messaging to ensure consistency across your digital and non-digital marketing and communication assets.
Output

A documented brand personality and voice, as well as brand story and message, will allow anyone producing content or communicating on behalf of your brand to do it using a unique and recognizable voice, and convey the right message.

Participants

• Head of branding
• Content specialist
• Chief Executive Officer and other key stakeholders

Tools

• Brand Voice Guidelines Template
• Writing Style Guide Template
• Brand Messaging Template
• Writer Checklist Template

Important Tip!

A consistent brand voice leads to remembering and trusting the brand. It should stand out from the competitors' voices and be meaningful to the target audience. Once the brand voice is set, avoid changing it.

Phase 2

Start building brand awareness

Steps

2.1 Achieve strategy alignment and readiness.
2.2 Create assets and workflows, and deploy tactics.
2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

Phase outcome

• A comprehensive and actionable brand awareness strategy, with tactics, KPIs, and metrics, is set and ready to execute.
• A progressive and effective deployment plan with deliverables, timelines, workflows, and checklists is in place.
• Resources are assigned.

Start building brand awareness

Step 2.1 Achieve strategy readiness and alignment.

Total duration: 4-5 hours

Objective

Now that you have all the key elements of your brand guidelines in place, in addition to your existing logo, typography, color palette, and imagery, you can begin to build brand awareness.

Start planning to build brand awareness by developing a comprehensive and actionable brand awareness strategy with tactics that align with the company's purpose and objectives. The strategy should include achievable goals and measurables, budget and staffing considerations, and a good workload assessment.

Output

A comprehensive long-term, actionable brand awareness strategy with KPIs and measurables.

Participants

• Head of branding
• Key stakeholders

Tools

• Brand Awareness Strategy and Tactics Template

Understanding the difference between strategies and tactics

Strategies and tactics can easily be confused, but although they may seem similar at times, they are in fact quite different.

Strategies and tactics are complementary.

A strategy is a plan to achieve specific goals, while a tactic is a concrete action or set of actions used to implement that strategy.

To be effective, brand awareness strategies should be well thought-out, carefully planned, and supported by a series of tactics to achieve the expected outcomes.

Start building brand awareness

Step 2.2 Create assets and workflows and deploy tactics.

Total duration: 3.5-4.5 hours

Objective

Build a long-term rollout with deliverables, milestones, timelines, workflows, and checklists. Assign resources and proceed to the ongoing development of assets. Implement, manage, and continuously communicate the strategy and results to key stakeholders.

Output

Progressive and effective development and deployment of the brand awareness-building strategy and tactics.

Participants

• Head of branding

Tools

• Asset Creation and Management List
• Campaign Workflows Template
• Brand Awareness Strategy Rollout Plan Template

Band Awareness Strategy Rollout Plan
A strategy rollout plan typically includes the following:

• Identifying a cross-functional team and resources to develop the assets and deploy the tactics.
• Listing the various assets to create and manage.
• A timeline with key milestones, deadlines, and release dates.
• A communication plan to keep stakeholders informed and aligned with the strategy and tactics.
• Ongoing performance monitoring.
• Constant adjustments and improvements to the strategy based on data collected and feedback received.

Start building brand awareness

Step 2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

Total duration: 3.5-4.5 hours

Objective

Brand awareness is built over a long period of time and must be continuously monitored in several ways. Measuring and monitoring the effectiveness of your brand awareness activities will allow you to constantly adjust your tactics and continue to build awareness.

Output

This step will provide you with a snapshot of your current level of brand awareness and interactions with the brand, and allow you to set up the tools for ongoing monitoring and optimization.

Participants

• Head of branding
• Digital marketing manager

MarTech
May require you to:

• Register to an Online Survey Platform(free version or subscription), or
• Use, setup, or installation of platforms like CRM and/or Marketing Automation Platform.
• Use Google Analytics or other tracking tools.
• Use social media and campaign management tools.

Tools

• Brand Awareness Strategy and Tactics Template

Consult SoftwareReviews website to find the best survey, brand monitoring and feedback, and MarTech platforms, or contact one of our analysts for more personalized assistance and guidance

Measuring brand strategy performance
There are two ways to measure and monitor your brand's performance on an ongoing basis.

• By registering to brand monitoring and feedback platforms and tools like Meltwater, Hootsuite, Insights, Brand24, Qualtrics, and Wooltric.
• Manually, using native analytics built in the platforms you're already using, such as Google and Social Media Analytics, or by gathering customer feedback through surveys, or calculating CAC, ROI, and more in spreadsheets.

SoftwareReviews can help you choose the right platform for your need. We also equip you with manual tools, available with the Diagnose Brand Health to Improve Business Growthblueprint to measure:

• Surveys and interviews questions and lists.
• External and internal factor analysis.
• Digital and financial metrics analysis.
• Executive presentation to report on performance.

Related SoftwareReviews research

Create a Buyer Persona and Journey Get deeper buyer understanding and achieve product-market fit, with easier access to market and sales Reduce time and resources wasted chasing the wrong prospects. Increase open and click-through rates. Perform more effective sales discovery. Increase win rate.	Diagnose Brand Health to Improve Business Growth Have a significant and well-targeted impact on business success and growth by knowing how your brand performs, identifying areas of improvement, and making data-driven decisions to fix them. Increase brand awareness and equity. Build trust and improve customer retention and loyalty. Achieve higher and faster growth.

Bibliography

Aaker, David. "Managing Brand Equity." Simon & Schuster, 1991.
"6 Factors for Brands to Consider While Designing Their Communication." Lokus Design, 23 Sept. 2022.
"20 Advocacy Marketing Statistics You Need to Know." Social Toaster, n.d.
Bazilian, Emma. "How Millennials and Baby Boomers Consume User-Generated Content And what brands can learn from their preferences." Adweek, January 2, 2017.
B2B International, a Gyro: company, B2B Blog - Why Human-To-Human Marketing Is the Next Big Trend in a Tech-Obsessed World.
B2B International, a Gyro: company, The State of B2B Survey 2019 - Winning with Emotions: How to Become Your Customer's First Choice.
Belyh, Anastasia. "Brand Ambassador 101:Turn Your Personal Brand into Cash." Founder Jar, December 6, 2022.
Brand Master Academy.com.
Businesswire, a Berkshire Hathaway Company, "Stackla Survey Reveals Disconnect Between the Content Consumers Want & What Marketers Deliver." February 20, 2019.
Chamat, Ramzi. "Visual Design: Why First Impressions Matter." 8 Ways, June 5, 2019.
Cognism. "21 Tips for Building a LinkedIn Personal Brand (in B2B SaaS)."
Curleigh, James. "How to Enhance and Expand a Global Brand." TED.
"2019 Edelman Trust Barometer." Edelman.
Erskine, Ryan. "22 Statistics That Prove the Value of Personal Branding." Entrepreneur, September 13, 2016.
Forbes, Steve. "Branding for Franchise Success: How To Achieve And Maintain Brand Consistency Across A Franchise Network?" Forbes, 9 Feb. 2020.
Godin, Seth. "Define: Brand." Seth's Blog, 30 Dec. 2009,
Houragan, Stephen. "Learn Brand Strategy in 7 Minutes (2023 Crash Course)." YouTube.
Jallad, Revecka. "To Convert More Customers, Focus on Brand Awareness." Forbes, October 22, 2019.
Kingsbury, Joe, et al. "2021 B2B Thought Leadership Impact Study." Edelman, 2021.
Kunsman, Todd. "The Anatomy of an Employee Influencer." EveryoneSocial, September 8, 2022.
Landor, Walter. A Brand New World: The Fortune Guide to the 21st Century. Time Warner Books, 1999.
Liedke, Lindsay. "37+ Branding Statistics For 2023: Stats, Facts & Trends." Startup Bonsai, January 2, 2023.
Millman, Debbie. "How Symbols and Brands Shape our Humanity." TED, 2019.
Nenova, Velina. "21 Eye-Opening B2B Marketing Statistics to Know in 2023." Techjury, February 9, 2023.
Perrey, Jesko et al., "The brand is back: Staying relevant in an accelerating age." McKinsey & Company, May 1, 2015.
Schaub, Kathleen. "Social Buying Meets Social Selling: How Trusted Networks Improve the Purchase Experience." LinkedIn Business, April 2014.
Sopadjieva, Emma et al. "A Study of 46,000 Shoppers Shows That Omnichannel Retailing Works." Harvard Business Review, January 3, 2017.
Shaun. "B2B Brand Awareness: The Complete Guide 2023." B2B House. 2023.
TopRank Marketing, "2020 State of B2B Influencer Marketing Research Report." Influencer Marketing Report.

Build a Strategic Infrastructure Roadmap

Align infrastructure investment to business-driven goals.

Analysts' Perspectives

Infrastructure roadmaps are an absolute necessity for all organizations. An organization's size often dictates the degree of complexity of the roadmap, but they all strive to paint the future picture of the organization's IT infrastructure.

Infrastructure roadmaps typically start with the current state of infrastructure and work on how to improve. That thinking must change! Start with the future vision, an unimpeded vision, as if there were no constraints. Now you can see where you want to be.

Look at your past to determine how you have been spending your infrastructure budget. If your past shows a trend of increased operational expenditures, that trend will likely continue. The same is true for capital spending and staffing numbers.

Now that you know where you want to go, and how you ended up where you are, look at the constraints you must deal with and make a plan. It's not as difficult as it may seem, and even the longest journey begins with one step.

Speaking of that first step, it should be to understand the business goals and align your roadmap with those same goals. Now you have a solid plan to develop a strategic infrastructure roadmap; enjoy the journey!

There are many reasons why you need to build a strategic IT infrastructure roadmap, but your primary objectives are to set the long-term direction, build a framework for decision making, create a foundation for operational planning, and be able to explain to the business what you are planning. It is a basis for accountability and sets out goals and priorities for the future.

Other than knowing where you are going there are four key benefits to building the roadmap.

1. It allows you to be strategic and transformative rather than tactical and reactive.
2. It gives you the ability to prioritize your tasks and projects in order to get them going.
3. It gives you the ability to align your projects to business outcomes.
4. Additionally, you can leverage your roadmap to justify your budget for resources and infrastructure.

When complete, you will be able to communicate to your fellow IT teams what you are doing and get an understanding of possible business- or IT-related roadblocks, but overall executing on your roadmap will demonstrate to the business your competencies and ability to succeed.

PJ Ryan
Research Director
Infrastructure & Operations Practice
Info-Tech Research Group

John Donovan
Principal Research Director
Infrastructure & Operations Practice
Info-Tech Research Group

Build a Strategic Infrastructure Roadmap

Align infrastructure investment to business-driven goals.

EXECUTIVE BRIEF

Executive Summary

Your Challenge

When it comes to building a strategic roadmap, getting a seat at the table is your first objective. Knowing what the business wants to do and understanding its future needs is a challenge for most IT organizations.

Challenges such as:

• Understanding the business vision
• Clear communications on business planning
• Insight into what the future state should look like

Common Obstacles

Fighting fires, keeping the lights on, patching, and overseeing legacy debt maintenance – these activities prevent your IT team from thinking strategically and looking beyond day-to-day operations. Issues include:

• Managing time well
• Building the right teams
• Setting priorities

Procrastinating when it comes to thinking about your future state will get you nowhere in a hurry.

Info-Tech's Approach

Look into your past IT spend and resources that are being utilized.

• Analyze all aspects of the operation, and resources required.
• Be realistic with your timelines.
• Work from the future state backward.

Build your roadmap by setting priorities, understanding risk and gaps both in finance and resources. Overall, your roadmap is never done, so don't worry if you get it wrong on the first pass.

Info-Tech Insight

Have a clear vision of what the future state is, and know that when creating an IT infrastructure roadmap, it is never done. This will give your IT team an understanding of priorities, goals, business vision, and risks associated with not planning. Understand what you are currently paying for and why.

Insight Summary

"Planning is bringing the future into the present so that you can do something about it now."
Source: Alan Lakein, Libquotes

Your strategic objectives are key to building a roadmap

Many organizations' day-to-day IT operations are tactical and reactive. This needs to change; the IT team needs to become strategic and proactive in its planning and execution. Forward thinking bridges the gap from your current state, to what the organization is, to what it wants to achieve. Your strategic objectives need to align to the business vision and goals and keep it running.

Your future state will determine your roadmap priorities

Identify what the business needs to meet its goals; this should be reflected in your roadmap priorities. Then identify the tasks and projects that can get you there. Business alignment is key, as these projects require prioritization. Strategic initiatives that align to business outcomes will be your foundation for planning on those priorities. If you do not align your initiatives, you will end up spinning your wheels. A good strategic roadmap will have all the elements of forward thinking and planning to execute with the right resources, right priorities, and right funding to make it happen.

Understand what you have been paying for the last few years

Measure the cost of "keeping the lights on" as a baseline for your budget that is earmarked and already spent. Determine if your current spend is holding back innovation due to:

1. The high cost of maintenance
2. Resources in operations doing low-value work due to the effort required to do tasks related to break/fix on aging hardware and software

A successful strategic roadmap will be determined when you have a good handle on your current spending patterns and planning for future needs that include resources, budget, and know-how. Without a plan and roadmap, that plan will not get business buy-in or funding.

Top challenges reported by Info-Tech members

Lack of strategic direction

• Infrastructure leadership must discover the business goals.

Time seepage

• Project time is constantly being tracked incorrectly.

Technical debt

• Aging equipment is not proactively cycled out with newer enabling technologies.

Case Study

The strategic IT roadmap allows Dura to stay at the forefront of automotive manufacturing.

INDUSTRY: Manufacturing
SOURCE: Performance Improvement Partners

Challenge

Following the acquisition of Dura, MiddleGround aimed to position Dura as a leader in the automotive industry, leveraging the company's established success spanning over a century.

However, prior limited investments in technology necessitated significant improvements for Dura to optimize its processes and take advantage of digital advancements.

Solution

MiddleGround joined forces with PIP to assess technology risks, expenses, and prospects, and develop a practical IT plan with solutions that fit MiddleGround's value-creation timeline.

By selecting the top 15 most important IT projects, the companies put together a feasible technology roadmap aimed at advancing Dura in the manufacturing sector.

Results

Armed with due diligence reports and a well-defined IT plan, MiddleGround and Dura have a strategic approach to maximizing value creation.

By focusing on key areas such as analysis, applications, infrastructure and the IT organization, Dura is effectively transforming its operations and shaping the future of the automotive manufacturing industry.

How well do you know your business strategy?

A mere 25% of managers
can list three of the company's
top five priorities.

Based on a study from MIT Sloan, shared understanding of strategic directives barely exists beyond the top tiers of leadership.

Take your time back

Unplanned incident response is a leading cause of the infrastructure time crunch, but so too are nonstandard service requests and service requests that should be projects.

Source: MIT Sloan

Inventory Assessment

Lifecycle

Refresh strategies are still based on truisms (every three years for servers, every seven years for LAN, etc.) more than risk-based approaches.

Opportunity Cost

Assets that were suitable to enable business goals need to be re-evaluated as those goals change.

See Info-Tech's Manage Your Technical Debt blueprint

Key IT strategy initiatives can be categorized in three ways

IT key initiative plan

Initiatives collectively support the business goals and corporate initiatives, and improve the delivery of IT services.

1. Business support
   • Support major business initiatives
   • Each corporate initiative is supported by a major IT project and each project has unique IT challenges that require IT support.
2. IT excellence
   • Reduce risk and improve IT operational excellence
   • These projects will increase IT process maturity and will systematically improve IT.
3. Innovation
   • Drive technology innovation
   • These projects will improve future innovation capabilities and decrease risk by increasing technology maturity.

Info-Tech Insight

A CIO has three roles: enable business productivity, run an effective IT shop, and drive technology innovation. Your key initiative plan must reflect these three mandates and how IT strives to fulfill them.

IT must accomplish many things

Manage
the lifecycle of aging equipment against current capacity and capability demands.

Curate
a portfolio of enabling technologies to meet future capacity and capability demands.

Initiate
a realistic schedule of initiatives that supports a diverse range of business goals.

Adapt
to executive feedback and changing business goals.

Primary and secondary infrastructure drivers

• Primary driver – The infrastructure component that is directly responsible for enabling change in the business metric.
• Secondary driver – The infrastructure component(s) that primary drivers rely on.

(Source: BMC)

Sample primary and secondary drivers

Info-Tech Insight

You may not be able to directly influence the primary drivers of the business, but your infrastructure can have a major impact as a secondary driver.

Info-Tech's approach

1. Align strategy and goals

• Establish the scope of your IT strategy by defining IT's mission and vision statements and guiding principles.

• Envision and define your future infrastructure and analyze what is holding you back.

• Establish a risk framework, identify initiatives, and build your strategic infrastructure roadmap.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Mission and Vision Statement
Goal Alignment (Slide 28)

Construct your vision and mission aligned to the business.

Strategic Infrastructure Roadmap tool

Build initiatives and prioritize them. Build the roadmap.

Infrastructure Domain Study

What is stealing your time from getting projects done?

Initiative Templates Process Maps & Strategy

Build templates for initiates, build process map, and develop strategies.

Key Deliverable

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Info-Tech's methodology for an infrastructure strategy and roadmap

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is 8 to 12 calls over the course of 4 to 6 months.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Phase 1

Align Strategy and Goals

This phase will walk you through the following activities:

• How to build IT mission and vision statements
• How to elicit IT guiding principles
• How to finalize and communicate your IT strategy scope

This phase involves the following participants:

• CIO
• Senior IT Team

Step 1.1

Develop the Infrastructure Strategy

Activities

1.1.1 Review/validate the business context

1.1.2 Construct your mission and vision statements

1.1.3 Elicit your guiding principles and finalize IT strategy scope

This step requires the following inputs:

• Business Mission Statement
• Business Vision Statement
• Business Goals

This step involves the following participants:

• Roadmap team

Outcomes of this step

• IT mission statement
• IT vision statement
• Guiding principles

To complete this phase, you will need:

Infrastructure Strategy and Roadmap Report Template

Use the IT Infrastructure Strategy and Roadmap Report Template to document the results from the following activities:

• Mission and Vision Statements
• Business impact
• Roadmap

IT must aim to support the organization's mission and vision

A mission statement

• Focuses on today and what an organization does to achieve the mission.
• Drives the company.
• Answers: What do we do? Who do we serve? How do we service them?

"A mission statement focuses on the purpose of the brand; the vision statement looks to the fulfillment of that purpose."

A vision statement

• Focuses on tomorrow and what an organization ultimately wants to become.
• Gives the company direction.
• Answers: What problems are we solving? Who and what are we changing?

"A vision statement provides a concrete way for stakeholders, especially employees, to understand the meaning and purpose of your business. However, unlike a mission statement – which describes the who, what, and why of your business – a vision statement describes the desired long-term results of your company's efforts."
Source: Business News Daily, 2020

Characteristics of mission and vision statements

A strong mission statement has the following characteristics:

• Articulates the IT function's purpose and reason for existence.
• Describes what the IT function does to achieve its vision.
• Defines the customers of the IT function.
• Is:
• Compelling
• Easy to grasp
• Sharply focused
• Concise

A strong vision statement has the following characteristics:

• Describes a desired future achievement.
• Focuses on ends, not means.
• Communicates promise.
• Is:
• Concise; no unnecessary words
• Compelling
• Achievable
• Measurable

Derive the IT mission and vision statements from the business

Begin the process by identifying and locating the business mission and vision statements.

• Corporate websites
• Business strategy documents
• Business executives

Ensure there is alignment between the business and IT statements.

Note: Mission statements may remain the same unless the IT department's mandate is changing.

1.1.2 Construct mission and vision statements

1 hour

Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

Step 1:

1. Gather the IT strategy creation team and revisit your business context inputs, specifically the corporate mission statement.
2. Begin by asking the participants:
1. What is our job as a team?
2. What's our goal? How do we align IT to our corporate mission?
3. What benefit are we bringing to the company and the world?
1. Ask them to share general thoughts in a check-in.

Step 2:

1. Share some examples of IT mission statements.
2. Example: IT provides innovative product solutions and leadership that drives growth and
   success.
3. Provide each participant with some time to write their own version of an IT mission statement.

Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

Input

• Business vision statement
• Business mission statement

Output

• IT mission statement
• IT vision statement

Materials

• Sticky notes
• Markers
• Whiteboard
• Paper
• Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

Participants

• CIO
• Senior IT Team

1.1.2 Construct mission and vision statements (cont'd)

1 hour

Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

Step 3:

This step involves reviewing individual mission statements, combining them, and building one collective mission statement for the team.

1. Consider the following approach to build a unified mission statement:

Use the 20x20 rule for group decision-making. Give the group no more than 20 minutes to craft a collective team purpose with no more than 20 words.

1. As a facilitator, provide guidelines on how to write for the intended audience. Business stakeholders need business language.
2. Refer to the corporate mission statement periodically and ensure there is alignment.
3. Document your final mission statement in your ITRG Infrastructure Strategy and Roadmap Report Template.

Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

Input

• Business vision statement
• Business mission statement

Output

• IT mission statement
• IT vision statement

Materials

• Sticky notes
• Markers
• Whiteboard
• Paper
• Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

Participants

• CIO
• Senior IT Team

1.1.2 Construct mission and vision statements (cont'd)

1 hour

Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

Step 4:

1. Gather the IT strategy creation team and revisit your business context inputs, specifically the corporate vision statement.
2. Share one or more examples of vision statements.
3. Provide participants with sticky notes and writing materials and ask them to work individually for this step.
4. Ask participants to brainstorm:
1. What is the desired future state of the IT organization?
2. How should we work to attain the desired state?
3. How do we want IT to be perceived in the desired state?
5. Provide participants with guidelines to build descriptive, compelling, and achievable statements regarding their desired future state.
6. Regroup as a team and review participant answers.

Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

Input

• Business vision statement
• Business mission statement

Output

• IT mission statement
• IT vision statement

Materials

• Sticky notes
• Markers
• Whiteboard
• Paper
• Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

Participants

• CIO
• Senior IT Team

1.1.2 Construct mission and vision statements (cont'd)

1 hour

Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

Step 5:

1. Ask the team to post their notes on the wall.
2. Have the team group the words that have a similar meaning or feeling behind them; this will create themes.
3. When the group is done categorizing the statements into themes, ask if there's anything missing. Did they ensure alignment to the corporate vision statement? Are there any elements missing when considering alignment back to the corporate vision statement?

Step 6:

1. Consider each category as a component of your vision statement.
2. Review each category with participants; define what the behavior looks like when it is being met and what it looks like when it isn't.
3. As a facilitator, provide guidelines on word-smithing and finessing the language.
4. Refer to the corporate vision statement periodically and ensure there is alignment.
5. Document your final mission statement in your IT Strategy Presentation Template.

Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

Input

• Business vision statement
• Business mission statement

Output

• IT mission statement
• IT vision statement

Materials

• Sticky notes
• Markers
• Whiteboard
• Paper
• Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

Participants

• CIO
• Senior IT Team

1.1.2 Construct mission and vision statements (cont'd)

Tips for online facilitation:

• Pick an online whiteboard tool that allows participants to use a large, zoomable canvas.
• Set up each topic at a different area of the board; spread them out just like you would do on the walls of a room.
• Invite participants to zoom in and visit each section and add their ideas as sticky notes once you reach that section of the exercise.
• If you're not using an online whiteboard, we'd recommend using a collaboration tool such as Google Docs or Teams Whiteboard to collect the information for each step under a separate heading. Invite everyone into the document but be very clear regarding editing rights.
• Pre-create your screen deck and screen share this with your participants through your videoconferencing software. We'd also recommend sharing this so participants can go through the deck again during the reflection steps.
• When facilitating group discussion, we'd recommend that participants use non-verbal means to indicate they'd like to speak. You can use tools like Teams' hand-raising tool, a reaction emoji, or have people put their hands up. The facilitator can then invite that person to talk.

Source: Hyper Island

Input

• Business vision statement
• Business mission statement

Output

• IT mission statement
• IT vision statement

Materials

• Sticky notes
• Markers
• Whiteboard
• Paper
• Collaboration/brainstorming tool (whiteboard, flip chart, digital equivalent)

Participants

• CIO
• Senior IT Team

IT mission statements demonstrate IT's purpose

The IT mission statement specifies the function's purpose or reason for being. The mission should guide each day's activities and decisions. The mission statements use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

Strong IT mission statements have the following characteristics:

• Articulate the IT function's purpose and reason for existence
• Describe what the IT function does to achieve its vision
• Define the customers of the IT function
• Are:
• Compelling
• Easy to grasp
• Sharply focused
• Inspirational
• Memorable
• Concise

Sample IT Mission Statements:

• To provide infrastructure, support, and innovation in the delivery of secure, enterprise-grade information technology products and services that enable and empower the workforce at [Company Name].
• To help fulfill organizational goals, the IT department is committed to empowering business stakeholders with technology and services that facilitate effective processes, collaboration, and communication.
• The mission of the information technology (IT) department is to build a solid, comprehensive technology infrastructure; to maintain an efficient, effective operations environment; and to deliver high-quality, timely services that support the business goals and objectives of ABC Inc.
• The IT department has operational, strategic, and fiscal responsibility for the innovation, implementation, and advancement of technology at ABC Inc. in three main areas: network administration and end-user support, instructional services, and information systems. The IT department provides leadership in long-range planning, implementation, and maintenance of information technology across the organization.
• The IT group is customer-centered and driven by its commitment to management and staff. It oversees services in computing, telecommunications, networking, administrative computing, and technology training.

Sample mission statements (cont'd)

• To collaborate and empower our stakeholders through an engaged team and operational agility and deliver innovative technology and services.
• To empower our stakeholders with innovative technology and services, through collaboration and agility.
• To collaborate and empower our stakeholder, by delivering innovative technology and services, with an engaged team and operational agility.
• To partner with departments and be technology leaders that will deliver innovative, secure, efficient, and cost-effective services for our citizens.
• As a client-centric strategic partner, provide excellence in IM and IT services through flexible business solutions for achieving positive user experience and satisfaction.
• Develop a high-performing global team that will plan and build a scalable, stable operating environment.
• Through communication and collaboration, empower stakeholders with innovative technology and services.
• Build a robust portfolio of technology services and solutions, enabling science-lead and business-driven success.
• Guided by value-driven decision making, high-performing teams and trusted partners deliver and continually improve secure, reliable, scalable, and reusable services that exceed customer expectations.
• Engage the business to grow capabilities and securely deliver efficient services to our users and clients.
• Engage the business to securely deliver efficient services and grow capabilities for our users and clients.

IT vision statements demonstrate what the IT organization aspires to be

The IT vision statement communicates a desired future state of the IT organization. The statement is expressed in the present tense. It seeks to articulate the desired role of IT and how IT will be perceived.

Strong IT vision statements have the following characteristics:

• Describe a desired future
• Focus on ends, not means
• Communicate promise
• Are:
• Concise; no unnecessary words
• Compelling
• Achievable
• Inspirational
• Memorable

Sample IT vision statements:

• To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce.
• The IT organization will strive to become a world-class value center that is a catalyst for innovation.
• IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset.
• Develop and maintain IT and an IT support environment that is secure, stable, and reliable within a dynamic environment.

Sample vision statements (cont'd)

• Alignment: To ensure that the IT organizational model and all related operational services and duties are properly aligned with all underlying business goals and objectives. Alignment reflects an IT operation "that makes sense," considering the business served, its interests and its operational imperatives.
• Engagement: To ensure that all IT vision stakeholders are fully engaged in technology-related planning and the operational parameters of the IT service portfolio. IT stakeholders include the IT performing organization (IT Department), company executives and end-users.
• Best Practices: To ensure that IT operates in a standardized fashion, relying on practical management standards and strategies properly sized to technology needs and organizational capabilities.
• Commitment to Customer Service: To ensure that IT services are provided in a timely, high-quality manner, designed to fill the operational needs of the front-line end-users, working within the boundaries established by business interests and technology best practices.

Quoted From ITtoolkit, 2020

Case Study

Acme Corp. was able to construct its IT mission and vison statements by aligning to its corporate mission and vision.

INDUSTRY: Professional Services
COMPANY: This case study is based on a real company but was anonymized for use in this research.

IT guiding principles set the boundaries for your strategy

Strategic guiding principles advise the IT organization on the boundaries of the strategy.

Guiding principles are a priori decisions that limit the scope of strategic thinking to what is acceptable organizationally, from budgetary, people, and partnership standpoints. Guiding principles can cover other dimensions, as well.

Organizational stakeholders are more likely to follow IT principles when a rationale is provided.

After defining the set of IT principles, ensure that they are all expanded upon with a rationale. The rationale ensures principles are more likely to be followed because they communicate why the principles are important and how they are to be used. Develop the rationale for each IT principle your organization has chosen.

IT guiding principles = IT strategy boundaries

Consider these four components when brainstorming guiding principles

Breadth

of the IT strategy can span across the eight perspectives: people, process, technology, data, process, sourcing, location, and timing.

Defining which of the eight perspectives is in scope for the IT strategy is crucial to ensuring the IT strategy will be comprehensive, relevant, and actionable.

Depth

of coverage refers to the level of detail the IT strategy will go into for each perspective. Info-Tech recommends that depth should go to the initiative level (i.e. individual projects).

Organizational coverage

will determine which part of the organization the IT strategy will cover.

Planning horizon

of the IT strategy will dictate when the target state should be reached and the length of the roadmap.

Consider these criteria when brainstorming guiding principle statements

Review ten universal IT principles to determine if your organization wishes to adopt them

1.1.3 Elicit guiding principles

1 hour

Objective: Generate ideas for guiding principle statements with silent sticky note writing.

1. Gather the IT strategy creation team and revisit your mission and vision statements.
2. Ask the group to brainstorm answers individually, silently writing their ideas on separate sticky notes. Provide the brainstorming criteria from the previous slide to all team members. Allow the team to put items on separate notes that can later be shuffled and sorted as distinct thoughts.
3. After a set amount of time, ask the members of the group to stick their notes to the whiteboard and quickly present them. Categorize all ideas into four major buckets: breadth, depth, organizational coverage, and planning horizon. Ideally, you want one guiding principle to describe each of the four components.
4. If there are missing guiding principles in any category or anyone's items inspire others to write more, they can stick those up on the wall too, after everyone has presented.
5. Discuss and finalize your IT guiding principles.
6. Document your guiding principles in the IT Strategy Presentation Template in Section 1.

Source: Hyper Island

Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

Input

• Four components for eliciting guiding principles
• Mission and vision statements

Output

• IT guiding principles
• IT strategy scope

Materials

• Sticky notes
• Whiteboard
• Paper
• Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

Participants

• CIO
• Senior IT Team

Guiding principle examples

• Alignment: Our IT decisions will align with [our organization's] strategic plan.
• Resources: We will allocate cyber-infrastructure resources based on providing the greatest value and benefit for [the community].
• User Focus: User needs will be a key component in all IT decisions.
• Collaboration: We will work within and across organizational structures to meet strategic goals and identify opportunities for innovation and improvement.
• Transparency: We will be transparent in our decision making and resource use.
• Innovation: We will value innovative and creative thinking.
• Data Stewardship: We will provide a secure but accessible data environment.
• IT Knowledge and Skills: We will value technology skills development for the IT community.
• Drive reduced costs and improved services
• Deploy packaged apps – do not develop – retain business process knowledge expertise – reduce apps portfolio
• Standardize/Consolidate infrastructure with key partners
• Use what we sell, and help sell
• Drive high-availability goals: No blunders
• Ensure hardened security and disaster recovery
• Broaden skills (hard and soft) across the workforce
• Improve business alignment and IT governance

Quoted From: Office of Information Technology, 2014; Future of CIO, 2013

Case Study

Acme Corp. elicited guiding principles that set the scope of its IT strategy for FY21.

INDUSTRY: Professional Services
COMPANY: Acme Corp.

The following guiding principles define the values that drive IT's strategy in FY23 and provide the criteria for our 12-month planning horizon.

• We will focus on big-ticket items during the next 12 months.
• We will keep the budget within 5%+/- YOY.
• We will insource over outsource.
• We will develop a cloud-first technology stack.

Finalize your IT strategy scope

Your mission and vision statements and your guiding principles should be the first things you communicate on your IT strategy document.

Why is this important?

• Communicating these elements shows how IT supports the corporate direction.
• The vision and mission statements will clearly articulate IT's aspirations and purpose.
• The guiding principles will clearly articulate how IT plans to support the business strategically.
• These elements set expectations with stakeholders for the rest of your strategy.

Input information into the IT Strategy Presentation Template.

Summary of Accomplishment

Established the scope of your IT strategy

• Constructed the IT mission statement to communicate the IT organization's reason for being.
• Constructed the IT vision statement to communicate the desired future state of the IT organization.
• Elicited IT's guiding principles to communicate the overall scope and time horizon for the strategy.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Step 1.2

Business Goal Alignment

Activities

1.2.1 Intake identification and analysis

1.2.2 Survey results analysis

1.2.3 Goal brainstorming

1.2.4 Goal association and analysis

This step requires the following inputs:

• Last year's accomplished project list
• Business unit input source list
• Goal list
• In-flight initiatives list

This step involves the following participants:

• Business leadership
• Project Management Office
• Service Desk
• Business Relationship Management
• Solution or Enterprise Architecture
• Roadmap team

Outcomes of this step

• Intake analysis
• Goal list
• Initiative-to-goal map

Identify who is expecting what from the infrastructure

"Typically, IT thinks in an IT first, business second, way: 'I have a list of problems and if I solve them, the business will benefit.' This is the wrong way of thinking. The business needs to be thought of first, then IT."

– Fred Chagnon, Infrastructure Director,
Info-Tech Research Group

Info-Tech Insight

If you're not soliciting input from or delivering on the needs of the various departments in your company, then who is? Be explicit and track how you communicate with each individual unit within your company.

Mature project portfolio management and enterprise architecture practices are no substitute for understanding your business clientele.

It may not be a democracy, but listening to everyone's voice is an essential step toward generating a useful roadmap.

Building good infrastructure requires an understanding of how it will be used. Explicit consultation with stakeholders maximizes a roadmap's usefulness and holds the enterprise accountable in future roadmap iterations as goals change.

Who are the customers for infrastructure?

Internal customer examples:

• Network Operations manager
• IT Systems manager
• Webmaster
• Security manager

External customer examples:

• Director of Sales
• Operations manager
• Applications manager
• Clients
• Partners and consultants
• Regulators/government

1.2.1 Intake identification and analysis

1 hour

The humble checklist is the single most effective tool to ensure we don't forget someone or something:

1. Have everyone write down their top five completed projects from last year – one project per sticky note.
2. Organize everyone's sticky notes on a whiteboard according to input source – did these projects come from the PMO? Directly from a BRM? Service request? VP or LoB management?
3. Make a MECE list of these sources on the left-hand side of a whiteboard.
4. On the right-hand side list all the departments or functional business units within the company.
5. Draw lines from right to left indicating which business units use which input source to request work.
6. Optional: Rate the efficacy of each input channel – what is the success rate of projects per channel in terms of time, budget, and functionality?

Discussion:

1. How clearly do projects and initiatives arrive at infrastructure to be acted on? Do they follow the predictable formal process with all the needed information or is it more ad hoc?
2. Can we validate that business units are using the correct input channel to request the appropriate work? Does infrastructure have to spend more time validating the requests of any one channel?
3. Can we identify business units that are underserved? How about overserved? Infrastructure initiatives tend to be near universal in effect – are we forgetting anyone?
4. Are all these methods passive (order taking), or is there a process for infrastructure to suggest an initiative or project?

Input

• Last year's accomplished project list

Output

• Work requested workflow and map

Materials

• Sticky notes
• Whiteboard & markers

Participants

• Roadmap team

Case Study

Building IT governance and digital infrastructure for tech-enabled student experiences

INDUSTRY: Education
COMPANY: Collegis Education

Challenge

In 2019, Saint Francis University decided to expand its online program offering to reach students outside of its market.

It had to first transform its operations to deliver a high-quality, technology-enabled student experience on and off campus. The remote location of the campus posed power outages, Wi-Fi issues, and challenges in attracting and retaining the right staff to help the university achieve its goals.

It began working with an IT consulting firm to build a long-term strategic roadmap.

Solution

The consultant designed a strategic multi-year roadmap for digital transformation that would prioritize developing infrastructure to immediately improve the student experience and ultimately enable the university to scale its online programs. The consultant worked with school leadership to establish a virtual CIO to oversee the IT department's strategy and operations. The virtual CIO quickly became a key advisor to the president and board, identifying gaps between technology initiatives and enrollment and revenue targets. St. Francis staff also transitioned to the consultant's technology team, allowing the university to alleviate its talent acquisition and retention challenges.

Results

• $200,000 in funds reallocated to help with upgrades due to streamlined technology infrastructure
• Updated card access system for campus staff and students
• Active directory implementation for a secure and strong authentication technology
• An uninterruptible power supply (UPS) backup is installed to ensure power continues in the event of a power outage
• Upgrade to a reliable, campus-wide Wi-Fi network
• Behind-the-scenes upgrades like state-of-the-art data centers to stabilize aging technology for greater reliability

Track your annual activity by business unit – not by input source

A simple graph showing the breakdown of projects by business unit is an excellent visualization of who is getting the most from infrastructure services.

Show everyone in the organization that the best way to get anything done is by availing themselves of the roadmap process.

Enable technology staff to engage in business storytelling by documenting known goals in a framework

Without a goal framework

Technology-focused IT staff are notoriously disconnected from the business process and are therefore often unable to explain the outcomes of their projects in terms that are meaningful to the business.

With a goal framework

When business, IT, and infrastructure goals are aligned, the business story writes itself as you follow the path of cascading goals upward.

Info-Tech Best Practice

So many organizations we speak with don't have goals written down. This rarely means that the goals aren't known, rather that they're not clearly communicated.

When goals aren't clear, personal agendas can take precedence. This is what often leads to the disconnect between what the business wants and what IT is delivering.

1.2.2 Survey and results analysis

1 hour

Infrastructure succeeds by effectively scaling shared resources for the common good. Sometimes that is a matter of aggregating similarities, sometimes by recognizing where specialization is required.

1. Have every business unit provide their top three to five current goals or objectives for their department. Emphasize that you are requesting their operational objectives, not just the ones they think IT may be able to help them with.
2. Put each goal on a sticky note (optional: use a unique sticky note or marker color for each department) and place them on a whiteboard.
3. Group the sticky notes according to common themes.
4. Rank each grouping according to number of occurrences.

Discussion:

1. This is very democratic. Do certain departments' goals carry more weight more than others?
2. What is the current business prioritization process? Do the results of our activity match with the current published output of this process?
3. Consider each business goal in the context of infrastructure activity or technology feature or capability. As infrastructure is a lift function existing only to serve the business, it is important to understand our world in context.

Examples: The VP of Operations is looking to reduce office rental costs over the next three years. The VP of Sales is focused on increasing the number of face-to-face customer interactions. Both can potentially be served by IT activities and technologies that increase mobility.

Input

• Business unit input source list

Output

• Prioritized list of business goals

Materials

• Sticky notes
• Whiteboard & markers

Participants

• Roadmap team

1.2.3 Goal brainstorming – Affinity diagramming exercise

1 hour

Clarify how well you understand what the business wants.

1. Ask each participant to consider: "What are the top three priorities of the company [this period]?" They should consider not what they think the priorities should be, but their understanding of what business leadership's priorities actually are.
2. Have each participant write down their three priorities on sticky notes – one per note.
3. Select a moderator from the group – not the infrastructure leader or the CIO. The moderator will begin by placing (and explaining) their sticky notes on the whiteboard.
4. Have each participant place and explain their sticky notes on the whiteboard.
5. The moderator will assist each participant in grouping sticky notes together based on theme.
6. Groups that become overly large may be broken into smaller, more precise themes.
7. Once everyone has placed their sticky notes, and the groups have been arranged and rearranged, you should have a visual representation of infrastructure's understanding of the business' priorities.
8. Let the infrastructure leader and/or CIO place their sticky notes last.

Discussion:

Is there a lot of agreement within the group? What does it mean if there are 10 or 15 groups with equal numbers of sticky notes? What does it mean if there are a few top groups and dozens of small outliers?

How does the group's understanding compare with that of the Director and/or CIO?

What mechanisms are in place for the business to communicate their goals to infrastructure? Are they effective? Does the team take the time to reimagine those goals and internalize them?

What does it mean if infrastructure's understanding differs from the business?

Input

• Business unit input source list

Output

• Prioritized list of business goals

Materials

• Sticky notes
• Whiteboard & markers

Participants

• Roadmap team

Additional Activity

Now that infrastructure has a consensus on what it thinks the business' goals are, suggest a meeting with leadership to validate this understanding. Once the first picture is drawn, a 30-minute meeting can help clear up any misconceptions.

Build your own framework or start with these three root value drivers

With a framework of cascading goals in place, a roadmap is a Rosetta Stone. Being able to map activities back to governance objectives allows you to demonstrate value regardless of the audience you are addressing.

(Info-Tech, Build a Business-Aligned IT Strategy 2022)

1.2.4 Goal association exercise and analysis

1 hour

Wherever possible use the language of your customers to avoid confusion, but at least ensure that everyone in infrastructure is using a common language.

1. Take your business strategy or IT strategy or survey response (Activity 1.2.3) or Info-Tech's fundamental goals list (strategic agility, improved cash flow, innovate product, safety, standardize end-user experience) and write them across the top of a whiteboard.
2. Have everyone write, on a sticky note, their current in-flight initiatives – one per sticky note.
3. Have each participant then place each of their sticky notes on the whiteboard and draw a line from the initiative to the goal it supports.
4. The rest of the group should challenge any relationships that seem unsupported or questionable.

Discussion:

1. How many goals are you supporting? Are there too many? Are you doing enough to support the right goals?
2. Is there a shared understanding of the business goals among the infrastructure staff? Or, do questions about meaning keep coming up?
3. Do you have initiatives that are difficult to express in terms of business goals? Do you have a lot of them or just a few?

Input

• Goal list
• In-flight initiatives list

Output

• Initiatives-to-goals map

Materials

• Whiteboard & markers

Participants

• Roadmap team

Summary of Accomplishment

Review performance from last fiscal year.

• Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
• Analyzed and prioritized diagnostic data insights to communicate IT success stories.
• Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Phase 2

Envision Future and Analyze Constraints

This phase will walk you through the following activities:

• Determine from a greenfield perspective what the future state looks like.
• Do SWOT analysis on technology you may plan to use in the future.
• Complete a time study.

This phase involves the following participants:

• Roadmap team

Step 2.1

Define the future state

Activities

2.1.1 Define your future infrastructure vision

2.1.2 Document desired future state

2.1.3 Develop a new technology identification process

2.1.4 Conduct a SWOT analysis

This step requires the following inputs:

• Emerging technology interest

This step involves the following participants:

• Roadmap team
• External SMEs

Outcomes of this step

• Technology discovery process
• Technology assessment process
• Future state vision document

Future state discussion

"Very few of us are lucky enough to be one of the first few employees in a new organization. Those of you who get to plan the infrastructure with a blank slate and can focus all of your efforts on doing things right the first time."

BMC, 2018

"A company's future state is ultimately defined as the greater vision for the business. It's where you want to be, your long-term goal in terms of the ever-changing state of technology and how that applies to your present-day business."
"Without a definitive future state, a company will often find themselves lacking direction, making it harder to make pivotal decisions, causing misalignment amongst executives, and ultimately hindering the progression and growth of a company's mission."
Source: Third Stage Consulting

"When working with digital technologies, it is imperative to consider how such technologies can enhance the solution. The future state should communicate the vision of how digital technologies will enhance the solutions, deliver value, and enable further development toward even greater value creation."
Source: F. Milani

Info-Tech Insight

Define your infrastructure roadmap as if you had a blank slate – no constraints, no technical debt, and no financial limitations. Imagine your future infrastructure and let that vision drive your roadmap.

Expertise is not innate; it requires effort and research

Evaluating new enterprise technology is a process of defining it, analyzing it, and sourcing it.

• Understand what a technology is in order to have a common frame of reference for discussion. Just as important, understand what it is not.
• Conduct an internal and external analysis of the technology including an adoption case study.
• Provide an overview of the vendor landscape, identifying the leading players in the market and how they differentiate their offerings.

This is not intended to be a thesis grade research project, nor an onerous duty. Most infrastructure practitioners came to the field because of an innate excitement about technology! Harness that excitement and give them four to eight hours to indulge themselves.

An output of approximately four slides per technology candidate should be sufficient to decided if moving to PoC or pilot is warranted.

Including this material in the roadmap helps you control the technology conversation with your audience.

Info-Tech Best Practices

Don't start from scratch. Recall the original sources from your technology watchlist. Leverage vendors and analyst firms (such as Info-Tech) to give the broad context, letting you focus instead on the specifics relevant to your business.

Channel emerging technologies to ensure the rising tide floats all boats rather than capsizing your business

Adopting the wrong new technology can be even more dangerous than failing to adopt any new technology.

Implementing every new promising technology would cost prodigious amounts of money and time. Know the costs before choosing what to invest in.

The risk of a new technology failing is acceptable. The risk of that failure disrupting adjacent core functions is unacceptable. Vet potential technologies to ensure they can be safely integrated.

Best practices for new technologies are nonexistent, standards are in flux, and use cases are fuzzy. Be aware of the unforeseen that will negatively affect your chances of a successful implementation.

"Like early pioneers crossing the American plains, first movers have to create their own wagon trails, but later movers can follow in the ruts."
Harper Business, 2014

Info-Tech Insight

The right technology for someone else can easily be the wrong technology for your business.

Even with a mature Enterprise Architecture practice, wrong technology bets can happen. Minimize the chance of this occurrence by making selection an infrastructure-wide activity. Leverage the practical knowledge of the day-to-day operators.

2.1.1 Create your future infrastructure vision

1 hour

Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).

1. Ask each participant to ponder the question: "How would the infrastructure look if there were no limitations?" They should consider all aspects of their infrastructure but keep in mind the infrastructure vision and mission statements from phase one, as well as the business goals.
2. Have each participant write down their ideas on sticky notes – one per note.
3. Select a moderator and a scribe from the group – not the infrastructure leader or the CIO. The moderator will begin by placing (and explaining) their sticky notes on the whiteboard. The scribe will summarize the results in short statements at the end.
4. Have each participant place and explain their sticky notes on the whiteboard.
5. The moderator will assist each participant in grouping sticky notes together based on theme.
6. Once everyone has placed their sticky notes and groups have been arranged and rearranged, you should have a visual representation of infrastructure's understanding of the business' priorities.
7. Let the infrastructure leader and/or CIO place their sticky notes last.

Discussion:

1. Assume a blank slate as a starting point. No technical debt or financial constraints; nothing holding you back.
2. Can SaaS, PaaS, or other cloud-based offerings play a role in this future utopia?
3. Do vendors play a larger or smaller role in your future infrastructure vision?

Download the IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

Input

• Thoughts and ideas about how the future infrastructure should look.

Output

• Future state vision

Materials

• Sticky notes
• Whiteboard & markers

Participants

• Roadmap team

2.1.1 Document your future state vision (cont'd)

Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).

1 hour

Steps:

8. The scribe will take the groups of suggestions and summarize them in a statement or two, briefly describing the infrastructure in that group.
9. The statements should be recorded on Tab 2 of the Infrastructure Strategy and Roadmap Tool.

Discussion:

• Should the points be listed in any specific order?
• Include all suggestions in the summary. Remember this is a blank slate with no constraints, and no idea is higher or lower in weight at this stage.

Download Info-Tech's Infrastructure Strategy and Roadmap Tool and document your future state vision in the Infrastructure Future State tab.

Input

• Thoughts and ideas about how the future infrastructure should look.

Output

• Future state vision

Materials

• Sticky notes
• Whiteboard & markers

Participants

• Roadmap team

2.1.2 Identification and association exercise

1 hour

Formalize what is likely an ad hoc process.

1. Brainstorm with the group a list of external sources they are currently using to stay abreast of the market.
2. Organize this list on the left-hand side of a whiteboard, in vendor and vendor-neutral groups.
   1. For each item in the list ask a series of questions:
   2. Is this a push or pull source?
   3. Is this source suited to individual or group consumption?
   4. What is the frequency of this source?
3. What is the cost of this source to the company?
4. On the right-hand side of the whiteboard brainstorm a list of internal mechanisms for sharing new technology information. Ask about the audience, distribution mode, and frequency for each of those mechanisms.
5. Map which of the external sources make it over to internal distribution.

Discussion:

1. Are we getting the most value out of our high-cost conferences? Does that information make it from the attendees to the rest of the team?
2. Do we share information only within our domains? Or across the whole infrastructure practice?
3. Do we have sufficient diversity of sources? Are we in danger of believing one vendor's particular market interpretation?
4. How do we select new technologies to explore further? Make it fun – upvotes, for example.

Input

• Team knowledge
• Conference notes
• Expense reports

Output

• Internal socialization process
• Tech briefings & repository

Materials

• Whiteboard & markers

Participants

• Roadmap team

Info-Tech Best Practices

It is impractical for everyone to present their tech briefing at the monthly meeting. But you want to avoid a one-to-many exercise. Keep the presenter a secret until called on. Those who do not present live can still contribute their material to the technology watchlist database.

Analyze new technologies for your future state

Four to eight hours of research per technology can uncover a wealth of relevant information and prepare the infrastructure team for a robust discussion. Key research elements include:

• Précis: A single page or slide that describes the technology, outlines some of the vendors, and explores the value proposition.
• SWOT Analysis:
• Strengths and weaknesses: What does the technology inherently do well (e.g. lots of features) and what does it do poorly (e.g. steep learning curve)?
• Opportunities and threats: What capabilities can the technology enable (e.g. build PCs faster, remote sensing)? Why would we not want to exploit this technology (e.g. market volatility, M&As)

Download the IT Infrastructure Strategy and Roadmap Report Template slides 21, 22, 23 for sample output.

Position infrastructure as the go-to source for information about new technology

One way or another, tech always seems to finds its way into infrastructure's lap. Better to stay in front and act as stewards rather than cleanup crew.

Effective treatment options

1. Targeted regular communication with a technology portfolio analysis customized to the specific goals of the business.
2. Ongoing PoC and piloting efforts with detailed results reporting.

While no permanent cure exists, regular treatment makes this chronic syndrome manageable.

Keep your roadmap horizon in mind

Technology doesn't have to be bleeding edge. New-to-you can have plenty of value.

You want to present a curated landscape of technologies, demonstrating that you are actively maintaining expertise in your chosen field.

Most enterprise IT shops buy rather than develop their technology, which means they want to focus effort on what is market available. The outcome is that infrastructure sponsors and delivers new technologies whose capabilities and features will help the business achieve its goals on this roadmap.

If you want to think more like a business disruptor or innovator, we suggest working through the blueprint Exploit Disruptive Infrastructure Technology.
Explore technology five to ten years into the future!

Info-Tech Insight

The ROI of any individual effort is difficult to justify – in aggregate, however, the enterprise always wins!
Money spent on Google Glass in 2013 seemed like vanity. Certainly, this wasn't enterprise-ready technology. But those early experiences positioned some visionary firms to quickly take advantage of augmented reality in 2018. Creative research tends to pay off in unexpected and unpredictable ways.
.

2.1.3 Working session, presentation, and feedback

1 hour

Complete a SWOT analysis with future state technology.

The best research hasn't been done in isolation since the days of da Vinci.

1. Divide the participants into small groups of at least four people.
2. Further split those groups into two teams – the red team and the white team.
3. Assign a technology candidate from the last exercise to each group. Ideally the group should have some initial familiarity with the technology and/or space.
4. The red team from each group will focus on the weaknesses and threats of the technology. The white team will focus on the strengths and opportunities of the technology.
5. Set a timer and spend the next 30-40 minutes completing the SWOT analysis.
6. Have each group present their analysis to the larger team. Encourage conversation and debate. Capture and refine the understanding of the analysis.
7. Reset with the next technology candidate. Have the participants switch teams within their groups.
8. Continue until you've exhausted your technology candidates.

Discussion:

1. Does working in a group make for better research? Why?
2. Do you need specific expertise in order to evaluate a technology? Is an outsider (non-expert) view sometimes valuable?
3. Is it easier to think of the positive or the negative qualities of a technology? What about the internal or external implications?

Input

• Technology candidates

Output

• Technology analysis including SWOT

Materials

• Projector
• Templates
• Laptops & internet

Participants

• Roadmap team

Step 2.2

Constraints analysis

Activities

2.2.1 Historical spend analysis

2.2.2 Conduct a time study

2.2.3 Identify roadblocks

This step requires the following inputs:

• Historical spend and staff numbers
• Organizational design identification and thought experiment
• Time study
• Roadblock brainstorming session
• Prioritization exercise

This step involves the following participants:

• Financial leader
• HR Leader
• Roadmap team

Outcomes of this step

• OpEx, CapEx, and staffing trends
• Domain time study
• Prioritized roadblock list

2.2.1 Historical spend analysis

"A Budget is telling your money where to go, instead of wondering where it went."
-David Ramsay

"Don't tell me where your priorities are. Show me where you spend your money and I'll tell you what they are"
-James Frick, Due.com

Annual IT budgeting aligns with business goals
	50% of businesses surveyed see that improvements are necessary for IT budgets to align to business goals, while 18% feel they require significant improvements to align to business goals Source: ITRG Diagnostics 2022
Challenges in IT spend visibility
	Visibility of all spend data for on-prem, SaaS and cloud environments Source: Flexera
The challenges that keep IT leaders up at night
	Lack of visibility in resource usage and cost Source: BMC, 2021

2.2.1 Build a picture of your financial spending and staffing trends

Follow the steps below to generate a visualization so you can start the conversation:

1 hour

1. Open the Info-Tech Infrastructure Roadmap Financial Spend Analysis Tool.
2. The Instructions tab will provide guidance, or you can follow the instructions below.
3. Insert values into the appropriate uncolored blocks in the first 4 rows of the Spend Record Entry tab to reflect the amount spent on IT OpEx, IT CapEx, or staff numbers for the present year (budgeted) as well as the previous five years.
4. Data input populates cells in subsequent rows to quickly reveal spending ratios.

Download the Infrastructure Roadmap Financial Analysis Tool
( additional Deep Dive available if required)

Input

• Historical spend and staff numbers

Output

• OpEx, CapEx, and staffing trends for your organization

Materials

• Info-Tech's Infrastructure Roadmap Financial Spend Analysis Tool

Participants

• Infrastructure leader
• Financial leader
• HR leader

2.2.1 Build a picture of your financial spending and staffing trends (cont'd)

Continue with the steps below to generate a visualization so you can start the conversation.

1 hour

5. Select tab 3 (Results) to reveal a graphical analysis of your data.
6. Trends are shown in graphs for OpEx, CapEx, and staffing levels as well as comparative graphs to show broader trends between multiple spend and staffing areas.
7. Some observations worth noting may include the following:
   • Is OpEx spending increasing over time or decreasing?
   • Is CapEx increasing or decreasing?
   • Are OpEx and CapEx moving in the same directions?
   • Are IT staff to total staff ratios increasing or decreasing?
   • Trends will continue in the same direction unless changes are made.

Download the Infrastructure Roadmap Financial Analysis Tool
( additional Deep Dive available if required)

Input

• Historical spend and staff numbers

Output

• OpEx, CapEx, and staffing trends for your organization

Materials

• Info-Tech's Infrastructure Roadmap Financial Spend Analysis Tool

Participants

• Infrastructure leader
• Financial leader
• HR leader

Consider perceptions held by the enterprise when dividing infrastructure into domains

2.2.2 Conduct a time study

Internal divisions that seem important to infrastructure may have little or even negative value when it comes to users accessing their services.

Domains are the logical divisions of work within an infrastructure practice. Historically, the organization was based around physical assets: servers, storage, networking, and end-user devices. Staff had skills they applied according to specific best practices using physical objects that provided functionality (computing power, persistence, connectivity, and interface).

Modern enterprises may find it more effective to divide according to activity (analytics, programming, operations, and security) or function (customer relations, learning platform, content management, and core IT). As a rule, look to your organizational chart; managers responsible for buying, building, deploying, or supporting technologies should each be responsible for their own domain.

Regardless of structure, poor organization leads to silos of marginally interoperable efforts working against each other, without focus on a common goal. Clearly defined domains ensure responsibility and allow for rapid, accurate, and confident decision making.

• Server
• Network
• Storage
• End User
• DevOps
• Analytics
• Core IT
• Security

Info-Tech Insight

The medium is the message. Do stakeholders talk about switches or storage or services? Organizing infrastructure to match its external perception can increase communication effectiveness and improve alignment.

Case Study

IT infrastructure that makes employees happier

INDUSTRY: Services
SOURCE: Network Doctor

Challenge

Atlas Electric's IT infrastructure was very old and urgently needed to be refreshed. Its existing server hardware was about nine years old and was becoming unstable. The server was running Windows 2008 R2 server operating systems that was no longer supported by Microsoft; security updates and patches were no longer available. They also experienced slowdowns on many older PCs.

Recommendations for an upgrade were not approved due to budgetary constraints. Recommendations for upgrading to virtual servers were approved following a harmful phishing attack.

Solution

The following improvements to their infrastructure were implemented.

• Installing a new physical host server running VMWare ESXi virtualization software and hosting four virtual servers.
• Migration of data and applications to new virtual servers.
• Upgrading networking equipment and deploying new relays, switches, battery backups, and network management.
• New server racks to host new hardware.

Results

Virtualization, consolidating servers, and desktops have made assets more flexible and simpler to manage.

Improved levels of efficiency, reliability, and productivity.

Enhanced security level.

An upgraded backup and disaster recovery system has improved risk management.

Optimize where you spend your time by doing a time study

Infrastructure activity is limited generally by only two variables: money and time. Money is in the hands of the CFO, which leaves us a single variable to optimize.

Not all time is spent equally, nor is it equally valuable. Analysis lets us communicate with others and gives us a shared framework to decide where our priorities lie.

There are lots of frameworks to help categorize our activities. Stephen Covey (Seven Habits of Highly Effective People) describes a four-quadrant system along the axes of importance and urgency. Gene Kim, through his character Erik in The Phoenix Project,speaks instead of business projects, internal IT projects, changes, and unplanned work.

We propose a similar four-category system.

Survey and analysis

Perform a quick time study.

Verifiable data sources are always preferred but large groups can hold each other's inherent biases in check to get a reasonable estimate.

1 hour

1. Organize the participants into the domain groups established earlier.
2. On an index card have each participant independently write down the percentage of time they think their entire domain (not themselves personally) spends during the average month, quarter, or year on:
   1. Admin
   2. Reactive work
   3. Maintenance
3. Draw a matrix on the whiteboard; collect the index cards and transcribe the results from participants into the matrix.
4. Add up the three reported time estimates and subtract from 100 – the result is the percentage of time available for/spent on project work.

Discussion

1. Certain domains should have higher percentages of reactive work (think Service Desk and Network Operations Center) – can we shift work around to optimize resources?
2. Why is reactive work the least desirable type? Could we reduce our reactive work by increasing our maintenance work?
3. From a planning perspective, what are the implications of only having x% of time available for project work?
4. Does it feel like backing into the project work from adding the other three together provides a reasonable assessment?

Input

• Domain groups

Output

• Time study

Materials

• Whiteboard & markers
• Index cards

Participants

• Roadmap team

Quickly and easily evaluate all your infrastructure

Strategic Infrastructure Roadmap Tool, Tab 2, Capacity Analysis

In order to quickly and easily build some visualizations for the eventual final report, Info-Tech has developed the Strategic Infrastructure Roadmap Tool.

• Up to five infrastructure domains are supported.
• For practices that cannot be reasonably collapsed into five domains, multiple copies of the tool can be used and manually stitched together.
• The tool can be used in either an absolute (total number) or relative mode (percentage of available).
• By design we specifically don't ask for a project work figure but rather calculate it based on other values.
• For everything but miscellaneous duties, hard data sources can (and where appropriate should) be leveraged.
• Reactive work – service desk tool
• Project work – project management tool
• Maintenance work – logs or ITSM tool
• Individual domains' values are calculated, as well as the overall breakdown for the infrastructure practice.
• Even these rough estimates will be useful during the planning steps throughout the rest of the roadmap process.

Please note that this tool requires Microsoft's Power Pivot add-in to be installed if you are using Excel 2010 or 2013. The scatter plot labels on tabs 5 and 8 may not function correctly in Excel 2010.

Build your roadmap from both the top and the bottom for best results

Strong IT strategy favors top-down: activities enabling clearly dictated goals. The bottom-up approach aggregates ongoing activities into goals.

Systematic approach

External stakeholders prioritize a list of goals requiring IT initiatives to achieve.

Roadblocks:

• Multitudes of goals easily overwhelm scant IT resources.
• Unglamorous yet vital maintenance activities get overlooked.
• Goals are set without awareness of IT capacity or capabilities.

Organic approach

Practitioners aggregate initiatives into logical groups and seek to align them to one or more business goals.

Roadblocks:

• Pet initiatives can be perpetuated based on cult of personality rather than alignment to business goals.
• Funding requests can fall flat when competing against other business units for executive support.

A successful roadmap respects both approaches.

Info-Tech Insight

Perfection is anathema to practicality. Draw the first picture and not only expect but welcome conflicting feedback! Socialize it and drive the conversation forward to a consensus.

2.2.3 Brainstorming – Affinity diagramming

Identify the systemic roadblocks to executing infrastructure projects