Transcription

DevOps & ITSM:Defining Value From Two Sides Of The Same Coin

Executive SummaryThere is an instructive parable called “The Five Blind Men and The Elephant”, wherefive blind men set out one day to decide on how to describe an elephant. Each personapproaches the elephant from a different perspective and as you can imagine eachproduces a different result. One, upon touching the elephant’s leg, insists that theelephant is like a tree, another that the elephant is like a snake, another touching thetusk states emphatically that the elephant is like a spear, and so on. Of course themoral of this story is that they were all correct based on their point of reference.It is this author’s belief that this parable can be very easily applied to the coreprinciples of DevOps and IT Service Management (ITSM). On the surface the twomanagement approaches may seem opposite in nature based on their generalthemes but look a bit deeper you will find more than a few parallels.One would assume that DevOps is entirely focused on increasing thespeed of stakeholder value realization through shortening andautomating testing and release cycles. However, another main featurethat does not get the same airtime is that DevOps also describes theneed to bring operational requirements back into the early releasecycle in order to establish the basis for release standardization.IT Service Management, on the other hand, focuses on defining value in terms ofcustomer outcomes. These are expressed as services which are supported by a setof IT Management processes established to ensure value is defined, realized andimproved through the discipline of Continual Service Improvement (CSI), to get theright things done in the right way.The million-dollar question (perhaps literally) is whether these seemingly opposingobjectives can both be achieved by establishing a fit-for-purpose approach toblending the processes and timely actions needed, and deliver both speed andquality.The goal of this paper is to describe how in fact DevOps and ITSM are different sidesof the same coin and to make the case that they are mutually supportive and in actualfact co-dependent and indivisible.Troy DuMoulin – VP, Research, Innovation & Product Developmentwww.pinkelephant.com2

Table Of Contents1Value Is Defined By The Eye Of The Beholder .42Value Is Delivered By Functional & Non Functional Requirements.63The IT Value System – Partner Network .84Conclusion . . .11www.pinkelephant.com3

1) VALUE IS DEFINED BY THE EYE OF THE BEHOLDERBoth DevOps and ITSM present the need to focus on value as defined by or throughthe customer/consumer lens. In fact this can be said of pretty much any qualitysystem or process framework you wish to review, be it Lean IT, Six Sigma,Agile/SCRUM, etc. A key theme of each of these models is that Value has to bedefined from the perspective of the service consumer not the provider.I believe the best definition of value comes from the COBIT 5 IT GovernanceFramework. COBIT 5 focuses on 5 key principles, and Principle #1 is all about“Meeting Stakeholder Needs”. Value is defined as meeting Stakeholder Needsthrough 1) Benefits Realization, 2) Risk Optimization and 3) Asset Optimization.In short, Stakeholder Value is realized when the IT organization is able to deliver theoutcomes the service consumer wants and is willing to pay for in the most efficientmanner possible. All this has to be done without putting the company in harm’s wayby taking on undue risks related to confidentiality, integrity and availability (CIA) ofbusiness information and data.DevOps does a good job of focusing development efforts on increased efficiency andasset optimization by looking at ways to standardize and automate testing andrelease cycles. It does this through the use of cloud provisioning tools and run bookautomation software. In essence, DevOps is focused on asset optimization by movingtesting and deployment work from time-consuming manual activities, to softwarebased automation leveraging pre-defined, tested, and pre-approved scripts. Onecould also make the argument that moving more workloads to standardized andautomated provisioning methods reduces risk through the limitation of human error.www.pinkelephant.com4

ITSM on the other hand focuses on defining exactly what is meant by “BenefitRealization” through the definition of Services within the overall Service Portfolio anda published and consumable Service Catalog. It also focuses on establishing ITManagement processes related to a Service Lifecycle including: Strategy, Design,Transition and Operations practices, in other words: Plan, Build, Run. All of thesepractice areas focus on service outcome management related to benefits, availability,reliability and CSI. All internal and external stakeholders who participate in a sharedService Delivery Model need to follow common practices for delivering thoseservices, otherwise the goals of “Benefit Realization and Asset Optimization” are putat risk due to inefficient, ineffective and redundant IT Management practices.In summary, to truly deliver on the COBIT 5 definition ofStakeholder Value, an organization would need to deployboth DevOps and ITSM principles and practices.“Focusing only on one side ofthe coin will not provide theFocusing only on one side of the coin will not provide thecurrency needed to realize the return on capital and limitthe ability to get the job done!currency needed to realizethe return on capital andlimit the ability to get thejob done!”www.pinkelephant.com5

2)VALUE IS DELIVERED BY FUNCTIONAL & NON FUNCTIONALREQUIREMENTSHow would you view a product that had as many features as a Swiss Army Knife butfailed to deliver on all the other non-feature based quality elements you have come toassociate with that brand? It may have more options than you can practically use, buteven that is of no use if you received its shipment two weeks after the party it wasintended for. And if the knife can’t be opened without pulling out a small pry bar, whenyou do the blade snaps like glass, and you can’t find a support number to complainand return your product, how useful would that be to you?This example highlights the importance of capturing and delivering on both productfeature (functional requirements) and product quality (non-functional) requirements. InITIL terms these two categories are referred to as Utility (features or fit-for-use) andWarranty (usability or fit-for-purpose). To only deliver features but not consider thenecessity of the non-functional requirements is a recipe for disappointing customersatisfaction scores and plummeting consumer confidence.www.pinkelephant.com6

Unfortunately understanding and capturing both sets of requirements is a currentchallenge for most IT organizations, and common scenarios include:a)Not capturing both functional and non-functional requirements during demandintake causes IT to deliver services that do not meet business needsb)Having limited to no input of non-functional requirements into planning tasks is arecipe for not getting the service design specifications correct for productdevelopment and build activitiesc)Not understanding the non-functional requirements for design specificationscauses confusion and gaps in the identification of acceptance criteria for thebuild, testing and promote to production tasksd)“Unfortunatelyunderstanding andcapturing both sets ofrequirements is a currentchallenge for most ITorganizations.”www.pinkelephant.comDeploying incomplete releases that have beeninsufficiently tested, and without defined andestablished support models being introduced to therun/production environment detracts from the timeavailable to do work that actually creates stakeholdervalueDevOps typically focuses on capturing feature-basedrequirements when defining short release cycles. What isoften lacking is the DevOps stated requirement of bringingOperations requirements earlier into the release lifecycle.This is in fact where ITSM provides the necessary nonfunctional (warranty) considerations required during theService Strategy, Design, Transition and Operationsphases of the Service Lifecycle. You can easily make acase that without ITSM warranty requirements DevOps willnot fully understand the non-functional aspects of thereleases it needs to standardize and automate.7

3)THE IT VALUE SYSTEM – PARTNER NETWORKFormer US Secretary of State Hillary Clinton is quoted as saying “It takes a village toraise a child!” The same principle applies within an IT value system: everyorganization, no matter how large or small, shares a common characteristic in thatthey all use multiple supplier types to accomplish the IT mission. In essence, every ITorganization uses a network of partners to deliver end-to-end services. For mostorganizations, there are a variety of internal development and infrastructure groupsspread across different business units, each owning a small piece of the servicemodel with their own priorities, practices and tools trying to collectively accomplishenterprise goals. Now add external suppliers and the increasing trend to move tomicro service outsourcing with external cloud providers, and this model gets evenmore complex.This overall operating model provides value stream perspective for IT Governance toevaluate current practices, direct and prioritize improvement efforts and monitorprogress against strategic goals. However, to realize these objectives it is importantto understand the overall big picture of IT Value generation and the requiredintegrations before senior leadership is equipped to set priorities for CSI.www.pinkelephant.com8

All of the elements represented in the IT Factory model (Figure 1) can be found inany service organization. DevOps, along with other project and software developmentlifecycle (SDLC) methods, are useful for defining improved ways of managing thebuild/maintenance activities for customer value creation.Figure 1: The IT Factory Modelwww.pinkelephant.com9

ITSM provides the basis of defining the customer engagement activities, described inthis diagram as the Store Front. ITSM processes are also key to providing nonfunctional design criteria as input into the planning, build and maintenance activitiesexecuted by the IT Factory as well as the ongoing support and CSI activities. In short,ITSM processes provide the required design requirements DevOps is looking for inorder to bring operations requirements earlier into the design build lifecycle. Asdescribed earlier in this paper, both DevOps and ITSM are required and in fact areindivisible from each other.Practicing rapid paced releases without addressing non-functional and operationsrequirements is a formula for creating increasing levels of production instability andunplanned downtime which both decrease customer satisfaction. However,establishing rigid, autocratic and bureaucratic processes leaves an organizationunable to move at a speed necessary to adjust to shifting market and businessneeds. This is the challenge presented in this paper, and further shows why bothsides of the DevOps coin are necessary to make the investment required to generatevalue.www.pinkelephant.com10

3)CONCLUSIONThe stated purpose for this white paper is to build a logical argument that DevOpsand IT Service Management practices are striving for the same ultimate goals, andthat they should and need to work together to define how to deliver customer value.While ITSM describes inputs into build and project activities, it does not actually coveror describe how these activities should or could be best achieved. Likewise DevOpsdeclares the need to bring Operational requirements earlier into the lifecycle but stopsshort on how to actually achieve these results.Both frameworks working with other areas of best practice such as ProjectManagement, Architecture and Security Management are symbiotic in nature andneed to work together to provide the full picture of value creation. Remember that todeliver on stakeholder value three things are needed: Benefit Realization, RiskOptimization and Asset Optimization. Lose sight of one of the three criticaldeliverables and you risk failing to achieve the goal of stakeholder value creation.www.pinkelephant.com11

ABOUT PINK ELEPHANTPink Elephant is proud to be celebrating 20 years of ITIL experience – more than any othersupplier. Operating through many offices across the globe, the company is the world’s #1supplier of ITIL and ITSM conferences, education and consulting services. To date, more than350,000 IT professionals have benefited from Pink Elephant’s expertise. Pink Elephant hasbeen championing the growth of ITIL worldwide since its inception in 1989, and was selectedas an international expert to contribute to the ITIL V3 project as authors of V3’s ContinualService Improvement book and through representation on the International Exam Panel. Formore information, please visit www.pinkelephant.com.Service LinesPink Elephant’s service lines each provide different, but complementary business solutions:PinkCONSULTING: Using the ITIL best practices approach as a springboard, Pink Elephantprovides end-to-end solutions – from assessments, to strategic planning to implementation,continuous improvement and beyond. Experienced consultants work hand-in-hand withcustomers every step of the wayPinkONLINE: Use Pink Elephant's online ITIL Implementation Tool Kit and gain access tovarious services that support a service management improvement program, includingPinkATLAS, containing over 1,000 process deployment documentsPinkEDUCATION: Pink Elephant is the most prolific creator and widespread distributor of ITILtraining, and leads the way with education based ITIL V3’s service lifecycle approach. Pink isinternationally accredited with EXIN, APMG and PEOPLECERT, independent examinationinstitutes that manage the ITIL certification program. The Project Management Institute (PMI)has also recognized Pink as a Registered Education ProviderPinkCONFERENCES: Pink Elephant is the world’s largest producer of ITSM conferences anddelivers several major events per year to thousands of IT professionalsPink Elephant –World Leaders In Transforming IT Serviceswww.pinkelephant.comPink Elephant,5575 North Service Road,Suite 200,Burlington, Ontario,Canada L7L 6M1Tel: 1-888-273-PINKFax: 905-331-5070 Pink Elephant Inc., 2014. The contents of this case study are protected by copyright and cannot be reproduced inany manner. Pink Elephant and its logo, PinkVERIFY, PinkSCAN, PinkATLAS, and PinkREADY are either trademarks orregistered trademarks of Pink Elephant Inc. ITIL is a registered trade mark of AXELOS Limited. COBIT 5 is aregistered trademark of ISACA .WorldwideLocations:AfricaAsiaAustraliaNew ZealandCanadaEuropeMexicoMiddle EastUSA

ITSM provides the basis of defining the customer engagement activities, described in this diagram as the Store Front. ITSM processes are also key to providing non-functional design criteria as input into the planning, build and maintenance activities executed by the IT Factory as well as the ongoing support and CSI activities. In short,