IT departments, as well as companies with outward facing technology services, are finding that they need to be...
quicker off the starting blocks when introducing new products and services, especially those in which information systems are a major component. This speed to market is forcing firms to adopt an approach to facilitate compressed design-to-market timelines known as concurrent engineering. In the physical world, concurrent engineering means bringing marketing, design, manufacturing and assembly/part tool engineers together in a common work area and collaborating to reduce the time to market. In today's information systems world of buzzwords, this is known as Agile development.
Toss the unnecessary waterfall steps. Keep the customer engaged during the design process. Do modular designs. Keep changes small. Think about incremental changes. These concepts are all good, and definitely help in maximizing customer value and reducing transition risk, but there is another risk. That's to the warranty of the product or service.
IT departments give lip service to the construction and maintenance of the services they create. IT asset management is good as a logistic process to track the purchase of components needed to develop IT services -- such as software, hardware and contracts -- and other facilities components, such as the physical parts to build a car on the assembly line. IT's assembly line is Agile; the maintenance shop is based on ITIL -- both sides responsible for delivering "information" (instead of cars). The missing element in an asset list is how the parts go together, which in IT is contained within an IT configuration management system.
The value of an IT configuration management system
For over 2,000 years of engineering, the basic mode of communicating the idea of a product, like a car, was through drawings. Pictures describe the relationship between the parts that make up the whole. With IT and new hybrid technology systems, our pictures are not consistent; documented relationships between parts -- for example, modules to APIs to operating system instances, among others -- are either drawn once and then forgotten, or, in some cases, are in the heads of our technology experts. We need to do better. Just keeping an asset list is the bare minimum. It has to become what engineers call a "bill of materials."
Building a digital bill of materials -- for example, the ITIL configuration management system/configuration management database -- is hard work.
It cannot be skipped.
It has to be done when the design of a technical product or service is created or when it is modified, not as an afterthought three months on. It puts the onus of clearly communicating how each part, subassembly and final assembly is related to one another on the shoulders of the software developers, mechanical designers, infrastructure engineers and network specialists.
This takes time.
Yes, it is tedious today.
Yes, we need to create systems to make it less tedious. But the value from this upfront work is found when the product or service is operating and is providing outcomes the subscribing customers consider valuable. Consider these situations:
- Your 3-year-old B2B interface that uses a particular software package needs a critical software patch to protect from man-in-the-middle attacks. It has to be done in the next two hours. Where are these interfaces? Who is responsible for them? Which businesses need to know?
- A new service consisting of 10 applications, three new interfaces to vendors and new Web services is being transitioned into the 24/7 operations environment. It runs across three platforms and three versions. What is the impact of this service on the current running environment? Are you going assemble the right group of stakeholders to assess the risk of doing this? How do you find these stakeholders? What is the upstream or downstream effect?
- Management wants to reduce ongoing running costs of the IT delivery infrastructure. What do devices, software or even services themselves cost in disruption, repair and inefficiencies? Can you create a report of trending failures in various storage arrays and the affected applications? Who will pay for the upgrade?
Each of these scenarios could be addressed using a robust bill of materials of the service. The bill of materials should also be linked the components' related incident, problem and change records. Having this linkage can provide mean time between failure, costs of downtime and trends data that is meaningful to the service provider, as well as the business using the services.
Consider the first situation; each deployed API instance would have a family of related configuration items (CIs) that could provide the following:
- The service the B2B interface is part of;
- The two servers that the B2B interface runs between;
- The application modules that use the interface;
- The network router, circuit and firewall that API needs to connect through;
- The names of the maintaining group of the service, servers, applications and infrastructure CI;
- The name of the user and business that use the interface; and
- The incident records that have been associated with any of the components discovered.
Life without a configuration management system
Just consider the cost of assembling the team of experts in one room to discuss this problem, especially after the interface was running for three years. Do you know who to call? Does everyone remember the way it was set up? Now, execute the situation every day with different parts of your environment. What are the reputation costs if the data happens to be sensitive?
The cost will quickly make the time spent documenting your critical designs accurately seem minuscule, especially if you do this over and over again in your major incident processes. Asset management will tell you that you have "stuff," but an IT configuration management system will give you answers.
Making the case to merge asset management and configuration management systems
Reducing risk via asset management
How to purchase the right configuration management system for my enterprise