Would you buy a product or service that did not include some type of warranty? If the manufacturer or reseller does not explicitly set the expectations, then you will form them for yourself. It is the same with the customers of your IT services. Either IT clearly sets the expectations, or end-users will develop them on their own. Best practice tells us that during the negotiation and acceptance of Service Level Agreements, IT commits that services not only meet business and customer outcomes but also that they will meet requirements for availability, capacity, continuity and security.
Ok… that is good. Best practice tells us to include these so called “non-functional” requirements early in the lifecycle of a service. In reality these warranty requirements are often considered somewhat in the Strategy/Design stage but more often than we would like to admit the majority of the work and effort for security and availability are performed reactively in the Service Operation lifecycle stage.
The lifecycle of a service consists of activities performed in Service Strategy, Service Design, Service Transition and Service Operation. In each of these lifecycle stages there are many processes and activities. For example, Incident and Problem Management processes are primarily performed in the Service Operation lifecycle stage. Here is a simple test. Ask your team or managers or IT practitioners this question:
In which of these lifecycle stages would you place the “Capacity Management” and “Availability Management” processes or activities?
The answer that I get more frequently than not is that the majority of activity for Capacity, Availability, Continuity and Security are performed in “Service Operation”. No…. we don’t want this. These requirements and design activities should be early on in the Strategy/Design stage. These requirements should be included along with the functional requirements and with the same amount of rigor and emphasis as the functional requirements for a service. Warranty requires that we, as service providers, agree to specified levels of availability, capacity, IT service continuity, and Information Security. If 80% or more of the activity for warranty is performed in Service Operation it is likely that the service provider is very reactive and not able to meet the needs of changing business demands in a timely or cost effective manner. These organizations will sometimes break down from reactive mode to chaos where business value and customer confidence take a hit.
Moving from common practice to best practice presents many challenges. Best practice tells us that
care must be taken, however, not to set up standards or documentation requirements that create excessive bureaucracy without consistently returning better services to the business and/or customer. The goal should be to put just enough definition, measurement and control of design activities in place to successfully manage the work and improve results, but no more.
For more information, education or certification in these areas click here: “Plan, Protect and Optimize”