The ultimate goal of Application Readiness is to establish an automated, end-to-end process for managing applications over their entire lifecycles, from acquisition to retirement. That requires standardization of process steps, seamless integration within and across steps, and a high degree of automation. It also requires integration with other related business processes such as software license compliance and software deployment processes.
Flexera has defined an Application Readiness Maturity Model that provides a framework for continual improvement of Application Readiness maturity (See Figure 2.). An organization may be positioned at different levels of maturity for different steps. For example, an organization may be at level 1 in the Identify step and at level 2 in the Fix and Package step.
Use the model as a guide to assess your current processes and determine what you can do to improve them. The business benefits are compelling and include dramatic acceleration of application delivery, lower costs due to increased efficiency, and faster adoption of new applications and technologies.
By understanding where you’re positioned in the maturity model, you will be better able to chart a path to higher levels of business value. You can identify where you can make improvements, analyze the steps needed to move up the maturity curve, and prioritize which steps are most critical. Each step yields incremental efficiencies, resulting in faster and more reliable application delivery, lower costs and decreased risk.
Moving Up the Maturity Curve
This post describes the typical characteristics of an organization at the very early stages of Application Readiness Maturity.
At this level, the IT staff performs only basic packaging. The attitude here is “just get the job done.” IT handles all requests in a one-off manner, resulting in ad hoc provisioning and procurement. There is no process standardization and no alignment of the different teams involved in the entire end to end process.
In an organization that is at this level, the mostly manual process could proceeds as follows:
• The line of business or application owner requests an application using a free-form help desk ticket or email. A problem here is that free-form entry is subject to incomplete information and prone to error.
• The request is forwarded to the packaging team. The team does not validate the request or check to see if the application has been licensed. The application owner assumes that responsibility.
The packaging team does not perform any application compatibility assessments, but instead relies on vendor documentation. IT then waits for users to call with issues.
• There is no planning.
• The packaging team, necessarily made up of highly-skilled technicians, does whatever it takes to package the requested application. Packaging is done in a one-off manner and project by project.
• The packaging team manually hands the application off to the software deployment team with no specific information on how to move the application to the deployment system. It is manually imported to Microsoft SCCM for deployment.
The process is highly inefficient and results in poor service levels and high costs in fulfilling application requests. The time from request to fulfillment can be weeks or even months. Tackling desktop virtualization projects or application virtualization can be difficult and resource consuming.
Because there is no compatibility testing and no user acceptance testing (UAT), the deployed application may have issues. It’s up to the user to find and report them. This often results in low user satisfaction and an increased load on the service desk. Also, because there is no standardization, deployed applications tend to be expensive to maintain and upgrade.
The process subjects the organization to considerable risk. That includes the risk of non-compliance from un-licensed or unauthorized applications. There is also a high audit risk and possible unbudgeted expenses at vendor true-up time. What’s more, there’s the risk of application sprawl due to lack of in-place controls. Unmanaged mobile apps present even more risk that IT may not be aware of, including accessing data like calendars, email, GPS, and social networks.
Key recommendations if this sounds like your organization:
• Create a central application repository – In ITIL this is referred to as a Definitive Media Library (DML) and contains the approved and authorized media files for all applications in the enterprise production environment. Having a single place to manage application compatibility testing and assessment for all software installed into the production environment will reduce risk and enable approved software to be redeployed quickly when required.
• Standardize application packaging processes – Documenting best practices for application packaging and following a consistent processes for deploying physical, virtual and even mobile applications to the end user community can improve the speed and the quality of the applications you deliver.
Contact us to learn more about the maturity Model and to assess your organization’s maturity in the process.