Organization and Process (Or Lack Thereof) in the Digital War Room
April 05, 2018

Dennis Drogseth
EMA

Share this

In my prior blog, I tried to paint a picture of some of the surprising (and not so surprising) highlights from our research on Unifying IT for Digital War Room Performance, which is also a webinar.

Start with Opening the Gates to the Digital War Room - What is it Now, and What is it Likely to Become?

One point to reinforce is that the digital war room — physical, virtual or hybrid — is not in retreat but in fact is growing in scope to include greater participation from development and security. It's also becoming more proactive, with on average more than 30% of "major incidents" before they impacted business service performance.

The reasons for this added (not diminished) level of relevance will be examined more in depth in my webinar on April 11th (and yes, there will be replays), but generally the answer lies in the fact that improved levels of team efficiency are critical to the future of IT, and the digital war room shines a spotlight on this evolving reality.

In this blog I'm providing a few additional highlights from the insights we got on digital war room organization and processes.

A Few Organizational Insights

One of the questions we asked was directed at finding out whether war rooms, as they evolve, were becoming more organizationally defined, or more sporadic and ad-hoc. The answer was solidly in the "more formalized" category (47%) versus the group with "more ad-hoc teams and processes" (28%). Another 22% indicated that their teams were already solidly formalized and established.

Then, when we evaluated success rates to this mix, we saw that those digital war rooms becoming "more formalized and established" were far more likely to align with digital war room effectiveness than the other groups.

Well defined teams that can be brought together across all domains provide a unique advantage over fragmented, technically isolated teams

If you think about this, it does suggest a contradiction to some of the trendier thinking endorsing multiple teams and more completely decentralized ways of working. But the logic for core consistency is clear. Well defined teams that can be brought together across all domains provide a unique advantage over fragmented, more technically isolated teams when confronting the full gamut of "major incident" possibilities.

And BTW, the average head count for these teams across small, medium and large was about 15. The implication being not that all 15 stakeholders are being activated for every single incident, but there are 15 individuals assigned and available for digital war room decision making on an on-going, as-needed basis. The trend, BTW, is toward growing not shrinking levels of involvement — in large part because of the accelerating need to include development and security professionals. The overall data also showed a significant role in digital war room decision making for non-IT, or business stakeholders.

Having a single organizational owner, also helps to drive war-room efficiencies. Interestingly, "Security/compliance" was in third place for war-room ownership after "ITSM" and the "executive suite." Having senior executive involvement helped, as well. The most prevalent was ongoing "director-level" involvement, but the most effective turned out to be "CIO-level" involvement.

Processes (or Lack Thereof)

In last week's blog, we enumerated the following critical processes that help to define war-room performance:

Initial awareness, which is usually driven by events or some other type of automated intelligence, or complaints to the service desk.

Response team engagement and coordination, bringing relevant stakeholders together and providing a context for them to work together.

Triage and diagnostics, where problems are understood in context and then detailed requirements for remediation can be defined.

Remediation, where active fixes to major incidents are made, often through change and configuration management procedures.

Validation, in which testing is done to ensure that actions for remediation were successful, ideally from a business impact as well as a purely technical perspective.

In the non-progressive category, we discovered that, based on our data, the average response indicated only a little more than half (2.57) of these processes were defined — a surprising revelation in a rather negative way. When we mapped "success rates" to the number of processes mapped out, however, we did get a reasonable correlation:

■ 3 for the extremely successful

■ 2.5 for the successful

■ 2 for the only marginally successful

The most prevalently defined process was response team coordination — which also turned out to be the most problematic or delay-causing process. In fact, identifying process with delay or problems mapped well to the processes that were most likely to be identified, suggesting that clarifying the reality of what's going on opens the door to realizing what's wrong and how improvements can be made.

Timing is Everything

Time to assemble an effective team, on average, was about 1.5 hours, which could be damaging when a serious outage occurred

We also asked about times associated with these processes. When we asked about the time to assemble an effective team, the average was about 1.5 hours, which could, of course, be meaningfully damaging when a serious outage occurred. When asked about total time to resolution, the average was about six hours, but 20 percent took more than eleven hours. Once again, as an average, this can be concerning for incidents with major business impacts.

These are again, just a few of many highlights from our research.

Don't forget to watch the webinar for a great many more insights.

Read my third and final blog on the digital war room: The Digital War Room in Changing Times: The Impacts of DevOps, Cloud and SecOps

Dennis Drogseth is VP at Enterprise Management Associates (EMA)
Share this

The Latest

August 21, 2018

High availability's (HA) primary objective has historically been focused on ensuring continuous operations and performance. HA was built on a foundation of redundancy and failover technologies and methodologies to ensure business continuity in the event of workload spikes, planned maintenance, and unplanned downtime. Today, HA methodologies have been superseded by intelligent workload routing automation (i.e., intelligent availability), in that data and their processing are consistently directed to the proper place at the right time ...

August 20, 2018

You need insight to maximize performance — not inefficient troubleshooting, longer time to resolution, and an overall lack of application intelligence. Steps 5 through 10 will help you maximize the performance of your applications and underlying network infrastructure ...

August 17, 2018

As a Network Operations professional, you know how hard it is to ensure optimal network performance when you’re unsure of how end-user devices, application code, and infrastructure affect performance. Identifying your important applications and prioritizing their performance is more difficult than ever, especially when much of an organization’s web-based traffic appears the same to the network. You need insight to maximize performance — not inefficient troubleshooting, longer time to resolution, and an overall lack of application intelligence. But you can stay ahead. Follow these 10 steps to maximize the performance of your applications and underlying network infrastructure ...

August 16, 2018

IT organizations are constantly trying to optimize operations and troubleshooting activities and for good reason. Let's look at one example for the medical industry. Networked applications, such as electronic medical records (EMR), are vital for hospitals to provide outstanding service to their patients and physicians. However, a networking team can often not be aware of slow response times on the remotely hosted EMR application until a physician or someone else calls in to complain ...

August 15, 2018

In 2014, AWS Lambda introduced serverless architecture. Since then, many other cloud providers have developed serverless options. What’s behind this rapid growth? ...

August 14, 2018

This question is really two questions. The first would be: What's really going on in terms of a confusion of terms? — as we wrestle with AIOps, IT Operational Analytics, big data, AI bots, machine learning, and more generically stated "AI platforms" (… and the list is far from complete). The second might be phrased as: What's really going on in terms of real-world advanced IT analytics deployments — where are they succeeding, and where are they not? This blog will look at both questions as a way of introducing EMA's newest research with data ...

August 13, 2018

Consumers will now trade app convenience for security, according to a study commissioned by F5 Networks, The Curve of Convenience – The Trade-Off between Security and Convenience ...

August 10, 2018

Gartner unveiled the CX Pyramid, a new methodology to test organizations’ customer journeys and forge more powerful experiences that deliver greater customer loyalty and brand advocacy ...

August 09, 2018

Nearly half (48 percent) of consumers report that they currently use, or have used in the past, services of organizations that were involved in a publicly disclosed data breach and, of those, 48 percent have stopped using the services of an organization because of a breach, according to Global State of Digital Trust Survey and Index 2018, a new report from CA Technologies ...

August 08, 2018

Here's the problem: IT teams are in the dark. The only information they have available to them is based on what users decide to tell them about through calls to the help desk ...