Reduce Shadow IT With a Service Request Catalog

Foster business partnerships with sourcing-as-a-service.

Analyst Perspective

Improve the request management process to reduce shadow IT.

In July 2022, Ivanti conducted a study on the state of the digital employee experience, surveying 10,000 office workers, IT professionals, and C-suite executives. Results of this study indicated that 49% of employees are frustrated by their tools, and 26% of employees were considering quitting their jobs due to unsuitable tech. 42% spent their own money to gain technology to improve their productivity. Despite this, only 21% of IT leaders prioritized user experience when selecting new tools.

Any organization’s workers are expected to be productive and contribute to operational improvements or customer experience. Yet those workers don’t always have the tools needed to do the job. One option is to give the business greater control, allowing them to choose and acquire the solutions that will make them more productive. Info-Tech's blueprint Embrace Business-Managed Applications takes you down this path.

However, if the business doesn’t want to manage applications, but just wants have access to better ones, IT is positioned to provide services for application and equipment sourcing that will improve the employee experience while ensuring applications and equipment are fully managed by the asset, service, and security teams.

Improving the request management and deployment practice can give the business what they need without forcing them to manage license agreements, renewals, and warranties.

Sandi Conrad
ITIL Managing Professional
Principal Research Director, IT Infrastructure & Operations,
Info-Tech Research Group

Your challenge

This research is designed to help organizations that are looking to improve request management processes and reduce shadow IT.

Shadow IT: The IT team is regularly surprised to discover new products within the organization, often when following up on help desk tickets or requests for renewals from business users or vendors.

Renewal management: The contracts and asset teams need to be aware of upcoming renewals and have adequate time to review renewals.

Over-purchasing and over-spending: Contracts may be renewed without a clear picture of utilization, potentially renewing unused applications. Applications or equipment may be purchased at retail price where corporate, government, or educational discounts exist.

Info-Tech Insight

To increase the visibility of the IT environment, IT needs to transform the request management process to create a service that makes it easier for the business to access the tools they need rather than seeking them outside of the organization.

— Source: Zylo, SaaS Trends for IT Leaders, 2022

Common obstacles

Too many layers of approvals and a lack of IT workers makes it difficult to rethink service request fulfillment.

Delays: The business may not be getting the applications they need from IT to do their jobs or must wait too long to get the applications approved.

Denials: Without IT’s support, the business is finding alternative options, including SaaS applications, as they can be bought and used without IT’s input or knowledge.

Threats: Applications that have not been vetted by security or installed without their knowledge may present additional threats to the organization.

Access: Self-serve isn’t mature enough to support an applications catalog.

8: average number of applications entering the organization every 30 days

— Source: Zylo, SaaS Trends for Procurement, 2022

Info-Tech’s approach

Improve the request management process to create sourcing-as-a-service for the business.

• Improve customer service
• Reduce shadow IT
• Gain control in a way that keeps the business happy

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Create a request management process and service catalog to improve delivery of technology to the business

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. This GI should take 2 to 4 months.

Workshop Overview

Attendees:

• Asset manager
• Service manager
• Deployment team representatives
• IT executive (Day 1, a.m.)
• Representatives of security, infrastructure, operations, data (Day 1)
• Representatives of the business (Day 1)
• Steering committee representatives for (Day 1 & 2)

Prerequisites for workshop day 4

• Provide prior to workshop: list of software publishers, titles, versions, and number of deployments (can provide a raw list in Excel, using pivot tables to count).
• List of packaged software with versions.
• List of application deployments in the last year (if this can be easily accessed).

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Shadow IT increases when the business is less satisfied with service delivery

In other words, the more dissatisfied organizations are with their business applications, the more likely they will be to go outside of IT to find their own solutions.

What is shadow IT and why can it be a problem?

Shadow IT is often described as any software, service, or device brought into an organization outside of the ownership and control of IT, but in a business-led IT environment, this may not be the case. However, in those circumstances, who owns the applications and who controls them? If there isn’t anyone accountable for visibility and controls, the organization could be at risk.

• Equipment may be purchased directly by end users; however, if it doesn’t meet IT’s specifications, getting it on the network and with appropriate operating system, encryption, and applications can create even more delays and increase the service team’s workload.
• Software or SaaS applications for individuals or departments purchased directly from vendors without IT’s input could cause security breaches and could have data stored in ways that create regulatory risk or is not backed up.
• Unknown applications may not get patched and may create new security threats.
• Renewals are often unplanned and renewed without proper due diligence or are possibly set to automatically renew even if no one is using the software.
• Multiple competing solutions may be in use and incompatible with each other, making file sharing and collaboration difficult or impossible.

Info-Tech Insight

Business leaders and users may not want to buy their own technology, but they feel they must in order to get their work done. They will follow the path of least resistance. It’s up to IT to offer that path of least resistance and provide an easy and reliable way for them to get what they need.

Yet many say shadow IT has its benefits

However, evidence doesn’t point to the need for shadow IT as much as it points to the need for the business to get access to the right tools when they need them.

• Only 21% of IT leaders consider the end-user experience to be a priority when selecting new tools (Ivanti, 2022), so employees often make the best effort with the tools they are provided.
• However, when employees are given the choice to find tools that will better suit the work they are doing, they will.
• Having the right tools can increase innovation and collaboration, increasing agility and driving to competitive advantages for an organization.
• Having tools that allow users to work in the most efficient way possible improves productivity and increases employee satisfaction and engagement. This may include a better user interface, improved integrations or RPA to reduce repetitive tasks and improve data quality.
• These benefits could lead to new or increased revenue streams, reduced costs, or improved customer service and support.

Info-Tech Insight

If the business is forced to buy their own solutions to meet the demands of their work, costs may escalate, risks may escalate, and IT may need to come back in to assist or take over if there are contract, technology, or compatibility issues. Abandoned software may continue to cost the organization money. IT can enable these benefits while still maintaining controls in the right places, through improved service request management.

To improve service and reduce shadow IT, focus on the request management practice

When IT is not providing end users with the technology they need, they will go elsewhere.

What are the reasons IT typically does not respond quickly?

• Lack of equipment standardization, resulting in high costs to inventory or longer waits for shipments of specialized equipment.
• Lack of inventory or creation of individual purchase orders to track incoming equipment. This can result in delays as short as two days or up to two or three weeks.
• Individual purchase orders created for each software request or manual license check can delay by one or several days.
• Existing approved software isn’t good enough to get the job done.
• Lengthy process to vet software coming into the organization, with technicians squeezing in the multi-step request as they are able.
• Requests not approved or deprioritized over more urgent technical issues.

To prevent users from buying their own hardware and software, IT needs to transform the request management process to create a service that makes it easier for the business to access the tools they need, rather than seeking them outside of the organization.

Section 1: Design the Service

• Collaborate with the business
• Identify the challenges and obstacles
• Gain consensus of priorities
• Design the service

Discuss when and how business and IT will collaborate

Source: Management 3.0

Improving the service request process will benefit every relationship type in the green tuner.

1. Discuss with the business what type of engagement they want moving forward.
2. Determine the appropriate service levels for meeting goals.
3. Discuss billing and budget options with the business.
4. Create a request catalog.
5. Fine-tune delivery models for request items.

The scope of the service request management practice will include

• Managing service request models.
• Processing service requests submitted by users or their representatives.
• Managing the fulfillment of service requests according to the agreed models.
• Renewing and continually improving request processing and fulfillment performance.
• Curation of service requests within the service catalog.

Meet with stakeholders to find the right approach to service request management

• Bring together stakeholders to discuss options for improving service request processes.
• Discuss challenges to gain a full picture of the issues and concerns.
• As a group, discuss the types of controls in place and how they may be contributing to the concerns and issues.
• Categorize the controls into three or more groups.
• Spend optimization
• Risk mitigation
• Technical controls/architectural restrictions
• Identify which controls must be in place for regulatory purposes and are immovable.
• Discuss where controls may be negatively impacting the business and whether there is flexibility, such as increasing the financial threshold where approvals are required.

Stakeholders will consist of representatives focused on spend, risk, and service and may include:

• IT steering committee
• Procurement
• Vendor management
• Legal
• IT service desk
• Finance asset management
• Enterprise architecture
• Security
• Portfolio management
• Business representatives

Info-Tech Insight

Ensure executive sponsorship is in place, as service request management may require investment in tools, skills upgrades, and time. There may be a need to negotiate within the stakeholder teams to find the right balance of controls vs. service. Without executive sponsorship, it will be difficult to make progress in a transformational way.

Identify challenges, obstacles and constraints to moving to a full-service model

Brainstorm ways to resolve challenges and mitigate constraints.

1.0 Map the customer journey of technology acquisition to identify pain points

A customer journey map represents the end-to-end process for a customer or user. This provides the ability to map out what is important to the customer or user and understand their reality. The journey map can then be used to map the desired future state.

Ecosystem & Process Checkpoint:

• What is the experience like for the technical team?
• Are there optimization opportunities that will also make the job easier for the technicians?
• How many requests are in the backlog?
• What is the oldest one?
• How long do you take to decline requests?

Example of a customer journey requesting new software

Work with stakeholders to see where priorities can be adjusted to improve service

Decide organizational priorities between IT and the business. The focus on enhancing service while managing risk may have some initial sacrifices in spend optimization, but a strong asset management practice will provide a counterbalance against on-going costs.

1. Discuss with the business what type of engagement they want moving forward.
2. Determine the appropriate service levels for meeting those goals.

Talk to an Info-Tech analyst or download the research Develop an IT Asset Management Strategy to learn more about cost optimization.

Service requests will consist of two product types: standard and nonstandard

Start by designing the process for managing nonstandard product requests. New products coming into the organization create the most friction and typically have the longest delays. Review quickly to either approve or deny, so the requestor knows the next step. This will dramatically improve customer satisfaction and reduce the introduction of unapproved equipment and software.

Streamline the process to assess nonstandard requests

Nonstandard requests are the reason many people skip IT. If the process takes too long, many people will look for other ways to get what they need. When you are looking to improve the process, you will need to review the process and draw in several people from the organization, including:

• Security/ InfoSec: Set risk tolerance for data, privacy, and security standards to protect the organization and data. Determine minimum standards to be met for entrance into the organization
• Business Analyst: Determine which software products are needed for each of the departments they support and should be able to vet initial requests. Not everything needs to be strategic.
• Service Desk: Review software to see if it meets technical standards, will need to provide input into questions asked.
• Operations: Identify what operational capabilities will be required outside of normal process, such as systems monitoring, training or support. Identify the right time to create deployment packages.
• Executives: Provide support, ensure clear communications and authority to build out this process, will need to provide input into questions asked.
• Infrastructure/ Ent. Arch.: May be involved in setting standards for software that requires integrations or will be used by more than a few users, will need to provide input into questions asked.

Categorize reviews into two groups: Veto Power and Operational integrations.

• Determine what is most important to assess for anything new introduced to the IT environment and what is important for ongoing maintenance.
• Streamline the process by adding the veto process at the beginning – quick rejection is easier for the user to accept than waiting weeks to find out they need to find another solution.
• Define objectives and share the reasons for review with the business so they understand why you are assessing new technology.
• Risk assessment and mitigation is something everyone should be familiar with.
• Refer to existing policies when relevant.

To set up a security review process, reference Build a Vendor Security Assessment Service

Design the process to ensure it is consistent and quick

• Determine who the first assessors will be. Ideally, the help desk will be able to do a quick assessment and determine next steps. Determine if they can act as the broker, assessing against defined criteria. If there are any criteria that can be reviewed for approval at this stage, document it. This may include:
  • Hardware to meet accessibility standards for end users
  • New applications from an approved vendor
  • No integrations
  • Below a specific dollar amount
• Identify anything that will be banned from use within the organization.
• The help desk will need to have criteria to know which groups need to be part of the assessment process and will create tasks for routing, as appropriate. If it would appear to be a complex solution and installation, the introduction of a business analyst or project manager may be appropriate.
• The next level of assessment should be where the product is most likely to be declined for use within the organization. Typically, this will be at the security and privacy level. If the product is deemed safe for use within the organization, the approval can be sent.
• Additional reviews may be focused on how the product will be managed within the IT environment rather than determining if the product should be introduced.
• Set a reasonable SLA that will meet the needs of the business and the IT assessors.

Download the Nonstandard Request Assessment template to get started on defining assessment criteria with IT stakeholders.

If the business is looking for an unknown solution, start with Info-Tech’s “Improve Requirements Gathering” blueprint

1.1 Create the nonstandard request assessment process

2-4 hours

1. Form a working group to determine process and criteria for review.
2. Download the templates noted in the materials section.
3. Agree on the objective and document on page 1 of the nonstandard request assessment.
4. Define the process for nonstandard assessments for hardware and software in Part 1. Modify the Visio diagrams in the library to suit your needs or create new.
5. Define criteria to send assessments to each reviewer group. Define exceptions that can be approved at the help desk level.
6. Break into smaller working groups to define assessment criteria for each role.
7. Define categories for rejecting requests and add to Glossary Tab in the Application Portfolio template.

Info-Tech Insight

The primary goal of this exercise is to speed the process to assess software and improve service to the organization while ensuring software is secure and supportable.

Section 2: Design the Service Catalog

• Determine what goes in the catalog
• Create a process to build and maintain the catalog
• Define metrics for the request management process

Create a request catalog to bring visibility to your offerings and improve service

The applications and equipment catalog will be managed as a subset to your service catalog and should ultimately be housed in an ITSM solution to take advantage of workflows to create tickets and optimize deployment.

What goes into the request catalog?

• Applications that have been vetted for use within the organization and may be requested by end users.
• Applications that may be restricted to specific roles or functions within the organization. If your catalog allows viewing by access rights, these can be hidden from everyone but those authorized to use them.
• Forms for nonstandard requests, which could include new software, equipment or small services such as report creation.
• Applications should be categorized and tagged with metadata for easier search.
• Anything that can be automated for deployment should be available through the catalog.

To determine other services for the catalog visit Design and Build a User-Facing Service Catalog

But what about SaaS applications?

Integrate SaaS-specific catalogs if there’s a high volume of cloud applications

SaaS Management solutions may include catalogs as well as functionality to manage cloud assets. Some ITAM and ITSM solutions may also have SaaS catalogs built in.

• SaaS catalogs provide a portal to purchase any SaaS applications approved for access within your organization.
• Integration with SSO allows instant assignment to a user or department when an application is chosen for deployment.
• Users can be automatically provisioned and deprovisioned as they leave the organization or when the software is identified as unused.
• Many solutions have automated invoice collection for asset and spend management.
• Software available in the catalog will be available after it is approved for use within the organization and may have features to help manage and audit regulatory requirements.

Info-Tech Insight

The average organization has 234 SaaS renewals annually. Ensure you have a streamlined process for managing these renewals.

— Source: Zylo, SaaS Management Index Report, 2022.

Add hardware offerings into the catalog and create a process for quick deployment

Set standards that will allow you to keep stock for quick deployment, but with enough variation to cover a few use cases. Most users may be able to work from a low-cost standard machine, with only a small number needing ultra-light or high-processing functionality. A mix of Mac and Windows machines may be required.

• Add standard equipment with available options like additional RAM. Ensure enough stock is available for quick delivery.
• Add nonstandard equipment with descriptions about why someone might need one of these options, such as “Ultra-light” for heavy travelers or ruggedized for field service technicians. Identify SLAs if not kept in stock.
• Include any equipment or accessories approved for use for employees with accessibility needs to make it easy for them to request. Identify SLAs.
• Include accessories such as mice, batteries, security cables. If many people are on-site, these can also be offered through vending machines.

Info-Tech Insight

The deployment process is just as important for fast delivery as the inventory count. If this process also needs a rework, review Info-Tech’s blueprint Simplify Remote Deployment With Zero-Touch Provisioning.

Keep in mind, not everything needs to be added to the catalog

Services directly related to deployment, security, lifecycle, and maintenance do not need to be part of the request process

• Software upgrades and patches should be deployed through release and patch management rather than as individual requests.
• Hardware refreshes will be done as a function of asset or incident management rather than by request.
• Installation and delivery will not be a separate request as fulfillment steps should be assumed.
• Complex installations should involve communications with the requestor to set expectations.
• Change enablement of larger installations may need project managers and may need to be approved by the change advisory board.

Create a process to build and maintain your catalog

Review metrics with the team to monitor service request effectiveness

Ensure metrics tell a story. The story needs to include productivity, service and delivery improvements, and provide data that results in actions and further improvements. Below are a few metrics to get started. Determine how you will use these metrics.

• Completeness of catalog (categories, descriptions, request form, workflows)
• Service requests deployed within SLA (assuming manual deployment will be the issue)
• Service request deployments optimized (#/ %)
• Service request deployments automated (#/ %)
• Service requests deployed (#, $)
• Service requests denied & reasons
• Satisfaction with request process
• Number of nonstandard requests fulfilled
• Time to fulfill nonstandard requests
• # of nonstandard requests added to catalog
• Unused applications uninstalled (asset manager)
• Incident by application (service desk)
• Application use & spend by business unit

2.0 Define the process for managing the request practice

1-2 hours

1. Work with a smaller group focused on the catalog and asset management and deployment processes.
2. Determine what offerings will be listed in the catalog. Will there be anything restricted from being advertised in the catalog?
3. Discuss and document the process for adding new items into the catalog.
4. Discuss and document the process for changing or removing products from the catalog.
5. Define metrics that will enable currency, continual improvement, and customer satisfaction.

Info-Tech Insight

From a customer satisfaction perspective, the request catalog will become an important communication tool and will be the means to set expectations for product availability and delivery.

Section 3: Start Building the Catalog

• Determine descriptions for catalog items
• Create definitions for license types, workflows, and SLAs
• Create a software portfolio
• Design catalog forms and workflows

Determine how catalog items will be displayed

Use categories to organize the various product offerings in the catalog.

If some products will be restricted by role, this may provide a good way to add access rights and visibility. For example, IT and security tools should not be available for the entire organization.

Determine what information will be needed to describe products in the catalog:

• Descriptions should be brief. Where multiple editions are offered, describe editions based on use cases to make it easy to know which edition is right. They could come directly from the manufacturer’s web page, but try to avoid pulling in too much marketing material.
• Do not add version numbers. As the products are upgraded, there may be a need to upgrade descriptions, but in many cases, the upgrades are incremental and won’t be something users are specifically looking for information on.
• Add warranty information where applicable.
• Add SLAs to set expectations for delivery, thereby reducing ETA questions to the help desk and helping people choose between competing products that are in stock vs. special order.

Add prices where it makes sense.

• If the organization wants to provide transparency to encourage good choices, especially when multiple competing products exist, showing price differences makes sense.
• If managers want to see prices before approving or there will be showbacks or chargebacks, price visibility will improve cost optimization outcomes.
• If approvals may be skipped for lower priced items, the workflow can compare against the pricing field to determine whether approvals can be bypassed.

Standardize requests where you can, but prepare for variability from every direction

Customer-introduced variability tends to be the one major factor driving away from efficiency and great customer service. It is impossible to remove variability without directly impacting service, so look for opportunities to streamline the process of managing variables to minimize lost or delayed service fulfillment. Symptoms of these variables may look similar, but responding to each of these variability types may require different approaches.

Arrival Variability

Request arrival patterns may emerge within reporting functions, such as during hiring periods, job shifts and project deployments, but there will always be some variability. Work with HR and the business to determine where volumes may increase. Automate what you can so variability will be easier to manage.

Request Variability

Standardize as much as possible within the product portfolio. Standardization will include vendors, products, versions, and editions to ensure supportability and security. However, IT can’t anticipate every need, so set up a process for nonstandard requests to provide quick turnaround on product review and approvals.

Capability Variability

Capabilities of requestors may vary, with some needing hands-on support and others looking for self-serve with little interaction. Offer channels for both. If self-serve is an easy alternative, people will use it, and this will free up time for those who need additional service levels.

Effort Variability

Effort to deploy will vary depending on request type (e.g. hardware or software), and the license type (e.g. volume license, SaaS software, single installed application, or a department-wide system). Optimize and automate where you can, to spend the effort on the more complex requests and deployments.

Subjective Preference Variability

Subjective preferences may include nonstandard, non-approved products, may include different operating systems or SaaS vs. installed software. On hardware, it could be device type, different product specifications, or delivery location. Determine what add-ons can help with product variability (such as extra RAM) or how to deal with variations in a timely and efficient manner.

Create the list of standard application offerings and their license model

Catalog items can be published as a list or in SharePoint but will allow for easier ordering and deployment if they are added to a service catalog in the ITSM solution. The catalog will connect directly to the service request ticket and launch the workflow. Authenticated users can have much of their information auto-filled, making it easy for them to order through self-serve.

1. Using the application portfolio template, inventory products that have already been approved and are in use within the organization.
2. Review reports available through the software asset management (SAM) group. If SAM is not in place or able to provide reports, run a scan using any inventory products you have and export to Excel. Using pivot tables, reduce the content to a list of titles with the number of installs. Use this as your starting point.
3. Categorize the applications and review how many competing products are in use. Using the installed inventory list, pick the most popular ones to add to the catalog, but note the others in the application portfolio as approved but not added to the catalog. You can set the threshold for approvals for as many as makes sense in your environment.
4. Populate the catalog at any point in the process. You can start with the 20-30 most popular requests and continue to build it out.
5. Identify the license types, workflow types, and subsequent SLAs for each application. (see next two pages).

Use your ITSM portfolio to manage, but if there isn’t one, download the Application Portfolio template to start building your list of software titles for the catalog.

Categorize deployment types to determine application service delivery workflows

Approvals

Discuss approval options with IT and business leaders to see where friction can be reduced.

If budget is a concern, discuss dollar thresholds to reduce the number of approvals needed, and get commitments for time to approve.

License Types

Identify different license types that will require additional steps for approval, purchase, or installation.

Where software can be purchased as a volume license, separate the deployment from the purchase to reduce friction.

Workflows

Create workflows to account for license types and approvals, with an eye to optimization.

In the beginning, optimization of the top 10-20 deployments may be enough, but continual improvement should focus on automation of more applications and updating the SLAs.

SLAs

SLAs will be set for license type, approvals, and workflows. Set reminders for approvers to ensure they allow time to fulfill within the agreed upon SLA.

Schedule purchase and receiving as well as deployment times to ensure SLA is accurate.

Use your ITSM portfolio to manage, but if there isn’t one, download the Application Portfolio template to start building your list of software titles for the catalog.

3.0 Define categories and inventory your software portfolio

Time estimate not available

1. Download the application portfolio template.
2. Review the Glossary tab for reasons for rejecting request, license type, support type, access rights. Column B will be your drop-down menus, so keep the names brief. Review and revise descriptions as you see fit.
3. Within the license type, document approval types required and workflows. Use the workflows to estimate SLAs. Where deployment cannot be automated, add a scheduling buffer.
4. Review categories and revise to suit. Four columns have been left blank for industry-specific categories. Row 9 is the drop-down menu for categories and the columns under each will be subcategory drop-downs.
5. Create the inventory, starting with columns B to E. Fill in additional columns as you are able. Items marked as Yes in the “Add to catalog” field will be moved to the catalog.

Info-Tech Insight

The primary goal of this exercise is to speed the process of assessing software and improve service to the organization while ensuring software is secure and supportable.

Notes on rationalization:

Organizations that have been very generous with application deployment may find themselves with large volumes of applications purchased, deployed, and not used.

Start by collecting usage data through discovery tools and removing any software the reports indicate hasn’t been used in 90 days. Discuss with the business so they don’t repurchase the software if they notice it’s gone.

Determine which solution types are most important to rationalize based on file sharing and information sharing.

Determine which product categories make the most sense to rationalize based on savings opportunities and aim to resolve for major contract renewals. Opportunities may include:

• SaaS renewals at retail price.
• Smaller contracts that could be combined for larger discounts.
• Prices purchased as single-use licenses, which cannot be easily redeployed or reinstalled on replacement machines.

Have discussions with the business before rationalizing – a widely deployed product may not be an indicator of an easy-to-use or valuable product.

Most redundant SaaS functions within an organization:

• Online training classes
• Digital assets
• Team collaboration
• Project management
• Recruiting
• Web conferencing
• File storage & sharing
• Governance, risk & compliance
• Digital analytics
• Domain registration

— Source: Zylo, SaaS Trends for
— Software Asset Managers, 2022

Review your process for equipment deployment

• Equipment deployment managed internally will require accurate record keeping for inventory, and a consistent process for equipment recovery as people leave the organization.
• Lifecycle should be managed to ensure equipment coming back into inventory has been cleaned and is in good condition.
• Equipment should be ready to deploy within a short time of placing the order.
• If equipment is deployed by an MSP, work with the vendor to ensure the product is in stock and ready to ship.
• Work with HR to identify hiring patterns that will require temporary inventory boosts.

Download Simplify Remote Deployment With Zero-Touch Provisioning to learn more about zero-touch deployment.

Design the catalog forms to minimize the effort to submit requests

Standard requests should be simple and quick and should include a minimal number of approvals to reduce delays. Where approvals are needed, add them to the workflows, using automated notifications and reminders so they are not forgotten.

• Create the form to auto-fill with as much information as possible, providing the option for the user to overwrite information if they are putting in a request for someone else.
• Create forms for requesting non-catalog items, with a minimal number of fields.
• Ensure approvals are at the front end of the process to minimize disruption to fulfillment.
• Ensure questions asked are needed primarily to enable approvals and fulfillment. If there will be a need to report on any information related to fulfillment, create a field in the form to collect the data, making it easy to write reports rather than manually scanning ticket content.
• Forms will fill information into the ticket and launch the workflow.

Info-Tech Insight

Where equipment and applications are billed in their entirety to departments, it will be difficult to harvest and redeploy unused equipment and applications to other departments or individuals. Work with the business to reframe and bill for usage rather than title to reduce the challenges introduced with departmental ownership of technology.

Design workflows to determine application service delivery estimates

1. Review the list of workflows needed for the different license types and identify which ones need to be designed and built into the ITSM delivery model. Most ITSM solutions are designed to reuse workflows as often as needed within the service catalog.
2. Design the overarching workflow for software request fulfillment.
3. Design the individual workflows and processes for each individual variation. Examples may include:
   1. No approval, install packaged software.
   2. Approval by business lead, install packaged software.
   3. No approval needed, software purchased, manual installation.
   4. Approval by business lead, software purchased, manual installation.
4. Create the workflows in the ITSM/catalog solution.

Info-Tech Insight

Some SaaS management solutions include catalogs that may dramatically improve the request and deployment workflows and enable easier account closure should the employee leave or no longer need the software.

3.1 Draw existing workflows and critique; streamline each to speed delivery

2-4 hours

1. Download the Visio library to use as a starting point or be inspired.
2. Work with the deployment group to define the methods in place today for service request deployment.
3. Critique, looking for opportunities to streamline or automate, identifying areas where approvals are creating delays. Brainstorm options on how to reduce friction. Note any consultations, negotiations, projects, or tasks that need to be done to make these changes happen.
4. Design forms for requests, aiming to keep them brief, easy to fill in, and providing only the information needed to fulfill the request and create reports; for example, if reporting by cost center is necessary to reduce friction on the approval side, ensure a mandatory cost center field is included.

Info-Tech Insight

The primary goal of this exercise is to streamline the processes and will be a useful visual for demonstrating changes to the IT group, stakeholders, and the business, if needed.

Section 3: Start Building the Catalog

• Create a roadmap
• Determine messaging
• Build a communications plan

Create your roadmap with high-level requirements

• Document the tasks and projects that need to be completed to meet your improvement goals.
• Create a high-level project plan and balance with existing resources.
• Identify any risks or constraints.
• Be realistic with your time frames.

Create a marketing plan to pull users toward your service, emphasizing the benefits of the new methods

Messaging must include the value statement describing how the service is going to make things easier. Decide whether this will be offered as a service to draw people in and make it optional or to push them as a non-optional service. This will impact your messaging.

Service improvement

If the service is as good or better than what users can do on their own, including dealing with the burdens of ownership, they will be more likely to use it.

• Easy-to-find, easy-to-use service catalog for all IT requests.
• All approved products available for delivery.
• Not there? Not a problem! We have an easy-to-fill-out form to request anything not listed.

Service Commitment

Ensure there is consensus on processes and SLAs before making the service catalog live and announcing the great new service. The first impressions will be key to long-term acceptance of the new service

• Red tape has been reduced (removed?) and delivery times are posted for each product.
• Prices include corporate discounts, so will often provide savings over retail purchases.
• New requests will be verified safe for the organization and delivered within one week or less.

Service Currency

Let stakeholders and constituents know about the focus on continual improvement, continual growth, and the addition of products as they are approved, so they keep coming back to see what has been added.

• Catalog has been created with the top 50(?) requests and will continue to add more each week.
• As new versions are introduced, there will be testing, packaging and the product will be made available for new requests.
• Upgrades will be sent out automatically as projects are scheduled, so we can keep everyone current.

Refine your communications for the various stakeholder groups to improve success

Anticipate questions and challenges, remove obstacles, and ensure buy-in.

• Technicians may need to do extra work to help optimize processes and this may dramatically affect how they work long-term.
• The business may feel they’re losing control or won’t get what they need.
• Management may be worried about the impact to their budget.

Buy-in also includes putting fears to rest. Don’t discount the value of clear and continual communication.

Major changes will require multiple communications. Incremental changes as the catalog is built and refined will still need communications to the teams most impacted.

Users will not remember the catalog exists for the first few announcements and may need messaging reinforcement.

Vary the messaging over several stages to meet the broadest audience.

Be sure to answer these questions:

Why? What problems are you trying to solve?
What? What processes will it affect (that will affect me)?
Who? Who will be affected? Who do I go to if I have issues with the new process?
When? When will this be happening? When will it affect me?
How? How will these changes manifest themselves?
Goal? What is the final goal? How will it benefit me?

Let all stakeholders know how to give feedback. Be transparent and act where there is opportunity for improvement

3.0 Create your communications plan

1 hour

1. Using Info-Tech’s Service Request Communications Plan, identify key audiences or stakeholder groups that will be affected by the new service request management practice.

2. For each group requiring a communications plan, identify the following:

1. The benefits for that group of individuals.
2. The impact the change will have on them.
3. The best communication methods for them.
4. The time frame of the communication.

3. Complete this information in a table like the one below:

4. Discuss the communications plan:

1. Will this plan ensure that users are given adequate opportunities to accept the changes being deployed?
2. Is the message appropriate for each audience? Is the format appropriate for each audience?
3. Does the communication include training where necessary to help users adopt any new functions/workflows being introduced?

Appendix

• Contributors
• References
• Alternative approaches

Research Contributors

Seventeen anonymous contributors, plus…
Contributions from Info-Tech Research Group analysts, gathered through healthy debate & discussions

Bryan Tutor — Executive Counselor

Cole Cioran — Managing Partner

David Wallace — Executive Counselor

Denis Goulet — Senior Workshop Director

Fred Chagnon — Principal Research Director

Graham Price — Senior Executive Advisor

Jean Bujold — Practice Lead

Kate Wood — Practice Lead

Kevin Tucker — Principal Research Director

Mark Roman — Managing Partner

Mary VanLeer — Executive Counselor

Michael Fahey — Executive Counselor

Rick Pittman — Vice President

Sallie Wright — Executive Counselor

Scott Bickley — Advisory Practice Lead

Valence Howden — Principal Advisory Director

Bibliography

“2022 SaaS Management Index Report.” Zylo, 2022.

“2022 SaaS Trends for IT Leaders.” Zylo, 2022.

“2022 SaaS Trends for Procurement.” Zylo, 2022.

“2022 SaaS Trends for Software Asset Managers.” Zylo, 2022.

“Delegation Poker & Delegation Board.” Management 3.0, n.d. Web.

“How to Create an Enterprise App Store.” IT Business Edge, 14 Sept. 2016.

“Service Request Management.” ITIL 4 Practice Guide. Axelos, 28 Feb. 2020.

“The Complete Guide to Shadow IT.” Productiv, n.d.

“What is Shadow IT & How Can you Manage It?” Productiv, 23 Nov. 2022.

“What We Do in the Shadows, the Dangers of Hidden IT Behavior.” Ninja RMM, Mar. 2021.

Blanken, Bas. “What Is Shadow IT? Answers to 5 Frequently Asked Questions.” TOPDesk, 2 June 2022.

Frei, Frances X. Breaking the Trade-Off Between Efficiency and Service, Harvard Business Review, Nov. 2006.

Johannessen, Chris and Tom Davenport. “When Low-Code/No-Code Development Works – and When It Doesn’t.” Harvard Business Review, 22 June 2021.

Knowles, Catherine. “Ivanti Puts Spotlight on Power of Employee Digital Experiences.” IT Brief New Zealand, 1 July 2022.

Lohrmann, Daniel. “Shadow IT: A Business Risk or Competitive Advantage?” Govtech, 20 Oct. 2019.

McKendrick, Joe. “Maybe Shadow IT isn’t So Bad After All, Study Suggests.” ZDNet, 17 Oct. 2019.

Morgan-Nelson, Michelle. “The Upside of Shadow IT.” Entrust, 5 Oct. 2019.

Poremba, Sue. “Building Enterprise App Store for BYOD Apps.” IT Business Edge, 13 Sept. 2016.

Alternative Approach

If the business needs to innovate and build out prototypes for proof of concept:

• Not every solution can be fulfilled with commercially available, ready-to-implement solutions.
• Where solutions don’t exist or are new to the organization, consider setting up a working group to focus on innovation.
• This team will be made of up of developers, support, and business stakeholders.
• The team may be a group of 4-6 people focused on bringing forward ideas and taking them through the process to vet for feasibility, prototype the solutions, and build out the business case or move to the next solution.
• To create an innovation group, see the Info-Tech blueprint Kick-Start IT-Led Business Innovation.

Access to a team to help build a proof of concept or proof of value can be valuable for any organization looking to innovate. This approach isn’t standalone and can be done in conjunction with improving the service request process.

Alternative Approach

If the business needs to innovate and build out prototypes, set up a working group.

• Empower the business to adopt the tools they need and want by providing them with a low-code platform, development tools, and commercial off-the-shelf (COTS) software.
• Create a governance model to ensure the business has the tools and training they need, with the flexibility to build and modify their applications as they see fit.
• Create a Center of Excellence (CoE) to support citizen developers and define roles and responsibilities for application owners and managers.
• Determine how the business will be supported and encourage a collaborative relationship.
• To move application ownership to the business, see Info-Tech’s blueprint Embrace Business-Managed Applications.

If using low-code or vendor-led solutions, IT will need to determine how best to support requests that may be ad hoc, urgent, and possibly complex. The business will need to ensure they have the skills and will to create their own solutions, manage content, and create documentation.

Citizen-developed applications require education, support for scaling and integrations, and may not be easily transferred back to IT to manage if the primary product owner leaves. Accountability on renewals and audit requests will also need to be determined.