CA Community






This Blog
Syndication

September 2009 - Posts

Virtualization: So Easy a Caveman Could Do It?

Published: September 30 2009, 09:30 AM | no comments
by Jeff Foucher

Beware of the hype created by IT, especially when under the guise of "better, faster, cheaper."  For the shiny new penny of IT operations comes with a few pretty significant blindspots which IT has largely failed to address....until now.

A recent analyst report suggested that 70% of companies who virtualize production operations will fail a software license audit.   Another research report tracked a significant increase in software license audits over the past 2 years.

If either of those figures is even remotely close, it again serves as a reminder that the "quick win" of virtualization may have more far-reaching impact and bring non-IT problems down the road.  Of course, to the business folks in Finance, Procurement and Executive Management - virtualization is just cool enough to be reassuring and yet complex enough to be ignored when it comes to asking the hard questions and truly understanding its business impact.

"I can take this computer.....and double its usage?    If only our assembly lines / mining operations / derivatives business could do that!"

What these otherwise business-astute people should be asking is:    Does our (insert software vendor here) contract ALLOW US to do that?!?

I'll admit, it may be unlikely or improbable that software publishers have the time, or more importantly, the tools and methodology to properly audit customers deploying software in a virtual environment.   And there may be another disincentive:   audits can reveal under-utilization of licenses which may fuel the unwanted side effect of accelerated contract (re)negotiations.  However, the point is the organizations that have begun thinking about this and have started to proactively ensure they have a handle on their software assets will emerge as the victors in leveraging virtualization to its fullest while mitigating this very real downside risk.

Clues from the past, and standards for the future

One of the biggest "gotchas" overlooked by organizations in their zeal to consolidate servers based on the hype generated by the hardware manufacturers is that large-scale enterprise software applications are most often licensed by processor count or the server's "power rating" (similar to mainframes, where multiple attributes are assigned to specific models of a server product family).  When the workloads from multiple servers are consolidated unto a single larger/more powerful server the hardware savings in BTU, KVA, and footprint are measurable but will increase (sometimes dramatically) the cost of the license even though the actual workload hasn't increased REGARDLESS of how the virtualized "partition" or "logical server" is configured for each given software application. 

The argument by the publishers is that the configuration could be changed at ANY time by the customers...so they must charge that maximum license fee corresponding to the potential capacity that the physical hardware will allow.  When you add "clustering" approaches to the mix the cost skyrockets due to the even more dynamic configurability, greater capacity and multi-processor capabilities.

Addressing this on the publisher side may require software tagging standards such as ISO-19770-2 and the need for content-driven Software Asset Management tools in general.  Clearly a software vendor with experience in applying these principles in a Mainframe environment could give customers a leg up.

In any case, the onus is clearly upon IT to pragmatically develop the foundation layer needed to keep that shiny new penny full of luster - by establishing (first) a robust IT Asset Lifecycle Management (ITAM) program which will allow them to care for that software license or hardware contract with the same level of visibility and control they would otherwise have (but many still don't) in a non-virtualized world.

Fortunately, with IT Asset Management becoming more mainstream - driven by the real business cases it brings to bear, and championed by senior-level IT, Financial and Business executives alike - these questions may finally begin to be addressed as part of the strategic virtualization plan itself.

How is your company addressing ITAM and Virtualization?

Share this post:  EmailEmail
ShareShare
Tags: , , , ,
Leave a comment

 

By: Jeff Foucher
Jeff Foucher is Senior Director of Product Marketing, responsible for CA’s Business Technology Management suite, including market-leading Portfolio Management, Financial Management and Service Level Management solutions. In this capacity, he is focused on helping CIOs and their teams to become the trusted...
Read More..

IT is From Mars and Business is from Venus - Use SLM to Help Improve Communication and Relations

Published: September 28 2009, 09:15 AM | 1 Comment(s)
by Michael King

I received a comment on my last blog entry that got me thinking about the cultural shift that ITIL is forcing IT organizations to make. One facet of this cultural shift is that IT organizations need to bridge the communication gap between IT and the business, as well as change the perception of their organization held by end users and colleagues on the business side of the corporation.

When I worked on the Operations side of IT, I often encountered difficulty working with colleagues who were not fond of IT and people who worked in IT for various reasons. Whatever the reasons were, I found that the common theme that I was facing was that there was a communication gap between IT and the business. This issue in turn made it appear that IT was difficult to work with. In my opinion, the problem was on both sides of the house, IT and the business were struggling to understand each other's role in achieving the common business goals.

Here is how Service Level Management (SLM) can help improve communication between IT and business so they can improve their overall relationship.  During the requirements gathering and design phases of implementing an SLM process the business and IT should be encouraged to work together to define the service offering that IT will provide, and the business goal it is supposed to support.  During this process, IT needs to learn and demonstrate understanding of the business needs outlined by their customer by:

  • Creating a written description of the service offering (this description should include a summary of the business case)
  • Creating and documenting the process to deliver this service
  • Creating a budget for creating and maintaining  the service offering
  • Identifying the resources responsible for delivering and maintaining the service
  • Creating KPI(s) to prove the service is being delivered to the negotiated service levels and during the negotiated business hours

In addition, the business will gain a better understanding of the costs and level of effort for IT to deliver a service to the business based upon mutually agreed upon business needs.  This collaboration will also give both IT and the business to share responsibility and equal stake in the success of the service offering, and hopefully increase respect and understanding for the two sides of the business.

Share this post:  EmailEmail
ShareShare
Tags: , , ,
Leave a comment

 

By: Michael King
Michael King is a Senior Engineering Services Architect in CA’s Service Management group. Michael has over 19 years of experience in IT that includes software engineering, operations management, systems integrations, and process reengineering. Currently, Michael concentrates on Service Level Management...
Read More..

Certified - So You Think You Can Dance?

Published: September 22 2009, 08:08 PM | no comments
by CA Community

Learn the Steps or Feel the Beat?

Everyone who ever attended event night at one of the major software vendors’ user conferences knows, “Real IT people don’t dance”  (or should I say “IT people don’t really dance”). Yet I plan to use a dance analogy when discussing the various best practice frameworks and methods we IT people like to get certified in. Frameworks and methods like (here we go): ITIL, CobIT, Prince2,PMbok, RUP, Tickit, TOGAF, etc.Did you ever wonder why there is a world championship for ballroom dancing, but not one for individual dances such as the Waltz, the Foxtrot or the Tango? I bet you never did. But actually there are only two championship categories, Standard and Latin. (source: www.wikipedia.org/wiki/Ballroom_dance). 

I guess the reason is that if you can only do one dance (like the one you learned for your wedding party) you’re not really considered a dancer. Now, just like the previously mentioned IT methods, these dances are distinctly different.  However, they do share  a standard vocabulary, standard exams and common framework of reference.

Now in Holland, if we have two people with a joint idea they start an association (or maybe a “coffee”-shop). And if two guys across the river have a similar idea, they start one too. Of course in our Dutch melting pot of cultures, we have historically had a good reason for all these separate associations: one was Catholic, one reformed, one Protestant, one Lutheran, one Jewish and  one typically atheist (a.k.a. communist/socialist). But what is our excuse in IT to have so many?

There are some promising signs we are coming to our senses in IT. Maybe the credit crunch crisis has some benefit after all? The PMI (member wise one of the largest bodies) is looking over the wall, by participating in Agile2009, presenting at Fusion09 and even attending the Gartner PPM summit. CobIT and ITIL have published guidance on how they best work together. The DSDM Consortium Benelux is now also the Agile Consortium i.o. And a relatively new movement like Lean is bridging the very different worlds (or should we rather say different galaxies) of IT development and IT operations.

Should we, in that case, not also strive for integral certifications, having people with a balanced knowledge across several related topics? The least it would do is cater for shorter business cards (for the few people with more acronyms behind their name than there are letters in the alphabet). 

What Would Such an Integral Certification Look Like?

For sure it would not only include IT subjects. I happened to be one of the first people in Holland to receive a Masters in “Managerial Information Sciences” (BIK) Mind you, this was back in the eighties.  We already had several technical IT studies (like informatics and digital electronics) but this was the first study aimed at managing (and not building) IT. The curriculum was managed by the economic faculty and included subjects like accounting, marketing and production management, but also borrowed heavily from other disciplines like Law (business, international and information law), Informatics (computer sciences, programming, systems theory) and philosophy and psychology. The last two were expected to have a positive impact as IT - and especially IT management - is about people. Being an academic study, any practical skills (like project management) were of course completely absent from the curriculum. 

Needless to say “Managerial Information Sciences” was a varied and interesting study, which delivered generalists.  Not people who do one task particularly well, but people who understand and oversee the big picture and bring the different constituencies together. Basically it prepared me perfectly for the world of Cloud Computing, where technical details and skills become less and less important. Unfortunately this was twenty years before anyone even was using the word Cloud. Don’t worry - I managed to pick up some specific skills (like blogging ;-)) later on.

So You Think You Can Dance?

This brings me to the main question of this blog post, how do you certify that somebody “got it”. In other words, how do you judge whether someone indeed can dance? One thing is sure, you don’t determine it by asking him or her for the definition of the foxtrot’s basic turn or reverse weave. And it is beyond me why anyone would think we should ask for such definitions in an ITIL exam. The true test of good learning is that you can apply it years or even decades later, often in situations you never imagined and to solve problems it never was intended for. That is the difference between learning a trick - like a monkey - and true knowledge: a frame of reference you can apply to different situations.  That’s why the idea of adopt & adapt for any best practice or body of knowledge is so essential.

Globally there are two distinctly different schools of thought around this. One is that you describe the intent, and the receiver makes his own decisions based on what he feels will best accommodate the intent. The other one is that you describe in detail what the receiver is to do or not to do.  An accounting example: European rules say that the financial books should reflect the true state of an organization’s financial situation. While North American rules say “You shall not have special entities” (SOX rule added after Enron) and thy shalled not use Ponzi schemes to pay existing investors using investments from new entrants (expect that rule to be added or at least rephrased soon). Needles to say the second list of rules will be longer, easier to circumvent (if it does not explicitly say it is forbidden, it is allowed) and less effective.

Another example: the early versions of quality standard ISO9000 stated that practices and processes should be documented and people should adhere to these written procedures. So if an organisation wrote down that “whoever picks up the phone decides on discounts”, and people indeed worked that way, then they got an ISO 9000 certification. And if you ever did mandatory computer based ethics training you surely answered  questions like “Accepting gifts is not allowed for legal, compliance and financial reasons.” Name three reasons why you should not accept gifts?” Wow, we became a lot more ethical through that training!

Our IT frameworks and methods are not only too fragmented (as discussed earlier), but somehow they also seem to be becoming more and more mechanical (tricks instead of knowledge). Looking at some of the comments this week on the ITIL V3 refresh (there are hundreds of comments out there) and reading about inconsistencies in definitions which apparently caused people to fail exams (seriously!) ITIL also seems to have fallen into this “tricky” trap. As described earlier, good knowledge in my view is not only adopted but also adapted. Maybe the upcoming refresh can be blessing in disguise, as it can get us back to an adapt approach. After all the best dancers are not the ones that stick to the steps, but the ones that move to the beat.
Share this post:  EmailEmail
ShareShare
Tags: , , , , , , , , , , , , , , , , , ,
Leave a comment

 

By: CA Community
CA Community is the blog manager’s account used to post general updates and news items.
Read More..

ITIL V3 "Makeover" rumors and rumblings!

Published: September 21 2009, 10:02 AM | no comments
by Robert Stroud

I blogged on the ITIL V3 makeover and this week I am at the itSMF USA Fusion09 Convention where there is much buzz and miss information about the "makeover" so let's dispel this week's top 3 rumors!

  1. Service Portfolio Management will be removed! 
    After an exhaustive review of the change log which, by the way is a good read at bedtime if you cannot sleep, it turns out that there are only a few references to the SPM.  It is clear that there will be some better interfacing with the other OGC best practices but don't worry, your SPM journey can safely continue.
  2. Service Strategy (SS) will be totally rewritten.
    NO!  However, industry discussions will continue about how some of the concepts and diagrams in SS need a little work and it is my understanding that these efforts will be undertaken. 
  3. The Change Log is not available to the public.
    This is true only if you don't take the time to register at the "best-management-practice website, and then review the change log.  The Change log is available for review and to register your "request for change."

When I read the change log I found 869 issues for ALL OGC best practice publications, with many already closed and almost half for non-ITIL publications. One change that I think needs to be made: I need to logon and put my change in for the use of the correct version of English in the core volumes which should be Australian English which will require all greetings to be G'Day and all names removed and each person referred to as "mate!"

If you have lost the link to the document released last week "OGC Mandate for Change - Project requirements for an update to the ITIL® core publications" take a look.

PS OGC - Change Request 15 remains open with the references to COBIT in Service Operation being incorrect - please confirm this will be corrected!

Share this post:  EmailEmail
ShareShare
Tags: , , , , , ,
Leave a comment

 

By: Robert Stroud
Robert Stroud serves as VP and as Service Management, Cloud Computing and Governance Evangelist at CA Technologies. Robert also serves as an International vice president of ISACA, is part of the Framework committee and was the former chair of the COBIT Steering Committee. Robert also serves on the itSMF...
Read More..

Governance Without Measurement is a Waste of Time – Deadly Sin Number 3!

Published: September 17 2009, 09:42 AM | 1 Comment(s)
by Robert Stroud

For Deadly Sin 1, click here.
For Deadly Sin 2, click here.  

Recently I was visiting with a financial organization who told me about their governance implementation and the results of a self assessment that they had just undertaken. The organization had been implementing multiple governance processes for some time but until that point had not done an assessment and were not sure of how good or bad the implementation was.  Upon review they found that in some process areas they were at a maturity level of 5 when the organization needed to be a 3, thus dramatically over servicing the domain. In other areas they were a 1 when they need to be a 4 – leaving the organization exposed. The sin being committed was that no one had monitored the implementation or was accountable for the metrics that were now being visualized.

Governance must have a set of processes that provide feedback loops to understand whether the processes status should be represented on a balanced scorecard or on dashboards that show the status of each key performance indicator.

More important than visualizing metrics is that the responsibility for metrics must be allocated and this must account for part of a role or there is no reason to even collect the metrics.

COBIT provides an excellent maturity model for each process allowing you to not only determine your KPI’s but the maturity model allows you to assess where you are and where you need to be!

Share this post:  EmailEmail
ShareShare
Tags: , , , ,
Leave a comment

 

By: Robert Stroud
Robert Stroud serves as VP and as Service Management, Cloud Computing and Governance Evangelist at CA Technologies. Robert also serves as an International vice president of ISACA, is part of the Framework committee and was the former chair of the COBIT Steering Committee. Robert also serves on the itSMF...
Read More..

More Posts Next page »