So I started the POC by reviewing with each technical teams involved in the process what they were exactly doing and how. I was very surprised to discover that almost tasks were already automated thru scripts.
I went deeply in the process to understand why it took so much time. I discovered that the teams involved were mostly expert teams like DBA, sys admin, websphere admin etc…, who has requests coming from various sources with the highest priority going to operations. So this kind of provisioning or environment checks were going to their to do list with middle level of priority and took an average of a week to become the active task. As you can imagine, I ask them why they were not delegating the execution as they’ve already automated the task execution allowing a monkey to do it.
They were not delgating because their scripts needed high level of priviledge to be executed, and there was no way for people outside of their expert teams could have this level of privilege as the risk should be to high and they didn’t want to endorse this responsability. When I show them how my solution could efficiently segregate the duties allowing execution of their scripts with the right privilege restriction according to the role of the guy we were delegating to, they had no issue to delegate. The result was a big win: 10 weeks to 2 days.
Bottom line is that experts already automated a lot of tasks most of the time but IT doesn’t get so much value from this automation because of lack of delegations. The first main lock is segregation of duties capability. That’s why if you want to get big value from DCA, you need to choose a solution that provides granular Role Base Access Control to achieve the right level of segregation of duties, first point to enable task delegation. There are other helpful points that I will address in a next post.