Sunday, March 29, 2009

Not getting job interviews

This is a side topic that has nothing to do with Business or IT and its projects, processes or risks but this will focus on your personal job seeking process and we will try to put some optimization to this very important goal.

Here are few high levels points that you should consider before starting to find a job;

Your resume should be so good that, it should be hard for people to not to call you.

Now the question is how can you draft a resume that will catch recruiter or employers attention.

I understand and the recruiter understand that you have done so many good things in your professional life that you want to provide as much information as you can but one thing that you are forgetting is that recruiter or employer does not have time to go through your resume in detail. It is actually the first or sometime first half of the page that will either get you an interview or your resume will become part of the other 99% of the resumes that gets archived for maybe next time. You want to be part of 1% not 99%.

Resume Template

For any further help please contact ITILSME@Gmail.com

To master the art of job interviewing, please contact via email or through my website.

Thursday, March 26, 2009

IT Governance Assessment

Holistic Approach to IS Governance Assessments

In the 80s and 90s, most people that were implementing process improvement efforts were using the reengineering approach. It is also an approach that is still used by various consultants and vendors today. Basically, reengineering implies that a consultant or process owner engages a team in the following way:

1. Stating that their processes are neither optimized nor efficient.
2. Informing the team that standardized processes should be used instead.
3. Plugging the standardized process in to the team environment.
4. Leaving the team with the expectation that the standardized process would now be

followed with increased efficiency.

Process improvement efforts conducted in this way clearly showed that the reengineering approached failed. In fact, the plug and play process efforts only succeeded 50% of the time. These projects failed because they assumed that every organization had the same pain points and goals.

It was overly focused on standardization and one-size-fits-all solutions. As a result, processes failed to evolve flexibly as customers' needs became more differentiated and their expectations grew. Moreover, the last round of adopt only efforts failed to take sufficient account of the organizational and people factors that lead to true behavioral change. While processes were reshaped, accountability was not institutionalized. There was plenty of talk about process owners and cascading change, but decision rights, coordination mechanisms, governance structures, and other organizational elements were not explicitly addressed until later - if at all. Process efficiency trumped organization alignment. Consequently, the substantial savings often quickly dissipated.

A more diverse approach to process redesign was needed.

The IT Governance processes that can be purchased and adopted should be considered as a starting point - not an end. Every company, organization, or team can benefit greatly from leveraging existing process frameworks. The key is leveraging, not just adopting. Consultant or a Subject Matter Expert (SME) inevitably has unique core values, business rules, and constraints that beg for a variation from the standardized process in parts of the framework. This is where an assessment is most helpful and an organized change management effort is important. Before you begin adopting the standardized process, learn where you need to massage the framework to meet your unique needs. The initial analysis will help you discover gaps before you begin adopting something that doesn't work for your organization. Then, plan a change management cycle that is the appropriate pace for your needs.

To this end, the consulting team should conduct interviews, meetings, and correspondence with client's management and key staff members to ascertain:

Current Workflows
Current Pain-points
Current Technologies, Applications and Components
Current Constraints and Guidelines


Now the consultant should compare his/her finding against the several guidelines to identify the weak spots in the existing model.

Following are some of the key model and frameworks that are being used to assess any IT departments for compliance and risk management.

  • ITIL

  • COBIT

  • SOX

  • COSO

  • CMMI

ITIL: Is a framework that aligns IT with Business, establish Key Performance Mertics, define and assign Roles & responsibilities.

COBIT: Define Control Objectives for Business related IT organization.

SOX: It makes senior managemnt accountable for implementing controls for all financial reporting systems

COSO: The COSO framework defines internal control as a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

  • Effectiveness and efficiency of operations
  • Reliability of financial reporting
  • Compliance with applicable laws and regulations.

CMMI: All CMMI models contain multiple Process Areas (PAs). A PA has 1 to 4 goals, and each goal is comprised of practices. These goals and practices are called specific goals and practices, as they describe activities that are specific to a single process area.

With all the information listed above and clear picture of your "desired state" a gap analysis can easily be conducted with all this in-hand, a solution road map can be derived.

If you are interested in any of my blogs, please contact me via contact information provided in this blog or visit my website http://www.statera.com

Wednesday, March 25, 2009

Preparing a company for an ITIL audit

For my current client I came onboard to do some technical documentation - they were being audited by Cisco as they had applied for Gold and Managed Service Partnership status with them.

After joining them I realized many members of their staff were ITIL certified but when it comes to practical use or application they needed some serious help.

They had applied for Managed Service status in the following disciplines;
  1. Incident Management
  2. Problem Management
  3. Change and Release Management
  4. Configuration Management
  5. Capacity Management
  6. Performance & Availability Management
  7. Security Management
  8. Knowledge Management
  9. IT Service Continuity Management

And Cisco would audit them in above disciplines using ITIL best practices framework. They had done some work in Incident and Change but required some major overhaul and they needed someone to come and start the initiative from the scratch.

My biggest challenge was to where to begin?

My initial starting point was to conduct a quick assessment of their documentation and their processes as that gave me a good feel what I am dealing with.

I gave my initial assessment to my client and explained them that this is going to be more than a standard documentation engagement as they need some training, current process mapping and then we will compare current processes with ITL best practices model as that will give an accurate picture of where the gaps are and based upon that we will mutually decide on our solution road map. They realized the importance of what needs to be done and they gave me a green light to go ahead with the plan.

My game plan was to start with the two documentations they already had; Incident and Problem Management. I started by training the relevant staff in these two disciplines, while I was training them I was also inquiring them about their current practices, this gave me a short-cut to gaps documentation.

This made me and my client realize that what they have documented versus what they practice are two poles apart, therefore we started to align are documentation with our practices. This gave us an opportunity to adopt few good practices while letting go bad habbits. Our initial focus was to make each discipline/practice have some degree of accountability also to develop right metrics to gauge are activities. This gave us an opportunity to define some baseline values and criteria to benchmark our progress.

Covering Incident and Problem Management were easy to consider them ready for the audit now came Change and Release Management on which no previous documentation was done. In this case it was bit unique as my client is a Managed Service provider. They manage network, infrastruce and telephone networks for different clients all over the world, so in this case Changes come as a result of any one or combination of scenarios; Request by Customer, underlying root cause of the problem, business policy, technological changes, regulatory requirements, multiple incidents and many more but in any case the Change Advisory Board reside with customer not them while they did execution of the change - Release part.

We started with training internal staff on Change and Release while training we developed our internal change and release policies by marrying our practices, and ITIL best practices framework tharesulted in the templates for these two disciplines. We adopted Release model as our new guideline whilst we made our customers bind by our new change model into their standard practice.

Similar approach was taken to address remaining areas. To find more about our solution approach please contact us via contact information provided in this blog post.

To find out how we can improve effeiciencies into your system please goto: http://www.statera.com