Home > Blogs > VMware Accelerate Advisory Services

Software Defined Networking for IT Leaders – 5 Steps to Getting Started

Reg Lo By Reg Lo

In Part 1 of “Software Defined Networking (SDN) for IT Leaders”, micro-segmentation was described as one of the most popular use-cases for SDN.  With the increased focus on security, due to growing number of brand-damaging cyber attacks, micro-segmentation provides a way to easily and cost-effectively firewall each application, preventing attackers from gaining easy access across your data center once they penetrate the perimeter defense.

This article describes how to get started with micro-segmentation. Micro-segmentation is a great place to start for SDN because you don’t need to make any changes to the existing physical network, i.e. it is a layer of protection that sits on top of the existing network.  You can also approach micro-segmentation incrementally, i.e. protect a few critical applications at a time and avoid boiling the ocean.  It’s a straightforward to dip your toe into SDN.

5 Simple Steps to Get Started:

  1. Software Defined Networking ProcessIdentify the top 10 critical apps. These applications may contain confidential information, may need to be regulatory compliant, or they may be mission critical to the business.
  2. Identify the location of these apps in the data center. For example, what are the VM names or are the app servers all connect to the same virtual switch.
  3. Create a security group for each app. You can also define generic groups like “all web servers” and setup firewall rules such as no communication between web servers.
  4. Using SDN, define a firewall rule for each security group that allows any-to-any traffic. The purpose of this rule is to trigger logging of all network traffic to observe the normal patterns of activity.  At this point, we are not restricting any network communications.
  5. Inspect the logs and define the security policy. The amount of time that needs to elapse before inspecting the logs is application dependent.  Some applications will expose all their various network connections within 24 hours.  Other applications, like financial apps, may only expose specific system integration during end-of-quarter processing.  Once you identify the normal network traffic patterns, you can update the any-to-any firewall rule to only allow legitimate connections.

Once you have completed these 5 steps, repeat them for the next 10 most critical apps, incrementally working your way through the data center.

In Part 3 for Software Defined Networking for IT Leaders, we will discuss the other popular starting point or use case: automating network provisioning to improve time-to-market and reduce costs.

Reg Lo is the Director of VMware Accelerate Advisory Services and is based in San Diego, CA.  You can connect with him on LinkedIn.

From CIO to CEO: Shaping Your ITaaS Transformation Approach

Jason StevensonBy Jason A. Stevenson

In this CIO to CEO series we’ve discussed how to run, organize, and finance an ITaaS provider. In this blog, we will discuss how to approach the ITaaS transformation to gain the most value.

Barriers to Success

Transforming a traditional IT organization to be a private cloud provider and/or public cloud broker using ITaaS contradicts many basic human behaviors. To undergo a transformation we must convince ourselves to:

  • Put other people first; specifically customers paying for the service and users receiving the service.
  • Place ourselves in a service role from the very top of the IT organization to the very bottom and allow ourselves to be subservient to others.
  • Give up the notion of self-importance and recognize each and every person plays an equal role in the chain when delivering an end-to-end service and accept a fair amount of automation of what we do on a regular basis.
  • Redistribute control from individuals to processes that leverage group intelligence and center authority within service ownership and lifecycle.
  • Become truly accountable for our role in service delivery and support where all involved can clearly see what we have done or not done.
  • Approach problems and continual service improvement in a blameless environment that shines light on issues rather than covering or avoiding them.

In other words, we must be: humble, honest, relaxed, and trusting. Not the kind of words you often hear in a technology blog but nonetheless accurate. In essence, we must change. That is different from he must change, she must change, or they must change; and that is very different from it must change. In the IT industry, we tend to abstract change by focusing on “it” which is often hardware and software and then deflect change to “they” which is often users or another department.

Are You Ready for Change?

The first two questions an ITaaS CEO (CIO) needs to ask are:

  1. “Do I really want change?”
  2. “Are we really willing to change?”

Initially the answer seems obvious “Of course I do, we have to.” In that subtle nuance of “I” and then “we” lies our challenge. As we wade in we realize the level of resistance that’s out there and the effort it will take to overcome it. We begin to realize the long term commitment needed. For the faint of heart, change dies then and there. But for those who take on challenge the journey is just beginning.

Many IT organizations are focused on service/technology design and operation and therefore do not have the necessary level of in-house expertise to guide their own organization through a complete people, process, and technology transformation. To ensure the greatest return on their investment, many organizations look to a partner that is:

  • Specifically experienced in transformation to instill confidence within their organization.
  • External to their organization and somewhat removed from internal politics to increase effectiveness.

Assuming a partnership is right for your organization for these or other reasons the question becomes “How do I pick the right partner?

Personal Trainer vs. Plastic Surgeon

You’ve heard the saying “Be careful what you ask for you might just get it.” This is very true of an ITaaS CEO looking for a partner to relieve some of the effort and commitment associated with change. Becoming a cloud provider/broker is hard work. The analogy of personal trainer was specifically chosen because of its implication that the hard work cannot be delegated. Though counterintuitive, the more an ITaaS CEO or his/her team attempts to push the “hard work” to a partner the more the partner becomes a plastic surgeon, “delivering” a pretty package with no guarantee that your organization won’t slip into old habits and lose all value gained.

A personal trainer doesn’t exercise or eat for their client, but coaches them along every step of the way. A personal trainer does not usually deliver exercise equipment, assemble the equipment, or even necessarily write a manual on how to use the equipment. What personal trainer does is show up at regular intervals to work side by side with an individual, bringing the knowledge they have honed by going through this themselves and assisting others.

For an IT organization that is looking to become a cloud provider/broker, reduce cost, or just be more consistent or agile, a partner can help more by providing consultation than deliverables. This isn’t to say that a partner shouldn’t develop comprehensive plans or assets, but your organization will get more value out of developing plans and assets as a team, coached by your partner, to ensure a perfect fit. Though the partner may recommend technology and then implement it, this is just one piece of the puzzle. Establishing a trusted relationship between the partner and the IT organization takes regular workouts/interaction.

My Approach to “Personal Training”

We all wish we didn’t have day jobs or family responsibilities when we want to spend time at the gym but reality mandates we spend short but regular amounts of time with our personal trainer. This is also true of the IT department and their partner. Though 100% of the organization must be involved in change at some point these workshops equate to approximately 10% of the time of 10% of the organization. When I am engaged in large-scale transformation with my customers, I find the optimal cadence for hands-on consultation is every two or three weeks, with three days (usually in the middle of the week) that feature half-day workshops consisting of a 2-hour morning session and a 2-hour afternoon session. These workshops are both timed and structured using principles that build goodwill with all stakeholders involved whether they are proponents or opponents to change.

A simplified version of my approach to overcoming resistance and obtaining commitment is to:

  1. Start by sharing a common vision, how the vision has value, and how we all contribute to producing that value.
  2. Raise awareness and understanding through orientation to allow as many people as possible to reach their own conclusion instead of trying to tell them what their conclusion should be.
  3. Establish trust with all involved by involving them in an assessment. Not an assessment of technology or the environment; rather an assessment that draws people out and engages them by asking what is working and shouldn’t be changed, what isn’t working and needs to be changed, and what challenges do we foresee in making a change.
  4. Openly and interactively draft a service model that includes features, benefits, and commitments and a management model that includes roles, responsibilities, policies, processes.
  5. Automate and enforce the service model and the management model through tool requirements.
  6. Review and revise after group workshops and through great finesse. Over time the group will progressively elaborate on these models and tools, going broader and deeper just as a personal trainer would by adding more exercises, more weight, and repetitions.

Avoiding Burnout

At the gym, we may overcome the initial challenge of understanding health and exercise only to discover how painful our aching muscles can be. This stresses the importance of rest and cross training. Much like a personal trainer, our IT partner must not push an organization to gorge on change or focus on one particular component of change for too long. This can sometimes seem sporadic to our team so the approach must be clearly communicated as part of the vision.

You may have noticed the use of the word “team” and wondered who is it? We can consider team in this context as the service’s stakeholders. That is everyone involved in delivery of service and yes that does include customer and user representatives.

An ITaaS CEO that involves his or herself… and not only chooses change and discipline, but also a partner focused on promoting team change and self-discipline over short-cut deliverables, will find their organization in a much better position to transform to a cloud provider/broker using ITaaS.


Jason Stevenson is a Transformation Consultant with VMware.

ROI Analysis: 4 Steps to Set the Scope

Everything and the Kitchen Sink

Lisa SmithBy Lisa Smith

As I discussed in “Introduction to ROI”, determining what to include or exclude in your ROI analysis can be tricky.  What if you leave off a metric that ends up being materially very significant and eats up all of your savings when you begin to implement?  Shouldn’t you just include ALL of your related costs, just to be sure?  Sometimes it feels much more comfortable spending many hours in “analysis paralysis”, just to be safe.

But I am jumping ahead of myself.  Let’s start with the mechanics of how to figure out the scope of your ROI Analysis.

Setting the Scope for ROI Analysis

The guiding principle is pretty simple:  Model the stuff your solution is going to impact.   

Step 1 – Create a Capabilities List

Create a list of all the capabilities your project is going to deliver in a single column (I like to use Excel, even for a text exercise like this).

Step 2 – Create a Benefits List

In a second column next to this list of capabilities, draft the benefits that are going to be delivered by these capabilities.  To do this you need to answer the question, “So what?” with regard to every capability you are delivering.  The lens for these benefits should be focused on what the company is going to achieve from the successful implementation of the project you are requesting funding for.  Don’t get caught up in how you are going to measure these benefits just yet.  Don’t judge what will be considered big savings or small savings.  Just free flow – write them down.

If this exercise is really hard then it might mean that you need to get a better handle on your desired future state.  If you have a great vision of where you are trying to get to with your project, a list of high level benefits should flow easily.

Step 3 – Refine Your Value Drivers

After you have your list of capabilities and benefits (I will refer to these items as “value drivers”), share that list with your peers who are familiar with your “as is” state and your “to be” state.   You might be given a few more value drivers to consider, or you might decide to drop a few value drivers.  If your project includes benefits or services consumed by other teams or end customers then you need to spread your wings, leave your nest and start talking to other people.  The conversation would sound like, “If we could provide, ABC Service, what would the benefits to your team be?”  This “voice of the customer” data provides a great insight into how well adopted your project or service would be; evidence that wider spread gains would be achieved beyond just your team.

“If you build it, they will come” may work in the movies, but the success of any technology project hinges on internal adoption.  Many internal cloud projects failed to get the adoption levels they were expecting from other lines of business.  They built it, but no one is coming.  Quite often these missteps could have been avoided if they had a greater understanding of their consumers’ needs and desires, and used those to fuel the short list of the cloud services provided.

Step 4 – Create a Value Model

Let’s create a value model using an example from VMware’s product vROPs, Capacity Management benefit statement:

“Capacity management helps identify idle 1 or overprovisioned2 VMs to reclaim excess capacity and increase VM density3 without impacting performance.  “

Reclaiming excess capacity is our “So what?”, or benefit statement.    We need to draft a model to calculate the financial impact of reclaiming excess capacity.  The model should include the before and after depiction from our three new capabilities:

  1. Removing idle workloads
  2. Reducing assets provisioned per workload
  3. Increasing VM density or consolidation ratio

ROI AnalysisThe net effect of reclaiming excess capacity refers to expenses associated with server and storage infrastructure capacity.   If that was the scope of your analysis, the capital expense associated with the server and storage savings would be all you needed.  You might also consider expanding the scope, to include the operating expenses also tied to that hardware.  Those operating expenses would cover the power and cooling of the hardware, the data center space overhead, the administrator labor needed to install, maintain, support and refresh that gear.  This technique is often referred to creating a “total cost of ownership” view, considering the acquisition cost as well as the ongoing operating cost of an asset.

Try grouping the value drivers into themes such as reducing computer hardware infrastructure, reducing incident management processes, or reducing time to market for application development.  For a single theme it is best to create a single value model for all of those value drivers.  This is most helpful in providing a single depiction of the “as is” costs or process effort of today compared to a view of the future “to be” state – comparing apples to apples.

So where do we draw the line on scope?

If your value drivers are a pretty short list, feel free to model every aspect of those benefits.  If your value benefits list is lengthy and your “so what” list has over 10 items, please consider scoping to only key and material items.

While I am going to be applying a bit of circular logic here for a minute – if any one line item in your TCO analysis is less than 10% of your total savings, you might consider dumping it from your model.  The savings does not support the effort to QA your math or the effort to socialize the savings.  Secondly, if your savings is considered “soft savings” you might want to consider dropping it also.  Especially if you have plenty of hard dollar saving to justify the investment.  Don’t gild the lily.  If you are not familiar with “hard and soft dollars” concept, I will be covering that in a future article.


Lisa Smith is a Business Value Consultant in the VMware Accelerate Advisory Services team and is based in New York, NY.

Don’t Let Stakeholder Management & Communications Be Your Transformation’s Goop Mélange

John Worthington By John Worthington

What is “Goop Mélange”?

In an episode of TV’s “The Odd Couple” Oscar took on making his own dinner.  He mixed in potato chips, sardines, pickles, and whipped cream.  It was then garnished with ketchup.  When Felix asked what he called this mélange, Oscar answered, “Goop.”

So what does this have to do with stakeholder management?

The importance of stakeholder management is referenced in almost all best practice guidance including ITIL, COBIT, PMBOK, TOGAF and many more. In addition, the number of channels available for engaging stakeholders is growing to include social media, smartphones and other enabling technologies.

Unchecked, your stakeholder management plan can quickly become a very confusing mix of uncoordinated communication. Mixing up a little bit of everything can wind up being the goop mélange of your transformation program.

One way to assure a desirable mix of communication channels is to establish a Service Management Office (SMO), which can begin to develop marketing and communication expertise within the IT organization based on a well defined stakeholder management strategy.

The stakeholder management plan can take a look at the organizational landscape based on the current and future needs of a transformation path, identify key stakeholders and provide the analysis and guidance needed for others (such as project managers, architects, etc.) to effectively do so as well within the transformation context.

From a service management perspective, the stakeholder management plan and the SMO can set in motion the improvements needed to establish cross-functional communication. An example might be Service Owners driving dialog about end-to-end IT services across technical domains.

The stakeholder management plan, supported by a well-sponsored SMO, can also ensure that top-to-bottom communication channels are matured. This is enables communication between Process Ownership, Process Management and Process Practitioners as another example.

stakeholder managment

Sticking to these basics of stakeholder management and communications as you begin your transformation can make sure your stay focused on building a solid foundation for more sophisticated communication channels when the organization is ready, and avoid making a goop mélange out of your transformation communications.


John Worthington is a VMware transformation consultant and is based in New Jersey. Follow @jMarcusWorthy and@VMwareCloudOps on Twitter.

Commodity IT – It’s a good thing for everyone!

les2By Les Viszlai

Traditionally, IT commodity services and products have the highest percentage of being outsourced in our industry. There is a belief among a majority of people in our industry that IT commoditization is a very bad thing.

In its simplest form, a company’s success is measured by its capability to produce a product or service efficiently and to meet the market demand for that product or service.  Running IT as a business implies that we need to also do the same for our internal customers by providing products and services cost effectively with repeat-ability and predictability at an agreed cost.  IT organizations are viewed as a business enabler and trusted advisor by getting out of the business of building and running commodity IT products and services and focusing on providing the business with resources that provide new product capabilities and business differentiators in their market.

We need to understand what a commodity is in order to change how IT is run and provide that business focus.

commodity starts as any thing that has a perceived value by a consumer. A more common understanding of a commodity is a product that is generic in nature and has the same basic value as all similar items. (a simplified example is a Server)

For example, virtualized hardware, in the IT data center context, is a device or device component that is relatively inexpensive, widely available and more or less interchangeable with other hardware of its type.

By definition, a commodity product lacks a unique selling point. In an IT context, the term usually differentiates typical IT products from specialized or high-performance products. A commodity, when looked at this way, is a low-end but functional product without distinctive features.  Generally, as hardware moves along the technology cycle, that hardware becomes a commodity as the technologically matures in that marketplace. That implies that most hardware products, like network switches, that have been around for a long time are now available in commodity versions, although they aren’t generally marketed as such.  In the past, physical networking infrastructure was viewed as specialized until the maturity of virtualization of this layer of technology became available and more widely spread.

Example IT Transformation Journey - Commodity Services

Example IT Transformation Journey

Lets look at a more traditional commodity example, the local gas station.  The gas at your pump is the same as the gas at any of the other pumps. It’s also the same as the gas at the station across the street or across town.  There may be a very slight change in price, but the products essentially sell for the same basic price and are the same regardless where they are purchased.  Can your consumers of IT products and services get this same consistency? Are we trying to refine our own gas before providing it to our consumers?

When we compare this scenario to a traditional IT organization we need to ask ourselves, what commodity areas are we focusing on reinventing and providing. From the IT standpoint, can we virtualize our hardware environment and reap some of the benefits like “FASTER TIME TO MARKET”, “COST EFFECTIVENESS” and “IMPROVED QUALITY”.  Are we already doing this and can we drive further up the technology curve build and/or broker services and products such as IaaS, PaaS or SaaS to drive faster business value?

Our common fear is that “Commodity IT” implies low quality and cost or that our roles will be outsourced.  In comparison, a commodity product or service is not sold cheaper that it takes to produce or run it.  Like wise a commodity IT product or service should have affordability, repeat-ability and predictability in delivery and as brokers not builders,  IT organizations can provide this service to the business.

In summary, studies have shown that IT organizations focus a lot of effort and resources on building and running products and services at the back end of the transformation curve.  This is the area with the least amount of business value but consumes a majority of IT time & resources.  IT organizations need to shift focus to the front of the technology cycle and help the business create and engineer new products and services that drive revenue.

IT best practices exist to help IT organizations move to the front of the technology cycle by reorganizing people, process and technology to use the building blocks of various commodity products and services to provide affordable, repeatable and predictable services. This allows IT organizations to focus on the front of the curve.  Now that’s a lot more valuable and fun.

Commodity IT – It’s a great thing for everyone!


Les Viszlai is a principal strategist with VMware Advisory Services based in Atlanta, GA.

From CIO to CEO: Financing your ITaaS Organization with Charge-back

Jason StevensonBy Jason Stevenson

In my latest CIO to CEO blogs, we discussed How to RUN and ORGANIZE an Information Technology as a Service (ITaaS) Provider. In this blog, we will discuss how to FINANCE an ITaaS Provider.

One of the loftiest goals as an ITaaS Provider is the ability to charge-back, or at least show-back cost of services. It can also be daunting to do so in a fair manner for all customers.

Leonardo da Vinci said “Simplicity is the ultimate sophistication” and Albert Einstein said “If you can’t explain it simply, you don’t understand it well enough.” In this blog I’ll walk through a quickly executable IT cost model to calculate Total Cost of Ownership (TCO), using mostly tools and data we already have, to establish a price that is:

  • Simple
  • Accurate
  • Equitable
  • Scalable
  • Agile

STEP 1: Establish Labor Costs

Bob worked 40 hours this week. 16 hours in support of services including day-to-day operations, online training every other day, and daily staff meetings. 24 hours were spent working on a migration for Project 2. All employees had a holiday the first Monday of this particular month. As it happens, none of our employees took any leave for the rest of the month. Out-of-office equals $0 cost and is excluded. The reason for this will become more evident when we discuss burdened rates.

IT Cost Model

Highlighted in blue, each project is associated with a service. It is important to note Project 2 is associated with Service B. The cost of Project 2 is derived from our employees’ wage and a rate of 1.5. The wage is multiplied by this rate to equal a burdened rate. Burdened rates reflect wages plus benefits and fee if any. Bob worked 24 hours on the Project 2’s migration in Week 2 per our example and contributed to Project 2’s cost of $5,724.00 this month.

Highlighted in orange, Bob worked 16 hours in support of services in Week 2 per our example. Tickets (requests, incidents, problems, changes, etc.) are associated with each service. Out of the 112 total tickets this month, 30 were related to Service B or approximately 27%. Using the number of tickets per each service and total labor for service gives us the cost of service. In this case, $17,172.00 * (30/112) = $4,599.64 for Service B this month.

Highlighted in green, the total cost of Service B labor for this month is $10,323.64 by adding $4,599.64 for project labor and $5,724.00 for service labor from our previous calculations. Our service organization must recover $36,252.00 this month for just labor.

IT Cost ModelIT Cost ModelIT Cost Model

STEP 2: Distribute Operational Expense

Services may require operational expenditures (OPEX) like: leases, utilities, maintenance, etc.; some of which may be indirect and need to be fairly distributed across services based on relative service size. By dividing subscribers of a service by the total number of subscribers we arrive at a fair percentage of monthly operational expenses for Service B of 28%. Indirect operational expenses for Service B are calculated fairly by $18,000.00 * (250/900) = $5,000.00.

Some expenditures are so large that the expense cannot be recognized at one point in time and need to be amortized (for example building a new data center). Depending on your model, this expense may be captured as either a project expense or an operational expense. In keeping our model simple, amortization should be used sparingly. When absolutely necessary, it should be used consistently by establishing a concise policy like “All expenses over $500,000 will be amortized (spread) over 36 months.” In our example, no expenses exceeded half-a-million-dollars and so amortization does not apply. However, if we had an Expense E of $1,750,000 for our new data build-out it would be recognized as $1,750,000 / 36 = $46,611.11.


STEP 3: Calculate Total Cost of Ownership

Projects may require capital expenditures (CAPEX) beyond labor like: material procurements, suppliers of personnel, etc. plus travel. Project costs are often direct and simply added with project labor for total project cost. We can distribute these costs as well if needed. Total Cost of Ownership for Service B rises to $18,323.64 by adding capital expenses of $3,000.00 to our previous operational expenses and labor. Assuming our other services and projects require only labor, our service organization must recover $44,252.00 this month to remain solvent. Dividing Service B’s total cost by 250 subscribers gives us a cost of $73.29 per subscriber per month.


STEP 4: Establish Charge-back

Our previously mentioned 250 subscribers of Service B is spread over four service customers (departments in this example) as 100 + 100 + 25 + 25 = 250. A fee of 7% which is the difference between our cost and our price. Recovery from each customer of their fair share of services. Department A has 100 subscribers of Service B; which equates to 100 * ($73.29 *107%) = $7,842.03. 107% is a representation of 100% of the cost plus 7% fee. Our previous Total Cost of Ownership of $44,252.00 is now a price of $47,349.64, allowing our service organization to not just be solvent but also profitable to enable research, development, improvement, etc. of services.

IT Cost Model

If the culture of your organization does not allow for your IT department to charge customers for service the same principles can still be applied. Remove the fee (7% in our example) and communicate the same information as Service Consumption Report rather than an invoice to provide show-back to your customers. Though they may not be paying for services you can still influence their behavior by giving them comparative analysis against their peers.

The following table summarizes charge-back using an IT Cost and Price Model.

IT Cost Model

In my next blog post we will explore tips for how to ensure, as the new “CEO” or your IT department, that your transition to an agile, innovative, and profitable service provider is a successful one.


Jason Stevenson is a Transformation Consultant with VMware.

Organizational Change: Perfecting the Process

By Richard Hawkins and Greg Link

Organizational change. Re-org. Shaking things up.

These words strike fear into the hearts of those that hear them. They should also strike fear in those that speak them. But sometimes organizational change is needed for some very good reasons. One that comes to mind is structuring IT to deliver end-to-end services and not just applications.

To reduce the pain often associated with Organizational Change, it’s important to have a clear plan in place that addresses each stage of process.  In this blog we’ll take a look at the stages Organizational Change from beginning to end as a primer on what things need to be considered and when.

Everything has a process and Organizational Change is no exception. The diagram below is a high-level overview of each of the 5 stages of Organizational Change.

Organizational Change Process

Step 1:  Gather and Validate Data

In this phase we look at every level of the organization from the top down along with the skills of each role including that of leadership. Fact is, in many organizations poor performance is more a reflection on leadership than the departmental staff.

Step 2: Perform Organizational Assessment

To assess your organization’s readiness for change, there are a number of questions you need to ask yourself. When did the last re-org take place? What changes were made? How was it received? Is a short survey in order? How formal is your organization? Are there roadblocks that can be removed to allow staff to do their job more effectively? How strict are your policies? Obtaining a cultural baseline is not easy, but well worth the effort.

Step 3: Develop Transition Plan

As you start the planning effort, it’s important to justify the change.  Having a good case for why the organization is undertaking this effort will go a long way toward acceptance.  It’s also important to identify ahead of time what cultural barriers you could face blocking a successful change.

Throughout this stage, you should remember that this effort will affect everyone, so consistent communication is key, and involving many layers of the organization, from directors and managers down to “rank and file” in the planning process will go a long way toward ensuring everyone is on the same page.

Step 4: Implement the Plan

This is another busy stage and, of course, the most important. Proper execution of a well developed plan is the key to success in any endeavor.

Leadership roles should lead by example and be fully committed to the change, and that commitment to the goal must continue throughout every level of the organization.  The success of this effort relies on all parties playing their part.

Seek out areas that may encounter resistance and work tirelessly to resolve them with empathy and understanding. Ownership of a problem in this area may not be an individual mater. It may require senior leadership intervention.

This is another phase where communication, through every means possible, is extremely important. The organization should know how things are going and how issues are being resolved in a timely manner.

Step 5: Validate Plan Success

We’ve done a good job at planning and execution so we’re done right? The new structure is in place and no one has quit or expressed any serious dissatisfaction. But are we really done? A truly good manager says “no” and will look back and make sure the plan and implementation achieved the desired outcome.

Make an initial assessment on how well the organization is working after the changes have settled in. A well timed Town Hall will go a long way in gathering the information needed to validate the efficacy and results of the re-org. If as mass gathering is not an option, departmental meeting should be in order.

In our next blog, we’ll explore 10 of the key actions you need to take along each step of this process to ensure success.


Richard Hawkins is a Transformation Strategist based in Seattle, WA.

Greg Link is a Transformation Senior Consultant based in Las Vegas, NV.

Establish Your IT Business Management Office (ITBMO) To Run IT Like a Business

Khalid HakimBy Khalid Hakim

We hear a lot about (and maybe have interacted with) Project Management Offices (PMOs), and possibly about Service Management Offices (SMOs), but IT Business Management Office (ITBMO) sounds like a new buzz word in today’s modern IT business taxonomy. PMOs typically focus on the management and governance of IT projects, while SMOs are responsible for the governance and management of IT services and the processes to ensure effective service delivery. ITBMOs, however, go beyond this to the next IT business maturity level to address business and finance partnership with IT to help IT organizations transform into services-based, business-oriented, and value-focused organizations.

ITBMOHave you ever asked yourself of how you can make your CFO happy? How you can support your corporate financial goals and aspects of a balanced scorecard? How you respond to “IT is always expensive” perception? Have you thought of challenges related to quantifying value your consumers get of IT services? Are you challenged to view IT costs by services you deliver? Or even budgeting and forecasting by IT services? Can you tell on the spot what your unit cost of a service is? What about demand driven IT? Do you feel that you are always over capacity with low utilization of services? What about leveraging marketing power to promote your IT services? How you can commoditize and brand your IT services? And many other questions and thoughts that keep CIOs awake at night.

(I can hear you thinking)

We have been hearing about “transformation” and “running IT like a business” quite frequently nowadays. As a matter of fact, these are becoming overused terms without real meaning of what they actually imply. Imagine that you are the CEO of a new wood furniture manufacturing business. Obviously, the main functions that you could initially think about are Product Management (who turns logs into useful products), Sales and Marketing (who promotes and sells to consumers), and Finance (who manages the financial aspect of the organization). The question is: why can’t we apply the same discipline to IT organizations? Similar to Product Management, IT organizations deliver services, and therefore we have Service Management and Service Owners/Managers. We are only missing two things here to run IT like a Business: a strong service-based financial operating model and the Services Sales/Marketing sense to help promote and consume IT services in the best valuable manner to consumers.

This is what the ITBMO brings to the table: a stronger partnership between IT, Business, and Finance to accelerate transforming your organization into a business-oriented, service-based, and value-focused one. Initially, you can think of the ITBMO as a virtual group or committee that has champions from various IT/Business functions. This virtual team paints the IT business vision and defines its mission on how to run IT like a business to deliver more value to business in the most economical way.

IT Business Management Office (ITBMO)

Figure : IT Business Management Office (ITBMO)

As shown in figure 1, the ITBMO supports 6 functions/towers to ensure stronger partnership throughout the IT service and project management lifecycle. These are:

  • Service Management Office (SMO): the entity (or any similar) within an organization responsible for the delivery and management of IT services. This includes the pure ITSM process management and ownership and delivery along with the ongoing management of IT services.
  • Project Management Office (PMO): the entity responsible for project management and governance
  • IT Finance: the function that takes care of the financial aspect of IT, which could be part of IT or Finance. This typically includes IT budgeting, accounting, pricing and cost optimization.
  • Services Sales & Marketing: a new (or maybe existing) function that will be improved and strengthened as part of the ITBMO establishment.
  • Business/IT Alignment: any existing functionality (such as Customer Relationship Managers or Account Managers) that ensures ongoing alignment between IT and Business.
  • Governance, Risk, and Compliance (GRC): the function (or multiple functions) responsible for organizational change, developing IT policy and governance strategy, IT risk evaluation and mitigation and compliance.

A champion from each function (could be multiple champions based on the organization scale and size) contributes to the core operations of the ITBMO to achieve the value-focused vision. The ITBMO runs in consultative and supporting mode, but depending on the IT organization’s authority, decision making process and power, and delegation factors, the ITBMO could be an authoritative entity within the organization.

Standing Up an ITBMO

Figure 2: Standing Up an ITBMO

Figure 2 shows the six steps required to standup a successful ITBMO within your organization:

  1. Develop Vision/Mission: thinking of why you need an ITBMO in the first place is your first step. What is the challenge you are trying to overcome or opportunity you want to introduce? Thinking collectively in a short/long term vision and drafting a mission statement of what this ITBMO actually does are your foundational steps towards a value-focused organization.
  2. Build and Position the Organizational Structure: figure out what roles are needed and who needs to be onboard and whether this is a virtual team of representatives or dedicated and how it fits the organizational structure and reporting lines
  3. Develop Process Interactions: fully understand your existing processes interactions within the functions that will be supported by the ITBMO, and figure out where you want the ITBMO to help, support, and interject to accelerate value realization
  4. Develop RACI Chart: translate your discovered process interactions and help areas expected into a roles and responsibilities chart (i.e. RACI). This will expose the areas of improvement and will help build a short and long term improvement roadmap across all supported functions to achieve the desired vision.
  5. Establish Value Measures and KPIs: quantifying IT value is one of the challenging tasks IT management confronts. This step defines a very high level value measurement framework or methodology along with the success factors and measures that a CIO or CFO can judge the success of ITBMO thru. VMware vRealize Business is the technology that will be used as a platform to define those value measures and KPIs and help making informed decisions.
  6. Build ITBMO Ongoing Operations: build your ITBMO ongoing operations guide by identifying which RACI responsibilities will be performed

So, you might now be thinking about the value an ITBMO can bring into your organization and how you could best leverage such a powerful business unity:

  • Establish business horizon within your IT and implement a model to help run IT like a business
  • Ensure tighter partnership between IT, business, and finance. This partnership is key to IT success like any other business.
  • Enable your organization explore more improvement opportunities and build a maturity improvement roadmap to run IT like a business
  • Help accelerate your transformation journey not just to a trusted service provider, but to a strategic business partner
  • Create new virtual business roles within your organization and help accelerate this transformation journey
  • Help your IT organization make better and strategic use of VMware vRealize Business to drive the cost optimization and value realization strategy and goals
  • Empower your IT to deliver on the desired quality, at the right cost by creating tighter alignment and accountability between IT, Business, and Finance
  • Elevate and strategize your IT conversations with service consumers, stakeholders, and executives to support IT and business transformation journeys

And if you’re heading to VMworld, don’t miss this session (OPT 5075) on Tuesday 9/1 at 5:30pm!

6 Steps to Establish Your IT Business Management Office (ITBMO) with VMware vRealize Business

VMworld 2015While many smart IT organizations have started their transformation journey to service-oriented and consumer-centric providers, there are still some key gaps that need to be addressed to ensure the effectiveness and efficiency of this transformation and therefore to yield the expected value. These gaps are related to the IT financial operating model and how modernized it is to cope with technology & cloud evolution along with the business speed. The IT Business Management Office (ITBMO) is revolutionizing the way IT leaders demonstrate business value to the enterprise. The ITBMO could be a virtual committee to ensure stronger partnership between IT, Business and Finance together to drive an organization towards faster value realization and maturation. Khalid Hakim, global IT operations, financial and business management architect, and Jason Nienaber, IT Business Management Director at VMware will shed light on this new business practice using VMware vRealize Business to move your IT organization to the next level in maturity and position it as a strategic partner to your business consumers and line of businesses.


Khalid Hakim is an operations architect with the VMware Operations Transformation global practice. You can follow him on Twitter @KhalidHakim47.

From CIO to CEO: 5 Steps to Organize an IT as a Service Provider

Jason StevensonBy Jason Stevenson

In my last CIO to CEO blog, we discussed How to Run an IT as a Service (ITaaS) Provider by providing services to meet customer needs using a commodity as an example. In this blog, we will discuss how to organize governance and personnel within an ITaaS Provider.

IT as a Service ProviderTo provide business/mission-value and remain relevant, many IT organizations are positioning themselves as a Hybrid Cloud Broker; providing both public and private cloud services to their customers and users. To be successful, these organizations must adopt ITaaS; a model in which IT is a commodity, providing services on demand to meet business needs through a scalable and measurable pool of resources using integrated and automated processes. This is accomplished through a blend of:

  • Cloud computing standards
  • Service management best practices
  • Leading cloud and virtualization technologies

The following provides five steps to reorganizing IT to become and ITaaS Provider.

Step #1: Service Owners and Managers

Misconception #1:
Service owners and managers are lower-level resources that: a) do not have financial responsibility, b) are not fully accountable for their service, and c) report into functional/project directors.

Organize an IT as a Service ProviderAs part of service portfolio and catalog management, IT assigns owners for each service.

  • Service Owners (SO) are accountable for service strategy including fiscal responsibility and understanding customer demand for their services. Service Owners solid-line report to the CIO.
  • Service Managers (SM) may also need to be identified for each organizational sub-unit such as lines of business, cost centers, geographies, etc. If used, service managers are accountable for service operation and potentially service transition. Service Managers dotted-line report to service owners.
    • In larger organizations, service owners and managers may use a one or more Business Relationship Managers (BRM) as a conduit to customers paying for the service. BRMs solid-line report to the CIO but are embedded with their customers. The CIO may also have an IT Financial Manager (ITFM) to coordinate ITaaS provider budget allocations to service owners and consolidated service chargeback to customers.

Step #2: Service Life Cycle

Misconception #2:
Service strategy, service design, service transition, service operation, and continual service improvement are just names of service management books.

Organize an IT as a Service ProviderThough many organizations claim to be service oriented, their organizational structures remain functionally and/or project oriented. The following diagram illustrates an organizational pyramid providing service orientation through a service-life-cycle-based organization.

  • Directors are assigned for each service life cycle step including service design, service transition, service operation, and continual service improvement. The CIO also acts as the service strategy director and also performs demand management. Directors solid-line report to the CIO but dotted-line report to the service owners/managers. These directors’ budgets are an aggregate allocated by the service owner.

Step #3: Process Owners and Managers

Misconception #3
Process managers can be an afterthought and “peppered” throughout the organization.

Organize an IT as a Service ProviderTo be successful, an ITaaS Provider must have mature processes under the control of process managers and owners.

  • Process Managers maintain unit procedure documentation. Monitor process reporting. Reviews process records for compliance. Provide ongoing process and system training to unit. Contribute to continual process improvement. Ensure compliance with policies, processes, and procedures. Facilitate regular process meetings and communication channels. Coordinate interface with other service management processes. Take corrective action if needed.

For organizations with intensely “siloed” or “stovepiped” cultures, process owners many need to be introduced. This is not preferred but a common reality.

  • Process Owners champion policies, process, roles and responsibilities. Provides ongoing process and system orientation. Facilitates quarterly reviews. Facilitates annual audits. Enables continuous improvement.

The Service Portfolio Manager (SPM) also fulfills the role leading a service/project management office. The office may including control, technical writing, quality assurance, etc.

Step #4. Technical-Facing Service and Configuration Item Owners and Managers

Misconception #4:
Technical resources for service design and operation do not need to work together in abstracted technical-facing services.

Organize an IT as a Service ProviderThe business-facing services discussed above are supported by functions each with its own owner.

  • Infrastructure Function Owner (IFO)
  • Application Function Owner (AFO)
  • Data Function Owners (DFO)
  • Service Desk Function Owners often fulfilled by the Incident Manager (IM)
  • Operation Center Function Owners often fulfilled by the Event Manager (EM)

These functions may be further decomposed into technical-facing services. Common technical-facing services for ITaaS include network, compute, and storage and each must have an owner.

  • Network Service Owner (NSO)
  • Compute Service Owner (CSO)
  • Storage Service Owner (SSO)

To be a successful ITaaS Provider, technical services are not “siloed” or “stovepiped” and therefore do not require managers in addition to owners as they are shared services. However, the components supporting technical-facing services often have:

  • Configuration Item Owners fiscally responsible for the component
  • Configuration Item Managers operationally responsible for the component.

Life Cycle Gravitation

Configuration Item Managers are often referred to as DevOps in an ITaaS environment; especially for configuration items supporting the application function. Depending on an organization’s culture, DevOps may dotted-line or solid-line report to the Service Design Director or the Service Operation Director. As the organization matures, resources naturally gravitate from operations to earlier phases within the life cycle.

Step #5. Users and Assignment Groups

Misconception #5:
ITaaS is just jargon. IT departments are about IT personnel delivery IT.

Organize an IT as a Service ProviderIn a mature organization, classification of events, incidents, requests, etc. are aligned to the business-facing and technical-facing services within the catalog rather than legacy Category/Type/Item classifications. In this respect, the Technical-Facing Service Owners and Configuration Item Managers discussed above may also be referred to as Assignment Group Managers. The remaining technical employees within the ITaaS provider report to these Assignment Group Managers.

Every individual employee of an ITaaS Provider must move from technology to process, to service, to customer, to mission, and then ultimately to a value focus. Because these individual employees are the first, second, and third line of support for the users receiving the service it is critical for these IT employees’ tools and training to encourage user value focus.

Though impractical from a presentation standpoint, the entire ITaaS Provider must conceptualize their role as an inverted organization chart with the users at the top of the organization, then IT employees supporting the users, and then IT management supporting IT employees.

Organize an IT as a Service Provider

Move from CIO to CEO by leveraging a Strategist from VMware to address the people, process, and technology elements necessary to transform your organization to an ITaaS Provider.


Jason Stevenson is a Transformation Consultant based in Michigan.

ROI Best Practices Series — Part 1: Introduction and Goal of an ROI Analysis

Lisa SmithBy Lisa Smith

When we are considering any large investment either in our personal or work life, it is natural to question how fiscally sound that investment decision is to make.  Whether a company is considering the impact of rolling out a new product to market, acquire a company to gain market share or opening a new factory, using a Return on Investment (ROI) analysis will help define in hard numbers just how much that investment will return to us and over what period will we see our investment paid back.

What constitutes “good” ROI analysis?

Many companies have been using ROI analysis in their demand management programs to evaluative which proposed projects should funded and those which are not.  In a manner, projects are competing for both the company’s focus (labor) and limited capital dollars.

What is ROI?But a good ROI analysis does not tell the whole story a demand management program needs to determine the merit of each project proposal.  Demand management teams are also requesting project teams to include a business case to accompany an ROI analysis.  A company is not just investing their capital dollars in these projects, they are also investing their people time and focus.  We need to ensure that the project focus and execution is supportive of corporate and or business unit’s strategy – we need to have all of our oars pushing the boat in the same direction.

ROI Analysis

As Gartner espouses in their “Total Value of an Opportunity” (TVO) framework, a good business case needs to include analysis of how an investment has strategic alignment and the overall business impact of the project.  Those projects which are ultimately funded should be best aligned to the strategic goals of the company.  While a project many be financially a great decision, if the project’s goals are not in line with where the company is headed, the financial gains should be disqualified.

The goal of the ROI analysis should be to cleanly portray the financial state of “as-is” and the “to-be” future state after making the investment.  Those financial states should include all elements which are going to vary between the optional states.  When considering what metrics should be included in the analysis, it can be confusing where to draw the line – what to include and what to exclude.  What makes a “good” ROI analysis is not that we analyzing every possible cost metric but only those relevant costs which make a material impact in the savings.  The other key element to consider when building your ROI master piece is how consumable is the analysis by your project’s key stake holders.  If your ROI analysis reminds people of something out of the movie “A Beautiful Mind”, you need to step back and re-evaluate your approach.  A clean view of your assumptions, inputs, formulas and a simple side by side financial comparison of “as-is” vs “to-be” is the best to socialize your ROI study and results.

Socializing Your ROI Study

Buy in and blessing of your ROI study is the final hurdle which you need to have a truly successful ROI analysis.  Set up one on one time with various project stakeholders, walk them through your business case and ROI analysis.  A clean set of eyes is a valuable exercise to see where how your analysis holds water, what elements of your Business case needs to be fleshed out and you will immediately see how “consumable” your analysis is by another person.  If everyone asks the same question, perhaps you should that address that question in your presentation?  Let’s face it, with all the time you have been spending on building out your business case, you probably have a lot of key assumptions in your head which might not be obvious to your audience.  Lastly, during those 1:1 sessions with your stakeholders, it is a great time to feel out their support of your project and your quest for funding.

In summary, when building a business case presentation for your project consider the following factors:

  • Explain “How does this project support my corporation’s strategic direction?”
  • Outline “How will the business be impacted by my project’s success?”
  • Summarize results of ROI Analysis including side by side comparison of “as-is” and “to-be” costs.
  • Cover key assumptions, inputs and formals supporting your ROI calculation.
  • Perform key stakeholder reviews to build internal support of your work

What’s next?

This is the first blog in a series that will explore end to end ROI best practices.  Stay tuned for blogs on:

  1. Introduction and Goal of ROI Analysis
  2. Scope of ROI Analysis
  3. Structure of ROI Framework
  4. Different type of Value
  5. Infrastructure Analysis
  6. Process Analysis – Labor
  7. Process Analysis – Time to Market
  8. Process Analysis – Service Impact
  9. Risk Mitigation
  10. Tying it all to together – telling the story
  11. Benefits Realization

Lisa Smith is a Business Value Consultant in the VMware Accelerate Advisory Services team and is based in New York, NY.