Build Your Data Quality Program

Quality Data Drives Quality Business Decisions

Executive Brief

Analyst Perspective

Get ahead of the data curve by conquering data quality challenges.

Regardless of the driving business strategy or focus, organizations are turning to data to leverage key insights and help improve the organization’s ability to realize its vision, key goals, and objectives.

Poor quality data, however, can negatively affect time-to-insight and can undermine an organization’s customer experience efforts, product or service innovation, operational efficiency, or risk and compliance management. If you are looking to draw insights from your data for decision making, the quality of those insights is only as good as the quality of the data feeding or fueling them.

Improving data quality means having a data quality management practice that is sustainably successful and appropriate to the use of the data, while evolving to keep pace with or get ahead of changing business and data landscapes. It is not a matter of fixing one data set at a time, which is resource and time intensive, but instead identifying where data quality consistently goes off the rails, and creating a program to improve the data processes at the source.

Crystal Singh

Research Director, Data and Analytics

Info-Tech Research Group

Executive Summary

Your Challenge

Your organization is experiencing the pitfalls of poor data quality, including:

• Unreliable data and unfavorable output.
• Inefficiencies and costly remedies.
• Dissatisfied stakeholders.

Poor data quality hinders successful decision making.

Common Obstacles

Not understanding the purpose and execution of data quality causes some disorientation with your data.

• Failure to realize the importance/value of data quality.
• Unsure of where to start with data quality.
• Lack of investment in data quality.

Organizations tend to adopt a project mentality when it comes to data quality instead of taking the strategic approach that would be all-around more beneficial in the long term.

Info-Tech’s Approach

Address the root causes of your data quality issues by forming a viable data quality program.

• Be familiar with your organization’s data environment and business landscape.
• Prioritize business use cases for data quality fixes.
• Fixing data quality issues at the root cause to ensure a proper foundation for your data to flow.

It is important to sustain best practices and grow your data quality program.

Info-Tech Insight

Fix data quality issues as close as possible to the source of data while understanding that business use cases will each have different requirements and expectations from data quality.

Data is the foundation of your organization’s knowledge

Data enables your organization to make decisions.

Reliable data is needed to facilitate data consumers at all levels of the enterprise.

Insights, knowledge, and information are needed to inform operational, tactical, and strategic decision-making processes. Data and information are needed to manage the business and empower business processes such as billing, customer touchpoints, and fulfillment.

Raw Data

Business Information

Actionable Insights

Data should be at the foundation of your organization’s evolution. The transformational insights that executives are constantly seeking can be uncovered with a data quality practice that makes high-quality, trustworthy information readily available to the business users who need it.

98% of companies use data to improve customer experience. (Experian Data Quality, 2019)

High-Level Data Architecture

Build Your Data Quality Program

1. Data Quality & Data Culture Diagnostics Business Landscape Exercise
2. Business Strategy & Use Cases
3. Prioritize Use Cases With Poor Quality

Info-Tech Insight

As data is ingested, integrated, and maintained in the various streams of the organization's system and application architecture, there are multiple points where the quality of the data can degrade.

1. Understand the organization's data culture and data quality environment across the business landscape.
2. Prioritize business use cases with poor data quality.
3. For each use case, identify data quality issues and requirements throughout the data pipeline.
4. Fix data quality issues at the root cause.
5. As data flow through quality assurance monitoring checkpoints, monitor data to ensure good quality output.

Insight:

Proper application of data quality dimensions throughout the data pipeline will result in superior business decisions.

Data quality issues can occur at any stage of the data flow.

Prevent the domino effect of poor data quality

Data is the foundation of decisions made at data-driven organizations.

Therefore, if there are problems with the organization’s underlying data, this can have a domino effect on many downstream business functions.

Let’s use an example to illustrate the domino effect of poor data quality.

Organization X is looking to migrate their data to a single platform, System Y. After the migration, it has become apparent that reports generated from this platform are inconsistent and often seem wrong. What is the effect of this?

1. Time must be spent on identifying the data quality issues, and often manual data quality fixes are employed. This will extend the time to deliver the project that depends on system Y by X months.
2. To repair these issues, the business needs to contract two additional resources to complete the unforeseen work. The new resources cost $X each, as well as additional infrastructure and hardware costs.
3. Now, the strategic objectives of the business are at risk and there is a feeling of mistrust in the new system Y.

Three key challenges impacting the ability to deliver excellent customer experience

30% Poor data quality

30% Method of interaction changing

30% Legacy systems or lack of new technology

95% Of organizations indicated that poor data quality undermines business performance.

(Source: Experian Data Quality, 2019)

Maintaining quality data will support more informed decisions and strategic insight

Improving your organization’s data quality will help the business realize the following benefits:

Data-Driven Decision Making

Business decisions should be made with a strong rationale. Data can provide insight into key business questions, such as, “How can I provide better customer satisfaction?”

89% Of CIOs surveyed say lack of quality data is an obstacle to good decision making. (Larry Dignan, CIOs juggling digital transformation pace, bad data, cloud lock0in and business alignment, 2020)

Customer Intimacy

Improve marketing and the customer experience by using the right data from the system of record to analyze complete customer views of transactions, sentiments, and interactions.

94% Percentage of senior IT leaders who say that poor data quality impinges business outcomes. (Clint Boulton, Disconnect between CIOs and LOB managers weakens data quality, 2016)

Innovation Leadership

Gain insights on your products, services, usage trends, industry directions, and competitor results to support decisions on innovations, new products, services, and pricing.

20% Businesses lose as much as 20% of revenue due to poor data quality. (RingLead Data Management Solutions, 10 Stats About Data Quality I Bet You Didn’t Know)

Operational Excellence

Make sure the right solution is delivered rapidly and consistently to the right parties for the right price and cost structure. Automate processes by using the right data to drive process improvements.

10-20% The implementation of data quality initiatives can lead to reductions in corporate budget of up to 20%. (HaloBI, 2015)

However, maintaining data quality is difficult

Avoid these pitfalls to get the true value out of your data.

1. Data debt drags down ROI – a high degree of data debt will hinder you from attaining the ROI you’re expecting.
2. Lack of trust means lack of usage – a lack of confidence in data results in a lack of data usage in your organization, which negatively effects strategic planning, KPIs, and business outcomes.
3. Strategic assets become a liability – bad data puts your business at risk of failing compliance standards, which could result in you paying millions in fines.
4. Increased costs and inefficiency – time spent fixing bad data means less workload capacity for your important initiatives and the inability to make data-based decisions.
5. Barrier to adopting data-driven tech – emerging technologies, such as predictive analytics and artificial intelligence, rely on quality data. Inaccurate, incomplete, or irrelevant data will result in delays or a lack of ROI.
6. Bad customer experience – Running your business on bad data can hinder your ability to deliver to your customers, growing their frustration, which negatively impacts your ability to maintain your customer base.

Info-Tech Insight

Data quality suffers most at the point of entry. This is one of the causes of the domino effect of data quality – and can be one of the most costly forms of data quality errors due to the error propagation. In other words, fix data ingestion, whether through improving your application and database design or improving your data ingestion policy, and you will fix a large majority of data quality issues.

Follow Our Data & Analytics Journey

Data Quality is laced into Data Strategy, Data Management, and Data Governance.

• Data Strategy
  • Data Management
    • Data Quality
    • Data Governance
      • Data Architecture
        • MDM
        • Data Integration
        • Enterprise Content Management
        • Information Lifecycle Management
          • Data Warehouse/Lake/Lakehouse
            • Reporting and Analytics
            • AI

Data quality is rooted in data management

Extract Maximum Benefit Out of Your Data Quality Management.

• Data management is the planning, execution, and oversight of policies, practices, and projects that acquire, control, protect, deliver, and enhance the value of data and information assets (DAMA, 2009).
• In other words, getting the right information, to the right people, at the right time.
• Data quality management exists within each of the data practices, information dimensions, business resources, and subject areas that comprise the data management framework.
• Within this framework, an effective data quality practice will replace ad hoc processes with standardized practices.
• An effective data quality practice cannot succeed without proper alignment and collaboration across this framework.
• Alignment ensures that the data quality practice is fit for purpose to the business.

The DAMA DMBOK2 Data Management Framework

• Data Governance
  • Data Quality
  • Data Architecture
  • Data Modeling & Design
  • Data Storage & Operations
  • Data Security
  • Data Integration & Interoperability
  • Documents & Content
  • Reference & Master Data
  • Data Warehousing & Business Intelligence
  • Meta-data

(Source: DAMA International)

Related Info-Tech Research

Build a Robust and Comprehensive Data Strategy

• People often think that the main problems they need to fix first are related to data quality when the issues transpire at a much larger level. This blueprint is the key to building and fostering a data-driven culture.

Create a Data Management Roadmap

• Refer to this blueprint to understand data quality in the context of data disciplines and methods for improving your data management capabilities.

Establish Data Governance

• Define an effective data governance strategy and ensure the strategy integrates well with data quality with this blueprint.

Info-Tech’s methodology for Data Quality

Info-Tech Insight

“Data Quality is in the eyes of the beholder.”– Igor Ikonnikov, Research Director

Data quality means tolerance, not perfection

Data from Info-Tech’s CIO Business Vision Diagnostic, which represents over 400 business stakeholders, shows that data quality is very important when satisfaction with data quality is low.

However, when data quality satisfaction hit a threshold, it became less important.

Respondents were asked “How satisfied are you with the quality, reliability, and effectiveness of the data you use to manage your group?” as well as to rank how important data quality was to their organization.

When the business satisfaction of data quality reached a threshold value of 71-80%, the rated importance reached its lowest value.

Info-Tech Insight

Data needs to be good, but truly spectacular data may go unnoticed.

Provide the right level of data quality, with the appropriate effort, for the correct usage. This blueprint will help you to determine what “the right level of data quality” means, as well as create a plan to achieve that goal for the business.

Data Roles and Responsibilities

Data quality occurs through three main layers across the data lifecycle

Executive Brief Case Study

Industry: Healthcare

Source: Primary Info-Tech Research

Align source systems to maximize business output.

A healthcare insurance agency faced data quality issues in which a key business use case was impacted negatively. Business rules were not well defined, and default values instead of real value caused a concern. When dealing with multiple addresses, data was coming from different source systems.

The challenge was to identify the most accurate address, as some were incomplete, and some lacked currency and were not up to date. This especially challenged a key business unit, marketing, to derive business value in performing key activities by being unable to reach out to existing customers to advertise any additional products.

For this initiative, this insurance agency took an economic approach by addressing those data quality issues using internal resources.

Results

Without having any MDM tools or having a master record or any specific technology relating to data quality, this insurance agency used in-house development to tackle those particular issues at the source system. Data quality capabilities such as data profiling were used to uncover those issues and address them.

“Data quality is subjective; you have to be selective in terms of targeting the data that matters the most. When getting business tools right, most issues will be fixed and lead to achieving the most value.” – Asif Mumtaz, Data & Solution Architect

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostic and consistent frameworks are used throughout all four options.

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between eight to twelve calls over the course of four to six months.

Workshop Overview

Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

Phase 1

Define Your Organization’s Data Environment and Business Landscape

Build Your Data Quality Program

Data quality is a methodology and must be treated as such

A comprehensive data quality practice includes appropriate business requirements gathering, planning, governance, and oversight capabilities, as well as empowering technologies for properly trained staff, and ongoing development processes.

Some common examples of appropriate data management methodologies for data quality are:

• The data quality team has the necessary competencies and resources to perform the outlined workload.
• There are processes that exist for continuously evaluating data quality performance capabilities.
• Improvement strategies are designed to increase data quality performance capabilities.
• Policies and procedures that govern data quality are well-documented, communicated, followed, and updated.
• Change controls exist for revising policies and procedures, including communication of updates and changes.
• Self-auditing techniques are used to ensure business-IT alignment when designing or recalibrating strategies.

Effective data quality practices coordinate with other overarching data disciplines, related data practices, and strategic business objectives.

“You don’t solve data quality with a Band-Aid; you solve it with a methodology.” – Diraj Goel, Growth Advisor, BC Tech

Data quality can be defined by four key quality indicators

Similar to measuring the acidity of a substance with a litmus test, the quality of your data can be measured using a simple indicator test. As you learn about common root causes of data quality problems in the following slides, think about these four quality indicators to assess the quality of your data:

• Completeness – Closeness to the correct value. Encompasses accuracy, consistency, and comparability to other databases.
• Usability – The degree to which data meets current user needs. To measure this, you must determine if the user is satisfied with the data they are using to complete their business functions.
• Timeliness – Length of time between creation and availability of data.
• Accessibility – How easily a user can access and understand the data (including data definitions and context). Interpretability can also be used to describe this indicator.

Info-Tech Insight

Quality is a relative term. Data quality is measured in terms of tolerance. Perfect data quality is both impossible and a waste of time and effort.

How to get investment for your data quality program

Follow these steps to convince leadership of the value of data quality:

“You have to level with people, you cannot just start talking with the language of data and expect them to understand when the other language is money and numbers.” – Izabela Edmunds, Information Architect at Mott MacDonald

1. Perform Phases 0 & 1 of this blueprint as this will offer value in carrying out the following steps.
2. Build credibility. Show them your understanding of data and how it aligns to the business.
3. Provide tangible evidence of how significant business use cases are impacted by poor quality data.
4. Present the ROI of fixing the data quality issues you have prioritized.
5. Explain how the data quality program will be established, implemented, and sustained.
6. Prove the importance of fixing data quality issues at the source and how it is the most efficient, effective, and cost-friendly solution.

Phase 1 deliverables

Each of these deliverables serve as inputs to detect key outcomes about your organization and to help complete this blueprint:

1. Data Culture Diagnostic

Use this report to understand where your organization lies across areas relating to data culture.

While the Quality & Trust area of the report might be most prevalent to this blueprint, this diagnostic may point out other areas demanding more attention.

Please speak to your account manager for access

2. Business Capability Map Template

Perform this process to understand the capabilities that enable specific value streams. The output of this deliverable is a high-level view of your organization’s defined business capabilities.

Download this tool

Info-Tech Insight

Understanding your data culture and business capabilities are foundational to starting the journey of data quality improvement.

Key deliverable:

3. Data Quality Diagnostic

The Data Quality Report is designed to help you understand, assess, and improve key organizational data quality issues. This is where respondents across various areas in the organization can assess Data Quality across various dimensions.

Download this tool

Data Quality Diagnostic Value

Prioritize business use cases with our data quality dimensions.

• Complete this diagnostic for each major business use case. The output from the Data Culture Diagnostic and the Business Capability Map should help you understand which use cases to address.
• Involve all key stakeholders involved in the business use case. There may be multiple business units involved in a single use case.
• Prioritize the business use cases that need the most attention pertaining to data quality by comparing the scores of the Importance and Confidence data quality dimensions.

If there are data elements that are considered of high importance and low confidence, then they must be prioritized.

Sample Scorecard

Poor data quality develops due to multiple root causes

After you get to know the properties of good quality data, understand the underlying causes of why those indicators can point to poor data quality.

If you notice that the usability, completeness, timeliness, or accessibility of the organization’s data is suffering, one or more of the following root causes are likely plaguing your data:

Common root causes of poor data quality, through the lens of Info-Tech’s Five-Tier Data Architecture:

These root causes of poor data quality are difficult to avoid, not only because they are often generated at an organization’s beginning stages, but also because change can be difficult. This means that the root causes are often propagated through stale or outdated business processes.

Data quality problems root cause #1:

Poor system or application design

Application design plays one of the largest roles in the quality of the organization’s data. The proper design of applications can prevent data quality issues that can snowball into larger issues downstream.

Proper ingestion is 90% of the battle. An ounce of prevention is worth a pound of cure. This is true in many different topics, and data quality is one of them. Designing an application so that data gets entered properly, whether by internal staff or external customers, is the single most effective way to prevent data quality issues.

Some common causes of data quality problems at the application/system level include:

• Too many open fields (free-form text fields that accept a variety of inputs).
• There are no lookup capabilities present. Reference data should be looked up instead of entered.
• Mandatory fields are not defined, resulting in blank fields.
• No validation of data entries before writing to the underlying database.
• Manual data entry encourages human error. This can be compounded by poor application design that facilitates the incorrect data entry.

Data quality problems root cause #2:

Poor database design

Database design also affects data quality. How a database is designed to handle incoming data, including the schema and key identification, can impact the integrity of the data used for reporting and analytics.

The most common type of database is the relational database. Therefore, we will focus on this type of database.

When working with and designing relational databases, there are some important concepts that must be considered.

Referential integrity is a term that is important for the design of relational database schema, and indicates that table relationships must always be consistent.

For table relationships to be consistent, primary keys (unique value for each row) must uniquely identify entities in columns of the table. Foreign keys (field that is defined in a second table but refers to the primary key in the first table) must agree with the primary key that is referenced by the foreign key. To maintain referential integrity, any updates must be propagated to the primary parent key.

Info-Tech Insight

Other types of databases, including databases with unstructured data, need data quality consideration. However, unstructured data may have different levels of quality tolerance.

At the database level, some common root causes include:

1. Lack of referential integrity.
2. Lack of unique keys.
3. Don’t have restricted data range.
4. Incorrect datatype, string fields that can hold too many characters.
5. Orphaned records.

Databases and People:

Even though database design is a technology issue, don’t forget about the people.

A lack of training employees on database permissions for updating/entering data into the physical databases is a common problem for data quality.

Data quality problems root cause #3:

Improper integration and synchronization of enterprise data

Data ingestion is another category of data-quality-issue root causes. When moving data in Tier 2, whether it is through ETL, ESB, point-to-point integration, etc., the integrity of the data during movement and/or transformation needs to be maintained.

Tier 2 (the data ingestion layer) serves to move data for one of two main purposes:

• To move data from originating systems to downstream systems to support integrated business processes.
• To move data to Tier 3 where data rests for other purposes. This movement of data in its purest form means we move raw data to storage locations in an overall data warehouse environment reflecting any security, compliance and other standards in our choices for how to store. Also, it is where data is transformed for unique business purpose that will also be moved to a place of rest or a place of specific use. Data cleansing and matching and other data-related blending tasks occur at this layer.

This ensures the data is pristine throughout the process and improves trustworthiness of outcomes and speed to task completion.

At the integration layer, some common root causes of data quality problems include:

1. No data mask. For example, zip code should have a mask of five numeric characters.
2. Questionable aggregation, transformation process, or incorrect logic.
3. Unsynchronized data refresh process in an integrated environment.
4. Lack of a data matching tool.
5. Lack of a data quality tool.
6. Don’t have data profiling capability.
7. Errors with data conversion or migration processes – when migrating, decommissioning, or converting systems – movement of data sets.
8. Incorrect data mapping between data sources and targets.

Data quality problems root cause #4:

Insufficient and ineffective data quality policies and procedures

Data policies and procedures are necessary for establishing standards around data and represent another category of data-quality-issue root causes. This issue spans across all five of the 5 Tier Architecture.

Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organizations, depending on your specific data needs.

• Policies describe what to do, while standards and procedures describe how to do something.
• There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organization’s data needs.
• The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

Some common root causes of data quality issues related to policies and procedures include:

1. Policies are absent or out of date.
2. Employees are largely unaware of policies in effect.
3. Policies are unmonitored and unenforced.
4. Policies are in multiple locations.
5. Multiple versions of the same policy exist.
6. Policies are managed inconsistently across different silos.
7. Policies are written poorly by untrained authors.
8. Inadequate policy training program.
9. Draft policies stall and lose momentum.
10. Weak policy support from senior management.

Data quality problems root cause #5:

Inefficient or ineffective business processes

Some common root causes of data quality issues related to business processes include:

1. Multiple entries of the same record leads to duplicate records proliferating in the database.
2. Many business definitions of data.
3. Failure to document data manipulations when presenting data.
4. Failure to train people on how to understand data.
5. Manually intensive processes can result in duplication of effort (creates room for errors).
6. No clear delineation of dependencies of business processes within or between departments, which leads to a siloed approach to business processes, rather than a coordinated and aligned approach.

Business processes can impact data quality. How data is entered into systems, as well as employee training and knowledge about the correct data definitions, can impact the quality of your organization’s data.

These problematic business process root causes can lead to:

Duplicate records

Incomplete data

Improper use of data

Wrong data entered into fields

These data quality issues will result in costly and inefficient manual fixes, wasting valuable time and resources.

Phase 1 Summary

1. Data Quality Understanding

• Understanding that data quality is a methodology and should be treated as such.
• Data quality can be defined by four key indicators which are completeness, usability, timeliness, and accessibility.
• Explained how to get investment for your data quality program and showcasing its value to leadership.

2. Phase 0 Deliverables

Introduced foundational tools to help you throughout this blueprint:

• Complete the Data Culture Diagnostic and Business Capability Map Template as they are foundational in understanding your data culture and business capabilities to start the journey of data quality improvement.
• Involve key relevant stakeholders when completing the Data Quality Diagnostic for each major business use case. Use the Importance and Confidence dimensions to help you prioritize which use case to address.

3. Common Root Causes

Addressed where multiple root causes can occur throughout the flow of your data.

Analyzed the following common root causes of data quality:

1. Poor system or application design
2. Poor database design
3. Improper integration and synchronization of enterprise data
4. Insufficient and ineffective data quality policies and procedures
5. Inefficient or ineffective business processes

Phase 2

Analyze Your Priorities for Data Quality Fixes

Build Your Data Quality Program

Business Context & Data Quality

Establish the business context of data quality improvement projects at the business unit level to find common goals.

• To ensure the data improvement strategy is business driven, start your data quality project evaluation by understanding the business context. You will then determine which business units use data and create a roadmap for prioritizing business units for data quality repairs.
• Your business context is represented by your corporate business vision, mission, goals and objectives, differentiators, and drivers. Collectively, they provide essential information on what is important to your organization, and some hints on how to achieve that. In this step, you will gather important information about your business view and interpret the business view to establish a data view.

Business Vision

Business Goals

Business Drivers

Business Differentiators

Not every business unit uses data to the same extent

A data flow diagram can provide value by allowing an organization to adopt a proactive approach to data quality. Save time by knowing where the entry points are and where to look for data flaws.

Understanding where data lives can be challenging as it is often in motion and rarely resides in one place. There are multiple benefits that come from taking the time to create a data flow diagram.

• Mapping out the flow of data can help provide clarity on where the data lives and how it moves through the enterprise systems.
• Having a visual of where and when data moves helps to understand who is using data and how it is being manipulated at different points.
• A data flow diagram will allow you to elicit how data is used in a different use case.

Info-Tech’s Four-Column Model of Data will help you to identify the essential aspects of your data:

Business Use Case →Used by→Business Unit →Housed in→Systems→Used for→Usage of the Data

Not every business unit requires the same standard of data quality

To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

Business Value of Data

Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

• Loss of Revenue
• Loss of Productivity
• Increased Operating Costs

Business Impact of Data

Business impact of data should take into account the effects of poor data on both internal and external parties.

The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

• Impact on Customers
• Impact on Internal Staff
• Impact on Business Partners

Value + Impact = Data Priority Score

Ensure that the project starts on the right foot by completing Info-Tech’s Data Quality Problem Statement Template

Before you can identify a solution, you must identify the problem with the business unit’s data.

Download this tool

Use Info-Tech’s Data Quality Problem Statement Template to identify the symptoms of poor data quality and articulate the problem.

Info-Tech’s Data Quality Problem Statement Template will walk you through a step-by-step approach to identifying and describing the problems that the business unit feels regarding its data quality.

Before articulating the problem, it helps to identify the symptoms of the problem. The following W’s will help you to describe the symptoms of the data quality issues:

What

Define the symptoms and feelings produced by poor data quality in the business unit.

Where

Define the location of the data that are causing data quality issues.

When

Define how severe the data quality issues are in frequency and duration.

Who

Define who is affected by the data quality problems and who works with the data.

Info-Tech Best Practice

Symptoms vs. Problems. Often, people will identify a list of symptoms of a problem and mistake those for the problem. Identifying the symptoms helps to define the problem, but symptoms do not help to identify the solution. The problem statement helps you to create solutions.

Define the project problem to articulate the purpose

1 hour

Input

• Symptoms of data quality issues in the business unit

Output

• Refined problem description

Materials

• Data Quality Problem Statement Template

Participants

• Data Quality Improvement Project team
• Business line representatives

A defined problem helps you to create clear goals, as well as lead your thinking to determine solutions to the problem.

A problem statement consists of one or two sentences that summarize a condition or issue that a quality improvement team is meant to address. For the improvement team to fix the problem, the problem statement therefore has to be specific and concise.

Instructions

1. Gather the Data Quality Improvement Project Team in a room and start with an issue that is believed to be related to data quality.
2. Ask what are the attributes and symptoms of that reality today; do this with the people impacted by the issue. This should be an IT and business collaboration.
3. Draw your conclusions of what it all means: what have you collectively learned?
4. Consider the implications of your conclusions and other considerations that must be taken into account such as regulatory needs, compliance, policy, and targets.
5. Develop solutions – Contain the problem to something that can be solved in a realistic timeframe, such as three months.

Download the Data Quality Problem Statement Template

Case Study

A strategic roadmap rooted in business requirements primes a data quality improvement plan for success.

MathWorks

Industry

Software Development

Source

Primary Info-Tech Research

As part of moving to a formalized data quality practice, MathWorks leveraged an incremental approach that took its time investigating business cases to support improvement actions. Establishing realistic goals for improvement in the form of a roadmap was a central component for gaining executive approval to push the project forward.

Roadmap Creation

In constructing a comprehensive roadmap that incorporated findings from business process and data analyses, MathWorks opted to document five-year and three-year overall goals, with one-year objectives that supported each goal. This approach ensured that the tactical actions taken were directed by long-term strategic objectives.

Results – Business Alignment

In presenting their roadmap for executive approval, MathWorks placed emphasis on communicating the progression and impact of their initiatives in terms that would engage business users. They focused on maintaining continual lines of communication with business stakeholders to demonstrate the value of the initiatives and also to gradually shift the corporate culture to one that is invested in an effective data quality practice.

“Don’t jump at the first opportunity, because you may be putting out a fire with a cup of water where a fire truck is needed.” – Executive Advisor, IT Research and Advisory Firm

Use Info-Tech’s Practice Assessment and Project Planning Tool to create your strategy for improving data quality

Assess IT’s capabilities and competencies around data quality and plan to build these as the organization’s data quality practice develops. Before you can fix data quality, make sure you have the necessary skills and abilities to fix data quality correctly.

The following IT capabilities are developed on an ongoing basis and are necessary for standardizing and structuring a data quality practice:

• Meeting Business Needs
• Services and Projects
• Policies, Procedures, and Standards
• Roles and Organizational Structure
• Oversight and Communication
• Data Quality of Different Data Types

Download this Tool

Data Handling and Remediation Competencies:

• Data Standardization: Formatting values into consistent standards based on industry standards and business rules.
• Data Cleansing: Modification of values to meet domain restrictions, integrity constraints, or other business rules for sufficient data quality for the organization.
• Data Matching: Identification, linking, and merging related entries in or across sets of data.
• Data Validation: Checking for correctness of the data.

After these capabilities and competencies are assessed for a current and desired target state, the Data Quality Practice Assessment and Project Planning Tool will suggest improvement actions that should be followed in order to build your data quality practice. In addition, a roadmap will be generated after target dates are set to create your data quality practice development strategy.

Benchmark current and identify target capabilities for your data quality practice

1 hour

Input

• Current and desired data quality practices in the organization

Output

• Assessment of where the gaps lie in your data quality practice

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Data Quality Project Lead
• Business Line Representatives
• Business Architects

Use the Data Quality Practice Assessment and Project Planning Tool to evaluate the baseline and target capabilities of your practice in terms of how data quality is approached and executed.

Download this Tool

Instructions

1. Invite the appropriate stakeholders to participate in this exercise. Examples:
   1. Business executives will have input in Tab 2
   2. Unique stakeholders: communications expert or executive advisors may have input
2. On Tab 2: Practice Components, assess the current and target states of each capability on a scale of 1–5. Note: “Ad hoc” implies a capability is completed, but randomly, informally, and without a standardized method.

These results will set the baseline against which you will monitor performance progress and keep track of improvements over time.

Info-Tech Insight

Focus on early alignment. Assessing capabilities within specific people’s job functions can naturally result in disagreement or debate, especially between business and IT people. Remind everyone that data quality should ultimately serve business needs wherever possible.

Visualization improves the holistic understanding of where gaps exist in your data quality practice

To enable deeper analysis on the results of your practice assessment, Tab 3: Data Quality Practice Scorecard in the Data Quality Practice Assessment and Project Planning Tool creates visualizations of the gaps identified in each of your practice capabilities and related data management practices. These diagrams serve as analysis summaries.

Gap assessment of “Meeting Business Needs” capabilities

Visualization of gap assessment of data quality practice capabilities

1. Enhance your gap analyses by forming a relative comparison of total gaps in key practice capability areas, which will help in determining priorities.

• Example: In Tab 2 compare your capabilities within “Policies, Procedures, and Standards.” Then in Tab 3, compare your overall capabilities in “Policies, Procedures, and Standards” versus “Empowering Technologies.”

Before engaging in the data quality improvement project plan, receive signoff from IT regarding feasibility

The final piece of the puzzle is to gain sign-off from IT.

Hofstadter's law: It always takes longer than you expect, even when you take into account Hofstadter’s Law.

This means that before engaging IT in data quality projects to fix the business units’ data in Phase 2, IT must assess feasibility of the data quality improvement plan. A feasibility analysis is typically used to review the strengths and weaknesses of the projects, as well as the availability of required skills and technologies needed to complete them. Use the following workflow to guide you in performing a feasibility analysis:

Project evaluation process:

Present capabilities

• Operational Capabilities
• System Capabilities
• Schedule Capabilities
  • Summary of Evaluation Results
    • Recommendations/ modifications to the project plan

Info-Tech Best Practice

While the PMO identifies and coordinates projects, IT must determine how long and for how much.

Conduct gap analysis sessions to review and prioritize the capability gaps

1 hour

Input

• Current and Target State Assessment

Output

• Documented initiatives to help you get to the target state

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Data Quality team
• IT representatives

Instructions

• Analyze Gap Analysis Results – As a group, discuss the high-level results on Tab 3: Data Quality Practice Score. Discuss the implications of the gaps identified.
• Do a line-item review of the gaps between current and target levels for each assessed capability by using Tab 2: Practice Components.
• Brainstorm Alignment Strategies – Brainstorm the effort and activities that will be necessary to support the practice in building its capabilities to the desired target level. Ask the following questions:
  • What activities must occur to enable this capability?
  • What changes/additions to resources, process, technology, business involvement, and communication must occur?
• Document Data Quality Initiatives – Turn activities into initiatives by documenting them in Tab 4. Data Quality Practice Roadmap. Review the initiatives and estimate the start and end dates of each one.
• Continue to evaluate the assessment results in order to create a comprehensive set of data quality initiatives that support your practice in building capabilities.

Download this Tool

Create the organization’s data quality improvement strategy roadmap

1 hour

Input

• Data quality practice gaps and improvement actions

Output

• Data quality practice improvement roadmap

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Data Quality Project Lead
• Business Executives
• IT Executives
• Business Architects

Generating Your Roadmap

1. Plan the sequence, starting time, and length of each initiative in the Data Quality Practice Assessment and Project Planning Tool.
2. The tool will generate a Gantt chart based on the start and length of your initiatives.
3. The Gantt chart is generated in Tab 4: Data Quality Practice Roadmap, and can be used to organize and ensure that all of the essential aspects of data quality are addressed.

Use the Practice Roadmap to plan and improve data quality capabilities

Download this Tool

Info-Tech Best Practice

To help get you started, Info-Tech has provided an extensive list of data quality improvement initiatives that are commonly undertaken by organizations looking to improve their data quality.

Establish Baseline Metrics

Baseline metrics will be improved through:

2 hours

Create practice-level metrics to monitor your data quality practice.

Instructions:

1. Establish metrics for both the business and IT that will be used to determine if the data quality practice development is effective.
2. Set targets for each metric.
3. Collect current data to calculate the metrics and establish a baseline.
4. Assign an owner for tracking each metric to be accountable for performance.

Phase 2 summary

As you improve your data quality practice and move from reactive to stable, don’t rest and assume that you can let data quality keep going by itself. Rapidly changing consumer requirements or other pains will catch up to your organization and you will fall behind again. By moving to the proactive and predictive end of the maturity scale, you can stay ahead of the curve. By following the methodology laid out in Phase 1, the data quality practices at your organization will improve over time, leading to the following results:

Chaotic

Before Data Quality Practice Improvements

• No standards to data quality

Reactive

Year 1

• Processes defined
• Data cleansing approach to data quality

Stable

Year 2

• Business rules/ stewardship in place
• Education and training

Proactive

Year 3

• Data quality practices fully in place and embedded in the culture
• Trusted and intelligent enterprise

(Global Data Excellence, Data Excellence Maturity Model)

Phase 3

Establish Your Organization’s Data Quality Program

Build Your Data Quality Program

Create a data lineage diagram to map the data journey and identify the data subject areas to be targeted for fixes

It is important to understand the various data that exist in the business unit, as well as which data are essential to business function and require the highest degree of quality efforts.

Visualize your databases and the flow of data. A data lineage diagram can help you and the Data Quality Improvement Team visualize where data issues lie. Keeping the five-tier architecture in mind, build your data lineage diagram.

Reminder: Five-Tier Architecture

Use the following icons to represent your various data systems and databases.

Use Info-Tech’s Data Lineage Diagram to document the data sources and applications used by the business unit

2 hours

Input

• Data sources and applications used by the business unit

Output

• Data lineage diagram

Materials

• Data Lineage Diagram Template

Participants

• Business Unit Head/Data Owner
• Business Unit SMEs
• Data Analysts/Architects

Map the flow and location of data within a business unit by creating a system context diagram.

Gain an accurate view of data locations and uses: Engage business users and representatives with a wide breadth of knowledge-related business processes and the use of data by related business operations.

1. Sit down with key business representatives of the business unit.
2. Document the sources of data and processes in which they’re involved, and get IT confirmation that the sources of the data are correct.
3. Map out the sources and processes in a system context diagram.

Download this Tool

Sample Data Lineage Diagram

Leverage Info-Tech’s Data Quality Practice Assessment and Project Planning Tool to document business context

1 hour

Input

• Business vision, goals, and drivers

Output

• Business context for the data quality improvement project

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Data Quality project lead
• Business line representatives
• IT executives

Develop goals and align them with specific objectives to set the framework for your data quality initiatives.

In the context of achieving business vision, mission, goals, and objectives and sustaining differentiators and key drivers, think about where and how data quality is a barrier. Then brainstorm data quality improvement objectives that map to these barriers. Document your list of objectives in Tab 5. Prioritize business units of the Data Quality Practice Assessment and Project Planning Tool.

Download this Tool

Document the identified business units and their associated data

30 minutes

Input

• Business units

Output

• Documented business units to begin prioritization

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Project Manager

Instructions

1. Using Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, document the business units that use data in the organization. This will likely be all business units in the organization.
2. Next, document the primary data used by those business units.
3. These inputs will then be used to assess business unit priority to generate a data quality improvement project roadmap.

Reminder – Not every business unit requires the same standard of data quality

To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

Business Value of Data

Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

• Loss of Revenue
• Loss of Productivity
• Increased Operating Costs

Business Impact of Data

Business impact of data should take into account the effects of poor data on both internal and external parties.

The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

• Impact on Customers
• Impact on Internal Staff
• Impact on Business Partners

Value + Impact = Data Priority Score

Assess the business unit priority order for data quality improvements

2 hours

Input

• Assessment of value and impact of business unit data

Output

• Prioritization list for data quality improvement projects

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Project Manager
• Data owners

Instructions

Instructions In Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, assess business value and business impact of the data within each documented business unit.

Use the ratings High, Medium, and Low to measure the financial, productivity, and efficiency value and impact of each business unit’s data.

In addition to these ratings, assess the number of help desk tickets that are submitted to IT regarding data quality issues. This parameter is an indicator that the business unit’s data is high priority for data quality fixes.

Download this Tool

Create a business unit order roadmap for your data quality improvement projects

1 hour

Input

• Rating of importance of data for each business unit

Output

• Roadmap for data quality improvement projects

Materials

• Data Quality Practice Assessment and Project Planning Tool

Participants

• Project Manager
• Product Manager
• Business line representatives

Instructions

After assessing the business units for the business value and business impact of their data, the Data Quality Practice Assessment and Project Planning Tool automatically assesses the prioritization of the business units based on your ratings. These prioritizations are then summarized in a roadmap on Tab 6: Data Quality Project Roadmap. The following is an example of a project roadmap:

On Tab 6, insert the timeline for your data quality improvement projects, as well as the starting date of your first data quality project. The roadmap will automatically update with the chosen timing and dates.

Download this Tool

Identify metrics at the business unit level to track data quality improvements

As you improve the data quality for specific business units, measuring the benefits of data quality improvements will help you demonstrate the value of the projects to the business.

Use the following table to guide you in creating business-aligned metrics:

Info-Tech Insight

Relating data governance success metrics to overall business benefits keeps executive management and executive sponsors engaged because they are seeing actionable results. Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

Case Study

Address data quality with the right approach to maximize the ROI

EDC

Industry: Government

Source: Environment Development of Canada (EDC)

Challenge

Environment Development Canada (EDC) would initially identify data elements that are important to the business purely based on their business instinct.

Leadership attempted to tackle the enterprise’s data issues by bringing a set of different tools into the organization.

It didn’t work out because the fundamental foundational layer, which is the data and infrastructure, was not right – they didn't have the foundational capabilities to enable those tools.

Solution

Leadership listened to the need for one single team to be responsible for the data persistence.

Therefore, the data platform team was granted that mandate to extensively execute the data quality program across the enterprise.

A data quality team was formed under the Data & Analytics COE. They had the mandate to profile the data and to understand what quality of data needed to be achieved. They worked constantly with the business to build the data quality rules.

Results

EDC tackled the source of their data quality issues through initially performing a data quality management assessment with business stakeholders.

From then on, EDC was able to establish their data quality program and carry out other key initiatives that prove the ROI on data quality.

Begin your data quality improvement project starting with the highest priority business unit

Now that you have a prioritized list for your data quality improvement projects, identify the highest priority business unit. This is the business unit you will work through Phase 3 with to fix their data quality issues.

Once you have initiated and identified solutions for the first business unit, tackle data quality for the next business unit in the prioritized list.

Create and document your data quality improvement team

1 hour

Input

• Individuals who fit the data quality improvement plan team roles

Output

• Project team

Materials

• Data Quality Improvement Plan Template

Participants

• Data owner
• Project Manager
• Product Manager

The Data Quality Improvement Plan is a concise document that should be created for each data quality project (i.e. for each business unit) to keep track of the project.

Instructions

1. Meet with the data owner of the business unit identified for the data quality improvement project.
2. Identify individuals who fit the data quality improvement plan team roles.
3. Using the Data Quality Improvement Plan Template to document the roles and individuals who will fit those roles.
4. Have an introductory meeting with the Improvement team to clarify roles and responsibilities for the project.

Download this Tool

Document the business context of the Data Quality Improvement Plan

1 hour

Input

• Project team
• Identified data attributes

Output

• Business context for the data quality improvement plan

Materials

• Data Quality Improvement Plan Template

Participants

• Data owner
• Project Sponsor
• Product owner

Data quality initiatives have to be relevant to the business, and the business context will be used to provide inputs to the data improvement strategy. The context can then be used to determine exactly where the root causes of data quality issues are, which will inform your solutions.

Instructions

The business context of the data quality improvement plan includes documenting from previous activities:

1. The Data Quality Improvement Team.
2. Your Data Lineage Diagram.
3. Your Data Quality Problem Statement.

Info-Tech Best Practice

While many organizations adopt data quality principles, not all organizations express them along the same terms. Have multiple perspectives within your organization outline principles that fit your unique data quality agenda. Anyone interested in resolving the day-to-day data quality issues that they face can be helpful for creating the context around the project.

Download this tool

Now that you have a defined problem, revisit the root causes of poor data quality

You previously fleshed out the problem with data quality present in the business unit chosen as highest priority. Now it is time to figure out what is causing those problems.

In the table below, you will find some of the common categories of causes of data quality issues, as well as some specific root causes.

Leverage a root cause analysis approach to pinpoint the origins of your data issues

A root cause analysis is a systematic approach to decompose a problem into its components. Use fishbone diagrams to help reveal the root causes of data issues.

Info-Tech recommends five root cause categories for assessing data quality issues:

Application Design. Is the issue caused by human error at the application level? Consider internal employees, external partners/suppliers, and customers.

Database Design. Is the issue caused by a particular database and stems from inadequacies in its design?

Integration. Data integration tools may not be fully leveraged, or data matching rules may be poorly designed.

Policies and Procedures. Do the issues take place because of lack of governance?

Business Processes. Do the issues take place due to insufficient processes?

For Example:

When performing a deeper analysis of your data issues related to the accuracy of the business unit’s data, you would perform a root cause analysis by assessing the contribution of each of the five categories of data quality problem root causes:

Leverage a combination of data analysis techniques to identify and quantify root causes

Info-Tech Insight

Including all attributes of the key subject area in your data profiling activities may produce too much information to make sense of. Conduct data profiling primarily at the table level and undergo attribute profiling only if you are able to narrow down your scope sufficiently.

Data Profiling Tool

Data profiling extracts a sample of the target data set and runs it through multiple levels of analysis. The end result is a detailed report of statistics about a variety of data quality criteria (duplicate data, incomplete data, stale data, etc.).

Many data profiling tools have built-in templates and reports to help you uncover data issues. In addition, they quantify the occurrences of the data issues.

E-Discovery Tool

This supplements a profiling tool. For Example, use a BI tool to create a custom grouping of all the invalid states (e.g. “CAL,” “AZN,” etc.) and visualize the percentage of invalid states compared to all states.

SQL Queries

This supplements a profiling tool. For example, use a SQL statement to group the customer data by customer segment and then by state to identify which segment–state combinations contain poor data.

Identify the data issues for the particular business unit under consideration

2 hours

Input

• Issues with data quality felt by the business unit
• Data lineage diagram

Output

• Categorized data quality issues

Materials

• Whiteboard, markers, sticky notes
• Data Quality Improvement Plan Template

Participants

• Data quality improvement project team
• Business line representatives

Instructions

1. Gather the data quality improvement project team in a room, along with sticky notes and a whiteboard.
2. Display your previously created data lineage diagram on the whiteboard.
3. Using color-coded sticky notes, attach issues to each component of the data lineage diagram that team members can identify. Use different colors for the four quality attributes: Completeness, Usability, Timeliness, and Accessibility.

Example:

Map the data issues on fishbone diagrams to identify root causes

1 hour

Input

• Categorized data quality issues

Output

• Completed fishbone diagrams

Materials

• Whiteboard, markers, sticky notes
• Data Quality Improvement Plan Template

Participants

• Data quality improvement project team

Now that you have data quality issues classified according to the data quality attributes, map these issues onto four fishbone diagrams.

Download this Tool

Get to know the root causes behind system/application design mistakes

Suboptimal system/application design provides entry points for bad data.

Get to know the root causes behind common database design mistakes

Improper database design allows incorrect data to be stored and propagated.

Get to know the root causes behind enterprise integration mistakes

Improper data integration or synchronization may create poor analytical data.

Get to know the root causes behind policy and procedure mistakes

Suboptimal policies and procedures undermine the effect of best practices.

Get to know the root causes behind common business process mistakes

Ineffective and inefficient business processes create entry points for poor data.

Phase 3 Summary

1. Data Lineage Diagram

• Creating the data lineage diagram is recommended to help visualize the flow of your data and to map the data journey and identify the data subject areas to be targeted for fixes.
• The data lineage diagram was leveraged multiple times throughout this Phase. For example, the data lineage diagram was used to document the data sources and applications used by the business unit

• Business context was documented through the Data Quality Practice Assessment and Project Planning Tool.
• The same tool was used to document identified business units and their associated data.
• Metrics were also identified at the business unit level to track data quality improvements.

Phase 4

Grow and Sustain Your Data Quality Program

Build Your Data Quality Program

For the identified root causes, determine the solutions for the problem

As you worked through the previous step, you identified the root causes of your data quality problems within the business unit. Now, it is time to identify solutions.

The following slides provide an overview of the solutions to common data quality issues. As you identify solutions that apply to the business unit being addressed, insert the solution tables in Section 4: Proposed Solutions of the Data Quality Improvement Plan Template.

All data quality solutions have two components to them:

• Technology
• People

For the next five data quality solution slides, look for the slider for the contributions of each category to the solution. Use this scale to guide you in creating solutions.

When designing solutions, keep in mind that solutions to data quality problems are not mutually exclusive. In other words, an identified root cause may have multiple solutions that apply to it.

For example, if an application is plagued with inaccurate data, the application design may be suboptimal, but also the process that leads to data being entered may need fixing.

Data quality improvement strategy #1:

Fix data quality issues by improving system/application design.

Technology

Application Interface Design

Restrict field length – Capture only the characters you need for your application.

Leverage data masks – Use data masks in standardized fields like zip code and phone number.

Restrict the use of open text fields and use reference tables – Only present open text fields when there is a need. Use reference tables to limit data values.

Provide options – Use radio buttons, drop-down lists, and multi-select instead of using open text fields.

Data Validation at the Application Level

Validate data before committing – Use simple validation to ensure the data entered is not random numbers and letters.

Track history – Keep track of who entered what fields.

Cannot submit twice – Only design for one-time submission.

People

Training

Data-entry training – Training that is related to data entry, creating, or updating data records.

Data resolution training – Training data stewards or other dedicated data personnel on how to resolve data records that are not entered properly.

Continuous Improvement

Standards – Develop application design principles and standards.

Field testing – Field data entry with a few people to look for abnormalities and discrepancies.

Detection and resolution – Abnormal data records should be isolated and resolved ASAP.

Application Testing

Thorough testing – Application design is your first line of defence against poor data. Test to ensure bad data is kept out of the systems.

Case Study

HMS

Industry: Healthcare

Source: Informatica

Improve your data quality ingestion procedures to provide better customer intimacy for your users

Healthcare Management Systems (HMS) provides cost containment services for healthcare sponsors and payers, and coordinates benefits services. This is to ensure that healthcare claims are paid correctly to both government agencies and individuals. To do so, HMS relies on data, and this data needs to be of high quality to ensure the correct decisions are made, the right people get the correct claims, and the appropriate parties pay out.

To improve the integrity of HMS’s customer data, HMS put in place a framework that helped to standardize the collection of high volume and highly variable data.

Results

Working with a data quality platform vendor to establish a framework for data standardization, HMS was able to streamline data analysis and reduce new customer implementations from months to weeks.

HMS data was plagued with a lack of standardization of data ingestion procedures.

Data quality improvement strategy #2:

Fix data quality issues using proper database design.

Technology

Database Design Best Practices

Referential integrity – Ensure parent/child relationships are maintained in terms of cascade creation, update, and deletion.

Primary key definition – Ensure there is at least one key to guarantee the uniqueness of the data records, and primary key should not allow null.

Validate data domain – Create triggers to check the data values entered in the database fields.

Field type and length – Define the most suitable data type and length to hold field values.

One-Time Data Fix (more on the next slide)

Explore solutions – Where to fix the data issues? Is there a case to fix the issues?

Running profiling tools to catch errors – Run scans on the database with defined criteria to identify occurrences of questionable data.

Fix a sample before fixing all records – Use a proof-of-concept approach to explore fix options and evaluate impacts before fixing the full set.

People

The DBA Team

Perform key tasks in pairs – Take a pair approach to perform key tasks so that validation and cross-check can happen.

Skilled DBAs – DBAs should be certified and accredited.

Competence – Assess DBA competency on an ongoing basis.

Preparedness – Develop drills to stimulate data issues and train DBAs.

Cross train – Cross train team members so that one DBA can cover another DBA.

Data quality improvement strategy #3:

Improve integration and synchronization of enterprise data.

Technology

Integration Architecture

Info-Tech’s 5-Tier Architecture – When doing transformations, it is good practice to persist the integration results in tier 3 before the data is further refined and presented in tier 4.

Timing, timing, and timing – Think of the sequence of events. You may need to perform some ETL tasks before other tasks to achieve synchronization and consistence.

Historical changes – Ensure your tier 3 is robust enough to include historical data. You need to enable type 2 slowly, changing dimension to recreate the data at a point in time.

Data Cleansing

Standardize – Leverage data standardization to standardize name and address fields to improve matching and integration.

Fuzzy matching – When there are no common keys between datasets. The datasets can only be matched by fuzzy matching. Fuzzy matching is not hard science; define a confidence level and think about a mechanism to deal with the unmatched.

People

Reporting and Documentations

Business data glossary and data lineage – Define a business data glossary to enhance findability of key data elements. Document data mappings and ETL logics.

Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

Code Review

Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

ARB (architectural review board) – All ETL codes should be approved by the architectural review board to ensure alignment with the overall integration strategy.

Data quality improvement strategy #4:

Improve data quality policies and procedures.

Technology

Policy Reporting

Data quality reports – Leverage canned data quality reports from the ETL platforms to monitor data quality on an on-going basis. When abnormalities are found, provoke the right policies to deal with the issues.

Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralized website.

Make the repository searchable and easily navigable. myPolicies helps you do all this and more.

myPolicies helps you do all this and more.

Go to this link

People

Policy Review and Training

Policy review – Create a schedule for reviewing policies on a regular basis – invite professional writers to ensure polices are understandable.

Policy training – Policies are often unread and misread. Training users and stakeholders on policies is an effective way to make sure those users and stakeholders understand the rationale of the policies. It is also a good practice to include a few scenarios that are handled by the policies.

Policy hotline/mailbox – To avoid misinterpretation of the policies, a policy hotline/mailbox should be set up to answer any data policy questions from the end users/stakeholders.

Policy Communications

Simplified communications – Create handy one-pagers and infographic posters to communicate the key messages of the polices.

Policy briefing – Whenever a new data project is initiated, a briefing of data policies should be given to ensure the project team follows the policies from the very beginning.

Data quality improvement strategy #5:

Streamline and optimize business processes.

Technology

Requirements Gathering

Data Lineage – Leverage a metadata management tool to construct and document data lineage for future reference.

Documentations Repository – It is a best practice to document key project information and share that knowledge across the project team and with the stakeholder. An improvement understanding of the project helps to identify data quality issues early on in the project.

“Automating creation of data would help data quality most. You have to look at existing processes and create data signatures. You can then derive data off those data codes.” – Patrick Bossey, Manager of Business Intelligence, Crawford and Company

People

Requirements Gathering

Info-Tech’s 4-Column Model – The datasets may exist but the business units do not have an effective way of communicating the quality needs. Use our four-column model and the eleven supporting questions to better understand the quality needs. See subsequent slides.

I don’t know what the data means so I think the quality is poor – It is not uncommon to see that the right data presented to the business but the business does not trust the data. They also do not understand the business logic done on the data. See our Business Data Glossary in subsequent slides.

Understand the business workflow – Know the business workflow to understand the manual steps associated with the workflow. You may find steps in which data is entered, manipulated, or consumed inappropriately.

“Do a shadow data exercise where you identify the human workflows of how data gets entered, and then you can identify where data entry can be automated.” – Diraj Goel, Growth Advisor, BC Tech

Brainstorm solutions to your data quality issues

4 hours

Input

• Data profiling results
• Preliminary root cause analyses

Output

• Proposals for data fix
• Fixed issues

Materials

• Data Quality Improvement Plan Template

Participants

• Business and Data Analysts
• Data experts and stewards

After walking through the best-practice solutions to data quality issues, propose solutions to fix your identified issues.

Instructions

1. Review Root Cause Analyses: Revisit the root cause analysis and data lineage diagram you have generated in Step 3.2. to understand the issues in greater details.
2. Characterize Each Issue: You may need to generate a data profiling report to characterize the issue. The report can be generated by using data quality suites, BI platforms, or even SQL statements.
3. Brainstorm the Solutions: As a group, discuss potential ways to fix the issue. You can tackle the issues by approaching from these areas:

X crossover with

4. Document and Communicate: Document the solutions to your data issues. You may need to reuse or refer to the solutions. Also brainstorm some ideas on how to communicate the results back to the business.

Download this Tool

Sustaining your data quality requires continuous oversight through a data governance practice

Quality data is the ultimate outcome of data governance and data quality management. Data governance enables data quality by providing the necessary oversight and controls for business processes in order to maintain data quality. There are three primary groups (at right) that are involved in a mature governance practice. Data quality should be tightly integrated with all of them.

Define an effective data governance strategy and ensure the strategy integrates well with data quality with Info-Tech’s Establish Data Governance blueprint.

Visit this link

Data Governance Council

This council establishes data management practices that span across the organization. This should be comprised of senior management or C-suite executives that can represent the various departments and lines of business within the organization. The data governance council can help to promote the value of data governance, facilitate a culture that nurtures data quality, and ensure that the goals of the data governance program are well aligned with business objectives.

Data Owners

Identifying the data owner role within an organization helps to create a greater degree of accountability for data issues. They often oversee how the data is being generated as well as how it is being consumed. Data owners come from the business side and have legal rights and defined control over a data set. They ensure data is available to the right people within the organization.

Data Stewards

Conflict can occur within an organization’s data governance program when a data steward’s role is confused with that of the steering committee’s role. Data stewards exist to enforce decisions made about data governance and data management. Data stewards are often business analysts or power users of a particular system/dataset. Where a data owner is primarily responsible for access, a data steward is responsible for the quality of a dataset.

Integrate the data quality management strategy with existing data governance committees

Ongoing and regular data quality management is the responsibility of the data governance bodies of the organization.

The oversight of ongoing data quality activities rests on the shoulders of the data governance committees that exist in the organization.

There is no one-size-fits-all data governance structure. However, most organizations follow a similar pattern when establishing committees, councils, and cross-functional groups. They strive to identify roles and responsibilities at a strategic, tactical, and operational level:

Create and update the organization’s Business Data Glossary to keep up with current data definitions

2 hours

Input

• Metrics and goals for data quality

Output

• Regularly scheduled data quality checkups

Materials

• Business Data Glossary Template
• Data Quality Dashboard

Participants

• Data steward

A crucial aspect of data quality and governance is the Business Data Glossary. The Business Data Glossary helps to align the terminology of the business with the organization’s data assets. It allows the people who interact with the data to quickly identify the applications, processes, and stewardship associated with it, which will enhance the accuracy and efficiency of searches for organization data definitions and attributes, enabling better access to the data. This will, in turn, enhance the quality of the organization’s data because it will be more accurate, relevant, and accessible.

Use the Business Data Glossary Template to document key aspects of the data, such as:

• Definition
• Source System
• Possible Values
• Data Steward
• Data Sensitivity
• Data Availability
• Batch or Live
• Retention

Data Element

• Mkt-Product
• Fin-Product

Info-Tech Insight

The Business Data Glossary ensures that the crucial data that has key business use by key business systems and users is appropriately owned and defined. It also establishes rules that lead to proper data management and quality to be enforced by the data owners.

Download this Tool

Data Steward(s): Use the Data Quality Improvement Plan of the business unit for ongoing quality monitoring

Integrating your data quality strategy into the organization’s data governance program requires passing the strategy over to members of the data governance program. The data steward role is responsible for data quality at the business unit level, and should have been involved with the creation and implementation of the data quality improvement project. After the data quality repairs have been made, it is the responsibility of the data steward to regularly monitor the quality of the business unit’s data.

Download this tool

See Info-Tech’s Data Steward Job Description Template for a detailed understanding of the roles and responsibilities of the data steward.

Responsible for sustaining

Develop a business-facing data quality dashboard to show improvements or a sudden dip in data quality

One tool that the data steward can take advantage of is the data quality dashboard. Initiatives that are implemented to address data quality must have metrics defined by business objectives in order to demonstrate the value of the data quality improvement projects. In addition, the data steward should have tools for tracking data quality in the business unit to report issues to the data owner and data governance steering committee.

• Example 1: Marketing uses data for direct mail and e-marketing campaigns. They care about customer data in particular. Specifically, they require high data quality in attributes such as customer name, address, and product profile.
• Example 2: Alternatively, Finance places emphasis on financial data, focusing on attributes like account balance, latency in payment, credit score, and billing date.

Notes on chart:

General improvement in billing address quality

Sudden drop in touchpoint accuracy may prompt business to ask for explanations

Approach to creating a business-facing data quality dashboard:

1. Schedule a meeting with the functional unit to discuss what key data quality metrics are essential to their business operations. You should consider the business context, functional area, and subject area analyses you completed in Phase 1 as a starting point.
2. Discuss how to gather data for the key metrics and their associated calculations.
3. Discuss and decide the reporting intervals.
4. Discuss and decide the unit of measurement.
5. Generate a dashboard similar to the example. Consider using a BI or analytics tool to develop the dashboard.

Data quality management must be sustained for ongoing improvements to the organization’s data

• Data quality is never truly complete; it is a set of ongoing processes and disciplines that requires a permanent plan for monitoring practices, reviewing processes, and maintaining consistent data standards.
• Setting the expectation to stakeholders that a long-term commitment is required to maintain quality data within the organization is critical to the success of the program.
• A data quality maintenance program will continually revise and fine-tune ongoing practices, processes, and procedures employed for organizational data management.

Data quality is a program that requires continual care:

→Maintain→Good Data →

Data quality management is a long-term commitment that shifts how an organization views, manages, and utilizes its corporate data assets. Long-term buy-in from all involved is critical.

“Data quality is a process. We are trying to constantly improve the quality over time. It is not a one-time fix.” – Akin Akinwumi, Manager of Data Governance, Startech.com

Define a data quality review agenda for data quality sustainment

2 hours

Input

• Metrics and goals for data quality

Output

• Regularly scheduled data quality checkups

Materials

• Data Quality Diagnostic
• Data Quality Dashboard

Participants

• Data Steward

As a data steward, you are responsible for ongoing data quality checks of the business unit’s data. Define an improvement agenda to organize the improvement activities. Organize the activities yearly and quarterly to ensure improvement is done year-round.

Quarterly

• Measure data quality metrics against milestones. Perform a regular data quality health check with Info-Tech’s Data Quality Diagnostic.
• Review the business unit’s Business Data Glossary to ensure that it is up to date and comprehensive.
• Assess progress of practice area initiatives (time, milestones, budget, benefits delivered).
• Analyze overall data quality and report progress on key improvement projects and corrective actions in the executive dashboard.
• Communicate overall status of data quality to oversight body.

Annually

• Calculate your current baseline and measure progress by comparing it to previous years.
• Set/revise quality objectives for each practice area and inter-practice hand-off processes.
• Re-evaluate/re-establish data quality objectives.
• Set/review data quality metrics and tracking mechanisms.
• Set data quality review milestones and timelines.
• Revisit data quality training from an end-user perspective and from a practitioner perspective.

Info-Tech Insight

Do data quality diagnostic at the beginning of any improvement plan, then recheck health with the diagnostic at regular intervals to see if symptoms are coming back. This should be a monitoring activity, not a data quality fixing activity. If symptoms are bad enough, repeat the improvement plan process.

Take the next step in your Data & Analytics Journey

After establishing your data quality program, look to increase your data & analytics maturity.

• Artificial Intelligence (AI) is a concept that many organizations strive to implement. AI can really help in areas such as data preparation. However, implementing AI solutions requires a level of maturity that many organizations are not at.
• While a solid data quality foundation is essential for AI initiatives being successful, AI can also ensure high data quality.
• An AI analytics solution can address data integrity issues at the earliest point of data processing, rapidly transforming these vast volumes of data into trusted business information. This can be done through Anomaly detection, which flags “bad” data, identifying suspicious anomalies that can impact data quality. By tracking and evaluating data, anomaly detection gives critical insights into data quality as data is processed. (Ira Cohen, The End to a Never-Ending Story? Improve Data Quality with AI Analytics, anodot, 2020)

Consider… “Garbage in, garbage out.”

Lay a solid foundation by addressing your data quality issues prior to investing heavily in an AI solution.

Related Info-Tech Research

Are You Ready for AI?

• Use AI as a compelling event to expedite funding, resources, and project plans for your data-related initiatives. Check out this note to understand what it takes to be ready to implement AI solutions.

Get Started With Artificial Intelligence

• Current AI technology is data-enabled, automated, adaptive decision support. Once you believe you are ready for AI, check out this blueprint on how to get started.

Build a Data Architecture Roadmap

• The data lineage diagram was a key tool used in establishing your data quality program. Check out this blueprint and learn how to optimize your data architecture to provide greatest value from data.

Create an Architecture for AI

• Build your target state architecture from predefined best practice building blocks. This blueprint assists members first to assess if they have the maturity to embrace AI in their organization, and if so, which AI acquisition model fits them best.

Phase 4 Summary

1. Data Quality Improvement Strategy

• Brainstorm solutions to your data quality issues using the following data quality improvement strategies as a guide:
  1. Fix data quality issues by improving system/application design
  2. Fix data quality issues using proper database design
  3. Improve integration and synchronization of enterprise data
  4. Improve data quality policies and procedures
  5. Streamline and optimize business processes

• Quality data is the ultimate outcome of data governance and data quality management.
• Sustaining your data quality requires continuous oversight through a data governance practice.
• There are three primary groups (Data Governance Council, Data Owners, and Data Stewards) that are involved in a mature governance practice.

Research Contributors and Experts

Izabela Edmunds

Information Architect Mott MacDonald

Akin Akinwumi

Manager of Data Governance Startech.com

Diraj Goel

Growth Advisor BC Tech

Sujay Deb

Director of Data Analytics Technology and Platforms Export Development Canada

Asif Mumtaz

Data & Solution Architect Blue Cross Blue Shield Association

Patrick Bossey

Manager of Business Intelligence Crawford and Company

Anonymous Contributors

Ibrahim Abdel-Kader

Research Specialist Info-Tech Research Group

Ibrahim is a Research Specialist at Info-Tech Research Group. In his career to date he has assisted many clients using his knowledge in process design, knowledge management, SharePoint for ECM, and more. He is expanding his familiarity in many areas such as data and analytics, enterprise architecture, and CIO-related topics.

Reddy Doddipalli

Senior Workshop Director Info-Tech Research Group

Reddy is a Senior Workshop Director at Info-Tech Research Group, focused on data management and specialized analytics applications. He has over 25 years of strong industry experience in IT leading and managing analytics suite of solutions, enterprise data management, enterprise architecture, and artificial intelligence–based complex expert systems.

Andy Neill

Practice Lead, Data & Analytics and Enterprise Architecture Info-Tech Research Group

Andy leads the data and analytics and enterprise architecture practices at ITRG. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and development of industry standard data models.

Crystal Singh

Research Director, Data & Analytics Info-Tech Research Group

Crystal is a Research Director at Info-Tech Research Group. She brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

Igor Ikonnikov

Research Director, Data & Analytics Info-Tech Research Group

Igor is a Research Director at Info-Tech Research Group. He has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.

Andrea Malick

Research Director, Data & Analytics Info-Tech Research Group

Andrea Malick is a Research Director at Info-Tech Research Group, focused on building best practices knowledge in the enterprise information management domain, with corporate and consulting leadership in enterprise architecture and content management (ECM).

Natalia Modjeska

Research Director, Data & Analytics Info-Tech Research Group

Natalia Modjeska is a Research Director at Info-Tech Research Group. She advises members on topics related to AI, machine learning, advanced analytics, and data science, including ethics and governance. Natalia has over 15 years of experience in developing, selling, and implementing analytical solutions.

Rajesh Parab

Research Director, Data & Analytics Info-Tech Research Group

Rajesh Parab is a Research Director at Info-Tech Research Group. He has over 20 years of global experience and brings a unique mix of technology and business acumen. He has worked on many data-driven business applications. In his previous architecture roles, Rajesh created a number of product roadmaps, technology strategies, and models.

Bibliography

Amidon, Kirk. "Case Study: How Data Quality Has Evolved at MathWorks." The Fifth MIT Information Quality Industry Symposium. 13 July 2011. Web. 19 Aug. 2015.

Boulton, Clint. “Disconnect between CIOs and LOB managers weakens data quality.” CIO. 05 February 2016. Accessed June 2020.

COBIT 5: Enabling Information. Rolling Meadows, IL: ISACA, 2013. Web.

Cohen, Ira. “The End to a Never-Ending Story? Improve Data Quality with AI Analytics.” anodot. 2020.

“DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK Guide).” First Edition. DAMA International. 2009. Digital. April 2014.

"Data Profiling: Underpinning Data Quality Management." Pitney Bowes. Pitney Bowes - Group 1 Software, 2007. Web. 18 Aug. 2015.

Data.com. “Data.com Clean.” Salesforce. 2016. Web. 18 Aug. 2015.

“Dawn of the CDO." Experian Data Quality. 2015. Web. 18 Aug. 2015.

Demirkan, Haluk, and Bulent Dal. "Why Do So Many Analytics Projects Fail?" The Data Economy: Why Do so Many Analytics Projects Fail? Analytics Magazine. July-Aug. 2014. Web.

Dignan, Larry. “CIOs juggling digital transformation pace, bad data, cloud lock-in and business alignment.” ZDNet. 11 March 2020. Accessed July.

Dumbleton, Janani, and Derek Munro. "Global Data Quality Research - Discussion Paper 2015." Experian Data Quality. 2015. Web. 18 Aug. 2015.

Eckerson, Wayne W. "Data Quality and the Bottom Line - Achieving Business Success through a Commitment to High Quality Data." The Data Warehouse Institute. 2002. Web. 18 Aug. 2015.

“Infographic: Data Quality in BI the Costs and Benefits.” HaloBI. 2015 Web.

Lee, Y.W. and Strong, D.M. “Knowing-Why About Data Processes and Data Quality.” Journal of Management Information Systems. 2004.

“Making Data Quality a Way of Life.” Cognizant. 2014. Web. 18 Aug. 2015.

"Merck Serono Achieves Single Source of Truth with Comprehensive RIM Solutions." www.productlifegroup.com. ProductLife Group. 15 Apr. 2015. Web. 23 Nov. 2015.

Myers, Dan. “List of Conformed Dimensions of Data Quality.” Conformed Dimensions of Data Quality (CDDQ). 2019. Web.

Redman, Thomas C. “Make the Case for Better Data Quality.” Harvard Business Review. 24 Aug. 2012. Web. 19 Aug. 2015.

RingLead Data Management Solutions. “10 Stats About Data Quality I Bet You Didn’t Know.” RingLead. Accessed 7 July 2020.

Schwartzrock, Todd. "Chrysler's Data Quality Management Case Study." Online video clip. YouTube. 21 April. 2011. Web. 18 Aug. 2015

“Taking control in the digital age.” Experian Data Quality. Jan 2019. Web.

“The data-driven organization, a transformation in progress.” Experian Data Quality. 2020. Web.

"The Data Quality Benchmark Report." Experian Data Quality. Jan. 2015. Web. 18 Aug. 2015.

“The state of data quality.” Experian Data Quality. Sept. 2013. Web. 17 Aug. 2015.

Vincent, Lanny. “Differentiating Competence, Capability and Capacity.” Innovation Management Services. Web. June 2008.

“7 ways poor data quality is costing your business.” Experian Data Quality. July 2020. Web.

Define Service Desk Metrics That Matter

Look beyond benchmarks and rely on internal metrics to drive success.

Analyst Perspective

Don’t get paralyzed by benchmarks when establishing metrics

When establishing a suite of metrics to track, it’s tempting to start with the metrics measured by other organizations. Naturally, benchmarking will enter the conversation. While benchmarking is useful, measuring you organization against others with a lack of context will only highlight your failures. Furthermore, benchmarks will highlight the norm or common practice. It does not necessarily highlight best practice.

Keeping the limitations of benchmarking in mind, establish your own metrics suite with action-based metrics. Define the audience, cadence, and actions for each metric you track and pair them with business goals. Measure only what you need to.

Slowly improve your metrics process over time and analyze your environment using your own data as your benchmark.

Benedict Chang

Research Analyst, Infrastructure & Operations

Info-Tech Research Group

Executive Summary

Your Challenge

• Measure the business value provided by the service desk.
• Consolidate your metrics and assign context and actions to ones currently tracked.
• Establish tension metrics to see and tell the whole story.
• Split your metrics for each stakeholder group. Assign proper cadences for measurements as a first step to building an effective dashboard or effective dashboards.

Common Obstacles

• Becoming too focused on benchmarks or unidimensional metrics (e.g. cost, first-contact resolution, time to resolve) can lead to misinterpretation of the data and poorly informed actions.
• Sifting through the many sources of data post hoc can lead to stalling in data analysis or slow reaction times to poor metrics.
• Dashboards can quickly become cluttered with uninformative metrics, thus reducing the signal-to-noise ratio of meaningful data.

Info-Tech's Approach

• Use metrics that drive productive change and improvement. Track only what you need to report on.
• Ensure each metric aligns with the desired business goal, is action-based, and includes the answers to what, why, how, and who.
• Establish internal benchmarks by analyzing the trends from your own data to set baselines.
• Act on the results of your metrics by adjusting targets and measuring success.

Info-Tech Insight

Identify the metrics that serve a real purpose and eliminate the rest. Establish a formal review process to ensure metrics are still valid, continue to provide the answers needed, and are at a manageable and usable level.

Improve your metrics to align IT with strategic business goals

The right metrics can tell the business how hard IT works and how well they perform.

• Only 19% of CXOs feel that their organization is effective at measuring the success of IT projects with their current metrics.
• Implementing the proper metrics can facilitate communication between the business division and IT practice.
• The proper metrics can help IT know what issues the business has and how the CEO and CIO should tackle them.
• If the goals above resonate with your organization, our blueprint Take Control of Infrastructure and Operations Metrics will take you through the right steps.

Current Metrics Suite

19% Effective

36% Some Improvement Necessary

45% Significant Improvement Necessary

Source: Info-Tech Research Group’s CEO/CIO Alignment Diagnostic, 2019; N=622

CXOs stress that value is the most critical area for IT to improve in reporting

• You most likely have to improve your metrics suite by addressing business value.
• Over 80% of organizations say they need improvement to their business value metrics, with 32% of organizations reporting that significant improvement is needed.
• Of course, measuring metrics for service desk operations is important, but don’t forget business-oriented metrics such as measuring knowledgebase articles written for shift-left enablement, cost (time and money) of service desk tickets, and overall end-user satisfaction.

Source: Info-Tech Research Group’s CEO/CIO Alignment Diagnostic, 2019; N=622

Benchmarking used in isolation will not tell the whole story

Benchmarks can be used as a step in the metrics process

They can be the first step to reach an end goal, but if benchmarks are observed in isolation, it will only highlight your failures.

Benchmarking relies on standardized models

This does not account for all the unique variables that make up an IT organization.

For example, benchmarks that include cost and revenue may include organizations that prioritize first-call resolution (FCR), but the variables that make up this benchmark model will be quite different within your own organization.

Info-Tech Insight

Benchmarks reflect the norm and common practice, not best practice.

Benchmarks are open to interpretation

Taking the time to establish proper metrics is often more valuable time spent than going down the benchmark rabbit hole.

Being above or below the norm is neither a good nor a bad thing.

Determining what the results mean for you depends on what’s being measured and the unique factors, characteristics, and priorities in your organization.

If benchmark data is a priority within your IT organization, you may look up organizations like MetricNet, but keep the following in mind:

Review the collected benchmark data

See where IT organizations in your industry typically stand in relation to the overall benchmark.

Assess the gaps

Large gaps between yourself and the overall benchmark could indicate areas for improvement or celebration. Use the data to focus your analysis, develop deeper self-awareness, and prioritize areas for potential concern.

Benchmarks are only guidelines

The benchmark source data may not come from true peers in every sense. Each organization is different, so always explore your unique context when interpreting any findings.

Rely on internal metrics to measure and improve performance

Measure internal metrics over time to define goals and drive real improvement

• Internally measured metrics are more reliable because they provide information about your actual performance over time. This allows for targeted improvements and objective measurements of your milestones.
• Whether a given metric is the right one for your service desk will depend on several different factors, including:
  • The maturity and capability of your service desk processes
  • The volume of service requests and incidents
  • The complexity of your environment when resolving tickets
  • The degree to which your end users are comfortable with self-service

Take Info-Tech’s approach to metrics management

Use metrics that drive productive change and improvement. Track only what you need to report on.

Ensure each metric aligns with the desired business goal, is action-based, and includes the answers to what, why, how, and who.

Establish internal benchmarks by analyzing the trends from your own data to set baselines.

Act on the results of your metrics by adjusting targets and measuring success.

Define action-based metrics to cut down on analysis paralysis

Every metric needs to be backed with the following criteria:

• Defining audience, cadence, goal, and action for each metric allows you to keep your tracked metrics to a minimum while maximizing the value.
• The audience and cadence of each metric may allow you to define targeted dashboards.

Audience - Who is this metric tracked for?

Goal - Why are you tracking this metric? This can be defined along with the CSFs and KPIs.

Cadence - How often are you going to view, analyze, and action this metric?

Action - What will you do if this metric spikes, dips, trends up, or trends down?

Activity 1. Define your critical success factors and key performance indicators

Critical success factors (CSFs) are high-level goals that help you define the direction of your service desk. Key performance indicators (KPIs) can be treated as the trend of metrics that will indicate that you are moving in the direction of your CSFs. These will help narrow the data you have to track and action (metrics).

CSFs, or your overall goals, typically revolve around three aspects of the service desk: time spent on tickets, resources spent on tickets, and the quality of service provided.

1. As a group, brainstorm the CSFs and the KPIs that will help narrow your metrics. Use the Service Desk Metrics Workbook to record the results.
2. Look at the example to the right as a starting point.

Example metrics:

Download the Service Desk Metrics Workbook

Activity 2. Define action-based metrics that align with your KPIs and CSFs

1. Now that you have defined your goals, continue to fill the workbook by choosing metrics that align with those goals.
2. Use the chart below as a guide. For every metric, define the cadence of measurement, audience of the metric, and action associated with the metric. There may be multiple metrics for each KPI.
3. If you find you are unable to define the cadence, audience, or action associated with a metric, you may not need to track the metric in the first place. Alternatively, if you find that you may action a metric in the future, you can decide to start gathering data now.

Example metrics:

Download the Service Desk Metrics Workbook

Activity 3. Define the data ownership, metric viability, and dashboards

1. For each metric, define where the data is housed. Ideally, the data is directly in the ticketing tool or ITSM tool. This will make it easy to pull and analyze.
2. Determine how difficult the metric will be to pull or track. If the effort is high, decide if the value of tracking the metric is worth the hassle of gathering it.
3. Lastly, for each metric, use the cadence and audience to place the metric in a reporting dashboard. This will help divide your metrics and make them easier to report and action.
4. You may use the output of this exercise to add your tracked metrics to your service desk SOP.
5. A full suite of metrics can be found in our Infrastructure & Operations Metrics Library in the Take Control of Infrastructure Metrics Storyboard. The metrics have been categorized by low, medium, and advanced capabilities for you.

Example metrics:

Download the Service Desk Metrics Workbook

Keep the following considerations in mind when defining which metrics matter

Keep the customer in mind

Metrics are typically focused on transactional efficiency and process effectiveness and not what was achieved against the customers’ need and satisfaction.

Understand the relationships between performance and metrics management to provide the end-to-end service delivery picture you are aiming to achieve.

Don’t settle for tool defaults

ITSM solutions offer an abundance of metrics to choose from. The most common ones are typically built into the reporting modules of the tool suite.

Do not start tracking everything. Choose metrics that are specifically aligned to your organization’s desired business outcomes.

Establish tension metrics to achieve balance

Don’t ignore the correlation and context between the suites of metrics chosen and how one interacts and affects the other.

Measuring metrics in isolation may lead to an incomplete picture or undesired technician behavior. Tension metrics help complete the picture and lead to proper actions.

Adjust those targets

An arbitrary target on a metric that is consistently met month over month is useless. Each metric should inform the overall performance by combining capable service level management and customer experience programs to prove the value IT is providing to the organization.

Related Info-Tech Research

Standardize the Service Desk

This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management, to create a sustainable service desk.

Take Control of Infrastructure and Operations Metrics

Make faster decisions and improve service delivery by using the right metrics for the job.

Analyze Your Service Desk Ticket Data

Take a data-driven approach to service desk optimization.

IT Diagnostics: Build a Data-Driven IT Strategy

Our data-driven programs ask business and IT stakeholders the right questions to ensure you have the inputs necessary to build an effective IT strategy.

Create a Service Management Roadmap

Implement service management in an order that makes sense.

ANALYST PERSPECTIVE

"More than 80% of the larger enterprises we’ve worked with start out wanting to develop advanced service management practices without having the cultural and organizational basics or foundational practices fully in place. Although you wouldn’t think this would be the case in large enterprises, again and again IT leaders are underestimating the importance of cultural and foundational aspects such as governance, management practices, and understanding business value. You must have these fundamentals right before moving on."

Tony Denford,

Research Director – CIO

Info-Tech Research Group

Our understanding of the problem

This Research Is Designed For:

• CIO
• Senior IT Management

This Research Will Help You:

• Create or maintain service management (SM) practices to ensure user-facing services are delivered seamlessly to business users with minimum interruption.
• Increase the level of reliability and availability of the services provided to the business and improve the relationship and communication between IT and the business.

This Research Will Also Assist

• Service Management Process Owners

This Research Will Help Them:

• Formalize, standardize, and improve the maturity of service management practices.
• Identify new service management initiatives to move IT to the next level of service management maturity.

Executive summary

Situation

• Inconsistent adoption of holistic practices has led to a chaotic service delivery model that results in poor customer satisfaction.
• There is little structure, formalization, or standardization in the way IT services are designed and managed, leading to diminishing service quality and low business satisfaction.

Complication

• IT organizations want to be seen as strategic partners, but they fail to address the cultural and organizational constraints.
• Without alignment with the business goals, services often fail to provide the expected value.
• Traditional service management approaches are not adaptable for new ways of working.

Resolution

• Follow Info-Tech’s methodology to create a service management roadmap that will help guide the optimization of your IT services and improve IT’s value to the business.
• The blueprint will help you right-size your roadmap to best suit your specific needs and goals and will provide structure, ownership, and direction for service management.
• This blueprint allows you to accurately identify the current state of service management at your organization. Customize the roadmap and create a plan to achieve your target service management state.

Info-Tech Insight

Having effective service management practices in place will allow you to pursue activities such as innovation and drive the business forward. Addressing foundational elements like business alignment and management practices will enable you to build effective core practices that deliver business value. Consistent leadership support and engagement is essential to allow practitioners to focus on delivering expected outcomes.

Poor service management manifests in many different pains across the organization

Immaturity in service management will not result in one pain – rather, it will create a chaotic environment for the entire organization, crippling IT’s ability to deliver and perform.

Low Service Management Maturity

These are some of the pains that can be attributed to poor service management practices.

• Frequent service-impacting incidents
• Low satisfaction with the service desk
• High % of failed deployments
• Frequent change-related incidents
• Frequent recurring incidents
• Inability to find root cause
• No communication with the business
• Frequent capacity-related incidents

And there are many more…

Mature service management practices are a necessity, not a nice-to-have

Immature service management practices are one of the biggest hurdles preventing IT from reaching its true potential.

In 2004, PwC published a report titled “IT Moves from Cost Center to Business Contributor.” However, the 2014-2015 CSC Global CIO Survey showed that a high percentage of IT is still considered a cost center.

And low maturity of service management practices is inhibiting activities such as agility, DevOps, digitalization, and innovation.

Source: CSC Global CIO Survey: 2014-2015 “CIOs Emerge as Disruptive Innovators”

39%: Resources are primarily focused on managing existing IT workloads and keeping the lights on.

31%: Too much time and too many resources are used to handle urgent incidents and problems.

There are many misconceptions about what service management is

Misconception #1: “Service management is a process”

Effective service management is a journey that encompasses a series of initiatives that improves the value of services delivered.

Misconception #2: “Service Management = Service Desk”

Service desk is the foundation, since it is the main end-user touch point, but service management is a set of people and processes required to deliver business-facing services.

Misconception #3: “Service management is about the ITSM tool”

The tool is part of the overall service management program, but the people and processes must be in place before implementing.

Misconception #4: “Service management development is one big initiative”

Service management development is a series of initiatives that takes into account an organization’s current state, maturity, capacities, and objectives.

Misconception #5: “Service management processes can be deployed in any order, assuming good planning and design”

A successful service management program takes into account the dependencies of processes.

Misconception #6: “Service management is resolving incidents and deploying changes”

Service management is about delivering high-value and high-quality services.

Misconception #7: “Service management is not the key determinant of success”

As an organization progresses on the service management journey, its ability to deliver high-value and high-quality services increases.

Misconception #8: “Resolving Incidents = Success”

Preventing incidents is the name of the game.

Misconception #9: “Service Management = Good Firefighter”

Service management is about understanding what’s going on with user-facing services and proactively improving service quality.

Misconception #10: “Service management is about IT and technical services (e.g. servers, network, database)”

Service management is about business/user-facing services and the value the services provide to the business.

Service management projects often don’t succeed because they are focused on process rather than outcomes

Service management projects tend to focus on implementing process without ensuring foundational elements of culture and management practices are strong enough to support the change.

1. Aligning your service management goals with your organizational objectives leads to better understanding of the expected outcomes.

Understand your customers and what they value, and design your practices to deliver this value.

2. IT does not know what order is best when implementing new practices or process improvements.

Don't run before you can walk. Fundamental practices must reach the maturity threshold before developing advanced practices. Implement continuous improvement on your existing processes so they continue to support new practices.

3. IT does not follow best practices when implementing a practice.

Our best-practice research is based on extensive experience working with clients through advisory calls and workshops.

Info-Tech can help you create a customized, low-effort, and high-value service management roadmap that will shore up any gaps, prove IT’s value, and achieve business satisfaction.

Info-Tech’s methodology will help you customize your roadmap so the journey is right for you

With Info-Tech, you will find out where you are, where you want to go, and how you will get there.

With our methodology, you can expect the following:

• Eliminate or reduce rework due to poor execution.
• Identify dependencies/prerequisites and ensure practices are deployed in the correct order, at the correct time, and by the right people.
• Engage all necessary resources to design and implement required processes.
• Assess current maturity and capabilities and design the roadmap with these factors in mind.

Doing it right the first time around

You will see these benefits at the end

✓ Increase the quality of services IT provides to the business.

✓ Increase business satisfaction through higher alignment of IT services.

✓ Lower cost to design, implement, and manage services.

✓ Better resource utilization, including staff, tools, and budget.

Focus on a strong foundation to build higher value service management practices

Info-Tech Insight

Focus on behaviors and expected outcomes before processes.

Foundational elements

• Operating model facilitates service management goals
• Culture of service delivery
• Governance discipline to evaluate, direct, and monitor
• Management discipline to deliver

Stabilize

• Deliver stable, reliable IT services to the business
• Respond to user requests quickly and efficiently
• Resolve user issues in a timely manner
• Deploy changes smoothly and successfully

Proactive

• Avoid/prevent service disruptions
• Improve quality of service (performance, availability, reliability)

Service Provider

• Understand business needs
• Ensure services are available
• Measure service performance, based on business-oriented metrics

Strategic Partner

• Fully aligned with business
• Drive innovation
• Drive measurable value

Info-Tech Insight

Continued leadership support of the foundational elements will allow delivery teams to provide value to the business. Set the expectation of the desired maturity level and allow teams to innovate.

Follow our model and get to your target state

Before moving to advanced service management practices, you must ensure that the foundational and core elements are robust enough to support them. Leadership must nurture these practices to ensure they are sustainable and can support higher value, more mature practices.

Each step along the way, Info-Tech has the tools to help you

Phase 1: Launch the Project

Assemble a team with the right talent and vision to increase the chances of project success.

Phase 2: Assess Current State

Understand where you are currently on the service management journey using the maturity assessment tool.

Phase 3: Build Roadmap

Based on the assessments, build a roadmap to address areas for improvement.

Phase 4: Build Communication slide

Based on the roadmap, define the current state, short- and long-term visions for each major improvement area.

Info-Tech Deliverables:

• Project Charter
• Assessment Tools
• Roadmap Template
• Communication Template

CIO call to action

Improving the maturity of the organization’s service management practice is a big commitment, and the project can only succeed with active support from senior leadership.

Ideally, the CIO should be the project sponsor, even the project leader. At a minimum, the CIO needs to perform the following activities:

1. Walk the talk – demonstrate personal commitment to the project and communicate the benefits of the service management journey to IT and the steering committee.

Improving or adopting any new practice is difficult, especially for a project of this size. Thus, the CIO needs to show visible support for this project through internal communication and dedicated resources to help complete this project.

2. Select a senior, capable, and results-driven project leader.

Most likely, the implementation of this project will be lengthy and technical in some nature. Therefore, the project leader must have a good understanding of the current IT structure, senior standing within the organization, and the relationship and power in place to propel people into action.

3. Help to define the target future state of IT’s service management.

Determine a realistic target state for the organization based on current capability and resource/budget restraints.

4. Conduct periodic follow-up meetings to keep track of progress.

Reinforce or re-emphasize the importance of this project to the organization through various communication channels if needed.

Stabilizing your environment is a must before establishing any more-mature processes

CASE STUDY

Industry: Manufacturing

Source: Engagement

Challenge

• The business landscape was rapidly changing for this manufacturer and they wanted to leverage potential cost savings from cloud-first initiatives and consolidate multiple, self-run service delivery teams that were geographically dispersed.

Solution

Original Plan

• Consolidate multiple service delivery teams worldwide and implement service portfolio management.

Revised Plan with Service Management Roadmap:

• Markets around the world had very different needs and there was little understanding of what customers value.
• There was also no understanding of what services were currently being offered within each geography.

Results

• Plan was adjusted to understand customer value and services offered.
• Services were then stabilized and standardized before consolidation.
• Team also focused on problem maturity and drove a continuous improvement culture and increasing transparency.

MORAL OF THE STORY:

Understanding the value of each service allowed the organization to focus effort on high-return activities rather than continuous fire fighting.

Understand the processes involved in the proactive phase

CASE STUDY

Industry: Manufacturing

Source: Engagement

Challenge

• Services were fairly stable, but there were significant recurring issues for certain services.
• The business was not satisfied with the service quality for certain services, due to periodic availability and reliability issues.
• Customer feedback for the service desk was generally good.

Solution

Original Plan

• Review all service desk and incident management processes to ensure that service issues were handled in an effective manner.

Revised Plan with Service Management Roadmap:

• Design and deploy a rigorous problem management process to determine the root cause of recurring issues.
• Monitor key services for events that may lead to a service outage.

Results

• Root cause of recurring issues was determined and fixes were deployed to resolve the underlying cause of the issues.
• Service quality improved dramatically, resulting in high customer satisfaction.

MORAL OF THE STORY:

Make sure that you understand which processes need to be reviewed in order to determine the cause for service instability. Focusing on the proactive processes was the right answer for this company.

Have the right culture and structure in place before you become a service provider

CASE STUDY

Industry: Healthcare

Source:Journal of American Medical Informatics Association

Challenge

• The IT organization wanted to build a service catalog to demonstrate the value of IT to the business.
• IT was organized in technology silos and focused on applications, not business services.
• IT services were not aligned with business activities.
• Relationships with the business were not well established.

Solution

Original Plan

• Create and publish a service catalog.

Revised Plan: with Service Management Roadmap:

• Establish relationships with key stakeholders in the business units.
• Understand how business activities interface with IT services.
• Lay the groundwork for the service catalog by defining services from the business perspective.

Results

• Strong relationships with the business units.
• Deep understanding of how business activities map to IT services.
• Service definitions that reflect how the business uses IT services.

MORAL OF THE STORY:

Before you build and publish a service catalog, make sure that you understand how the business is using the IT services that you provide.

Calculate the benefits of using Info-Tech’s methodology

To measure the value of developing your roadmap using the Info-Tech tools and methodology, you must calculate the effort saved by not having to develop the methods.

A. How much time will it take to develop an industry-best roadmap using Info-Tech methodology and tools?

Using Info-Tech’s tools and methodology you can accurately estimate the effort to develop a roadmap using industry-leading research into best practice.

B. What would be the effort to develop the insight, assess your team, and develop the roadmap?

This metric represents the time your team would take to be able to effectively assess themselves and develop a roadmap that will lead to service management excellence.

C. Cost & time saving through Info-Tech’s methodology

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keeps us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks are used throughout all four options.

Create a Service Management Roadmap – project overview

Workshop overview

Contact your account representative or email Workshops@InfoTech.com for more information

PHASE 1

Launch the Project

Launch the project

This step will walk you through the following activities:

• Create a powerful, succinct mission statement based on your organization’s goals and objectives.
• Assemble a project team with representatives from all major IT teams.
• Determine project stakeholders and create a plan to convey the benefits of this project.
• Establish metrics to track the success of the project.

Step Insights

• The project leader should have a strong relationship with IT and business leaders to maximize the benefit of each initiative in the service management journey.
• The service management roadmap initiative will touch almost every part of the organization; therefore, it is important to have representation from all impacted stakeholders.
• The communication slide needs to include the organizational change impact of the roadmap initiatives.

Phase 1 outline

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

Use Info-Tech’s project charter to begin your initiative

1.1 Service Management Roadmap Project Charter

The Service Management Roadmap Project Charter is used to govern the initiative throughout the project. It provides the foundation for project communication and monitoring.

The template has been pre-populated with sample information appropriate for this project. Please review this sample text and change, add, or delete information as required.

The charter includes the following sections:

• Mission Statement
• Goals & Objectives
• Project Team
• Project Stakeholders
• Current State (from phases 2 & 3)
• Target State (from phases 2 & 3)
• Target State
• Metrics
• Sponsorship Signature

Use Info-Tech’s ready-to-use deliverable to customize your mission statement

Adapt and personalize Info-Tech’s Service Management Roadmap Mission Statement and Goals & Objectives below to suit your organization’s needs.

Goals & Objectives

• Create a plan for implementing service management initiatives that align with the overall goals/objectives for service management.
• Identify service management initiatives that must be implemented/improved in the short term before deploying more advanced initiatives.
• Determine the target state for each initiative based on current maturity and level of investment available.
• Identify service management initiatives and understand dependencies, prerequisites, and level of effort required to implement.
• Determine the sequence in which initiatives should be deployed.
• Create a detailed rollout plan that specifies initiatives, time frames, and owners.
• Engage the right teams and obtain their commitment throughout both the planning and assessment of roadmap initiatives.
• both the planning and assessment of roadmap initiatives. Obtain support for the completed roadmap from executive stakeholders.

Example Mission Statement

To help [Organization Name] develop a set of service management practices that will better address the overarching goals of the IT department.

To create a roadmap that sequences initiatives in a way that incorporates best practices and takes into consideration dependencies and prerequisites between service management practices.

To garner support from the right people and obtain executive buy-in for the roadmap.

Create a well-balanced project team

The project leader should be a member of your IT department’s senior executive team with goals and objectives that will be impacted by service management implementation. The project leader should possess the following characteristics:

Leader

• Influence and impact
• Comprehensive knowledge of IT and the organization
• Relationship with senior IT management
• Ability to get things done

Team Members

Identify

The project team members are the IT managers and directors whose day-to-day lives will be impacted by the service management roadmap and its implementation. The service management initiative will touch almost every IT staff member in the organization; therefore, it is important to have representatives from every single group, including those that are not mentioned. Some examples of individuals you should consider for your team:

• Service Delivery Managers
• Director/Manager of Applications
• Director/Manager of Infrastructure
• Director/Manager of Service Desk
• Business Relationship Managers
• Project Management Office

Engage & Communicate

You want to engage your project participants in the planning process as much as possible. They should be involved in the current-state assessment, the establishment of goals and objectives, and the development of your target state.

To sell this project, identify and articulate how this project and/or process will improve the quality of their job. For example, a formal incident management process will benefit people working at the service desk or on the applications or infrastructure teams. Helping them understand the gains will help to secure their support throughout the long implementation process by giving them a sense of ownership.

The project stakeholders should also be project team members

When managing stakeholders, it is important to help them understand their stake in the project as well as their own personal gain that will come out of this project.

For many of the stakeholders, they also play a critical role in the development of this project.

Role & Benefits

• CIO

The CIO should be actively involved in the planning stage to help determine current and target stage.

The CIO also needs to promote and sell the project to the IT team so they can understand that higher maturity of service management practices will allow IT to be seen as a partner to the business, giving IT a seat at the table during decision making.

• Service Delivery Managers/Process Owners

Service Delivery Managers are directly responsible for the quality and value of services provided to the business owners. Thus, the Service Delivery Managers have a very high stake in the project and should be considered for the role of project leader.

Service Delivery Managers need to work closely with the process owners of each service management process to ensure clear objectives are established and there is a common understanding of what needs to be achieved.

• IT Steering Committee

The Committee should be informed and periodically updated about the progress of the project.

• Manager/Director – Service Desk

The Manager of the Service Desk should participate closely in the development of fundamental service management processes, such as service desk, incident management, and problem management.

Having a more established process in place will create structure, governance, and reduce service desk staff headaches so they can handle requests or incidents more efficiently.

• Manager/Director –Applications & Infrastructure

The Manager of Applications and Infrastructure should be heavily relied on for their knowledge of how technology ties into the organization. They should be consulted regularly for each of the processes.

This project will also benefit them directly, such as improving the process to deploy a fix into the environment or manage the capacity of the infrastructure.

• Business Relationship Manager

As the IT organization moves up the maturity ladder, the Business Relationship Manager will play a fundamental role in the more advanced processes, such as business relationship management, demand management, and portfolio management.

This project will be an great opportunity for the Business Relationship Manager to demonstrate their value and their knowledge of how to align IT objectives with business vision.

Ensure you get the entire IT organization on board for the project with a well-practiced change message

Getting the IT team on board will greatly maximize the project’s chance of success.

One of the top challenges for organizations embarking on a service management journey is to manage the magnitude of the project. To ensure the message is not lost, communicate this roadmap in two steps.

1. Communicate the roadmap initiative

The most important message to send to the IT organization is that this project will benefit them directly. Articulate the pains that IT is currently experiencing and explain that through more mature service management, these pains can be greatly reduced and IT can start to earn a place at the table with the business.

2. Communicate the implementation of each process separately

The communication of process implementation should be done separately and at the beginning of each implementation. This is to ensure that IT staff do not feel overwhelmed or overloaded. It also helps to keep the project more manageable for the project team.

Continuously monitor feedback and address concerns throughout the entire process

• Host lunch and learns to provide updates on the service management initiative to the entire IT team.
• Understand if there are any major roadblocks and facilitate discussions on how to overcome them.

Articulate the service management initiative to the IT organization

Spread the word and bring attention to your change message through effective mediums and organizational changes.

Key aspects of a communication plan

The methods of communication (e.g. newsletters, email broadcast, news of the day, automated messages) notify users of implementation.

In addition, it is important to know who will deliver the message (delivery strategy). You need IT executives to deliver the message – work hard on obtaining their support as they are the ones communicating to their staff and should be your project champions.

Anticipate organizational changes

The implementation of the service management roadmap will most likely lead to organizational changes in terms of structure, roles, and responsibilities. Therefore, the team should be prepared to communicate the value that these changes will bring.

Communicating Change

• What is the change?
• Why are we doing it?
• How are we going to go about it?
• What are we trying to achieve?
• How often will we be updated?

The Qualities of Leadership: Leading Change

Create a project communication plan for your stakeholders

This project cannot be successfully completed without the support of senior IT management.

1. After the CIO has introduced this project through management meetings or informal conversation, find out how each IT leader feels about this project. You need to make sure the directors and managers of each IT team, especially the directors of application and infrastructure, are on board.
2. After the meeting, the project leader should seek out the major stakeholders (particularly the heads of applications and infrastructure) and validate their level of support through formal or informal meetings. Create a list documenting the major stakeholders, their level of support, and how the project team will work to gain their approval.
3. For each identified stakeholder, create a custom communication plan based on their role. For example, if the director of infrastructure is not a supporter, demonstrate how this project will enable them to better understand how to improve service quality. Provide periodic reporting or meetings to update the director on project progress.

INPUT

• A collaborative discussion between team members

OUTPUT

• Thorough briefing for project launch
• A committed team

Materials

• Communication message and plan
• Metric tracking

Participants

• Project leader
• Core project team

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

1.1

Create a powerful, succinct mission statement

Using Info-Tech’s sample mission statement as a guide, build your mission statement based on the objectives of this project and the benefits that this project will achieve. Keep the mission statement short and clear.

1.2

Assemble the project team

Create a project team with representatives from all major IT teams. Engage and communicate to the project team early and proactively.

1.3

Identify project stakeholders and create a communication plan

Info-Tech will help you identify key stakeholders who have a vested interest in the success of the project. Determine the communication message that will best gain their support.

1.4

Use metrics to track the success of the project

The onsite analyst will help the project team determine the appropriate metrics to measure the success of this project.

PHASE 2

Assess Your Current Service Management State

Assess your current state

This step will walk you through the following activities:

• Use Info-Tech’s Service Management Maturity Assessment Tool to determine your overall practice maturity level.
• Understand your level of completeness for each individual practice.
• Understand the three major phases involved in the service management journey; know the symptoms of each phase and how they affect your target state selection.

Step Insights

• To determine the real maturity of your service management practices, you should focus on the results and output of the practice, rather than the activities performed for each process.
• Focus on phase-level maturity as opposed to the level of completeness for each individual process.

Phase 2 outline

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

Understand and assess impacting forces – constraints and enablers

Constraints and enablers are organizational and behavioral triggers that directly impact your ability and approach to establishing Service Management practices.

Effective service management requires a mix of different approaches and practices that best fit your organization. There’s not a one-size-fits-all solution. Consider the resources, environment, emerging technologies, and management practices facing your organization. What items can you leverage or use to mitigate to move your service management program forward?

Use Info-Tech’s “Organizational Context” template to list the constraints and enablers affecting your service management

The Service Management Roadmap Presentation Template will help you understand the business environment you need to consider as you build out your roadmap.

Discuss and document constraints and enablers related to the business environment, available resources, management practices, and emerging technologies. Any constraints will need to be addressed within your roadmap and enablers should be leveraged to maximize your results.

Document constraints and enablers

1. Discuss and document the constrains and enablers for each aspect of the management mesh: environment, resources, management practices, or technology.
2. Use this as a thought provoker in later exercises.

INPUT

• A collaborative discussion

OUTPUT

• Organizational context constraints and enablers

Materials

• Whiteboards or flip charts

Participants

• All stakeholders

Build compelling vision and mission statements to set the direction of your service management program

While you are articulating the vision and mission, think about the values you want the team to display. Being explicit can be a powerful tool to create alignment.

A vision statement describes the intended state of your service management organization, expressed in the present tense.

A mission statement describes why your service management organization exists.

Your organizational values state how you will deliver services.

Use Info-Tech’s “Vision, Mission, and Values” template to set the aspiration & purpose of your service management practice

The Service Management Roadmap Presentation Template will help you document your vision for service management, the purpose of the program, and the values you want to see demonstrated.

If the team cannot gain agreement on their reason for being, it will be difficult to make traction on the roadmap items. A concise and compelling statement can set the direction for desired behavior and help team members align with the vision when trying to make ground-level decisions. It can also be used to hold each other accountable when undesirable behavior emerges. It should be revised from time to time, when the environment changes, but a well-written statement should stand the test of time.

Document your organization’s vision, mission , and values

1. Vision: Identify your desired target state, consider the details of that target state, and create a vision statement.
2. Mission: Consider the fundamental purpose of your SM program and craft a statement of purpose.
3. Values: As you work through the vision and mission, identify values that your organization prides itself in or has the aspiration for.
4. Discuss common themes and then develop a concise vision statement and mission statement that incorporates the group’s ideas.

INPUT

• A collaborative discussion

OUTPUT

• Vision statement
• Mission statement
• Organizational values

Materials

• Whiteboards or flip charts
• Sample vision and mission statements

Participants

• All stakeholders
• Senior leadership

Understanding attitude, behavior, and culture

Attitude

• What people think and feel. It can be seen in their demeanor and how they react to change initiatives, colleagues, and users.

Any form of organizational change involves adjusting people’s attitudes, creating buy-in and commitment. You need to identify and address attitudes that can lead to negative behaviors and actions or that are counter-productive. It must be made visible and related to your desired behavior.

Behaviour

• What people do. This is influenced by attitude and the culture of the organization.

To implement change within IT, especially at a tactical level, both IT and organizational behavior needs to change. This is relevant because people don’t like to change and will resist in an active or passive way unless you can sell the need, value, and benefit of changing their behavior.

Culture

• The accepted and understood ways of working in an organization. The values and standards that people find normal and what would be tacitly identified to new resources.

The organizational or corporate “attitude,” the impact on employee behavior and attitude is often not fully understood. Culture is an invisible element, which makes it difficult to identify, but it has a strong impact and must be addressed to successfully embed any organizational change or strategy.

Culture is a critical and under-addressed success factor

43% of CIOs cited resistance to change as the top impediment to a successful digital strategy.

CIO.com

75% of organizations cannot identify or articulate their culture or its impact.

Info-Tech

“Shortcomings in organizational culture are one of the main barriers to company success in the digital age.”

McKinsey – “Culture for a digital age”

Examples of how they apply

Attitude

• “I’ll believe that when I see it”
• Positive outlook on new ideas and changes

Behaviour

• Saying you’ll follow a new process but not doing so
• Choosing not to document a resolution approach or updating a knowledge article, despite being asked

Culture

• Hero culture (knowledge is power)
• Blame culture (finger pointing)
• Collaborative culture (people rally and work together)

Why have we failed to address attitude, behavior, and culture?

✓ While there is attention and better understanding of these areas, very little effort is made to actually solve these challenges.

✓ The impact is not well understood.

✓ The lack of tangible and visible factors makes it difficult to identify.

✓ There is a lack of proper guidance, leadership skills, and governance to address these in the right places.

✓ Addressing these issues has to be done proactively, with intent, rigor, and discipline, in order to be successful.

✓ We ignore it (head in the sand and hoping it will fix itself).

Avoidance has been a common strategy for addressing behavior and culture in organizations.

Use Info-Tech’s “Culture and Environment” template to identify cultural constraints that should be addressed in roadmap

The Service Management Roadmap Presentation Template will help you document attitude, behavior, and culture constraints.

Discuss as a team attitudes, behaviors, and cultural aspects that can either hinder or be leveraged to support your vision for the service management program. Capture all items that need to be addressed in the roadmap.

Document your organization’s attitudes, behaviors, and culture

1. Discuss and document positive and negative aspects of attitude, behavior, or culture within your organization.
2. Identify the items that need to be addressed as part of your roadmap.

INPUT

• A collaborative discussion

OUTPUT

• Culture and environment worksheet

Materials

• Whiteboards or flip charts

Participants

• All stakeholders

The relationship to governance

Attitude, behavior, and culture are still underestimated as core success factors in governance and management.

Behavior is a key enabler of good governance. Leading by example and modeling behavior has a cascading impact on shifting culture, reinforcing the importance of change through adherence.

Executive leadership and governing bodies must lead and support cultural change.

Key Points

• Less than 25% of organizations have formal IT governance in place (ITSM Tools).
• Governance tends to focus on risk and compliance (controls), but forgets the impact of value and performance.

Lack of oversight often limits the value of service management implementations

Organizations often fail to move beyond risk mitigation, losing focus of the goals of their service management practices and the capabilities required to produce value.

Risk Mitigation

• Stabilize IT
• Service Desk
• Incident Management
• Change Management

Gap

• Organizational alignment through governance
• Disciplined focus on goals of SM

Value Production

• Value that meets business and consumer needs

This creates a situation where service management activities and roadmaps focus on adjusting and tweaking process areas that no longer support how the organization needs to work.

How does establishing governance for service management provide value?

Governance of service management is a gap in most organizations, which leads to much of the failure and lack of value from service management processes and activities.

Once in place, effective governance enables success for organizations by:

1. Ensuring service management processes improve business value
2. Measuring and confirming the value of the service management investment
3. Driving a focus on outcome and impact instead of simply process adherence
4. Looking at the integrated impact of service management in order to ensure focused prioritization of work
5. Driving customer-experience focus within organizations
6. Ensuring quality is achieved and addressing quality impacts and dependencies between processes

Four common service management process ownership models

Your ownership structure largely defines how processes will need to be implemented, maintained, and improved. It has a strong impact on their ability to integrate and how other teams perceive their involvement.

Most organizations are somewhere within this spectrum of four core ownership models, usually having some combination of shared traits between the two models that are closest to them on the scale.

Info-Tech Insight

The organizational structure that is best for you depends on your needs, and one is not necessarily better than another. The next four slides describe when each ownership level is most appropriate.

Distributed process ownership

Distributed process ownership is usually evident when organizations initially establish their service management practices. The processes are assigned to a specific group, who assumes some level of ownership over its execution.

Info-Tech Insight

This model is often a suitable approach for initial implementations or where it may be difficult to move out of siloes within the organization’s structure or culture.

Centralized process ownership

Centralized process ownership usually becomes necessary for organizations as they move into a more functional structure. It starts to drive management of processes horizontally across the organization while still retaining functional management control.

Info-Tech Insight

This model is often suitable for maturing organizations that are starting to look at process integration and shared service outcomes and accountability.

Federated process ownership

Federated process ownership allows for global control and regional variation, and it supports product orientation and Agile/DevOps principles

Info-Tech Insight

Federated process ownership is usually evident in organizations that have an international or multi-regional presence.

Service management office (SMO)

SMO structures tend to occur in highly mature organizations, where service management responsibility is seen as an enterprise accountability.

Info-Tech Insight

SMOs are suitable for organizations with a defined IT and organizational strategy. A SMO supports integration with other enterprise practices like enterprise architecture and the PMO.

Determine which process ownership and governance model works best for your organization

The Service Management Roadmap Presentation Template will help you document process ownership and governance model

Example:

Key Goals:

☐ Own accountability for changes to core processes

☐ Understand systemic nature and dependencies related to processes and services

☐ Approve and prioritize improvement and CSI initiatives related to processes and services

☐ Evaluate success of initiative outcomes based on defined benefits and expectations

☐ Own Service Management and Governance processes and policies

☐ Report into ITSM executive or equivalent body

Membership:

☐ Process Owners, SM Owner, Tool Owner/Liaison, Audit

Discuss as a team which process ownership model works for your organization. Determine who will govern the service management practice. Determine items that should be identified in your roadmap to address governance and process ownership gaps.

Use Info-Tech’s “SWOT” template to identify strengths, weaknesses, opportunities & threats that should be addressed

The Service Management Roadmap Presentation Template will help you document items from your SWOT analysis.

Brainstorm the strengths, weaknesses, opportunities, and threats related to resources, environment, technology, and management practices. Add items that need to be addressed to your roadmap.

Perform a SWOT analysis

1. Brainstorm each aspect of the SWOT with an emphasis on:

• Resources
• Environment
• Technologies
• Management Practices

INPUT

• A collaborative discussion

OUTPUT

• SWOT analysis
• Priority items identified

Materials

• Whiteboards or flip charts

Participants

• All stakeholders

Indicate desired maturity level for your service management program to be successful

Discuss the various maturity levels and choose a desired level that would meet business needs.

INPUT

• A collaborative discussion

OUTPUT

• Desired state of service management maturity

Materials

• None

Participants

• All stakeholders

Use Info-Tech’s Service Management Process Maturity Assessment Tool to understand your current state

The Service Management Process Maturity Assessment Tool will help you understand the true state of your service management.

Part 1, Part 2, and Part 3 tabs

These three worksheets contain questions that will determine the overall maturity of your service management processes. There are multiple sections of questions focused on different processes. It is very important that you start from Part 1 and continue the questions sequentially.

Results tab

The Results tab will display the current state of your service management processes as well as the percentage of completion for each individual process.

Complete the service management process maturity assessment

The current-state assessment will be the foundation of building your roadmap, so pay close attention to the questions and answer them truthfully.

1. Start with tab 1 in the Service Management Process Maturity Assessment Tool. Remember to read the questions carefully and always use the feedback obtained through the end-user survey to help you determine the answer.
2. In the “Degree of Process Completeness” column, use the drop-down menu to input the results solicited from the goals and objectives meeting you held with your project participants.

3. Host a meeting with all participants following completion of the survey and have them bring their results. Discuss in a round-table setting, keeping a master sheet of agreed upon results.

INPUT

• Service Management Process Maturity Assessment Tool questions

OUTPUT

• Determination of current state

Materials

• Service Management Process Maturity Assessment Tool

Participants

• Project team members

Review the results of your current-state assessment

At the end of the assessment, the Results tab will have action items you could perform to close the gaps identified by the process assessment tool.

INPUT

• Maturity assessment results

OUTPUT

• Determination of overall and individual practice maturity

Materials

• Service Management Maturity Assessment Tool

Participants

• Project team members

Use Info-Tech’s OCM Capability Assessment tool to understand your current state

The Organizational Change Management Capabilities Assessment tool will help you understand the true state of your organizational change management capabilities.

Complete the Capabilities tab to capture the current state for organizational change management. Review the Results tab for interpretation of the capabilities. Review the Recommendations tab for actions to address low areas of maturity.

Complete the OCM capability assessment

1. Open Organizational Change Management Capabilities Assessment tool.
2. Come to consensus on the most appropriate answer for each question. Use the 80/20 rule.
3. Review result charts and discuss findings.
4. Identify roadmap items based on maturity assessment.

INPUT

• A collaborative discussion

OUTPUT

• OCM Assessment tool
• OCM assessment results

Materials

• OCM Capabilities Assessment tool

Participants

• All stakeholders

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

2.1

Create a powerful, succinct mission statement

Using Info-Tech’s sample mission statement as a guide, build your mission statement based on the objectives of this project and the benefits that this project will achieve. Keep the mission statement short and clear.

2.2

Complete the assessment

With the project team in the room, go through all three parts of the assessment with consideration of the feedback received from the business.

2.3

Interpret the results of the assessment

The Info-Tech onsite analyst will facilitate a discussion on the overall maturity of your service management practices and individual process maturity. Are there any surprises? Are the results reflective of current service delivery maturity?

PHASE 3

Build Your Service Management Roadmap

Build Roadmap

This step will walk you through the following activities:

• Document your vision and mission on the roadmap one-pager.
• Using the inputs from the current-state assessments, identify the key themes required by your organization.
• Identify individual initiatives needed to address key themes.

Step Insights

• Using the Info-Tech thought model, address foundational gaps early in your roadmap and establish the management methods to continuously make them more robust.
• If any of the core practices are not meeting the vision for your service management program, be sure to address these items before moving on to more advanced service management practices or processes.
• Make sure the story you are telling with your roadmap is aligned to the overall organizational goals.

Phase 3 outline

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

Focus on a strong foundation to build higher value service management practices

Info-Tech Insight

Focus on behaviors and expected outcomes before processes.

Foundational elements

• Operating model facilitates service management goals
• Culture of service delivery
• Governance discipline to evaluate, direct, and monitor
• Management discipline to deliver

Stabilize

• Deliver stable, reliable IT services to the business
• Respond to user requests quickly and efficiently
• Resolve user issues in a timely manner
• Deploy changes smoothly and successfully

Proactive

• Avoid/prevent service disruptions
• Improve quality of service (performance, availability, reliability)

Service Provider

• Understand business needs
• Ensure services are available
• Measure service performance, based on business-oriented metrics

Strategic Partner

• Fully aligned with business
• Drive innovation
• Drive measurable value

Info-Tech Insight

Continued leadership support of the foundational elements will allow delivery teams to provide value to the business. Set the expectation of the desired maturity level and allow teams to innovate.

Identify themes that can help you build a strong foundation before moving to higher level practices

Before moving to advanced service management practices, you must ensure that the foundational and core elements are robust enough to support them. Leadership must nurture these practices to ensure they are sustainable and can support higher value, more mature practices.

Use Info-Tech’s “Service Management Roadmap” template to document your vision, themes and initiatives

The Service Management Roadmap Presentation Template contains a roadmap template to help communicate your vision, themes to be addressed, and initiatives

Working from the lower maturity items to the higher value practices, identify logical groupings of initiatives into themes. This will aid in communicating the reasons for the needed changes. List the individual initiatives below the themes. Adding the service management vision and mission statements can help readers understand the roadmap.

Document your service management roadmap

1. Document the service management vision and mission on the roadmap template.
2. Identify, from the assessments, areas that need to be improved or implemented.
3. Group the individual initiatives into logical themes that can ease communication of what needs to happen.
4. Document the individual initiatives.
5. Document in terms that business partners and executive sponsors can understand.

INPUT

• Current-state assessment outputs
• Maturity model

OUTPUT

• Service management roadmap

Materials

• Whiteboard
• Roadmap template

Participants

• All stakeholders

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

3.1

Identify themes to address items from the foundational level up to higher value service management practices

Identify easily understood themes that will help others understand the expected outcomes within your organization.

Document individual initiatives that contribute to the themes

Identify specific activities that will close gaps identified in the assessments.

PHASE 2

Build Communication Slide

Complete your service management roadmap

This step will walk you through the following activities:

• Use the current-state assessment exercises to document the state of your service management practices. Document examples of the behaviors that are currently seen.
• Document the expected short-term gains. Describe how you want the behaviors to change.
• Document the long-term vision for each item and describe the benefits you expect to see from addressing each theme.

Step Insights

• Use the communication template to acknowledge the areas that need to be improved and paint the short- and long-term vision for the improvements to be made through executing the roadmap.
• Write it in business terms so that it can be used widely to gain acceptance of the upcoming changes that need to occur.
• Include specific areas that need to be fixed to make it more tangible.
• Adding the values from the vision, mission, and values exercise can also help you set expectations about how the team will behave as they move towards the longer-term vision.

Phase 4 Outline

Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

Use Info-Tech’s “Service Management Roadmap – Brought to Life” template to paint a picture of the future state

The Service Management Roadmap Presentation Template contains a communication template to help communicate your vision of the future state

Use this template to demonstrate how existing pain points to delivering services will improve over time by painting a near- and long-term picture of how things will change. Also list specific initiatives that will be launched to affect the changes. Listing the values identified in the vision, mission, and values exercise will also demonstrate the team’s commitment to changing behavior to create better outcomes.

Document your current state and list initiatives to address them

1. Use the previous assessments and feedback from business or customers to identify current behaviors that need addressing.
2. Focus on high-impact items for this document, not an extensive list.

3. List the initiatives or actions that will be used to address the specific pain points.

INPUT

• Current-state assessment outputs
• Feedback from business

OUTPUT

• Service Management Roadmap Communication Tool, in the Service Management Roadmap Presentation

Materials

• Whiteboard
• Roadmap template

Participants

• All stakeholders

Document your future state

1. For each pain point document the expected behaviors, both short term and longer term.
2. Write in terms that allow readers to understand what to expect from your service management practice.

INPUT

• Current-state assessment outputs
• Feedback from business

OUTPUT

• Service Management Roadmap Communication Tool, in the Service Management Roadmap Presentation Template

Materials

• Whiteboard
• Roadmap template

Participants

• All stakeholders

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

4.1

Identify the pain points and initiatives to address them

Identify items that the business can relate to and initiatives or actions to address them.

4.2

Identify short- and long-term expectations for service management

Communicate the benefits of executing the roadmap both short- and long-term gains.

Research contributors and experts

Valence Howden, Principal Research Director, CIO Practice

Info-Tech Research Group

Valence helps organizations be successful through optimizing how they govern, design, and execute strategies, and how they drive service excellence in all work. With 30 years of IT experience in the public and private sectors, he has developed experience in many information management and technology domains, with focus in service management, enterprise and IT governance, development and execution of strategy, risk management, metrics design and process design, and implementation and improvement.

Graham Price, Research Director, CIO Practice

Info-Tech Research Group

Graham has an extensive background in IT service management across various industries with over 25 years of experience. He was a principal consultant for 17 years, partnering with Fortune 500 clients throughout North America, leveraging and integrating industry best practices in IT service management, service catalog, business relationship management, IT strategy, governance, and Lean IT and Agile.

Sharon Foltz, Senior Workshop Director

Info-Tech Research Group

Sharon is a Senior Workshop Director at Info-Tech Research Group. She focuses on bringing high value to members via leveraging Info-Tech’s blueprints and other resources enhanced with her breadth and depth of skills and expertise. Sharon has spent over 15 years in various IT roles in leading companies within the United States. She has strong experience in organizational change management, program and project management, service management, product management, team leadership, strategic planning, and CRM across various global organizations.

Related Info-Tech Research

Build a Roadmap for Service Management Agility

Extend the Service Desk to the Enterprise

Bibliography

• “CIOs Emerge as Disruptive Innovators.” CSC Global CIO Survey: 2014-2015. Web.
• “Digital Transformation: How Is Your Organization Adapting?” CIO.com, 2018. Web.
• Goran, Julie, Laura LaBerge, and Ramesh Srinivasan. “Culture for a digital age.” McKinsey, July 2017. Web.
• The Qualities of Leadership: Leading Change. Cornelius & Associates, 14 April 2012.
• Wilkinson, Paul. “Culture, Ethics, and Behavior – Why Are We Still Struggling?” ITSM Tools, 5 July 2018. Web.

Endpoint Management Selection Guide

Streamline your organizational approach to selecting a right-sized endpoint management platform.

Endpoint Management Selection Guide

Streamline your organizational approach toward the selection of a right-sized endpoint management platform.

EXECUTIVE BRIEF

Analyst Perspective

Revolutionize your endpoint management with a proper tool selection approach

The endpoint management market has an ever-expanding and highly competitive landscape. The market has undergone tremendous evolution in past years, from device management to application deployments and security management. The COVID-19 pandemic forced organizations to service employees and end users remotely while making sure corporate data is safe and user satisfaction doesn't get negatively affected. In the meantime, vendors were forced to leverage technology enhancements to satisfy such requirements.

That being said, endpoint management solutions have become more complex, with many options to manage operating systems and run applications for relevant user groups. With the work-from-anywhere model, customer support is even more important than before, as a remote workforce may face more issues than before, or enterprises may want to ensure more compliance with policies.

Moreover, the market has become more complex, with lots of added capabilities. Some features may not be beneficial to corporations, and with a poor market validation, businesses may end up paying for some capabilities that are not useful.

In this blueprint, we help you quickly define your requirements for endpoint management and narrow down a list to find the solutions that fulfill your use cases.

Mahmoud Ramin, PhD
Senior Research Analyst, Infrastructure and Operations
Info-Tech Research Group

Executive Summary

Your Challenge

Endpoint management solutions are becoming increasingly essential – deploying the right devices and applications to the right users and zero-touch provisioning are indispensable parts of a holistic strategy for improving customers' experience. However, selecting the right-sized platform that aligns with your requirements is a big challenge.

Following improvements in end-user computation strategies, selection of the right endpoint management solution is a crucial next step in delivering concrete business value.

Common Obstacles

Despite the importance of selecting the right endpoint management platform, many organizations struggle to define an approach to picking the most appropriate vendor and rolling out the solution in an effective and cost-efficient manner. There are many options available, which can cause business and IT leaders to feel lost.

The endpoint management market is evolving quickly, making the selection process tedious. On top of that, IT has a hard time defining their needs and aligning solution features with their requirements.

Info-Tech's Approach

Determine what you require from an endpoint management solution.

Review the market space and product offerings, and compare the capabilities of key players.

Create a use case – use top-level requirements to determine use cases and short-list vendors.

Conduct a formal process for interviewing vendors, using Info-Tech's templates to select the best platform for your requirements.

Info-Tech Insight

Investigate vendors' roadmaps to figure out which of the candidate platforms can fulfill your long-term requirements without any unnecessary investment in features that are not currently useful for you. Make sure you don't purchase capabilities that you will never use.

What are endpoint management platforms?

Our definition: Endpoint management solutions are platforms that enable IT with appropriate provisioning, security, monitoring, and updating endpoints to ensure that they are in good health. Typical examples of endpoints are laptops, computers, wearable devices, tablets, smart phones, servers, and the Internet of Things (IoT).

First, understand differences between mobile management solutions

• Endpoint management solutions monitor and control the status of endpoints. They help IT manage and control their environment and provide top-notch customer service.
• These solutions ensure a seamless and efficient problem management, software updates and remediations in a secure environment.
• Endpoint management solutions have evolved very quickly to satisfy IT and user needs:
• Mobile Device Management (MDM) helps with controlling features of a device.
• Enterprise Mobile Management (EMM) controls everything in a device.
• Unified Endpoint Management (UEM) manages all endpoints.

Endpoint management includes:

• Device management
• Device configuration
• Device monitoring
• Device security

Info-Tech Insight

As endpoint management encompasses a broad range of solution categories including MDM, EMM, and UEM, look for your real requirements. Don't pay for something that you won't end up using.

As UEM covers all of MDM and EMM capabilities, we overview market trends of UEM in this blueprint to give you an overall view of market in this space.

Your challenge: Endpoint management has evolved significantly over the past few years, which makes software selection overwhelming

Additional challenges occur in securing endpoints

A rise in the number of attacks on cloud services creates a need to leverage endpoint management solutions

MarketsandMarkets predicted that global cloud infrastructure services would increase from US$73 billion in 2019 to US$166.6 billion in 2024 (2019).

A study by the Ponemon Institute showed that 68% of respondents believe that security attacks increased over the past 12 months (2020).

The study reveals that over half of IT security professionals who participated in the survey believe that organizations are not very efficient in securing their endpoints, mainly because they're not efficient in detecting attacks.

IT professionals would like to link endpoint management and security platforms to unify visibility and control, to determine potential risks to endpoints, and to manage them in a single solution.

Businesses will continue to be compromised by the vulnerabilities of cloud services, which pose a challenge to organizations trying to maintain control of their data.

Trends in endpoint management have been undergoing a tremendous change

In 2020, about 5.2 million users subscribed to mobile services, and smartphones accounted for 65% of connections. This will increase to 80% by 2025.
Source: Fortune Business Insights, 2021

Info-Tech's methodology for selecting a right-sized endpoint management platform

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

The endpoint management purchase process should be broken into segments:

1. Endpoint management vendor shortlisting with this buyer's guide
2. Structured approach to selection
3. Contract review

Info-Tech's approach

Complementary research:

Create a quick business case and requirements document to align stakeholders to your vision with Info-Tech's Rapid Application Selection Framework.
See what your peers are saying about these vendors at SoftwareReviews.com.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Phase 1

Understand core features and build your business case

This phase will walk you through the following activity:

Define use cases and core features for meeting business and technical goals

This phase involves the following participants:

• CIO
• IT manager
• Infrastructure & Applications directors

MDM solutions function at the level of corporate devices. Something else was needed to enable personal device management.

Major components of EMM solutions

Mobile Application Management (MAM)

Allows organizations to control individual applications and their associated data. It restricts malicious apps and enables in-depth application management, configuration, and removal.

Containerization

Enables separation of work-related data from private data. It provides encrypted containers on personal devices to separate the data, providing security on personal devices while maintaining users' personal data.

Mobile Content Management (MCM)

Helps remote distribution, control, management, and access to corporate data.

Mobile Security Management (MSM)

Provides application and data security on devices. It enables application analysis and auditing. IT can use MSM to provide strong passwords to applications, restrict unwanted applications, and protect devices from unsecure websites by blacklisting them.

Mobile Expense Management (MEM)

Enables mobile data communication expenses auditing. It can also set data limits and restrict network connections on devices.

Identity Management

Sets role-based access to corporate data. It also controls how different roles can use data, improving application and data security. Multifactor authentication can be enforced through the identity management featured of an EMM solution.

Unified endpoint management: Control all endpoints in a single pane of glass

IT admins used to provide customer service such as installation, upgrades, patches, and account administration via desktop support. IT support is not on physical assistance over end users' desktops anymore.

The rise of BYOD enhanced the need to be able to control sensitive data outside corporate network connection on all endpoints, which was beyond the capability of MDM and EMM solutions.

• It's now almost impossible for IT to be everywhere to support customers.
• This created a need to conduct tasks simultaneously from one single place.
• UEM enables IT to run, manage, and control endpoints from one place, while ensuring that device health and security remain uncompromised.
• UEM combines features of MDM and EMM while extending EMM's capabilities to all endpoints, including computers, laptops, tablets, phones, printers, wearables, and IoT.

Info-Tech Insight

Organizations once needed to worry about company connectivity assets such as computers and laptops. To manage them, traditional client management tools like Microsoft Configuration Manager would be enough.

With the increase in the work-from-anywhere model, it is very hard to control, manage, and monitor devices that are not connected to a VPN. UEM solutions enable IT to tackle this challenge and have full visibility into and management of any device.

UEM platforms help with saving costs and increasing efficiency

UEM helps corporates save on their investments as it consolidates use-case management in a single console. Businesses don't need to invest in different device and application management solutions.

From the employee perspective, UEM enables them to work on their own devices while enforcing security on their personal data.

• Security and privacy are very important criteria for organizations. With the rapid growth of the work-from-anywhere model, corporate security is a huge concern for companies.
• Working from home has forced companies to invest a lot in data security, which has led to high UEM demand. UEM solutions streamline security management by consolidating device management in a single platform.
• With the fourth-generation industrial revolution, we're experiencing a significant rise in the use of IoT devices. UEM solutions are very critical for managing, configuring, and securing these devices.
• There will be a huge increase in cyber threats due to automation, IoT, and cloud services. The pandemic has sped up the adoption of such services, forcing businesses to rethink their enterprise mobility strategies. They are now more cautious about security risks and remediations. Businesses need UEM to simplify device management on multiple endpoints.
• With UEM, IT environment management gets more granular, while giving IT better visibility on devices and applications.

UEM streamlines mundane admin tasks and simplifies user issues.

Even with a COPE or COBO provisioning model, without any IT intervention, users can decide on when to install relevant updates. It also may lead to shadow IT.

Endpoint management, and UEM more specifically, enables IT to enforce administration over user devices, whether they are corporate or personally owned. This is enabled without interfering with private/personal data.

Where it's going: The future state of UEM

Despite the fast evolution of the UEM market, many organizations do not move as fast as technological capabilities. Although over half of all organizations have at least one UEM solution, they may not have a good strategy or policies to maximize the value of technology (Tech Orchard, 2022). As opposed to such organizations, there are others that use UEM to transform their endpoint management strategy and move service management to the next level. That integration between endpoint management and service management is a developing trend (Ivanti, 2021).

• SaaS tools like Office 365 are built to be used on multiple devices, including multiple computers. Further, the pandemic saw 47% of organizations significantly increase their use of BYOD (Cybersecurity Insiders, 2021).
• Over 2022, 78% of people worked remotely for at least some amount of time during the week (Tech Orchard, 2022).
• 84% of organizations believe that cybersecurity threat alarms are becoming very overwhelming, and almost half of companies believe that the best way to tackle this is through consolidating platforms so that everything will be visible and manageable through a single pane of glass (Cybersecurity Insiders, 2022).
• The UEM market was worth $3.39 billion in 2020. It is expected to reach $53.65 billion by 2030, with an annual growth rate of 31.7% (Datamation, 2022). This demonstrates how dependent IT is becoming on endpoint management solutions.

Only 27% of organizations have "fully deployed" UEM "with easy management across all endpoints"
Source: IT Pro Today, 2018.

Endpoint Management Key Trends

• Commoditization of endpoint management features. Although their focus is the same, some UEM solutions have unique features.
• New endpoint management paradigms have emerged. Endpoint management has evolved from client management tools (CMT) and MDM into UEM, also known as "modern management" (Ivanti, 2022).
• One pane of glass for the entire end-user experience. Endpoint management vendors are integrating their solution into their ITSM, ITOM, digital workspace, and security products.
• AI-powered insights. UEM tools collect data on endpoints and user behavior. Vendors are using their data to differentiate themselves: Products offer threat reports, automated compliance workflows, and user experience insights. The UEM market is ultimately working toward autonomous endpoint management (Microsoft, 2022).
• Web apps and cloud storage are the new normal. Less data is stored locally. Fewer apps need to be patched on the device. Apps can be accessed on different devices more easily. However, data can more easily be accessed on BYOD and on new operating systems like Chrome OS.
• Lighter device provisioning tools. Instead of managing thick images, UEM tools use lighter provisioning packages. Once set up, Autopilot and UEM device enrollment should take less time to manage than thick images.
• UEM controls built around SaaS. Web apps and the cloud allow access from any device, even unmanaged BYOD. UEM tools allow IT to apply the right level of control for the situation – mobile application management, mobile content management, or mobile device management.
• Work-from-anywhere and 5G result in more devices outside of your firewalls. Cloud-based management tools are not limited by your VPN connection and can scale up more easily than traditional, on-prem tools.

Understand endpoint management table stakes features

Determine high-level use cases to help you narrow down to specific features

Support the organization's operating systems:
Many UEM vendors support the most dominant operating systems, Windows and Mac; however, they are usually stronger in one particular OS than the other. For instance, Intune supports both Windows and Mac, although there are some drawbacks with MacOS management by Intune. Conversely, Jamf is mainly for MacOS and iOS management. Enterprises look to satisfy their end users' needs. The more UEM vendors support different systems, the more likely enterprises will pick them. Although, as mentioned, in some instances, enterprises may need to select more than one option, depending on their requirements.

Support BYOD and remote environments:
With the impact of the pandemic on work model, 60-70% of workforce would like to have more flexibility for working remotely (Ivanti, 2022). BYOD is becoming the default, and SaaS tools like Office 365 are built to be used on multiple devices, including multiple computers. As BYOD can boost productivity (Samsung Insights, 2016), you may be interested in how your prospective UEM solution will enable this capability with remote wipe (corporate wipe capability vs. wiping the whole device), data and device tracking, and user activity auditing.

Understand endpoint management table stakes features

Determine high-level use cases to help you narrow down to specific features

Integration with the enterprise's IT products:
To get everything in a single platform and to generate better metrics and dashboards, vendors provide integrations with ticketing and monitoring solutions. Many large vendors have strong integrations with multiple ITSM and ITAM platforms to streamline incident management, request management, asset management, and patch management.

Support security and compliance policies:
With the significant boost in work-from-anywhere, companies would like to enable endpoint security more than ever. This includes device threat detection, malware detection, anti-phishing, and more. All UEMs provide these, although the big difference between them is how well they enable security and compliance, and how flexible they are when it comes to giving conditional access to certain data.

Provide a fully automated vs manual deployment:
Employees want to get their devices faster, IT wants to deploy devices faster, and businesses want to enable employees faster to get them onboard sooner. UEMs have the capability to provide automated and manual deployment. However, the choice of solution depends on enterprise's infrastructure and policies. Full automation of deployment is very applicable for corporate devices, while it may not be a good option for personally owned devices. Define your user groups and provisioning models, and make sure your candidate vendors satisfy requirements.

Plan a proper UEM selection according to your requirements

1. Identify IT governance, policy, and process maturity
   Tools cannot compensate for your bad processes. You should improve deploying and provisioning processes before rolling out a UEM. Automation of a bad process only wraps the process in a nicer package – it does not fix the problem.
   Refer to InfoTech's Modernize and Transform Your End-User Computing Strategy for more information on improving endpoint management procedures.
2. Consider supported operating systems, cloud services, and network infrastructure in your organization
   Most UEMs support all dominant operating systems, but some solutions have stronger capability for managing a certain OS over the other.
3. Define enterprise security requirements
   Investigate security levels, policies, and requirements to align with the security features you're expecting in a UEM.
4. Selection and implementation of a UEM depends on use case. Select a vendor that supports your use cases
   Identify use cases specific to your industry.
   For example, UEM use cases in Healthcare:
   • Secure EMR
   • Enforce HIPAA compliance
   • Secure communications
   • Enable shared device deployment

Activity: Define use cases and core features for meeting business and technical goals

1-2 hours

1. Brainstorm with your colleagues to discuss your challenges with endpoint management.
2. Identify how these challenges are impacting your ability to meet your goals for managing and controlling endpoints.
3. Define high-level goals you wish to achieve in the first year and in the longer term.
4. Identify the use cases that will support your overall goals.
5. Document use cases in the UEM Requirements Workbook.

Input

• List of challenges and goals

Output

• Use cases to be used for determining requirements

Materials

• Whiteboard/flip charts
• Laptop to record output

Participants

• CIO
• IT manager
• Infrastructure & Applications directors

Download the UEM Requirements Workbook

Phase 2

Discover the endpoint management market space and select the right vendor

This phase will walk you through the following activity:
Define top-level features for meeting business and technical goals
This phase involves the following participants:

• CIO
• IT manager
• Infrastructure & Applications directors
• Project managers

Elicit and prioritize granular requirements for your endpoint management platform

Understanding business needs through requirements gathering is the key to defining everything about what is
being purchased. However, it is an area where people often make critical mistakes.

Risks of poorly scoped requirements

• Fail to be comprehensive and miss certain areas of scope.
• Focus on how the solution should work instead of what it must accomplish.
• Have multiple levels of confusing and inconsistent detail in the requirements.
• Drill down all the way to system-level detail.
• Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.
• Omit constraints or preferences that buyers think are "obvious."

Best practices

• Get a clear understanding of what the system needs to do and what it is expected to produce.
• Test against the principle of MECE – requirements should be "mutually exclusive and collectively exhaustive."
• Explicitly state the obvious and assume nothing.
• Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
• Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

Review Info-Tech's blueprint Improve Requirements Gathering to improve your requirements gathering process.

Consider the perspective of each stakeholder to ensure functionality needs are met

Best of breed vs. "good enough" is an important discussion and will feed your success

Costs can be high when customizing an ill-fitting module or creating workarounds to solve business problems, including loss of functionality, productivity, and credibility.

• Start with use cases to drive the initial discussion, then determine which features are mandatory and which are nice-to-haves. Mandatory features will help determine high success for critical functionality and identify where "good enough" is an acceptable state.
• Consider the implications of implementation and all use cases of:
• Buying an all-in-one solution.
• Integration of multiple best-of-breed solutions.
• Customizing features that were not built into a solution.
• Be prepared to shelve a use case for this solution and look to alternatives for integration where mandatory features cannot meet highly specialized needs that are outside of traditional endpoint management solutions.

Pros and Cons

Evaluate software category leaders through vendor rankings and awards

SoftwareReviews
evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions. Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.	The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions. Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

Speak with category experts to dive deeper into the vendor landscape

SoftwareReviews

• Fact-based reviews of business software from IT professionals.
• Product and category reports with state-of-the-art data visualization.
• Top-tier data quality backed by a rigorous quality assurance process.
• User-experience insight that reveals the intangibles of working with a vendor.

CLICK HERE to ACCESS

Comprehensive software reviews
to make better IT decisions

We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

SoftwareReviews is powered by Info-Tech

Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today's technology.
With the insight of our expert analysts, our members receive unparalleled support in their buying journey.

Get to Know the Key Players in the Endpoint Management Landscape

The following slides provide a top-level overview of the popular players you will encounter in the endpoint management shortlisting process in alphabetical order.

Vendor scores are driven by real-world practitioner reviews via SoftwareReviews. Composite, CX, EF, and NPS scores are pulled from live data as of January 2023.

Secure business units and enhance connection by simplifying the digital workplace

A good option for enterprises that want a single-pane-of-glass UEM that is easy to use, with a modern-looking dashboard, high threat-management capability, and high-quality customer support.

CISCO Meraki

Est. 1984 | CA, USA | NASDAQ: CSCO

DOWNLOAD REPORT

Screenshot of CISCO Meraki's dashboard. Source: Cisco

Transform work experience and support every endpoint with a unified view to ensure users are productive

A tool that enables you to access corporate resources on personal devices. It is adaptable to your budget. SoftwareReviews reports that 75% of organizations have received a discount at initial purchase or renewal, which makes it a good candidate if looking for a negotiable option.

Citrix Endpoint Management

Est. 1989 | TX, USA | Private

DOWNLOAD REPORT

Screenshot of Citrix Endpoint Management's dashboard. Source: Citrix

Scale remote users, enable BYOD, and drive a zero-trust strategy with IBM's modern UEM solution

A perfect option to boost cybersecurity. Remote administration and installation are made very easy and intuitive on the platform. It is very user friendly, making implementation straightforward. It comes with four licensing options: Essential, Deluxe, Premier, and Enterprise. Check IBM's website for information on pricing and offerings.

IBM MaaS360

Est. 1911 | NY, USA | NYSE: IBM

DOWNLOAD REPORT

Screenshot of IBM MaaS360's dashboard. Source: IBM

Get complete device visibility from asset discovery to lifecycle management and remediation

A powerful tool for patch management with a great user interface. You can automate patching and improve cybersecurity, while having complete visibility into devices. According to SoftwareReviews, 100% of survey participants plan to renew their contract with Ivanti.

Ivanti Neurons

Est. 1985 | CA, USA | Private

DOWNLOAD REPORT

Screenshot of Ivanti Neurons UEM's dashboard. Source: Ivanti

Improve your end-user productivity and transform enterprise Apple devices

An Apple-focused UEM with a great interface. Jamf can manage and control macOS and iOS, and it is one of the best options for Apple products, according to users' sentiments. However, it may not be a one-stop solution if you want to manage non-Apple products as well. In this case, you can use Jamf in addition to another UEM. Jamf has some integrations with Microsoft, but it may not be sufficient if you want to fully manage Windows endpoints.

Jamf PRO

Est. 2002 | MN, USA | NASDAQ: JAMF

DOWNLOAD REPORT

Screenshot of Jamf PRO's dashboard. Source: Jamf

Apply automation of traditional desktop management, software deployment, endpoint security, and patch management

A strong choice for patch management, software deployment, asset management, and security management. There is a free version of the tool available to try get an understanding of the platform before purchasing a higher tier of the product.

ManageEngine Endpoint Central

Est. 1996 | India | Private

DOWNLOAD REPORT

Screenshot of ME Endpoint Central's dashboard. Source: ManageEngine

Get device management and security in a single platform with a combination of Microsoft Intune and Configuration Manager

A solution that combines Intune and ConfigMgr's capabilities into a single endpoint management suite for enrolling, managing, monitoring, and securing endpoints. It's a very cost-effective solution for enterprises in the Microsoft ecosystem, but it also supports other operating systems.

Microsoft Endpoint Manager

Est. 1975 | NM, USA | NASDAQ: MSFT

DOWNLOAD REPORT

Screenshot of MS Endpoint Manager's dashboard. Source: Microsoft

Simplify and consolidate endpoint management into a single solution and secure all devices with real-time, "over-the-air" modern management across all use cases

A strong tool for managing and controlling mobile devices. It can access all profiles through Google and Apple, and it integrates with various IT management solutions.

VMware Workspace ONE

Est. 1998 | CA, USA | NYSE: VMW

DOWNLOAD REPORT

Screenshot of Workspace ONE's dashboard. Source: VMware

Review your use cases to start your shortlist

Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

Next steps will include:

1. Reviewing your requirements
2. Checking out SoftwareReviews
3. Shortlisting your vendors
4. Conducting demos and detailed proposal reviews
5. Selecting and contracting with a finalist!

Activity: Define high-level features for meeting business and technical goals

Input

• List of endpoint management use cases
• List of prioritized features

Output

• Vendor evaluation
• Final list of candidate vendors

Materials

• Whiteboard/flip charts
• Laptop
• UEM Requirements Workbook

Participants

• CIO
• IT manager
• Infrastructure & Applications directors
• Project managers

Activity: Define top-level features for meeting business and technical goals

As there are many solutions in the market that share capabilities, it is imperative to closely evaluate how well they fulfill your endpoint management requirements.
Use the UEM Requirements Workbook to identify your desired endpoint solution features and compare vendor solution functionality based on your desired features.

1. Refer to the output of the previous activity, the identified use cases in the spreadsheet.
2. List the features you want in an endpoint solution for your devices that will fulfill these use cases. Record those features in the second column ("Detailed Feature").
3. Prioritize each feature (must have, should have, nice to have, not required).
4. Send this list to candidate vendors.
5. When you finish your investigation, review the spreadsheet to compare the various offerings and pros and cons of each solution.

Info-Tech Insight

The output of this activity can be used for a detailed evaluation of UEM vendors. The next steps will be vendor briefing and having further discussion on technical capabilities and conducting demos of solutions. Info-Tech's blueprint, The Rapid Application Selection Framework, takes you to these next steps.

Download the UEM Requirements Workbook

Leverage Info-Tech's research to plan and execute your endpoint management selection and implementation

Use Info-Tech Research Group's blueprints for selection and implementation processes to guide your own planning.

• Assess
• Prepare
• Govern & Course Correct

Ensure your implementation team has a high degree of trust and communication

If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

Communication

Teams must have some type of communication strategy. This can be broken into:

• Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
• Ceremonies: Injecting awards and continually emphasizing delivery of value can encourage relationship building and constructive motivation.
• Escalation: Voicing any concerns and having someone responsible for addressing those concerns.

Proximity

Distributed teams create complexity because communication can break down more easily. This can be mitigated by:

• Location: Placing teams in proximity can close the barrier of geographical distance and time zone differences.
• Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
• Communication Tools: Having the right technology (e.g. video conference) can help bring teams closer together virtually.

Trust

Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.

• Role Clarity: Having a clear definition of what everyone's role is.

Implementation with a partner typically results in higher satisfaction

Align your implementation plans with both the complexity of the solution and internal skill levels

Be clear and realistic in your requirements to the vendor about the level of involvement you need to be successful.

Primary reasons to use a vendor:

• Lack of skilled resources: For solutions with little configuration change happening after the initial installation, the ramp-up time for an individual to build skills for a single event is not practical.
• Complexity of solution: Multiple integrations, configurations, modules, and even acquisitions that haven't been fully integrated in the solution you choose can make it difficult to complete the installation and rollout on time and on budget. Troubleshooting becomes even more complex if multiple vendors are involved.
• Data migration: Decide what information will be valuable to transfer to the new solution and which will not benefit your organization. Data structure and residency can both be factors in the complexity of this exercise.

Source: SoftwareReviews, January 2020 to January 2023, N= 20,024 unique reviews

To ensure your SOW is mutually beneficial, download the blueprint Improve Your Statements of Work to Hold Your Vendors Accountable.

Consider running a proof of concept if concerns are expressed about the feasibility of the chosen solution

Proofs of concept (PoCs) can be time consuming, so make good choices on where to spend the effort

Create a PoC charter that will enable a quick evaluation of the defined use cases and functions. These key dimensions should form the PoC.

1. Objective – Giving an overview of the planned PoC will help to focus and clarify the rest of this section. What must the PoC achieve? Objectives should be specific, measurable, attainable, relevant, and time bound. Outline and track key performance indicators.
2. Key Success Factors – These are conditions that will positively impact the PoC's success.
3. Scope – High-level statement of scope. More specifically, state what is in scope and what is out of scope.
4. Project Team – Identify the team's structure, e.g. sponsors, subject matter experts.
5. Resource Estimation – Identify what resources (time, materials, space, tools, expertise, etc.) will be needed to build and socialize your prototype. How will they be secured?

To create a full proof of concept plan, download the Proof of Concept Template and see the instructions in Phase 3 of the blueprint Exploit Disruptive Infrastructure Technology.

Selecting a right-sized endpoint management platform

This selection guide allows organizations to execute a structured methodology for picking a UEM platform that aligns with their needs. This includes:

• Identifying and prioritizing key business and technology drivers for an endpoint management selection business case.
• Defining key use cases and requirements for a right-sized UEM platform.
• Reviewing a comprehensive market scan of key players in the UEM marketspace.

This formal UEM selection initiative will map out requirements and identify technology capabilities to fill the gap for better endpoint management. It also allows a formal roll-out of a UEM platform that is highly likely to satisfy all stakeholder needs.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

Contact your account representative for more information

workshops@infotech.com
1-888-670-8889

Summary of Accomplishment

Knowledge Gained

• What endpoint management is
• Historical origins and evolution of endpoint management platforms
• Current trends and future state of endpoint management platforms

Processes Optimized

• Identifying use cases
• Gathering requirements
• Reviewing market key players and their capabilities
• Selecting a UEM tool that fulfills your requirements

UEM Solutions Analyzed

• CISCO Meraki
• Citrix Endpoint Management
• IBM MaaS360
• Ivanti Neurons UEM
• Jamf Pro
• ManageEngine Endpoint Central
• Microsoft Endpoint Manager
• VMware Workspace ONE

Related Info-Tech Research

Modernize and Transform Your End-User Computing Strategy

This project helps support the workforce of the future by answering the following questions: What types of computing devices, provisioning models, and operating systems should be offered to end users? How will IT support devices? What are the policies and governance surrounding how devices are used? What actions are we taking and when? How do end-user devices support larger corporate priorities and strategies?

Best Unified Endpoint Management (UEM) Software | SoftwareReviews

Compare and evaluate Unified Endpoint Management vendors using the most in-depth and unbiased buyer reports available. Download free comprehensive 40+ page reports to select the best Unified Endpoint Management software for your organization.

The Rapid Application Selection Framework

This blueprint walks you through a process for a fast and efficient selection of your prospective application. You will be enabled to use a data-driven approach to select the right application vendor for your needs, shatter stakeholder expectations with truly rapid application selections, boost collaboration and crush the broken telephone with concise and effective stakeholder meetings, and lock in hard savings.

Bibliography

"BYOD Security Report." Cybersecurity Insiders, 2021. Accessed January 2023.
"Cloud Infrastructure Services Market." MarketsAnd Markets, 2019. Accessed December 2022.
Evans, Alma. "Mastering Mobility Management: MDM Vs. EMM Vs. UEM." Hexnode, 2019. Accessed November 2022.
"Evercore-ISI Quarterly Enterprise Technology Spending Survey." Evercore-ISI, 2022. Accessed January 2023.
"5G Service Revenue to Reach $315 Billion Globally in 2023." Jupiter Research, 2022. Accessed January 2023.
Hein, Daniel. "5 Common Unified Endpoint Management Use Cases You Need to Know." Solutions Review, 2020. Accessed January 2023.
"Mobile Device Management Market Size, Share & COVID-19 Impact Analysis." Fortune Business Insights, 2021. Accessed December 2022.
Ot, Anina. "The Unified Endpoint Management (UEM) Market." Datamation, 14 Apr. 2022. Accessed Jan. 2023.
Poje, Phil. "CEO Corner: 4 Trends in Unified Endpoint Management for 2023." Tech Orchard, 2022. Accessed January 2023.
"The Future of UEM November 2021 Webinar." Ivanti, 2021. Accessed January 2023.
"The Third Annual Study on the State of Endpoint Security Risk." Ponemon Institute, 2020. Accessed December 2022.
"The Ultimate Guide to Unified Endpoint Management (UEM)." MobileIron. Accessed January 2023.
"Trends in Unified Endpoint Management." It Pro Today, 2018. Accessed January 2023.
Turek, Melanie. "Employees Say Smartphones Boost Productivity by 34 Percent: Frost & Sullivan Research." Samsung Insights, 3 Aug. 2016.
"2023 State of Security Report." Cybersecurity Insiders, 2022. Accessed January 2023.
Violino, Bob. "Enterprise Mobility 2022: UEM Adds User Experience, AI, Automation." Computerworld, 2022. Accessed January 2023.
Violino, Bob. "How to Choose the Right UEM Platform." Computerworld, 2021. Accessed January 2023.
Violino, Bob. "UEM Vendor Comparison Chart 2022." Computerworld, 2022. Accessed January 2023.
Wallent, Michael. "5 Endpoint Management Predictions for 2023." Microsoft, 2022. Accessed January 2023.
"What Is the Difference Between MDM, EMM, and UEM?" 42Gears, 2017. Accessed November 2022.

Looking at Risk in a New Light: The Six Pillars of Vendor Risk Management

Approach vendor risk impact assessments from all perspectives.

Analyst Perspective

Organizations must comprehensively understand the impacts vendors may cause through different potential actions.

The risks from the vendor market have become more prevalent as the technologies and organizational strategies shift to a global direction. With this shift in risk comes a necessary perspective change to align with the greater likelihood of an incident occurring from vendors' (or one of their downstream support vendor's) negative actions.

Organizational leadership must become more aware of the increasing risks that engaging vendors impose. To do so, they need to make informed decisions, which can only be provided by engaging expert resources in their organizations to compile a comprehensive look at potential risk impacts.

Frank Sewell

Research Director, Vendor Management
Info-Tech Research Group

Executive Summary

Info-Tech Insight

Organizations must evolve their risk assessments to be more adaptive to respond to changes in the global market. Ongoing monitoring and continual assessment of vendors’ risks is crucial to avoiding negative impacts.

Info-Tech’s multi-blueprint series on vendor risk assessment

There are many individual components of vendor risk beyond cybersecurity.`

This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

Out of Scope:
This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

The world is constantly changing

The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.

When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.

Below are some things no one expected to happen in the last few years:

62%

of IT professionals are more concerned about being a victim of ransomware than they were a year ago.

Info-Tech Tech Trends Survey 2022

82%

of Microsoft non-essential employees shifted to working from home in 2020, joining the 18% already remote.

Info-Tech Tech Trends Survey 2022

89%

of organizations invested in web conferencing technology to facilitate collaboration.

Info-Tech Tech Trends Survey 2022

Looking at Risk in a New Light:

the 6 Pillars of Vendor Risk Management

Vendor Risk

• Financial

• Strategic

• Operational

• Security

• Reputational

• Regulatory

• Organizations must review their risk appetite and tolerance levels, considering their complete landscape.
• Changing regulations, acquisitions, and events that affect global supply chains are current realities, not unlikely scenarios.
• Prepare your vendor risk management for success using due diligence and scenario- based “What If” discussions to bring all the relevant parties to the table and educate your whole organization on risk factors.

Strategic risks on a global scale

Odds are at least one of these is currently affecting your strategic plans

• Vendor Acquisitions
• Global Pandemic
• Global Shortages
• Gas Prices
• Poor Vendor Performance
• Travel Bans
• War
• Natural Disasters
• Supply Chain Disruptions
• Security Incidents

Make sure you have the right people at the table to identify and plan to manage impacts.

Assess internal and external operational risk impacts

Two sides of the same coin

Internal

• Poorly vetted supplemental staff
• Bad system configurations
• Lack of relevant skills
• Poor vendor performance
• Failure to follow established processes
• Weak contractual accountability
• Unsupportable or end-of-life system components

External

• Cyberattacks
• Supply Chain Issues
• Geo-Political Disruptions
• Vendor Acquisitions
• N-Party Non-Compliance
• Vendor Fraud

Operational risk is the risk of losses caused by flawed or failed processes, policies, systems, or events that disrupt business operations.

Identify and manage security risk impacts on your organization

Due diligence will enable successful outcomes

• Poor vendor performance
• Vendor acquisition
• Supply chain disruptions and shortages
• N-party risk
• Third-party risk

What your vendor associations say about you

Regulatory compliance

Consider implementing vendor management initiatives and practices in your organization to help gain compliance with your expanding vendor landscape.

Your organizational risks may be monitored but are your n-party vendors?

Review your expectations with your vendors and hold them accountable

Regulatory entities are looking beyond your organization’s internal compliance these days. Instead, they are more and more diving into your third-party and downstream relationships, particularly as awareness of downstream breaches increases globally.

• Are you assessing your vendors regularly?
• Are you validating those assessments?
• Do your vendors have a map of their downstream support vendors?
• Do they have the mechanisms to hold those downstream vendors accountable to your standards?

Identify and manage risks

Regulatory

Regulatory agencies are putting more enforcement around ESG practices across the globe. As a result, organizations will need to monitor the changing regulations and validate that their vendors and n-party support vendors are adhering to these regulations or face penalties for non-compliance.

Security-Data protection

Data protection remains an issue. Organizations should ensure that the data their vendors obtain remains protected throughout the vendor’s lifecycle, including post-termination. Otherwise, they could be monitoring for a data breach in perpetuity.

Mergers and acquisitions

More prominent vendors continuously buy smaller companies to control the market in the IT industry. Organizations should put protections in their contracts to ensure that an IT vendor’s acquisition does not put them in a relationship with someone that could cause them an issue.

Identify and manage risks

Poor vendor performance

Consider the impact of a vendor that fails to perform midway through the implementation. Organizations need to be able to manage the impact of replacing that vendor and cutting their losses rather than continuing to throw good money away after bad performance.

Supply chain disruptions and global shortages

Geopolitical disruptions and natural disasters have caused unprecedented interruptions to business. Incorporate forecasting of product and ongoing business continuity planning into your strategic plans to adapt as events unfold.

Poorly configured systems

Failing to ensure that your vendor-supported systems are properly configured and that your vendors are meeting your IT change control and configuration standards is more commonplace than expected. Proper oversight and management of your support vendors is crucial to ensure they are meeting expectations in this regard.

What to look for

Identify potential risk impacts

• Is there a record of complaints against the vendor from their employees or customers?
• Is the vendor financially sound, with the resources to support your needs?
• Has the vendor been cited for regulatory compliance issues in the past?
• Does the vendor have a comprehensive list of their n-party vendor partners?
  • Are they willing to accept appropriate contractual protections regarding them?
• Does the vendor self-audit, or do they use a vetted third-party audit firm to issue a SOC report annually?
• Does the vendor operate in regions known for instability?
• Is the vendor willing to make concessions on contractual protections, or are they only offering one-sided agreements with as-is warranties?

Prepare your vendor risk management for success

Due diligence will enable successful outcomes.

1. Obtain top-level buy-in; it is critical to success.
2. Build enterprise risk management (ERM) through incremental improvement.
3. Focus initial efforts on the “big wins” to prove the process works.
4. Use existing resources.
5. Build on any risk management activities that already exist in the organization.
6. Socialize ERM throughout the organization to gain additional buy-in.
7. Normalize the process long term with ongoing updates and continuing education for the organization.

(Adapted from COSO)

How to assess third-party risk

1. Review organizational risks

   Understand the organizations risks to prepare for the “What If” game exercise.

2. Identify and understand potential risks

   Play the “What If” game with the right people at the table.

3. Create a risk profile packet for leadership

   Pull all the information together in a presentation document.

4. Validate the risks

   Work with leadership to ensure that the proposed risks are in line with their thoughts.

5. Plan to manage the risks

   Lower the overall risk potential by putting mitigations in place.

6. Communicate the plan

   It is important not only to have a plan but also to socialize it in the organization for awareness.

7. Enact the plan

   Once the plan is finalized and socialized, put it in place with continued monitoring for success.

Adapted from Harvard Law School Forum on Corporate Governance

Insight summary

Risk impacts often come from unexpected places and have significant consequences.

Knowing who your vendors are using for their support and supply chain could be crucial in eliminating the risk of non-compliance for your organization.

Having a plan to identify and validate the regulatory compliance of your vendors is a must for any organization to avoid penalties.

Insight 1

Organizations’ strategic plans need to be adaptable to avoid vendors’ negative actions causing an expedited shift in priorities.

For example, Philips’ recall of ventilators impacted its products and the availability of its competitors’ products as demand overwhelmed the market.

Insight 2

Organizations often fail to understand how n-party vendors could place them in non-compliance.

Even if you know your complete third-party vendor landscape, you may not be aware of the downstream vendors in play. Ensure that you get visibility into this space as well, and hold your direct vendors accountable for the actions of their vendors.

Insight 3

Organizations need to know where their data lives and ensure it is protected.

Make sure you know which vendors are accessing/storing your data, where they are keeping it, and that you can get it back and have the vendors destroy it when the relationship is over. Without adequate protections throughout the lifecycle of the vendor, you could be monitoring for breaches in perpetuity.

Insight summary

Assessing financial impacts is an ongoing, educative, and collaborative multidisciplinary process that vendor management initiatives are uniquely designed to coordinate and manage for organizations.

Operational risk impacts often come from unexpected places and have unforeseen impacts. Knowing where your vendors place in critical business processes and those vendors' business continuity plans concerning your organization should be a priority for those managing the vendors.

Insight 4

Organizations need to learn how to assess the likelihood of potential risks in the rapidly changing online environments and recognize how their partnerships and subcontractors’ actions can affect their brand.

For example, do you understand how a simple news article raises your profile for short-term and long-term adverse events?

Insight 5

Organizations fail to plan for vendor acquisitions appropriately.

Vendors routinely get acquired in the IT space. Does your organization have appropriate safeguards from inadvertently entering a negative relationship? Do you have plans for replacing critical vendors purchased in such a manner?

Insight 6

Vendors are becoming more and more crucial to organizations’ overall operations, and most organizations have a poor understanding of the potential impacts they represent.

Is your vendor solvent? Do they have enough staff to accommodate your needs? Has their long-term planning been affected by changes in the market? Are they unique in their space?

Identifying vendor risk

Who should be included in the discussion?

• While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
• Getting input from operational experts at your organization will enhance your business's long-term potential for success.
• Involving those who directly manage vendors and understand the market will aid operational experts in determining the forward path for relationships with your current vendors and identifying emerging potential strategic partners.
• Make sure security, risk, and compliance are all at the table. These departments all look at risk from different angles for the business and give valuable insight collectively.
• Organizations have a wealth of experience in their marketing departments that can help identify real-world scenarios of negative actions.

See the blueprint Build an IT Risk Management Program

Review your risk management plans for new risks on a regular basis.

Keep in mind Risk =
Likelihood x Impact
(R=L*I).

Impact (I) tends to remain the same, while Likelihood (L) is becoming closer to 100% as threat actors become more prevalent.

Managing vendor risk impacts

How could your vendors impact your organization?

• Review vendors’ downstream connections to understand thoroughly who you are in business with
• Institute continuous vendor lifecycle management
• Develop IT risk governance and change control
• Introduce continual risk assessment to monitor the relevant vendor markets
• Monitor and schedule contract renewals and new service/module negotiations
• Perform business alignment meetings to reassess relationships
• Ensure strategic alignment in contracts
• Review vendors’ business continuity plans and disaster recovery testing
• Re-evaluate corporate policies frequently
• Monitor your company’s and associated vendors’ online presence
• Be adaptable and allow for innovations that arise from the current needs
  • Capture lessons learned from prior incidents to improve over time, and adjust your plans accordingly

Organizations must review their risk appetite and tolerance levels, considering their complete landscape.

Changing regulations, acquisitions, new security issues, and events that affect global supply chains are current realities, not unlikely scenarios.

Ongoing Improvement

Incorporating lessons learned.

• Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
• When that happens, follow your incident response plans and act accordingly.
• An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
• Use the lessons learned document to devise, incorporate, and enact a better risk management process.

Sometimes disasters occur despite our best plans to manage them.

When this happens, it is important to document the lessons learned and improve our plans going forward.

The "what if" game

1-3 hours

Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

1. Break into smaller groups (if too small, continue as a single group).
2. Use the Comprehensive Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
3. Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

Download the Comprehensive Risk Impact Tool

High risk example from tool

Note: Even though a few items are “scored” they have not been added to the overall weight, signaling that the company has noted but does not necessarily hold them against the vendor.

How to mitigate:

• Contractually insist that the vendor have a third-party security audit performed annually with the stipulation that they will not denigrate below your acceptable standards.
• At renewal negotiate better contractual terms and protections for your organization.

Low risk example from tool

Summary

Seek to understand all potential risk impacts to better prepare your organization for success.

• Organizations need to understand and map out their entire vendor landscape.
• Understand where all your data lives and how you can control it throughout the vendor lifecycle.
• Organizations need to be realistic about the likelihood of potential risks in the changing global world.
• Those organizations that consistently follow their established risk-assessment and due-diligence processes are better positioned to avoid penalties.
• Understand how your vendors prioritize your organization in their business continuity processes.
• Bring the right people to the table to outline potential risks in the market and your organization.
• Socialize the third-party vendor risk management process throughout the organization to heighten awareness and enable employees to help protect the organization.
• Organizations need to learn how to assess the likelihood of potential risks in the changing global markets and recognize how their partnerships and subcontracts affect their brand.
• Incorporate lessons learned from prior incidents into your risk management process to build better plans for future issues.

Organizations must evolve their risk assessments to be more meaningful to respond to global changes in the market.

Organizations should increase the resources dedicated to monitoring the market as regulatory agencies continue to hold them more and more accountable.

Bibliography

Olaganathan, Rajee. “Impact of COVID-19 on airline industry and strategic plan for its recovery with special reference to data analytics technology.” Global Journal of Engineering and Technology Advances, vol 7, no 1, 2021, pp. 033-046.

Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.

Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

Weak Cybersecurity is taking a toll on Small Businesses (tripwire.com)

SecureLink 2022 White Paper SL_Page_EA+PAM (rocketcdn.me)

Shared Assessments Member Poll March 2021 "Guide: Evolving Work Environments Impact of Covid-19 on Profile and Management of Third Parties“

“Cybersecurity only the tip of the iceberg for third-party risk management”. Help Net Security, April 21, 2021. Accessed: 2022-07-29.

“Third-Party Risk Management (TPRM) Managed Services”. Deloitte, 2022. Accessed: 2022-07-29.

“The Future of TPRM: Third Party Risk Management Predictions for 2022”. OneTrust, December 20th2021. Accessed 2022-07-29.

“Third Party Vendor definition”. Law Insider, Accessed 2022-07-29.

“Third Party Risk”. AWAKE Security, Accessed 2022-07-29.

Glidden, Donna. "Don't Underestimate the Need to Protect Your Brand in Publicity Clauses", Info-Tech Research Group, June 2022.

Greenaway, Jordan. "Managing Reputation Risk: A start-to-finish guide", Transmission Private, July 2022. Accessed June 2022.

Jagiello, Robert D, and Thomas T Hills. “Bad News Has Wings: Dread Risk Mediates Social Amplification in Risk Communication. ”Risk analysis : an official publication of the Society for Risk Analysis vol. 38,10 (2018): 2193-2207.doi:10.1111/risa.13117

Kenton, Will. "Brand Recognition", Investopedia, August 2021. Accessed June 2022. Lischer, Brian. "How Much Does it Cost to Rebrand Your Company?", Ignyte, October 2017. Accessed June 2022.

"Powerful Examples of How to Respond to Negative Reviews", Review Trackers, February 2022. Accessed June 2022.

"The CEO Reputation Premium: Gaining Advantage in the Engagement Era", Weber Shadwick, March 2015. Accessed on June 2022.

"Valuation of Trademarks: Everything You Need to Know",UpCounsel, 2022. Accessed June 2022.

Related Info-Tech Research

Identify and Manage Financial Risk Impacts on Your Organization

• Vendor management practices educate organizations on potential financial impacts that vendors may incur and suggest systems to help manage them.
• Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

Identify and Manage Reputational Risk Impacts on Your Organization

• Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
• Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

Identify and Manage Strategic Risk Impacts on Your Organization

• Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
• Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Risk Impact Tool.

Regulatory guidance and industry standards

• International Organization for Standardization (ISO)
• FOREIGN CORRUPT PRACTICES ACT (FCPA)
• Sarbanes–Oxley Act (SOX)
• National Institute of Standards & Technology (NIST)
• Control Objectives for Information and Related Technologies (COBIT)
• EU General Data Protection Regulation 2016/679 (“GDPR”);
• UK General Data Protection Regulation, as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and the Data Protection Act 2018 (UKGDPR)
• Swiss Federal Act on Data Protection(Swiss FDPA) – coming September 1, 2023
• IR35 (UK Off-Payroll compliance)
Technology Code of Practice (UK)
• Modern Slavery Act 2015 (UK)
• Defense Federal Acquisition Regulation Supplement (DFARS)
• Cybersecurity Maturity Model Certification (CMMC)
• Payment Card Industry Data Security Standard (PCI DSS)
• Family Educational Rights and Privacy Act (FERPA)
• Health Insurance Portability and Accountability Act (HIPAA)
• Health Information Technology for Economic and Clinical Health Act (HITECH)

Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

Learn the essential steps to avoid overspending and to maximize negotiation leverage with Adobe.

ANALYST PERSPECTIVE

Only 18% of Adobe licenses are genuine copies: are yours?

"Adobe has designed and executed the most comprehensive evolution to the subscription model of pre-cloud software publishers with Creative Cloud. Adobe's release of Document Cloud (replacement for the Acrobat series of software) is the final nail in the coffin for legacy licensing for Adobe. Technology procurement functions have run out of time in which to act while they still retain leverage, with the exception of some late adopter organizations that were able to run on legacy versions (e.g. CS6) for the past five years. Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing, contract, and delivery models in order to accurately forecast your software needs, transact against the optimal purchase plan, and maximize negotiation leverage. "

Scott Bickley

Research Lead, Vendor Practice

Info-Tech Research Group

Our understanding of the problem

This Research is Designed For:

• IT managers scoping their Adobe licensing requirements and compliance position.
• CIOs, CTOs, CPOs, and IT directors negotiating licensing agreements in search of cost savings.
• ITAM/Software asset managers responsible for tracking and managing Adobe licensing.
• IT and business leaders seeking to better understand Adobe licensing options (Creative Cloud).
• Vendor management offices in the process of a contract renewal.

This Research Will Help You:

• Understand and simplify licensing per product to help optimize spend.
• Ensure agreement type is aligned to needs.
• Navigate the purchase process to negotiate from a position of strength.
• Manage licenses more effectively to avoid compliance issues, audits, and unnecessary purchases.

This Research Will Also Assist:

• CFOs and the finance department
• Enterprise architects
• ITAM/SAM team
• Network and IT architects
• Legal
• Procurement and sourcing

This Research Will Help Them:

• Understand licensing methods in order to make educated and informed decisions.
• Understand the future of the cloud in your Adobe licensing roadmap.

Executive summary

Situation

• Adobe’s dominant market position and ownership of the creative software market is forcing customers to refocus the software acquisition process to ensure a positive ROI on every license.
• In early 2017, Adobe announced it would stop selling perpetual Creative Suite 6 products, forcing future purchases to be transitioned to the cloud.

Complication

• Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
• With transition to a cloud-based subscription model, organizations need to actively manage licenses, software provisioning, and consumption.
• Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
• Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

Resolution

• Gain visibility into license deployments and needs with a strong SAM program/tool; this will go a long way toward optimizing spend.
• Number of users versus number of installs are not the same, and confusing the two can result in overspending. Device-based licensing historically would have required two licenses, but now only one may be required.
• Ensure compliance with internal audits. Adobe has a very high rate of piracy stemming from issues such as license overuse, misunderstanding of contract language, using cracks/keygens, virtualized environments, indirect access, and sharing of accounts.
• A handful of products are still sold as perpetual – Acrobat Standard/Pro, Captivate, ColdFusion, Photoshop, and Premiere Elements – but be aware of what is being purchased and used in the organization.
• Beware of products deployed on server, where the number of users accessing that product cannot easily be counted.

Info-Tech Insight

1. Your user-need analysis has shifted in the new subscription-based model. Determine which products are needed versus nice to have to prevent overspending on the Creative Cloud suite.
2. Examine what you need, not what you have. You can no longer mix and match applications.
3. Compliance is not automatic with products that are in the cloud. Shared logins or computers with desktop installs that can be accessed by multiple users can cause noncompliance.

The aim of this blueprint is to provide a foundational understanding of Adobe

Why Adobe

In 2011 Adobe took the strategic but radical move toward converting its legacy on-premises licensing to a cloud-based subscription model, in spite of material pushback from its customer base. While revenues initially dipped, Adobe’s resolve paid off; the transition is mostly complete and revenues have doubled. This was the first enterprise software offering to effect the transition to the cloud in a holistic manner. It now serves as a case study for those following suit, such as Microsoft, Autodesk, and Oracle.

What to know

Adobe elected to make this market pivot in a dramatic fashion, foregoing a gradual transition process. Enterprise clients were temporarily allowed to survive on legacy on-premises editions of Adobe software; however, as the Adobe Creative Cloud functionality was quickly enhanced and new applications were launched, customer capitulation to the new subscription model was assured.

The Future

Adobe is now leveraging the power of connected customers, the availability of massive data streams, and the ongoing digitalization trend globally to supplement the core Creative Cloud products with online services and analytics in the areas of Creative Cloud for content, Marketing Cloud for marketers, and Document Cloud for document management and workflows. This blueprint focuses on Adobe's Creative Cloud and Document Cloud solutions and the enterprise term license agreement (ETLA).

Info-Tech Insight

Beware of your contract being auto-renewed and getting locked into the quantities and product subset that you have in your current agreement. Determining the number of licenses you need is critical. If you overestimate, you're locked in for three years. If you underestimate, you have to pay a big premium in the true-up process.

Learn the “Adobe way,” whether you are reviewing existing spend or considering the purchase of new products

1. Legacy on-premises Adobe Creative Suite products used to be available in multiple package configurations, enabling right-sized spend with functionality. Adobe’s support for legacy Creative Suites CS6 products ended in May 2017.
2. While early ETLAs allowed customer application packaging at a lower price than the full Creative Cloud suite, this practice has been discontinued. Now, the only purchasing options are the full suite or single-application subscriptions.
3. Buyers must now assess alternative Adobe products as an option for non-power users. For example, QuarkXPress, Corel PaintShop Pro, CorelDRAW, Bloom, and Affinity Designer are possible replacements for some Creative Cloud applications.
4. Document Cloud, Adobe’s latest step in creating an Acrobat-focused subscription model, limits the ability to reduce costs with an extended upgrade cycle. These changes go beyond the licensing model.
5. Organizations need to perform a cost-benefit analysis of single app purchases vs. the full suite to right-size spend with functionality.

As Adobe’s dominance continues to grow, organizations must find new ways to maintain a value-added relationship

Adobe estimates the total addressable market for creative and document cloud to be $21 billion. With no sign of growth slowing down, Adobe customers must learn how to work within the current design monopoly.

Source: Adobe, 2017

"Adobe is not only witnessing a steady increase in Creative Cloud subscriptions, but it also gained more visibility into customers’ product usage, which enables it to consistently push out software updates relevant to user needs. The company also successfully transformed its sales organization to support the recurring revenue model."

– Omid Razavi, Global Head of Success, ServiceNow

Consider your route forward

Consider your route forward, as ETLA contract commitments, scope, and mechanisms differ in structure to the perpetual models previously utilized. The new model shortchanges technology procurement leaders in their expectations of cost-usage alignment and opex flexibility (White, 2016).

☑ Implement a user profile to assign licenses by version and limit expenditures. Alternatives can include existing legacy perpetual and Acrobat classic versions that may already be owned by the organization.

☑ Examine the suitability and/or dependency on Document Cloud functions, such as existing business workflows and e-signature integration.

☑ Involve stakeholders in the evaluation of alternate products for use cases where dependency on Acrobat-specific functionality is limited.

☑ Identify not just the installs and active use of the applications but also the depth and breadth of use across the various features so that the appropriate products can be selected.

Use Info-Tech’s Adobe toolkit to prepare for your new purchases or contract renewal

Info-Tech Insight

IT asset management (ITAM) and software asset management (SAM) are critical! An error made in a true-up can cost the organization for the remaining years of the ETLA. Info-Tech worked with one client that incurred a $600k error in the true-up that they were not able to recoup from Adobe.

Apply licensing best practices and examine the potential for cost savings through an unbiased third-party perspective

Establish Licensing Requirements

• Understand Adobe’s product landscape and transition to cloud.
• Analyze users and match to correct Adobe SKU.
• Conduct an internal software assessment.
• Build an effective licensing position.

Evaluate Licensing Options

• Value Incentive Plan (VIP)
• Cumulative Licensing Program (CLP)
• Transactional Licensing Program (TLP)
• Enterprise Term License Agreement (ETLA)

Evaluate Agreement Options

• Price
• Discounts
• Price protection
• Terms and conditions

Purchase and Manage Licenses

• Learn negotiation tactics to enhance your current strategy.
• Control the flow of communication.
• Assign the right people to manage the environment.

Preventive practices can help find measured value ($)

Time and resource disruption to business if audited

Lost estimated synergies in M&A

Cost of new licensing

Cost of software audit, penalties, and back support

Lost resource allocation and time

Third party, legal/SAM partners

Cost of poor negotiation tactics

Lost discount percentage

Terms and conditions improved

Explore Adobe licensing and optimize spend – project overview