What is technology debt?

The-effect-of-technology-debt

Technology debt in Organisations

Technology debt is built up when equipment ages and can’t handle new software or updates, or becomes unfit for purpose overall. Technology debt builds inefficiencies in an organisation’s business processes and is something companies should be actively avoiding.

Technical debt results in a lot of inefficiencies in your business operations, including the stress of having an unplanned replacement when equipment fails, as opposed to a structured rollout of new technologies. Essentially, if you don’t choose to manage your technology lifecycle, you run the risk that your technology will call that debt in at the most inconvenient time.

A mistake that we often encounter, particularly with new clients, is what’s commonly referred to in our industry (in the technology space), as ‘technology debt’. It’s essentially trying to get by on technology that we know is ageing, but the temptation is to ‘just stretch it for another year’. That then often turns to yet another year and before you know it, you end up in a situation where your technology investment is ceasing to deliver the results for which it was intended. It’s not something that happens overnight. It’s something that happens very gradually and it’s almost not noticeable until it’s too late. And the way that it manifests itself is that things start breaking down.

Not everything fails simultaneously, but it might start with a particular program for which you’ve received an update, and that update now requires additional resources from the system that’s running it. The host system is no longer capable of supporting that program, but the provider of that software assumes that you’ve moved along your hardware investments at a regular pace and they’re not supporting your hardware any longer. The end result? The program fails to perform. Then there is a misconception that the problem is with the program, whereas the problem might actually be with the underlying infrastructure or the investment in the tools used to perform a particular task. The same thing, by the way, can happen the other way around.

We’ve seen many organisations that do follow a regular cycle of upgrading hardware, for example, but they don’t maintain that in lockstep with the upgrade and updates of their software. And as a consequence of that, their old software that was built before the hardware was ever introduced is incompatible, doesn’t know how to behave and cannot produce its required outputs because it was built before that particular piece of hardware ever came about.

Now some of you may be reading this and thinking “this sounds like planned obsolescence”. What’s really important to understand here is that a lot of people argue that technology providers, the people that build technology, are planning obsolescence into their product. That’s not necessarily the case. No one’s planning obsolescence. What technology providers are doing is continuing to innovate, continuing to deliver more value in what it is that their products and services are set to deliver, and as a consequence of that we can do things better.

But if we fail to invest at the right frequency, we run into a difficulty of falling far behind in certain areas and thus accrue technology debt. Sometimes it actually gets to the point where we would probably have been better off had we not have used any technology at all, because it becomes an impediment to the way that an organisation operates.

A study by Deloitte showed that organisations that are technologically advanced experience 2 times as much revenue per employee and experienced an overall revenue growth that was nearly 4 times as high. Updating your technology at a suitable pace for your organisation’s objectives will increase your potential to reach your operational goals.

Phoenix business journals’ article ‘Outdated technology costs businesses more than it saves’, illustrates how using outdated technology results in technological debt that creates multiple issues within your organisation. The issues are regarding security threats, productivity and in customer preference. These are vital to an organisation’s success, so updating your technology is extremely important.

What typically happens to organisations who dont include staff training in their cybersecurity strategy

How-Confident-Are-your-staff-in-identifying-and-voicing-concerns-over-security-issues

Majestic's CEO Tal Evans discusses what happens to organisations who don't include staff education in their cybersecurity strategy?

Staff education is a key component of maintaining cybersecurity. Without it your security will be compromised. Cyber criminals use many continuously evolving internal and external methods to breech your security. The proactive education of your staff is a critical element in reducing cyber security risk.

The cybersecurity industry is constantly experiencing changes, as cyber criminals continuously adapt their strategies to commit cyber crimes. Even dedicated technology professionals have to constantly educate themselves in order to maintain currency and remain informed. This is why many SME organisations partner with a managed services provider like Majestic – to ensure they have access to timely information and strategic support.

We see organisations making a frequent mistake when it comes to their cyber security strategy. They focus on how they’re going to protect themselves in a technology context against cyber threats from the outside, but that’s only part of the challenge. What they forget to piece into that equation is the people education element, and that’s absolutely vital to understand. Failure to consider staff, or your staff’s education as part of your cyber security strategy, is a sure way to ultimately end up in a difficult situation. We’ve seen this time and time again. People don’t understand how they should behave. They don’t understand what emails they need, what links they should open and what they shouldn’t open. They cannot identify the triggers that they should be looking at when they receive an email that could potentially be malicious.

At a physical level, are they aware of who is following them into the building? Do they notice the stranger sitting at a computer or the person pretending to be an authorised contractor in a busy office building? All of those things, all of those parameters, all play together to undermine the value of the investment in technology that organisations make to protect themselves from outside attack because things happen from the inside and organisations just don’t pay enough attention to that. So, I can’t emphasise it enough. Educate your teams, educate your people to understand, not just in the context of the organisation, but the way in which they behave in their private lives too.

  • What do they do about protecting their own bank accounts?
  • What do they do about protecting their own identity information, and how do they ensure that nobody impersonates them one day and takes over their lives?

These are all factors that when you piece them together and you ensure that your teams are equipped with that information, there’s a far lesser likelihood that you will end up with a disaster.

A recent study by Tessian showed that 43% of employees are “very” or “pretty” certain they have made a mistake at work that has security repercussions for their organisation. Bear in mind that the actual statistic may be significantly higher once we take into account those that are unaware, or unwilling, to admit the same mistake. A further study by Egress showed that 55% of IT leaders rely on employees to alert them to cybersecurity incidents. This means your organisation might not be catching and addressing the mistakes made by your employees.

Real Business’s article titled ‘The Best Practices for Cybersecurity Training in SMEs’ highlights the importance of educating your staff about cyber security, as well as having a strong security culture and having practical tools to put in place.

When it comes to data security no organisation is too small

what-is-your-organisations-biggest-cyber-vulnerability

Data Security in Small Businesses

SME organisations are the new ‘soft target’ for cyber security attacks. Larger organisations have a bigger budget for their cyber programs, and even with the many thousands, and sometimes millions of dollars they invest, they are still breached.But whereas the Sonys, Linked-Ins and Yahoos of the world can weather a large scale cyber-attack and come out more or less unscathed on the other side, SME organisations are seldom as fortunate. The loss of operational capacity and reputational damage caused by a breach will often trigger a total business collapse.

No matter the size of the organisation, cyber security and data protection must be treated as a key priority, especially so in the Healthcare and NFP sectors where so much personal information is housed and accessed. The organisation that believes that it won’t happen to them, either because they’re too small, or nobody would be interested in them, is using 20th century thinking in a 21st century world. What we often hear, particularly from smaller organisations, is ‘It won’t happen to me’, because ‘Nobody would be interested in our data’ or ‘We’re too small’ or ‘We’re not a high profile target’. For SME organisations, nothing could be further from the truth. A 2019 study by Verizon showed that 43% of recorded cyber attacks had targeted SME businesses.

When we look at the Healthcare and NFP space, it’s important to note that an individual personal details record is worth more dollars to a cyber criminal than a record containing credit card information. Why? Because if credit card information is lost or stolen, it’s very easy for a financial institution to detect that, stop the transactions, replace the card and life goes on.

But, when an individual’s health record, and an individual’s personal information is stolen and falls into the wrong hands, you end up in a situation where people can take over the identity of a particular person or a group of people. Then you end up with a really major problem. The consequences of cyber attacks can be very severe, whether it’s being fined for failure to comply with regulatory requirements, to organisations physically collapsing in the wake of an attack.

All those things can be avoided, but what’s really important to understand here is that it’s not about investing a sum of money in order to be 100% protected, because there’s no such thing. We see very large enterprises investing millions, sometimes even billions of dollars in security and we still hear about their breaches in the media. It’s about demonstrating that you have taken the right level of responsibility and made the right level of investment commensurate with the size of your operation, with your economic reality, and with your capacity to be able to invest in protecting yourself.

We need to look at aspects that include not just the protection of your perimeter or the ‘walls’ of your computer network, but also protecting yourself from people coming from the outside and things that are happening from the inside, because the reality is that a large majority of breaches and data loss actually occur as a result of something that is inward focused rather than a problem that happens from the outside. And quite often it’s because people simply lack the education to understand what it is they should and shouldn’t do, and how they should behave responsibly in the world that we live in today.

So what’s really important to understand here is that it’s not just about the investment in technology to help protect against cyber related issues. It’s just as much about people understanding how to behave inside their organisation to protect what is probably one of the most valuable assets that the organisation has, which is that the organisation’s information.

What is your organisations biggest cyber vulnerability? The network? Viruses? The configuration of your firewall? These are all common answers. They’re also all incorrect. Your organisation’s biggest cyber vulnerability is its people. The majority of successful cyber breaches occur because a poorly trained employee inadvertently clicks a link, engages with a website, provides information over the phone, or a combination of all of those behaviours, leading to a successful network breach. As cryptographer Bruce Schneier once put it “Amateurs hack systems, professionals hack people”.  

The Forbes article titled ‘How to Protect Your Small Business From Cyberattacks (And Their Financial Fallout)’, provides a perspective on the different requirements SMEs have over larger businesses when it comes to protecting their business from cyber attacks. The article challenges the widely held belief that small businesses are safer from cyber attacks than larger businesses and emphasises the importance of prevention no longer being an option, but an imperative.

The cost of not having a disaster recovery plan

photo-of-word-Disaster-recovery

The impact of not having a disaster recovery plan for your organisation

Small to medium sized organisations sometimes fail to create a disaster recovery plan, figuring ‘we’re too small’ or ‘it won’t happen to us’. Or, if they do create a plan, they seldom, if ever, test it before it’s required. When faced with unexpected scenarios, such as hardware failure, a security breach or a human impact disaster (March 2020’s COVID outbreak was a perfect example of that), these organisations face worse consequences and have greater trouble recovering.

Max Mayfield’s quote can be applied to technical disaster every bit as much as natural ones. Much like a hurricane, when an unexpected scenario arises, if your organisation doesn’t have an effective recovery plan in place, chaos ensues. Being prepared by having a plan in place ensures that your organisation won’t have to learn through tragedy.

A mistake that we see often in many organisations, particularly SMEs, is a lack of protection for the information that the organisation generates and uses; information to do with their patients, members, constituents etc. Most people understand that data needs to be backed up. We all get that, or at least we should. But the process seldom goes far enough. What do I mean by that? Well, let’s look at what happens with facility-based disaster plans. All organisations have a plan that coordinates an evacuation from their building. The plan ensures a safe, orderly exit, a coordinated assembly at specific spots and ensures that everyone is accounted for. But we don’t just plan it. We DO it. We run drills before an event occurs. Why? So that when it does, we know that the plan we put in place will work. 

Unfortunately for most SME healthcare organisations and NFPs, there’s a lack of extension into the virtual world of securing data or information assets. You may have a rigorous backup process, but does anyone test the results? Do you truly know that the data being backed up is there? Can it be retrieved when it’s needed? Who is monitoring that and making sure that it is actually happening?

Following on from our evacuation discussions above – if there is a fire, what happens once we do get everyone out? The building, or at least a significant section of it, is likely to be unusable for quite some time. Is a plan in place in the event that our building suffers a significant amount of water ingress, or the roof collapses etc., and it’s uninhabitable? Can the organisation continue functioning in a normal fashion but operating from elsewhere? And how long does it take to get to the point that the organisation can operate from elsewhere? Can all of the people in your organisation go home tomorrow and continue to work in the same way that they did from the office? And what are the implications of not being able to do that? What is the cost of downtime in terms of your ability to deliver services to the community or to your patients in real terms?

Whether that something has happened as a result of a physical problem in the building, a cut communication line in the street or a cybersecurity breach that resulted in files and data being locked up by criminals that are set on extracting money from you, ultimately, it doesn’t really matter. The end result is all the same. If you don’t have the right disaster recovery plan and the right methodologies and technologies to support that plan in place, any of those things can result in a negative impact.

We saw a great example of that in early 2020. When Covid hit, nobody expected it. Overnight, great swathes of the Australian workforce were sent home. Our clients mostly continued operating as usual because we set the right solutions in place to enable them to work remotely. In other words, there was a plan and when it was needed, it worked.

A survey by Flexential, looking at IT systems within the healthcare sector revealed the following statistics:

  • 85% of respondents had a disaster recovery plan in place

BUT

  • More than 50% only tested that plan once a year or LESS
  • A further 8% never tested it at all!

This means that nearly 2/3 of those respondents that had a disaster recovery plan in place are at risk of the plan not functioning as it should when it’s required. Frequent testing allows for updates and fixes to the plan. The more time passes between each test, the risker it becomes for your organisation.

The hidden cost of inadequate IT infrastructure

Role of IT Within an organisation

The client retention issues that can arise when IT infrastructure is inadequate

When people think of the cost of inadequate infrastructure, it’s typically downtime and increased replacement cost that come to mind. However, there’s a whole other layer of hidden cost, including client retention issues, staff turnover and lost business opportunity. This week we’re looking at the client retention issues that can arise when IT infrastructure is inadequate.

Smart infrastructure investments are a key advantage to any organisation, but especially so in the traditionally over-stretched and under-resourced areas of the Healthcare and NFP sectors. The key to those smart, strategic investments is an infrastructure plan that encompasses all 4 quadrants of the Majestic Organisational Maturity Model.

An inadequate, or not-fit-for-purpose IT infrastructure creates a number of issues. The most obvious issues that often come to mind are an increased technology debt, increased downtime due technical failure, but the less obvious impacts include the ability to both attract and retain your clients.

For example, let’s assume that you’re an NFP organisation and you’re delivering amazing social services into the marketplace. Obviously, part of your ability to survive is by having a growing membership or having philanthropic input into the organisation, by having people invest or bequeath funds to the organisation. Those things don’t just happen by themselves. They happen because people are able to engage with you from the outside, and that typically happens through technology.

Long gone are the days that the only way to collect funds was through a telethon or via phone. We have a number of different mediums today that are available equally to everyone. An ever increasing number of charitable organisations in Australia mean that everyone is fighting for funds that can support the organisation and help them champion their cause. The organisations that invest in the type of technology solutions that reduce friction and make the experience of interacting with them a more pleasurable one, are ultimately the ones that win the lions share of those funds. On the other hand, the organisations who don’t end up missing out, because :

  • It’s too hard to interact with them.
  • It’s too hard to sign up as a member.
  • It’s too hard to subscribe to receive information that the organisation delivers.
  • It’s too hard to receive care services etc.

And when it’s too hard, people simply go somewhere else.

InfoXchange have released their 2021 report into Digital Technology in the NFP Sector. Now in its 7th year, the report provides detailed technology insights. Some notable statistics from this year include:

  • 69% of not-for-profits are in the process of moving or have moved to the cloud.
  • 53% of not-for-profits are satisfied with the way they are using technology.
  • Only 38% of organisations reported that their primary information system allows them to understand the impact of their services.
  • Almost 50% of organisations do not have effective organisational information security plans.
  • 25% of not-for-profits felt they were completely or largely unprepared to support staff working from home.
  • 44% of not-for-profits said improving their website is a top priority.

These findings point to an overall level of digital immaturity within the NFP sector. Does your organisation reflect these results?

The most expensive mistakes organisations can make

Phot-of-a-Man-thinking-Expensive-IT-Investments

Majestic's CEO Tal Evans discusses most expensive IT mistakes organisations can make

Today Majestic’s CEO Tal Evans will be discussing the most expensive IT management mistakes that organisations make when they fail to consider the 4 measurement quadrants behind the Organisational Maturity Model:

  • Process
  • People
  • Customer
  • Growth

 

When an organisation identifies a technology problem that is hampering its operations in some significant way, the natural response is to invest in a solution. And yes, from one perspective that sounds like a great idea. From another, it’s dangerous – because it smacks of knee-jerk reactivity.

We often see organisation wasting significant amounts of money as they attempt to fix one problem but then create others through the implementation of short sighted solutions. We’ve seen it happen with organisations that are in the early days of their relationship with us, who were either making the best decisions they could by themselves, or perhaps working with an alternate provider. Either way, decisions were made that didn’t take a broader organisational view into account. Those mistakes, which are excusable, can also happen in another context – when an organisation continues to invest in a particular area of the business that is already going well. After all, it’s an attractive option to foster the part of the business that’s running the most profitably.

But however well either of those strategies may appear in the short term, be it that a problem is solved, or the part of the business that’s running well runs even better for a while, ultimately, it’s a flawed approach. Because the investments aren’t viewed across the full four quadrants of the maturity model, they won’t ultimately deliver the outcome the organisation needs, or worse still, it causes the organisation to step backward.

David Blumenthal’s quote highlights the role of technology as the facilitator for delivering health information. The healthcare or NFP organisation that fails to take their process needs into account invariably winds up with a completely inferior ‘information circulatory system’.

The beginning of 2020 saw a sudden wave of organisations moving to remote work as the first of the COVID lockdowns hit. Employers and employees alike scrambled to setup the necessary infrastructure and procedures that would support operational continuity while they were without access to their offices.

Just over 18 months down the track, here in Australia we’re tentatively hoping that those lockdowns are a thing of the past. But one element of those lockdowns is here to stay – and that’s the remote workforce. Employees at all levels across many industries are showing an immense reluctance to return to the office on a full- time basis, with many relishing the increased satisfaction, flexibility and savings in both time and travel that the ability to work remotely has brought them. As such, we’re also seeing workplace flexibility being used more than ever before as a drawcard to attract talented staff.

For many organisations, remote working has become an integral part of the organisation’s culture. However, the rapid nature of the way the infrastructure and processes around it were setup has, in many cases, led to a less-than-ideal operational maturity in this area. If your organisation hasn’t developed a robust strategic approach to remote working, from both a technical and procedural perspective, then that should be a high operational priority coming into 2022.

A Case Study: The Peninsula Home Hospice

The Peninsula Home Hospice engaged Majestic Computer Technology in 2019. During the early days of that engagement, an analysis was done and the organisation’s maturity determined. A number of high priority issues including cyber security, business continuity, and support were identified. With Majestic’s help, Peninsula Home Hospice went on to implement a number of changes, including moving many of their operations to the cloud, adding a document management system, equipping the team with secure, remotely monitored laptops and replacing ageing network infrastructure.

When the COVID pandemic hit, PHH’s CEO reported that the measures put in place helped the team to cope more easily than they might otherwise have been able to.

You can read more about the Peninsula Home Hospice story here.

What happens to organisations who fail to measure themselves against the four quadrants before they act?

Role of IT Within an organisation

Discussing how our our Assessment model’s four quadrants flag the highest priority IT investments

Two weeks ago we introduced the Measurement Quadrants that underpin Majestic’s 5 level Organisational Maturity Model.

  • Process
  • People
  • Customer
  • Growth
 

These four quadrants are used as a measurement tool to help an organisation determine where they are on the maturity scale. However, they have an additional purpose – they also flag our highest priority IT investments. As such, today we return our attention to those four quadrants, but with a different perspective. What happens to organisations who fail to measure themselves against the quadrants before they act?

Without the measurement quadrants, organisations will tend to prioritise their investments on areas of the business that are already doing well. The areas that are not are often left to drop further and further behind in terms of investing. Or alternatively, a push to fix the ‘squeakiest wheels’ mean the areas causing the most disruption get the attention, but that also may not be to the organisation’s advantage. Either way, poor choices are made and money is wasted. It is only when all four quadrants have been assessed, measured and defined that an organisation can consistently make IT investment decisions that will deliver the required outcomes.

Digital Leader Pearl Zhu highlights the fact that digitisation is no longer just an element of the business that affects the IT department – it’s now an all-encompassing, major player in the overall success or failure of an organisation’s operational success.

We looked at what happens to organisations that fail to assess their maturity across the 4 quadrants of the Majestic Organisational Maturity Model. When we talk about an organisation’s maturity, it must be assessed across all four quadrants. The first quadrant is Process. Elements to look at when assessing your process maturity include:

  • Are processes clearly documented and is that documentation readily accessible?
  • How well are the steps being followed?
  • Where possible, are steps automated?
  • What are the handoffs between steps / between processes?

The next quadrant is your organisation’s People.

  • What is your staff turnover like?
  • Are your team frustrated by other elements in the quadrant that aren’t performing as well as they should?
  • What is your organisation’s culture?

Our third quadrant is also people focused, but it’s the people outside the organisation – the Client Retention. Note that ‘client’ can be used in a variety of contexts, including patients, members etc.

  • What is the organisation doing for its clients?
  • Is it easy for them to interact with you?
  • How do you assist them to ensure that they continue to move in the right direction?

And finally, the last quadrant that we look at is growth.

  • What is your organisation aiming to achieve?
  • What are your aspirations?
  • What goals are set over what period(s) of time?
  • Ultimately, how will technology be applied in order to get there?

Once a full assessment has been undertaken across the quadrants, any skewing or stretching becomes apparent. For example, an organisation that has invested heavily operationally may not have paid as much attention to its people. Or alternatively, they may have chosen to invest in their people, but then forgotten about their client retention strategy. So, the organisation ends up with a somewhat skewed maturity. They might be at a level one or level two in an Operational context, but at a three in the context of their Client Retention. They might be a two on their People strategy, and then a one again in terms of their growth.

Although not ideal, this skewing has an upside – it shows which areas of the business require the highest priority attention in order to align the quadrants effectively. When you make an investment in the wrong area before you try to align those four quadrants, money gets misspent. Time and time again we see organisations investing in areas that aren’t going to yield the best outcome, because their organisation is simply not ready for it. They’re investing at the wrong time or in the wrong area because all of four of those quadrants aren’t considered. So the investment doesn’t deliver the right outcome and that’s an expensive mistake.

Choosing and investing in the right new technologies for your organisation can be difficult. Accenture’s article ‘Getting the most out of new technologies’ describes how CEOs can strategically implement innovative technologies to generate a significant return on their investment.

The 5 levels of Operational Maturity – Parts 2 & 3

Phot-of-Is-your-organisation-future-ready-yet?

Discussing levels 3 to 5 of Majestic’s Organisational Maturity model

Last week we introduced the 5 levels of the Majestic Organisational Maturity Model.

1.   Initial
2.   Emergent
3.   Structured
4.   Integrated
5.   Optimised

We covered the characteristics of an organisation at both the Initial and Emergent levels. Let’s look a little higher now and turn our attention to the remaining three:

An organisation at the Structured level has a good understanding of the tools they require and how to use them. Staff know what technology to use and how to use it to achieve their required results. The challenge now is that the transfer of information between systems is still inconsistent. Some connections have been made already, and they’re working really well. But in other areas they’re not. I’s very hit and miss and as a result of that people are not sure what to expect.

Unfortunately, when you’re not sure what to expect, humans resort to the lowest common denominator, what they see as the least risky way of getting something done and that has consequences. The organisation is in a stronger position than it was at the emergent point, but is still suffering because it’s not using its tools to their best possible advantage. That creates deficiencies which result in additional cost and lost productivity.

The organisation that has overcome that barrier has become Integrated. The tools that they’re using have a clearly defined flow, with each step clear and easy to follow. It could be a workflow. It could be a handoff of information from one department to another. It might be an approval process that needs to go through five different stages in an organisation before it gets the green light and gets carried out. It could be a variety of different steps or processes that are now really nicely automated. We have a very homogeneous architecture that fits together as smoothly as a hand into a glove.

The final step, also best possible position to be in, is when all of that the above is Optimised. The organisation is now operating at its highest possible level. All tools are now perfected and automated. The architecture is completely sustained and aligned and all pieces fit together and flow into each other seamlessly. People just simply follow the bouncing ball when they’re going through the motions of delivering an outcome in their role and that manifests itself in the way in which the organisation is governed, all the way through to how outcomes are being delivered in the organisation.

MIT’s George Westerman’s seemingly light-hearted quote emphasises a vital point – that without a sound strategy in place, digital transformation does at best, very little, and at its worst, can cause more harm than benefit.

Future-ready organisations, or in other words, organisations in the Optimised state, identify the requirements of both their employees and their organisation. They then match those requirements to suitable infrastructure solutions which optimise the processes between them.

A recent Accenture study showed that on average, future-ready organisations experience at least a 1.7x higher efficiency than those at lower maturity levels and at least a 2.8x boost in corporate profitability. Across our client base, we’ve seen some significantly more impressive results.

Operational levels of Maturity part one -Initial & Emergent

Is-your-organisation-isn't-maturing-interms-of-its-technology-approach-what-are-you-missing

Majestic's 5 levels of Operational Maturity

Majestic’s Organisational Maturity model defines an organisation’s operational IT maturity by where it sits within 5 levels.

  • Initial
  • Emergent
  • Structured
  • Integrated
  • Optimised

Our focus for now is on the first two stages – Initial and Emergent. These stages are characterised by an organisation applying foundational technology at a basic level, yet also failing to really consider the strategic connectivity or functionality of the technology within their organisation.

 

 

Pearl Zhu highlights the often less considered elements that help to define organisational maturity. Organisational maturity isn’t just about having great technology and using it within your processes, it’s about using that technology to make your business agile, innovative and people-focused.

The Majestic Organisational Maturity model has evolved from many years of working with SME organisations. From our initial assessment (when they’re not yet a client), all the way throughout our engagement with them, we’ve analysed the patterns we’ve seen time and time again and been able to define them as a model that consists of five different levels that describes the way in which a business operates in the context of their operational maturity.

 

 

An organisation at the Initial state will have a very basic set of technology tools. Most likely an email program, word processor, spreadsheet package and possibly a small application to run accounts and produce invoices etc. Although these tools may be sufficient for the job at hand, nobody has really given any thought to the underlying architecture.

Due to this there is very little, if any, integration between those various tools, so information needs to be manually transferred by human beings from one type of technology into another and that’s very time consuming. When an organisation develops some additional maturity, they move on to what’s called the Emergent state, where there is still a limited number of tools being used, but there are now some more tools available to various departments, people, individuals and so on in their roles.

They evolve into a transitional state in terms of the way in which information can flow from one system into another. It’s far from ideal, but they’ve at least got a basic awareness of the fact that they need to have some better integration between their tools so that the flow of information between them is cohesive. This is the beginning of them creating a strategy that will lead them right up to the Optimised level.

Watch for the continuation of this series next week as we define the Structured, Integrated an Optimised level of the maturity model.

A recent Accenture study revealed that maturing only one level higher on the Organisational Maturity scale results in an average 7.6% efficiency increase and 2.3% profit increase. Across our client base, we’ve seen some significantly more impressive results. With the majority of SME organisations operating at or below level 3 on the maturity scale, there are many ways in which change can be implemented without necessarily making widespread alterations to your organisation’s investment.

You can find out more about the Organisational Maturity Model and how it relates to your organisation in Majestic’s white paper “ Best Practice Approach to I.T. Management for Healthcare and Social Services Organisations”, available here.

How does having and not having an enterprise architecture approach tend to impact organisations?

Role of IT Within an organisation

Benefits of using an Enterprise Architecture approach when strategising for, or investing in, IT

Many poor investment choices are caused by one factor – a lack of consideration for the broader impact that any plan of action can have on an organisation as a whole, regardless of how well that plan addresses the issue at hand. Employing a Solutions based architecture approach solely, without the overlay of an Enterprise architecture approach, is a sure-fire way to create that very issue.

When Majestic engages with new prospects or clients in the SME space, we see a recurring issue that limits the success of their IT strategy. The advice they have historically received, focuses almost exclusively on the application of technology to address very specific issues, usually the most pressing one at hand. While there is an immediate benefit to an investment that resolves the issue at hand, applying that solution without taking a broader view of potential implications down the track often causes trouble. The most common consequence is a poor technology investment. The challenge is to resist fixing the immediate problem a hand and to step back and take a more holistic view. There are four questions that should always be asked:

  • How does this fit within the scope of what we’re doing overall?
  • If it doesn’t fit, What should we be doing instead?
  • Is this this solution going to get the best possible outcome for our organisation?
  • Where should we be prioritising our IT investment to get the best possible outcome for our organisation?

We discussed what can happen to organisations who fail to apply an Enterprise approach to their IT infrastructure investments. So what happens to those that do? Organisations who make the enterprise architecture approach a focus get great outcomes.

  • They look holistically at their overall plan.
  • They consider their 12 month, two year and five year timelines.

And whatever the case may be, they then cut that into consumable chunks and break it down into projects. They work to understand all the underlying factors and facets of what they’re trying to achieve and then, like pieces of a puzzle, start placing them together in order to achieve a cohesive, well thought out approach. By considering the bigger pieces of the project through planning and analysis, they end up with a better outcome when they eventually invest, receiving a much more significant return on their investment. It’s like the old saying of ‘Measure twice and cut once’ – the same thing applies in a technology context.

 

 

Kevin Lindley, a published educational author, urges the importance of utilizing Enterprise Architecture. When investing in technology, it’s fundamentally important to consider the broader picture of the business’ processes and their goals. Without this broader analysis, the critical aspects will not have been considered, resulting in poor investment choices.