I TSM best practice frequently suggests working holistically.   This is particularly true when defining a strategy and architecting a design solution but when you think about it, this holistic viewpoint should permeate every investment, improvement, and action in the entire value stream from thought to end of life for every service or product deployed. At a high-level thinking holistically involves looking at things from a people process technology perspective but cannot leave out our partners and suppliers.  No service, process, or functional team stands alone.   Changing one element of a complex system will impact others.  This is a real challenge because no one team can know everything about all aspects of the system.  Therefore, working holistically requires a balance between specialization (functions and departments) and the coordination of complex integrated process activities.  It is only then do we get a clear picture of the lifecycl...

One of the key principles of DevOps stresses that we need to fail and fail fast.   A key part that frequently gets omitted.  That key element of the principle is that we fail fast so that we can LEARN. When we learn it is always best to act and to share.   In the spirit of learning and sharing here are some consequences of not performing DevOps testing properly that might help to mitigate some of your challenges. Consequences of NOT doing DevOps testing properly – challenges and thoughts Culture Conflict Culture Conflict can exist between business leaders, developers, QA testers, infrastructure/tools staff, operations staff or any stakeholder in the entire value stream. When there are unclear roles and responsibilities for the testing of a new or changed service or product, a friction begins.  This friction propagates conflict.  Be aware.  Make management of organizational change a priority. Test Escapes (False Positive)   ...

We saw in a recent blog from “The Professor” how cybercriminals could create a network of controlled computers to propagate a “BotNet”.   One of the malicious reasons for these powerful networks of control is so that the hacker can perform “Distributed Network Attacks” (DDA’s). We all have experienced this at some level and the outcome is not good for enterprise, corporations, or businesses of any size.  DDA’s create disruption even to our own home operations.   A DDA is sometimes referred to as a Distributed Denial of Service or DDOS attack.  This virus or network of virus’s attacks behind the scenes to take over system resources.  A DDOS could attack switches, hubs, routers. It sometimes will flood the network backbone with nuisance transactions with the intention of sucking up all the bandwidth that might otherwise be necessary for day to day operations. DDOS can bring to a screeching halt the web sites for processing claims, or even shopping cart in...

The purpose of Portfolio Management, when applied to Provider investments (especially, IT investments), is a central mechanism to an overall Value Management approach by making investment allocation explicit against strategic choices such as how much to invest in potentially high value, but usually risky initiatives versus safe but low-value activities. The Service Portfolio represents the complete set of services that are managed by the service Provider.  It is used to manage the entire lifecycle of all services and is defined by three categories of services.  The service pipeline represents service that is under consideration (purposed) or those that are currently in development but are not yet ready for deployment or consumption by the business partners. The next category is the service catalog which represents all live services or services that are available for deployment to the business partners. The final category is retired services.  This represents the serv...

Every organization that delivers products or services will need to shift their ideas for how they plan, build, test and deploy a service that is resilient and for one that truly delivers value for both customers and the internal business.  Continuous Integration, Continuous Delivery, and Continuous deployment are all supported by Continuous testing.    Continuous anything will not be assured of success without Continuous Testing.   Continuous testing is the process of executing automated tests as part of the software delivery pipeline to obtain immediate feedback on the business risks associated with a software release candidate. Shifting left ensures that the test takes place early, up front in the pipeline of delivery, NOT after the development.  Testing after development is too late because then we do not have the time, money or resources available to re-engineer, re-design or to re-develop appropriately.   When we test after the developm...

The purpose of the (IT) Service Provider is to serve the needs of the business.  This is carried out by providing services to the business which are then engaged to provide some form of value to both the business and the Service Provider. Often the value delivered is less than optimal because the Service Provider and the business have different perspectives, culture goals, objectives, and incentives. The Business-Provider Alignment Model (BPAM) provides a framework for being able to analyze and understand these differences between the provider and its business partners. By engaging the BPAM we can begin to surface dialog about the relationship between the provider and the business and begin constructive discussions about the partnership that needs to be created. It does this by allowing each party to exam the four key elements of alignment – business environment within which the business operates, strategic context for the business, provider strategy and the provider portfolio...

Today every business is an internet business.  The performance of any business is directly related to the capability and performance of IT.  Therefore, we must all take cyber security seriously.   Let’s start with a botnet by breaking down the word itself.  The first syllable, “bot” is short for robot. The second syllable “net” is from the word network.  A botnet is formed when a hacker writes a computer program that will breach security on a single computer.  It does not stop there.  This computer program called a virus has the capability to take over that computer that it just hacked into. It does not stop there either because this is not good enough for the cybercriminal.  With a botnet, the virus will move from one computer to another, take control of each and then connect all of the disparate computers into a powerful system or network of control.  This is known as a botnet. Cyber criminals are control freaks.  They wi...

ITIL Practitioner focuses on nine guiding service management principles that distill the core message to facilitate improvement and success at all levels. The principles not only guide providers who want to adopt a good approach for successful products and services but can also be applied to ensure our day to day success. Yes, that’s right! These principles could be applied to buying a car, ordering food and more. Example: I want to purchase a car . 🚗 Guiding Principles ITSM Academy's ITIL Practitioner course is based on these 9 Guiding Principles 1) Focus on VALUE - I need a car but I don’t want to exceed my budget for this. Value for me means awesome performance and that this car looks amazing. It must be a good fit and be cost effective. Good luck, right? Value is determined by price but also by performance and perception. 2) Design for Experience – Here I would be looking for something that is durable, has lots of techno gadgets built into the dash and if it is luxurious w...

A short while ago I was asked this question from one of our reader: “ I want to set a KPI around how much of the time we meet the SLA. Like 'meeting the SLA x% of the time'. Can someone advise what would be that 'x'? What is the common practice?  Is there an industry standard around this?”   I’m going to have to go with the consultant answer and say it depends.   First, are we talking about a single service to a single customer? Are we talking about multiple services to multiple customers or somewhere in between those two extremes? Your SLAs should include details of the anticipated performance that your customer expects.  First thing you need to do is discuss with your customer what are the levels of utility and warranty they are expecting? Then document and agree these targets are reachable given the resources that are at your disposal and any constraints that may be discovered. The requirements for functionality (utility) should be defined by you...

Site Reliability Engineering (SRE) is a discipline that incorporates aspects of software engineering and applies that to operations with the goal of creating ultra-scalable and highly reliable software systems.  Google’s mastermind behind SRE, Ben Treynor, describes site reliability as “what happens when a software engineer is tasked with what used to be called operations.” Historically, Dev teams want to release new features in a continuous manner (Change). Ops teams want to make sure that those features don’t break their stuff (Reliability). Of course the business wants both, so these groups have been incentivized very differently leading to what Lee Thompson ( (formerly of E*TRADE) coined the “wall of confusion”.  This inherent conflict creates a downward spiral that creates slower feature time to market, longer deployment cycles, increasing numbers of outages, and an ever increasing amount of technical debt. The discipline of SRE can begin to reduce this d...

What isn’t? With the internet of things there are so many options available to consumers that were not available even one month or one week ago.   With technology and job role functions evolving so fast, the best way to stay current is to become educated.  Here are just a few bits of interesting information. New for Every Day Consumers: In a  recent update Google’s Virtual Globe has introduced a feature called "Voyager." No longer will you be limited to only exploring places you've heard about, nor will you have to resort to randomly clicking on areas of the planet in hopes of finding a gem. Instead, "Voyager" presents you with dozens of curated journeys around the globe. Each voyage is centered around a theme. “Museums Around the World” will take you to a Street View of museums in every corner of the globe. If natural formations are more your speed, " Earth View " will show you "the most striking and enigmatic landscapes available in Goog...

I learned about ‘The Diffusion of Innovation Theory’ in a DevOps Foundation training course.  I wanted to get my DevOps certification but more than that to learn about what makes a DevOps initiative successful.   When I mentioned the Diffusion of Innovation Theory to a coworker he said “It sounds like Sheldon talking to Raj on “The Big Bang Theory” TV series.  Although the name sounds Big Bangish the usage of this theory could be the real difference for success in any transformational change including DevOps. To start let’s begin with the definition of DevOps. DevOps is a professional and cultural movement that that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will result in an improved ability to design, develop, deploy and operate software and services faster. That’s where this “Big Bang” or Diffusion of Innovation Th...

Integrating Development and Operation teams as well as other functions that have previously been silo’d is key to any development project for all service providers today.   We hear a lot about this in DevOps training and certification classes.   What about security?  You may have heard the term DevSecOps.  This idea and term was coined to ensure that architects and developers include into our requirements and code those things necessary for security. Design architects will also want to ensure that security is integrated throughout the value stream of development, deployment and operations and it is done in such a way so that the complexity is as transparent as possible to the functional teams involved.   How can we do this without impeding our flow of work?    How can we still be able to meet compliance for legislative, legal or regulatory requirements relating to security? This is where Automation comes in.  Collabor...

In years past you had to have some years behind you so that you could talk about the good old days.  Conversations would start with statements like “Remember when…?”   Today when a conversation starts with those words it could be a young person talking about how they did things last year or last month vs. how they go about their day to day activities today.     Things are changing so fast!  How does this affect educating and training learners and what needs to be tracked and recorded?  Certainly, not the same as it was a decade ago.  A recent solicitation stated “ Use of ed tech is skyrocketing, students on campus tote several devices each, but service needs range from high tech (wifi, connected classroom) to mundane (rat in the cafeteria, dorm toilet won't flush). All those needs have to be logged, serviced, tracked, reported on - hence the high demands on the platform used”.  Opportunity for bigger, better and more te...

To say that digital technology has changed the world is an understatement. Digital transformations are revolutionizing entire industries and reshaping every aspect of business. To stay competitive, businesses must accelerate the delivery of digital products and services. To meet business demand, IT organizations must accelerate the delivery of secure, high-quality and reliable software features and functionality ( DevOps ). The thing about any transformation, whether it’s the digital transformation affecting the world, or the DevOps transformation affecting IT organizations and their business partners, is that it’s never only about the technology. A successful transformation requires shifts in peoples’ behaviors, mindsets, vocabulary, roles and reporting relationships. It requires changes to processes and to day-to-day operating procedures. Perhaps most importantly, the ability to undertake and achieve any transformation is determined by whether, or not, the company’s leaders...