I was recently asked where an entity such as Enterprise Monitoring resides in an organization. Should it be equivalent to the Operations, Engineering and Security areas rather than reporting to one those areas? Yes in some ways it does make sense to have Enterprise Monitoring at the same level. However, we must remember that there is a clear distinction and separation between the functions as proposed in ITIL and the activities that they perform. “Monitoring” is an activity related to a process (including but not limited to Event Management, Availability, Capacity, Service Level, etc.) So this work gets performed across an enterprise and not by a single, particular group. Anyone who needs to “monitor” something should use the associated processes to do so. Someone doing “monitoring” does not need to be located in any specific part of an organization. Functions are organization, location and structure agnostic. A function is not a place or management structure rather an abstract grouping of people focused on similar outcomes or objectives (customer service, technical control, application stewardship, operational governance). All functions have the potential to use all processes to obtain their goals and objectives. Although IT Operations is the main performer of monitoring, that function may reside in many places and report to different lines of accountability across an organization.
If you feel the need to put governance, risk and compliance (GRC) controls or a traditional approach to people management around these abstract groupings (functions) then it does make sense to think of these controls in a similar way. You may place them “organizationally” together. Keep in mind that this decision is based on your desire to manage people, rather than to optimize use of process or shift to a “function” based organization. As you look at how to organize around ITSM, keep processes/activities and functions clear in your mind. “Security”, “engineering”, “operations” and “monitoring” should first and foremost be thought of as processes or activities, then as organizations. Once you have that embedded in your thinking, placement of Enterprise Monitoring becomes much clearer.
If you feel the need to put governance, risk and compliance (GRC) controls or a traditional approach to people management around these abstract groupings (functions) then it does make sense to think of these controls in a similar way. You may place them “organizationally” together. Keep in mind that this decision is based on your desire to manage people, rather than to optimize use of process or shift to a “function” based organization. As you look at how to organize around ITSM, keep processes/activities and functions clear in your mind. “Security”, “engineering”, “operations” and “monitoring” should first and foremost be thought of as processes or activities, then as organizations. Once you have that embedded in your thinking, placement of Enterprise Monitoring becomes much clearer.
Comments