No one can deny that Jerry McElhatton has mastered many successful IT moments. During his 10 years as CIO with MasterCard International, McElhatton spearheaded a five-year, $160 million upgrade of the company's global processing system into one unified, single messaging standard. Even more impressively, he delivered this enormous undertaking on time and within the budget. The systems support more than 15,000 customers worldwide, handle more than 40 million transactions daily worth more than $1 trillion annually, and are linked to 800,000 ATMs globally. Also during his tenure, McElhatton oversaw the building of a $135 million, 52-acre campus for MasterCard's primary IT team.

In March 2005, McElhatton retired from MasterCard, where he had anywhere from 1,600 to 3,200 IT professionals under his leadership. Enterpriseleadership.org recently spoke with McElhatton about what his experiences managing an IT organization that could make or break MasterCard's success.

EL: What are you doing now?

JM: After 10 years with MasterCard, I retired to start Virtual Resources, a company that does consulting for organizations in the payments area, and for some architectural engineering firms. I also sit on the boards of directors for several technology companies, where I set up advisory committees to provide feedback on the company's products and examine what competitors are doing. I spend my free time tinkering with a massive model training collection, which my four grandchildren love. I almost forgot: I write articles for business publications, such as CIO Decisions.

EL: Now that you've retired from MasterCard, would you advise other near-retirement CIO's to go off and keep their hands in IT?

JM: Why not? I'm enjoying helping companies understand the cost benefits of technology. I've successfully gotten people to look at their cost structures, to put some best practices in place, to help them evaluate some future cost-effective architectures, and to get them to be more responsive to business needs.

EL: Looking back at the technology overhaul you implemented at MasterCard, what things really made it happen?

JM: The credit goes to my great team. The company had some very mature systems that did a nice job, but it took too long to bring new products to market. New and better technology could simplify things and reduce our infrastructure costs. My assignment included restructuring, rewriting, and redeveloping the core systems. It took five years of changes to give those systems the scalability and flexibility they needed to meet best business practices. We completed that project within the assigned budget and ahead of schedule.

EL: What were some of the best practices that were put into place?

JM: We put reusable systems code and architectures in place. When it came to databases and data warehousing, we made sure we captured the data correctly and could easily segment it. Our key members had to analyze this data to help them build their marketshare.

At MasterCard, I had the unique position of being responsible for all technology, all IT operations, and both IT security and physical security. Fraud is a big problem in the credit card business. For example, I oversaw all of the risk systems that enabled our members to report fraud to us so we could stop it. We gave them information to make them aware of certain types of fraud that were taking place or had the potential to take place. We spent a lot of time reworking those systems. We put together things that would give us an advantage in identifying some characteristics and traits of fraud.

JM: Yes, the entire security team reported to me. I was also responsible for the access control side of physical security. The entire team that guarded our campus buildings reported to me. These folks did a lot of investigations internally to make sure employees did not access unauthorized areas.

EL: What was the business model for MasterCard when you were there?

JM: Simply, we worked very closely with the business units to help them define priorities, to help them move marketshare and generate income, and to help them reduce operational expenses. As a member of the operations and policy committee, I looked at how we could leverage technology to get the biggest payback.

EL: What was your IT model at MasterCard?

JM: MasterCard's technology generates a significant amount of revenue on what's called a "quick charge." We have charges for authorization, clearing, settlement, and also charges on our risk systems. On some of the systems, we had profit and loss residing with the operations and technology group. And on the others, we had direct chargeback to the marketing group for the cost and expense of generating that revenue.

EL: Did you folks use anything like Six Sigma?

JM: It's an interesting concept that has to do with the definition of root cause analysis and definition of quality standards. Eighty-five percent of the program we used consisted of Six Sigma and the benefits associated with it.

We measured everything, and we drove staffing and quality off those numbers. In our system, we posted implementation reviews, and whenever we had a problem, we did a root cause analysis to determine where to patch the problem. So, our systems got stronger over time. The performance of MasterCard as a company became outstanding because of the work we'd done to engineer the system.

EL: How successful were you in combating fraud?

JM: It was very good. We did a lot of proactive things to put people on notice. In the credit card business, fraud often happens at the merchant location and at some of the processors. If someone doesn't follow the rules, you might do routine audits, but an IT security audit is only good for the day you do it. Someone can make a change the next day, and thus, put a hole in the system. You might not catch it until you do another audit, or you might not catch it until you have a problem. We did a lot of proactive work to identify potential fraud. We not only used our systems, but we had cooperative efforts with others, and we used their systems, so we had a significant reduction in fraud.

EL: Do you have any comments on Oracle's recent buying spree?

JM: On the one hand, Oracle will have a strong product offering. On the other hand, as with all technology mergers/acquisitions, IT departments no longer have a lot of product choice; they'll lose their ability to negotiate on price, and service levels.

EL: Are you writing a book?

JM: I've thought about it. My working title is, 101 Easy Lessons Learned the Hard Way. IT folks today have similar sets of issues and problems as their counterparts five or 10 years ago. Yes, there might be more flexible ways to solve these problems, but every generation seems to have to touch the top of the stove to see if it's hot. I have a lot of advice to give about how to avoid some of the mistakes other IT people have made in the past.

EL: What's the biggest mistake people make in climbing the career ladder?

JM: IT people are smart people, but they don't often have a sense of how to budget for projects and how to meet the deliverables. IT people often make things harder than they really are.

At MasterCard, we learned how to eat a big marshmallow without getting sick. The answer is a bite at a time. We broke down projects into very significant deliverables that we measured and monitored.

IT people have to first learn to commit to a project, and then stick to the schedule, the budget, and the deliverables.

EL: Do you think the CIO role should be rotational?

JM: Some companies might be better off if they went in that direction. If someone has been a CIO for 10 or more years, then that person might be stuck in that role. Let me tell you what helped me at MasterCard. For example, at one time I was assigned to run the process change team. We took more than $100 million out of the systems by leveraging technology, and leveraging people's skillsets. This experience helped me to grow closer to the business units. I had some other great business opportunities.

If you want to cultivate stronger IT professionals, then assign them both business problems and technology problems. This process enables IT professionals to gain a more realistic view of how the business uses technology, and how they should use it to solve problems.

EL: Have you read Nicholas Carr's book, Does IT Matter, or his Harvard Business Review article, "IT Doesn't Matter?"

JM: I've read the book. I've been in businesses where technology has made a big difference. At MasterCard, we leveraged a lot of technology to get good business results. Carr perceives technology as a commodity -- spending a lot of money on IT doesn't necessarily translate to creating competitive differential. For example, if an IT department is late with deliverables, then the company can loose its competitive edge. At MasterCard, we won a lot of new business by being the first to deliver new, working systems, and to continue to enhance those systems. The other guys had a hard time catching up with us.

--

Additional Reading - Sponsor Link:
Managing the Business of IT: Maximizing the Power of Service Resource Planning, the Next Step in Business Service Management

Elizabeth M. Ferrarini is an IT consultant from Boston, Massachusetts. Reach her at elizabethferrarini@yahoo.com.

by Deb Radcliff

Part 1  |  Part 2  |  Part  3

Smart devices have become the latest attack vector for online criminals, putting intellectual property, regulated and personal financial information stored on them at risk. In this first of a three-part article, author Deb Radcliff explores these new attack vectors into the enterprise.

Dozens of viruses, worms, and Trojans have been written against smart phones and pocket PCs since 2004. And even though most of these are proof-of-concept and nuisance malware, experts are warning of more serious crimes to come.

More criminal elements are already stealing identities and other personal and private information of value in countries where Symbian-based mobile phones are being used as money, in business collaboration, and in other valuable e-commerce applications, says Danny de Temmerman, head of cybercrime and security for the European Commission's Directorate General for Justice, Freedom, and Security. While speaking on a cybercrime panel at the RSA Security Conference in February, he also said that crimes over cellular phones have now become a top law enforcement priority in Europe.

"We're seeing fraud, phishing, spam, spyware, and adware all over these smart phones in countries where phones hold information that could be monetized," adds Vincent Weafer, director of operations at Symantec's Security Response Center, which sifts millions of spam messages per day through its global content scanning systems. "And in India, they're real concerned about pedophiles getting to their kids through their smart devices."

Even in the U.S., today's smart phone malware poses more than just a nuisance. For example, there are real costs to enterprises that issue smart, and feature-rich devices being targeted by malware. For example, skyrocketing phone bills when Mosquitos malware enter company-issued smart devices through games and start messaging expensive toll numbers. Other malware, such as the RedBrowser Trojan, repetitively ring up $5 - $6 SMS calls. And Commwarrior blasts millions of MMS text-based spam messages, also wracking up huge telecommunications bills.

Indirect costs also abound. Consider the lost revenues when productive road warriors lose their customer data and contact lists because a worm turned their phones into useless "bricks". Such worms can already kill reboot (Fontal.A), crash the operating system (Locknut), and drop the operating system and other critical applications altogether (Skulls). There's also the cost of cleaning up the network when an infected smart phone synchs to a PC or connects to the network through the VPN.

Fortunately, there's also more security around U.S.-based smart phones, particularly in closed carrier networks where phones are issued and maintained by the network operators. But there's much room for improvement, particularly in developing standards around device authentication, application integrity, and data protection on the handset. And, as with PCs, users -- including the enterprise customers -- must do their part to avoid malware, spam, and fraudsters in the first place.

A Safer Gateway

Ask Verizon Wireless, and you'll get an earful about how the risks are blown out of proportion by vendors wanting to sell security on the handset. It's all in the network, says Jeffrey Nelson, Verizon Wireless Spokesman, echoing Verizon's marketing message.

His biggest beef with such dire portrayal of crimes to come to the U.S., he says, is that carrier networks have more control over their phones than they do in the U.S., where most phones are sold through closed-carrier networks, meaning carriers sell the phone and the service bundled together. This way, network operators can control the phones and the applications allowed on them.

"There's a huge difference in risk between the U.S. and Europe and Asia," Nelson adds. "In the United States, people buy wireless service from a company, while in Europe and Asia, you buy a phone you like, and then get service for it, then buy a carrier service. Then you slip in a SIM card, and walk into this dangerous, unprotected world."

With more control, carriers can lock down vulnerable applications like Bluetooth and manage downloads somewhat by, at the very least, working off a whitelist of approved vendors, and denying the rest.

In addition, any carrier network worth its salt is already filtering out malicious code and unwanted spam entering through their messaging and e-mail gateways, he continues. They should also be filtering content from loading directly off the Internet. For example, Nortel Networks is using Websense to block damaging and unwanted content from getting onto browsers from malicious Web sites.

There are other reasons we've not seen as much malicious activity in the U.S. as we have overseas, say experts. For starters, the U.S. has been slow to standardize on a single operating system; whereas Europe, Asia, and other heavy-use regions have standardized on Symbian. So, by defaut, Symbian has become the operating system to attack, says Thomas Longstaff, deputy director of technology, Network Systems Survivability for Carnegie Mellon's Software Engineering Institute.

Another reason is slower adoption of smart O/S-, and browser-enabled phones in the U.S., which currently make up12 percent of North America's cellular phone user base, according to the Yankee Group. But, by 2009, that number will rise to 46 percent. And, 87 percent of all U.S. cellular phones in circulation are already feature rich, according to Yankee. Where there are new features, there are also new vulnerabilities.

--

Deb Radcliff is an award-winning freelance writer, educator and speaker based in Northern California. She's been covering online crime and security ever since working as researcher on a book about infamous hacker, Kevin Mitnick back in 1995.

by Tom Field

While CIOs have faced flat, to slow growth in their annual budgets, the same cannot be said of business expectations when it comes to innovative use of IT.

As a result, CIOs face this challenge: How to reduce costs while  simultaneously using IT to drive competitive advantage. As CIO magazine's fifth annual State of the CIO survey reveals, the best executives have realized that simple cost-cutting won't work. Technology innovation is a team sport, and it demands strong partnerships with business decision makers.

The survey asked nearly 100 senior CIOs for their thoughts on how to implement IT-led innovation throughout the company. Fifty-nine percent of them consider innovation a significant aspect of their job, but they also recognize that no executive is an island. More than one-third say that innovation initiatives are best led by a joint team made up of the CIO and other business leaders, and 28 percent say that innovative ideas best spring from collaboration and brainstorming with business-side peers. If the ideas and work are shared, so should be the responsibility as well: 42 percent of the respondents think that IT and the business units should share accountability for the results of their labors.

How much of your roll is concerned with innovation?

Where do innovative ideas come from?

Who leads innovation initiatives?

Who is accountable for innovation results?

by Howard Rohm and Larry Halbach

Reprinted with permission from the Balanced Scorecard Institute. Note: This article represents Part 2 of Howard Rohm's article "A Balancing  Act," published in Volume 2, Issue 2 of Perform Magazine.

Creating a High Performance Organization

"Build it and they will come" works for new cell phones, Internet services, residential home subdivisions, sports arenas, new dog food brands, and for many other new things. But it doesn't work so well with Balanced Scorecard systems.

"Let them build it and they will use it" works much better. "Them" and "they" refer to the people in an organization who are responsible and accountable for performance and results. In practical terms, this means using cross-functional teams to build the scorecard system rather than giving responsibility to strategic planning, finance, or any other single group or department. Besides using cross-functional teams, here are some other things you can do to increase the chance of a successful Balanced Scorecard implementation: spend at least as much time developing interactive communications, vision, and business strategy as you do developing performance measures; focus on aligning strategy with operations by starting with an organization's strategic components (mission, vision, core values, customer value proposition, and strategic themes) and working down to operations, projects, activities, and tasks; and plan for and follow through with deploying, managing, and sustaining the scorecard system after it is built. Simply put, we have found that building and implementing a scorecard system is more about changing hearts and minds and sustaining new directions, than it is about selecting performance measures and buying Balanced Scorecard software. If you are the Balanced Scorecard champion, think of your job to implement a Balanced Scorecard as one of helping to create a high-performance organization, and using the Balanced Scorecard as a framework for aligning the organization and human capital pieces needed to get to high performance.

This is the second article dealing with Building and Implementing A  Balanced Scorecard: Nine Steps to Success™. In the .rst article we described a framework for building a scorecard system using our Nine-Step process. By "building" we mean creating the components of a Balanced Scorecard using the following six steps: Assessment, Strategy, Strategic Objectives, Strategy Mapping, Performance Measures, and Strategic Initiatives. If you would like to receive a "Readiness Assessment Checklist" to prepare you for developing a scorecard system, contact us at: info@balancedscorecard.org.

In this article, we discuss the steps involved in implementing the Balanced Scorecard, and include recommendations for creating a management system and sustaining the system once it is built. We base our recommendations on our experience helping over 2,000 people in 13 countries and 60 organizations build and implement Performance Management scorecard systems, and on being part of the strategic planning and Performance Measurement landscape for 30 years.

Implementing the Balanced Scorecard

By "implementing" we mean turning the scorecard into a true management system and deploying, managing, and sustaining the newly created system. We use three steps to implement the scorecard: Automation, Cascading, and Evaluation. The output from each step links to the input of the next step, as shown in Figure 1.1. The circle of chevrons helps to convey the sense that scorecard building and implementation are a continuous journey, not a project.

Figure 1.1. Building and Implementing a Balanced  Scorecard

Following the completion of the building steps outlined above (Steps One through Six), the critical few performance measures have been developed. For a Tier 1 (enterprise-wide) scorecard, 20 to 30 strategic Tier 1 performance measures and targets (expected results) are typical. It is probably worth repeating a lesson shared in our previous article: avoid the temptation to treat performance measures as an end, rather than a means. We see many attempts at developing scorecards (and other performance frameworks, as well) where the effort is best characterized as a "rush to judgment" to get to measures. Precious strategic critical thinking is lost if this path is pursued.

Once we have a good set of strategic performance measures, a Performance Measurement information system is needed to collect and report performance data and transform the data into performance information. The distinction between data and information is important, as raw performance data is of little use to most people. Think of information as data with value added. The value comes in the form of context, visualization (reporting formats), trends, and benchmark comparisons to others' results.

Step Seven involves automating the Balanced Scorecard system, and consists of analyzing software options and user requirements to make the most cost-effective software choice for today and to meet enterprise performance information requirements in the future. Software options fall into the general categories shown in Figure 1.2, which shows relative comparisons of software solutions based on meeting overall enterprise requirements for performance information, and the relative cost and time to implement a software solution. Software options range from spreadsheets and databases, designed to meet very simple enterprise reporting requirements, to full data warehouses, designed to link disparate information (performance and other) together in an integrated management system.

Figure 1.2. Performance Information Software Solution  Space

We treat Automation as the seventh step in the nine-step framework, to make sure that the proper emphasis is placed on strategic thinking and strategy development before "software seduction" sets in. Building a scorecard system is a lot like building a house, where the pieces need to come together in the right shape, size and time, and need to be assembled by the right craftsperson to make the house structurally and functionally sound. Purchasing software too early limits creative strategic thinking, and purchasing software late makes it dif.cult to sustain momentum for the new system, as performance information reporting and utilization is clearly an early bene.t to be captured from the process of building the scorecard system. Having said this, it is also clear that software can help the critical thinking process (and the project management process at the end of the building steps -- Step Six: Strategic Initiatives) by capturing the results of strategy development, objective commentary, and strategy mapping as the process unfolds. Our recommendation is to analyze your software options early in the building process, decide if a software selection early on will add value to the process of building the scorecard, and then timing the software purchase to maximize the value to the Balanced Scorecard team and the managers and other employees who will use the performance information to better inform decision making.

The costs of deploying software information systems (including the price of the software, plus training and support) range from several thousand dollars to several hundred thousand dollars. A software choice should be based on value to the organization. In addition to the price of the software, key selection criteria include: visualization of performance results; ease of setup; training and maintenance; robustness of the underlying database engine; compatibility with existing enterprise IT architecture; vendor product and technical support; product maturity and vendor experience; and ease of use.

Step Eight involves cascading the corporate scorecard throughout the organization to business and support units, and ultimately to teams and individuals. Cascading means translating the corporate scorecard into department and division scorecards that are aligned with corporate strategy. In other words, aligning and translating corporate strategy throughout the organization. We have found that the most effective way of cascading is to start with the objectives and measures from the enterprise-wide (Tier 1) strategy map, and develop supporting objectives (and measures) for business and support units (Tier 2), and again for teams and business and support units (Tier 2), and again for teams and individuals (Tier 3). In a typical organization, separate scorecards are developed for each major department and support of.ce, and these scorecards are linked to the corporate scorecard through objectives. Since objectives are the building blocks of strategies, the alignment of objectives aligns strategy. Performance measures align as well, some as roll-ups to higher-tier measures, and sometimes to composite measures where the weighted average of a number of measures is used as a composite index.

Cascading to the objectives, tasks, and activities of Tier 3, aligns corporate and department strategy to teams and individuals. In some (typically large) organizations, an additional cascading level may be used, such as for customer-facing services.

Strategies developed during the corporate scorecard building process are the links that make the mission and vision of the corporate organization operational to operating business and support units, such as IT and human resources. Starting with a corporate scorecard and cascading objectives down to business and support units and then to teams and individuals assures that the work performed in all organization units is relevant and linked to organization mission and strategy. Each business and support unit can "connect the dots" and trace the work that they do back up to the overall "big picture" direction of the organization.

Figure 1.3 shows the concept of cascading, assuming one starts with a corporate scorecard at Tier 1, and then develops Tier 2 scorecards. One could continue the example to Tier 3 scorecards by developing Tier 3 objectives and connecting them to Tier 2 objectives. As a practical matter, objectives are more operational and less strategic as one goes farther down to lower tiers. For example, teams and individuals link what they do at Tier 3 (typically tasks and activities) to what the organization must do to be successful (objectives and strategies) at Tier 2.

Figure 1.3. Cascading Scorecards Based on Linked Strategic  Objectives

Some organizations start not with a Tier 1 scorecard, but with a Tier 2 scorecard. This could occur when a support unit scorecard is built .rst (e.g., IT). In this scenario, other scorecards are developed horizontally (e.g., to Finance or HR) and/or vertically (e.g., to Tier 1 corporate, or to Tier 3 teams and individuals). In these situations, it is important to keep strategic intent of the organization in mind, to avoid sub-optimizing a department's activities at the expense of enterprise goals.

Step Nine involves evaluating the success of chosen business strategies. The key question is: Were the expected results achieved? Remember that strategies developed in Step Two of our Nine Steps to Success™ framework were hypotheses of how an organization believes it creates value for customers and stakeholders. Adjustments to strategy (and mission and vision, if necessary) are likely as performance information is analyzed and market competitive forces are considered. Creating an analysis feedback loop to test strategy assumptions is an important step and one that many organizations overlook in their strategic planning implementation. The evaluation step includes the following components:

• Ensuring that organization learning and knowledge building are incorporated  into planning;
• Making adjustments to existing service programs;
• Adding new programs if they are more cost-effective;
• Eliminating programs that are not delivering cost-effective services or  meeting customer needs;
• Linking planning to budgeting.

The Nine Steps to Success™ framework is a disciplined way to develop the pieces needed to build a strategic management system. Now it is time to put the pieces together into a strategic management system and start using the system to produce the results you want.

Building the Management System and Managing with the Balanced Scorecard

Building and implementing a scorecard system is one thing; turning the scorecard into a useful and used management system is something else entirely.

The key to transforming a scorecard into a management system is to start at the right level of granularity and "connect the dots" among the components of strategy (mission, vision, values, pains, enablers, strategic results and themes, and strategic objectives) and the components of operations (projects, processes, activities, and tasks), and the budget formulation and cost reporting processes. Performance measures tie the parts together, and give us a way to measure how successful we are at achieving our goals. Figure 1.4 shows the logic for connecting strategy to operations. Strategy is shown as a vertical sequence of steps (equivalent to starting with expectations at a high altitude, such as expected organization-wide strategic results, and deriving aligned lower altitude initiatives, projects, and tasks). Operations is shown as a horizontal sequence of steps, with the activity or project outcomes linked to the outputs, process steps, and inputs required to deliver the activity or project results. The Balanced Scorecard gives us the ability to develop the aligned components of this strategic management system in an ordered, disciplined manner.

Figure 1.4. Linking Organization Strategy &  Operations

We are often asked "How do you effectively manage an organization once you have a Balanced Scorecard in place?" In other words, "What are the key things you should do that differ from your traditional way of managing?" We attempt to answer these questions below and give guidance on how to best take advantage of the strategic levers the Balanced Scorecard provides. This is a compilation of the experiences and wisdom of the associates of the Balanced Scorecard Institute, based on our collective knowledge from a wide variety of organizations. The following are management practices that we have seen lead to success in imbedding the scorecard philosophy into an organization and enhancing the results achieved from the scorecard system. These practices represent the key elements of using the Balanced Scorecard as a "Strategic Management System."

It's time for a change -- avoid "Business As Usual." Until you have been managing with a scorecard for some time, people will naturally be inclined to manage in the same ways they always have, without regard to the scorecard and the direction it provides. Now that your scorecard is built, be careful not to go back to business as usual. Work hard to cut off attempts to revert to the old ways. The scorecard provides a natural framework for reorganizing (actually revitalizing) discussion around your strategic themes and your scorecard perspectives (and maybe reorganizing the organization as well!). Organize all of your executive, management, and department meetings around the elements of strategy. In this way, attention will be focused on the strategically-important issues and the organization will naturally be led in those directions. People will likely try to structure meeting agendas in the same functional/departmental format that has been used in organizations for decades. Use a different approach after you have built your scorecard system, such as holding meetings around your strategies, your initiatives, or your perspectives (or, ideally, all of them!). Also, ensure that scorecard meetings are strategic, not operational. Focus meeting energy on strategic visioning ("How safe will our streets be in ten years?" not "How many potholes did we fill last month?") Avoid executive discussion on detailed, operational strategies, objectives, and measures that are not on the corporate scorecard. Push operational discussions down to the departmental (business or support unit) level, or to teams and individuals.

Assign permanent Balanced Scorecard roles. To continue emphasis on the scorecard and strategic management, it is important to have a number of people assigned to scorecard roles on a permanent basis. You should assign specific scorecard roles and responsibilities to key people throughout the organization. This imbeds strategic thinking in the organization and builds commitment to ongoing strategic management. These roles include the scorecard champion, corporate and departmental performance measure owners, and the assignment of responsibility for individual themes or perspectives to specific owners. Often, client organizations will assign departmental scorecard champions who are responsible for scorecard management and communication in their individual areas. In addition, these champions can be members of a scorecard advisory group that meets regularly to discuss scorecard issues and suggestions.

One client formed permanent teams around each of their strategic themes to provide guidance and continual direction that will carry the scorecard efforts forward into the future. Each of these teams is headed by a key manager, but made up of a combination of managers and cross-functional staff members from across the organization. This approach ensures that the strategic themes receive attention throughout the year, and year by year into the future.

Use the scorecard process to develop the strategic plan. Strategic planning is more valuable if you use the development of a Balanced Scorecard as your framework. Instead of using a consultant or the internal strategic planning department to write a plan, use key employees in the organization to build the plan and the management system. We find that the process of using cross functional teams to build the strategic plan and management system, with expert facilitation and guidance, is critical to longterm success of the new management system. Those of you who have experience with strategic planning the old way (i.e., giving the assignment to a few internal planners or hiring a consultant to do it for you), know how few times the resulting strategic plan becomes the ‘guiding light' of the organization's resourcing, and strategic and operations planning. In the old way, most strategic plans are little more than thinly veiled justi.cations for favorite programs and projects the organization is already funding. The Balanced Scorecard puts more strategic thinking into the strategic plan development process. When we .nish a scorecard system, the resulting strategic plan is under ten pages, and all the important strategic elements of the organization are laid out clearly and concisely, and aligned. The dots do, indeed, connect.

Your planning process will become an annual evaluation and revision of the corporate scorecard. Be sure to fully integrate the Balanced Scorecard into your strategic planning process. Each year you should assess your progress against the strategic goals and determine whether or not your strategic hypotheses (the causeand-effect linkages of your strategy map) are valid. You should also assess the strategic impact of external events and adjust the scorecard (strategies, objectives, measures, and initiatives) to re.ect your experience and the current environment. This is Step Nine of the Nine Steps to Success™ framework,  and is essential to long-term strategic management success.

Use the Balanced Scorecard strategic plan to drive budgeting and cost  control. In Balanced Scorecard organizations, the scorecard should play an active role in the organization's budgeting process. It is usually dif.cult to obtain funding for new initiatives, and in many organizations, the budgeting process is driven by funding "favorites," or day-to-day operations. The Balanced Scorecard improves the budget process because strategic initiatives have been identi.ed through the scorecard building process, and it is practical and even essential to set aside a portion of the budget for these strategic projects. Using the Balanced Scorecard to drive the budget results in a "strategic," or "performance budget." Day-to-day activities can be separately funded, but linked, in an "operating budget." A Performance Budget is a budget formulated by activities and programs, as opposed to organizational units. Results-oriented business planning is combined with planned measurable outcomes to produce a budget where policy decisions can be informed by program performance and cost information. Once those policy decisions are made, the same performance measures guide the day-to-day operational management of programs to ensure that budgeted services are delivered with the intended results. These measures (leading and lagging) provide information on how results are produced, what is working, how well, and where improvements are needed to achieve the strategic goals.

Some organizations have eliminated the formal annual budget "dance," and instead use a rolling quarterly budget that allows real-time adjustments based on a quarterly strategic assessment. In addition, many organizations use the scorecard to lead them into Activity Based Costing, which can further ensure that the strategic goals of the organization are accomplished cost-effectively.

Figure 1.5 shows how the elements of strategy, operations, budgeting, and employee accountability can be combined into an integrated strategy-driven management system. Employee Performance can then be aligned with enterprise and department performance to produce an integrated management system where what is accomplished is more important than what is produced or how many hours are spent in the production of services.

Figure 1.5. Balanced Scorecard Strategic Management  System

Continue to work on the strategic enablers. There are a number of the elements of scorecard building and implementing that need to be continued in order to sustain progress made and strategic focus. These enablers include: communications, change management practices, incentives, reporting results,  and prioritizing initiatives.

Early in the process of building your scorecard system, the importance of  communicating organization strategy and desired results will become obvious. So will the importance of communicating why you are building a new management system. In the absence of information on "why" from the leaders of the organization, employees will make up their own answer as to why. Ensure that you maintain and implement a communications strategy and plan even after the scorecard has been implemented. Remember that communications is an outcome, not an activity, and two-way communication is the key to a good outcome. The Balanced Scorecard strategic management system is a change initiative, designed to change behaviors, and this can only be accomplished by interactive, two-way communications at all levels of the organization. Regularly communicating results is important, listening to what employees think and feel is more important. Hearts and minds will not be won over with a news article or a web page, so communicate often and well. Also, be sure to highlight successes that resulted from the scorecard process. Highlighting early success is crucial to maintaining momentum of the new system and building sustainability. Periodically review your communications plan, and make changes as appropriate to reflect organizational or strategic changes.

You should also continue to follow good change management practices during and after development of the scorecard. These practices are incorporated in the Nine Steps for Success™ framework, and should be continued as you go forward to ensure that progress is sustained. Some of the key areas to consider are: continued communication of the vision and rationale behind the scorecard, involvement of people from across the organization in planning and implementing the changes, communication of results to everyone in the organization, ongoing scorecard training especially for new people, employing process teams to improve throughput, and use of rewards and recognition to emphasize and reinforce desired behaviors.

Be sure to continue to link incentive reward systems to performance (and scorecard measures). Some organizations decide for a variety of reasons to defer this step and some never do affect this linkage. We strongly recommend that reward systems reflect the scorecard objectives and do so as quickly as is reasonably possible. Of course, it is prudent to take time to ensure that the measures are properly de.ned, captured, validated, and calibrated before using them to provide signi.cant portions of people's compensation, but it is the most powerful way of getting people's attention and focusing on the things that matter. Once you have begun rewarding people for performance, continue to do so and make certain this linkage is incorporated into each year's rewardand-recognition program. Rewards and other incentives can take many forms, both monetary and non-monetary. Many studies have shown the importance of non-monetary incentives to achieving long-term positive impacts on behavior.

Continue to report performance results often and draw comparisons to expected results. Look for ways to visualize performance that employees will .nd useful. There are many ways to show data and information, and the usefulness of performance information will be tied to how it is visualized and presented. At different levels of an organization, different visualization techniques should be used to drive the behaviors being sought. People need to see regular feedback, and the frequent communication of results enables quick corrective actions to be taken when problems begin to develop. If people can easily and regularly see whether or not they are on track to reach corporate goals, and if their rewards are dependent on achieving those goals, they will naturally apply the effort required to stay on track. Use the scorecard system to improve organizational performance, not punish lack of individual performance, and to track progress across reporting periods.

Regularly use the Balanced Scorecard to help select and prioritize  initiatives. The scorecard process enables management to direct resources to those initiatives that have the greatest strategic value. We almost always .nd that an organization's overcommitted resources are assigned to a number of initiatives that do not have large strategic value. By consciously focusing resources on truly strategic initiatives and canceling projects, transferring resources, or deferring those initiatives that aren't strategic, organizations are much better able to implement changes needed to accomplish strategic goals. This prioritization should be part of the regular management practices and should be reviewed periodically to ensure that resources are being deployed only on the truly strategic initiatives.

Figure 1.6 shows the components of a sustained strategic management system. By continuing the essential elements of the Balanced Scorecard process, you will be able to sustain and continue to achieve progress in strategic management.

Figure 1.6. Sustained Strategic Management System

When you have completed the steps and taken the actions described in these two articles, you will be on your way to having developed a high-performance organization. Figure 1.7 shows the construction of a high-performance organization using the example of a house we mentioned earlier. The roof and attic represent the strategic elements of your organization, the load-bearing walls are your strategic focus areas (strategic themes), and the .oors are performance dimensions (perspectives) that allow you to translate your organization's vision and strategy into operational terms (through strategic objectives). Your performance "house" needs to be built on a strong foundation of engaged leadership and two-way communications.

Figure 1.7. Building a High-Performance  Organization

We hope that these ideas will help you in your efforts to achieve maximum long-term bene.t from your investment in a Balanced Scorecard. If you would like a checklist of additional tips and tricks, send us an email to receive a free copy. If you have questions or wish to discuss any of these recommendations, please contact either Howard Rohm (at hhr@balancedscorecard.org) or Larry  Halbach (at lah@balancedscorecard.org) at the  Balanced Scorecard Institute.*

The Balanced Scorecard Institute provides training and consulting services to private, public, and not-for-profit organizations worldwide. Their expertise is in Balanced Scorecard Systems, Strategic Planning, Performance Management and Measurement, and Performance Measurement Information Systems.

^*Several Balanced Scorecard Institute associates contributed to this article, including: Dr. Gerald Turner, Pam Weppler, Kitty McCoy, Kevin Zemetis, Dr. Kathy Fiedler, Dr. Gardner Shaw, Jeff Parks, and Paul Arveson. Marv Weidner of Weidner Consulting contributed ideas on performance-based budgeting.

--

Howard Rohm is Vice-President of the Balanced Scorecard Institute, president of Howard Rohm Consultants, LLC and an international trainer, consultant, and facilitator. He has over 25 years of government and private industry strategic planning, Balanced Scorecard, Performance Measurement, and information technology experience. To learn more about the Balanced Scorecard Institute, visit their Web site at www.balancedscorecard.org.

Larry Halbach is Deputy Director of the Balanced Scorecard Institute and an international consultant and facilitator. He has over 20 years of experience with IBM, followed by his career as an insurance executive and consultant in strategic planning, Balanced Scorecard development and implementation, and information technology management.

by Elizabeth M. Ferrarini

How can one know whether a particular technology will change the way we live or work? What signs do you look for to tell if an emerging company is going to survive? These are just some of the questions that Enterpriseleadership.org put to Clayton M. Christensen, a technology management professor at the Harvard Business School.

In his groundbreaking bestseller, The Innovator's Dilemma, Christensen exposed the crushing paradox behind the failures of many key industry leaders -- (mis)judgments like pleasing the most profitable customers and ignoring disruptive technologies, such as Linux and network-attached storage devices. His book, The Innovator's Solution, makes the case that  innovation and profitability are more predictable than managers have come to  believe. Seeing What's Next, his latest book, provides a model for those of us without any proprietary information on how to forecast how innovations will affect companies and industries, and how to make the right decisions (while there's still time).

EL: How can a CEO monitor the pulse of his company's marketplace to  determine whether the company will succeed or fail?

CC: By looking at data in the present through a lens of good theories, a CEO can forecast whether the company is on track to become more prosperous or to fail. Data about the distant past always exists. If the CEO is using data to understand whether the company will be more successful or not, then the CEO will always be driving into the future, while glancing in the rear view mirror.

For example, if the innovations will help the company sell better products to existing customers, then these sustaining innovations will not necessarily result in future growth, even if it appears that you are innovating and that your profits are improving. If you look at it through the lens of my research, it would cause you to be worried. On the other hand, if your innovations are disruptive -- ones that create new growth markets -- even through they improve current financial results, you could say you are laying the foundation for an exciting future.

EL: What are the indicators that a business or an industry is ready for disruption? You talked about companies that produce products that no one buys and/or product improvements that no one will pay for. What are some of the other signs to look for?

CC: There are two types of disruptions: low-end and new  market. A low-end disruption might occur only if two conditions are met:

• customers at the low-end of a market don't value, and won't pay for, further  product improvements.
• someone has figured out a lower-cost business model that can be attractively profitable at the discount prices required to win the business of those customers at the low end.

The first condition identifies an entirely new market sector. If there is a specific population that doesn't have the skills to satisfactorily accomplish specific tasks, nor the money to buy the needed products, then they'll have to rely on the expensive and inconvenient help of experts. If that population exists, the second scenario occurs when someone else develops a technology that provides that specific population with an affordable and easy alternative for accomplishing their tasks.

EL: Given what you just said, where are the innovative opportunities for a major company, such as General Motors? How are they going to stay ahead of their competitors?

CC: If GM is trying to be innovative by making either better or larger sport utility vehicles, then I would really be worried. Seeing GM make innovations to its OnStar systems translates to a really exciting new growth business -- one that's disruptive. If GM tries to sell Buicks in Japan or China, then I would remark that it might yield profits -- but not create a lot of exciting new growth. On the other hand, if GM were to sell cars in China at a $4,000 price point, I would say the opposite.

By looking at innovations through the lens of good theory, you can tell whether today's innovations will produce tomorrow's results.

EL: How can a CIO encourage the company's use of innovative or  disruptive technologies?

CC: It's not the realm of a CIO to do this. The most exciting markets are the ones whose size can't be quantified. If the CIO finds himself or herself generating reports that innovating managers rely upon to assess the potential of the innovation, the CIO will be misleading people almost every time. To decide whether an innovation has potential, executives need to watch what people are doing, and then decide if the product they're proposing will help people do a better job of what they're already trying to do.

EL: In what industries is a lot of disruptive innovation going  on?

CC: Salesforce.com is a disruptive innovator to a sustaining technology company like Oracle. Linux has an operating system in Web-based computing that has become the OS of choice for handheld devices. It's really an exciting, disruptive innovation. Regional airlines are an exciting disruptive innovation that are just killing the major airlines, and SANdisk, which makes flash memory, is a disruptive innovation that is killing the disk drive industry. Wireless 802.11 and WiMax are pretty exciting innovations in telecom.

EL: Right now, another disruptive technology, the Blackberry wireless network, is embroiled in a patent lawsuit. Can a force like this hinder a disruption?

CC: It happens on occasion to sustaining innovations. Intellectual property protection impacts innovation in both positive and negative ways. A lot of times, patent issue thickets arise that make it difficult for anyone on the sustaining tier to create a meaningful innovation. For disruptive ones, the intellectual property issues almost never matter.

EL: About six years, StorageNetworks built an IT infrastructure from commercially available hardware, raised more than $200 million, and offered organizations a third-party source for immediate storage, likened to that of a public service utility. EMC validated the concept. But StorageNetworks couldn't make a go of that business and offered backup stores and eventually started licensing its software. Then, StorageNetworks went Chapter 11 and couldn't even find a buyer. What went wrong here?

CC: I haven't really studied this company in depth. With the caveat that I haven't crawled inside, I'll tell you some of the things I worry about as I watch emerging companies. First, when you start a business, you may think you know, but you don't really know if you have the right strategy. Likewise, you don't really know who are the right customers, and what job they are trying to get done. You start out with a deliberate strategy, and you think, this is the right thing, when in fact, you almost have to know for sure that, initially, you're going to be wrong. Therefore, you have to get in the market quick with a little of that conviction, then figure out what will work later.

One of my books cities a colleague's study of 400 Harvard Business School graduates who started new companies. Half have been successful; half haven't been. The graduates who founded about 90 percent of the companies that succeeded said they didn't entirely trust the strategy they used when they raised money. They ended up selecting another strategy that enabled them to succeed. The difference between the successes and the failures wasn't that the successful ones got it right the first time. They just had money left over after they got it wrong.

They learned from their mistakes in time to shift gears.

EL: What do you mean by "good investment money" and "bad investment  money"?

CC: Bad money flows into something with the willingness to accept big losses. You've got the expectation that the more you spend, the more you'll earn later. You spend the money expecting your strategy is right.

There probably was a good business opportunity somewhere for StorageNetworks. However, it's accurate to say that StorageNetworks didn't have the right initial strategy, and spent a lot of time pursuing it. Or you can say that StorageNetworks employed a deliberate strategy aggressively from the beginning, and spent to get big fast.

--

Elizabeth M.  Ferrarini is an IT consultant from Boston, Massachusetts.

by Kurt Milne

In this first column, I am going to try my hand as a matchmaker. No, I am not going into the romance business. What I am going to do is propose bringing together two seemingly independent approaches to improve the quality of IT service delivery — the IT Infrastructure Library (ITIL® and Six Sigma. These two approaches, each of which has attractive features, can certainly function without the other. So why bring them together? Let me explain.

ITIL defines a framework for IT Service Management. It consists of a set of guidelines, based on industry best practices, that specify what an IT organization should do. ITIL does not, however, define how to do it. For example, ITIL specifies that IT should allocate a priority for each incident that comes into the service desk. But, it does not specify how to allocate those priorities.

With ITIL, it's up to the IT staff to flesh out the details of process flow, and create detailed work instructions, all in a way that makes sense for their organization.

Six Sigma, on the other hand, defines a specific process, based on statistical measurement, that drives quality improvement and reduces operational costs. It helps in developing detailed work instructions, and it defines a methodology for continually mapping, measuring, and improving the quality process. Six Sigma tells you how, but doesn't tell you what. This approach does not specify any best practices specifically for IT Service Management.

In summary then, ITIL defines the "what" of service management, and Six Sigma defines the "how" of quality improvement. Together, they are a perfect fit for improving the quality of IT service delivery and support.

As in any match, however, there is a challenge. That challenge comes in reconciling the egos and expectations of the parties involved. In the case of ITIL and Six Sigma, this involves reconciling two separate camps of purists, each of which is convinced that their approach is best. To make things harder, both camps have impressive credentials to support their claims. ITIL has master's level certification. Six Sigma has its "black belts." So, your challenge is to bring these two approaches (and their advocates) together to implement the optimum combination for your organization.

The good news is that as a Remedy customer, you already have a great solution that helps bring them together. Remedy IT Service Management applications for the Enterprise help implement ITIL best practices straight out of the box. Remedy supports the ITIL best practices described in incident and problem management, change management, configuration management, service level management, and availability management. At the same time, the applications provide a great source of data for Six Sigma quality improvements. Outside the manufacturing area where Six Sigma was invented, there is no better place than the service desk to find operational data that drives customer relevant quality improvement.

By using Remedy applications to help implement the processes that bring ITIL and Six Sigma together, you have a great opportunity to use them both to improve the quality of IT services that are critical to your business.

--

Kurt Milne is Senior Manager of Strategic Marketing at  Remedy, a BMC Software company.

This article was originally published in the inaugural edition of Remedy Online Newsletter, a quarterly publication for Remedy customers worldwide. The article, which ran in Fall 2003, is the first of a recurring series on "Emerging Trends" in Service Management.

by Debby Young

Changing the game plan from cutting costs to increasing service.

With server virtualization, IT can dynamically provision resources for the corporate computing environment based on anticipated workload cycles, such as normal end-of-the-month spikes caused by payroll processing or increased demand on online ordering resources triggered by a planned promotion. Because virtualization can emulate multiple computer environments on any given server, IT can pool server resources across the enterprise, thus driving down the cost of operation. This just-in-time resource allocation is part of a predictive resource scheduling strategy that optimizes utilization and assures service levels despite fluctuating workloads.

"Ultimately, you want to be able to allocate resources based on business priorities," says David Cohen, vice president, research and development for Merrill Lynch. He likens it to the way the electric company distinguishes between hospitals and residences -- during a power outage, hospitals get priority service over the general public. "In a virtualized environment, IT can configure resources to enable mission-critical applications to take precedence over less vital applications when extra processing power is needed," he says.

Virtualizing such tasks as data storage and network support can reap similar efficiencies. Depending on its failover configuration, for instance, pooling standby servers alone could save a company upwards of 40 percent on idle infrastructure expenses, floor space, power consumption, and support personnel.

In the multitiered application environments endemic to large enterprises, IT tends to overprovision application clusters because need is calculated on the peak requirements of every application. By virtualizing servers, resources within the server cluster can be continually repurposed to meet changing capacity needs. When demand subsides from one application, the resources can be redirected to another application experiencing peak load. Therefore, the cluster can be provisioned closer to average requirements rather than to peak loads, optimizing resource usage and lowering the cost of ownership without compromising service-level agreements. In baseball terms, it's like having a utility player available instead of a specialized backup player for every position.

Because virtualization separates applications from the platforms they run on, disaster recovery -- one of today's key business priorities -- is quicker than in traditional IT environments. For instance, with a physical server, if hardware is modified after software is installed, the data restoration might fail because the licensing key no longer recognizes the configuration. "In a virtualized environment, from the operating system's perspective, it's all the same hardware," explains David Boyes, president and chief technologist for the Ashburn, Va.-based R&D company Sine Nomine Associates. "This can take literally hours and days off your disaster recovery time."

The Latest Advances

Advances in virtualization technology are occurring on a number of fronts. Foremost is dynamic, orchestrated provisioning -- that is, quickly reallocating servers from one pool of applications to another. This sophisticated process involves reconfiguring server parameters, allocating storage and other resources on the fly to meet the increased work-load demands of another application. VMotion technology from VMware, for example, allows IT architects and administrators to view the server farm as one aggregate computing pool and carve off logical servers to meet peak loads or to test new applications with no perceptible delay in service.

VMware is also innovating how memory is managed in virtualized, consolidated environments. With advanced memory management (AMM), IT no longer needs to calculate memory requirements based on the total amount of memory in each of the systems being consolidated. "Because AMM optimizes how the overall system is used, IT can often reduce actual memory requirements by 50 percent or more," explains Brian Byun, VP of software alliances for VMware.

In addition, progress is being made in balancing workloads across clusters in the enterprise to meet the service-level agreements for business applications. The goal is to prevent the reallocation of resources without first determining the underlying relevance to the business. For instance, is the spike in transactions in the Web store caused by an increase in purchases, or is it a denial-of-service attack? If it is the former, IT would need to reallocate resources to keep up response times in order to avoid losing sales. If it is the latter, IT would have to throttle back resources and address the attack.

Virtualization technology is rapidly gaining adoption. Innovators such as Merrill Lynch are using it to ease the transition to new computing platforms and manage application updates. For instance, when Merrill Lynch rolled out Windows XP across its user base, VMware allowed the company's financial advisors to toggle between Windows NT and Windows 2000 on the same desktop so that there was no disruption in service.

Industry experts observe that virtualization will enhance IT's ability to seamlessly integrate with partners that can provide additional resource capacity to handle workload spikes. There may be a slight premium on those resources, but it will cost a company far less than it would to retool the enterprise infrastructure to support peak requirements.

--

Additional Reading - Sponsor Link:
Seven Requirements for Balancing Control and Agility in the Virtual Environment

by Elizabeth Ferrarini

Most organizations have some sort of an IT help desk staffed by individuals who field calls from users, and then go into firefighting mode to solve users' problems. However, some IT organizations have transformed their inefficient help desk into a proactive, service desk that offers high productivity and efficiency, but at a lower cost than before. Major companies, such as Procter & Gamble and Caterpillar, have accomplished this goal by adopting ITIL initiatives, a standard set of best practices for lowering and improving the quality of IT service delivery.

The Role of Service Desk Based on ITIL

A service desk designed according to ITIL initiatives functions as the day-to-day operational interface between the IT organization and its users for achieving the organization's goals. The service desk also becomes the focal point for integrating the five disciplines in ITIL's service support management processes -- incident, problem, configuration, change, and release management. To this end, service desk staff must be able to communicate effectively with users, via a number of different channels, as well as use technology, in order to close the loop on tasks in each of the five ITIL disciplines.

How to Get Started

The first step in developing a service desk calls for identifying where you are starting from. Assessment should include a formal review of processes and procedures based on the guidelines in the ITIL Best Practice for Service Support volume. These guidelines will include measuring service performance against targets, identifying strengths and weaknesses, and aligning services with customers' requirements. You need to compare similar operations and benchmarks to gauge improvements.

ITIL guidelines call for you to define the key service desk processes, not just what they are, but how they operate, and what affect and significance each process has to your organization. These definitions will encompass the following:

• Staffing -- quality and number of people
• Daily operational procedures
• Incident processes
• Request handling and workflows
• Incident monitoring and tracking
• Escalation and closure
• Management information
• Call volumes, workload, performance, and trends

The outcome of all this should provide you with a better understanding of user requirements, service level agreements, and the operational level agreements that underpin them.

Select the Right Staff

ITIL guidelines place a lot of emphasis on getting the right people from the start or training the staff you already have. A proactive service desk must have a motivated and positive staff. A good staff becomes a service desk most precious asset. So invest in your staff. This effort might mean recruiting new staff and supporting them with training, tools, and resources to be effective. Soft skills, such as good verbal and written communications, hold as much weight as technical or business knowledge. Don't forget to involve the staff with decisions about the service desk.

Think Service Always

ITIL guidelines call for thinking service desk. To this end, make sure your organization includes the service desk when it considers new business or new direction. Prepare the service desk to handle a new product, or service, or new users. The service desk needs to be involved from the start and have plenty of time to plan for any changes in priorities and workloads. Staff should help define service processes and priorities. The staff should get involved with transition teams to help ensure smooth running of a new business or a merged organization.

User perception of the service ranks alone side of how the was improvement. In some cases, the service desk staff might find it appropriate to work with users to integrate some of their processes with those of the service desk. Such an effort could provide a seamless support environment. For example, an organization might want to incorporate second line support, problem management, and change management facilities into its own service desk operations.

Insist on the Appropriate Technology

The ITIL guidelines stress using technology appropriate to meet the organization's required service levels. The service desk needs to maintain or have access to a wide range of information and facilities that can be provided to users. Some of this might include reference material, such as the corporate file storage structure, contract documentation, process definitions and scripts, and frequently asked questions. Some material might have been interactive, such as links to message boards, intranet services, and external Web sites. Some material might be designed to coordinate service and change management capabilities. For example, this material might enable the service desk staff to manage problem resolution or enabling to assess, coordinate, and deliver service more effectively to users.

Recent advances in service desk tools have included remote (virtual) desktop, and network and application support. (See Tips for Evaluating Service Desk Tools) Service desk tools now incorporate facilities to identify and to resolve incidents before they affect users. In many cases, the tools can resolve problems without intervention from the service desk staff. When a user needs to contact the service desk, he or she has a range of self-help facilities, such as Web and intranet access, incident logging, incident status reports, and other information can help the individual to resolve the problem. These tools can reduce the need for users to contract the service desk for mundane reasons, and thus free the service desk staff to focus on more pressing tasks.

Links between system management and service management tools can provide invaluable insight into the performance of the complete technical infrastructure and can even highlight where attention is required to fix emerging problems. With early warning of failure, missed thresholds, and poor performance, a department manager can decide on the most appropriate actions to eliminate the causes.

The most advanced service desks, as described in the ITIL guidelines, also support functions such as inventory management and software distribution. Integration with each vendor's Web site can provide an additional layer of service that be provided seamlessly to users. For example, one such service might include allowing users to order and download upgrades and new software. Vendors might even be prepared to fund part of the project in return for the benefits they receive.

Seek Support from Other ITIL Adopters

Never feel that you are alone in carrying out a proactive service desk based on ITIL guidelines. You're not. Seek out IT professionals at other organizations who might have faced similar challenges to you and might be happy to share them with you. Visit these individuals and see how they work. Look at the processes you can adopt and check out businesses in other sectors. Most of all, joint the not-for-profit IT Service Management Forum or itSMF (www.itsmf.com) promotes ITIL through its 8,000 members worldwide. Be prepared to share ideas by attending itSMF seminars and itSMF regional groups.

Transforming your help desk into a proactive service might sound like a daunting task. You can lessen the task with careful planning and sensible implementation using ITIL initiatives.

Guidelines for Evaluating Service Desk Tools

When it comes to selecting service desk tools, you might want to narrow your search to those process integrated tools that completely support the five disciplines in the ITIL Best Practice for Service Support volume. For example, a service desk tool integrated with change management can reduce disruptions in the IT infrastructure. This type of tool can locate critical components with performance problems, which can help service desk staff solve user problems more quickly.

If the service desk tool can expand the concept of service management to include other increasingly important processes, such as capacity planning, then IT department can reuse and integrate the knowledge that is captured in this tool. For example, ITIL guidelines provide a problem-management process where an IT professional spend time investigating the root cause of a problem to prevent the problem from reoccurring. A service desk tool should have the capability to relate incidents to problems so that a service desk staff member can make use of the knowledge that is captured with the problem record for faster resolution. Integration between the service desk tool and the systems management environment can enable planned-outage planning support based on specific service levels.

When evaluating service desk tools, consider if the service desk tool dictates how to organize the service goal, or if the service desk can tailor the tool to suit its own way of working. Look for a tool that is based on ITIL's recommendations for the basic organizational structure of the service desk. At the same time, you should be able to tailor the tool so that it can integrate seamlessly with the existing organization infrastructure. Each organization will have unique escalation procedures, notification rules, and approval processes to which the service desk should conform.

So, when evaluating service tools, ask yourself these five questions.

1. Is the tool completely based on ITIL?
2. Does it have the capability to define and to map IT service and their components?
3. Out of the box, does it integrate with the following:
   • A confirmation or asset management module?
   • A change management module
   • A workflow management module
   • A service level management module
4. Does the tool allow you to forward of events being generated by a network or systems monitoring tool and communicating back any status change of the incident recorded in the service desk application.
5. Can you easily learn to use the tool, navigate with it, and tailor it to your needs?

--

Additional Reading - Sponsor Links:
Why You Should Take a Holistic Approach to ITIL and Service Support
Streamlining Service Request Processes: A Key to Business Success
Taking the Service Desk to the Next Level

Elizabeth Ferrarini is an IT consultant and freelance writer from Boston, Massachusetts. Elizabeth can be reached at elizabethferrarini@yahoo.com.