Nailing Process Definition: 5 Building Blocks to Success
Jo Peacock
Director of Transformational Change and Governance, ITIL Ambassador, ITSM / PMO, ITIL, SIAM, Prince2, Agile, GRC (Risk), PROSCI
Sometimes living in the world of IT governance can feel like herding cats. And I know I'm not alone. Admit it; if you're involved in any aspect of Service or Project management then there have been times when you've felt the same.
This is where the beauty of process comes in. A process is a way to get from A to B; taking an input and transforming it into an output. But even a defined process can leave you feeling like you're untangling last year's holiday lights if it hasn't been defined for efficiency and effectiveness.
I can help. There are 5 key components that, if they're considered for every IT governance process, then colleagues will want to follow process, they'll want to be consistent, and they'll even be champions of the process to others in the organization.
Indugle me for a moment as I leave behind the terminology of the best-practice methodologies and focus on real-life examples. It's not that best practices don't work - they absolutely do, but they have to be adapted in order to be truly successful. There is no "plug-and-play" solution to defining an efficient and effective process.
So what are these 5 components?
1. Clear Policies and Standards: The Blueprint
Let’s start with the basics. Think of IT governance as building a house. What’s the first thing you need? A blueprint. Your policies and standards are that blueprint. They provide the framework for your IT processes, ensuring everyone knows what’s expected.
Example – Incident Management:
Imagine you’re dealing with a major system outage. Without clear policies, it’s chaos. But with a well-defined incident management policy, everyone knows their role. The policy outlines steps from initial detection to resolution, ensuring a swift and organized response. For instance, during an outage, the policy might dictate that the incident manager immediately assembles a response team, notifies stakeholders, and initiates a root cause analysis.
Example – Project Management:
In a project scenario, clear standards ensure consistency and quality. Say you’re rolling out a new software update. Your project management standards would define the phases (initiation, requirements gathering, planning, execution, closure), deliverables at each phase, and quality checks. This keeps everyone on the same page and the project on track.
2. Defined Roles and Responsibilities: Stop Treading on Toes
I'm a Brit, so of course I love football. Imagine a football match with 22 people on the pitch and no-one knew their position. The final score would be something of legend, but the reality on the pitch would be complete chaos. The same goes for IT governance. Clearly defined roles and responsibilities ensure that everyone knows their job, and that reduces confusion and redundancy, and increases accountability.
Example – Incident Management:
When a critical incident occurs, who’s in charge? Who communicates with stakeholders? Who fixes the issue? A defined incident management process answers these questions. The incident manager leads the response, the communication officer updates stakeholders, and the technical team handles the resolution. Each person knows their role, ensuring a coordinated effort.
Example – Project Management:
For projects, having a RACI matrix (Responsible, Accountable, Consulted, Informed) is a game-changer. During a software deployment, for instance, the project manager is responsible for overall delivery, the sponsor is accountable for project success, the developers are consulted for technical decisions, and the end-users are informed of progress. This clarity prevents overlaps and ensures smooth project execution.
3. Effective Communication Channels: The Lifeline
Communication is the lifeline of any organization. As I've mentioned, I'm a Brit, but I live and work in the USA predominantly. You might think that we speak the same language on both sides of "the pond", but trust me, we don't. Anyone who's ever asked for a biscuit on the opposing shores will understand that! In IT governance language is important; effective communication channels ensure that information flows seamlessly, keeping everyone informed and aligned.
Example – Incident Management:
During an incident, timely and accurate communication is crucial. An effective incident management process includes predefined communication channels – like a dedicated Slack channel or an incident response app. This ensures that updates are shared in real-time, and everyone involved is on the same page. For example, when a system goes down, the incident manager uses the Slack channel to provide regular updates on the status and expected resolution time.
Example – Project Management:
In project management, regular status meetings, progress reports, and dashboards are vital. For instance, in a project to implement a new CRM system, the project manager might hold weekly status meetings with the team and stakeholders, send out bi-weekly progress reports, and maintain a dashboard that shows real-time progress and upcoming milestones.
4. Risk Management: The Safety Net
Risk management is your safety net. Identifying, assessing, and mitigating risks early ensures that you’re prepared for any bumps in the road, keeping your IT processes smooth and resilient.
Example – Incident Management:
In incident management, risk assessments help identify potential vulnerabilities. Regular risk assessments might reveal that a critical server is nearing capacity, prompting a proactive upgrade to prevent future outages. By having contingency plans in place, you can respond swiftly and minimize impact when incidents occur.
Example – Project Management:
For projects, a risk management plan identifies potential risks and mitigation strategies. In a project to migrate data to a new platform, risks might include data loss or downtime. Mitigation strategies could involve thorough testing, data backups, and a rollback plan. Regular risk reviews ensure that new risks are identified and addressed promptly.
5. Continuous Improvement: The Secret Sauce
The IT landscape is ever-evolving, and so should your governance processes. Continuous improvement ensures that your processes remain effective and efficient, adapting to new challenges and opportunities.
Example – Incident Management:
After an incident is resolved, conducting a post-incident review helps identify what went well and what didn’t. For instance, if a server outage took longer to resolve due to poor communication, the review might result in updating the communication plan or providing additional training. This continuous feedback loop ensures that each incident is handled better than the last.
Example – Project Management:
In project management, conducting a post-project review (or lessons learned session) helps capture valuable insights. For example, after completing a software rollout, the team might identify that better stakeholder engagement would have reduced resistance. This insight can be applied to future projects, improving overall success rates.
Wrapping It Up
Remember, IT governance doesn’t have to be a daunting task. With the right approach, it can be a powerful tool to drive efficiency, effectiveness, and success in your organization. But it's important to remember the basics, and apply the common sense. So, roll up your sleeves, embrace these 5 critical components, and watch your processes flourish!