Building Quality into IT

Gene Rogers

Continuing from the IT Quality definition from last month,enterprise customers view IT Quality as one of these two value-added activities:

· Adding new business capability and/or

· Expanding existing business capability

Until you get to this level of adding value to the business, you are viewed as a "cost center" and not a business partner. Remember, there are three steps in attaining this level of value;

1. Build Infrastructure Credibility

2. Develop Application Credibility.

3. Develop good Business Relationship Management (BRM).

If your infrastructure has high availability and capacity, your applications deliver solutions to business problems, and you have trusted advisor status with the business, you have built business capability and you have earned a seat at the Business Strategy table.

But where do you start?


Start by benchmarking yourself against industry frameworks to see how you measure up. For infrastructure, use ISO 20000, specifically, the section on configuration management. Documenting current configurations and using the data to govern future changes is first on the list.

Concurrently in the infrastructure space, assess your incident and request management processes with the ITIL Maturity Model. I like this model because it is easy and quick. Select the level that applies best to you, level 1-5. Don’t be surprised if you find yourself at level two, as that is fairly common.

1. Initial - Processes are ad-hoc, chaotic, or actually few processes are defined

2. Repeatable - Basic processes are established and there is a level of discipline to stick to these processes

3. Defined -All processes are defined, documented, standardized and integrated into each other

4. Managed - Processes are measured by collecting detailed data on the processes and their quality

5. Optimizing - Continuous process improvement is adopted and in place by quantitative feedback and from piloting new ideas and technologies

For Applications, start with the testing & validation process. At a minimum, each project needs a testing plan that documents the test strategy and all supporting processes and decisions for the testing effort of a project, a testability review of the business and functional requirements, and a risk matrix that determines the business risk and technical risk for each functional requirement. I also suggest that you invest in an enterprise-level tool that manages the testing lifecycle including traceability, defects, and metrics.

Credibility for Infrastructure and Application management must precede Business Relationship Management, otherwise the BRM effort will not give you the return on investment needed to continue the program. For the best results, business relationship managers should be embedded within the business and not inside IT. I will discuss BRM in greater detail in an upcoming article, so, for now, focus your efforts on configuration management and testing and start building the credibility you need with the business.