Complexity

IT organizations have many components (people, processes, technology, etc.), and each component interacts with other components, resulting in a complex matrix of links and interdependencies. Service providers may focus on trying to maintain stability in the face of such complexity. Although understandable, this focus can result in a reluctance to experiment and a resistance to change, which may mean opportunities to improve effectiveness or efficiency are missed. Organizations often break services down into processes with specialist support teams for each, but such specialization then increases the need for coordination between components.

Another approach is to break services and service management down into specific processes. This can be successful, although there is a danger that their interconnectedness will be lost. All service management processes need to work together in order to produce services that deliver value for the customer. Failure to understand how the output of one process may affect the input to another may result in unforeseen consequences of decisions and actions, which do not become apparent until after major problems and incidents occur. Service strategy must therefore ensure that the bigger-picture perspective is always taken into account.

Coordination and Control

Decision-makers have limited time, so they delegate roles and responsibilities to specialized teams and individuals. Specialization can be beneficial as it allows for development of in-depth knowledge, skills, and experience, which can facilitate innovation and improvement. However, as the organization develops more specialist teams, there will be a corresponding increase in the need for coordination. This is a major challenge in service management because of the level of specialization needed for various stages of the service lifecycle and the processes and functions. It is important to appreciate this increased need for coordination and to address it through cooperation and control between teams and individuals and with suppliers.

Preserving Value

The value of services to the customer needs to be preserved, together with the customer’s perception of this value. This can be achieved through the following methods:

• Eliminating or reducing deviations in performance
• Maintaining operational effectiveness and efficiency
• Reducing hidden costs, such as high transaction costs incurred when changes are made to services, service levels, or demand levels in a trial-and-error manner
• Publicizing and substantiating hidden benefits like reduced lock-in through leasing assets rather than buying
• Reducing the cost of providing services by the use of automation, web-based functionality, support tools, and so on. These will also allow scalability without cost increases.

Effective Measurement

Organizations accept that “if you cannot measure it, you cannot manage it,” yet IT organizations are often poor at providing effective measurements. There may be many measurements, but they are meaningless, irrelevant, or presented with no context. Measurements are often inwardly focused on internal goals rather than customer satisfaction.

There are some common rules that are useful in designing effective measurements, as shown in Table 9.1.

Measurements focus the organization on its strategic goals, tracking progress and providing feedback. If strategy changes, what is measured should change to fit. Indeed, adopting new goals without changing what is measured will mean that the new goals are ignored because there is no way of checking whether they are being followed.

Monitoring of discrete failures does not provide a picture of the customer experience. We often talk about “end-to-end” monitoring; however, this is usually still restricted to the technical components and does not include the business processes. IT must move away from measuring components and toward understanding the impact on the business of failures, being able to answer questions such as these:

• Is the delay on the supply chain due to an IT problem, and what is the resultant business impact?
• How long does it take to process procurement orders, and where are the worst delays?

Technology too often focuses on data collection without providing insight into services. This is where data must be translated: data to information to knowledge to wisdom.

Definition of Risk

Risk is defined as a possible event that could cause harm or loss or affect an organization’s ability to achieve its objectives. A risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred. Risk can also be defined as uncertainty of outcome and can be used in the context of measuring the probability of positive outcomes as well as negative outcomes.

Every organization should therefore manage its risk in a way that is visible, repeatable, and consistently applied to support decision-making. By understanding the risks, and their likely impact, the organization and its management can make better decisions. Risk management ensures that an organization makes cost-effective use of a risk framework that has a series of well-defined steps. There are two distinct phases in dealing with risk. First, risk assessment is concerned with gathering information about exposure to risk so that appropriate decisions can be made and the risk managed appropriately. Second, risk management involves having processes in place to do the following:

• Monitor risks
• Provide access to reliable and up-to-date information about risks
• Enforce the right balance of control to deal with those risks
• Implement decision-making processes supported by a framework of risk assessment and evaluation

Inaccurate Information

Inadequate or incomplete information impacts the quality of decision-making. All organizations need to gather and validate the information needed for business decisions to be made. Accurate information is dependent upon good and appropriate measurement, as we have said; it also relies upon building relationships with business units, customers, and suppliers. These relationships will provide a channel of communication concerning business strategy and tactics, customer needs, service and performance requirements, demand patterns and volumetrics, market intelligence, and technical capabilities.

Risk of Taking, or Failing to Take, Opportunities

Risk is normally seen as something to be avoided due to the possible negative consequences, but risks may also present opportunities. For example, underserved market spaces and unfulfilled demand are risks to be avoided, but they can also be exploited. The service portfolio can be mapped to an underlying portfolio of risks that are to be managed. When service management is effective, services in the catalog and pipeline represent opportunities to create value for customers and capture value for stakeholders.

Implementing strategies often requires changes to the service portfolio, which means managing associated risks. Decisions about risk need to be balanced so that potential benefits outweigh the costs to address the risk. Developing a new service might be risky if it is unsuccessful, but there is also the possibility that it could achieve major benefits. The organization needs to take risks but limit exposure to an acceptable level.

Design Risks

There is a risk that services fail to deliver the expected utility benefits; poor design causes poor performance. For example, a change in the pattern of demand for a service could reduce its utility if it has not been designed to be scalable.

Service design should ensure that opportunities and resources are not wasted. Good service design processes and methods reduce the risk of failure by ensuring that the service can deliver the necessary performance and also tolerate limited variations. Good designs also ensure that services are economical and flexible so that they can adapt to changing requirements without a major redesign.

Operational Risks

There are two levels of risk that must be considered from a service management perspective. Both need to be considered because they interact with each other:

• Risks faced by the business and the business services it uses
• Risks to the IT services that underpin the business and its processes

Service transition should filter and negate these risks, and service operation should be able to convert risks into opportunities. Procedures in transition must be robust enough to resist demands for early delivery of a new capability without the agreed level of warranty, which could lead to tensions when the service falls below the agreed quality. Value to customers is realized in the service operation stage of the lifecycle when actual demand for services arrives. Warranty commitments require every unit of demand to be met with a unit of capacity that is available, secure, and continuous.

Market Risks

Sourcing decisions made by customers are potential risks for all service providers. Type I providers face the risk of outsourcing when customers sign contracts with external providers in pursuit of strategic objectives. Customers are willing to make the switch to external providers when benefits outweigh the costs and risks of switching from one type to another. Insourcing continues to be a valuable strategic option for customers who may reject an outsourced service and return to providing the service in house. This possibility represents a risk for Type 3 providers.

Market risks can be reduced by reducing the total cost of utilization (TCU), giving customers financial incentives not to switch to other options, or by differentiation, providing services that are unique, novel, or difficult for competitors to replicate. A third approach is consolidation: concentrating demand from several customers or customer groups onto a single service rather than offering a lot of diverse but similar services, thus reducing costs to help retain customers.