SCENE 3, MIDMORNING, FADE IN:
IT sits down on the couch. Shaking its head from side to side.
IT: I really thought we had already solved this problem.
Doctor: Is it something that I am familiar with?
IT: We spoke about it before. I’m back in the doghouse. The business is still flirting with the idea of leaving me for a sexier, slimmer, IT alternative.
Doctor: Let’s dig in a bit deeper. Has the business told you why they want to leave?
IT: Apparently, I’m a jerk. (IT chuckles in disbelief.) According to the business I can be insensitive and apparently I don’t say what they want to hear.
Doctor: Do you know what they want you to say?
IT: See that’s the thing, I can’t read their mind – but they expect me to. What they want to hear changes depending on the situation. I just can’t figure it out.
Doctor: Yeah, I understand that. It sounds like we should discuss the art of “situational awareness.”
IT: Situational Awareness? Isn’t that for military operations?
Doctor: I guess it can be, but it is really about making better decisions based on the current environment.
IT: Like knowing when to address someone or something you know is wrong. Sometimes it’s better to just leave it alone.
Doctor: Yeah, that’s it.
IT: It sounds like we need to dig deeper into how I can get better situational awareness.
END OF SCENE 3
IT’s FOUR LETTER WORD
While ITIL has done great things for many organizations, large numbers of organizations built CMDBs because “ITIL said so.”
Today with all of the requirements CIO’s and IT departments have on them a CMDB/CMS is no longer an option, it is imperative. A clear strategy is important to realizing the value of the CMDB and ultimately cross over the chasm to incredible value. That strategy needs to include how the CMDB is used as the foundation for application aware analytics.
THE FOUNDATION OF ANALYTICS
To compete in today’s market, both internal and external IT needs to drive towards systems that are controlled, standardized, and understood. The challenge is exacerbated by some systems becoming simpler, like HP’s Data Center in a Box – HP Moonshot, and some systems becoming more complex like IT Business Continuity. What is the quickest way for most organizations to gain control of their heterogeneous environments? You guessed it, the CMS (and automated discovery.)
In IT, without automated discovery, providing actionable (change) analytics is not possible. There is no place that “garbage in, garbage out” is more relevant than in data analysis. It may seem rudimentary, but correct, accurate, and complete data is needed to analyze data trends and make decisions about business tasks – and that’s where discovery comes in.
MAKING BETTER DECISIONS – Situational Awareness
Making better decisions starts with having better data. In my last blog post I talked about how we used discovery to identify change risk. Let me explain how tools designed to manage and control change, such as HP Release Control – part of HP’s IT Change Management Suite – provide the “situational awareness” needed to make good decisions. HP Release Control analyzes configuration and change data from the CMS and then maps it to Requests for Changes (RFC’s) coming from BMC’s Remedy, ITSM or other Service Desk. This mapping takes Configuration Items (CI’s) that were identified or attached to the RFC and looks them up in the CMS for change collisions, dependencies, properties, etc. This application level mapping provides a detailed overview of the CI’s that are impacted as part of the change. Truly objective risk calculations can be made to determine the real change risk.
In other words, with these tools you are able to identify the true risk of a change and therefore either work to reduce the risk or determine the level of scrutiny to apply during the change management process.
REDUCE CHANGE RISK
Once an organization can make better decisions about changes, they can then turn to reducing the cost of those changes in a significant and automated way. The main steps to get there are as follows:
1. Adopt Change Management – Defined by ITIL. This is the process of organizational change. Typically the CAB is enacted and RFC’s are implemented.
2. Leverage Change Control – Mostly not defined by ITIL, this level of maturity helps organizations make better decisions about change by identifying collisions, impact and objective risk. The organization also starts to understand all aspects of change including collisions and unauthorized changes. The Change Management process is also streamlined providing new ways to interact reducing the cost for managing change.
3. Automate Low Risk Changes – Changes with a Low Objective Risk are scheduled for automation, reducing the cost for managing change. Automated change remediation can also be a focus for this phase ensuring that system maintains the highest level of up-time when incidents occur.
The decision making “situational awareness” that we have been talking about is the foundation for Automating Low Risk Changes and therefore significantly reducing the cost of change. The bridge to these savings is Intact’s Visible Impact Solution. An overview of the solution can be seen here.
In my next and last blog post on this topic, I will focus on ways to communicate the risk throughout the organization as well as how to better put controls in place to control IT changes.