Recently in IT Infrastructure Library (ITIL) Category

Process?

| No Comments | No TrackBacks
I know I've been very quiet on the blogging front, and frankly that is due to the following:

  1. I'm retired
  2. My grandaughter is way higher on my list of priorities
  3. Nothing much has annoyed me for a while (apart from our politicians who annoy me all the time)!
However, two recent things have caused me to leap to the keyboard and bore you rigid with my thoughts.

  1. I read an article about people using the infamous "CLOUD" , and hey presto they think their backup and recovery procedures are not needed any more - DOOOH!
  2. We have had a banking mess over here - not the LIBOR fiddling - which involved a certain bank's systems being offline for a long time because some poor underpaid soul in the depths of our previous empire didn't backup the scheduling info before he changed it. Unfortunately his change also happened to involve deleting it!
Several things struck me straight away. 

  • If you move key parts of your computing to cheap labour, don't be surprised if it goes wrong occasionally. Unfortunately the bean counters never look at the real costs when they move things offshore.
  • Don't blame the poor soul who deleted the data - blame the process, which probably wasn't in place. 
  • If you use the CLOUD, don't expect everything to happen by magic. All the CLOUD means is that someone else is running the system - it doesn't mean they are running key processes for you, unless you ask them to. CLOUD does not replace ITIL and CoBIT.

Product or Service? Does it really make any difference?

| 3 Comments | No TrackBacks
 

What one customer sees as a service, another might see as a product.  As an example, a mobile phone company provides a phone, which could be seen by the customer as a product which allows them to make calls and send/receive text messages, and provides various other capabilities.  It could be regarded as a service - being able to make phone calls etc. which just happens to include the supply of a phone handset in order to use the service.  Whether the customer sees it as a Product or Service is subjective, and probably doesn't really matter all that much.  From a customer's perspective, it's what the Product or Service does for them, the value it provides, which is important.  The mobile phone Product or Service allows them to make calls and other tasks - the value is in achieving the outcome, not in buying the product or service.  If the customer didn't have the need, they probably wouldn't be buying.

 

Our industry can be guilty of spending too much time on semantics  - is it an 'incident', or should we call it something else?  There are an embarrassingly  large number of examples.

 

Surely any organization who wants to be successful, realizes the necessity for understanding this customer-centric perspective.  This awareness is absolutely necessary if we hope to design and deliver successful products and services.  Regardless of whether we're a commercial organization, charity, not-for-profit, public sector or private, isn't this completely critical?

 

People have different views, and why should we have the right to dictate how people should think, or the language they use?  I would argue this is a distraction, and not massively important.  The main point is that a good service provider, or any of us who believe they have any element of service management in what we do, should do everything we can to understand what the customer wants or needs to achieve, and how what we do makes that happen - that's what makes it a valuable service.

Exciting times

| 2 Comments | No TrackBacks
Well, life has certainly been a bit different recently. I will ignore the week spent feeling half-dead as we caught a stomach bug, and talk about the more interesting parts of life.

First a bit of blatant self-advertising. As some of you may know I wrote a book (a modern-day thriller based round the world's energy problems) and published it on Amazon and Lulu

Well, I was feeling inquisitive so I wondered if could get it published as a Kindle book, because we both have Kindles now and think they are ace. Good news for those who want to try it, it is an easy process. (Yes, I know the links above are all UK ones, but I have also done it on Amazon in US, Germany and France). 

Having done that, I though I would also try it on smashwords, as they distribute to other channels like Barnes & Noble, Sony etc. Then the fun began as I had to fight Open Office to reproduce the already accepted and printed manuscript in epub format. The fact that the PDF I had already worked fine on my Kindle - I checked it - was immaterial, you have to rejig it and play around with paragraph spacing and different ISBN etc. etc. Anyway, got it to work eventually. Of course, just after I had finished that, the original online publisher I used (Lulu) sent me an email saying they were now offering a whole range of epub distributions - was I interested?!?!

OK, so the good news is that having gone through all the rigmarole with smashbooks I now had a version that worked on lulu, and I have blasted it all over the place!!!!

Now, why am I boring you with all this? Well, there is always the vague hope that one or two of you might buy a copy as it's nice and cheap, but a lot of you will probably say "I haven't got a Kindle, or I've got an iPad or whatever." So here's the good news:

  1. Yes, it works on all sorts of devices. Of course, being run by computer people they are all different formats so we authors have to go through the tedium of converting it multiple ways!!
  2. You don't need a Kindle to read Kindle books - there is a free Kindle reader app for the PC, the Mac, iPhone, Blackberry (handy when you can't do anything else with it as the server's down?), the Android etc. There is also a free Adobe Digital Editions app for epubs. So you can read lots of cheap / free books on your laptop / pad / whatever.
  3. My apologies if the price keeps changing - the one part of the Kindle process that doesn't seem to work the way I expect is the pricing. I tried to make it about a quid (UK one pound) everywhere, as I didn't want to stretch anyone in these hard times!   

Now the other half of my life! 

I got stung by a wasp a couple of weeks ago. I've been stung before and not had any great problems beyond a bit of pain and a secret desire to eradicate all wasps worldwide. This time, however, I reacted quite violently and came out with a mega rash over my chest and arms so off we go to hospital.

Being a sad old computer process man, it was interesting to watch the stages:
  • Initial diagnosis / triage where the most important question was asked, namely was my breathing affected, fortunately no
  • See doctor, get treatment confirmed - some injections
  • Injections with check that they were correct ones
  • Check to see all is ok and explain about medication to be taken at home
  • Controlled emergency reaction as I suddenly collapse and my wife is somewhat worried by call of "he's not breathing"
  • Come round a few seconds later to find team of specialists doing what is needed - oxygen, drip etc.
  • Constant vigilance of blood pressure, which apparently dropped off edge of cliff earlier
  • Tests to see if I can talk, sit, stand, walk
  • Revisit by doctor to see all has been resolved
  • Close of trouble ticket and my wife drives me home
Now, if you can't see the parallels to an ITIL/CobIT scenario there I will be very surprised. Thank you hospital for having the right processes and the right controls.
As IT becomes increasingly important to business operations more and more IT organizations are turning to ITIL and other such ITSM frameworks to bring IT under control and provide services that deliver business value. ITIL V3  sums up perfectly what we in IT need to deliver "Value to customers in terms of outcomes they want to achieve without the ownership of specific costs and risks."

Unfortunately, too many  ITSM improvement programs fail. Reports vary, stating that between 70% and 80% fail to deliver value. A Forrester report revealed that 52% fail because of resistance. These failures cause wasted costs and increased business risks. These failures are no longer acceptable.

Paul gives us the "Top 10 Types of Resistance" you had better keep an eye out for. And if you catch yourself resisting with one of these techniques... well, then.

More >>

Fit for purpose, fit for use.

When ITIL v3 came out, so did some industry terms that really made sense and needed to be fully understood and taken on-board. "fit for purpose and fit for use" is one of those terms.

So often people just focus all their energy and attention on the "fit for use" element and ignore, at their peril, the fit for purpose factor. Let me give you some simple example to highlight the point.

Over the past few weeks I've been involved in the planning (and expense) of refurbishing a house I purchase as a "buy to let" investment and some of the team have focussed too much on the fit for use factor and ignore the fit for purpose.  Downstairs the house already had a cloakroom with a small wash-hand basin and lavatory. The room was large enough to allow me to add a shower cubicle in and change the "purpose" of the room from a guest facility to a tenant shower room facility. The builders changed the existing Loo and basin to new ones, but the basin was tiny, just about large enough to get one hand in to wash! So it was "fit for use", one could wash your hand in it, but it was not fit for the new purpose of a shower-room. It was too small for someone to wash their face in, or to be used for a man shaving etc, it was not fit for purpose and so I got it changed to one 3 times the size. Now it was fit for use and purpose. Something the designers should have got right from the initial briefing.

The second example is the opposite. My car. Now I've had the car for 5 years and when I purchased it I was still with BMC and travelling the world, so it was a car for fun, not for trying to collect and move furniture around from one house to another! It was fit for use and purpose at the time. It took me from A to B, it had 4 doors and a boot (trunk) it was large (16 feet long) and wide. So, on paper it was ideal for using. However it was designed as a four door coupe and had very sloping roof and narrow doors and windows, making it impossible to get solid things into, only flexible people! It is no longer fit for the purpose I now require.

Things do change and over time what was right for one period in time is not longer right for the existing environment and tasks at hand. This is so true in the Service Management world too. Too many organisations keep trying to "shoe-horn" existing software, applications, servers, desktops, laptops and even processes into doing things they are not made for. They take the view that it was fit for use and initially fit for purpose, therefore they believe it must still be still for purpose, yet our purpose changes over time. We need to constantly review our Asset base and ensure we use them, at the right time, in the right place, for the right tasks and the right usage. This is utility. Something that can be fully utilised, unlike my nice car! Don't complain to Service Management if you're using assets Fit for one element and not the other, review and get the Utility right.

Back in 2007, Gartner released the statistic that IT was responsible for 2% of global CO2 emissions. This puts IT on a par with the aviation industry. Yes, really! We all focus on the airlines, because they are big and obvious, we can even pay an off-set charge to "feel better", but we need to start and focus on things we can more directly impact on our own doorstep, the IT we use. The carbon footprint of PCs and monitors is expected to triple by 2020 - a growth rate of 5% per annum. The global data centre carbon footprint is expected to triple by 2020 - a growth of 7% per annum.

We've all heard about global warming and the impact we hungry consumers are having on the planet. It's something we need to address, especially as we begin to see the impact it's having on our weather patterns. Severe floods in South America, Australia, heavy snow in the UK and East coast of the USA. These conditions are impacting our lives and businesses and are projected to continue unless we all start to turn the tide and think of ways to reduce our carbon footprint. Many governments and businesses have Green policies and set targets as part of their corporate governance responsibilities ...perhaps your own organisation has such a policy. If so, do you know its content and how you can contribute towards it? We need to start adding Green IT thinking into all that we do, particularly in the business/IT (BSM) relationship, before it's too late.

What can we do about this? There are simple things to make a positive start, such as archive unused data, power off idle Desktops, printers etc. We need to bring this thinking into our Service Strategy and Design initiatives ready for the transitioning into live operations. We need to bring Green IT into the business-oriented service management discussion. 

Recently I came across a great article by Karen Ferris from a consulting company in Australia, Macanta Consulting, who looked into Service Management and in particular ITIL as a way of understanding, controlling and reducing a Businesses CO2 impact. I hope you'll find it of interest and useful in your Green IT efforts.
BSMReview is a Media Sponsor for the Pink Elephant conference and expo being held in Las Vegas this week. As a media sponsor, we promoted the event on BSMReview and are covering BSM newsworthy items at the event. BSMReview is well represented at the event and we are holding down a spot on the expo floor.

As you probably know, Pink Elephant is a professional services organization that provides consulting, education and tools to assess ITIL and IT service management competency. The Las Vegas conference is their 15th international event, has 1600+ attendees, and offers a solid program of educational sessions that features ITIL experts and customer presenters. The event is well run and sessions that I attended are content rich and well attended.

As a side note, I loved the opening video they produced and recommend watching it -- it is both entertaining and insightful.

We are launching the 2011 BSM Maturity Survey at the event. We are finding a high level of interest in both the BSM Maturity Model we developed last year and the survey instrument. Nearly everyone we have spoken to recognizes the alignment gap between IT and the business, but few know how to deal with the issue. They see the maturity model as a good way to start a dialog and the survey as a way to measure where they stand as compared to other companies their size and within their industry.

Many of the presenters at the event are real customers who are sharing their experiences -- lesson learned and best practices. Many view the CIOs role as the indicator for BSM maturity. Many see their CIO focused exclusively on IT operations (keeping the lights on), others see the CIO as transforming IT (to run IT like a business) and a fewer number see the CIO as strategic to the business. There was a healthy discussion about how IT leadership transitions though these phases, what leadership characteristics are key and if multiple roles are necessary to do it all. It is worth reading the 2011 State of the CIO survey by CIO.com to see how CIOs see their priorities changing this year.

We didn't spend a lot of time with vendors and won't be blogging about any new BSM related announcements. However, we spoke to a number of vendors who have agreed to promote the BSM Maturity Survey to their customers and prospects to support the benchmark study.

Finally, we made some great connections with customers at the event and have a half dozen or so lined up for interviews, so be on the lookout for that.

The Pink Elephant event is 100% relevant to BSM, offers insightful content and is run professionally. We will be back there next year and hope to see you there.

Recently I watched the TV program with Michel Roux (http://www.bbc.co.uk/iplayer/episode/b00xjzml/Michel_Rouxs_Service_Episode_1/) where he takes a dozen people, mostly without any job or experience at all, and over a course of several weeks will transform them (he hopes)into waiters, maitre D's, sommeliers etc  for his Michelin star restaurants. Well last night was the first episode and it was amusing and cringe worthy at the same time. Some of them had never opened a bottle of wine with a cork and had to be taught. When they came at the end of the 1st programme they were made responsible for the "front of house" within a ZiZZi restaurant here in the UK's docklands. It was fascinating.

Customer service, in fact "customer-oriented service management" (BSM?), was so un-natural to them, that the inevitable happened. They worked in silo's, they focused on their tasks and not on the customer, SLA's were not understood and ignored if they were, some stuck to process regardless of the bad impact on the customer (business). For example they were told not to take the food order until the drinks had arrived (they must take the drinks order first and process it). So when the bar was really busy and could not provide the drinks for over 20-25mins, the customer had to complain that not only did they have no drinks, not no-one came to take their order, and worse, when the customer asked them to take the order, they were informed by the waiter that they cannot until your drinks have arrived!!!!! Unbelievable, but it does show that sticking to the "letter of the law" on the process and not being flexible can adversely impact your customers (businesses).

The correlation to ITSM and BSM was all too apparent to me. The "greeter" would be the service desk, the interface between the waiting staff and the customers. They would greet the customer, take some details (how many in the party etc) and place them in the appropriate area of the restaurant and allocate to the appropriate waiter (even introducing the waiter to them). All this allocation was based on demand management, capacity management, priority (had they booked, or just a "walk-in").

The waiter was the support staff, managed and controlled by the Maitre 'd (service manager) who is responsible for the entire front of office experience and the customer (business) service. The sommelier being a specialist support person interacting and delivering a solution appropriate to the meal and the customers taste, but the waiter is still the "single point of contact" for all the interactions with the table and the customer. 

It will be interesting to see how they develop their (business-oriented) service management stills.

Today, I was visiting a London financial services organisation who are seeking to implement an organisation cultural change for IT to be less technology focused and move to a customer (business) centric focus. The examples they gave were so mirrored by the experiences shown on the TV programme and prove that Service Management fits across all markets and perhaps we need to drop the IT prefix and simply focus on the customers. Often the best way, I've found, is to imagine you are the customer and how would you like to be served or be treated in the circumstances you are in right now!

Looking forward to seeing how Michael Roux and his students progress.

The Two Key Roles for IT In Social Media are Business Service Enablement and Digital Asset Guardianship

What a great day we had at the Pink Elephant Social Media Event this week in Toronto! David Ratcliffe, Chris Dancy and I presented a full day agenda of topical sessions related to the opportunities and risks stemming from the tidal wave adoption of social media in both the private and commercial sectors. The attendees were very engaged and were almost to a person asking the same questions.

Q: What is the relevance of Social Media to IT Groups and what do we do with it?

This is the same question I hear over and over again from the various IT leaders and organizations we work with. For many Social Media is largely a problem, something to control or block from within company firewalls and network perimeters.

In other words Social Media is a nuisance they would rather not bother with and is getting in the way of their real work of managing the organization's technology environment.

This was certainly the perception of several of the event attendees who came looking for ways to control, limit or completely block the business users from social media sites during work hours or on company devices. "We certainly wouldn't want employees wasting company time in non-productive activities!" From that point of view Social Media is only something of interest and value to individuals for personal use. However, many organizations and IT Leaders have not understood that there is more to this topic then they might think.

What our industry is just beginning to realize is that Social Media is also an extension of our customer's business service strategy.  Business customers are hungry for ways to innovate, differentiate and improve their value proposition to the market. The world is "Literally" connecting from a variety of technology devices in unprecedented ways on these emerging networking platforms.  Millions of people globally are talking about and commenting on pretty much everything under the sun including your companies' products and services. The fact of the mater is that if an organization wishes to reach and communicate with their clients, constituents and citizens they must go where the people are!

At the Pink event we impressed upon the attendees the Tsunami speed of adoption to raise the urgency of this topic.

  • Social Media adoption has surged to staggering heights. While Facebook has over 618 million users (As of Today) 100 Million new users added in the last 6 months
  • LinkedIn has over 75 million worldwide.
  • Twitter, 105,779,710 registered users account for approximately 750 tweets each second
  • Facebook platform houses over 550,000 active applications and is integrated with more than one million websites

With recent technology advancements such as access to the web via high speed connections, the proliferation of mobile computing devices we have had years to adjust and establish methodologies and approaches. In the case of Social Media we are seeing massive change in the matter of months if not weeks.

A recent Burson-Marsteller study shows that, "of the Fortune Global 100 companies, 65% have active Twitter accounts, 54% have Facebook fan pages, 50% have YouTube video channels and 33% have corporate blogs" 


For these compelling reasons Businesses, Non-Profits, and Government Agencies are rushing to extend their existing web strategies to include and incorporate social media functionality and feeds into their service lines. Business customers of IT such as Marketing, Sales, HR, Research and Development, Product Support are engaging "NOW" in the Social Media and cloud activities.  Albeit many organizations are doing so in an uncoordinated, un- planned and ill advised manner.

The problem is that they are not necessarily working with the IT Leadership to do this! Why should they? (Sarcasm)

  • They don't need IT's permission
  • They don't need new technology (At a pinch a browser will do)
  • They are not exactly getting an enthusiastic response from us if they actually ask for help
  • They believe IT is not agile enough and are focused more on controlling and limiting their goals versus enabling them

Not surprising then why many of our business customers take a "don't ask don't tell approach" to their social media activities!

Consider for the moment the ITIL Definition of a Service: "A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific cost and risks.

So if Social Media is something the "Customer Wants" then we should be stepping up to the plate and helping them achieve the expected value by applying good practices to manage risk and costs.

In short we should be Enabling Business Service Outcomes by working this requirement through a well thought out Service Life Cycle Strategy, Design, Transition, Operations and CSI process. (Sound Familiar) We should participate in this activity as a Partner versus a Road Block

This is one of the topics I addressed in my session on Monday and will speaking to again at the Pink conference in Vegas in a couple of weeks.

SMlifecyclesm.jpg

Of course with opportunity and reward comes risk!

It is our job in IT to also be the Guardian of our customer's Digital Assets. Our customers look to IT leadership to help establish technology and policy controls that will mitigate the very real risks that engaging in social media or general online activities presents.

Cyber criminals are like sharks which cluster where the action is, and the action is certainly happening on Facebook, Twitter, Linked In etc.

The key consideration here is that we must stop thinking that the digital security perimeter exists only inside the company's network firewall.  Consider the following quotes from the Annual CISCO Security Report:

  • Consider social media. Its impact on computer security cannot be overstated, It is common for workers to blend business and personal communications on these social networks, further blurring the network perimeter
  • The high levels of trust that users place in social networks - that is, users' willingness to respond to information appearing within these networks - has provided ample opportunity for new and more effective scams. Instead of searching out technical vulnerabilities to exploit, criminals merely need a good lure to hook new victims
  • No longer does business take place solely behind network walls. The critical work of an organization is happening increasingly on social networks, on handheld devices, on Internet kiosks at airports, and at local cafes
  • Social Media "Were The Problem" Social media users believe there is protection in being part of a community of people they know. Criminals are happy to prove this notion wrong

The key point to consider is that we need to understand and effectively manage risks related to web and social media activity. IT leadership needs to open their eyes to the business opportunity as well as the risk and actively engage our customers in helping them to achieve their goals. Focusing our security efforts only on blocking URL's and domains from within company firewalls is too narrow minded, short sited, doomed to failure and like the story of the little Dutch boy who stuck his finger in the leaky dam. Being an effective Guardian of our Customer's Digital Assets means taking a holistic and people centric approach to managing both technical and social engineering attacks from within and outside our firewalls.

Troy's Thoughts What Are Yours?

Blog: http://blogs.pinkelephant.com/troy



Quote: "If you don't like change your going to like irrelevance even less" General Eric Shinseki Chief of Staff US Army



As a community of business and IT professionals, we're conducting our First Annual Survey to measure the maturity of BSM initiatives industry-wide.  Our goal is to benchmark the adoption, perceptions and expectations of aligning IT and business within a variety of industry segments.

In addition, the survey will help refine the definition of Business Service Management, quantify its value to the organization and provide the data necessary to measure IT and business alignment based on market and business maturity.

Each survey participant will be provided the resultant BSM Maturity report (complimentary), analyzed by BSMReview experts, and be invited to participate in a webinar that discusses the results. It is our intention that participants will learn:

1.    How other companies are assessing the value of BSM.
2.    How your BSM maturity and initiatives compare to others.
3.    What others are doing to better align business with IT.
4.    How others are measuring BSM effectiveness.
5.    The norms for BSM adoption within your industry segment.

The survey consists of 19 questions and the average time to complete the survey is 10 minutes. Survey participation is 100% anonymous.  Our goal is to obtain survey response from both IT and business personnel, so we strongly encourage forwarding the survey link to business colleagues who will benefit from participating.

2011 BSM Maturity Survey

BSM Definition

| 6 Comments | No TrackBacks
A friend of mine just pointed me at this Wikipedia definition of BSM. Whilst I like some of the entry, I must admit that I'm not keen on the first couple of paragraphs, which seems to imply that BSM is a bunch of management tools you buy from one or more vendors.

As one of the people, who can actually claim to have been involved in the very early formulation of BSM (at BMC), can I please explain what we were trying to achieve and what I think BSM really is? It has grown and developed since then, but I think a few key points are getting lost in the plethora of tools.  

  • BSM is not a bunch of tools. You cannot buy it.
BSM is actually a mindset. Everything you do has to be from a business point of view. This is absolutely key. Once you get this, everything else flows on from here. Tools are pointless if you don't have the mindset and processes to exploit them.

For instance if I walk into a motor manufacturer IT department and ask an employee what he/she does, the correct answer is I sell cars - not I monitor Oracle.

Once you have this, then you look at things like ITIL and CoBIT to help you achieve your goals.

  • You don't need all of ITIL - choose the bits you need
My big hang-up with ITIL is that it demands you learn its grammar and syntax and vocabulary. Sorry, I know why I need a CAB, but I couldn't care less what the initials actually stand for. Use ITIL as a means to achieve the first bullet, not as a gospel that has to be followed blindly. 

  • BSM is two-way
Everyone loves to talk about the business impact of a failed router or whatever, but  that is only a small part of the story and an example of IT impact on the business. 

What most people forget or ignore is the other way - the impact of business on IT.  One of the definitions cited in the Wikipedia entry says that BSM is a 

"strategy and an approach for linking key IT components to the goals of the business. It enables you to understand and predict how technology impacts the business and how business impacts the IT infrastructure." 

I would actually say services rather than components, but I see too many people getting bogged down in the first half and forgetting the second. Actually you have to get the second half right before you can do the first. There is no way you can design an IT infrastructure if the business hasn't told you what their goals / budgets etc. are. I can design you a sub-second 24x7 system, but do you need it and can you afford it? It may be right for some business services , but not all etc. 

  • IT and business need to be co-joined.
If IT does not have a place on the board with equal or greater importance than other departments like manufacturing, sales etc. then get another job. BSM has no chance in a place like this, as IT will always play second fiddle. 

However, this also means that IT people have to learn to not  talk IT when they meet anyone from outside their department, and that business people have to say what they need rather than what they want.

  • Don't run stuff in-house that should be outsourced
BSM is not about protecting IT - it's about running IT in the most efficient and effective manner possible for the business. For example, if you know nothing about networks, get someone else to run them for you.

  • Make your contracts business based, not component
Any contracts you have with service providers, or you have with someone outside your organisation should be based on the delivery of that service, not on the availability of server no. 843, which is meaningless.

This raises some very interesting questions on who measure the service and reports on it and with what regularity? Are they measuring it from your point of view or theirs? I don't care if the service provider uses carrier pigeons if the service meets my requirements. I have no interest in how they do it, I just need to know that it will work and how they will respond when it breaks? 

  • Don't run something just because someone else does or you read it somewhere
Every business is different. Your company goals are different. Your strategy is different. (If not, then merge and save some money). Ergo, your IT will be different.

There are many more examples I could quote, but I hope you agree that everything flows from the first bullet. If not, or you think I'm totally wrong, please let me know.
We are very excited to announce that Service-now.com, the pioneer in On-Demand IT Service Management, has agreed to become a sponsor of BSMReview.com.

As a sponsor, Service-now.com will receive brand recognition across the BSMReview community site and eNewsletter. Additional services include:

  1. Dedicated page in the BSMReview Vendor Zone to promote Service-now.com white papers and events
  2. Invitation to participate as a BSMReview Expert providing thought-leadership articles and blog entries
  3. A cadre of joint programs produced and promoted by BSMReview that include thought leading webinars, white papers and customer case studies.
Service-now.com will have the opportunity to participate in shaping the conversation of Business-Oriented Service Management and will gain insight into customer requirements through the use of surveys, polls, discussion groups, and other research instruments.

Service-now.com was one of several vendors to sponsor the BSM Maturity Model developed by BSMReview experts and recently participated in an interview with Bill Keyworth, editor-in-chief, entitled "Achieving BSM Maturity through Service-now.com".

About Service-now.com
The Service-now.com enterprise IT service management platform combines ITIL process support and SaaS delivery to provide a flexible, intuitive and self-managing, cloud-based application. Founded in 2004, Service-now.com uses a new business model and modern technologies to transform IT. According to the 2010 Inc. 500 list, Service-now.com is the fastest-growing IT management software company.

As a site sponsor, Service-now.com content is provided in the BSMReview Vendor Zone.
In preparation for the release of a new EMA Radar report that evaluates the BSM vendor community, Dennis Drogseth, a Vice President at Enterprise Management Associates, held a webinar this week entitled BSM Service Impact Radar Report: A Story of Market Transformation in 2010 that discussed the results of research based on interviews with 15 vendors and more than 25 customers at various stages of deployment. EMA will be publishing the Radar report next week.

A few research highlights really hit home with me and validated the BSM Maturity Model developed by the BSMReview community. These include:

  1. BSM initiatives are transformative to managing services rather than just technology
  2. BSM initiatives are value driven, not cost driven (i.e. Why doesn't the business drive BSM?)
  3. BSM real and perceived/expected benefits are consistent with the view of our experts 

I would encourage you to watch this EMA webinar and the one next week.

Of course, I hope to hear your perspective.

Reading through the articles on BSMReview.com, I started to wonder: "what is the problem?". Is IT really thàt disconnected from the business? Looking around in my living room and at the office, I can harldy imagine how life would be without any Information Technology to support me. And all of this is provided to me by companies in the form of products and/or services. Would I buy and/or use them if I didn't know what value they bring to me? No, of course not. Given that IT has penetrated already so much into my life, these "IT companies" must be connected to (or better say integrated within) "my business".

Interestingly some time ago I delivered an ITIL v3 based Service Portfolio Management workshop within a large Financial Institution. In preparing for this workshop we agreed to first focus on the question: "what is a service?". So I started by presenting the ITIL v3 definition of a service: "A means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks.". So far, so good. Then we looked at how to define a service and -more specifically- on how to define the business value of a service. Now when I asked the question "what is the busines value of your e-mail service?" the answer I got is "The e-mail service provides message traffic and storage of e-mail and e-calendaring". Does this describe a business value? Don't think so.

Looking at this sample, one might see it as a proof point that IT is really disconnected from the business and use it to justify a Business Service Management approach. Personally I wouldn't go that far. The only thing that it shows to me in this particular case is that IT is not able to articulate the business value of a service, but that doesn't mean the service doesn't have value or is not being used. On the contrary, the e-mail service sample above is one of the most used and appreciated service in the Financial Institute with an implicit value. Nevertheless and ultimately as one of the results of the workshop we came up with the following definition:

E-mail services provide value to the business when cooperative business communications are conducted without the constraints of location, device or time-zone. Value is created when IT operates for the business a store-and-forward messaging system, so that business employees can compose, send, store and receive e-mails with peers both inside as well as outside the business and in a manner that

  • Is accessible 24 x 7 x 365 across the globe
  • Allows only one outage of max. 5 min per 3 months
  • Enables messages up to 45Mb and mailboxes up to 100Mb
  • Supports protection of business confidential information
  • Ensures data availability and archiving within business policies

Similarly and on a bigger scale, I recently met with another customer (read: a service catalog manager within IT) who asked me to review his service catalog and provide feedback. Of course I accepted this and then found myself reading through a 193 pages thick service catalog printed on paper. When the guy returned after a few days and asked me for my opinion, I said: "Imagine that you are entering a restaurant and ask for a menu card. And when the waiter returns he delivers to you the cookbook of the chef. How would you feel?". He immediately got the point that the service catalog contained way too much information for their business customers. In addition I showed him that there was also information missing in the service catalog. And you probably have guessed this one already: it contained no descriptions of business value whatsoever.

Again also in this situation the reality was that all services in the catalog already existed and were actively being used by the business customers. So why then create a service catalog? Good question. In this particular case the main driver for producing a service catalog was IT's desire to explain what they deliver, however the business didn't ask for a service catalog and also was not involved in the creation. And like Bill Keyworth rightfully stated in The Why & What of Business Service Management: "BSM success is entirely dependent upon the willingness and skill of both IT and business to have an effective two way conversation ...one party without the other is doomed to failure.".

Reading through my samples above and several articles on BSMReview.com, I see a number of very specific issues and symptoms, but am still not sure what the main problem or need is for which we are trying to find a solution under the name of Business Service Management. When we define BSM as "the discipline that aligns the deliverables of IT to the enterprise's business goals" then I wonder what's the value in doing this? And isn't this already happening implicitly ? Is it really possible to define the package of whatever it takes to deliver the expected service to the business community ...in a way that they can understand and appreciate that delivery? To me this sounds a little bit similar like designing the perfect organizational structure, while we all know that this does not exist (otherwise everybody would have it by now...).

I realize that my statements are provocative, however I believe that a good understanding of and interactive discussion around the fundamental problem we are trying to solve should be the starting point for (m)any article(s) on BSM(Review.com). So let's first address the question: "Business Service Management: what's the problem?".

Looking forward to your comments.
Well, here it is: "Why Doesn't the Business Drive BSM? A Value-Driven Business Service Management Maturity Model" >>

BSMReview's Bill Keyworth and Rick Berzle evaluate the management of IT services from the perspective of the business, a.k.a. "business service management."

The negative impact of IT organizations being culturally and functionally disconnected from their business community is escalating, explain the authors.  As evidenced by the push to bypass traditional IT options through Cloud and SaaS initiatives, IT must enhance how technology is provisioned for the business.

The BSM Maturity Model described in this ground-breaking paper covers 5 levels:

bsm levekls

You can download it here for free (registration required) and let us know what you think >>

Compliance?

| No Comments | No TrackBacks
Imagine a company department that works the following way:

  • There is no external salary control - the department decides how much everyone should be paid and gives itself major raises at regular intervals
  • If the department does not like the tax that they have to pay, they change the rules so they don't have to pay any
  • The expense budget is uncontrolled and they can claim for anything they like 
  • If anyone complains they point you at an obscure piece of legislation from the 1600s and say that their department conforms to that
For those of you don't live in the UK, this is how our Government has been run for many years, and is now the subject of a major scandal. I've just watched Tiger on the TV admit that he thought he was beyond the controls that other mere mortals have to abide by. So the next time someone comes and asks you whether your systems are compliant, please don't raise your eyebrows and think they are wasting their time - this stuff is vital. 

Health and Safety, on the other hand, in this country appears to be controlled by a bunch of morons and has unfortunately become a laughing stock. Petty controls are put in place - e.g. you must not run during a race as you might slip!!! - with the result that everyone thinks the whole thing is a waste of time and money.

So what is needed is a sensible set of rules, enforced via a sensible set of controls. That's why I've always liked the combination of ITIL and CobIT. ITIL giving me best practice ideas of what I should be doing and CobIT to check that I'm doing it right/sensibly. Now where do I find the same thing for Governments and Health and Safety? 
Back in 2007 when I was still at BMC Software as Global Best Practices Director I worked with their CTO, Tom Bishop who worked on setting up an industry taskforce to set a standard for CMDB connectivity. As always these taskforces take some time to document their goals and objectives and then to actually release a specification. Well it did take 2 years for the specification to be released. Back in July of this year, the Distributed Management Taskforce (DMTF) gave its approval for the CMDBf specification for supporting federated CMDB systems -- or as ITIL v3 says, a federated Configuration Management System (CMS). In this vision, multiple reconciled sources including management data repositories, discovery systems, etc. can provide a cohesive frame to support more effective service management in its broadest, cross-discipline sense.

The CMDBf specification was first released by the CMDB Federation Workgroup in August of 2007, and the DMTF announced the creation of a working committee around the CMDBf specification on November 27, 2007. The Workgroup included BMC, CA, Fujitsu, HP, IBM and Microsoft in Q3 200. Some vendors left out wondered why they weren't included, but in this case small is beneficial. Keeping the group small was considered essential if progress was going to be made. Knowing how difficult it is to get busy people from different organisations together, I would agree that keeping it small and focused was the only way to get results, and 6 of the largest software vendors in the ITSM space is small, but powerful.  

Looking at the specifics, the CMDBf specification leverages SOA (Service Orientated Architecture) standards such as SOAP (Simple Object Access Protocol ), XML (Extensible Markup Language) schema, HTTP (HyperText Transfer Protocol ), and WS-I (Web Services Interoperability). It describes how APIs (application Program Interface) and calls to CMDB registration APIs can be pre-built into the management data repositories (MDRs) of management tool set providers. In this way, a federating CMDB can access data from a multiple MDRs using the query service defined in the specification. MDRs can push data to a federating CMDB using a registration service. The specification also supports CMDB-to-CMDB federation, as CMDBs can extract data from each other using the query service. In essence, the specification supports data access in a federated mode, as well as bi-directional data sharing across federated CMDBs.

Boy we like using acronyms! This is the first time I've really seen the term "Management Data Repositories" (MDR) used seriously and it's really what the CMS is all about, in my opinion. A term we should use when explaining the CMS to the Business, as it will resonate much more with them.

If such a vision is to become reality, then the industry needs a more consistent approach for federating multiple sources than the current rag-tag mix of adapters, APIs, and other technologies that still make federation, especially federation across multiple brands, such a painful experience.

For more information check out the DTMF announcements here >>
UPDATE: we now have a BSM Maturity Model (registration required) >>

These may not be the latest and greatest, but we found two more depictions of maturity models related to Business Service Management from HP and IBM

I'm sure they have others, but this is what we found (scroll down to the end of the post).

Stay tuned for more.

UPDATE: we now have a BSM Maturity Model (registration required) >>

One of our unstated goals at BSMReview.com is to create a maturity model for Business Service Management and beyond. Of course, this maturity model may differ slightly by industry, but the idea is to create a model which is good enough to create a "common roadmap" for IT and its business partners (yes, we will include cloud services).

To start the discussion, I've brought together some of the traditional thinking from IT 1.0, and some "edge insights" from people like JSB.

To start, let's look at Gartner's IT Management Process Maturity Model from 2005. Looks familiar, doesn't it? What should Level 5 and Level 6 look like? 

maturitymodel_gartner.gif


For nGenera, a few years ago, Vaughan Merlyn created a different sort of maturity model based on demand and supply:
maturitymodel_demand.gif

He asks:

Business demand is also a function of IT supply - low supply maturity will constrain business demand.  For example, an IT infrastructure that is unreliable and hard to use will tend to dampen the business appetite to leverage IT for business innovation and for collaboration with customers and partners.  Typically, if business demand gets too far ahead of IT supply, there will be a change of IT leadership.  On the other hand, if IT supply gets too far ahead of business demand, IT will be seen to be overspending, resulting in a change of IT leadership.  The most common patterns are that at Level 1, business demand leads IT supply; in Level 2, IT supply tends to 'catch up' with and overtake demand, and in Level 3, demand and supply are closely aligned. From the perspective of late 2007, we see the majority of companies at mid-Level 2, some at high Level 2, and a minority at either low Level 3 or high Level 1.  Why are so many at mid-level 2, and seem to be struggling to get to the next level?
Good question. Any ideas?

Then there's Accenture's Service Management Maturity model from their ITILv3 practice - they rightly state that ITILv3's focus is on business results; hence their advocacy for adoption:

maturitymodel_accenture.gif




At Deloitte, JSB and Tom Winans have built an interesting map for "autonomic computing" which is focused on the direction of IT's evolution. It's part of a series of papers on cloud computing. It's a technology maturity model, if you will:

maturitymodel_jsb.gif

Finally, I borrowed this SOA Maturity model from Infosys:
maturitymodel_infosys.gif


Taken together, we have enough food for thought and discussion, don't you think? I have this silly notion that a business service management maturity model must begin and end not with IT but the business.  And cloud computing will certainly play a giant role in this transformation from physical datacenter to cloud service grids.  And of course we'll still have to worry about compliance and security.

Once again, I'll defer to the JSB and Winans vision for the future.  After we get to autonomic computing, then comes the service grid:

maturitymodel_jsb2.gif



If I understand correctly, here's what they're saying: technology platforms will be business platforms.

With that, let's ask once more: what does a Business Service Management Maturity Model look like to you? 

UPDATE #1:

HP has an ITIL-view which is evolutionary:

maturitymodel_hp.gif

UPDATE #2:

IBM
gives us a look at a maturity model developed by Macehiter Ward-Dutton:

maturitymodel_ibm.gif

Stay tuned.

Goodbye ITIL v2.

The OGC has announced the date and time of the end:

OGC has considered these findings alongside its own requirements for the maintenance of the ITIL product set, and agreed that:

a. Withdrawal will be product based, with all language variants for individual qualifications and publications being removed at the same time.
b. Removal of version2 will complete on 30 June 2011. Specific product withdrawal will be as follows:

  • V2 Foundation to cease 30 June 2010
  • V2 Manager to cease 31 August 2010
  • V2 Practitioner to cease 31 Dec 2010 
  • Foundation Bridge to cease 31 Dec 2010

I wonder if they followed the ITIL v3 guidelines for a Service Lifecycle, specifically the part about Service Transition:


lifecycle.gif

They must not have read Bill's Mitigating Risk for End-of-Life Technology.
Business Service Management (BSM) is a process, a mindset, not a product (as Peter Armstrong would say) so it is not a technology in the first place.  It is strategic, however, so let's take a quick look at each of Gartner's choices and ask:

"What has this got to do with BSM?"

Gartner's Top 10 Strategic Technologies for 2010

Cloud Computing. Cloud computing is a style of computing that characterizes a model in which providers deliver a variety of IT-enabled capabilities to consumers. Cloud-based services can be exploited in a variety of ways to develop an application or a solution. Using cloud resources does not eliminate the costs of IT solutions, but does re-arrange some and reduce others. In addition, consuming cloud services enterprises will increasingly act as cloud providers and deliver application, information or business process services to customers and business partners.
My two cents: Managing cloud services demands that companies must have a BSM strategy which can monitor and manage the physical datacenter, virtualization, and the cloud - whether it be public, private, or hybrid. We need ITIL in the Cloud and robust Cloud Service SLAs.

Advanced Analytics. Optimization and simulation is using analytical tools and models to maximize business process and decision effectiveness by examining alternative outcomes and scenarios, before, during and after process implementation and execution. This can be viewed as a third step in supporting operational business decisions. Fixed rules and prepared policies gave way to more informed decisions powered by the right information delivered at the right time, whether through customer relationship management (CRM) or enterprise resource planning (ERP) or other applications. The new step is to provide simulation, prediction, optimization and other analytics, not simply information, to empower even more decision flexibility at the time and place of every business process action. The new step looks into the future, predicting what can or will happen.

My two cents: OK, so now we know how to compete on analytics. But the decision-making process is much more complex than most people expected. Analytics are fine, but what we need is refined insight and critical understanding.  The Big Shift Index tells us about what we haven't thought about measuring yet! Where's BSM in all of this? Well, if your CRM and yoru ERP systems are mission-critical, then BSM ensures they deliver on their promise when you need it.

Client Computing. Virtualization is bringing new ways of packaging client computing applications and capabilities. As a result, the choice of a particular PC hardware platform, and eventually the OS platform, becomes less critical. Enterprises should proactively build a five to eight year strategic client computing roadmap outlining an approach to device standards, ownership and support; operating system and application selection, deployment and update; and management and security plans to manage diversity.

My two cents: Anytime, anywhere, on any device. BSM must be an integral part of managing virtualization to avoid virtual sprawl, if nothing else. Of course there's the end-user experience that needs monitoring as well.

IT for Green. IT can enable many green initiatives. The use of IT, particularly among the white collar staff, can greatly enhance an enterprise's green credentials. Common green initiatives include the use of e-documents, reducing travel and teleworking. IT can also provide the analytic tools that others in the enterprise may use to reduce energy consumption in the transportation of goods or other carbon management activities.

My two cents: Virtualization and Cloud computing will help IT become greener faster, by reducing the datacenter footprint.  And virtual collaboration can reduce carbon emissions. Isn't optimizing asset usage a BSM function?

Reshaping the Data Center. In the past, design principles for data centers were simple: Figure out what you have, estimate growth for 15 to 20 years, then build to suit. Newly-built data centers often opened with huge areas of white floor space, fully powered and backed by a uninterruptible power supply (UPS), water-and air-cooled and mostly empty. However, costs are actually lower if enterprises adopt a pod-based approach to data center construction and expansion. If 9,000 square feet is expected to be needed during the life of a data center, then design the site to support it, but only build what's needed for five to seven years. Cutting operating expenses, which are a nontrivial part of the overall IT spend for most clients, frees up money to apply to other projects or investments either in IT or in the business itself.

My two cents: See previous two cents <<

Social Computing. Workers do not want two distinct environments to support their work - one for their own work products (whether personal or group) and another for accessing "external" information. Enterprises must focus both on use of social software and social media in the enterprise and participation and integration with externally facing enterprise-sponsored and public communities. Do not ignore the role of the social profile to bring communities together.

My two cents: Have you noticed that Twitter is having availability issues lately?  I wonder if they use ITIL or BSM?  Same story on Facebook. Maybe they use ITIL-Lite.  There are unfortunately, some documented productivity issues with social computing, but we have an effective solution for improving knowledge-worker productivity.

Security - Activity Monitoring. Traditionally, security has focused on putting up a perimeter fence to keep others out, but it has evolved to monitoring activities and identifying patterns that would have been missed before. Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements. A variety of complimentary (and sometimes overlapping) monitoring and analysis tools help enterprises better detect and investigate suspicious activity - often with real-time alerting or transaction intervention. By understanding the strengths and weaknesses of these tools, enterprises can better understand how to use them to defend the enterprise and meet audit requirements.

My two cents: See this survey on security management best practices.

Flash Memory. Flash memory is not new, but it is moving up to a new tier in the storage echelon. Flash memory is a semiconductor memory device, familiar from its use in USB memory sticks and digital camera cards. It is much faster than rotating disk, but considerably more expensive, however this differential is shrinking. At the rate of price declines, the technology will enjoy more than a 100 percent compound annual growth rate during the new few years and become strategic in many IT areas including consumer devices, entertainment equipment and other embedded IT systems. In addition, it offers a new layer of the storage hierarchy in servers and client computers that has key advantages including space, heat, performance and ruggedness.

My two cents: Wrong? We're going to see cloud storage take over this area, and it may or may not use flash memory.

Virtualization for Availability. Virtualization has been on the list of top strategic technologies in previous years. It is on the list this year because Gartner emphases new elements such as live migration for availability that have longer term implications. Live migration is the movement of a running virtual machine (VM), while its operating system and other software continue to execute as if they remained on the original physical server. This takes place by replicating the state of physical memory between the source and destination VMs, then, at some instant in time, one instruction finishes execution on the source machine and the next instruction begins on the destination machine.

However, if replication of memory continues indefinitely, but execution of instructions remains on the source VM, and then the source VM fails the next instruction would now place on the destination machine. If the destination VM were to fail, just pick a new destination to start the indefinite migration, thus making very high availability possible. 

The key value proposition is to displace a variety of separate mechanisms with a single "dial" that can be set to any level of availability from baseline to fault tolerance, all using a common mechanism and permitting the settings to be changed rapidly as needed. Expensive high-reliability hardware, with fail-over cluster software and perhaps even fault-tolerant hardware could be dispensed with, but still meet availability needs. This is key to cutting costs, lowering complexity, as well as increasing agility as needs shift.

My two cents: Now this is a BSM play if there ever was one!

Mobile Applications. By year-end 2010, 1.2 billion people will carry handsets capable of rich, mobile commerce providing a rich environment for the convergence of mobility and the Web. There are already many thousands of applications for platforms such as the Apple iPhone, in spite of the limited market and need for unique coding. It may take a newer version that is designed to flexibly operate on both full PC and miniature systems, but if the operating system interface and processor architecture were identical, that enabling factor would create a huge turn upwards in mobile application availability.

My two cents: Anytime, anywhere, on any device.  Didn't I write about that a few seconds ago? And don't we need our CMDB to track all these diverse devices and apps?

As you can see, I've attached Business Service Management (BSM) as an enabling IT strategy for just about all ten of Gartner's Strategic Technologies for 2010. And of course if it's a service provided by IT or even an external service provider, we're still going to need a Service Catalog for 2010. More on that in a later post.

Israel, where do agile practices fit into this? Just about everywhere as well?

security survey

Chrisan
's friends over at the Enterprise Strategy Group shared this security best practices report with us. Let us know what you think.

About this Archive

This page is an archive of recent entries in the IT Infrastructure Library (ITIL) category.

IT Humor is the previous category.

IT Operations Management is the next category.

Find recent content on the main index or look in the archives to find all content.

Pages