IT Operational Excellence
When IT departments are tuned to run their best, they achieve more, spend less and drive success back into the organisations they support.
IT operational excellence is an approach that helps to ensure IT departments run efficiently and deliver great service. Without an operational excellence philosophy, IT departments lack vision and strategy, are slow to adapt and are more likely to be bogged down by trivial issues.
Achieving IT operational excellence isn't about implementing one particular framework. It is a mindset geared towards continuous improvement and performance that incorporates multiple principles designed to align team goals around delivering value to the customer.
IBRS can help organisations achieve IT operational excellence by revealing the most effective ways to leverage resources and identify the most valuable activities and differentiators in a given IT team.
IBRSiQ is a database of client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.
- Details
- Mike Mitchelmore
Conclusion:
This month, a high level of IT industry executive and senior staff movement, and hires, has been evident. The high demand for IT solutions has driven greater choice for customers when selecting targeted and cost-effective services. Changes that occur in key IT industry areas, particularly senior roles in service providers, must be met with the evolution of these roles to parallel key customer priorities. Customers rely on vendor-based efforts to maintain a solid customer experience. During a time of change, vendors must reassure customers they are focused on driving business results for their clients, as well as themselves.
- Details
- Irene Pimentel
Conclusion:
With the release of IT infrastructure library (ITIL) V4 and the innovation and agility provided from DevOps, all organisations need to review, and where necessary revitalise, the implementation of change control mechanisms in line with the release of ITIL V4.
To leverage the value of IT Service Management (ITSM), it can not be set-and-forget. The increased maturity of ITSM with the adoption of ITIL V4 allows organisations to incorporate innovative approaches such as DevOps into the services value chain. To achieve this, organisations need to be pragmatic in their application of ITIL to effectively control work practices such as DevOps without allowing bureaucracy to stifle innovation.
- Details
- Mike Mitchelmore
Conclusion:
With user data growing into massive volumes, consumer privacy regulations have been introduced allowing users to know what and how their personal data is being collected, used, and sold to whom. To comply with legislation, organisations employ consent and preference management. By managing users’ consent and preferences, enterprises can establish trust, credibility, and prioritise security through centralised measures, while ensuring better personalisation and self-service features for the benefit of users.
- Details
- IBRS Advisor Team
IBRSiQ is a database of client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.
- Details
- Mike Mitchelmore
Conclusion:
A successful low-code Centre of Excellence (CoE) is composed of people across multiple disciplines in the organisation, each with assigned roles and responsibilities based on domain expertise. The CoE team structure supports effective collaboration that champions continuous improvement1 in the enterprise. However, roles and responsibilities vary depending on an organisation’s budget, and needs as it eventually grows into a matured CoE.
- Details
- IBRS Advisor Team
Conclusion:
As the low-code market consolidates, robotic process automation (RPA) is becoming integrated within the low-code application development tools, low-code integration tools, and pre-built AI services. Together, these tools form the spectrum of services that make up an operational fabric for fourth-wave ICT – what IBRS refers to as the low-code spectrum.
Since RPA enables new automations and processes to be built, it quickly becomes a critical part of an organisation’s enterprise software architecture. Even when an RPA tool is purchased just to solve one specific task, it typically becomes reused for other automation tasks.
- Details
- IBRS Advisor Team
Conclusion:
The challenges of delivering good IT in the modern marketplace1 has resulted in a shortage of key skills in the market, greater mobility in the workforce between employers, and an environment where the cost of sufficient IT servicing is unaffordable for many. Permanent employees are hard to retain, and investment in skills uplift of staff can be seen as a risk. Organisations are finding it harder to recruit and retain the right skills, not only for resourcing of projects, but also for resources needed to support business as usual.
The 2022 workforce market has resulted in many organisations reassessing how they recruit, manage, and remunerate their workforce. The concept of an organisation developing a workforce plan based on a permanent workforce for business as usual, with contract resources for surge capability to run projects, seems to no longer work. Do organisations need to pay above the market to attract skills, or is there an option to change how skills are acquired such that productivity, not the hourly rate, is key.
- Details
- Mike Mitchelmore
Conclusion:
For IT departments who see no difference in the way they operate now under IT infrastructure library (ITIL) 3 vs ITIL 4, there should be an immediate scrutiny of the documented process and methodology of addressing customer requirements. ITIL 4 practices need to become part of the fabric when engaging the business on digital solutions as best practice can easily come from, or be influenced by, vendors outside the business. The outcome for IT is routinely playing catchup when it comes to selecting the best value IT solutions for the business and customer application.
ITIL 4 moves the conversation from simply an IT solution to a holistic framework that aligns service to business requirements. The framework incorporates the guiding principles, four dimensions of service management practices that can evolve and adapt to the increasingly digital landscape now expected by customers in a mobile, 24/7 world. Business requirements, when analysed through the ITIL 4 lens, can create responses with a supportable and reliable business case for change.
- Details
- Mark Unwin
Conclusion:
This month, discussions regarding significant technology industry growth in 2022, particularly the second half of the year, have been prevalent. An increase in sales, design, and implementation projects has been flagged, as well as recurring revenue streams. As customers begin to pull out of uncertainties, there has been a focus on building solutions that are sufficiently scalable, robust, and secure to withstand future unforeseen issues. There has also been an emphasis on increasing value by managing the cost base of projects and promoting business growth. In order to support this type of demand, vendors must take into account customer preferences for building their own solutions that can be integrated into existing products and services, followed by how to assist customers when utilising solutions to generate demonstrable value for organisations.
- Details
- Irene Pimentel
Conclusion:
Information asset categorisation (IAC) builds the capabilities of an organisation to establish guardrails for more efficient data governance practice. It is at the heart of addressing the changing risks of information management due to the rapid update of collaboration tools and hybrid working.
However, poor acceptance by stakeholders can be an issue, eventually putting information trustworthiness and security at risk. It takes more than just a change of organisational culture or management practises to entrench IAC. Clearly defined roles among the ICT groups and other members of the organisation are needed to achieve the security, privacy, and information governance benefits that IAC can deliver.
- Details
- IBRS Advisor Team
Conclusion:
A low-code Centre of Excellence (CoE) is not just about getting people to use low-code platforms. Rather, it provides leadership, support, training, and best practices that address innovation and continuous success within the organisation. It is crucial for an organisation to establish a CoE, especially when the need to concentrate expertise is fundamental to reduce operational and knowledge silos in the workplace.
A CoE provides recognition and authority as the centre of management competency in the organisation. By delivering best-practice methodologies, standards, and tools to enable teams to effectively deliver projects, it can best support business outcomes (sales, services, etc.) as well as ensure compliance and business integrity. By aligning the CoE’s goals with that of the organisation’s, processes can be more easily improved or changed to meet the demands of a post-COVID-19 environment, where agility, compliance, and business integrity are essential.
- Details
- IBRS Advisor Team
It is a mistake to view Office 365 as simply a move to subscription licensing and Cloud-based services. Organisations that simply view Office 365 in this way fail to obtain value from the technology, and continue with business as usual, albeit with an increase in cost and licensing.
- Details
- Joseph Sweeney
We all know data is important and its usage is often the difference in highly competitive markets and behind efficient business operations. Regardless of the importance, many organisations struggle to get started using their data holdings, either due to the overwhelming complexity of the environment or the security concerns that come with the data domain and discipline.
Following on from his 'Data Management Maturity Framework' advisory paper, IBRS advisor David Beal conducted a webinar where he shares his approach to the data journey across six data streams:
- Systems and resources
- Governance and compliance
- Master data
- Data security
- Data quality
- Data visualisation and BI
In the webinar, David takes a practical and informative look at data management. Please find below a full video of the webinar.
- Details
- David Beal
Conclusion: This month, discussions regarding partner-led growth through alliances and acquisitions have been prominent. Being selective with these types of relationships can allow for increased access to clients, service providers, and an expanded skills base. However, the rapid deployment of new resources through partnerships and acquisitions can add complexities, reduce visibility and increase security risks when consolidating internal business processes, or products and services. Challenges associated with conflicts and vulnerabilities when bringing organisations together, in any way, must be addressed with ongoing skills growth, as well as resources and management structures to support complex and changing environments.
- Details
- Irene Pimentel
Conclusion: Accrued technical debt can have a severe impact on operations when left unattended. Unless organisations acknowledge the existence of technical debt and set a strategy to address it and minimise its impact, they can end up paying far more for remediation. By learning how to measure technical debt, organisations can start identifying its root causes and develop strategies that become a part of their development process.
- Details
- IBRS Advisor Team
Conclusion: Don’t be the last organisation to assess the trajectory of email and other electronic communication strategies and solutions. As awareness of CO2 emission sources grows, communities and governments will be considering both large and small changes to achieve a net zero emissions target by 2050. New challenges will be presented to measure large industry specific Greenhouse CO2 emissions and smaller seemingly innocuous sources such as email.
Moving forward, upcoming generations will challenge the use of email as the primary communications channel and opt for more flexible, integrated communications channels. The tools will focus on aiding collaborations within and outside the organisation, and streamlining email overload. Much of this has already started, with vendor integration seeing emails as one element of a multi-functional approach to electronic communications. Digital marketing, customer relationship management, singularity workflows, workforce management, and project management Software-as-a-Service (SaaS) developers are all embedding emails, chat, social media, Agile Kanban boards, and emerging communication methods within their products to engage future generations in the way they experienced prior to joining the workforce.
- Details
- Mark Unwin
Conclusion:
This month, discussions regarding the need for improved security efforts have been prominent. Analyses of security concerns in 2021 have shown a significant increase in cyber security and ransomware attacks. Annual reviews have flagged a changed threat landscape, with attacks increasing in volume and severity. There has also been an escalation in the magnitude of highly targeted attacks, possessing clearer objectives which provoke more serious overall impacts. As attacks have become more prolific and aggressive, organisations are demanding a wider range of higher quality security services that can be tailored to individual needs. Customers are acknowledging that without strategic changes and significant action, the increase in security incidents witnessed in 2021 will continue throughout 2022.
- Details
- Irene Pimentel
Conclusion:
This month has seen increased discussions regarding the need for digital transformation in the face of changing customer needs. Distributed workforce environments, ongoing shifts in operational structures, and the need to respond to customer demands quickly have driven the need for transformation efforts. Reduced costs, improved service levels, and differentiation have become priorities for organisations, with a focus on utilising technologies that can support business changes whilst retaining the resiliency of internal solutions. Organisations are also prioritising reduced infrastructure deployments and the elimination of dependency on technologies that can become dated, unstable or unable to support changes in business operations. Vendors have found the provision of adaptive platforms that are tightly integrated are in high demand. Service providers need to leverage a range of solutions that can slot together and are sufficiently flexible to adapt and be altered to meet changing customer needs quickly, all at once maintaining solution resiliency.
- Details
- Irene Pimentel
Conclusion: This month has seen an increased focus on discussions regarding supply chain disruptions. While demand for ICT products and associated services remains strong, if supply chain issues cannot be averted or accommodated, disruptions experienced can have an adverse impact on a business’ ability to operate. Supply chain issues, as well as sudden shifts in supply or demand can impact on sales and general company operations. To ensure the continued delivery of business-critical products and services, digital transformation efforts are required to reduce the impact of supply chain disruptions and minimise effects on business operations. Vendors can assist with establishing protocols, supply chain resilience and maintenance as well as ensure a well-managed supply chain remains a business priority.
- Details
- Irene Pimentel
Conclusion: One of the immediate effects of the COVID-19 pandemic was the closure of offices and the move to remote working conditions. Some businesses were able to immediately execute this as part of their business continuity plan (BCP). Now that the crisis has become the business-as-usual state, challenges have also begun to appear and BCPs need revising to adapt to this new situation.
The employer’s ability to provide the right set of tools goes back to technology and infrastructure investments made prior to the crisis. With a huge percentage of the population online, not just businesses but also schools, government agencies, and communities, there may be a need to update systems and invest in more infrastructure. However, it will not be as easy as purchasing products. It requires understanding workforce behaviour, emerging needs, and trends. As with any change, it will be crucial to maintain organisational culture and connection.
- Details
- Mike Mitchelmore
Disaster Recovery (DR) planning is much more than just developing a DR plan. Building your organisation’s maturity to successfully recover from a disaster scenario is an exercise in continuous improvement. Recently, IBRS hosted a webinar to address four IBRS advisory papers focusing on the steps needed to successfully plan for DR and build the maturity of the organisations DR planning processes. The end game; to improve the likelihood of mitigating an ICT disaster event to ensure business success. Disaster Recovery Must Work!
- Details
- Mike Mitchelmore
Conclusion: This month has seen a rise in outsourcing project implementations. In particular, the completion of migration, consolidation and transformation efforts have been prominent. Whilst this work is critical, developing, then commencing and conducting successful projects can be difficult. After completion, ongoing monitoring and assessment of projects is required. Without careful planning and strategic approaches to align new projects with business objectives, organisations can be vulnerable to technical capability gaps, as well as inappropriate systems and tools that fail to fulfill technical objectives. Hasty, short-term solutions can result in partially implemented or inadequate systems that can decrease a company’s ability to innovate, reduce the capacity to respond to competitive threats, and excessive, unexpected costs. When planning projects, it is important to engage specialists that can assist with a strategic, long-term approach to project planning, implementation, and ongoing review.
- Details
- Irene Pimentel
When your business faces a disaster it is key to address the issue head on. You must first understand who's problem it is to solve and create an effective disaster recovery (DR) plan. Both business and ICT need to be comfortable that the DR plan has been verified to ensure a reasonable expectation that recovery will be successful. IBRS has created a 4 part series to help organisations plan for and recover from disasters successfully. Download the 'Disaster Recovery Must Work Ebook' and prepare your organisation.
- Details
- Mike Mitchelmore
Conclusion:
This month, discussions regarding mergers and acquisitions have been prominent, in particular the high level of activity in ICT services companies. A number of companies have attributed growth to past acquisitions, announced intentions to acquire particular firms or flagged acquisition activity as a strategic priority. Associated actions, such as rebranding, restructuring, and capital raising efforts have also been discussed. The need to remain competitive in current environments, utilising mergers and acquisitions to help evolve businesses has become clear. These transactions can be highly beneficial when expansion plans include re-engineering core business lines, or developing new and targeted specialisations. However, when looking into acquisitions, it is important to plan carefully, intertwine activities with current company strategies and ensure a balance between a company’s existing strengths and stretching newly acquired specialities.
- Details
- Irene Pimentel
Conclusion:
In the modern business landscape, ICT products and services are becoming more and more critical to the success of the business. It is now more common than not that ICT products and services are being delivered through outsourcing of some kind, using Software-as-a Service (SaaS) or Cloud service providers (CSPs). Innovating improvements to the business can become a challenge when your organisation is tied to delivery of ICT services under contract; most very specific in nature but key to delivering success.
The key to successful innovation is situational awareness across both the business and the ICT environment. The result of being able to achieve situational awareness will enable both business units and ICT to innovate with their eyes wide open to both the opportunities and constraints impacting the business. The true cost and time to market the innovation presents, can then be clearly understood against the benefits envisaged.
- Details
- Mike Mitchelmore
Conclusion:
This month, discussions regarding security threats to third party suppliers have been prominent. With malicious actors targeting new technologies and work methods, it has become critical for customers to assess and conduct ongoing reviews of third party supplier security prior to establishing partnerships, particularly critical systems providers. A rigorous security strategy and ongoing maintenance is required to safeguard customer data and internal systems. Third party suppliers require the ability to deal with irregular activities, as well as technical controls and policies that correlate with their customers. Supplier vulnerabilities can result in operations and compliance risks, necessitating professionals to develop, implement and audit third party risk management strategies and processes. It also requires security professionals to conduct ongoing audits, establish plans for third party incident responses, and the implementation of restricted access mechanisms. Customers can strengthen their resistance and attack containment mechanisms with professionals to help detect, analyse, contain, and respond to security threats.
- Details
- Irene Pimentel
Conclusion:
Part four in this series of advisories looks at how to improve the disaster recovery (DR) planning maturity of your organisation. The focus of improving maturity in DR planning is to improve your probability of successfully meeting the needs of your business in the event of a disaster. Ensuring your DR plan (DRP) and business continuity planning (BCP) are fully integrated and that all elements of the organisation have a high degree of familiarity with DR processes.
Importantly, your organisation must understand that maturity is both a journey and a target. To maintain the target maturity, your organisation must put in place a number of strategies that will be continually repeated to ensure the target is both met and maintained.
- Details
- Mike Mitchelmore
Conclusion:
When considering the level of Microsoft/Office and licensing, the biggest conundrum is generally around E3 versus E5 licensing. E3 licensing is closest to the capabilities organisations have had with perpetual licensing for the Office Pro suite. E5 licensing adds a slew of new services, including security, analytics, and advanced e-discovery and enterprise voice.
- Details
- Joseph Sweeney
Conclusion:
Part three of this four part series looks at how the disaster recovery (DR) plan can be verified. The DR plan is in effect a contingency plan to deal with risk of a disaster. The DR test plan is a validation of the preparedness of the organisation to address these risks.
The need to have a DR plan verified is therefore essential if the contingency is to be effective. Just having a plan in place is not enough to mitigate the risk. The plan must be tested and verified as part of business as usual (BAU) to both increase familiarity with the plan, its standard operating procedures (SOPs) and processes, and most importantly, improve the likelihood of success.
- Details
- Mike Mitchelmore
Conclusion:
This month, discussions regarding security threats to managed services providers (MSPs) have been prominent. In the past, cyber criminals and ransomware gangs have targeted MSPs to gain access to corporate networks. Outsourcing IT administration can leave clients vulnerable when MSPs are given highly privileged access to customer systems. Remote management tools can also leave vendors open to attacks. It is imperative that MSP offerings and managed services provide a comprehensive and dedicated suite of technologies and skills to defend vendor security. A clear strategic approach for clients is necessary in order to address the difficulties associated with recent security threats.
- Details
- Irene Pimentel
Conclusion:
Chargeback of enterprise-wide ICT costs were developed to assign ICT costs to the point of usage. The outcome is twofold; it ensures the initial allocation of ICT assets and services are identifiable, and it enables reallocation of underutilised or unnecessary services. This relies on IT creating assets and services which are commodified and transferable.
A chargeback arrangement can increase tension between ICT and the department managers. Allocating all ICT costs to achieve a zero-sum IT department can exacerbate that tension. Making IT fully responsible and accountable for IT costs can create insular behaviours which stifle innovation and investments in new IT services for departments. Departments will feel entitled to explore ICT improvements without an effective relationship with IT. Creating a chargeback governance model that manages disputes and builds trust in the process is preferable.
- Details
- Mark Unwin
Conclusion:
This month, discussions regarding changes to company structures and operations have been prominent. An increased demand for transformation and internal enhancements has prompted managed service providers to further develop their firms. Streamlining and redeveloping customer products and offerings to meet specific targets has been a particular focus, as well as using predictive techniques and tools to respond to customer needs. In an effort to meet demands, service providers require transparency with customers, and improved offerings for their clients and business partners. This will assist vendors when delivering products, services and support to their customers, and drive their productivity and growth.
- Details
- Irene Pimentel
Conclusion:
Virtual Desktop Infrastructure (VDI) implementation involves identifying whether VDI can be done internally or outsourced through a third party, seeking out and engaging a supplier, and finally, determining the cost-effective and efficient way to deploy the service.
- Details
- Joseph Sweeney
Conclusion:
The need to have a disaster recovery (DR) plan that is understood, agreed, and jointly owned by all elements of the organisation is essential in preparing for a disaster event. An effective DR plan will focus on managing the risk associated with completing a successful restoration and recovery in a time, and to a level of effectiveness, acceptable to business.
To ensure the plan is effective at mitigating the risks associated with completion of restoration and resumption of services after a disaster event; the DR plan must also clearly identify how the plan is to be verified and therefore reduce the risk of not completing a successful disaster recovery.
The key focus of the DR plan must always be about the restoring delivery of business functions. The technical delivery may be from ICT services on-premise, outsourced providers, or Cloud. Regardless of technical delivery to business, the impact of an ICT disaster event needs a verified plan!
- Details
- Mike Mitchelmore
Conclusion:
This month, discussions regarding an increased demand for disaster recovery, business continuity and work management solutions has been prominent. While the pandemic has triggered fundamental IT changes in an effort to resolve gaps and vulnerabilities, the accelerated rate of digital transformation and migration efforts has resulted in shortfalls when planning and establishing new work environments. Vendors have found difficulties maintaining business processes when unforeseen or extreme events occur. Combined with management solutions that cannot cater to all scenarios and a lack of clarity regarding customer responsibilities when responses to operational failures are required, difficulties have arisen for service providers. This requires vendors to provide more detailed and clearer disaster recovery and business continuity plans for customers, as well as specialised management tools and associated resources to implement solutions and responses. It is also critical for vendors to communicate with customers to facilitate the recovery of processes and ensure all business systems can be utilised in new and dispersed working environments.
- Details
- Irene Pimentel
We all hear that data is growing at exponential rates, and so too is the demand and complexity of data management practices. But does this mean you need to obtain the highest levels of data management and buy into the most sophisticated tool?
- Details
- David Beal
Contract management can be more than just record keeping. When done well, it can enable organisations to explore the best ways to optimise their investments when conditions change.
This capability proved essential for the Australian government when COVID-19 hit, with investments in all manner of services and infrastructure being needed almost overnight.
IBRS interviews ZEN Enterprise, an Australian niche contract management solution vendor, and the contract manager from a large Australian agency to tease out the benefits and challenges of advanced contract management in an age of rapid change.
- Details
- Joseph Sweeney
IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.
- Details
- Joseph Sweeney
Conclusion
With the growth of dependence on ICT for business to perform effectively, many organisations have increased risk associated with the ability of ICT to provide service continuity. ICT downtime means business is negatively impacted. Many organisations believe the DRP is a problem that is ICTs to solve. Whilst ICT will lead the planning and do a lot of the heavy lifting when a disaster occurs, it can only be successful with the assistance and collaboration of its business partners. It will be the business that sets the priorities for restoration and accepts the risk.
Both business and ICT need to be comfortable that the disaster recovery (DR) plan has been verified to ensure a reasonable expectation that recovery will be successful.
- Details
- Mike Mitchelmore