October 2009 Archives

Goodbye ITIL v2.

The OGC has announced the date and time of the end:

OGC has considered these findings alongside its own requirements for the maintenance of the ITIL product set, and agreed that:

a. Withdrawal will be product based, with all language variants for individual qualifications and publications being removed at the same time.
b. Removal of version2 will complete on 30 June 2011. Specific product withdrawal will be as follows:

  • V2 Foundation to cease 30 June 2010
  • V2 Manager to cease 31 August 2010
  • V2 Practitioner to cease 31 Dec 2010 
  • Foundation Bridge to cease 31 Dec 2010

I wonder if they followed the ITIL v3 guidelines for a Service Lifecycle, specifically the part about Service Transition:


They must not have read Bill's Mitigating Risk for End-of-Life Technology.
Business Service Management (BSM) is a process, a mindset, not a product (as Peter Armstrong would say) so it is not a technology in the first place.  It is strategic, however, so let's take a quick look at each of Gartner's choices and ask:

"What has this got to do with BSM?"

Gartner's Top 10 Strategic Technologies for 2010

Cloud Computing. Cloud computing is a style of computing that characterizes a model in which providers deliver a variety of IT-enabled capabilities to consumers. Cloud-based services can be exploited in a variety of ways to develop an application or a solution. Using cloud resources does not eliminate the costs of IT solutions, but does re-arrange some and reduce others. In addition, consuming cloud services enterprises will increasingly act as cloud providers and deliver application, information or business process services to customers and business partners.
My two cents: Managing cloud services demands that companies must have a BSM strategy which can monitor and manage the physical datacenter, virtualization, and the cloud - whether it be public, private, or hybrid. We need ITIL in the Cloud and robust Cloud Service SLAs.

Advanced Analytics. Optimization and simulation is using analytical tools and models to maximize business process and decision effectiveness by examining alternative outcomes and scenarios, before, during and after process implementation and execution. This can be viewed as a third step in supporting operational business decisions. Fixed rules and prepared policies gave way to more informed decisions powered by the right information delivered at the right time, whether through customer relationship management (CRM) or enterprise resource planning (ERP) or other applications. The new step is to provide simulation, prediction, optimization and other analytics, not simply information, to empower even more decision flexibility at the time and place of every business process action. The new step looks into the future, predicting what can or will happen.

My two cents: OK, so now we know how to compete on analytics. But the decision-making process is much more complex than most people expected. Analytics are fine, but what we need is refined insight and critical understanding.  The Big Shift Index tells us about what we haven't thought about measuring yet! Where's BSM in all of this? Well, if your CRM and yoru ERP systems are mission-critical, then BSM ensures they deliver on their promise when you need it.

Client Computing. Virtualization is bringing new ways of packaging client computing applications and capabilities. As a result, the choice of a particular PC hardware platform, and eventually the OS platform, becomes less critical. Enterprises should proactively build a five to eight year strategic client computing roadmap outlining an approach to device standards, ownership and support; operating system and application selection, deployment and update; and management and security plans to manage diversity.

My two cents: Anytime, anywhere, on any device. BSM must be an integral part of managing virtualization to avoid virtual sprawl, if nothing else. Of course there's the end-user experience that needs monitoring as well.

IT for Green. IT can enable many green initiatives. The use of IT, particularly among the white collar staff, can greatly enhance an enterprise's green credentials. Common green initiatives include the use of e-documents, reducing travel and teleworking. IT can also provide the analytic tools that others in the enterprise may use to reduce energy consumption in the transportation of goods or other carbon management activities.

My two cents: Virtualization and Cloud computing will help IT become greener faster, by reducing the datacenter footprint.  And virtual collaboration can reduce carbon emissions. Isn't optimizing asset usage a BSM function?

Reshaping the Data Center. In the past, design principles for data centers were simple: Figure out what you have, estimate growth for 15 to 20 years, then build to suit. Newly-built data centers often opened with huge areas of white floor space, fully powered and backed by a uninterruptible power supply (UPS), water-and air-cooled and mostly empty. However, costs are actually lower if enterprises adopt a pod-based approach to data center construction and expansion. If 9,000 square feet is expected to be needed during the life of a data center, then design the site to support it, but only build what's needed for five to seven years. Cutting operating expenses, which are a nontrivial part of the overall IT spend for most clients, frees up money to apply to other projects or investments either in IT or in the business itself.

My two cents: See previous two cents <<

Social Computing. Workers do not want two distinct environments to support their work - one for their own work products (whether personal or group) and another for accessing "external" information. Enterprises must focus both on use of social software and social media in the enterprise and participation and integration with externally facing enterprise-sponsored and public communities. Do not ignore the role of the social profile to bring communities together.

My two cents: Have you noticed that Twitter is having availability issues lately?  I wonder if they use ITIL or BSM?  Same story on Facebook. Maybe they use ITIL-Lite.  There are unfortunately, some documented productivity issues with social computing, but we have an effective solution for improving knowledge-worker productivity.

Security - Activity Monitoring. Traditionally, security has focused on putting up a perimeter fence to keep others out, but it has evolved to monitoring activities and identifying patterns that would have been missed before. Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements. A variety of complimentary (and sometimes overlapping) monitoring and analysis tools help enterprises better detect and investigate suspicious activity - often with real-time alerting or transaction intervention. By understanding the strengths and weaknesses of these tools, enterprises can better understand how to use them to defend the enterprise and meet audit requirements.

My two cents: See this survey on security management best practices.

Flash Memory. Flash memory is not new, but it is moving up to a new tier in the storage echelon. Flash memory is a semiconductor memory device, familiar from its use in USB memory sticks and digital camera cards. It is much faster than rotating disk, but considerably more expensive, however this differential is shrinking. At the rate of price declines, the technology will enjoy more than a 100 percent compound annual growth rate during the new few years and become strategic in many IT areas including consumer devices, entertainment equipment and other embedded IT systems. In addition, it offers a new layer of the storage hierarchy in servers and client computers that has key advantages including space, heat, performance and ruggedness.

My two cents: Wrong? We're going to see cloud storage take over this area, and it may or may not use flash memory.

Virtualization for Availability. Virtualization has been on the list of top strategic technologies in previous years. It is on the list this year because Gartner emphases new elements such as live migration for availability that have longer term implications. Live migration is the movement of a running virtual machine (VM), while its operating system and other software continue to execute as if they remained on the original physical server. This takes place by replicating the state of physical memory between the source and destination VMs, then, at some instant in time, one instruction finishes execution on the source machine and the next instruction begins on the destination machine.

However, if replication of memory continues indefinitely, but execution of instructions remains on the source VM, and then the source VM fails the next instruction would now place on the destination machine. If the destination VM were to fail, just pick a new destination to start the indefinite migration, thus making very high availability possible. 

The key value proposition is to displace a variety of separate mechanisms with a single "dial" that can be set to any level of availability from baseline to fault tolerance, all using a common mechanism and permitting the settings to be changed rapidly as needed. Expensive high-reliability hardware, with fail-over cluster software and perhaps even fault-tolerant hardware could be dispensed with, but still meet availability needs. This is key to cutting costs, lowering complexity, as well as increasing agility as needs shift.

My two cents: Now this is a BSM play if there ever was one!

Mobile Applications. By year-end 2010, 1.2 billion people will carry handsets capable of rich, mobile commerce providing a rich environment for the convergence of mobility and the Web. There are already many thousands of applications for platforms such as the Apple iPhone, in spite of the limited market and need for unique coding. It may take a newer version that is designed to flexibly operate on both full PC and miniature systems, but if the operating system interface and processor architecture were identical, that enabling factor would create a huge turn upwards in mobile application availability.

My two cents: Anytime, anywhere, on any device.  Didn't I write about that a few seconds ago? And don't we need our CMDB to track all these diverse devices and apps?

As you can see, I've attached Business Service Management (BSM) as an enabling IT strategy for just about all ten of Gartner's Strategic Technologies for 2010. And of course if it's a service provided by IT or even an external service provider, we're still going to need a Service Catalog for 2010. More on that in a later post.

Israel, where do agile practices fit into this? Just about everywhere as well?


If you are of the same generation as myself, then you probably think this is an article about Pink Floyd - sorry, it's not. It is, in fact, the title of a book I read recently, which investigates what it cost to put a man on the moon. Now I happen to be related to Neil Armstrong (we are both descended from the same notorious Scottish cattle thief - please see this for details), and this year was the 40th anniversary of the moon landing, so the book was of great interest to me.

The cost of putting my relation on the moon was $35 billion, and the question which the book raises is the very valid one: Was it worth it?

In my opinion, and the book's, the answer is no.

This does not mean that I think the whole space programme is a waste of time and money, I happen to think the unmanned space programme has been extremely beneficial. Just think of some of the information or services, which we take for granted nowadays - the first communications satellite was launched in 1958, the first TV satellite in 1962, the first weather satellite on 1st April 1960 and the first navigation satellite 12 days later. However, when I challenge people to tell me what the manned space programme brought us, I get answers like:

•    We (the US) had to prove our superiority to the Russians and it raised morale throughout the country. I agree with the latter, not the former (as that way of thinking tends to lead to conflict or war), and why does the US now want to go to Mars - what will that bring?

•    Teflon - untrue,  PTFE was accidentally invented in 1938, patented in 1941, and Teflon was trademarked in1944

•    Velcro  - untrue, invented by a Swiss engineer in 1941 by looking at the hooks on the burdock (arctium lappa) plant. Velcro is actually short for velours crochet, which means velvet hook.

•    The upside-down biro. You don't actually need an upside-down biro in space, as there is no gravity. There is a great story that the Russians saved millions by using pencils, but I don't believe this is true as broken bits of pencil / pencil shavings floating round in a spaceship would be liable to get into all sorts of places they shouldn't and could lead to a plethora of problems.

And this for me raises the fundamental questions, which have to be asked at the beginning of any project, especially in these times of limited financial resource:

•    Why are we doing this?

•    What is it worth?

If these questions cannot be answered, then IMHO the whole project should be shelved.

Just because something is technically possible, does not in any way mean that it is justified from a business point of view. There is, of course, a counter argument that this will stifle innovation and creativity and that sometimes the great ideas come out of something that looks like it is a total waste of time at the outset. True, and if possible a budget should be set aside for blue-sky thinking and experimentation, but my point is that investing huge quantities of money in something with no justification is a luxury, which we currently cannot afford.

Hence, I would like to see the same principles applied to IT projects. Every project should be presented in business terms, not in some boring technical jargon, which no-one understands and which no-one cares about. For this to happen, IT strategy and business strategy need to be joined at the hip. I have seen, far too often, the IT department which decides what its strategy should be and presents it to the business as a fait accompli; I see IT reporting into a CFO, who can only see the bottom line and nothing beyond, and I see too many businesses, which decide a business strategy, don't bother to tell IT what it is and then complain that IT doesn't deliver what they wanted.

What the current financial crisis has brought home for me, and I hope for lots of others, is the painful truth that you can't have everything today. Good stuff costs hard work and money, and if you haven't got enough money then you need to prioritise your requirements. Too many people say "I need", when they really mean "I want" or "I would like".

The same thing applies to IT. As a bedrock, I require sound business policies and a strategy that lays out the requirements and the priorities. If I don't have that, then I have a system that will collapse under pressure.
It is very easy to run things efficiently in IT - there are loads of tools for people to play with and tune stuff for hours - all of which is a total waste of time and money if they are working on the wrong thing.

The first step is to be effective. Then you run what matters efficiently.

In today's (and any) economic climate it is imperative that IT delivers what the business needs, and this can only be achieved with an open dialogue between the business and IT, where the two parties are equals, explain what they truly need, how much it will cost and what it is worth.
security survey

's friends over at the Enterprise Strategy Group shared this security best practices report with us. Let us know what you think.

Malcolm Fry does a nice job with his parable of the “Keeper of the Forms.” It starts off a bit slowly, but really picks up around the 3:40 mark. And, as usual, with everything Malcolm says, there’s a real lesson to be learned for IT:

Reminds us of Peter McGarahan’s post just a few hours ago, doesn’t it? >>

More from Malcolm: How to Improve Productivity by 40%

It's not rocket science.

Service and Support organizations that deliver exceptional customer service and business value have, at their core, something in common:  Leadership.

But what does leadership look like?  It's business-focused people who approach their responsibilities with energy, passion, and intelligence.  They never forget where they came from and what it took for them to get to where they are.  They take with them the lessons they learned and the people that influenced them along the way. They are resourceful and thoughtful.  They are unafraid to seek advice, direction, and support.

Most importantly, they share the most important characteristic of all - they are servant leaders. They never let their egos convince them that they are the smartest people in the room. And they never let arrogance stand in the way of being a good listener and a continuous learner.

Servant leadership is about doing the right thing and making fact-based decisions. It's about challenging conventional wisdom and having the moral backbone to stand up for doing the right thing for the customers and employees who serve them well. Servant leaders continuously look for innovative ways to leverage industry best practices, technology, and people. They treat every customer like they were their only customer.

I challenge all service leaders to become servant leaders.  Set the bar high for your team, constantly measure your progress, and continuously improve. Create a rewarding and healthy service culture that is driven by your daily examples of your servant leadership.
As part of today's Rally Agile Success Tour event in London, I had the pleasure of speaking 1-1 with an IT Director in a major F500 company. This IT Director has already made strides into Agile Business Service Management. His algorithm for success is straightforward:

Involve your Service Managers in the software development work from the outset.

The benefits of so doing cut both ways:

  • Service Managers become integral part of the development and test team.
  • Developers and testers are appriased on an on-going basis on the service view. 
Even more important, the team commitment is for the delivery (install, configure, run, evolve) of software as required at any point in time.

Simple and effective.
You may recognize these hardworking IT celebrities:


You call that service!?

| 2 Comments | No TrackBacks
With all the talk on here and in IT about service, I thought I would share a few thoughts on what service actually means. I love Ken's post on surrounding the employee with services, and it brought to mind what has been happening to us at home this week.

On Monday just as the cable engineer arrived here to fix our TV - transpired all it needed was a new card in the cable box - our 'phone, which is from the same cable company, died. I asked the engineer to look at it and he, of course, replied that he does TVs, not 'phones.

Fortunately, dear reader, I managed to restrain myself from throttling him on the spot and decided to report the problem. Now, this is normally done by picking up the 'phone and dialling 150, a call which starts with the "this call is absolutely free" message. Using the 'phone is, of course, somewhat tricky if the 'phone is broken. So I climbed on the internet, fortunately still working, and found a number to call. It was, unsurprisingly, an 0845 number, which means that you are going to pay (heavily) for the call. Strangely enough, the call did not start with the message "you are about to be ripped off for calling us to report a problem, which is our fault", but I managed eventually to get a person on the other end of the 'phone.

The person I was talking to was in one of our far-flung former outposts, and we had the usual problems understanding one another as I speak English, and she spoke some strange argot. Still, not as bad as the call I once had, which started with the person the other end saying in a broad Asian accent "Hi, my name is Chuck". No it isn't, so why start a service call with a blatant lie - are you setting me up for the almost inevitable ensuing bitter disappointment?

Anyway, I digress. She couldn't find anything wrong with their system, asked why the engineer I had just had did not fix it (answer unprintable) and agreed to send out a 'phone engineer. The earliest date they could offer? NEXT SATURDAY!!!!!!!!!!! You, of course, have no choice, so you agree to this ridiculous offer.

Last night our 'phone rang. It has sprung back into life all by itself, so I called today to cancel the engineer. When I get through, I am told that they had cancelled him already as it was a regional fault and they had fixed it. WHY THE BLOODY HELL DIDN'T YOU TELL ME THEN???

If you can't work out what was wrong with their service and how to improve it, I suggest you send me an email and I will give you a few pointers!!!!

What Matters is the End Goal

| 1 Comment | 1 TrackBack
Its strange how history repeats itself, fashions go in cycles, and every generation comes to them for the first time thinking these things are new, innovative and revolutionary. I guess it's because we're still human and we still need to learn the same lessons over and over again. We want to listen to advice, but can't, we want to learn from the past, but don't, we all want something that's called "common" but is far from it - sense!

May years ago now the company I worked for at the time brought a new concept to the marketplace. The analysts jumped onto it and made it their own and the market hype was all over it, it was the direction all business had to get to. Eight or more years on and we're still moving in that direction, the buzz died down, but the capabilities slowed and the term used changed from IRM to BSM.  However BSM was actually only a subset of what IRM aimed to achieve. With the complexities we find ourselves in today, with Virtualisation and Cloud computing the issues are still the same only in some cases magnified and the responsibility of ownership is moving. More and more the Business is, and will continue to, relinquishing ownership of the delivery of services to the employee (who make up the business) and allow suppliers to take over. It's something that has happened for centuries now. We moved from self-sufficiency to being reliant on others. Once, we all had wells in the garden to provide water for the household, now it's all provided through piped services. Once, we had to make our own small generators for the electrification of the Home, Farm or estate, now it's all provided through piped services. The list goes on, and so it is and will continue to be within the IT environment. Hence the need for Service Management to ensure we all have the disciplines, controls, standards and processes in place, controlled and managed to ensure delivery as required by the customers, whomever they may be.  Why did we move this way? Well for various reasons, economies of scale, cost savings, and to allow us to focus on our core competency without being dragged down by day to day necessities of life.

A slide on my website shows what is required to support the employee, who is at the centre of the business, and how these are more and more being delivered via services as depicted around the circumference of the sphere.  This slide goes back 8 years or more, so not new, but it appears it was rather a vision of the future, and more and more I can see it being fulfilled. Whether we use the same term or not is irrelevant, what matters is the end goal. Something that Geoffrey Moore of Crossing the Chasm fame predicted at roughly the same time.

Check out the slide and let me know if you see it being slowly fulfilled:


cloud computing

Says Annie Shum:

IT professionals should underscore the critical roles played by integrated virtualized service oriented management, governance, performance assurance, and analytics-based feedback loops. Together, they can safeguard the successful adoption and, ultimately, the viability of Cloud Computing in enterprise IT.

Read: A Measured Approach To Cloud Computing: Capacity Planning and Performance Assurance

Sure Footedness

| No Comments | No TrackBacks

Malcolm Fry brings up an excellent question in his ITIL Lite article:

So why are there so many people seeing ITIL v3 more as a methodology than as a framework?

As summarized in The Tool is the Methodthe phenomenon observed under similar circumstances in Agile initiatives is correlation with sure footedness (or lack thereof). The tendency is to follow the 'prescription' as is until one becomes sure footed enough to interpret it in an intelligent manner. 

Explains Richard:

Initially, compliance was an externally imposed distraction, representing just one more burden on an over-stretched enterprise and IT staff. But now, compliance activities not only provide data about current practices but also highlight areas where increasing the level of control could yield greater efficiencies in operation.

Read The Path to Compliance as a Business Strategy »

Agile BSM

When development, deployment and operations evolve in parallel from a business services perspective, we get Agile Business Service Management. That's according to Israel Gat, in his article: The Case for Agile Business Service Management >>

Israel, for those of you who don't know, is a founding member of the Agile Business Service Management movement, which in his own words is "the fusion of modern software development methods with the prevailing preference to run IT from the perspective of the business customer."

In this related interview, Israel talks to the illustrious Jim Highsmith on the same subject >>

Agile Infrastructure

| No Comments | No TrackBacks

Michael Cote, Andrew Shafer and I did a fun podcast on Agile Infrastructure a few months ago. Here is the key excerpt from the podcast:

Israel asks, is ITIL for the data-center like water-fall for development? Both Andrew and I weight in on how much water-fall you can buy into, making analogues to eat-the-whole-pie RUP. This also recalls a conversation I had on another podcast, the IT Management & Cloud podcast with Rob England, aka, The IT Skeptic, on the topic of CMDBs and ITIL.

Click http://theagileexecutive.com/2009/07/17/agileexec004/ for the full podcast. You would not be disappointed...


Those of you who know Peter Armstrong know about his sense of humor/humour, and his ability to write books on just about anything, like this novel of his on eco-terrorism. This one is rather funny and is more like talking to Peter in person.

For BSM Review, Peter gets "serious" with Business Service Management: The move to a new way of working >>
Let's be honest, it didn't need a brain the size of the Universe to work out that if you lend lots of money to people who can't afford to pay it back, then the whole house of cards will come tumbling down one day. It staggers me that so many people got caught up by the whole thing and threw away the fundamental rules of banking, but hey I don't run the world (thank God I hear you cry)!

What the current crisis has brought home for me, and I hope for lots of others, is the painful truth that you can't have everything today. Good stuff costs hard work and money, and if you haven't got enough money then you need to prioritise your requirements. Too many people, IMHO, say "I need", when they really mean "I want" or "I would like".

The same thing applies to IT. As a bedrock, I require sound business policies and a strategy that lays out the requirements and the priorities. If I don't have that, then I have a system that will collapse under pressure.
It is very easy to run things efficiently in IT - there are loads of tools for people to play with and tune stuff for hours - all of which is a total waste of time and money if they are working on the wrong thing. The first step is to be effective. Then you run what matters efficiently.
Now, could we have some effective global fiscal rules please?
In the current economic environment, and baring in mind what catapulted us into it, there are three terms that are coming up more and more. These terms have always been considered within IT and business operations, however the spotlight is now turned and directly highlighting these rising stars. So I thought today, I'd dip in a little into all three areas.

Let's start with Governance. The dictionary defines it as "The act, process, or power of governing; The state of being governed." The word Govern means to "rule with authority; conduct policy and affairs of state".  But I like the Wikipedia version, which actually highlights some component parts, often forgotten:

"Governance relates to decisions that define expectations, grant power, or verify performance. It consists either of a separate process or of a specific part of management or leadership processes. Sometimes people set up a government to administer these processes and systems.

In the case of a business or of a non-profit organisation, governance relates to consistent management, cohesive policies, processes and decision-rights for a given area of responsibility. For example, managing at a corporate level might involve evolving policies on privacy, on internal investment, and on the use of data.

In terms of distinguishing the term governance from government (both of them nouns) - "governance" is what a "government" does. It might be a geo-political government (nation-state), a corporate government (business entity), a socio-political government (tribe, family, etc.), or any number of different kinds of government. But governance is the kinetic exercise of management power and policy, while government is the instrument (usually, collective) that does it."
What I find interesting here is that many will be happy to define the process, the policies and responsibilities that go to make up the Governance standard, but few tend to clearly define the expectations, grant authority or power in a clearly defined manner and even fewer verify the performance of the governance being complied with. In fact as you see from the latter part of Wikipedia's definition, Governance is what a "government" (business entity in our case) does, however unlike a state the business does not invest in "policing" of policy to ensure adherence and enforcement. Hence the problems with the Banks having policies in place, but no policing to ensure brokers, traders etc adhered to them, or interpreted them correctly. As always Policy needs to be Specific, Measurable, Achievable, Realistic, and Timely (SMART).
Risk. This one is even more interesting, as the scale or level is different for different people, businesses and Governments. It is often determined by place, time and people. Crossing a road in the Australian outback without looking, is of lesser risk than crossing a road in downtown New York or London. Again going back to the dictionary we find "possibility or change of danger or loss or harm."  Risk is something we expose ourselves to, wittingly or unwittingly, based on experience, knowledge and analysed fact. So good old Wikipedia (it can be useful you know!), explains it well I think:

"Risk is a concept that denotes the precise probability of specific eventualities. Technically, the notion of risk is independent from the notion of value and, as such, eventualities may have both beneficial and adverse consequences. However, in general usage the convention is to focus only on potential negative impact to some characteristic of value that may arise from a future event.

Risk can be defined as "the threat or probability that an action or event will adversely or beneficially affect an organization's ability to achieve its objectives"[1]. In simple terms risk is 'Uncertainty of Outcome', either from pursuing a future positive opportunity, or an existing negative threat in trying to achieve a current objective."
The link back to Governance here is the part which highlights that risk will adversely or beneficially affect an organisation's ability to achieve its objectives. We need to ensure when creating our Governance policies we take into account the risks of adherence to that policy and the breaking of it. Adhering to a policy exactly may actually be a risk, as it may prevent innovative thinking or action which may generate new or more business areas or focus. This is why we need to understand and analyse the risks and be pragmatic in measures taken. Going back to the Banking example earlier, the brokers/dealers interpreted the policies in a manner that allowed for greater risk taking and greater rewards (at the time), however no-one appears to have "policed" the exposure and therefore change in risk and deviation from policy. Highlighting that the two areas (Governance and Risk) must be linked for effectiveness.
Now the "policing" element that should ensure both of the above are being SMART.
The Compliance element. Back to the dictionary and we get "in accordance with" and what I love about dictionaries is that they force you to look up other words with are used in defining others! So "accordance" is to be in accord with, and "accord" means to agree or be consistent. So compliance is to be consistent with, and agree to, something. In this case the Governance policies laid out. This is the "measurable" element and needs people and tools to carry out the reviews (policing) to report back on how consistent or inconsistent things are. Again, it's an element often ignored and seen as an expensive overhead. But we've all seen the expense of not having it in place with the Banking world! Jumping into Wikipedia again, it really helps me out, as it refers to the policing element too.

"The act of adhering to, and demonstrating adherence to, a standard or regulation. There is considerable regulation in the UK, some of which is from EU legislation. Various areas are policed by different bodies, such as the FSA (Financial Services Authority), Environment Agency and Scottish Environment Protection Agency, Information Commissioner's Office and others."
Interesting that it highlights the policing body of the FSA which should have measured the inconsistencies and risks of the non adherence to the Governance policies laid down by the UK Government, The EEC and the Banking Code of Conduct etc. As mentioned earlier failing to do all three areas well can have costly consequences, not just for you, but for a much much wider audience.

So when setting our governing policies within our groups, departments, organisations, sectors, states, countries and geographies we need to ensure we consider all three areas of Governance, Risk and Compliance to be effective and realistic. We in IT have guidance in many areas to help us, the most notable one being CobiT which in turn refers to and compliments ITIL. The Service Strategy book in ITIL v3 providing much more guidance than in the past. Most sectors have guidance too, so it's best to look at both to ensure your IT policies are aligned to the business you work within, as often IT is expected to measure and monitor against these policies as the "policing" mechanism.

Bringing all this down from the 35,000ft view the one area that still needs addressing in many organisations is Asset Management. We often have our policies set in place as to which standard builds can be purchased (having negotiated with suppliers). We understand the risk of interruption to service when we implement the asset (h/w or s/w) by analysing the Asset Db or the CMDB (CMS), but we often fail with the "policing" compliance element. If we have automated data collection tools in place, great, but we also need regular manual audits to verify the accuracy and quality of the data. This element is often ignored. So no matter where you are within the organisation these three areas of GRC need to be considered for your own protection and that of the business you work within.

I hope this has been educational and helpful I know it helped my own clarity of thought.

[Cross-posted at the ITP report]

EOL Technology

Bill Keyworth outlines a process to help turn the end-of-life problem into an opportunity to better serve the needs of your business constituents and IT staff, thereby moving to a desirable state of Business Service Management (BSM).

Read: Mitigating Risk for End-of-Life Technology >>

first contact resoulution

Peter McGarahan explains why there are five initiatives that are critical to all support centers around the process of providing best practice, cost-effective support that meets or exceeds your customer's expectations:

1. Solve it on first contact (First Contact Resolution).
2. Own it till resolved, closed when validated by the customer (Total Contact Ownership).
3. Eliminate the problem (Problem Management/Root Cause Analysis).
4. Deflect to another channel (Self-service, email or chat).
5. A balanced approach to measuring performance and cost-effectiveness (Driving Continuous Improvement).

Read his article: First Contact Resolution: The Performance Driver!

BMC Software announced yesterday the acquisition of Tideway Systems Limited, a UK-based, privately-held IT discovery solution.  As outlined in the press release, there is always goodness in IT delivering greater value to their business community through improved understanding of what IT assets are owned, what constitutes their relationships and inter-dependencies, where they are located and who owns them.  Tideway's contribution to that value is unquestioned.  (See Israel Gat's story on the acquisition announcement). 
BMC indicated that "the new offering supports the complete set of discovery requirements for BSM and features deep integration with BMC's Atrium Configuration Management Database (CMDB)." The yet-to-be fulfilled promise deals with the deeper integration of Tideway's IT discovery and BMC's Atrium Configuration Management Database (CMDB).  I'm assuming deeper integration as a result of the acquisition, else why the need to buy out their premier IT discovery partner ...except to remove that premiere offering from the grasp of BMC's competitors? 

Unknown is the impact to Tideway's existing partners such as Oracle and ASG Software Solutions.  What about the other 60+ Tideway partners and those customers who are dependent upon Tideway technologies?

We're also wary of any tool that promises to support the "complete set of discovery requirements for BSM" ...when true Business Service Management (BSM) requires discovery and mapping of most business oriented assets.  For example, does this mean that BMC is promising to support all types of business assets, including communication assets, manufacturing assets, inventory assets and transportation assets ...all of which include embedded IT components leveraged by commercial applications?  That would truly be impressive.

Finally, as IT management becomes more of a gating factor for the successful implementation of cloud computing, the BMC recognition that "visibility into the data center" and the need to "model, manage and maintain applications and services" is critical for cloud environments is welcomed. We believe the Tideway acquisition puts BMC in a stronger position to build a cloud-based CMDB which could become a core competence within BMC's solution suite, should they decide to pursue this value proposition. 


In today's recessionary climate, we need to be effective, to manage our capability, to remove excess costs, reduce expenditure on IT and the business, and provide clearer visibility into  business performance.

But how?

Explains Ken Turbitt:

"...there is a guidance to help you, something that has been around for over 20 years and been proven in the early '90s downturn. Yes, it's ITIL. ITIL is there to help you address all of the above. The central core, the driver of this is Business Service Management (BSM). BSM seeks to define IT resources in terms that not only make functional sense to the business, but which relate directly to business metrics and concepts. BSM needs to become the core of your business to enable that clear visibility into business performance and add competitive edge. Now more than at any time in the last 20years is the critical period to review your processes in line with ITIL to improve and automate, understand where you can remove costs without impacting your customers, and keep your business running. To succeed and survive you need to be flexible and respond quickly to the changing requirements and demands being made, and do this whilst protecting and enhancing the business, your products and services and your business processes."
Read the rest of Turbitt's article: Where can I turn to in a Recession?

You do not need to be an expert in Value Stream Mapping to appreciate the power of speeding up deployment to match the pace of Agile development. By aligning development with deployment, you streamline "production" with "consumption." The rationale for so doing is aptly captured in the first bullet of the Declaration of Interdependence:

We increase return on investment by making continuous flow of value our focus.

Flickr and IMVU seem to be doing an exceptionally fine job streamlining the flow of value: every thirty minutes and every nine minutes respectively. A recent presentation in Velocity 2009 by John Allpsaw and John Hammond adds color how development and operations at Flickr cooperate to accomplish "10+ deploys per day."

What does such fast pace mean to the business? In a nutshell, much of the guess work as to what features are really needed is eliminated when you develop, deploy and collect customer feedback in ultra fast manner. Consequently, the company's business design is likely to be transformed. Click here, here, and here for more detailed discussions how the business design gets transformed.


Tom Bishop explains that there "simply isn't a more important aspect of an IT strategy than one built around the concepts of Business Service Management."

Read his article: How to Spell BSM >>

The overall investment associated with implementing and maintaining BSM can be significant. A 1:4 ratio between product investment and the corresponding investment in related services is not uncommon. In other words, an initial $2M in licensing BSM products might easily baloon to $10M in lifecycle costs.

I offer the following rule-of-a-thumb guidelines to assessing whether the price quoted by a vendor for a BSM initiative is right:

  1. Standard maintenance costs: Insist on a 1:1 ratio between license and standard maintenance over a 5 year period. If standard maintenance costs over this period exceed the corresponding license costs, chances are the vendor's software accrued a non-negligible amount of technical debt. Ask the vendor to quantify the technical debt in monetary terms. Click here for an example how to conduct such quantification.

  2. Premium customer support costs: Certain premium customer support services could be quite appropriate for your business parameters. However, various "premium services" could actually address deficits or defects in the BSM products you license. If the technical debt figure is high, the vendor your are considering might not be able to afford the software he is developing. Under such circumstances, "premium services" could simply be a vehicle the vendor uses to amortize software development costs.

  3. Professional services costs: Something is wrong if the costs of professional services exceed licensing cost. Either the BSM product suite you are considering is not a good fit for your business circumstance or your BSM initiative is overly ambitious.

To summarize, the grand total of license fees, customer support fees and professional services fees over a 5 year period should not be higher than 3X license fees. Something is out of balance if you are staring at  a 4:1 or 5:1 ratio for your BSM initiative.

One final point: please do not forget End-of-Llife costs. Successful BSM initiatives can be very sticky.

BSN Data Center

In his article titled Business Service Management: Driving Data Center Performance, Richard Ptak tells us that "in order to maintain reliable services and avoid problems requires IT visibility into the impact of change, early warning of potential problems and more insight into cross-functional operations." 

The solution?  Writes Ptak: "...the challenges of effective performance management for the enterprise and IT can be addressed following a strategy of Business Service Management and implemented with intelligent, integrated performance management tools."

Read all about it >>

BSM in the Data Center

| No Comments | No TrackBacks
Embedding BSM in the Data Center is no longer an option but a necessity for those looking for a long term career. As more options for sourcing enterprise IT services continue to present themselves, they are backed up by more by industry and business 'experts' eager and ready to relegate IT to a completely outsources utility model. They say liars figure and figures lie, just so - apparently compelling justifications can be created that demonstrate the way to IT nirvana lies in pushing the burden out the door. No one in IT can assume a secure future without their value and contribution to the organization being consistently made apparent.

This isn't to say that outsourcing isn't a valuable and viable business model. It's just that it's not the only useful or appropriate operating model. There are few better ways to demonstrate the value of in-house IT operations than to follow the BSM model.

Tom Bishop's analysis, especially of the 'S' in BSM hits the nail on the head. IT staff let alone IT management cannot afford to imagine themselves as separate from and independent of the entity in which they work. They, as much as any front-line, customer-facing sales rep or manufacturing floor worker or PR representative have to understand how they contribute to the success of their enterprise AND exercise their own creativity and initiative to expand and enhance their contribution.  BSM is a term that covers a multiplicity of tactical activities and actions but behind it all is pro-active, individual initiative and responsibility to achieve the goals of the enterprise.

Welcome to BSMreview.com

| 2 Comments | No TrackBacks

Agile BSM

Discussion around Business Service Management (BSM) has been ongoing for years ...and years ...and years. Yet it remains a fairly immature dialogue as vendors scope BSM to capitalize on their respective product offerings; as IT organizations struggle to articulate the desired end state; and as industry analysts deliver unique perspectives for purposes of differentiation.

Fortunately, the purpose of BSM is so fundamental, so basic, and so obvious ...that vendors, IT organizations, business managers, analysts and editors intuitively "get it" ...dwindling the confusion that so frequently accompanies newer technology concepts. This website is dedicated to the BSM dialogue by whoever wishes to participate. There is no fee to join ...no content that requires a subscription ...and no censorship of reasonable ideas and questions.

IT has been, is and will continue to be hammered for being disconnected from the business needs of the customer that IT serves. Sometimes the IT organization is adequately connected to the business entity, with the value simply unrecognized. More often, IT is guilty of diversionary focus on technology silos that business doesn't care about. BSM is the discipline that aligns the deliverables of IT to the enterprise's business goals.

That discipline comes in the forms of activities, technologies, tools, metrics, processes, best practices and people. BSM creates a laser focus on those deliverables generated by IT into something that is meaningful to the business community. If the IT deliverable is of no importance to the business function, then IT should eliminate or repackage it into a service that carries appropriate business value. BSM success is entirely dependent upon the willingness and skill of both IT and business to have an effective two way conversation ...one party without the other is doomed to failure.

Read my complete introduction: The Why & What of Business Service Management

About this Archive

This page is an archive of entries from October 2009 listed from newest to oldest.

November 2009 is the next archive.

Find recent content on the main index or look in the archives to find all content.