ITSM thought leader Stuart Rance put together a list of IT service management resolutions.
By Stuart Rance
I’ve been working in the IT, security, and IT service management (ITSM) field for several decades now, and dare I say, I’ve learned quite a lot – which I’d love to share with you.
Here are some tips that I have followed for many years.
Some of these tips are focused on improving ITSM or information security management to help your IT organization, and others will help with your personal development as an IT professional, but all of them will help to improve how you deliver IT services to your customers.
It’s amazing how much you can learn about your customers by simply spending time with them while they are working.
One IT organization I work with sends every member of the service desk out to work in a business unit for one day every year. They started to do this when analysis of customer satisfaction ratings for incident management showed that service desk agents who had previously worked in the business were getting much better ratings. They now have superb customer satisfaction ratings for nearly every incident.
You may think that you know what your customers do, and what’s important to them, but if you don’t spend enough time just sitting with them to understand how they work then you will never be able to deliver great customer service.
I have heard many people talking about customer experience, but few IT organizations seem to really focus on customer experience as an important outcome for their activities. There are many times that we should be thinking about customer experience, here are some you could consider:
When you design or change an ITSM process, include customers in the design team whenever you can. After all, customers will have a significant part to play in nearly every ITSM process. At the very least you should make sure that the design team considers the impact of every decision they make on customer experience.
When you design or change a user interface or a form, either for an ITSM tool or for a business application, consider the impact on customers and their experience.
When you are managing incidents or problems, make sure that you spend as much time thinking about the customer experience as you do on the technical issues. It’s very easy for technical people to become absorbed in the intricacies of fixing the issue and forget that there is a customer.
If you are responsible for SLAs and reporting, then ensure that these are completely focused on customer experience. Customers don’t care about abstract numbers and endless charts; they care about how they experience your service.
Every single activity you carry out should have this sharp focus on the experience you create for your customers.
Shadow IT is a term used to describe IT that has been procured directly by a business unit, without the involvement of the IT organization. It can include things as simple as using a free file sharing web site to share information with customers, but it can also include the purchase of complex solutions for CRM or ERP delivered as Software as a Service (SaaS).
Many IT organizations that I speak to tell me that shadow IT is not a problem in their organization. But when I speak to their customers I find that there are many examples of shadow IT in use that the IT department doesn’t know about.
The use of shadow IT is not in itself wrong, but if you aren’t aware of it then something has gone badly wrong with the way you understand and meet your customer’s needs. It really is essential that you speak to your customers and understand what IT solutions they’re using, so you can help to ensure that these are appropriate in terms of security and governance.
I’m not suggesting that you should tell your customers off for using shadow IT, simply that you should understand what they are using, and what benefits this delivers that you are not able to provide. You might need to improve your service offering and help to protect your customers, especially if they‘ve chosen solutions that have underlying risks they haven’t thought about.
Most IT organizations spend far too little time and effort on problem management. It’s never too late (or too early) to get started with problem management, so if you aren’t doing any, then why not start, and if you are already doing some then why not see if you can improve this critical area?
The first thing to do is to decide what problems you need to focus on. I like to use a Top 5 (or Top 10) problem report, which is created each month and identifies the problems that have had the biggest impact on the business. This does require you to put some effort into analysing incident data, but the payback can be very high.
Once you have identified your Top 5 problems you should talk to your customers, to make sure they agree with your priorities (see Tip 2), and then think about what you can do to reduce the impact of these problems. You don’t necessarily have to fix them, or even to fully understand the root cause. The most important thing to do is to reduce the impact these Top 5 problems have on your customers. You could do this by identifying the root cause and fixing it, but you could also do it by identifying a workaround that can enable rapid recovery when the problem occurs.
The easiest way to measure the benefit of problem management is by measuring the total impact of the Top 5 problems each month, and demonstrating that the impact of these is going down.
Continual improvement is another area where a small investment of time and effort can provide enormous payback in terms of improved efficiency, effectiveness, and customer satisfaction.
The most important thing to understand about continual improvement is that it is more about attitudes, behaviour, and culture than it is about processes and tools. Continual improvement can’t be delegated to a continual improvement manager, it must be part of how everyone works. If people have a passion for improving what they do, then they will find ways to make this happen. Every team, every group, every department and the overall IT organization should have a CSI register that they use to log, track, and report improvements.
The most widely adopted best management practice for ITSM is ITIL®, which has recently been updated to ITIL 4.
The most important things you should learn from ITIL are:
Think about everything you do in terms of value, outcomes, costs, and risks. The only reason customers use your services is because they help them create value.
Consider everything you do through the four dimensions: organizations and people, information and technology, partners and suppliers, value streams and processes. If you spend too much time and effort on any one of these then you are probably neglecting the others.
Use guiding principles to help you make decisions, prioritize work, and resolve conflicts.
If you’re not familiar with ITIL 4 then I strongly recommend reading about it, watching this webinar, and taking some ITIL training courses.
All of the tips so far have been about things you can do for your IT organization. The next few tips are about things you can do for yourself, and for your own professional development.
We all need to develop our skills, knowledge, and competence if we want to keep up with the rapidly evolving IT industry. There are lots of things you could do to help you with this, but probably the most important is to find someone who can be a mentor for you.
The job of a mentor is not to teach you, but to act as a sounding board for your ideas; to talk through the issues you face at work and help you to come up with approaches and solutions that might help you. You may want a mentor who is an expert in IT service management, but it can be equally helpful to work with someone who knows and understands the organization you work for, or the industry you work in, or can offer guidance in other areas such as managing people or projects.
Don’t be afraid to ask someone you respect to act as a mentor. The worst that can happen is that they will say no (but PLEASE don’t ask me as I will have to say no, I already have far too many people that I mentor).
There will never be enough mentors for all of us if we don’t also offer to mentor other people. If you are thinking of asking someone to mentor you, then you should also think about offering to mentor someone else.
The mentoring relationship is not one-sided, with a mentor providing information that the other person absorbs. It is a two-way relationship and can provide as much value for the mentor as it does for the person they are mentoring. I have mentored many people in many different roles, and I have learned things from every one of them.
You can find IT service management conferences in every part of the world. These vary from half-day events that are free to attend to quite expensive multi-day events. Conferences give you an opportunity to listen to a range of presentations, so you can learn how other organizations have solved their ITSM challenges, but the biggest benefit of attending a conference is the networking. These conferences are attended by people who do similar things to you, and you can learn a lot from just chatting to the other ITSM professionals at the event. You may even find you get on so well with someone you meet that you can set up a mentoring relationship.
There are many social media channels that you can use to help with your service management issues, and you could investigate a number of different forums and groups to find the one that suits you best. If you don’t have time for this, then just join the Back2ITSM group on Facebook. This group has a wide range of welcoming and helpful ITSM people, with all sorts of abilities, special interests, and skill levels. Whether you want to get help and advice on a specific ITSM issue, or you just want to network with other ITSM professionals, you should be able to get what you need – and of course it won’t cost you anything except a few minutes of your time.
Talking about how you might want to use a few minutes of your time, I once had a very wise manager who told me that I should stop whatever I am doing three or four times a day and ask myself, “If the paying customers knew this is how I spend my time would they be happy?” I have followed this advice for many years now and it has always helped me to remain focused on what’s important – creating value for my customers.
If someone learns the passwords you use on the Internet, then they can impersonate you and do incalculable damage to your reputation, and to your finances. There have been many reports of password databases being breached, leading to millions of user passwords being exposed. The best way to defend yourself against becoming a victim of these breaches is to use two-factor authentication. This means that when you log in you need to provide two things, often a password and a number that you receive as a text message on your mobile phone. Sites with two-factor authentication typically allow you to register your trusted devices, so you only need to provide a second factor when logging in from a new device.
Two-factor authentication is available on many different sites on the Internet, including Google, Facebook, LinkedIn, Twitter, PayPal, and others.
While we’re on the subject of security, here are two more information security tips for IT service management people.
Information security is an absolutely critical area for people who care about creating value with IT, and is something we all need to be aware of. You can’t just leave information security to the infosec professionals – everyone needs to be involved.
Whether you are designing a new process, investigating a problem, reviewing a change, or carrying out any other aspect of IT service management, you must think about the information security implications of what you are doing. Be alert to the fact that people probably are trying to breach the security of your systems and services, and you have a responsibility to help prevent this from happening, and to help detect that it has happened when it can’t be prevented.
The number and size of security breaches keeps increasing, and many organizations have suffered major loss of reputation, and money, due to these. In the past, organizations would build defences to prevent security breaches, but that is no longer enough. You also need to have well-tested plans in place for what you will do when a breach happens. If you, as a service management professional, have not been involved in tests of security incident response plans, then you need to find out why, and make sure you will be in a position to do the right thing when a breach happens.
Life shouldn’t be all about work, and professional development. You also need to get away from IT and IT service management and have a bit of fun. Make sure you take enough time for yourself and for your friends and family, it will not only leave you feeling better but you will also do a better job at work when you come back with new energy and focus. So take a bit of time out when you can, and come back refreshed and ready to deliver great service to your customers.