Supply Chain Fails

A year and a half ago I ordered a number of actual, physical paperback books to give to some friends at an event where I was speaking. The book was one I wanted to hand out related to the topic of our discussion and my time with them. A certain big book company began shipping these books in separate shipments from around their universe. However, the books kept coming and went way over the amount I ordered. I kept getting new shipment notices in email when I had already received the ones I had ordered.

This particular company is a big web based company and it is hard to actually talk to someone there. I sent emails and finally got a hold of a person and explained the problem. The first person couldn’t understand and didn’t fix the problem. I called again and got another person who did see the problem and managed to cancel what was happening. I offered to ship books back, but they said keep them and give them away.

Seven months ago I ordered some socks from another online business and got double the shipment.  Two weeks ago I ordered some running apparel and instead of three items, I got six. In both these cases, I offered to return the over shipment and they told me to just keep them.

A big company which ships a lot of books and two smaller, niche companies who are probably closer to the edge getting their order management and shipping wrong.

I don’t know if this is IT or order management or their online revenue engine, but in any case, companies big and small must get this right. You can’t stay in business long if you are getting so many shipments wrong.

I should have ordered iPads.



I finally worked all the way through Antifragile: Things That Gain from Disorder by Nassim Taleb.

An amazing book. Amazing obvious ideas.

I’m now thinking about how to apply this in IT. How do we build processes and IT infrastructures that gain from disorder. Systems that don’t fail from stress, but instead get stronger.

I’m thinking that the redundancy we’ve put into our network structures might get stronger over time due to disruptions. Over time, we adapt, put in more capacity, more redundancy, work out triangle WAN links between sites, design in excess capacity, etc. as a direct result of events that hurt the network. The net impact of the negative events is that the whole gets stronger. Does that count as one way antifragility increases in the system? We do seem to have less negative impact from outages because the ‘whole’ is more capable of adapting to outages.

Do our information systems get more antifragile over time as we experience issues, problems, outages, etc. and then adapt and improve and improve the ‘whole’ to lessen the impact of those events? Are we learning from these events and getting stronger as a result? Are our management teams getting more antifragile as we learn, adapt and improve over time?

Think about storage and how it used to be the drive failures resulted in outages in the data center. Such outages are hardly an event at all any more due to much higher MTBF on drives and due to RAID and other technologies that have been honed and improved over the years. Fragility has been reduced in our storage systems.

Lots to think about here.

Celebrate Those Who Get Things Done

Read something a few days ago that I can no longer find to reference. It got me thinking that we should celebrate those who get things done, not the ones who cast a vision or who are the appointed leaders. The ones who get things done are the ones we go to when we need help, when we have problems, when there are hard problems to solve. We don’t need a vision in those situations, we just need to get something done.

We need to be better at identifying these people in our organizations and honoring them in whatever fashion is appropriate. And we need to develop a sense of think about them, looking out for them and helping them get things done faster.

Maybe leaders should focus on getting obstacles out of the way of those who are getting things done?

Been gone for a while. Been busy, but aren’t we all? Wrote a bit about it over here.

The Health of the Network

I haven’t thought much about our network in a while. There were times that we used to talk about it all the time and consider uptime, bandwidth utilization and outages as well as network technology transitions. I don’t seem to do that much anymore. I just stopped a series of posts on things for new CIOs to consider and I didn’t even mention anything about the network.

I’m thinking that we’ve gotten to a point that the network availability and its capacity/speed have become like the lights. They simply work all the time (most of the time) and their support has transitioned to the background. We seem to have reached a place where the network is just there.

There is an article is Forbes recently entitled, Thriving with New Technology Starts with a Strong Network which I think is right.

  • The ‘internet of things’ where we are capturing data everywhere inherently requires us to move the data through the network to a data warehouse or equivalent.
  • Wi-Fi must just work and work well everywhere your people are located.
  • Video and telepresence is taking off and that requires high quality bandwidth.
  • All your messaging solutions need the network to move those messages. email, chats, alerts, etc.

In short, our network is critical and necessary but our thinking (or mine) has transitioned to the point where it is a utility? Like the lights?

What do you think?

2C) Supply Chain

Screen Shot 2013-06-10 at 6.41.43 PMFor whatever your organization does, what is the supply chain?  From inputs to outputs? This is the engine that fuels the results of the organization. If you are non-profit taking care of babies, then what donations are coming from where, how is the organization processing those donations and then how are they being distributed? If you make something, then what parts and services are required to generate the output that you sell? All organizations have these processes and as a new CIO, one needs to get their arms around those processes and how IT is supporting the ‘chain’.

Related, the reverse supply chain also needs to be understood with the same questions asked and answered. The reverse supply chain is for items being returned for whatever reasons.

In some cases, the phrase Order to Cash(OTC) is used is relevant as it covers everything from orders being placed through receiving cash(or equivalent) back from your customer.

Questions that should be considered and reviewed:

  1. Prioritization of Projects: How are your business partners prioritizing what they need IT to do and how is the relationship with these partners? Does the business have a collaborative partnership with IT to get things done?
  2. Shadow IT: Is there an out of control shadow IT needed by the organization to be successful? If so, why? Are there IT components being sourced, paid for and installed by the business independent of IT? If so, why? In these cases, the IT leadership needs to work on better collaboration and partnership with the business. Typically these things are being done because either a) someone in the business wants to be in IT or b) the business is just trying to get their job done. In either case, a conversation and fresh start is needed.
  3. 3rd Party Collaboration with Suppliers and Customers: What is the strategy and what tools/processes are in place to tie your extended supply chain together? Are things like co-planning being done where customers are sharing their future needs with your organization and if so, how and what tools are involved and how healthy are they? Just as your organization might want better visibility with customers, you must do the same for suppliers. Be the customer you want your customers to be. How is IT facilitating the ease of doing business? Perhaps visit with some customer or suppliers directly. Here is a post from InformationWeek that addresses the collaborative supply chain strategy.
  4. Signaling and Metrics: Does the organization have the level of signaling and measures in place to have full and deep visibility of the supply chain? Visibility needs to range upstream in suppliers and downstream to customer warehouses. Are there dashboards in place? Are there analytics about the health of the supply chain that cover logistics, warehouse inventory levels, order status, etc.?
  5. Security of the Supply Chain: How are you securing the sharing of information between suppliers and customers? How are you securing plans, drawings, IP, etc. And don’t forget to think about the business continuity capabilities of your suppliers. Don’t assume anything.
  6. What else? Your business is unique and are you appropriately looking at those unique aspects too? For example, if you have sub-components that need very long lead times to produce, then how good is your forecasting processes and tools? Long lead times likely mean you have to order things before you might have real orders in place. Do you have those thoughts well underpinned?

Your organization is unique so don’t assume what others do or say is the right answer for you. And certainly don’t assume just because a big software vendor wants to sell you something because everyone is doing it doesn’t make it right for you. I’ve learned that lesson myself.

What else?

2B) IT Operations

There are lots of topics in this area and those in IT have lots of stories to tell about their operations. I’ll list a few points here and perhaps do another list later or update this later with further points.

An IT shop begins and ends with how well it does basic operations. The services that are provided need to work reliably before one can begin discussions about adding new services or systems. One needs to have an honest assessment of how things are going and this should include both a qualitative understanding and a quantitative, metrics based understanding. When you talk to your peers, what did they tell you about how IT was doing? Did they give you any insights? On the metrics front, do you have real trend lines about uptime and costs and power consumption and outages? Can your team account for outages and talk about them to root cause? Is the team trying to fix problems at the root cause or just doing a ctrl-alt-del type fix?

Even if your ‘services’ are outsourced to a 3rd party, you still are accountable for it to the organization. You aren’t off the hook if the system runs in the Amazon cloud or Google Cloud or Salesforce, etc. Putting a service in the cloud doesn’t relieve you of this responsibility.

So here is a list of some ideas some of which are repeats from above:

  1. Power costs and consumption for your data centers.
  2. System/service uptime/downtime events (frequency) and duration (how long down). Note that these are different things and have different solutions. You need these for all your mission critical services and core or base level services. Remember that email is a mission critical system to your knowledge workers.
  3. Disaster Recovery testing data.
  4. Overall IT Operations costs and trends in a fashion where you can drill down to understand what is driving your costs.
  5. Equipment aging.
  6. Patch status on all levels of the stack. Network, server, OS, database, applications, clients, etc.
  7. Audit findings, testing and assurance practices.
  8. Accounts and in particular trusted account review process and frequency.
  9. Security monitoring and logging.
  10. Integrated monitoring across your whole stack where you can related events between systems and services. Security Information and Event Management (SIEM) tools and practices that are robust.
  11. And your help desks should be providing you a rich set of information about what services are providing the most grief to your workforce, suppliers and customers. Why are people calling in for help?

There are more ideas and I could probably keep writing. Screen Shot 2013-05-13 at 8.11.05 PMI must highlight a earlier post on Checklists that I think helps you assess the maturity of your operations. Are you using checklists; are your escalation rules followed and clear; is your team researching problems to root cause; are all indicators of maturity.

If I’ve left out some major thoughts or you want to add to this list, please let me know in the comments.



Time for a Simplification

You know, this IT stuff is getting harder. There are more threats/risks, more control points and demands, more functionality being required and more services being delivered. There is just more and more and more going on and it is getting harder to keep on top of all of it. I wrote of wicked problems a while back and those hard problems are still here with us. And business is speeding up with supply chains getting shorter and moving faster.

The combat these changes in business we need to:

  1. Simplify where you can. Ask your team where we are doing things that are not adding value and not helping the core part of the business succeed. Tell your staff and your teams that if you are driving complexity or chaos, that you expect them to speak up. Then be sure to listen when they do. If you can’t listen to their response, then you are in the wrong job.
  2. Make non-strategic things someone else’s problem. Can you move your mail environment to one of the several cloud email providers and cut all those servers in your data centers? Can you find other SaaS solutions that will simplify your universe?
  3. Surround yourself with great people and then get out of their way. You’ve got to have great people all over the place and then trust them to run the business. The leader should focus on strategy, operational expectations, relationships and staff development. The leader shouldn’t get into the weeds of database tuning, patch management, detailed feature reviews, etc. except where there is a critical gap of some kind.  I need to keep repeating this to myself.
  4. Put good metrics and scorecards in place. Measure what needs to be carefully done and don’t measure things that simply don’t matter.
  5. Network with peers in the IT industry and listen to what they are doing and telling you. Don’t ever assume you have all the right answers. Seek out wisdom and experience all over the place. Read.
  6. Network with the leadership in your own company. Connect with them often and listen to what they are telling you too.

What other ideas do you suggest? What have you learned?