IT Governance for Incident Management


Implement Strategic Process Roadmaps or Keep Feeding the Beast

by Thorsten Manthey
October 27, 2017

Have you ever worked at or encountered an organization that purchased an ITSM/service desk tool or implemented ITIL processes but didn’t identify process owners? I have, and I have seen it create a lot of pain for the organization. Not having process owners in place and a lack of other effective governance creates a number of issues for the organization—the organization is creating and feeding a beast.

Most process managers would agree that ensuring that your processes are managed efficiently and effectively requires the right skills, integrated tools, reliable data, and well-defined processes and procedures. This is, however, not enough. You also need a clearly defined governance framework for all your ITSM processes with identified roles, responsibilities, accountabilities, established communication channels (i.e., process and tool councils), and defined escalations with established thresholds!

You need a clearly defined governance framework for all your ITSM processes.
Tweet: You need a clearly defined governance framework for all your #ITSM processes. @ThorstenManthey @ThinkHDI

Without a clearly defined overarching governance framework encompassing all of the ITSM processes and assigned process owners, you will keep “feeding a beast” that will grow and create havoc within the organization. I will introduce the beast to you shortly.

Management vs. Governance

Many organizations confuse governance with management. The COBIT 5 differentiation of management and governance is very helpful for understanding the difference.

Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives.

Governance ensures that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives.

Within IT service management process context, the process manager is concerned with the management of the process and the process owner’s main focus should be to govern the process (e.g., set direction, prioritization, and decision making).

The Need for Process Governance

Any type of organization, even outside of IT, requires clear and structured governance over their processes. Process governance ensures that stakeholder needs are met, there is a long-term plan and clear direction of the process, and that decisions are taken at the right level within the organization in a timely manner.

For example, the service desk relies heavily on a stable, supported, and responsive incident management process as one of the key processes used when executing service desk tasks on a daily basis. I use the incident management process in this article to provide specific examples.

Governance has moved to the forefront of business and IT organizations over the past decade as it contributes to developing trust between the service organization and its stakeholders, users, and customers.

Good governance is rarely mentioned in the evening news. However, there are many examples where governance has failed, and global business mishaps or total failures have been highlighted in the news. Think about some recent major IT failures covered, many of these failures are due to processes not followed or lack of governance (e.g., changes are deployed without approvals or limited understanding of their scope and risk).

Meet the Beast

The beast feeds on anything that is not clear, is confusing, or lacks structure and guidance. It’s a monster that will take up your time, resources, funding, and efforts. governance, beastIt will drain the organization of progress and ensure no continuous improvement takes place—it’s a beast you don’t want to feed and have around. Trust me, I have seen many of these!

I have encountered multiple organizations with a great intent, shiny tools, and well-defined process/procedures but where the beast is slowly engulfing the organization into a black hole of missed opportunities.

The organization is often not aware that they are feeding the beast, but they sure feel that something is not right. They work hard, put in long hours, create plans, write documents, and spend significant time and resources. However, there are still issues, outages, confusion, lack of funding, and no clear decision making or understanding of the direction—the beast is very much present! Here are some examples of governance beasts I have encountered:

  • Lack of ownership and accountability of a process without a long-term strategic plan (e.g., the process is not fulfilling business needs of speed, quality, flexibility etc.).
  • Miss-aligned goals that are not based on business value but on other priorities (e.g., the service desk focuses on reducing time to answer calls when the business’s primary concern is the duration of the new hire process or request fulfillment).
  • No clear understanding what the scope of the process is (e.g., which business areas and line organizations do we support, which technologies and applications do we support, and is our scope global or regional?).
  • No clear escalation path defined for management and technical escalations (e.g., who should be contacted for a technical issue that requires escalation? Who to contact to inform management about a major issue?).
  • Lack of resources, funding, and tools to execute the process efficiently and effectively. (e.g., not having appropriate telephony systems, knowledge articles, or self-help tools in place for the incident management process).
  • Lack of meaningful reporting and KPIs; everything that can be measured is reported (e.g., there are measures/metrics overload and many metrics/KPIs have no defined "actions" based on exceeding thresholds).

The Information Gap Between IT Leadership and IT Operations

One specific major governance issue I have seen in organizations is that the funding for requested improvements is not approved by IT leadership due to lack of direction and planning. You might ask why this is; well the beast is present…

IT information gap

Process managers request funding for a tool, people, training, etc. to their senior IT leaders as there are no process owners in place. process managermanagers are “in the trenches” and their main focus is day-to-day operation that has a short-term focus versus a process owner who is planning long term for a process.

Imagine being a senior IT leader having all the different process managers ask for money without a strategic long-term plan, in an unstructured format, and with limited coordination between all the other ITSM processes. Also, having requests in many different forms or shapes (business case, email, verbal, etc.) is confusing and makes it very difficult for IT leaders to understand the long-term ITSM vision.

IT leaders are not sure if they should approve the request (i.e., the money) as there might be another request coming shortly that is “more important” that they should accept. So they wait and defer instead.
So how do you kill this beast and stop feeding it? Well, you guessed it: establish a comprehensive ITSM governance framework and develop strategic process roadmaps. Specifically for this beast (the information gap between IT leadership and IT operations), you need to assign and empower process owners and provide them with the right skills and tools.

Process owners cannot exist in a vacuum but must function within a well-defined governance framework with process managers, an IT Governance Board, defined business/steering councils, known escalation paths with identified thresholds, and so on.

ITSM governance framework

Use Strategic Process Roadmaps to Bridge the Information Gap

By using strategic process roadmaps, you will kill one of the major beasts many organizations have. There are of course other beasts lurking out there. However, in this article I will focus only the strategic process roadmap, which is a major concept when implementing ITSM governance.

To implement ITSM governance and use strategic process roadmaps sounds all great, but very academic. So how can we make this more tangible?

There are some very specific tools and templates I have developed that I share when empowering a process owner to govern a process from a strategic aspect and to help bridge the information gap.

IT information gap

You can use the same concept when governing IT services and of course for the ITSM platform you are using. Assign service owners and platform owners, and use the same templates when creating those strategic roadmaps.

Benefits of Strategic Process Roadmaps

I’ve listed below some of the benefits of using strategic process roadmaps for the incident management process. These benefits are of course valid for many other ITSM processes:

  • Long-Term Focus. Incident management and the service desk will have a long-term (three-year) strategic plan and defined goals to be achieved. One critical aspect is the scope of the service desk and the incident management process. This should be defined for the next three years. Scope to consider could be geographical, organizational, technical etc.
  • Planned Investments and Funding. Investment required for executing the service desk and the incident management process will be aligned with the IT strategy and vision of the organization. For example, a strategic plan might include a long-term focus to request funding for people, training, tooling, and other resources.
  • Strategic Alignment. The roadmap should be aligned with the organization’s mission and vision. Identification of the key value drivers for the business that the process must align with includes speed, flexibility, agility, quality, or others.
  • Leadership Understanding and Commitment. IT leadership will have a long-term plan and a clear understanding of what is required to reach the goals of the process through continuous planning, reporting, and governing of the process. Clear understanding via a one-page strategic overview for the incident management process with the key initiatives listed and funding requirements for the next three years provides clarity and management commitment.
  • Business Value Focused and Elimination of Pain Points. Business needs are identified and addressed by creating long-term and 12-month tactical rolling plans based on business value and intended to eliminate the biggest pain points of the business.
  • And, of course, a dead beast!

Strategic Process Roadmap Development

To create the strategic process roadmap is a tactical exercise that creates a strategic plan; it is almost like magic! There are four key steps when developing the roadmap for a process.

strategic process roadmaps

  1. Step 1 is to make sure a process owner is assigned and that the process owners understand their role and accountabilities. You would use the first template to ensure the process owner understands their role. A training initiative might be the best approach here to have a common understanding.
  2. Step 2 is to answer the strategic process roadmap questionnaire. This is the second template. The answers together with the process artifacts and information in Step 3 are the key inputs to the strategic process roadmap.
  3. Step 3 is to review existing material, artifacts, and information like the process assessment findings, CSI register, customer feedback, and any ongoing initiatives (no template is used for this step). Use this information when populating the templates.
  4. Step 4 is to populate the third and fourth template based on the answers of the questionnaire (Step 2) and the process information gathered in Step 3.

Strategic Process Roadmap Templates

The strategic process roadmaps consist of four different templates, and you can download them from my web page (scroll down to the Articles section):

  1. Process Owner Accountabilities (PowerPoint)
  2. Strategic Process Roadmap Questionnaire (“Workbook – Establishing a strategic process roadmap” Excel file)
  3. Strategic Process Roadmap TEMPLATE (PowerPoint)
  4. 12-month Rolling Plan Template (“Milestone Details,” slide #5 in the Stategic Process Roadmap TEMPLATE PowerPoint file)

The Incident Management Strategic Process Roadmap Summary depicted below shows what the strategic process roadmap could look like for the incident management process, using the  one-page Strategic Process Roadmap Summary in the PowerPoint template in the downloads. The PowerPoint presentation also includes the detailed description template to be used for each of the key activities identified. Each key activity will have its own slide with details.

incident management strategic process roadmap

One of the key values of creating the strategic process roadmap for all of your processes is that all the process owners can coordinate their strategic plans and investment requests to IT leadership (IT Governance Board). Each of the processes will have to develop their own strategic process roadmap. But a combined and consolidated strategic process roadmap from all the key ITSM processes by the process owners will be extremely helpful for IT leadership when they look at future activities, investments, and priorities.

key milestones

The consolidated strategic process roadmap, developed by the process owner and architecture council (POAC), is a great tool for the IT organization to get the right investments and credibility of the business and to obtain investments (budget) for the right initiatives!

This was a short introduction of ITSM governance and strategic process roadmaps. I hope you find the templates helpful as you impose some IT governance on your incident management process.


Disclosure: The author is an employee of Tata Consultancy Services Ltd. The opinions expressed herein are my own and may not reflect those of the company.


Thorsten Manthey is passionate about IT Service Management, ITSM governance, and cultural and organizational transformation. He has worked across multiple industries including health care, pharmaceutical, oil and gas, financial services, insurance, and telecommunications in North America, Europe and Scandinavia. Thorsten holds a Master’s degree in Computer Science and Engineering and is an ITIL V3 Expert and ITIL V2 master and a Certified Change Management Professional (CCMP). Thorsten speaks English, German, and Swedish and is an international speaker and presenter. Follow Thorsten on Twitter @ThorstenManthey .


Tag(s): supportworld, service management, ITSM, IT service management, governance, incident management

Related:

More from Thorsten Manthey

    No articles were found.

Comments: