CHAPTER 5: CASELET #2 - RESOURCE OPTIMIZATION
IT Issue: A managed service provider delivers outsourced IT services for mid-market companies primarily in the manufacturing sector. This is a multi-tenant provider with two primary data centres. Reacting to a market opportunity identified by the Board nine months ago, this company hastily launched a new major SaaS offering in order to gain market share.
The company conducted a vendor selection for the core functionality and contracted with multiple consultants to complete the customization required to provide the value-add aspects of the new service. Many key resources were reassigned to the new effort with little backfilling. In an effort to save costs, many infrastructure decisions were deferred, opting to simply use as much of the current infrastructure capacity as possible to support the rollout. There was very little demand planning used to understand usage patterns or growth estimates.
Since the launch of the new service, multiple issues have surfaced:
- Customers have complained that the performance of the service is slow and the user experience is poor.
- Tier one support staff are overwhelmed with issues and requests that cannot be resolved at their level and must be escalated to the vendor, resulting in missed service levels.
- Other key areas of the IT function are understaffed due to the reassignment of key talent to support the SaaS launch, causing customer complaints in areas that were previously efficient.
The Five Anchors
| Anchor | Discussion |
I. Strategic Alignment: IT Services to Business Objectives |
|
1. What are the business strategy, goals and objectives? Are there any measures that demonstrate the achievement of the business strategy, goals and objectives? |
• From a high-level, this organization is trying to gain market share as quickly as possible by launching SaaS services. This is a classic example of “Shoot, Shoot, Shoot, Ready, Aim.” There really is no definite strategy for these actions. Obviously some sort of a management system is needed as well as a concerted effort to define and control actions. • COBIT5: APO02 • ISO20K: Implied through the fulfillment of service requirements (4.0) • ITIL: SS 3.4, 4.1; SD 3.5 |
2. What is the business issue, or activity at risk? |
• The very real threat is to the ongoing service delivery and customer satisfaction. Worst scenario, this managed service provider is at risk for continued solvency. |
3. Is the ownership to resolve the issue at the appropriate level of authority? |
• Unknown with the information provided. |
II. Security, Compliance, and Risk Issues |
|
1. Has there been a compromise of the information security policy? |
• The threat is very real, but it is unknown. We may be able to assume that since there have been no security incidents, that this is not a major factor. More data and information would be necessary to definitively answer this question. |
2. What are the internal and external compliance or regulatory concerns? |
• This is a multi-tenant service provider with multiple contracts. We do not know the type of service or level of regulatory controls (i.e. PCI/DSS, HIPPA, SOX, SSAE, etc.) but we would certainly address those legal and/or statutory requirements or other contractual obligations to provide a scope of operations for the improvement efforts. |
3. What is the cultural appetite for risk? |
• Obviously it’s recklessly high and perhaps management needs to step back a bit and redefine their service delivery and management to better fit the SaaS environment. |
III. Value-based Portfolio |
|
1. Does the current portfolio meet expectations and needs of the stakeholder? |
• At this point, the answer is “No” and it is based on customer feedback and staffing issues. This is an area that needs defined improvements. • COBIT5: EDM02, APO05 • ISO20K: 4.4, 7.1 • ITIL: SS 3.5, 4.2, 4.5; SD 3.4, 3.5 |
2. What is the value of that business activity (VBF)? |
• It is their line of business, thus this SaaS service requires absolute control and management. |
3. Does the portfolio have the right mix of resources to deliver business benefit? |
• At this point in time, perhaps, but they are not being managed or optimized for customer or service provider benefit. Management needs to define the necessary level of competencies to support the SaaS service as well the other services in their catalog. Appropriate relationship management with the customer needs to be improved (e.g. relationship managers, better training, better information on the new service, etc.). • COBIT5: EDM04, APO07, APO08 • ISO20K: 4.1, 4.4, 7.1 • ITIL: SS 4.5, SD 4.5, 6.5, C.12 |
IV. Design and Architecture |
|
1. Will the current architecture effectively resolve the issue? Is it feasible? |
• No. The current architecture did not consider any forecasted demand which is causing the current issues. Therefore, logically, new plans to support the SaaS service as well as improve the delivery of all services to restore customer confidence and satisfaction must be developed and deployed. • COBIT5: APO03, APO09, APO10, BAI04 • ISO20K: 6.1, 6.3, 6.5, 7.2 • ITIL: SD 3.4, 3.5, 4.1, 4.3, 4.4, 4.5, 4.8; ST 4.2 |
2. Can the current architecture accommodate the issue? |
• No, see directly above. |
3. Do we have the necessary competencies to design the required change(s)? |
• Unknown – staff were moved to address the new initiative and external consultants were also used. Knowledge transfer did not occur nor were staff backfilled when they were moved. A serious look must be made around the necessary resources to continue to deliver all services. • COBIT5: APO07 • ISO20K: 4.4, 4.5.2, 4.5.3, 5.2, 5.3 • ITIL: SD 4.5, 6.5, N.12 • SFIA (www.sfia.org.uk): SFIA is an internationally accepted framework around skills and competencies within IT, matching areas of work to levels of responsibility. It is a wonderful tool for organizational skills management. |
V. Planning and Use of Resources |
|
1. What resources are required to resolve the situation (e.g. people, capital, technical…)? |
• A full review of all resources (e.g. people, capital, technical, etc.) is required. • COBIT5: APO07 • ISO20K: 4.4 • ITIL: SD 4.5; ST 4.2 |
2. Can the required resources be acquired? |
• Of course. To ensure efficiency and economics, competencies and an accurate technical design are required BEFORE resources are procured. • COBIT5: APO07 • ISO20K: 4.4, 4.5.2, 4.5.3, 5.2, 5.3 • ITIL: SD 4.5 |
3. Is the necessary data and information available, collected and managed to resolve the current situation and prevent future occurrence? |
• We certainly know what’s wrong, but now we need to act in an efficient, effective and economic manner. The “shoot from the hip” actions that created the SaaS service must be curtailed and a process to support all services and service provider activities must be created. • COBIT5: BAI08, Information Enabler • ITIL: ST 4.7; CSI 3.9 |
Improvement Model Application
Deming’s PDCA comes to mind immediately in this situation – planning was omitted and now there are definite issues. To correct, the plans to support the SaaS service, as well as the remaining service catalogue, must be created to ensure not only the technology is addressed – address staff competencies as well as their roles and responsibility. Deploy (do) this plan in an organized and controlled fashion to mitigate impact on current service delivery (as bad as it is – don’t make it worse!). Lastly, as plans are developed, ensure there are quality measures (check) in place to enable clear reporting on the performance of the services from a technology and a customer satisfaction view. Act on those reports and deploy improvements as needed.
ISO/IEC 20000-1:2011 and ISO/IEC 20000-2:2012 offer clear and concise guidance around PDCA. Additionally, this information is coupled with the overall concept of a service management system, further reinforcing the need to clearly define leadership roles, policies and communication. Design and transition of new and changed services (Clause 5) offers a high-level overview of moving from a concept to an operational service in production. These activities are clearly under the control of Change Management highlighting the need for a strong Change Management process – not Change Scheduling! Clauses 5.2-5.4 provide the areas for consideration not only for the development of the plan and supporting policies for the SaaS service, but also the activities for design, development and transition.
Solution References:
Primary Solution:
ISO20K: Establish and Improve the SMS (4.5) definitively details the PDCA actions required for ongoing management and improvement of the SMS. Consider each area, analyse its efficacy within the organization, and define an improvement program.
Secondary Solution:
ITIL: Within the pages of ITIL Service Design, the Five Aspects of Service Design (service solution, management information systems, technology architectures and tools, processes and measures and metrics) provide a technological view of a new or changed service. These aspects are supported by the processes listed above with a direct concentration on overall management (DC) as well as the remaining design-oriented processes (AM, CapM, ITSCM, ISM, SuppM).
COBIT5: Confirm the objectives via the Goals Cascade and review the information around APO07 and BAI08. Incorporate the relevant pieces into the improvement plans.
