Archive for the ‘Project Management’ Category
Back to the Future III
Tuesday, September 13th, 2011
By Dennis Powell, e-Management
Relying on the past alone won’t get us to where we need to be. Choice, collaboration, and inclusion are just a few factors that will help guide us to a better future.
What I like most about the past are the good memories. Yesteryear is jam-packed with lessons learned, fun times, and a heap of nostalgia. I also love everything ‘80s including the 1985 film Back to the Future starring Michael J. Fox. As some of you may recall, the movie is about a teenager of the 1980s, who accidentally gets transported to 1955 while driving a time-machine car. Throughout the movie, Fox spends his time trying to get back to the future, because he discovers the good ole days aren’t so great—especially when you are a product of the future.
Are you stuck in a 20th Century time-warp?
Today, some people focus more on the past, than what’s to come. “Let’s get back to the good ole days” is something I hear far too often when it comes to economics, education, family, morality, and believe it or not technology. Personally, I find that way of thinking somewhat defeatist. It’s like saying things have become so challenging we need to run backward, rather than to find creative ways to move forward.
Sometimes I feel as if I am surrounded by media and people who are fixated on “how we’ve always done it before.” So I was pleasantly surprised that the hosted by the agency Chief Information Officer (CIO) Linda Cureton in San Francisco was all about doing things a little differently to prepare for our future. It’s great that NASA is forward thinking.
Top 3 Lessons-Learned about Preparing for the Future
At the conclusion of the Summit, I came away with three lessons to help all of us to move from the past and get back to the future.
-
Choice leads to better collaboration: During a keynote address, Facebook CIO Tim Campos talked about the great work the social media giant is doing to drive innovation by pretty much breaking conventional rules of how things should be done. For instance, employees have the choice to use Blackberry technology or another mobile device such as the iPhone. Many organizations today require staff to use only one mobile carrier and one type of mobile device. Similarly, most work environments force staff to use only PC or only Mac. In stark contrast, Facebook has moved away from the past ways of thinking and has embraced the future by giving staff a choice. They have found giving staff a choice leads to higher satisfaction, better employee engagement, and improved collaboration. These byproducts of choice can mean more productive and innovative organizations for our future.
-
It’s okay to make mistakes in the future: According to Campos, Facebook wants its technologists to “move fast and break things.” Why? Because doing things the old way only advances the status quo. Whereas breaking things is how innovation comes about. (As a kid, I was very “innovative” if you asked the elders in my family.
-
Diversity and inclusion will make collaboration and work products better: In another Summit session, Brenda Manuel, associate administrator for diversity and equal opportunity with NASA, and her colleagues discussed the agency’s diversity and inclusion framework. It appears our notion of a diverse workforce has clouded our perceptions of past diversity training, which has been met with some resistance such as “multiculturalism.” In contrast, NASA and other organizations are embracing the future through the concept of inclusion. Inclusion goes beyond “race,” “disability,” or “gender.” Inclusion focuses on every asset that each employee brings to an organization. According to Ms. Manuel, “diversity is a competitive advantage” that improves collaboration within organizations, which may lead to greater success. Still in another session on leadership, Sandy Peavy, CIO for the Federal Law Enforcement Training Center’s (FLETC) at the Department of Homeland Security (DHS) said diversity and inclusion are integral for her agency’s success. Not to beat a dead horse, but in yet another panel discussion at the Summit, industry experts talked about how inclusion and diversity are more than a human resources department concern. Specifically more and more IT departments leverage technologies such as social media and collaboration software (e.g., SharePoint®) to draw on the important inputs from staff to improve the overall “health” of organizations.
Different Sides Same Vision
Two U.S. presidents from different sides of the political aisle agreed on the role of the past in our lives. “While I take inspiration from the past, like most Americans, I live for the future,” said President Ronald Reagan. Similarly John F. Kennedy, said “Change is the law of life. And those who look only to the past or present are certain to miss the future.” Our past is full of rich history; however, to face challenges of our future we need to adopt disruptive, unconventional ways of doing work and thinking to drive innovation! Leave the past in the past. It’s time we get back to the future.
Back to You…
So what is your take of the role of the past in our personal and business lives? What ways of thinking will help guide us to a better future? Do you agree that choice, risk-taking, and inclusion are appropriate actions to secure a better future for all?
Tags: Android, Brenda Manuel, collaboration, culture, Dennis Powell, DHS, disability, diversity, , FLETC, gender, Human Resources, inclusion, iPhone, IT, John F. Kennedy, Linda Cureton, Mac, NASA, Ola Sage, pc, race, Ronald Reagan, Sandy Peavy, SharePoint, Social Media
Posted in Corporate, Government, Human Resources, Leadership, Project Management, Social Media | 10 Comments »
If You Like Taking a Vacation, You’ll Just Love CPIC!
Thursday, July 29th, 2010
by Peter Dimov, e-Management
I remember the times when information technology (IT) was competing for admiration with NASA and IT folks were practically “magicians” or “wizards.” Oh, the good ole days. Since those prehistoric times, we have gone through the “Golden Age of IT,” the 90s. In fact, hundreds of thousands, if not millions of IT systems, have been created in all kinds and sizes, then re-created, patched, and upgraded. It all looked like a hot techno mess that wouldn’t ever stop. Alas, it has. And IT has become so pervasive that it is no longer an exotic advancement, but rather a work horse.
The Party’s Over—Enter CPIC!
As soon as IT became widespread, large corporations and the federal government started to talk about “efficiency and effectiveness” and we knew the party was over. Senators pushed forth the Clinger-Cohen Act of 1996, and declared “each Federal agency design and implement a disciplined Capital Planning and Investment Control (CPIC) process” to clean up your house and put everything in order. Soon after, the Office of Management and Budget (OMB) issued the legendary Circular A-11 and that’s how we’ve ended up here.
CPIC brings government closer to success.
So What’s So Great About CPIC?
Simply put, CPIC is responsible IT spending by federal agencies. It is a two step process that aims to stop the “we need this” culture of IT spending, and transform it to “why we need this.” It asks meaningful questions as well as poses uncomfortable questions such as: What will it take to make it? Is this the best solution? What are the benefits of having this system? What are the risks?
First, OMB Circular A-11, Exhibit 300 requires a business case motivating the investment in a comprehensive form that tracks an investment over the years. Although executing the CPIC process is not a picnic, it does have some resemblance to our family vacation plans. When planning a vacation, many of us are faced with limited resources including time, money and options. Similarly, an agency faces confined resources, budget, and time.
What Are Our Options?
The first step to planning a great vacation is to draft a list of all the options we have, where to go, what to do, who to see, and who to avoid. We need to assess each option for time, cost, and fun value. Likewise, agencies should prepare an IT wish list, as well as assess each IT investment for cost, benefits, time, risk, and other technical factors.
What Can We Afford?
The second step is to decide what vacation options we can afford and which are out of reach. What’s the intersection between time, money, and fun? The choices that don’t fit those criteria are put on the future wish list. If the resulting list is longer than one page, you need to do a little bit more work. You need to re-examine the fun value of each qualified choice, or as you probably guessed it, the investment proposals are ranked in terms of their contribution to the organizational goals. One major difference between federal and commercial projects is that government does not aim to make money, but to serve the citizens.
CPIC is also like planning the perfect family getaway that fits your budget.
A Word of Caution
Some investments just have to be done! Even though their contribution to the organizational goals may seem open to discussion, the impact of not picking them could have dire consequences. For instance, think of something like upgrading databases when the previous version is no longer supported, or not stopping to see Grandma when passing through Ohio. You’ll hear about these “missed” opportunities for years to come!
Your Wish List is Complete!
Whatever is left standing on the wish list after this soul searching and fits the budget of time and money, will be executed. Of course, we are on a budget and we need to watch it. CPIC asks us to use the same Exhibit 300 form to record what happened and to remind us what we have promised. This process aims to ensure that each individual investment is backed by solid needs and will improve the agency operations in some way.
It does not, however, require the linking of the agency’s vision with the IT investment. Additionally, it does not help create a coherent, non-redundant IT environment because it treats each IT investment piecemeal and does not promote an interrelation among the agencies’ systems. OMB recognized this deficiency and issued a directive for the development of enterprise architecture with the purpose to standardize, relate, and provide integrity of the IT environment. After all, IT has become like electricity, a must have infrastructure without which no organization can function.
CPIC is about Moderation
CPIC’s goal is to ensure that the IT environment is calibrated for the needs of the agency and to soak up no more and no less than the necessary funds. Today’s enterprise, private or government, employs hundreds of thousands of people; managing them does not leave any room for daydreaming. This is why OMB has started giving birth to more and more siblings to the CPIC process, such as strategic planning, enterprise management office, portfolio management, balanced score cards, and other processes aiming to close the loop on managing the IT assets acquired at the clip of $66B a year.
Your Turn…
Why do you think CPIC is important for federal agencies? Do you think following the advent of CPIC in the federal government that things have gotten better or worse? Finally, do you think adopting CPIC best practices will help you and your family plan better, more cost-effective vacations?
Tags: capital planning and investment control, Clinger-Cohen Act of 1996, CPIC, , , enterprise architecture, Exhibit 300, federal, Government, Government Spending, information technology, IT strategy, OMB, OMB Circular A-11, Peter Dimov, portfolio management, scorecard, strategic planning
Posted in Government, IT Strategy & Management, Project Management, Risk Management | 7 Comments »
How Risky is Spring?
Wednesday, April 7th, 2010
Commonalities between IT Security Training and a Gardener’s Risk Assessment
By Rick Randall, e-Management
Spring is in the air! Garden enthusiasts in the Washington, D.C., area (like me) have been waiting all winter to begin the tasks of preparing our soil and planting cold-hardy vegetables and flowers. My young children have helped me plant radish and carrot seeds, chrysanthemum (mum) seedlings, and iris bulbs over the past few weekends. Gardeners, like artists, enjoy taking plain raw materials and converting them into something beautiful. But there is a risk that our efforts could fall flat. How do we take control of the risks? I’ll come back to this shortly.
 It’s true that I am a gardener. But I am also an information technologist. In my profession, we apply many concepts in our daily work, which have similarities to the physical world. For instance, good software engineers have seen the parallels between designs in the physical world and the design of software (using a collection of concepts called design patterns) for years. Likewise, IT security trainers observe and apply learning patterns for explaining complex topics to students through stories, metaphors, and exercises.
What’s the point to all of this?
No matter how supposedly “non technical” an executive or staffer may be, there are techniques which can be used to convey technical subject matter to anyone in a comprehensible manner. For example, e-Management uses the following graphic to explain risk management concepts to federal executives having Designated Approving Authority (DAA) responsibilities for IT systems. I have a friend who recently commented on the analogies between software vulnerabilities in web applications and weeds in a garden. Both phenomena are ubiquitous.
So, does your organization have a green thumb when it comes to managing your IT or agency risks?
 Back in December, e-Management presented a webinar on exploiting web applications. I would be interested in hearing your opinions as to whether you feel vulnerable software is like a “weed,” or a more menacing threat like a ravenously hungry deer, which reduces your gardening investment to ruins. Even more, what threats do you see in your IT environment, which have analogies to gardening? What is your approach to eliminating the “weeds,” or threats that put your mission at risk? Have you ever seen a successful plan to control the IT “weeds” that always seem to pop up every season?
Tags: CISSP, continuous risk management, DAA, DAA training, Designated Approving Authority, FISMA, gardening, IT security training, learning patterns, PMP, Rick Randall, risk, security controls, security training, software vulnerabilities, spring, vulnerabilities, web applications
Posted in Corporate, Government, Information Security, IT Strategy & Management, Project Management, Risk Management | 9 Comments »
Ola Sage’s business lessons from the ballroom…
Wednesday, December 9th, 2009
by Ola Sage, CGFM, PMP, President & CEO for e-Management
 Dancing with the Stars and So You Think You Can Dance (SYTYCD) are runaway hit TV programs that showcase ballroom dancing. As football great Emmit Smith, political commentator Tucker Carlson, and figure skating champ Kristi Yamaguchi have learned, ballroom dance on hit TV shows requires a great deal of commitment, dedication, and hard work. Having practiced social ballroom dancing for more than eight years, husband and I know firsthand the work that‘s involved. In fact, we have learned that to be successful, one only needs to P.E.R.F.O.R.M.
Passion, Excellence, Results, Focus, Openness, Recognition, and Mentoring (P.E.R.F.O.R.M) are seven elements to ballroom success. I believe these principles can be taken from the ballroom dance floor to boardrooms, enterprises, and government organizations. Let’s start with…
Passion
Passion shows up in many ways in ballroom dancing, the music, the choreography, practice, ballroom outfits and of course, the dance. Without passion, there is no “life” to the dance. It just becomes a series of steps. How does passion show up in your organization? Is it around the work you do, the products you produce, the customers or constituents you support?
Excellence
In ballroom dancing, we strive for excellence at any level. Even if no one else notices, you know when you miss a step. During ballroom competitions, you don’t have a second chance to make a first impression. This is also true in business. Excellence should be a guiding principle whether or not your employees or the general public ever notices.
Results
If you’ve ever watched Dancing with the Stars or SYTYCD, you know contestants don’t have a lot of time to learn a routine. One of the first things the instructor does is to show the student what the end result is supposed to look like. That gives the student a goal, something to work towards. On performance night, you’ll notice how elated they are with the results that their dedication and practice produced! Results are different for different people and organizations. In order to achieve your mission however, you have to define what success looks like for you and your organization. To do so, you need to establish realistic milestones and goals to help you achieve results. Focusing on results helps to measure your success.
Focus
It’s virtually impossible to focus on anything else when you’re ballroom dancing. There’s the music, the choreography, your partner, etc. Focusing on what’s important can be a daunting task for individuals or organizations. I suggest you develop three to five long term strategic goals. Additionally, think about developing shorter term (e.g., 12 month) set of tactical goals. It is important to remain focused but flexible throughout and be prepared to adapt any proposed plan as your organization matures or as environments change.
Openness
Ballroom dancers must be open to learning, growing, and stretching beyond their comfort levels. In this season’s Dancing with the Stars , rebel star Kelly Osbourne was transformed before our very eyes as she opened herself up to receive new ways of thinking about herself and her capabilities. It was truly endearing and she even made it to the top 3! Similarly, the real test of an organization’s success oftentimes lies in its willingness to be open. No one has the monopoly on good ideas. Be open to adopting new ideas, and taking risks based on sound business intelligence. Even more, open yourself to constructive criticism as well as being willing to fail; but be sure to get up and try again. Some of the best breakthroughs happen when organizations move outside of their comfort zones by being open to innovative possibilities.
Recognition
I cannot stress enough just how important recognition is in ballroom dancing, and to the success of your organization. It‘s a great way to increase morale. Recognition sends the message that each person or employee is valued. Here at e-Management, we do it in a variety of ways, employee recognition dinners, award certificates, time off, etc. Be sure to provide constructive feedback regularly (and remember to be open to receive criticism as well). Finally, remember to reward performance and results. How do you recognize contributions in your organization?
Mentoring
In ballroom dancing, we are encouraged to ask for help. That’s the only way to improve and grow. Look for opportunities to be mentored whether casually through a colleague, or formally using a structured program designed to teach the best practices of your industry. Your being mentored is different from someone telling you what to do, and when do it. In contrast, mentoring should be a dialogue. How are people mentored in your organization?
If you master these seven ballroom principles, you and your organization will be on the “Hot Tamale Train!!!” as SYTYCD judge Mary Murphy selectively bestows to exceptional dance contestants of her show. P.E.R.F.O.R.M. for your audience and they will give you their vote of confidence so that you may ultimately meet your mission.
That’s my two cents for helping your organization to dance its way to meeting its mission goals. Have you tried any of these principles at your organization? Do you have tips you want to share with readers regarding achieving project, program, or organizational goals? By the way, what is your favorite ballroom dance? As always, we look forward to your comments, questions, or suggestions for future topics.
Tags: ballroom, boardroom, Dancing with the Stars, Emmit Smith, federal, Federal government, Kristi Yamaguchi, mentoring, Project Management, project manager, Small Business, So You Think You Can Dance, strategic planning, tactical plan, thought leadership, Tucker Carlson
Posted in Corporate, Entertainment, Government, IT Strategy & Management, Project Management, Uncategorized | 19 Comments »
Are You Prepared for Business Continuity When Disaster Strikes? (Part 3)
Tuesday, September 8th, 2009
By Douglas Pitcher, e-Management
Note: This is the final installment in our three-part disaster recovery series.
Today tape backup alone is no longer the only realistic option for disaster recovery, and centralized backup solutions have come to the forefront. Things you should consider when planning for disaster mitigation include the two most commonly used metrics such as recovery point objective (RPO) and recovery time objective (RTO). RPO is generally defined as the point in time in which you can recover your systems data should disaster strike. It also describes how far the recovered data are out of sync with the production data at the time of the disaster. In contrast, RTO is generally defined as the amount of time it takes to regain access to business-critical data and also describes how fast operations can be restored. Methodologies for mitigating problems are as varied as the problems themselves. Let us look at several designs for business continuity starting from the good old traditional method.
What is so wrong with tape only backup?
Well, the backup is performed on a file-by-file basis. The tapes can then be stored in an off-site location for disaster mitigation. This approach is the least expensive and allows the use of the same methodology for discrete data problems (i.e., accidentally deleted files) and recovery in the case of a major disaster. However, a simple backup schedule does not amount to a comprehensive business continuity plan. What’s more, it doesn’t encompass a plan to recover potential data loss which makes it difficult to predict the time it will take to resume business operations.
The cost of permanently lost data is high and includes the cost of the revenue that the data represents, the business value you can extract from it, and the cost to recreate it.
How much money would your organization lose if you lost all your transaction data for the last 12 hours, or even the last 10 minutes? Solutions like tape backup, which have an RTO of hours or days, don’t provide the level of recoverability that most organizations require today.
What about snapshots like VSS in Windows 2003?
Glad you asked, because one of the most exciting enhancements to data protection beyond tape backup is the built-in feature of Windows Server 2003 called Volume Shadow Copy Service (VSS) which allows administrators to create a point-in-time snapshot of a file server volume. A snapshot can be taken at any time even if files are still open and can be configured automatically at intervals up to every two hours. Each time a snapshot is taken the current contents of a file are frozen and any future changes are tracked and saved to a different part of the disk. This process is transparent to the user but provides the ability to restore a file to a previous version without the need to restore from tape, reducing the number of support calls.
Is continuous availability through replication or data replication effective?
Data replication has long been considered an impractical solution to the data protection problem. Historically, it required expensive hardware and large investments in bandwidth to protect data in real-time. The evolution of software-based, asynchronous replication has dispelled this long-held belief that continuous data replication isn’t feasible—especially for small- or medium-sized businesses with limited resources.
The new breed of data replication offers benefits that more traditional solutions such as tape-based periodic backup cannot, such as providing a continuously updated copy of critical data at a remote site which minimizes data loss should a recovery be necessary. Plus, disk-based recovery is more reliable, less complex and takes less time, improving the RTO of the disaster recovery solution.
Virtualization for business continuity
Virtualization for business continuity is independent of the recovery process from the recovery hardware. Since virtual machines encapsulate the complete environment including data, application, operating system, BIOS, and virtualized hardware, applications can be restored to any hardware with a virtualization platform without concern for the differences in underlying hardware.
Benefits for data protection using a virtualized solution
If the objective for recovery to the state of the last full backup is under one hour, the only successful recovery strategy is to maintain a secondary data center equipped with the same model hardware as the primary data center, server for server.
When a secondary data center is virtualized, there are three immediate benefits:
· There is no need to maintain the same model hardware because IT managers can restore applications encapsulated into virtual machines to any x86 architecture hardware, and they don’t need to license specialized bare metal restore tools.
· IT can pool together all the data center hardware and realize economy of scale benefits.
· IT managers only have to manage a single type of data—encapsulated virtual machines—for capture and recovery. This approach drastically simplifies management complexity compared to the traditional approach of having to deal with disparate systems, applications, and data.
The secondary data center doesn’t need the same model hardware; so upgrades of the secondary data center do not need to be done in lock-step with the primary data center. While servers in the primary data center are replaced on average once every three years, the servers in the secondary data center may have a life of six years. As servers in the primary data center are phased out, they can be redeployed to the secondary data center to augment capacity.
Since a lower power and cooling requirements, facilities requirements, wiring and networking elements, and savings on hardware maintenance is a direct benefit from consolidating the server population, it immediately results in a total cost of ownership (TCO).
Questions for you…
Given the inefficiencies of tape backup, do you think it should be incorporated in a business continuity/disaster recovery plan? What do you think is the cost of downtime for an organization? Please share your thoughts.
Tags: Accountability, business continuity, continuous risk management, disaster, Disaster Recovery, disk-based recovery, downtime, , emergencies, emergency, federal, Federal government, Government, high stake, IT outage, project failure, recovery point objective, recovery time objective, RPO, RTO, Small Business, tape backup, TCO, thought leadership, total cost of ownership, unscheduled interruption, Virtualization
Posted in Corporate, Government, Information Security, IT Infrastructure, IT Strategy & Management, Project Management, Risk Management | 8 Comments »
|
|
