IT Maturity

Let me tell you a little story about a company called Acme. (Names have been changed to protect the innocent.) A financial analyst…let’s call him Bob…worked daily in Acme’s financial accounting system.

Since everyone was always busy, and everyone “grew up” together, access and change controls, and roles and responsibilities were loose at Acme. Bob made a few minor data and calculation changes to the accounting system to make his work easier. But he didn’t document or test his changes. Even worse, he didn’t realize his changes impacted the month-end closing application.

When the time came to close the books, the month-end closing application failed. And, as luck would have it, Bob was on vacation and inaccessible. As a result, the company was forced to perform a manual month-end close. Acme’s CFO demanded to know what happened and Bob’s tinkering was eventually discovered.

I wasn’t all that surprised by this situation. Typically, level 0-1 IT organizations operate in a very ad hoc manner. Case in point, at Acme, Bob the financial analyst had the same access rights and privileges as the DBA support person. In these low-maturity organizations, everyone works in an isolated way, focusing only on their individual needs. There’s a general lack of rigor and awareness about the complexity and interdependencies—the cause and effect—between environments.

Our belief is that stabilizing the environment is the goal at this level. In baseball, you have to get to first base, before you can get to second. But defining rights, putting processes in place, and helping colleagues realize that process is not just overhead is downright hard. While every maturity step change has its challenges, at a level 0-1, one of the biggest challenges is the people.

There are also a …
[ Read More ]