Previous month:
September 2005
Next month:
November 2005

"Common Mistakes in Process Improvement Efforts" from Gene Kim, CTO, Tripwire

I think the following is a really good article.  It was sent via email to my work email account as part of the monthly Tripwire newsletter.

"Common Mistakes in Process Improvement Efforts" from Gene Kim, CTO, Tripwire:

Best-in-class IT organizations know it takes people, processes, and technology to achieve high levels of service availability, security, and sustained compliance. The question is, when an organization starts its process improvement efforts, what most often goes wrong? What are IT management's most frequent mistakes that cause their efforts to fail?

The Visible Ops methodology codifies a prescriptive approach to build IT processes and controls, simultaneously achieving compliance and increasing operational effectiveness and efficiency.

The Problem and Why it Happens

We've studied high performing IT operations and security organizations and looked at failed change management transformations to find out why the initiatives do not live up to their promise.

Visible Ops prescribes that IT management 1) lock down changes, and 2) implement detective controls to ensure that the change management process is followed. However, many IT managers don't implement these changes.  Bud Campbell, a Principal IT Service Management consultant for Pepperweed Consulting, says "The biggest failure in any process engineering effort is accountability and true management commitment to the process."

When we ask IT managers why they don't lock down change, we hear two main
reasons: "We can't - we won't get anything done," and "The business pays us to make changes." However, unmanaged changes cause low success rates and high mean time to repair (MTTR). The perceived nimbleness and speed is an illusion.

We've also asked IT managers why they do not want to "electrify the fence"
around their change processes. They will answer, "We don't need to; we trust our people," or "Our people are professionals and don't need constant micromanagement," or "We already have a change management policy; there are no unauthorized changes. (But, don't make us bet our bonuses on that!)"

When IT managers will not bet their bonuses that there are no unauthorized changes, they indicate management by belief and good intentions, not facts.
A discussion about the business risks, such as security incidents and financial reporting integrity problems, resulting from uncontrolled and unmonitored change should lead to appropriate controls for mitigating those risks. These controls are what Visible Ops is all about.

The Solution: Visible Ops

Visible Ops can jumpstart implementation of IT change management controls and process improvement in IT organizations needing to increase service levels, security, and auditability while managing costs. The methodology is comprised of four prescriptive and self-fueling steps that take an organization from any starting point to a continually improving process. It helps IT managers answer the question, "where do I start?"

Visible Ops: 4 Steps to Implementing Change Control

Phase 1 - Stabilize the patient: Almost 80% of outages are self-inflicted.
Addressing change management and problem resolution will help control risky changes and reduce MTTR.

Phase 2 - Catch & Release: Inventory assets, configurations, and services, and identify those with the lowest change success rates, highest MTTR, and highest business downtime costs.

Phase 3 - Create a Repeatable Build Library: Create repeatable builds for the most critical assets and services, making it "cheaper to build than repair."

Phase 4 - Continual Improvement: The first three steps progressively build a closed loop between the Release, Control, and Resolution processes. The final step implements metrics to allow continuous improvement of all these process areas to ensure that business objectives are met.

Linkfest 051031 - Happy Halloween


Software Tools:


  • Phil Windley has posted his experience on trying to get some Tivo content on his new Video iPod
  • Engadget - "Garmin StreetPilot 7200, 7500 - GPS, traffic, XM, 7-inch screens"

Personal Development:

Singularity via IT Conversations:

Cold War:

* Dr. Vinge was one of my favorite instructors at SDSU.  He is also a pretty good science fiction author! ;-)

What Happens to TSA Confiscated Stuff?

According to CSO Online for July 2005:

Items collected by TSA will typically get donated to the states were they were confiscated.

These states and sometimes TSA is selling the "stuff" on the Internet (mostly eBay?).

What you can get: "pocket knives, files, nail clippers, lighters, and a purple sombrero."

Very interesting .... When I go on travel I have a self-addressed envelope with two first class stamps on it to mail something back that has been "captured."  It has saved me twice since 9-11 from having to re-purchase my Leatherman Juice Pro.

Portable Mixer - Still Very Helpful

I am still a big fan of my portable 9-volt battery powered Rolls Playmate MX56s.

I've blogged about it before: #1, #2, and #3.

I havn't been using it that much for podcasting (usually that is via USB Plantronics DSP-400 or using the Griffin iMic), but it is great for personal podcasting (capturing stuff with the family) and for doing audio editing (capturing sound from a DVD), or mixing some inputs.  It would probably be pretty good for doing mobile interviews but I haven't used it for that.

The other interesting thing is that I get more email about the unit than any other thing I've posted over the last couple of years.

Update on Bill Watterson @ Calvin and Hobbes

CNN - "Where's 'Calvin and Hobbes' creator [Bill Watterson]? - Maybe someday, officials will put up a statue marking this quaint village as the birthplace of Calvin and Hobbes."

The above is  a good article.  I just had a conversation about where was Bill Watterson, and the new Calvin and Hobbes book at Sunday School this past Sunday. Everyone was in agreement that they loved the strips and were very sad that new ones weren't being produced.

Calvin and Hobbes is still and probably always will be one of my favorite cartoons.

Custom Historical Maps

Forbes FYI for Oct05 also had a custom historical map pointer to artists Constance Brown and Julie Ruff at RedStone Studios to compliment the concept of Vogel Bindery's custom books.

If you'd like to translate your family or business history into a classical historical map representation, then you can get started for $4000.  In addition, they have created some maps of popular areas (Tuscany, Nantucket, Martha's Vinyard, Costa Rica, and East Africa) for significantly less money.

StressEraser (i.e. Pocket Yogi?)

Forbes FYI for Oct05 had a quick product overview of a small device called StressEraser that retails for $400 (seems pretty expensive, I think that MAKE magazine should come up with a cheaper alternative).

The unit apparently monitors your "blood" pressure via you index finger, and then gauges your stress level.  If your level is too high, then it attempts to get you to use breathing techniques to get you back to a better emotional focus level.