governance & management of complex multi-supplier value streams
TRANSCRIPT
Executive Summary
Managing the 21st Century IT organization is a highly complex task. Information
Technology has become deeply entrenched as a critical dependency for many, if not
most business processes across a broad span of industries.
Additionally technology, whether managed directly by the formal IT group or by
technical staff within specialized business units, underpins the critical revenue
streams for an enterprise.
Finally, as we have seen in the last decade or so, managing IT is not limited to
managing only the internal people, process and technologies under the direct control
of the firm. It also includes governance and management of integrated technology
suppliers, which has expanded externally through outsourcing arrangements
including, the extended XaaS (all sorts of things-as-a-service) technology base.
Right now, the IT sector is struggling with complex multi-supplier value streams. This
paper is one of the series that came out of the Pink Think Tank at the 18th Annual
International IT Service Management Conference & Exhibition in February 2014
(“Pink14”).
In support of Pink Elephant’s mission to research, document and promote IT best
practices, Pink14 hosted and sponsored the assembly of a group of thought leaders
to discuss a growing trend and challenge in the IT industry: the Pink Think Tank
(www.linkedin.com/groups?home=&gid=7473572).
The specific challenge that was addressed at Pink14 was the fact that there is an
observable increase in the use of third-party suppliers in the IT value system. The
assembled Think Tank addressed the problem statement: “How do you manage the
current and growing challenge of multi supplier integration?”
There will be discussion of the governance implications of these findings at the 3rd
Annual IT Service Management Leadership Forum, “PinkFORUM14”, in
August 2014 (www.pinkelephant.com/PinkFORUM14) and will feed into another Pink
Think Tank that will convene in 2015 at the 19th Annual International IT Service
Management Conference & Exhibition, “Pink15”, in February 2015
(www.pinkelephant.com/Pink15).
www.pinkelephant.com 2
Executive Summary
Refer to the original white paper, “Managing Complex IT Value Streams” summarizing
the outcomes of the Pink Think Tank, and the second paper, “Integrating Suppliers:
Current State Assessment” which discusses our current challenges.
The purpose of this paper is to look at how we address these challenges: through the
definition of an end-to-end operating model which enables a value stream approach
to IT governance. One critical benefit of this operating model is that it enables the
goals of supplier management and integration.
Jack Probst – Principal Consultant, Pink Elephant
Troy DuMoulin – VP, Research, Innovation & Product
Development, Pink Elephant
Rob England – ITSM Consultant & Commentator
www.pinkelephant.com 3
Table Of Contents
1 Operating Model…………………………..……………................…. 5
2 Value Stream…………………………..……………………….......….. 7
3 Governance………………...……….……………….....................….. 8
4 Suppliers……………………………………..……………….......……. 9
4.1 Strategic Partner…….………………….......……….…………... 9
4.2 Standard……………………...…………………………………….. 9
4.3 Commodity…………..…………………………………………….. 10
5 Supplier Management….…………………………………………….. 11
6 Sourcing.………………….…………………………………………….. 13
7 Operations………………………………………………………..…….. 14
8 Conclusion…...…………………………………………………..…….. 17
9 About Pink Elephant...….…………………………………………….. 18
www.pinkelephant.com 4
1. Operating Model
Effective governance and orchestration of the broader (plan, build, run) IT context
has become increasingly critical to strategic business success. As an organization
considers how to direct and govern this new complex reality, two leadership
challenges come to mind. The first is how will we operate effectively in this new world
and the second is how will we govern those arenas that aren’t directly under direct
control of a firm’s IT management.
Let’s address the first question – how does (or should) IT operate?
Today many IT shops still organize and work based on the hierarchical tradition of
technology specialization within two key domains – applications and infrastructure.
That vertically orientated organizational construct has worked well in the past,
especially in the days of “data processing”. But considering that in today’s business
climate there is a need for an agile and flexible approach to IT, a different construct is
in order, which focuses on the flow of work between practice areas and suppliers.
We are finding that more and more IT organizations are beginning to organize based
on a defined IT Operating Model. And it is the Operating Model that defines not only
internal organizational structures but also how external parties such as suppliers are
engaged and integrated into the overall value stream.
An Operating Model is a logical representation or blueprint of the IT value chain
process architecture, agnostic to existing organizational structure and sourcing
strategies. And the Operating Model provides a strategic process architecture to
support the goals of the IT Governance activities of evaluate, direct and monitor.
An IT Operating Model enables governance objectives through the definition of a
reference model that identifies and defines the major activities, capabilities, process
dependencies and critical success factors required to directly or indirectly convert
customer requirements or requests, into the expected service outcomes and
deliverables.
www.pinkelephant.com 5
An example of a generic IT Operating Model is shown in Figure 1:
Figure 1
This IT Operating Model consists of five integrated domains that address two
concepts that are critical to managing and leading an ITSM organization.
www.pinkelephant.com 6
Customer Engagement
Design/Build/
Test/Deploy
Operations Excellence
Governance
Continual Improvement
Monitoring Reporting
Service/Process Improvement – Efficiency/Effectiveness
Common Process Ownership Priorities/Scheduling
Strategy/Planning Process Governance
Architecture Compliance
Financial
Business Relationship Management Portfolio/Demand Management
Service Definition & Performance “Common Front Door”
Operational Goal: Manage service
operations to maximize customer
outcomes and minimize cost
Operational Goal: Manage the risk and
resources to deliver quality, cost
effective services and service
enhancements
Operational Goal: Understanding
and managing customer needs,
requirements and expectations to
solve business problems and
deliver value
Operational Goal: Provide the Direction
and Oversight for the Operating Model
exercised through plans, standards and
financial management
Manage Operations Eliminate Or Mitigate
Technical Debt “Keep the Lights On”
Operational Goal: Design, Build, Test and
Deploy services or service changes that
meet defined requirements
Service Design Package Release & Deploy
Testing
2. Value Stream
The first concept is the value stream. Value is created for the customer through a
logical sequence of activities that translate customer need into operational reality.
These activities are called value domains and they are:
• Customer Engagement (The Funnel) – Establishes a strong relationship with
the business and understanding the current and future business needs,
captures requirements that serve as an intake for IT “work” (business projects,
IT foundational projects, and changes or requests). This domain also sets
portfolio priorities for that work, and releases work into in the development or
project management capabilities of the value stream production capability or the
“Factory”
• Design/Build/Test/Deploy (Factory) – Funded and/or approved work is
transferred into the “Factory” where customer requirements are translated into
designs that are then built, tested and deployed into production in an efficient
manner. The key here is that deployed services meet customer expectations
and the deployed service does not add to the “technical debt” of the operating
environment
• Operations Excellence – It is only after services are deployed into the
operational environment that customer value is truly achieved. And considering
that more than 90% of a service’s life is spent in Operations, management of
Operations must be resource-efficient and requirements-effective
www.pinkelephant.com 7
3. Governance
The second Operating Model concept is the governance of the value stream.
Governance engages a number of critical decision-making practices all targeted at
directing, monitoring, and evaluating the capability of the current value stream, the
service portfolio and the dynamics of ongoing customer
demand to assure that corporate goals are met. Included
in governance are two domains:
• IT Governance – Provides a home for critical IT
management functions and processes such as
Strategy, Architecture, Security, PMO, Finance and
the like. These processes underpin the basic
governance tenets of direct, monitor, and evaluate.
• Continual Improvement – The efficacy of the value
stream is under continual stress due to changes in
customer service demand, changes in personnel,
technologies, development or operational
methodologies and so forth. Continual Improvement
provides the other domains with critical capabilities
focused on the Monitor and Evaluate governance
elements. Continual Improvement provides what
might be called the “disinterested” third-party reality
check of how well the rest of the organization is
working and delivering customer value.
www.pinkelephant.com 8
Governance engages a number of
critical decision-making practices
all targeted at directing,
monitoring, and evaluating the
capability of the current value
stream, the service portfolio and
the dynamics of ongoing customer
demand to assure that corporate
goals are met.
”
“
4. Suppliers
Managing the value stream can be a challenge if the IT shop is only engaging
internal or company resources. However given the realities of today’s business
climate, one must also consider how external parties such as suppliers or technology
service providers would be integrated into the overall Operating Model.
In order to address how they will be engaged, one first must understand that the level
and formality of supplier integration will be dictated based on a supplier classification
schema that is based on the nature of their relationship within the IT value stream.
There are three classes of suppliers defined by their status of their engagement to or
relationship with IT and IT leadership:
4.1 Strategic Partner
This is a unique class of supplier that is considered critical to the long-term success
of IT and participates in a quasi-leadership role. This category of supplier has an in-
depth understanding of the intricacies of their customer’s service portfolio and how
the portfolio is consumed by the business as well as the details of the IT Operating
Model. Strategic partners typically will provide advice and counsel across the value
stream, especially for customer engagement; but they also provide significant (or all
of the) resources for the Factory and/or Operations. Strategic partners play a
substantial role in governance, adding knowledge for strategy development, guidance
on architecture and security, and knowledge or resources to support continual
improvement. Although there is a contract in place that governs the terms and
conditions of the relationship, the deep and dynamic working relationship between
the supplier and IT leadership does more to define the engagement than the
contract. Terminating this level of relationship is not without considerable effort
especially as losing the supplier means losing a significant mindshare within the
organization.
4.2 Standard
This class of supplier is engaged to provide targeted resources or capabilities at
unique points throughout the Operating Model. The “rules of engagement” are
www.pinkelephant.com 9
defined exclusively by the contract. Standard suppliers will typically be associated
with work in the value stream specifically in the “Factory” and Operations. It is not
uncommon that entire elements or technologies of these domains may be contracted
to the standard supplier. This supplier class is judged on the basis of the contract and
defined performance levels. Contracts can typically be competitive in nature but it is
not uncommon that the lowest bid does not “win” a standard contract. Instead IT
leadership may take into consideration supplier experience and expertise when
assessing a supplier’s bid. The term of the supplier relationship is typically dictated
by the contract. The value of the supplier is judged on the
basis of contract performance. Terminating this
relationship is not without some challenges depending on
how deeply entrenched the supplier processes and
practices are within the value stream and whether the
client will face difficulty in transferring that skill set
internally or to another supplier.
4.3 Commodity
As is the case with standard suppliers, this class of
supplier is engaged for point solutions. However the basis
for this relationship is almost exclusively the price – the
skill, capabilities or talents provided by this class is ubiquitous
across the supplier “universe”. Typically these commodity
suppliers are engaged to provide unique capabilities that
may be of a short duration and can be focused on almost
any Operating Model domain. The relationship of the
supplier to the client is governed by the terms of the
contract, and commodity suppliers can be engaged and
terminated relatively easily and without significant hardship to IT.
Establishing a supplier classification schema and subsequent supplier integration
requirements is a key deliverable of the Supplier Management practice in support of
the overall IT governance policies and strategic objectives.
www.pinkelephant.com 10
Establishing a supplier
classification schema and
subsequent supplier integration
requirements is a key deliverable
of the Supplier Management
practice in support of the overall
IT governance policies and
strategic objectives.
”
“
5 Supplier Management
Supplier Management is a specific practice and function within the operating model
that deals with the sourcing, and management of relationships with external
suppliers: product vendors, service providers, outsourcers, contractors, and so on. It
should be understood that Supplier Management is both a planning and ongoing
management practice, which is separate and distinct from the financial procurement
and tender support processes.
It is not unusual for Supplier Management to be treated as a secondary process
within IT, an administrative activity of lesser importance than some of the other
processes.
However, as we have discussed the importance of
Supplier Management is increasing as we move to more
complex externally-sourced value-streams. It is essential
that this commonly undervalued practice area be treated
as a core competency of the service aggregator.
Whilst it is highly likely that the wider business
organization has a Supplier Management function
responsible for overseeing business process and service
outsourcing, the outsourced IT elements often fall outside
of the governance of the parent function. As is the case
of Business Continuity Planning (BCP) and its IT
counterpart of IT Service Continuity Management
(ITSCM) the practices and function of IT Supplier
Management should operate as a specialist subset of the
overall business function, dealing only with the
peculiarities of IT suppliers and leaving as much as
possible to be performed by the organizational function.
In this paper, we only address some of the core points of Supplier Management as
they relate to the topic of governance of value streams. Supplier Management is
described in the ITIL® 2011 Service Design book, and described in more detail in the
www.pinkelephant.com 11
Supplier Management is a specific
practice and function within the
operating model that deals with
the sourcing, and management of
relationships with external
suppliers.
”
“
COBIT® book Vendor Management Using COBIT 5. There is also a significant
amount of information in ITIL Service Strategy which is often overlooked, under “3.3
Service providers”, “3.6 Service economics”, and “3.7 Sourcing strategy”.
Enthusiastic readers may like to also seek out the original ITIL book Managing
Supplier Relationships: you will be amazed at how little has changed since 1993.
There is even a body of knowledge intended specifically to describe the practices of
service providers and their customers, called e-SCM. There are two works: e-SCM-
SP for the suppliers and e-SCM-CL for their “clients” www.itsqc.org/models/escm-sp.
e-SCM is a product of Carnegie Mellon University (as is the Capability Maturity
Model, CMMI).
As a planning practice area Supplier Management should take a strategic approach
to supporting the full lifecycle of identifying, assessing, procuring and managing
suppliers according to an organizational policy in alignment with the organizational
strategy and plans. Suppliers should be profiled and prioritized so that effort is
focused on those suppliers where:
• Supplier’s role is important
• Supplier is embedded, difficult to shift to another
• Impact is high (positive and negative)
• Data is important
• Cost is high
• Interaction is frequent or complex
www.pinkelephant.com 12
6. Sourcing
The decision to source a capability externally is a complex one, with a number of
non-obvious considerations. For example, immediate costs savings may not yield
any benefit to the sourcing organization if competitive pressures force all the savings
to be passed on to the customer, i.e. if there is no “value capture” from the
outsourcing. A great deal of consideration, research, governance, due diligence, and
expertise should go into sourcing decisions.
Successful external sourcing depends on clear definition of requirements, and that is
only possible with a clear understanding of how the service currently works. In
addition, many believe that you should not outsource anything to a supplier which
doesn’t already work properly ‒ that outsourcing a mess won’t fix it. For others, this is
precisely the intent of outsourcing; to get it fixed by a supplier expert in that area.
Service Level Agreements (SLAs) with suppliers are called Underpinning Contracts
(UCs) by ITIL, when seen from the aggregator’s point of
view. From the supplier’s point of view they are simply an
SLA. One of the fundamental principles of SLAs is that
your SLAs to your customers should align with your UCs
with your suppliers: don’t commit to a service to your
customers that your suppliers aren’t committed to deliver.
There is an anti-SLA school of thought, but it is generally
advisable that SLAs be formalized and that they form part
of the legal contract to make them enforceable.
www.pinkelephant.com 13
Successful external sourcing
depends on clear definition of
requirements, and that is only
possible with a clear
understanding of how the service
currently works.
”
“
7. Operations
Operationally there are several main activities of Supplier Management once a
relationship is in place:
www.pinkelephant.com 14
Governance • Accepting direction from governance
functions; providing monitoring information to
governors; and offering decisions and
proposals for evaluation
• Classification of suppliers is based on value
and risk to determine integration requirements
with enterprise management practices and
other service providers
Relationship Management Guide the outcomes towards the planned goals
Service Level Management Reporting service performance against agreed
SLAs, and taking action to deal with deviations
Contract Management • Working with internal Service Owners to
establish requirements and supplier
measurement
• Ongoing tracking, negotiation and
modification of the contract to meet the needs
of the relationship
Financial Management Dealing with payments, penalties/credits, and
cost tracking/control
Risk Management Compliance and audit; problem management;
continuity planning; and other risk monitoring
and mitigation
An effective relationship interface (engagement model) is essential to successful
Supplier Management. The service aggregator organization must interface ‒
“interlock” processes ‒ with a supplier on the following levels:
Supplier Management interfaces with a number of other stakeholders within the
organization as well:
• Executive management and governors
• Business service owners
• IT leadership
• IT service owners
• Risk, compliance and audit
• Legal
www.pinkelephant.com 15
Executive Agreeing the formation of the relationship;
strategy, policy and governance
Account Financial, contractual, and performance
management of the relationship, with a
supplier’s Account Manager
Operational Day-to-day management of activities and
processes by the Service Owner and
process owners, with the supplier’s
Service Manager
Support Interfacing with the supplier’s Service
Desk, usually on a desk-to-desk model;
as well as incident, request, access, and
problem process interlocks
Change Change process interlocks for supplier
changes, service customer changes, and
changes requested by the service
aggregator. This includes establishment
transition of the supplier; operational
changes; and project change
• Security
• Personnel/HR
• Procurement
The interaction between Supplier Management and procurement is sometimes
problematic. Many organizations with a lower maturity of understanding of this
practice confuse Supplier Management with IT Procurement which is a financial
practice focused primarily on the acquisition and contracting element of the supplier
relationship lifecycle. This lack of understanding frequently fails to address many of
the critical success factors listed in the above table causing issues related to
requirements definition, communication, operating model integration and failed
delivery of the proposed value proposition.
A confusion of Supplier Management with Financial Procurement and contracting
processes has frequently been seen in IT organizations which have a high degree of
focus on project and development practices, but struggle with effective IT Service
Management process execution. This is often due to the fact that external
tenders/requests for proposal processes resulting in the selection of a supplier are
handled as transactional projects. Little thought is given to integrating the supplier
into the existing management practices and how the suppliers will be measured for
success beyond basic SLAs.
As we have identified in our findings from the Pink Think Tank on the complexities of
multi-supplier value streams, Supplier Management is becoming an ever-more
important practice within IT management. Not only does its priority rise, but it must
play a more integral part in the overall operating model. It must be better linked in
with the other “moving parts” of IT management.
www.pinkelephant.com 16
8. Conclusion
When we gain an understanding of the organizational Operating Model ‒ how we
govern it, how it manages the value stream, and specifically how we manage
suppliers through the Supplier Management practice ‒ we gain control over the
complexity of the multi-supplier value stream. We are then able to continually
improve it to protect the organization’s services and optimize the value returned from
our Information Technology.
www.pinkelephant.com 17
Pink Elephant – World Leaders In Transforming IT Services www.pinkelephant.com © Pink Elephant Inc., 2014. The contents of this case study are licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Content must be attributed to "© Copyright Pink Elephant Inc.". Pink Elephant and its logo, PinkVERIFY, PinkSCAN, PinkATLAS, and PinkREADY are either trade marks or registered trademarks of Pink Elephant Inc.. ITIL® is a registered trade mark of AXELOS Limited. COBIT® 5 is a registered trademark of ISACA®.
Pink Elephant, 5575 North Service Road, Suite 200, Burlington, Ontario, Canada L7L 6M1 Tel: 1-888-273-PINK Fax: 905-331-5070
Worldwide Locations: Africa Asia Australia New Zealand Canada Europe Mexico Middle East USA
9. ABOUT PINK ELEPHANT Pink Elephant is proud to be celebrating 20 years of ITIL experience – more than any other
supplier. Operating through many offices across the globe, the company is the world’s #1
supplier of ITIL and ITSM conferences, education and consulting services. To date, more than
350,000 IT professionals have benefited from Pink Elephant’s expertise. Pink Elephant has
been championing the growth of ITIL worldwide since its inception in 1989, and was selected
as an international expert to contribute to the ITIL V3 project as authors of V3’s Continual
Service Improvement book and through representation on the International Exam Panel. For
more information, please visit www.pinkelephant.com.
Service Lines
Pink Elephant’s service lines each provide different, but complementary business solutions:
PinkCONSULTING: Using the ITIL best practices approach as a springboard, Pink Elephant
provides end-to-end solutions – from assessments, to strategic planning to implementation,
continuous improvement and beyond. Experienced consultants work hand-in-hand with
customers every step of the way
PinkONLINE: Use Pink Elephant's online ITIL Implementation Tool Kit and gain access to
various services that support a service management improvement program, including
PinkATLAS, containing over 1,000 process deployment documents
PinkEDUCATION: Pink Elephant is the most prolific creator and widespread distributor of ITIL
training, and leads the way with education based ITIL V3’s service lifecycle approach. Pink is
internationally accredited with EXIN, APMG and PEOPLECERT, independent examination
institutes that manage the ITIL certification program. The Project Management Institute (PMI)
has also recognized Pink as a Registered Education Provider
PinkCONFERENCES: Pink Elephant is the world’s largest producer of ITSM conferences and
delivers several major events per year to thousands of IT professionals