Arch BPM blogger-cum-analyst Sandy Kemsley references an interesting conversation she had with some webMethods customers at Software AG's Integration World event where the customers "pooh pooh the BPM vendors who don't provide the whole integration stack". To me, this is interesting because (as Sandy calls out) "these customers are coming from the traditional EAI-type usage of webMethods".

One of the challenges in the growing market for Business Process Management (BPM) technology is the fact that there are many different technology providers bringing tools to the market, and each has its own technology background and heritage customer set with its own expectations. In truth, there isn't "one BPM".

What makes things particularly challenging is that it's very difficult to find a vendor that can truly support a rich range of different types of processes from the perspective of modelling, analysis and optimisation; while at the same time supporting complicated integration requirements. The task is particularly difficult if you're looking for an elegant technology solution with no duplication (some vendors can point to good coverage of all the main functional requirements today, but they can only do this by bundling overlapping and poorly-integrated products and technologies together).

It's a bit of a simplification, but broadly speaking, vendors fall into a "business process specialist" camp, where sophisticated modelling, monitoring and optimisation tools are provided; or a "process integration" specialist camp, where the main centre of gravity is being able to orchestrate services and applications in relatively sophisticated ways. The smaller, specialist vendors (such as Lombardi, Pegasystems, Singularity, Appian) fall into the former camp; the larger, generalist vendors (such as IBM, Software AG, TIBCO, Oracle) fall into the latter camp. Interestingly, BEA (and also TIBCO) actually span the camps as they've both bought pure-plays as well as having integration-centric backgrounds.

Next spring we'll be launching a major research programme looking at the discipline of BPM and the technology you need to support it - but until then the most pithy advice I think that can be given to an organisation looking to purchase BPM technology is:

Understand what, exactly, you want to do with BPM. Understand the key characteristics of the processes you're trying to improve, and equally importantly, who's driving the work - is it business people, IT people or both?

Unfortunately, getting to the bottom of things is not as simple as saying "I need a human-centric BPMS" or "I need an integration-centric BPMS".

Posted by neilwarddutton in BPM | Permalink | Comments (3) | TrackBacks (0)

I've lost count of the number of times I've seen throwaway comments exhorting companies to "create a centre of excellence (CoE) (mostly, for initiatives like SOA or BPM). Vendor / pundit / analyst / journalist: "Having trouble? Establish a centre of excellence!" Customer: "Oh, that's OK then, I'll do that."

But let's take a deeper look. Quite aside from the role that one of these beasts plays (something I'll attack in a future post), what does a best practice CoE look like?

From what I've seen out there in real-world implementations of SOA and BPM initiatives, I suspect that the best results come from having a good mix of responsibilities / personalities in the group. Something like an even distribution across this matrix of perspectives:

Although it's tempting to staff a CoE with good dependable technical people that you understand, you need a good mix of business-focused types and technology-focused types, because those business-focused types will help keep expectations practical, and help keep business people from outside the CoE engaged and willing to help. And it's vital to get a good mix of practical and visionary focus, because rolling out new concepts and approaches to delivering IT capabilities requires both "selling" and getting things done.

That's my view. What do you think?

Posted by neilwarddutton in Architecture • BPM • IT Governance | Permalink | Comments (0) | TrackBacks (0)

Andrew McAfee at Harvard Business school poses an interesting question:

do 'managers' belong on the list of knowledge workers whose jobs are being transformed by information technology?

His question is prompted by a number of interesting examples of the use of IT in areas such as "fluid" building fabrication, sculpture, BMW car design and poker playing. He then goes on to describe, based on the experience of his course teaching, that most general managers do not believe that IT can help them in their roles as leaders, change agents and value generators because:

until fairly recently the profession of general management was actually not one of the ones deeply affected by technology. Prior to the mid 1990s the footprint of most corporate IT -- the sphere of direct influence for a piece of technology -- was the single function or task. This made for a happy marriage between technology and knowledge workers like engineers, scientists, and analysts because these workers stayed within a single function. But general managers, by definition, do not. They're responsible for orchestrating the work of multiple groups. So from their perspective, IT was actually delegable and low level.

This chimes well with some of the points we raise in our March 2005 BPM report (which will be updated next month). In it we highlight that much of IT discussion of business process is actually about the shadow that IT automation casts on real business processes. The real world of business processes is much more complicated than would appear to be case based on what IT can support. There are business processes which serve to differentiate the business and there are those that are a cost of doing business. There are business processes which support day-to-day operational activities (or single functions or tasks as Andrew refers to them); there are those that support management of those operational activities; and ultimately there are those that govern strategy.

IT has historically played a prominent role in support the non-differentiating, operational processes. That role is significantly diminished when it comes to differentiating, management and strategy processes because they are more ad-hoc and collaborative and nature and depend on harnessing and exploiting a wide variety of applications and structured and unstructured information assets.

Andrew believes that the emergence of ERP and the Internet has enabled a new class of business process automation which operates at the level of the organisation and so are more suited to management processes. He also believes that "Enterprise 2.0" technologies (which Angela discusses in the broader context of enterprise collaboration in her recent report), by virtue of their emergent characteristics, promise to do the same and concludes that he is:

comfortable adding 'general managers' to the list of knowledge workers who have very powerful digital tools at their disposal, and who need to learn how to use them well. Does this also seem right to you?

His historical analysis of business process automation certainly seems right to us and we believe that a range of new IT capabilities have the potential to shift IT's supporting role in the direction of differentiating management and strategy processes. However, it's not just about managers learning how to use them well. As we highlight in our BPM and collaboration reports (and more broadly in our analysis of IT-business alignment), these management competencies must also address a broad range of organisational, cultural and governance challenges if these innovations are to fully realise that potential.

Posted by nmacehiter in BPM | Permalink | Comments (0) | TrackBacks (0)

Back in September Oracle announced that it had acquired privately-held Enterprise Role Management (ERM) player Bridgestream continuing its "identity management-through-acquisition" strategy. With many eyes focused on the company's Oracle Open World shindig this week, Sun also entered the fray with its plans to acquire another leader ERM independent: Vaau. Role-based access control (RBAC) is hardly new: the US' National Institute of Standards and Technology (NIST) initiated standardisation efforts back in 2000 and an ANSI/INCITS standard (359-2004 if you're that way inclined) was published in 2004. So why all this acquisition activity?

As with many things identity management, it's primarily driven by compliance, with a small helping of increased operational efficiency and cost reduction. As well as promising to streamline the provisioning and de-provisioning of entitlements, roles can help organisations to define, enforce and demonstrate those entitlements to address regulatory compliance demands.
The realisation of that potential, however, has proved elusive. Organisations have struggled to identify (!) the roles that they need, and inconsistent management approaches have often resulted in an explosion of roles to the point where there are as many roles as users. The likes of Bridgestream, Eurekify and Vaau, whose offerings provide role discovery, analysis, allocation and provisioning, emerged specifically to address these challenges, creating the identity management sub-market of ERM along the way.

With compliance top-of-mind for many of their customers and prospects, the major identity management suite vendors who were unable to respond as rapidly as the nimble ERM start-ups quickly established partnerships and, in some cases, moved beyond the press release to actually provide pre-built integration. Sun, for example, provides bi-directional data integration with Vaau (which should help to speed up the integration process). With two of the leading ERM players now with competitors, this leaves the likes of CA and IBM in an interesting position. Their partnership teams no doubt have their eyes (and potentially their wallets) pointing in the direction of Israel, where Eurekify is based.

Some of you may wonder why I didn't include Novell in this list. Had I been writing this post straight after the Sun announcement it would have been. But not long after the announcement I came across this post from an identity management group blog at Novell, which discusses how the company has been building its own role management capabilities, focused on role provisioning, exploiting its directory heritage (discussed in more detail in our assessment here) and partnership with Eurekify for role discovery and analysis. The post's author claims no knowledge of acquisition talks. Then lo and behold, and far be it from me to suggest that Sun's announcement had anything to do with the timing, the next day Novell announced its new Roles Based Provisioning Module.

Of course, a Eurekify acquisition by Novell could still be on the cards, despite the blogger's ignorance of any such discussions, but it seems to me based on Novell's stated strategy that the Israeli company is more likely to end up in the arms of CA or IBM.

The implications for customers are varied. Bridgestream and Vaau customers, who have plumped for a vendor other than Oracle or Sun, should be a little nervous and seeking concrete assurances regarding ongoing support. Customers of the likes of CA, IBM and Novell who are considering ERM will have to think very carefully before plumping for Bridgestream or Vaau for similar reasons.

Posted by nmacehiter in Identity Management | Permalink | Comments (0) | TrackBacks (0)