CA Community

July 2010 - Posts

Now That We Have Talked About IT, Let's Do Something!

Published: July 22 2010, 11:05 AM | no comments
by Steve Romero

I am certain you have attended countless conferences, seminars and presentations. They take up chunks of your precious time. Whether you do so of your own volition or are directed to attend, what is the outcome? What happens when you get back to your office?

I just finished a very long day delivering 4 of my presentations to a company in Hawaii. My voice is toast, but it was well worth it. It was one of the rare opportunities I have to provide more than one of my presentations in a single visit. Most companies look at my abstracts and allocate time for one, or two at the most. They have to choose between "Understanding the Power and Promise of IT Governance," or "Ensuring Enterprise Success with PPM" (my favorite of governance processes), or my "Critical Components of a PMO presentations. On the rarest of occasions they choose the less sexy but monumentally important "Successful Process Management" or "Meaningful Metrics" presentations. And I have recently added a Cloud Computing presentation and business case for PPM presentation which makes their selection even more difficult.

This company chose the ITG, PPM, PMO and Process presentations. It required them to commit an entire day but it would impart a great soup-to-nuts overview for the people chartered with project and program success in their Enterprise. During my PPM presentation, the SVP leading the EPMO stopped me and asked my permission to interrupt the proceedings. I had just covered a slide called the "P's in PPM." The purpose of the slide is to show the relationship between project, program, and portfolio management and to warn audiences of the varying definitions and the potential problems inconsistent interpretations could cause in an organization. I then urge them to adopt and institutionalize definitions based on their own specific business-driven objectives for each.

The SVP wanted me to pause so she could ask the folks in attendance to determine if they indeed had differing views of the terms. I replied I would gladly take a break and I was delighted the slide inspired her query. After about 10 minutes of conversation, those in attendance realized that in fact there were problematic differences of opinions and dissimilar perceptions in the group. The SVP established an action item to use the slide as a basis for continuing the discussion with other members of the organization. She then apologized to me for the interruption.

I profusely insisted her apology was completely unnecessary and I reiterated my joy that the content of my presentation instigated the dialogue. I then shared a story with the group about a CIO who brought me in to deliver my IT Governance presentation to the Business Leadership team at his company. He stopped me after almost every slide so he could share his perspectives with the group and invite their comments. I would talk, he would talk, they would talk - I would talk, he would talk, they would talk. It was great!

During our final break, before I was to conclude the day with my Process presentation, the same SVP shared some thoughts with me. She revealed her hopefulness that her colleagues in attendance would continue the conversations after I was gone. She said it would be a waste if they merely collected their PDUs and did nothing more.

In an instant I could feel myself go from dismay, to frustration to incredulity and I was lucky to hide each emotion. In another instant I composed myself and calmly responded that I would be very disheartened if that was the case. I explained that the one and only purpose of any of my presentations was to provoke people. I told her I wanted to rouse interest, to incite conversation, and to spur action.

Many folks mistakenly characterize what I do as "education." I don't think of myself as an educator. I'm not saying people don't learn anything when they listen to me, but how much can you "teach" someone in a single PowerPoint-driven session?, I would want a semester to teach IT Governance, or PPM, or Process Management. But I don't have the luxury of months, or weeks or days with my audiences. I have to work with the few minutes they grudgingly supply from their hectic schedules.

So what could I possibly do in such a short period of time? I'm optimistic. I believe I can get them started on their IT Governance journey. I believe I can point them in the right direction to master PPM. I believe I can get them to open their eyes to the potential value of a PMO. I believe I can get them to appreciate the essential need to establish process management competency. I also believe I can do these things without them necessarily agreeing with everything I present and I tell them as much.

Every company I visit has had fits and starts and failures with IT Governance, PPM, and PMOs. Every company I visit is all over the map when it comes to these essential business processes, and process management seldom even shows up on the map. There is incredible value in simply getting them on the same page. It may not be the right page, but it will be the same page. In most cases, it replaces a blank sheet of paper. I want my presentations to enable them to start from the same point of reference, take the baton, and run with it.

I want to stimulate my audience.  I want to inspire my audience. I want to enflame my audience. I want to provoke my audience into action. But I will only be successful if they are willing and able to take the next steps. They have to reflect on what I share. They have to read the references I recommend. They have to think and make decisions.

The prospect that some folks might attend my presentation simply to earn PDUs is devastating to me. I said as much to the SVP of the EPMO and I wanted to say it again in my blog. If you ever decide to attend one of my presentations for the sole purpose of earning some PDUs, or getting out of the office for a few hours, or receiving a nice meal, you'll soon find I expect far more from you. And you should expect far more from me.

The only reason we should ever attend a conference, a seminar or a mere presentation is because we expect it to provoke some future action. We can't just talk about it. We have to do something. I suggest anything less is a waste of our precious and irreplaceable time.

Steve Romero, IT Governance Evangelist

Share this post:  
Leave a comment

 

By: Steve Romero
Steve Romero is the IT Governance Evangelist at CA Technologies, Inc. His mission is to help enterprises realize the full potential of their IT investments for strategic and competitive advantage. In this capacity, he acts as a strong advocate for the customer, speaking around the world to users, prospective...
Read More..

Cloud Computing and Governance

Published: July 07 2010, 12:53 AM | no comments
by Steve Romero

My previous post took on the admittedly easy task of simply explaining Cloud Computing. I hope I adequately trounced the misconception that Cloud Computing is complex or confusing or difficult to understand. If so, we can move on to the far sexier topic of what Cloud Computing means to IT Governance and my favorite of governance processes, Project and Portfolio Management (PPM).

I'll get right to the point, I believe IT Governance, and particularly PPM, is even more critical with the advent of Cloud Computing. Before I substantiate this belief, I want to pause and ensure nobody interprets this as me saying, "IT Governance and PPM matter more with the advent of Cloud Computing." I make this distinction due to the aftermath of one of my last posts of 2008. The focus of the article was my contention that IT Governance and PPM are even more critical in a Down Economy. I insisted Enterprises could no longer afford to make the high rate of mistakes historically associated with technology investments. I suggested they did not have the thresholds for failure they have enjoyed in the past. I asserted Enterprises had better make darn sure they were getting optimal value from those few technology initiatives they could afford to undertake. This launched a lot of requests for me to talk about why IT Governance mattered more in a Down Economy.

I shun the contention that IT Governance or PPM matters more in a given situation or under a specific condition. If I do entertain the conversation I potentially open the door to the converse; when the situation changes or the condition no longer exists, then IT Governance matters less. I flatly refuse to engage in those discussions. IT Governance and PPM matter - period. IT Governance and PPM are critical - period. I will only admit that changes in situations or conditions simply influence whether being bad at IT Governance hurts you more or hurts you less.

Now to get back to my original soapbox, I believe that IT Governance and PPM are even more critical with the advent of Cloud Computing. Cloud Computing provides more technology provisioning options and faster provisioning of those options to the business. These attributes of Cloud Computing make it easier and more tempting for the business to bypass IT. A credit card and Internet access is all you need to make an investment in technology. The barriers to entry for new applications and systems are greatly diminished. Businesses will find it easier than ever to provision technology services without the involvement of IT.

Now some of you might be celebrating this, and many would be justified in doing so. But if you are one of those clapping your hands and licking your lips, I suggest you are doing so because your organizations have poor IT Governance.

Enterprises with good IT Governance (or more appropriately, Business Governance of IT) wouldn't even consider bypassing IT. Sound IT Governance fosters a great relationship between IT and the business and at its pinnacle could actually blur the distinction between the two organizations. These Enterprises have the constructs and processes in place to ensure they have the optimal IT Archetype, IT Architecture, IT Infrastructure Strategies, Business Applications and IT Investments. They wouldn't dream of bypassing IT because they depend on the role IT plays in the governance processes required to make, realize, and measure the result of their technology decisions.

Consider the following list of IT Governance processes with notations showing the contribution of each when it comes to making Cloud Computing-related decisions:

  • Integrated Business & IT Planning - Needed to determine Cloud strategic fit
  • Architecture Management - Needed to determine Cloud architectural fit
  • IT Investment Assessment, Prioritization, Funding & Benefits Realization Accountability (PPM) - Needed to ensure Cloud Computing investment decisions are reasoned, rational and deliver appropriate value
  • IT Financial & Resource Allocation - Needed to address and manage the myriad of Cloud-related financial and resource ramifications
  • Project Execution & Decision-making (PMOs/PM) - Needed to manage Cloud-related projects
  • Emerging Technology Evaluation & Adoption - Determines which Cloud service and deployment models to adopt and when to adopt them
  • Client Relationship Management - Liaison between the Cloud User and Cloud Provider
  • Building & Maintaining Applications & Infrastructure - Key in determining when to develop/deploy on premise vs. defer to the Cloud
  • Provisioning of IT Services - Needed to facilitate and manage service provisioning in the Cloud
  • Outsourcing Services - Needed to manage Cloud contracts and manage far more critical SLAs
  • Audit & Risk Management - Needed to address and ensure security and compliance

Organizations adept at these processes know they are essential to making the decisions required to ensure:

  • IT is aligned to the business
  • technology investments deliver appropriate value to the business
  • technology risks are appropriately managed
  • technology resources are appropriately managed
  • technology performance is appropriately managed

Of all the IT Governance processes I list above, Project and Portfolio Management (PPM) is the process I believe most contributes to meeting the above principles of IT Governance. PPM ensures all investments are identified, prioritized, authorized, managed, and controlled to achieve specific strategic business objectives. This includes investments in Cloud Computing.

The bad news is that in my visits to more than 100 companies around the world, I have found most organizations lack adequate PPM capabilities. Technology investment decisions are frequently undisciplined, mismanaged, and too often wrong (50% of the time according to almost every IT Project success rate study over the past 20 years). Poor PPM leaves a huge chasm between the business and IT and many Enterprises will view Cloud Computing as a panacea to this deficiency. They will now be able to go directly to Cloud Providers to make investments in technology. But will those technology investments be aligned with the business? Will they deliver appropriate value? Will they be too risky? Will they make the best use of resources? Will they perform as desired? Will those technology investments be the right decisions?

Enterprises with sound IT Governance and PPM will simply continue to ask and answer each of those critical questions because they have institutionalized processes such as PPM and they have fostered and enabled reasoned and rational decision-making. Cloud Computing becomes just another business technology investment option for the folks who are assigned technology investment decision rights and accountability.

Cloud Computing is in its infancy, but expect it to grow up fast. The potential of Cloud Computing is mind boggling and the technology and business options will increase exponentially. This will necessitate the need for Enterprises to make the right technology investment decisions faster, which will only be achieved through optimized decision-making constructs. For organizations lacking the stellar decision-making capability born of IT Governance and PPM, Cloud Computing could simply mean they'll make their flawed technology investment decisions faster and more frequently.

Enterprises with sound IT Governance will look to the Cloud and imagine one possibility after another. Those without it will likely have IT organizations viewing the Cloud as a tempest and will eventually discover they are ill prepared for the coming storm.

Steve Romero, IT Governance Evangelist

Share this post:  
Leave a comment

 

By: Steve Romero
Steve Romero is the IT Governance Evangelist at CA Technologies, Inc. His mission is to help enterprises realize the full potential of their IT investments for strategic and competitive advantage. In this capacity, he acts as a strong advocate for the customer, speaking around the world to users, prospective...
Read More..

Cloud Computing Simply Explained

Published: July 01 2010, 08:23 AM | 1 Comment(s)
by Steve Romero

Cloud Computing is easily the hottest information technology topic in Enterprises today. Interest and discussion abounds from every imaginable source and from every possible direction. There has been a flurry of theory, fact and fantasy which I don't find surprising. It seems to accompany anything and everything new when it comes to IT. But what I do find surprising is the all too frequent suggestion that Cloud Computing is complex, confusing, or difficult to understand. I beg to differ.

There have been a number of good posts attempting to dispel the notion that the new IT-induced cumulus is nebulous. One of the best is by @PeterKretzman. The post is titled, "Cloud computing: misunderstood, but really not that complicated a concept": http://bit.ly/94JMSe.

I believe Cloud Computing can be explained quite simply. And to prove so I need only reference the great work done by Peter Mell and Tim Grance at the National Institute of Standards and Technology (NIST), "The NIST Definition of Cloud Computing", Version 15, 10-7-09 http://csrc.nist.gov/groups/SNS/cloud-computing/.

First, here is their straightforward definition (and of all the definitions I've seen, it is easily my favorite):

"Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction."

In addition to this great definition of Cloud Computing, you need only remember this: 5-3-4. (Yes, I know that 3-4-5 or 5-4-3 would be easier to recall, but I did not want to change the sequence established at NIST.)

  • 5 Essential Characteristics
  • 3 Service Models
  • 4 Deployment Models

Cloud Computing has 5 essential characteristics. (Note the word, essential. Peter and Tim aren't as iron-fisted, but I insist that if any of these characteristics is missing, it isn't Cloud Computing.)

On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service's provider.

Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).

Resource pooling. The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.

Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.

Measured Service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service.

Cloud Computing is composed of 3 Service Models:

Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.

Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls).

Cloud Computing is composed of 4 Deployment Models:

Private cloud. The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise.

Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise.

Public cloud. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds).

That's it. Notice the lack of techno-speak. Notice the lack of jargon. Notice the lack of hyperbole. Notice how simply Cloud Computing can be explained.

And I admit this post is very simple as well. I only addressed the easiest aspect, the "what" of Cloud Computing. Thank you NIST. For answers to the far more complex questions of the "how-who-when-where-why" of Cloud Computing, you'll need to talk to my compatriots at CA Technologies. I am certain they would love to tackle those more demanding questions with you.

Steve Romero, IT Governance Evangelist

Share this post:  
Leave a comment

 

By: Steve Romero
Steve Romero is the IT Governance Evangelist at CA Technologies, Inc. His mission is to help enterprises realize the full potential of their IT investments for strategic and competitive advantage. In this capacity, he acts as a strong advocate for the customer, speaking around the world to users, prospective...
Read More..

More Posts