Who is the King of SIAM? white paper
- White Paper
- Service management
- Business solutions
- Methods & frameworks
August 26, 2015 |
40 min read
- White Paper
- Service management
- Business solutions
- Methods & frameworks
Service Integration and Management (SIAM) is currently one of the most talked about topics in IT Service Management. This white paper builds on our earlier white papers on SIAM - An introduction to Service Integration and Management and ITIL® and An example ITIL®-based model for effective Service Integration and Management - and helps explain how it offers service providers with the governance and also the freedom they need to do their jobs.
Service Integration and Management (SIAM) is at the time of writing one of the most talked about topics in IT Service Management. It is also one of the most hyped and sometimes misrepresented topics.1
Whilst SIAM re-applies much of the thinking from ITIL®, the successful design and use of SIAM models requires a fresh look at how to apply ITIL in complex multi-sourced situations. It also requires an open- minded approach in order to design an appropriate model for the particular characteristics, culture, capabilities, and service landscape of each situation. Hence there are many flavours of SIAM, and many different models that share many characteristics.
The key to understanding SIAM is to understand the concepts before diving into the detail. This whitepaper helps to do this, by successfully building on the earlier AXELOS whitepapers on SIAM2.
It introduces the concept of SIAM as a ‘King’, providing the necessary governance over service providers on behalf of the customers, but at the same time giving them the freedom to do their job against an understood mandate.
The authors elaborate on the processes and practices of successful governance in a multi-sourced, integrated service landscape, based on their practical experiences across the globe and draw out the differences between integrated service management and SIAM.
This whitepaper is a useful addition to the body of knowledge on SIAM, and should be essential reading for everyone involved in SIAM, thinking about SIAM, or wanting to know more about SIAM.
Service Management and SIAM consultant and author.
Service Integration and Management (SIAM) is the new black. It’s widely discussed and sometimes cited to solve all our service management problems. SIAM is a seemingly obvious adaption of the ITIL® best practice framework that seeks to provide the key to the effective management of the multi- provider model in existence in most modern enterprises.
Kevin Holland's recently published White Papers3 on this subject have explained the conceptual origins and relevance of SIAM well, but what is it that distinguishes SIAM as a distinctly unique model? What needs to be in place for SIAM to deliver value in the complex multi-provider service management landscape?
Against a backdrop of increased business and IT complexity, the IT Service Provider is faced with a challenge to deliver more with less. Customers demand IT cost transparency and demonstrated value. Additionally, multi-sourced service delivery is the new reality for many. Both customers and users are demanding innovative technology solutions and access to each providers’ specialisms, but do not necessarily want to be presented with the issues that controlling the complex web of multiple providers brings.
Customers of IT services are sometimes finding (to their detriment) that end-to-end control of service delivery is becoming more difficult to achieve. Gone are the days of the more simplistic internal IT Department: today’s modern IT team is made up of a number of providers, sourced in pursuance of a value network, facilitating the delivery of services outcomes to support the customer. Many of these are external providers and typically answer to their own shareholders and have their own commercial interests at play. This could be in conflict with those of the customer and/or other providers.
In the multi-sourced service delivery models, the key to success is the ability to manage the challenge of cross-functional, cross-process, cross-provider integration while finding an effective method for controlling this delivery environment and assuring ‘value based’ outcomes for the customer. ITIL has long advocated the importance of focusing on the value delivered to the customer, however, our experience has shown us that many organizations find difficulty in doing this. SIAM provides an opportunity to re-focus on and re-interpret those ITIL core principles to facilitate the achievement of those customer outcomes.
At Kinetic IT we have seen SIAM in operation and indications are that it can and indeed does, if some basic principles and models are put in place. Fundamental to SIAM success is the definition of a governance structure that allows the business to define its (IT) direction and priorities, without having to get involved in day-to-day choices and management of the different providers and technologies.
SIAM provides a single point of control and definition of the end to end accountability for service delivery: stepping away from the commercial focus, directing efforts to delivering services from the perspective of the end customer. These principles of SIAM aren’t new to the service management world and SIAM endorses the well-known and established ITIL service management best practice approach of establishing a lifecycle-based view of service, a cradle-to-grave approach where the definition of service ownership, service commitments, process control and governance are paramount.
Having properly executed process activities as the basis allows SIAM to bring strong additional focus on the orchestration and control of the multi-supplier service modules. Business outcomes are a fundamental aspect of SIAM –as they are for ITIL– and SIAM establishes the necessary business outcome-focused capability to extract the value from multiple supplier engagements.
An effective SIAM solution enables the necessarily robust operational contract obligation management, vendor management and operational interface controls required to successfully operate the multiple provider landscape. Each supplier becomes a ‘module’ in the delivery model and these service modules can be discretely managed and more easily swapped in, modified or indeed removed or replaced. This is already apparent in the cloud based services market where, for example, hosting services can be provided by many different suppliers.
This way SIAM effectively puts the ‘balance of power’ back into the hands of the business or customer. SIAM exercises the power and controls of a monarchic solution (‘The King’). SIAM is not just a symbolic figurehead, it provides governance that commands the reverence and respect of each of the providers within the model.
The customer seeks the assurances provided by a governing King that it will deliver benefit. The King rules in accordance to the constitution and within the IT service delivery model. This is defined through strategy, policy, process, and autonomy over other providers in the model. SIAM provides the business with the necessary levers required to steer service provision – a valuable attribute, especially with the ongoing development of Cloud services and rapidly evolving business strategies.
But SIAM is not a dictator that rules through a contractual straightjacket for outsourcing. The SIAM model seeks to empower providers. It achieves this ostensibly through the effective control and governance of the process interfaces, setting quality criteria (based upon the customer’s policies and the authority delegated to SIAM) and ensuring on-going compliance to said criteria across provider groups. For the provider, this establishes a mandate that allows them to do the job they are obliged to do, without a detailed, procedural specification of how to do this.
3. The challenge for SIAM
The challenge for SIAM
With choice comes complexity and challenge and the customer or business to be served has a great deal of choice when it comes to their IT service provision. Therein lays the SIAM challenge.
In the multi-provider model, providers may each be eager to deliver services but they’re not always working as effectively as they could when viewed from a customer or end-to-end perspective. The difficulty is that issues fall into the gaps between the service provider modules, often leading to finger-pointing, degradation of relationships between the providers and eroding customer confidence.
Customers are calling for more defined and cohesive control structures that will allow the management of service providers in a consistent and efficient way. They demand performance across a portfolio of services that meets the needs of the users or as we refer to them, ‘consumers’ of the services. This is where the need for SIAM originates and the challenge to design such a structure begins.
In many customer and provider relationships, existing standard contracts have some limited alignment to a SIAM model. The alignment generally stems from high level clauses for suppliers to ‘work collaboratively’ with other suppliers but generally that is about the limit. Many service agreements lack sufficient clarity on accountabilities and responsibilities of the various providers and, of equal importance, the controlling and receiving customer.
Contracts, for example, may state a requirement to ensure an alignment to ITIL, yet they don’t stipulate the explicit expectations of the outcomes of this alignment. It’s all well and good stating that a supplier will ‘do incident management’ but in reality the supplier may only have a limited ‘swim-lane’ role to play (e.g. the role of resolver group). Introducing RACI4 into the contract construct is of great value but again it has to remain flexible so the customer retains the required levers to enable the IT services to remain aligned with the changing business and IT strategy.
At Kinetic IT, we see the Australian market place for SIAM service providers maturing: The major global IT providers are adapting to the customers’ demands and are regularly marketing revised or new operating approaches. However, many are pushing the implementation of the ITIL processes in isolation rather than an overarching service management approach. Whilst there is no question ITIL provides a lifecycle process set that is needed for service delivery, SIAM is proposing the addition of further definition around process inputs and outputs as well as a strong supplier governance model at its core.
4. Why SIAM (and not more ITIL)?
Why SIAM (and not more ITIL)?
ITIL has been around since the late 1980s, having gone through several major revisions since, and recognized worldwide as the de facto framework for Service Management. Whilst it’s not on top of the hype curve – compared to philosophies such as DevOps – it is still considered the framework of choice for many organizations.
There are widespread stories of organizations ‘trying to do ITIL’ or those that ‘have tried ITIL, but it didn’t work’. In those stories the issue is not ITIL but the way it has been applied. ITIL is a framework to be adopted and adapted; the challenge is the approach to that adoption and adaptation, to be the most efficient for a specific organization.
SIAM is fundamentally an adaptation of ITIL’s integrated service management framework. Like ITIL it supports the need for a strong relationship between IT and the business. Within that it explains how the necessary linkages between the service consumers, infrastructure providers, application and cloud providers needs to be planned. As such it’s not essentially different from the ITIL framework, but it adds a focus on the control and governance of multiple service providers much more. It also provides an organizational structure of necessary functions required to manage the relationships with the various providers and consumers.
Some call SIAM an evolution of ITIL. However, SIAM is rather the evolution of our understanding of how to correctly apply a framework for integrated service management, such as ITIL. That is, not bigger or better, but a more functional structure that provides more organizational context and focus.
The IT landscape is vastly more complex than it was at the genesis of ITIL (or even its latest incarnation in 2011):
- There is a continually increasing business dependency on IT
- Business are more demanding and expectant of guaranteed performance
- IT refresh and innovation cycles are shorter
- Sourcing and multi-sourcing are common place
- At the same time, there is an expectation of agility and advancements from the contracted partners.
The ITIL processes can be adopted and adapted to deal with these challenges and complexities, and SIAM relies upon these processes to guide service delivery. But SIAM itself is not a process, it’s a structural capability supporting an environment where the challenge is one that involves the control of the inputs/outputs and cohesion across value networks that is necessary in an environment where these processes are being undertaken by a number of service modules. Existing ITIL Service Management structures, tools and processes can be easily integrated within a SIAM model, whereby SIAM overlays a supplier control and governance structure.
For this reason, the question is not SIAM or ITIL?, but rather SIAM and ITIL. The SIAM model needs to be designed in combination with the ITIL Lifecycle approach and the relevant processes, based on business direction and required outcomes. The SIAM model here intends to facilitate collaboration across the various providers and management of those multiple interfaces; as Kevin Holland has correctly stated: SIAM is ‘one step above’. SIAM processes define the activity, its inputs and expected outputs, the controls, the measurements and the audit and verification procedures; but it allows individual Service Module Providers to define the specific mechanisms that enable those activities.
This may sound like the Prime Contractor model, which consists of one major contractor (the ‘Prime’) and several, smaller SME ‘subcontractors’. Although the subcontractors are typically identified and managed by the Prime Contractor, with agreement from the Customer, in the Prime Contractor model the business relinquishes much of the flexibility and impartiality that is available within the SIAM model. For example, it’s harder for the business to influence the replacement of underperforming sub-contractors when the agreements are intertwined with a larger overarching agreement owned by the Prime.
SIAM is subtly and culturally different from that model. The main difference being that, within the SIAM model, the business retains control of who it wants to provide the services for each of the delivery modules. In the SIAM model, SIAM is the facilitator and has the ‘high ground’ of authority, acting on behalf of the business whether the service modules are fulfilled through outsourcing or retained in- house. This way, the business has the ability to establish a more competitive framework for service module procurement, with appropriately designed cross-supplier tensions.
This is where a process such as ITIL’s Strategy Management for IT Services is important within a SIAM model. The definition of a provisioning model should be formed albeit at a concept level. The IT Steering Group (ISG) within the customer is tasked with making the decisions regarding how IT will be sourced and which type of providers under which model will facilitate the delivery. This should lead into a holistic service design which incorporates the concepts of separation of concerns, modularity and loose coupling. This provides the flexibility SIAM needs to be able to de-couple underperforming service providers.
Other processes in the SIAM structure focus on over-arching coordination of the service modules, through the lifecycle comparable to ITIL processes such as Design Coordination, Transition Planning & Support or within the Continual Service Improvement phase. Others are around tactical & strategic decision making such as CAB (Change Advisory Board) or Change Evaluation, or aligned to control & review (Audit, Service Review and Continual Service Improvement again).
5. Service Orchestration
The rationale for SIAM is insurance that the IT and business strategies in relation to challenges in multi-supplier environments align. The role and responsibility the customer takes is critical here. There is no question that IT leadership can contribute intelligence about technology trends, open market services, opportunities and challenges, but the IT strategy must represent the business or customer and ultimately needs to be formulated to ensure seamless integration and alignment across an organization’s enterprise and service assets. The organization needs to define a knowledgeable point of control.
IT must be seen as a strategic partner within the business. A partnership focused on looking for, and delivering the best solution for the customer or business rather than focusing on the technology solution IT wants to deliver. This is where the IT Steering Group (ISG) or IT Governance Board (IGB), as defined in ITIL, is imperative. To be successful with SIAM, this group must have a defined strategy for IT services, and within that strategy, it must define the models to be used when designating IT service layers and processes. This is service orchestration and these models are typically designed to be extensible so that new business processes and functions can easily be added, extended or discontinued. Without such a framework in place, the concepts of SIAM are difficult to achieve as the overall measurement and coordination activities that provide the SIAM benefits have not been defined.
Additionally a Service Portfolio is an imperative here. The Portfolio describes each of the IT services in terms of business value.
The customer must define the strategy for IT services and the model for Enterprise Architecture as well as the point of control exercised through the ISG or IGB to achieve maturity within the IT provisioning model. This may be undertaken in conjunction with the SIAM provider or trusted advisors, although the customer would retain accountability.
The ITIL definition of Enterprise Architecture as defined within ITIL Service Strategy is:
‘…the description of an organization’s enterprise and associated components. It describes the organizational relationship with systems, sub-systems and external environments along with the interdependencies that exist between them. Enterprise architecture also describes the relationship with enterprise goals, business functions, business processes, roles, organizational structures, business information, software applications and computer systems – and how each of these interoperate to ensure the viability and growth of the organization.
… Enterprise architecture identifies how to achieve separation of concerns and how to define architectural patterns (or the rules of how systems communicate with one another)’5
Service Strategy and Enterprise Architecture are complementary but serve different purposes. An element of strategy is to perform market analysis, to define a model for service delivery that is likely to position the organization for success. Enterprise architecture provides intelligence to the service strategy, bringing a clear definition of the business processes. It plays a key role in the creation and management of a reusable set of architectural domains for the organization. These domains might include business, information, governance, technology, security and others.
These structures define the basic principles in which the SIAM controls can be established. Greater controls exercised through service design provide the business with well-conceived, flexible service modules allowing greater controls over the providers delivering each element of the service solution.
SIAM encompasses the full lifecycle of IT Services, from both the business and end user’s (service consumer) operational perspective. This means that accountability for service quality and performance can be managed from service concept through to service retirement (cradle-to-grave). Thus a customer that wants to realize SIAM benefits needs to realize that SIAM is based on an investment in IT service strategy and service design.
The critical success factors of an effective SIAM lies in the customer’s understanding of their retained accountability throughout the service lifecycle:
4.1 WITHIN SERVICE STRATEGY
The customer will define the service provisioning model to be used for IT services and service management.
- SIAM will ensure full understanding of the customer and business needs and strategic focus for multi-supplier management.
4.2 WITHIN SERVICE DESIGN
The customer will define enterprise architecture at a service, application, data environmental, and infrastructure level so that service providers understand the standards by which services should be delivered. SIAM will:
- Define the service management processes based on the standards provided (for instance the ITIL best practice processes)
- Ensure service provider conformance to service design standards
- Define the boundary where information needs to be exchanged between service providers and the SIAM
- Ensure the end-to-end delivery of services through the service management processes, ensuring service provider module alignment to customer standard and policy
- Manage and report on service delivery and ensure alignment and value creation.
The customer will establish the supplier management process, the sourcing and procurement activities that will ultimately facilitate the selection of service providers. The customer will also retain some supplier management process activities such as policy setting, standards creation and financials.
- SIAM will perform the day-to-day supplier management activities.
4.3 THROUGHOUT THE LIFECYCLE
The customer will be responsible for managing the Business and IT relationship.
- Establish a business relationship management process
- Understand the boundaries and dependencies between the services, the provider and the service management processes
- Contribute information and expertise on the market and technology advancements to the IT Steering Group or Governance Board.
Evident in this model is that it is not only about those areas that a business may consider out-sourcing, it also contains information relating to areas that must be retained. These include:
- Service Procurement and Contract Governance – Primarily to provide the required governance across the end-to-end supplier environment
- Standards and Policies – The customer cannot outsource accountability for the standards and policies it expects to be adhered to; therefore, retaining this is critical
- Business Continuity Management – Over-arching control and governance of the identification and continuity of critical business processes (including their IT support)
- IT Strategy – Setting the long term direction for IT, including a strategy for sourcing and engagement
- Enterprise Architecture – The customer and their business must retain accountability for the direction it takes. In achieving the strategic plan suppliers are expected to support the business as required
- Programme/Project and IT Governance – Retained functions from the business to oversee and direct both projects and operational IT
- Work & Project Prioritization – Working together with the Governance functions, this area dynamically allocates priority (and resources) to those activities or projects that benefit the business the most.
The model has also aligned ‘like-minded’ process areas into grouped teams. This builds ownership end- to-end, enables positive cross-team tensions, provides opportunities and creates resourcing efficiencies.
6. The King of SIAM
The King of SIAM
Governance is the King of SIAM. SIAM provides a single point of control and definition of the end to end accountability for service delivery in multi-supplier environments, bringing a strong focus on the orchestration and control of the service modules.
The role of King is that of chief administrator, chief legislator and chief judge, with all laws, orders, verdict and penalties originating from the King. The King’s powers and titles are proof that the King is absolute monarch. The King’s power is not limited to being a symbolic figurehead, and the institution commands the respect and reverence of all under his command.
Governance is the King in the Kinetic IT SIAM model which builds on current SIAM thinking and provides a SIAM Services Framework and supporting processes. There are typically three layers of SIAM governance which roughly equate to strategic-tactical-and-operational levels or the Approve-Manage-Do workflow:
- Plan (& Approve) – Exercised by the ISG/IGB as the advisers and decision makers, typically holding the final say with regards to funding approval, contractual and commercial agreements and Business/ IT strategy alignment
- Manage – Exercised through groups or committees with the power to endorse or approve based on defined delegated authorities or process policies/business rules
- Do – Peer-to-peer working groups, fulfilled by the provider teams and typically aligned at the process level, designed to recommend approaches or innovations. These groups may have some delegated authority at the process layer but typically this is minimal.
Functionally, SIAM ‘Governance’ manages the deployed governance framework. This includes defining and reviewing Policies and Processes (with customer agreement), setting agendas, ensuring quorums are met and ensuring quality and audit trails throughout. Operationally SIAM Governance performs an audit function (evidence of action and not just intent) and also provides a quality oversight across the service modules.
At the SIAM Model level you can see the groups of people needed to operate the service management processes that have been deployed. To define these groups, the ITIL approach of adopt and adapt is necessary, with groups only being deployed where there is a corresponding need. Additionally compliance to the ISO/IEC guidance on the application of service management systems (SMS) provides a helpful definition of the process inputs and outputs that form the basis of the expectations of each modular provider.
ISO/IEC 20000-2:2012 enables organizations and individuals to interpret ISO/IEC 20000-1 more accurately and therefore to use it more effectively. The guidance contains examples and suggestions to enable organizations to understand and apply the standard, including the use of a service management system (SMS) for the planning, design, transition, delivery and improvement of the SMS and services. At a minimum this comprises service management policies, objectives, plans, service management processes, process interfaces, documentation and resources. The SMS provides ongoing control, greater effectiveness, efficiency and opportunities for continual improvement of service management and of services. It enables an IT organization with multiple modular providers to work effectively with an integrated vision.
The use of the term integrated is to differentiate the SIAM ‘centralized’ forums from the ‘local’ provider forums which may or may not still occur. Within these forums, granting controls or empowerment is a role of the SIAM control model. Using a change management example to illustrate, SIAM may empower a supplier through trust. SIAM trusts a supplier to act appropriately in respect of the business (and remember that the contractual controls provide the teeth here!). If a provider is deemed to have complete control over a change, there is no need for the change to be discussed/approved by SIAM, as long as there is no expected service disruption or operational/functionality amendment, no required involvement from anyone outside of their own module and as long as there is a record of the change occurring that can be measured, analysed and reported against (i.e. a minor change). The supplier may therefore hold their own local CAB, whereas the SIAM level iCAB (integrated Change Advisory Board) is instead initiated where there is a service disruption, a change to operational/functional elements or for a change that requires involvement from more than one module provider.
SIAM plays a considerable role in the approve space, but this is mostly the accountability of the business. The actual SIAM functions operate in the manage space, linking to the do of the individual service modules. As such, it fits in between setting the Policy and executing a Process. Following on with our change management example:
- Customer/Plan and approve – Approve the Change Policy and Process and provide delegated change authorities
- SIAM/Manage – Manages the Change Process and provides Change Approval in line with delegated authority and Change Policy
- Providers/Do – Delivery of Change in compliance with Change Process and Policy but empowered to utilize its own procedures and techniques for cost efficiency.
In any SIAM model, the definition of the Service Desk as a separate module is imperative. In fact, the Service Desk is a special service module, one that is a hybrid: part service delivery and part SIAM function. This is because SIAM and the Service Desk hold the ‘single source of truth’ relating to customer knowledge. This layering enables the customer to more easily swap service providers in and out without the impact of the supplier change being witnessed or experienced by the end user. Because of this, the Service Desk Service Module can be more easily combined with an external SIAM provider, (see the model figures in section six).
7. Example SIAM Models
Example SIAM Models
Within the SIAM model, there needs to be a discussion on what the customer wishes to retain and what they are happy to outsource to a SIAM provider. Taking the management of change as an example which might occur at the whole group level: i.e. the customer may elect to retain complete ownership of the integrated Change Advisory Board (iCAB), or they may elect for a provider to co-ordinate the iCAB meeting where the customer retains the change manager role, or may elect to outsource the responsibility entirely, (though not the accountability).
This would very much be specific to the customers’ unique industry, maturity and capability. Below you can see some of the models that can be applied, depending on how much control the customer wishes to retain or divest:
- SIAM retained by customer
The customer may wish to retain the SIAM function in-house, perhaps fearing that outsourcing the function will impact on their ability to exercise effective management and control.
In figure 6.1 the customer is ultimately accountable for service delivery and will be responsible for strategy, enterprise architecture, policies and standard and contact ownership.
Each of the Service Modules themselves can be delivered by either an internal or external provider.
This model requires a great deal of service integration and management capability to be present within the Customer’s organization, not only in the field of supplier and contract management, but end-to-end process control, performance management and improvement measurements & initiatives.
To a degree, this model can negate the strategic benefits of outsourcing since the customer may not have the specialized capabilities required to perform this function successfully.
Often organizations underestimate both the number of resources as well as the expertise required for the SIAM Management layer. The possible consequence in this instance is that the SIAM model is limited to supplier and contract management.
- SIAM provided by an independent third party supplier
In figure 6.2, the customer retains overall accountability, governance and direction but divests the control and management of the service modules to an independent third party provider. Each of the Service Modules themselves can be either internal or external, but are third party providers unrelated to the SIAM.
The expertise of the third party can be leveraged to establish a successful SIAM control function. The critical success factor is the impartiality of the provider, as well as its ability to leverage control over all the service modules. The internal modules may resent control by an external party, whereas the external providers may revert to working to contractual directives and effectively ‘painting by numbers’ within the defined constraints of a contract.
The key, therefore, is for the customer-retained SIAM Governance function to clearly identify the goals and the mandate for the outsourced SIAM control layer and to invest in effective communication of the intent of the model and the autonomy divested by the customer.
- SIAM provided by third party supplier which also provides one (or more) Service Modules
In figure 6.3 the model extends figure 6.2 with the external SIAM provider also providing one (or more) of the Service Modules. The Service Desk module/function would be a prime candidate for this model, as it provides such a central role within the SIAM Model.
Similar to the previous model, this type of adoption is common and will still be successful if the impartiality element is at the core of the provisioning design. This, of course, is complicated by the fact that the external SIAM provider is also responsible for the delivery of one or more of the service modules.
These challenges can be overcome by including different organizational management streams within the third party provider (i.e. one for SIAM and one for the service provision of the modules) and to make sure hierarchy within the third party supplier is correctly aligned to this. SIAM must be seen as fair and unbiased to, and across, all providers.
- Hybrid: SIAM provided by third party supplier over some of the Service Modules (with the Customer to retain the remainder)
In this model, the external SIAM third party supplier manages only a number of the Service Modules, often the ones delivered by an external service provider. The Customer also performs SIAM control and management, generally over the internally provided service modules. Often this model grows out of an extended outsourcing strategy or is based on an infrastructure vs. application (development) environment.
The additional functions and the lack of true end-to-end management needlessly complicate this model, and the challenges noted in the customer SIAM model prevail. The recommended solution would be to utilize one of the earlier defined models.
8. The impartiality of SIAM
The impartiality of SIAM
It is incumbent upon SIAM to create a delivery structure that supports process inputs and outputs, lays down governance, standards and controls but does not stiﬂe the individual procedural activities that will be proprietary to each provider in the model. This allows the various providers and their various responsibilities to be pulled together in a way that shields the customer and users from the complexity of the service provisioning model and presents the result in a single controlled outcome.
In an ideal world, SIAM would be completely independent, with no bias one way or another in relation to which suppliers provide what services. However SIAM is led by the customer’s Business and IT Strategy, which may also include a cultural bias towards a particular product or supplier. With such tacit and intangible concerns at large, it is difficult, if not impossible, for SIAM to be truly independent.
The customer is the obvious choice as they are independent of any external provider. This may make them well placed for SIAM management, but not always well suited, since they may not necessarily have either the skills or the appetite required to provide the SIAM role. In addition, there is a potential bias towards internally delivered service modules and providers, which in turn may skew the equity of the end-to-end service delivery relationships.
This leaves the customer with a challenge. If the SIAM function is outsourced, can the SIAM function achieve the independence and the cultural and organizational hierarchy adaptation required for SIAM control?
This control and governance in SIAM can be described using the widely recognized term ‘Poacher turned Gamekeeper’. The term originates from a recognition that the best gamekeepers inherently know the tricks of the poacher’s trade. This may not be an analogy that IT service providers would enjoy but it does create a useful comparison to reflect SIAM’s role in the effective management of third party suppliers. By understanding the challenges, strategies and approaches adopted by suppliers SIAM can effectively grease the wheels of interoperability at the module interface, without stifling the providers with too many prescriptive processes.
The key to success is ensuring the development of a SIAM model that is ‘impartial’ yet not necessarily independent.
Impartiality (also called even-handedness or fair-mindedness) is a principle of justice holding that decisions should be based on objective criteria, rather than on the basis of bias, prejudice, or preferring the benefit to one person over another for improper reasons. Independence however can be described as having freedom or control from the influence of others6
So what’s the difference and why is it important for SIAM?
The challenge is creating an environment where impartiality is both seen and believed to exist:
- The first imperative is expectation setting. This involves defining the policies and principles governing each service module. Establishing the rules of the game becomes easier if the provider has been actively involved in, or at least has a full understanding of the imperatives. Engagement helps allow providers to overcome unrealistic expectations and to confirm a clear understanding of obligations
- Using a common or single source of truth. The creation and communication of an enterprise governance model, that can be referred to by all providers, creates a parity amongst them which in turns provides the basis for an impartial control of this model
- Confidence in SIAM competence. Probably one of the most difficult aspects in demonstrating impartiality and building credibility for the SIAM is through the demonstration of service management expertise and business alignment. In application of process and measurement of outcomes there is a need to be consistent and impartial. This will be determined by how well agreed processes are followed and measurements are applied
- Developing trust and rapport. Establishing strong cross-modular relationships, with effective SIAM mediation when challenges occur is important. Parties need to trust that the SIAM provider as mediator is interested in helping all parties resolve any issues that arise. If this is established, they are less likely to question the impartiality of the mediator.
9. SIAM success factors
SIAM success factors
SIAM is a compelling model for any type of business; private or public sector, insourced, outsourced, co-sourced or any other hybrid solution. Much of the value of delivering integrated service management solutions, however, is intangible and complex. The value lies in how these service elements are defined, provisioned and controlled.
Customers frequently struggle to obtain the expected value from provider relationships. Contracts can often be stifling for the relationship and once agreed, they can become the be all and end all, a millstone around everyone’s neck. Customers try to manage the supplier with the contract but the effort involved often results in frustration for both parties, resulting in a relationship which is managed unsatisfactorily through a singular, monthly SLA Review meeting.
Additionally, a lack of understanding of what has been agreed (provider obligations) and what this means to the customer, (in regards to their responsibilities and accountabilities), can mean that vital service components are not delivered Many contracts stipulate alignment to ITIL or ISO/IEC 20000, yet suppliers only deliver Incident, Change and Problem processes, (the latter often only reactive for Major Incidents), and consequently such alignment can never be achieved.
It is the enablement of service management process outcomes that really drives customer satisfaction. So, where the (Customer-retained) governance layer is the King of SIAM, the SIAM Management layer can be seen as a concierge. The concierge becomes an Officer of the King who is charged with duties to ensure justice, process adherence and control. They expedite results by being expert in the nuances of their environment and use this knowledge to empower those around them. Importantly, they know and respect their boundaries and know when and by what means to escalate or seek decisions. They assess the value in tangible and intangible terms and express this to the business. A concierge is commonly placed at the doorway to services. They open the door then guide and witness the user experience, but do not actually deliver the service. It is this ability to witness the experience while possessing the time and insight to act that drives improvements that are most important.
The relationship between SIAM and all service provider modules is primarily operational as opposed to contractual. That doesn’t mean that the SIAM has no teeth in the management of the contract, but SIAM would not typically own the contract management relationship, such as the procurement of services from the supplier, contract negotiations, and contract commercials including billing. SIAM owns the operational management of the contract; managing attainment of service levels, performance and contractual obligations management.
This makes SIAM the operational face of the customer, across all services and all providers. In order to achieve this, the following success factors need to be in place:
- A clearly defined business and IT strategy, supported by policies
- Defined business values and outcomes
- Retained customer Policy and Contract governance (through architecture, procurement etc.)
- Impartial SIAM management
- Service Module agreements that do not dictate procedural activities, but instead leverage provider knowledge and promote end-to-end outcomes and improvements.
SIAM enables an organization to manage multiple service providers consistently and efficiently. It builds on the service management processes as defined by ITIL. It ensures that a portfolio of multi- sourced services meets user needs and creates value by providing a dedicated governance function.
Organizations trying to implement SIAM need to understand the distinction between integrated service management and SIAM. For example, implementing a set of processes within a centralized management team is insufficient to implement the SIAM function. Failing to add the extra elements of SIAM such as governance, autonomy and the impartiality to manage the suppliers creates SIAM functions that rarely move away from operational delivery.
The title of this White Paper makes a playful reference to the well-known movie The King and I, a play on words to identify that SIAM is in control, or ruling, the multiple service module providers. Other analogies like gamekeeper or concierge are used to characterize a similar role of SIAM in the end-to-end management of service delivery. However, when shifting perspective towards the control and governance, this white paper wants to clarify that SIAM itself is ruled by the business goals & strategies. Ultimately, governance from the business is the King of SIAM.
SIAM seeks to allow the customers to focus on their core business in a multi-provider environment. However, if the focus is primarily on supplier management and the organization fails to retain that customer-SIAM partnership it will invariable lead to a SIAM function that isn’t addressing business needs. Additionally, SIAM requires established lines of communication, allowing early notification and engagement in business plans in order to see how these might impact on the service delivery.
SIAM requires the mapping of process inputs and outputs across provider boundaries, enabling the service modules to perform in a consistent way without restricting their opportunity to demonstrate their specialism and individual approach.
Education is also key: The customer needs to understand their role in SIAM but, equally, the service modules need to be aware of their responsibilities, as well as the measurement and controls that will govern their approach. Service modules must be suitably skilled and incentivized; teams made up of each module need to be engaged in planning how customer-defined standards are actually going to be delivered.
SIAM is both framework and function. It uses the tried-and-tested, best practice ITIL processes and concepts and creates a functional layer of accountability, governance, monitoring and control across all suppliers. The role of SIAM is to ensure the quality of inputs and outputs at the process interface level, across all in-scope suppliers.
An effective SIAM function will unquestionably enable organizations to take advantage of the flexibility and innovation of multi-sourcing and standard services, while delivering integrated services to the business.
11. Key Definitions
The business provisioning the IT services. Within the business, the customer refers to the group making the strategic decisions about the IT set up or provisioning model for IT to be used by that business.
Enterprise architecture refers to the description of an organization’s enterprise and associated components. It describes the organizational relationship with systems, sub-systems and external environments, along with the interdependencies that exist between them. Enterprise architecture also describes the relationship with enterprise goals, business functions, business processes, roles, organizational structures, business information, software applications, and computer systems – and how each of these interoperate to ensure the viability and growth of the organization. (ITIL, Service Design).
Modularity is the degree to which a system’s components and functions may be separated and recombined.
Provider, Service Provider, Service Module Provider
A service provider (aka service provider/service module provider) is a group or team that provides an organization with a service. For the purposes of this white paper, the reference is essentially to IT service providers. The term service provider refers to organizational sub-units or third party or outsourced suppliers.
ITIL differentiates between service providers by categorizing them as type I, II, or IIIType I: internal service provider
Type II: shared service provider
Type III: external service provider
Type III service providers provide IT services to external customers and, subsequently, can be referred to as external service providers, ranging from full IT organization/service out-sourcing to limited product feature delivery such as ASPs (applications service providers) or commodity/hardware suppliers.
The strategic plan to sourcing and provisioning the IT services agreed by the customer.
A model used to help define roles and responsibilities. RACI stands for Responsible, Accountable, Consulted and Informed. (ITIL, Service Design).
A generic term used to define an agreement between two parties. This might be the customer and a service provider, or a service provider and another service provider.
Any resource or capability of a service provider (AXELOS (2011) ITIL Service Transition, TSO,)
The act of coordinating the service activities across service providers in a way that ensures providers are in step or synch with each other for service action, quality and timeliness.
We refer to the end users of the services as the service consumer – not simply because this is what they are but to also reflect the clear demarcation of consumer and purchaser. Service Consumers primarily engage with IT through the Service Desk/Service Centre
The term layers is used to highlight the end-to-end nature of service delivery. The five layers are:
- Business Layer – the customer receiving the service
- Retained Service Layer – the minimum services retained by the customer i.e. not out-sourced.
- SIAM Layer – This is the end-to-end controls layer of the organization’s IT environment.
The customer sets the controls, SIAM applies them. It is important to note that there is no defined above the line/below the line standard for the extent by which SIAM is retained or out-sourced: all or nothing and everything in between.
- Service Delivery Layer - The service modules that deliver the IT services. Internal, external, partner or cloud providers reside in this layer.
- Product Layer – Key to the successful integration of service, this layer consists of the products, tools, software and hardware that provide the service foundation. Product integration, end-to-end tooling, data protection, security and data sovereignty are crucial factors.
Often used to describe the supplier landscape, service modules refer to each group that provides a discrete service. Services are provided in a modular fashion, such as end user services, systems and storage services, application maintenance and application development services. The clarification and market specialization of each service module reduces the impact on the business should the need to swap out a supplier arise.
Some interpretations of SIAM call these Towers.
Defining the end-to-end view of service activities and establishing the standards for inputs and outputs to the end to end process. This includes defining control mechanisms while still allowing service module providers to define the mechanisms of fulfilment and the freedom to pursue internal processes.
Separation of Concerns (SOC)
An approach to designing a solution or IT service that divides the problem into pieces that can be solved independently. This approach separates what is to be done from how it is to be done. (AXELOS (2011) ITIL Service Strategy, TSO,)
Retained Governance and Compliance
There are a few key activities that the SIAM model recommends are always retained by the customer. These typically include policy setting and supplier contract management activities. Retained governance and compliance provide the necessary operational direction and contract escalation points to SIAM.
12. End notes
- First Publication August 2015
- ‘An Introduction to Service Integration and Management and ITIL®’ (https://www.axelos.com/case-studies-and-white-papers/introduction-to-service-integration-management) and ‘An example ITIL®-based model for effective Service Integration and Management’ (https://www.axelos.com/case-studies-and-white-papers/an-example-itil-based-model-for-effective-siam)
- ‘An Introduction to Service Integration and Management and ITIL®’ (https://www.axelos.com/case-studies-and-white-papers/introduction-to-service-integration-management) and ‘An example ITIL®-based model for effective Service Integration and Management’ (https://www.axelos.com/case-studies-and-white-papers/an-example-itil-based-model-for-effective-siam) [Accessed: 7 August 2015]
- Available from: http://2020projectmanagement.com/2013/10/the-responsibility-assignment-matrix-ram/ [Accessed: 7 August 2015].
- AXELOS (2011) ITIL Service Strategy, TSO, section 5.4
- Available from: worddictionary.com [Accessed: 7th August 2015].
13. About the Authors
About the Authors
Simon Dorst is Kinetic IT’s Manager for Education & Learning. ITIL® trained in 1992, he has spent most of his career educating and advising people and organizations in the Netherlands, Singapore and Australia of its benefits and application. To him, ITIL is nothing more (or less) than common sense, written down, and as such, it is undeniable, but also easily combined with other frameworks such as COBIT, MOF, DEV OPS, AGILE, PRINCE2, OBASHI or in this case SIAM. Simon is the State Branch Chair for and frequent contributor to the itSMF Australia. His pseudonym of the ITIL Zealot is a well- known and respected voice in the global service management community.
Michelle Major-Goldsmith is the Service Management Capability Manager with Kinetic IT. Her role is to educate, rather than ‘just train’, mentor and advise Kinetic IT staff and its customers in the principles of service management and the practical application of these principles in various environments. Michelle has been in the industry for over twenty years across virtually all continents. She was formerly Training Director at UK service management company Sysop and Head of Service Desks at RAC Motoring Services. In addition to her role with Kinetic IT, Michelle is also the chair of the ATO Advisory Council (AAC) and AXELOS’ Working Group and, as such, is instrumental in shaping the accredited training of AXELOS’ best practices. She is extensively published within the Service Management arena.
Steve Robinson is the Manager for Service Management at Kinetic IT. This includes leading Kinetic IT’s SIAM Design, Transition and Transformation function. Steve has over 25 years’ experience in the IT services industry gained in the UK, India and Australia. He has worked with world-leading organizations across service management consultancy, business development, service management architecture, IT Managed Service Delivery and IT governance. Steve is an ITIL Expert (and an ITIL Manager since 2000) and an ISO/ IEC 20000 consultant. Steve’s exposure to SIAM began with the original architects of SIAM thinking in the mid 2000’s and he has continued to develop his knowledge and experience of SIAM in subsequent years.