There is a reason orchestras have a single conductor. Can you imagine the cacophony that would result if a horn section performed out of sync with a string section? Or if the percussions played a faster beat then the woodwinds? But in IT management, it’s all too common for organizations to have separate automation platforms conducting individual software elements. In fact, this is often the cause of an increased IT complexity that results in degraded performance and reliability. For instance, SAP’s popular customer relationship management (CRM) software includes a built-in job scheduler – the Computing Center Management System (CCMS) – with some limited capabilities specifically designed to support its unique platform (such as to analyze and distribute client workloads). But this is an independent tool requiring administration and monitoring tasks separate from any other automated solutions. An average IT organization will need to manage dozens of similar management platforms, each with its own unique interface and operating parameters.
Chances are, in an average day, you are not accomplishing as many tasks as you would like … and neither are your colleagues or your employees. What is mystifying about that statement is that it seems today’s workforce is putting in more hours and more effort than ever before coinciding with an increased adoption of IT devices and applications designed to improve user productivity. In fact, this has been a key driver for organizations to enable workforce mobility – to provide flexibility in accessing business IT resources (applications, data, email, and other services) from any device at any location at any time in order to improve overall business performance. But even the most accomplished business professionals must admit there are days when little gets done despite herculean efforts.
When I started out in security, only very large organizations with a mature set of business processes dared to talk about implementing some form of governance, risk, and compliance (GRC) or enterprise program (e-GRC). They generally did it in an attempt to get ISO or similar certification, or to “move their programs to the next level,” and some, I think, attempted it just to prove they did it. Many of those efforts were monumental, costing millions of dollars and taking years to complete. However, a significant number seemed to end in compromise, yielding a smaller end result or totally failing after thousands of man hours and millions of dollars for software, systems, and consulting had been spent.