Delivery Documentaries are a behind the scenes look at how our Enterprise Architects (EAs) in the field perform Value Realization activities for customers. The documentaries are raw and real, and the purpose is to share what actually happens on the ground. They are always a learning opportunity, and we hope that over time we can help bridge the state of the art with the state of the practice, and continue to move the ball forward.
This example, provided by Atul Totre, describes what happens when a Microsoft Architect finds that one of the projects he was called in to help with is not likely to produce the expected return on investment. What steps led to this finding, and what changes did the Microsoft Architect recommend to help the business succeed? Let’s find out…
A Microsoft Architect was called to help with a project that he assessed and found was not likely to produce the expected value. After thoroughly assessing the project and interviewing stakeholders, the enterprise architect presented his findings to the CIO and other top stakeholders. After reviewing and discussing the evidence, they agreed that continuing the project was not in the best interests of the business, and the resources involved could provide more value in other projects.
I began helping a business with a multi-year project to design and implement a new Identity and Access Management (IAM) system. The project had begun after an internal audit found that most of the IT systems failed the security compliance checks. The new system was supposed to replace the multiple identity systems currently in use at various facilities, to help bring the systems back into compliance with security standards.
Because the audit results had attracted attention within the company, the IAM project was well-funded, even though it was not expected to significantly change productivity. Its main impact was expected to reduce risk and improve understanding (and manageability) of the affected systems.
When asking for Microsoft’s help with the IAM project, the CIO expressed skepticism about the project’s progress. In the CIO’s opinion, the project was too big and there was a lack of structure in the approach of the internal project team. As the first priority, the CIO was looking for leadership and guidance from Microsoft to help:
After these steps were complete, the engagement could move on to redefining the strategy, roadmap, and plans for the IAM project.
For the first part of the engagement, I worked with five customer stakeholders and stakeholder groups:
Within a few weeks, I expected to have assessed the current state of the IAM initiative, including:
I also made a preliminary assessment of the expected (“To Be”) state of the IAM system following the current project. This assessment covered:
I also talked to the stakeholders and others to gain the perspective of the business on the IAM initiative. During discussions with the stakeholders, I also provided information about best practices for IAM strategy, as identified by Microsoft.
Following the assessment, I spent the next period on initiative planning and stakeholder workshops. The results of this planning process included roadmaps for business capabilities, the IT service model, and technology for the initiative for the current year, and a strategic roadmap for the initiative for the next 3 to 5 years.
To keep the stakeholders informed during the engagement, I regularly reported status:
I completed the first assessments, which included infrastructure optimization, maturity, compliance, as well as investment assessments, and a standard ESP initiative assessment. The information I gathered during this process helped me understand:
As I conducted my assessment and discussed it with business leaders and stakeholders, I began to see factors that contributed to the problems that the initiative was having.
I began a deeper examination of the IAM initiative based on my own perspective, knowledge, and experience. I found it to be a “horizontal” initiative that affected business groups throughout the organization, affecting operations throughout the organization. And it would cost a lot of money to implement. To succeed, the initiative must have support and ownership beyond the IT organization, and it must take the concerns and considerations of the business priorities into account.
In addition, I confirmed the CIO’s view that there was a lack of structure in the project team’s approach. In my experience, an initiative of this scope and size must be built on detailed structural analysis and strategic work, which was lacking.
To complicate matters, although the CIO had defined priorities for the IT organization, the strategies for supporting those priorities were not yet fully defined. Without those, it would be difficult to determine how to bring the initiative in line with those priorities (or if that realignment was even feasible).
I concluded that the business was unlikely to succeed with the current initiative, which did not directly address the needs of the business, and did not have enough support to succeed. The business would have to finalize strategies supporting its eight IT priorities, or face ongoing difficulties in defining a identity and access management solution that would be satisfactory across the business.
I presented my results to the CIO and the leadership team at their regularly scheduled meetings and used that forum to start the larger conversation about the identity and access management needs of the business. I shared my analysis, showing that the current path would not produce a solution that met the needs of the business, and I recommended that the business would be better off not spending money on a solution until having identified one with a better chance of success.
After reviewing my recommendations, the CIO agreed that the IAM initiative in its current form could not provide the needed return on investment, and he made the call to shelve the project.
The business also released the third-party consultants that had been helping with the IAM initiative, and redeployed its internal resources to address other initiatives: