Modern Network Architecture

May 4 2013   11:58AM GMT

Governance and Due Diligence

James Murray James Murray Profile: James Murray

Lately I’ve found myself in a new role.  Most companies IT departments are functioning, but nobody really understands how well those departments are functioning.  When I’m called in as an IT expert its usually to verify the state of the IT department.  Most owners are clueless about whether the department is functioning well or not.  To be honest most IT departments are pretty clueless as well.  Not about what they think their job is.  But about how their job should have changed as the business grew.

The IT role changes in many ways.  First and most obvious as the technology changes, the role of technology expert is to keep re-learning the technology each time it changes.  Many technology experts are experts in multiple technologies.  So the learning curve is constant as we learn new technologies and develop new skills in those technologies.  Then it starts all over again as a new change or a new technology is rolled out into the work place.  This learning by itself is enough to keep any technician on their toes.

The role of the technology expert changes in other ways besides technology.  Another important way is with the growth of the business.  For example: Change control is actually pretty easy when there is just one expert managing a system.  Even with 2 experts, it’s not difficult if both experts are constantly communicating.  Now imagine 10 experts or 20 experts.  The casual methods of change control start breaking down.  Non documented changes are “fixed” by other experts causing the system to break down over and over again.  Change control becomes a governance role in the IT department to avoid problems where one technician is stepping in and breaking the fix of another technician.

My role has changed as well, now I see myself as a governance role.  I don’t walk in and fix technical problems.  Instead I walk in and fix the business processes.  Before I can fix the process, I need to understand what’s going on.  The process before fixing something is called Due Diligence.  In this role you don’t fix technical problems any longer.  This is the common thing about a governance role, it’s not about fixing things, it’s about fixing process.

Due Diligence is about figuring out where everything is at right now.  The first question I always ask is, “Where’s your documentation?”

You can imagine what the response is to that.  There’s more documentation today than there was when I was first managing networks.  The problem is that even with the most advanced networks, nobody really knows how to build a knowledge base.  Second even fewer technical experts understand how to write technical documentation.  So the first question is often the first problem.  My job becomes documenting, at least at a high level, the technical environment.

I then begin reviewing the system logs.  I want to identify risk for the owner.  If there’s no documentation, there is also probably no analysis of the network itself.  The first step then is to document the risk status of the network and report those to the management teams.  A

The next step is to begin identifying the roles in the IT department.  I’m looking for governance roles.  The reasons network fail is because there are ineffective governance roles.  If for example the IT department head is also managing the servers, running incident tickets, designing the network and doing root cause analysis we have a problem.  All governance roles must be held by separate people from the roles they are governing.  The system architect should be verifying the function of the systems.  The root cause analysis must be done by someone other than the Incident technician.  These are all red flags when analyzing the network.

Due Diligence is the process of gathering the data that the governance role will use to analyze the network.  I’ve never been called into a network that had appropriate governance roles.  These networks manage themselves well.  I have been called into companies that have grown past the capacity of the present IT staff.  Through due diligence, my collaboration partners and I, have found it’s possible to identify risks and missed opportunities.  Then the governance role can analyze and create new business processes for the IT department to follow.  The result is a strong and more efficient team.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: