As the New Year begins, most IT service providers already have their IT strategy in place.   A few decades ago we heard loud and clear… “You must align IT with the business”.  Then we heard in the next decade…  IT...”You must align with the business”.  Notice the focus was on what “IT” must do.  I believe that most IT organizations get that.  The real question when considering a strategy is how this can be achieved.  Or is it?   I hope that moving forward the new mantra will be “Hello business”… “You must engage IT in order to ensure success.”  If the strategy does not include how the business is going to consistently engage, plan and strategize with the IT organization it is possible that the business strategy will not ensure the type of success that is hoped for and could continue to miss the mark. A recent BizReport article by Kristina Knight states; "During 2016, the perception that developers are basement-dwelling, socially-awkward techies with no grasp on business

Part of the role of the Certified Agile Service Manager (CASM) is to ensure that ITSM processes engage and reflect agile values and that they are appropriately designed with “just enough” control and structure in order to effectively and efficiently deliver services that facilitate customer outcomes when and how they are needed. The goals and objectives of Agile Service Management include: Ensuring that agile values and principles are embedded into every service management process from design through implementation and continual improvement. Improving IT’s ability to meet customer requirements faster.  This includes process and process integration, capabilities, knowledge transfer and the use of appropriate technologies for automation. Being effective and efficient (lean).  It also means ensuring that we don’t bias too far in one direction.  I can be very effective but not efficient. On the other hand I can become too efficient but impact my effectiveness.  Either of these s

In his recent blog ‘ Devops Areas - Codifying devops practices ’ Patrick Debois explains that DevOps activities typically fall into four patterns or areas.   DevOps activities typically fall into four patterns or areas. In each of these areas best practice dictates that there will be a bi-directional interaction between Dev and Ops, which will result in a fluid knowledge exchange and feedback from each of the major stakeholders, including Development, Test, Product Management and IT Operations.   In the 1st area we extend delivery to production. This is where Dev and Ops will collaborate to improve anything on delivering a project to production by creating or extending the continuous integration, deployment and release processes from Dev into Ops. Activities here include making sure environments are available to Dev as early as possible. That Dev & Ops build the code and environments at the same time. Create a common Dev and production environment process while ensuri

Infrastructure as Code – is a common term among developers, architects, and operational staff and the practice has evolved in response to demand for quality and efficiency in the industry.  Over the last decade many organizations have come to realize that the essence of Infrastructure as Code is to treat the configuration of systems the same way that software source code is treated.  Frequent code integration, automated builds, and integrated testing have resulted in stronger IT performance and therefore business value. Security as Code – An increase in security breaches across all industries has brought forward a similar concept, and that is to look at “Security as Code”.  This concept would include the usage of repeatable algorithms to integrate security checks with each code check.  This expands the scope of traditional “Continuous Integration” and automation.  Organizations realize that security is no longer a second thought and must be addressed at the front of the value s

We are all customers of someone right?  What was your last customer experience like?  Was it so good that it completely changed how you thought about the product or the organization you were receiving services from? On the other hand was the service you received so poor that you vowed never to use their products or services ever again.  We have all been in those situations. You may not have realized it, but how that interaction was designed can have a huge impact on the perception you, the customer, walk away with.  I recently read a series of articles in the September issue of Harvard Business Review magazine.  The entire series was titled “The Evolution of Design Thinking” - It’s no longer just for products. It speaks to how executives are using this approach to devise strategy and manage change.  I can’t tell you what an absolute must read this is for all.  It will make you take a second look at how you design, deliver and support the services to your customers. For me personally t

I was recently asked what the compliance requirements, architectural constraints and interface requirements are in designing the service design package for a new app. The short answer is that the Service Design Package (SDP) would have ALL of the documents and information related to how the app was designed and developed including any policies or known compliance or other constraints.  The purpose of the SDP is to provide a living set of knowledge assets that can be passed around the lifecycle for use in each stage (e.g. deployment, operations, support, updating, etc.). For more information the the SDP please use this link:  http://www.itsmacademy.com/itil-sd/

Operating under a constant threat of cyber attacks is the new normal for many organizations in today’s virtual business environment.  These attacks can come from anywhere, from anybody and at any time.  It is no longer a question of reacting to and then fixing the problem.  Today the question is “How do we prepare the entire organization to be prepared and vigilant to deal with cyber security threats each and every day. A defensive approach is no longer adequate.  A proactive strategy by cyber security teams with the appropriate expertise, capabilities and best practice processes and policies is an absolute must have in order to meet the challenge of recurring engagement with those whose intent is to harm the organization in some way. There must be well defined and documented processes to prevent, where possible, detect and respond with control and countermeasures as quickly as possible while predicting what will happen next.   The introduction of effective cyber resilience requir