The past eight months have been brutal to say the least (Great weather and hotel thought!), working for a large global company designing a methodology for moving data from file shares to SharePoint and Documentum amongst other tools. Driven by compliance and industry regulation (HIPA, SOX, IAPP), I was brought in to develop a plan that would address the following:
- Understand the nuances of compliance and safe harbor requirements
- Determine the current state of data on the file shares
- Develop criteria for deciding where information should be moved
- Work with operations to ready the help desk
- Develop a awareness and training plan
- Align the stakeholders
Driven by an executives plan to deploy SharePoint as a catch all (magic bullet) solution for unstructured data (Can you say drank the Kool-Aid!) this plan was devised without conducting a proper feasibility study (Red flag 1). At this moment, I’m writing an article for Windows IT Pro that details an approach for Public folder and file share migration data to SharePoint and other repositories.
Within the first few weeks I had developed a plan that outlined meetings, workshops, data collection activities that would help create alignment, define scope, outcomes, identify risks, decisions, resources and then began evangelizing the plan. Having no scope of work due to the culture (Viewed as a negative activity – Red flag 2) I had to work with several departments and three IT managers (Red flag 3) in attempt to create alignment and ultimately, agreement regarding the project. After four weeks, I realized why no one within the organization would take on this project (Red flag 4), I was on a death march!
Lets cover some background as to why organizations take on such complex projects. Organizations that are heavily regulated such as energy, financial and pharmaceutical, are scrambling to reach a state of IT compliance. In conjunction, IT is struggling with providing solution to unstructured data which are causing storage systems to grow at 40-50% a year and business units are struggling with a structured way of creating, classify and retrieving unstructured data for purposes of increased productivity and service quality to name a few. Hiring auditors and other specialists, organizations have allocated resources to reach compliance which is generally accomplished in two ways:
- Stand alone compliance project related to information management
- Piggybacked on a major initiative such as data center consolidation and or infrastructure refresh
Generally the urgency of such projects is that auditors have uncovered problems and or an executive has raised their hands and said we have a problem.
Having multiple sponsors, no governance (Red flag 5), no scope of work, scope and priorities began to shift weekly. This constant injection of changes and the conflict between the sponsors brought the project to a halt. We literally had two to three months of no progress due to the paralyzing antics of the sponsors and the silos between the various IT organizations and business units. Wanting to do the right thing, I had two streams of work running in parallel:
- Continue with original scope and work the plan
- Begin rigorous communications and alignment exercises
After one month the project was on hold while being reassessed. After the assessment the new scope was to simply move data and create checklists for doing so. The risk plan of twenty plus items was thrown out, the toolset’s for inventorying data and security, transforming data and logging were thrown out as well. Compliance became an afterthought. What happened?
- No governance – the three headed dragon could do what it wanted
- Poorly executed ITIL processes had paralyzed and silo’d the organization
- Senior management over simplifying the initiative
- Over use of contractors
- Lack of resources
- On and on…
So what did I learn? If you put the blinders on and separate yourself from accountability just to get the work done, you can do just about anything and call it a success. You won’t achieve compliance, you’ll probably cause severe business disruption and several will probably lose their jobs.
A lesson for you technology executives, if it sounds to good to be true then it is!