Last Monday, Stephanie Balaouras and I recorded a podcast on a recent hot topic amongst Forrester clients — Enterprise Role Management (ERM). For the most part, people understand fundamental provisioning so I wanted to take this time to go through ERM in a little more detail.
Over the past few months, I have been asked many questions about taking ERM to the next level — about how to expand and automate identity management infrastructure. Before determining whether this is the right step for your company, however, it's important to understand the two most important benefits from doing so and also recognize the prerequisites.
Among others, two benefits of ERM are security and compliance. Achieving a more mature role management system will increase your organization’s security around information sharing, and it will enable understanding of the segregation of duties. Before achieving this level of security and compliance, it’s important to simplify your identity repository and create a clear-cut set of records. This allows for a recertification phase when managers can take the time to revoke or grant access to existing accounts. Once you have created a clean, up-to-date role management database, your organization is ready to look forward to taking ERM to the next level.
After speaking with many clients on this topic, I have garnered a solid list of best practices that everyone should be aware of before attempting to strengthen any ERM system. These practices include data points around user population and recertification timelines, whether or not a hierarchical approach should be adopted to organize roles, and the value of tools such as Web single sign-on and security incident and event monitoring as they relate to role management.
Last week, Forrester released results from our “Global IT Budgets, Priorities, And Emerging Technology Tracking Survey.” Highlights of the survey are reported in Chris Mines’ recent blog, the title of which gives you the gist of our findings: The Overall IT Budget Environment Has Turned Positive.
However, there were some very interesting differences across some of the geographies we surveyed. Respondents in emerging markets tend to be more optimistic than their counterparts in more mature markets. When asked about the outlook for their industry, 51% of respondents in Latin America thought that 2010 would be a very good or somewhat good year, followed by 36% in Emerging Asia (China and India) and Russia, with North America and Western Europe lagging behind with only 31% and 25%, respectively. Big difference in outlook between Western Europe and Latin America! On a more positive note all around, these numbers were much more positive than the outlook of respondents in last year’s survey. In 2009, only 8% of respondents in NA and WE expected a good year – really not very optimistic about their industry outlooks. Emerging Asia (without Russia) was 15%, and Latin America was 21%.
In case you weren't able to join us at our Forrester IT Forum in Las Vegas last month, here is the video of my keynote session on how enterprises should be thinking about incorporating cloud computing into their IT strategy. Bottom line: consider cloud a new part of your overall IT portfolio and something that can help you cost optimize your business.
I welcome your feedback on this content and learning how you are incorporating cloud into your strategy and how we can help you take the most advantage of this important shift in the IT landscape.
Forrester’s newest survey of the IT spending environment has encouraging news that underpins our forecasts of a rebound in industry fortunes after the nasty recession of 2008-09. The good news for tech vendors is that IT budgets and purchasing plans are starting to reflect an improving economy. Last week, Forrester released results from our “Global IT Budgets, Priorities, And Emerging Technology Tracking Survey.” Among the top-level results: just over 40% of the 2,800 IT decision makers surveyed expect to increase their organization’s overall IT spending in 2010, up from just 12% in 2009; another 33% expect to hold their spending steady. So the overall IT budget environment has turned positive.
Respondents identified the top business priorities supported by IT investments as: 1) grow company revenue, and 2) reduce operating costs. No surprises there. But we were intrigued to see that “Drive new market offerings or business practices” ranked number 4, indicating that respondents are looking to IT to support and enable new product innovation.
We also see an uptick in spending on offshore IT services in 2010 vs. 2009, across ALL geographies. Survey results also show that more than half of respondents have either implemented or are planning to implement SaaS, illustrating the tech industry’s continuing shift toward new purchasing models based on operating rather than capital expenditures.
A few days ago, CSC announced its new Celeriti banking platform, which consists of five products: Celeriti Customer, Celeriti Deposits, Celeriti Loans, Celeriti Cards, and Celeriti Merchant. The solution includes, for example, a strong business process focus, business intelligence, and the so-called Web Portal User Interface. The platform has been built around IBM application infrastructure, runs on multiple operating systems such as z/OS, z/Linux, Linux, and Windows, and has been validated for use with the IBM Banking Industry framework. Here is my initial reaction to Celeriti.
Earlier this week I was in Milan, speaking at the CPO Forum event about the importance of good procure-to-pay (P2P) systems to deliver sourcing's theoretical savings into real bottom-line improvements. As England's ex-goalkeeper Robert Green showed us last week, savings opportunities aren't the same as real savings. :(
I had some subsequent discussions with attendees about P2P best practices and how you maximize adoption by business users. One tip relates to the optimum number of approval levels — my conclusion is: the fewer the better. As one procurement director put it, "We empower our people, and show that we trust them, but not unconditionally. We monitor individual expenditure closely, so each person knows that we may subsequently ask him to justify anything exceptional that shows up in the report." His firm had actually cut consumption of health & safety equipment by 20% by eliminating pre-approval and replacing it with exception reporting. He'd also streamlined the MRO procurement process. "We approve the maintenance work order, but then we used to have to separately approve the parts used to do the job. I convinced my colleagues that the second approval was a waste of time."
In contrast, what can happen if you have too many approval levels?
I recently asked my Twitter followers if they had good examples of queries, business questions that SQL can't do. It turns out a better question is "what SQL can't do easily", so I thought I'd share with everyone what I heard and found. Seth Grimes was the first one to provide an excellent answer with some informative examples - thank you, Seth! I also found very useful articles on typical SQL challenges such as avoiding multiple duplicate sets in your SQL results, and why NULLs create tons of headaches for SQL coders.
There's also a typical SQL challenge with ragged, sparse, unbalanced hierarchies and dimensions. For example, a retail store, a wholesaler or a distributor with thousands of products, and a manufacturer with thousands of parts often struggle with dissimilar data. A pencil in an office supply store does not have the same descriptive attributes (lead type, for example) as a calculator (scientific, financial, etc.) or an office chair (number of wheels, etc.). Or a tire in a car manufacturing supply chain does not have any common descriptive elements (rubber grade, width-to-height ratio) with gear boxes (automatic vs. manual, 4 or 5 speed, gear-to-gear ratios, etc). When looking for correlation between two entities (for example, what is a potential product quality issue that is making my sales go down?) in cases with disparate, dissimilar products (as in retail products or manufacturing parts), the same SQL query cannot work for all products or parts. One would be forced to write multiple SQL queries for each product or part type to find such a sales/quality relationship.
In my ongoing work with risk management professionals, I've been encouraged to see how quickly the role is growing in influence and responsibility in today's business environment (even though the drivers for that elevation are often disastrous). Along those lines, I read a great article this morning in StrategicRISK, discussing the window of opportunity for risk experts, aptly entitled Keep Your Eyes on the Prize.
The article quotes the Institute of Risk Management's deputy chairman, Alex Hindson, who says that top executives and boards of directors are looking for risk management guidance, and if risk experts in their organizations can't step up to fill that role in their "window of opportunity," it will be filled instead by auditors, finance professionals, or external consultants.
In my recent engagements with Forrester's clients in risk management, I've certainly seen a lot of interest and participation from other functions in the business - most notably audit and IT. And just last week, my colleague Craig Symons published a report explaining key issues in risk management for the CIO.
I'll soon have a client report out with interesting Forrester data about how SOA adoption continued apace during the Great Recession. In the meantime, Forrester partnered with TechTarget on a different SOA survey, primarily to TechTarget's readers, wherein we asked a wider range of SOA questions. The bottom line of all this data is that SOA is alive and well.
SOA's strong health is not a surprise (at least not to Forrester), but something else very interesting came out of the survey. To the question, "What is the most significant challenge you are facing with your SOA project/initiative?" the top response was not really about SOA. Instead, by a 2:1 margin over the next response, the biggest challenge was, "Designing how to do SOA in an integrated way with other initiatives (e.g., BPM, events, BI, rules, etc.)." (I describe this in more detail in a write-up over at SearchSOA.com -- you have to register to read the full article.)
In other words, people are realizing that, in a multi-technology world, siloed approaches to individual technology areas won't cut it. This is the fundamental insight driving Forrester's development of Digital Business Architecture (see Forrester report) and Business Capability Architecture (go to blog post or to another blog post).
Social technology, which includes blogs, microblogging (Twitter), social networking tools, and next-generation collaboration platforms, is a fundamental shift in how businesses use technology. As Forrester describes in Groundswell, your customers are becoming empowered through their use of these technologies, and your business must adapt to this changing relationship. And in our forthcoming book, Empowered, we examine how the people within your business are driving business impact through their use of these same technologies.
Grass-roots experimentation and use by your business’s staff is good – but real business impact is when your business adopts and uses these technologies. This requires your business execs to put in the frameworks, guidelines, coordination, and governance to maximize benefit while prudently managing risk.
Forrester is embarking on research to develop a Social Technology Maturity Benchmark that incorporates these steps. Because maturity will be an important issue for you in your role of charting your firm’s business technology strategy, we’d like your input on this. Colleagues in Forrester’s team serving Interactive Marketing professionals are conducting a survey of both business and IT leaders, including CIOs, Infrastructure and Operations professionals, Sourcing & Vendor Management professionals, and Enterprise Architecture professionals. Here is their introduction to this survey: