Let me tell you a little story about a company called Acme. (Names have been changed to protect the innocent.) A financial analyst…let’s call him Bob…worked daily in Acme’s financial accounting system.
Since everyone was always busy, and everyone “grew up” together, access and change controls, and roles and responsibilities were loose at Acme. Bob made a few minor data and calculation changes to the accounting system to make his work easier. But he didn’t document or test his changes. Even worse, he didn’t realize his changes impacted the month-end closing application.
When the time came to close the books, the month-end closing application failed. And, as luck would have it, Bob was on vacation and inaccessible. As a result, the company was forced to perform a manual month-end close. Acme’s CFO demanded to know what happened and Bob’s tinkering was eventually discovered.
I wasn’t all that surprised by this situation. Typically, level 0-1 IT organizations operate in a very ad hoc manner. Case in point, at Acme, Bob the financial analyst had the same access rights and privileges as the DBA support person. In these low-maturity organizations, everyone works in an isolated way, focusing only on their individual needs. There’s a general lack of rigor and awareness about the complexity and interdependencies—the cause and effect—between environments.
Our belief is that stabilizing the environment is the goal at this level. In baseball, you have to get to first base, before you can get to second. But defining rights, putting processes in place, and helping colleagues realize that process is not just overhead is downright hard. While every maturity step change has its challenges, at a level 0-1, one of the biggest challenges is the people.
There are also a lot of great, disciplined people at a level 0-1 organization who are just victims of their environment. Some have become mavericks, the “doers” and “fixers,” who have come to enjoy being the heroes and are rewarded for it. Others have succumbed to their frustration and do things sub-optimally, not because it’s right or efficient, but because that’s just the way it’s done and don’t know how to change it.
Other classic characteristics of a typical level 0-1 organization include:
When I got the call from Acme asking, “How can we make sure something like this doesn’t happen again?” I recommended TransAccel’s IT Maturity Assessment, focused on IT capabilities, processes, services and roles. Somehow, I just knew that change control, configuration, and release management weren’t Acme’s only service gaps.
Another way to gather information about services and capabilities is a process mapping exercise. It can help to define what activities are being performed, who’s performing them, and reveal if the people with the right experience are in the right roles. While it’s less comprehensive, it’s a good first step to building a case for change and making some of the well-intentioned mavericks see the error of their ways.
Have you had success in moving the needle of a Level 0-1 organization? What has worked for you?