Archive for the ‘Compliance’ Category

Nowadays, enterprises are more and more often a result of mixing physical, virtual and cloud environments. And therefore a single point of management is a prerequisite for meeting SLAs and ensuring that business processes crossing platform, application and even physical borders are completed on time.
The funny thing is: as long as we lack visibility we are still thinking in terms of hurdles and obstacles. But at the moment we can manage physical, virtual and even cloud resources and applications from one pane of glass, we can outpace the disruptions and unify multiple jobs into one coherent process flow.

But even then we are not on target. Because at the very moment we achieve this coherence another effect appears – a boosting performance, made out of end-to-end visibility, seamless workload distribution and unprecedented processing power. Having a closer look at these columns of intelligent service automation one might be reminded of another concept – a connection I hit upon by Theo Priestley, an independent analyst and BPM visionary:

“Who remembers SETI@home, the project run by SETI to harness internet connected PC’s across the globe to help analyse signals from space? It was an early and successful attempt at mass distributed (or grid) computing using a small piece of software to use latent CPU cycles on client machines when the screensaver was engaged.

Now jump forward and the question is why hasn’t anyone taken this concept into the enterprise and into the BPM world itself? If you can imagine the many desktops that exist in an organisation sitting fairly idle when they could act as a BPM grid project to;

  • analyse, predict and act upon real-time data,
  • alter business rules on the fly,
  • creating intelligent workflow,
  • perform background simulation and CEP

Why bother with expensive server hardware (and future upgrades etc) when there’s potentially far more power sitting across the organisation not being fully utilised? Are there any examples of this in the BPM industry currently, if so would be good to hear about it.”

Yes Theo, there are examples – potential case studies are queuing up in front of our doors. It seems to me that we randomly adapted this GRID concept to the enterprise. Anyway, technologically we are ready.


Read Full Post »

One of the biggest myths in IT industry is that talking about automation is equivalent to talking about layoffs. This approach may be compelling to IT directors dazzled by the headlights of recession – facing budget pressures and constraints.

It may be compelling but it’s wrong. Because it ignores the fact that the biggest threat to IT budgets is an out-of-control organisation, which Paul Gostick describes as follows: “The staff are overworked, projects don’t get completed on time, security is compromised, audits fail, downtime is frequent, restoration of systems takes longer and longer, there are many middle-of-the-night emergency calls, the budget gets cut, and company executives are researching the benefits of outsourcing IT.”

No wonder that the IT Process Institute (ITPI) calls unplanned, unauthorised work the “silent killer” of IT budgets. This is underlined by Gartner Analyst Daryl Plummer who found many such IT organizations, in which “eight out of every ten dollars spent on IT is … not contributing to growth of business or enhancing competitive advantage … but to keep the lights on.” That’s wasted money. That’s dead money.

Looking ahead with the “headlights of recession” we will find out that change is the only constant. How promising that change, not unplanned work, is also the nature of IT and it is up to IT not to hold onto troubleshooting and firefighting, but to make sure that change is managed and deliberate. Which also means that resource usage is optimized, risk is reduced, processes are transparently monitored and operations run smoothly. This also aligns with the previously mentioned EMA report which emphasizes both the importance AND the danger of always having a red pencil within reach.

Cause if your only tool is a hammer, every problem looks like a nail!

Read Full Post »

You know the Value at Risk (VaR) of your business? Maybe you better don´t! In times were everybody talks about Risk Mismanagement and the wrong dealing with numbers, you should keep in mind that blank statistics will never release you from serious judging. Because „nothing ever happens until it happens for the first time.“

But even if risk management became obsolete in certain circles, the requirements for risk management are still given. This is underscored by the fact that IT management has to increasingly meet compliance, SOX and governance issues. But how you can afford this in times of tightened IT budgets? Think of the effort that is sometimes required just to regularly monitor authorization settings, changes, and transports related to your processes. A study by IDC determined that 60 to 80% of the controls required by SOX are still performed manually, a telling indicator of the tremendous progress needed in this area.

But there is a light on the horizon. And this light is called automation. Even if a closer look reveals that automation will fail to meet expectations as long as it remains piecemeal. Having a script here, a tool there, and a large number of interfaces in the middle will never get you very far and only increase complexity and total risk.

What you need is a holistic view and the right automation strategy to reduce simultaneously the risk of human error and the cost of manual intervention – both in terms of data center operations and IT risk management.

Read Full Post »