Dansk-IT: Discover powerful tools for Business& IT alignment
Dansk-IT, the Danish computer Society organized a session for its members to explore Business & IT success and fail factors in Copenhagen.
Paul Wilkinson from GamingWorks facilitated the session using the Business simulation game Grab@Pizza. In this game delegates play the business and IT roles in global Pizza franchise organization. Grab@Pizza is a very successful company selling millions of Pizza’s every year. But after 6 months into the current year, the sales figures are far below expectations. IT is posing a significant business risk due to downtime and the inability of IT to respond to changing business needs (Risk Optimization). The CEO urged the Business Managers to make a challenging recovery plan. This plan is based on a 6 month strategy to bring the sales and profit back on target (Benefit realization). Existing IT capabilities are poor, resources are tied up in ‘Keeping the lights on’ rather than supporting and enabling new innovations. The IT department must ensure the appropriate capabilities are in place to execute the strategic plan and sufficient, appropriate and effective resources are provided to ensure both benefits realization and risk mitigation( Resource optimization).To enable this delegates explore how best practices such as COBIT and ITL can be used to enable this turn around.
We played one month of the game. Within 5 minutes the team had created a THEM and US culture of mistrust. At the end the CEO, played by the game leader, was not happy! His strategy was not being realized, there were wasted costs and lost revenue due to poor prioritization of resources and not focusing on critical issues. How come? What should have been done differently? What can we take away from this experience and reuse?
Key learning points:
- Chaos. No structure, no agreements on ‘information’ needs. Business had no ability to Direct and Monitor. Business did not know what it didn’t know and or what it SHOULD know. This was a recognized issue in reality – the lack of maturity of the businesses to govern IT effectively. Business did not share its strategy or insight into business needs.
- IT director had no insight or metrics for demonstrating control or reports to demonstrate achievement of Service levels. IT had too little understanding of business strategy and longer term goals.
- IT Must understand the strategy if it is to effectively optimize resources, especially as there are always too many demands and they need to be balanced against business demands (benefits realization) and IT initiatives for maintenance and support to ensure availability and reliability (Risk optimization).
- SLM spent too much time agreeing new business demands and new service needs (chasing the Benefits realization) and did not effectively manage and ensure internal process alignment and achievement of SLA’s (Managing Risks). SLM MUST ensure business impact and priority is well understood and that IT processes are aligned to not only achieving these SLA’s but demonstrating control.
- COBIT was a valuable instrument. Using the COBIT controls to identify key questions and reporting needs in terms of Benefits realization, Risk optimization and Resource optimization.
- COBIT was seen as a valuable dialogue, assessment and improvement TOOL to enable IT to help the business better understand it’s NEEDS and RESPONSIBILITIES for governing IT.
Figure 3 & 9 above are from COBIT 5.0
- All delegates were familiar with or using ITIL. ‘What ITIL processes could help improve the business and IT relationship, the business and IT understanding of strategic goals over time’?
Service Portfolio management and Business Relationship Management were seen as critical enablers.
- In the game the business asked ‘What does SLM do?’ – Not knowing or understanding the Tasks, Roles, Responsibilities and Accountabilities meant the business was continually seeking information and bothering IT and IT did not use SLM (Service Level Management) to gather information about the business processes, business criticality and critical time periods. IT priority, escalation and resource allocation was therefore NOT aligned to business needs.
- The Change calendar must be mapped to the Service Portfolio and visibly show change related to benefits, risks and transparent allocation of resources over time.
- Service Desk and Incident Management must know the business criticality and impact on value as well as risk and threats to business. SLM is a vital function for providing insights.
- Problem Management is a critical process for helping reduce risk and prevent wasted resources and at the same time protect value realization.
- The IT processes MUST be aligned. E.g. Incident Management and Problem Management must know ‘what changes have been carried out and why (e.g new business projects, projects to reduce outages) as well as which changes were NOT carried out (e.g to remove a problem), also which changes were ‘Agile’ or ‘Urgent’ having less documentation, testing, training that may impact call volumes and growth. IT processes must KNOW the SLA (Service Level Agreement). Preferably embed this in ITSM tools.
The team displayed in the simulation common Attitude, Behavior and Cultural (ABC) issues. These are issues we consistently see in reality. Below are the 10 ABC Business & IT Alignment cards chosen in global workshops for the last 10 years! – representing literally thousands of IT organizations.
- Neither partner makes an effort to understand the other
- IT has too little understanding of business impact and priority
- IT not seen as a Value added partner to the business
- IT thinks it doesn’t need to understand the business to make a business case
- Everything has the highest priority according to the users
- Too little business involvement in requirements specification and testing
- IT doesn’t measure it’s value contribution to strategy
- IT is too internally focused
- Them and Us culture – opposing and competing forces
- Not my responsibility/ Demand & Give: ‘I demand (Business) and YOU give in (IT)’
Business & IT are like an old married couple. Moaning about each other, accepting the behavior of the other. However IT is becoming increasingly mission critical and this poor relationship and poor behavior is becoming an unacceptable business risk.
If both parties adopt the behavior ‘Not my responsibility’ for taking the initiative to finally solve these ABC issues, then they must accept the consequences. However unlike a marriage in which both parties can decide to end the relationship, in business & IT only ONE party can outsource the other! It is in the interest of IT to take the initiative to solve these issues. BRM is an ideal function and set of capabilities to help realize the marriage guidence counselor role.
In my personal opinion COBIT is another highly effective instrument that senior IT managers or BRM’ers should add to their arsenal for enabling this.
Unfortunately COBIT is too often perceived as simply an audit instrument – a stick that the business can use to beat IT, rather than a powerful IT tool. One of the COBIT 5 Enterprise enablers is ‘Culture, Ethics and Behavior’- however this has not yet been fully documented. I am hoping that Isaca will give a priority to producing this guidance.