Friday, August 21, 2009

How Mature Is Your Identity Management Program?

Identity Management maturity can be defined by 4 levels that include aspects of people, process, and technology. Because of this, moving along the continuum requires the commitment of senior leadership to support the organizational changes required. The following presentation summarizes the framework for determining maturity and provides suggestions for advancing between levels.

Thursday, August 20, 2009

Stop Wasting Money Writing System Requirements

IT has long been looked to as the technical solution providers for business problems. But the assumption that often is made is that the business problem is already well understood and the business processes that drive the technical requirements are someone. I continually run into the situation where a team is beginning the business requirements definition effort and developing system Use Cases only to discover it's not that straightforward. The entire business process that the technology will support has not been thought through and there are gaps in knowledge around some areas of the business process. How can this be addressed before valuable time and money are wasted spinning on requirements? Here are a few suggestions:

Every IT project should start with business process definition. It's no longer IT's responsibility to only handle the system requirements definition side of the equation. Start thinking in terms of process steps, roles, and responsibilities. Once these are defined the role of the system and how it should behave becomes more clear. The same skill set that it takes to identify system requirements is highly transferable to defining business process. Stakeholder engagement, meeting facilitation, communication skills, clear concise documentation abilities are all the qualities of solid business AND process analyst.

Run an agile project. By adopting the basic principles and philosophy of the agile scrum framework your team can get to "doing" faster with "just enough" documentation in place to make it productive. Once the business process is well understood, create a backlog with the goals the system should allow each type of system user to achieve. Define requirements in more detail as part of each development sprint. Start the sprint with a few upfront requirements tasks then continue to refine the requirements as a team through the build-demo-adapt process. The role of the BA in the demo meetings is to capture requirements and decisions made. By the end of each sprint you can have a requirements document that matches exactly what was built. This avoids spending months in lengthy requirements gathering sessions trying to predict in excruciating detail today how you want the system to work a few months from now.

These are a few ideas that have worked well on my projects. Join the conversation! What are you doing that's worked well(or not so well)?

Wednesday, August 12, 2009

SaaS - Making the Right Choice for Your Company

Software as a Service (SaaS) is gaining more ground as a viable option for addressing IT needs in all sizes of companies. No longer looked at by only SMBs as the low cost alternative to expensive custom software solutions. Before you jump into a SaaS solution, it's important to do your homework, both on the SaaS provider and within your own company. Here are a few things to consider:

Know what SaaS is (and is not)
In basic terms, SaaS is subscription based software accessible over a network (i.e. the Internet). The SaaS vendor assumes maintenance responsible for all hardware and software components. The obvious benefit is that a company or subscriber gets the functionality they need without the IT overhead associated with an in-house application - hardware costs and maintenance, software support. The downside is that the customer does loose some control. As a customer you may be limited to the customization options available within the base software solution. You also need to be aware about how your data is stored and how accessible it is to you.

The SaaS Vendor's Maturity
In a recent Forrester research report, SaaS vendor maturity can be defined as:

  • Level 0: Outsourcing is not SaaS. In outsourcing, a service provider operates a major application or a unique application landscape for a large enterprise customer. As the outsourcing company can't leverage this application for a second customer, outsourcing does not qualify as SaaS.

  • Level 1: Manual ASP business models target midsize companies. At level 1, a hosting provider runs packaged applications like SAP's ERP 6.0, which require significant IT skills, for multiple midsize enterprises. Usually, each client has a dedicated server running its instance of the application and is able to customize the installation in the same way as self-hosted applications.

  • Level 2: Industrial ASPs cut the operating costs of packaged applications to a minimum. At level 2, an ASP uses sophisticated IT management software to provide identical software packages with customer-specific configurations to many SMB customers. However, the software package is still the same software that was originally created for self-hosted deployment.

  • Level 3: Single-app SaaS is an alternative to traditional packaged applications. At level 3, software vendors create new generations of business applications that have SaaS capabilities built in. Web-based user interface (UI) concepts and the ability to serve a huge number of tenants with one, scaleable infrastructure are typical characteristics. Customization is restricted to configuration. Single-app SaaS adoption thus focuses on SMBs.'s CRM application initially entered the market at this level.

  • Level 4: Business-domain SaaS provides all the applications for an entire business domain. At level 4, an advanced SaaS vendor provides not only a well-defined business application but also a platform for additional business logic. This complements the original single application of the previous level with third-party packaged SaaS solutions and even custom extensions. The model even satisfies the requirements of large enterprises, which can migrate a complete business domain like "customer care" toward SaaS.

  • Level 5: Dynamic Business Apps-as-a-service is the visionary target. Forrester's Dynamic Business Application imperative embraces a new paradigm of application development: "design for people, build for change." At level 5, advanced SaaS vendors coming from level 4 will provide a comprehensive application and integration platform on demand, which they will prepopulate with business applications or business services. They can compose tenant-specific and even user-specific business applications on various levels. The resulting process agility will attract everyone, including large enterprise customers.
Your Requirements:
How flexible are they? Do you know what your must-haves are? The benefits of many SaaS options can also be a drawback if you haven't taken the time figure out what you are really looking for. There are often limited customization abilities and some of your business processes may require specialized features/functionality. Make sure your business process is well defined and understoond before looking at vendors. Regardless of how flexible your business process is there are always a few requirements that must be met.

Vendor Evaluation Criteria:
Give careful thought to the specifics you will rate a SaaS vendor against. Categories that should be part of any SaaS vendor evaluation include (but are not limited to):
  1. Price

  2. Alignment with functional requirements and business process requirements

  3. Useability

  4. Technical Requirements such as
    –Data Storage and Accessibility
    –Disaster Recovery
    –Custom Reporting

  5. Support SLAs

  6. Professional Services

  7. Vendor Viability

  8. Regulatory Compliance
Before you make an investment in a SaaS solution, do your homework and take the time to internally discuss what your must-haves are. Having a clear idea of the business problems a SaaS solution should address will make the selection process more clear.

I'd love to add to this list of SaaS vendor considerations. What was helpful in your SaaS vendor evaluation?