I have to say, Perth is home to some great SharePoint Talent. MVP Sezai is one prime example and Jeremy Thake is another.

But there is also another colleague of mine who you may or may not know – Tommy Segoro, who is one of those mild-mannered guys who simply gets down to it and produces great things.

Tommy has released a free, open source CMS that sits on top of WSS. Publishing pages, page layouts, the page editing toolbar, all on WSS, without having to upgrade to MOSS at great expense to get the publishing feature.

http://www.codeplex.com/completesharepoint

http://www.completesharepoint.net/Home/Pages/Default.aspx

check it out for yourself!

Oh how times change! I am reading a good book at the moment called "Competing on Analytics – The New Science of Winning" and I hit one particular quote that I have to share with you. It’s one of those statements that makes perfect sense at the time, but is kind of funny when you look at it in the context of recent world events in the financial markets.

…But in other cases, analytics can permanently transform an industry or process. As Money-ball and Liar’s Poker author Michael Lewis points out in talking about investment banking. "the introduction of derivatives and other new financial instruments brought unprecedented levels of complexity and variation to investment firms. The old-school, instinct guys who knew when to buy and when to sell were watching young MBA’s – or worse, PhD’s from MIT – bring an unprecedented level of analysis and brain power to trading. Within 10 years the old guard was gone".

I love that line "analysis and brain power", given the contribution of derivatives to the prospect of a "teensy weensy" global recession. Mind you, how much ‘analytics’ do you think is going into current decisions and company valuations on the stock market?

Where are those old school guys? I want ’em back!! 🙂

I don’t know if you have ever read ISO9001, but it is about as exciting as getting a root canal or trying to listen to a Ricky Martin album with a straight face. But hey, if they were actually interesting, ISO compliance wouldn’t be such a billion dollar industry. Does anybody else use SharePoint for ISO compliance purposes? I’ve done several of them now.

First up, I’ll give you the Cleverworkarounds’ version of ISO9001 and then I’ll teach you how to use it to get your own way 🙂 .

ISO9001 is an internationally recognised standard that provides an organisation with the guiding principles, means and methods to improve their internal quality. If you are wondering what or which quality, then I can’t give you an answer because it depends on your organisation. So for example, Microsoft might use ISO9001 to improve their ability to release a desktop operating system that people actually like. McDonalds may use ISO9001 to ensure that your calorie-laden burger is *consistently* calorie-laden no matter which store you visit.

Continue reading “(ab)using ISO9001 for fun and profit”

This project was not SharePoint, but I have seen some people try and do this with SharePoint. But you can imagine how much stress this project would have caused to participants.

The South Australian government has pulled the plug on its $5 million records management system project, ending a five-year saga plagued by repeated cost blowouts, delays and confusion

http://www.australianit.news.com.au/story/0,24897,24510560-15306,00.html

I can’t help but feel that if this particularly wise and insightful document written by their federal government counterparts had been written a couple of years earlier, some of sting just might have been taken out of this example of expensive project failure.

Many of the most pressing policy challenges for the APS involve dealing with very complex problems. These problems share a range of characteristics—they go beyond the capacity of any one organisation to understand and respond to, and there is often disagreement about the causes of the problems and the best way to tackle them. These complex policy problems are sometimes called ‘wicked’ problems

Critically, tackling wicked problems also calls for high levels of systems thinking. This big picture thinking helps policy makers to make the connections between the multiple causes and interdependencies of wicked problems that are necessary in order to avoid a narrow approach and the artificial taming of wicked problems

Read the full document here:

http://www.apsc.gov.au/publications07/wickedproblems.htm

My little boy will be turning four this weekend. We are hosting one of those parties with a zillion toddlers, copious amounts of candy and a bouncy castle.

He seems to have gotten through the toddler tantrum stage without causing us too much heartache and is now into the philosophical stage where he asks some surprisingly insightful questions. He asked me "Where did the first baby come from?" and so I messed with his head a little with the chicken and egg paradox :-). Other questions that come to mind include, on being woken up by him one morning, "Why do we have blood in our body?", "When I’m all grown up, who will be your little boy?" and "Will I have a little boy when I’m bigger?"

The other day when we were discussing family relations and related terms, he retorted pretty definitively "You are not my parents. You are my Mummy and Daddy!"

So, you can imagine my surprise and amusement when he recently asked me "Why is there fire on the sun?" I mean he’s turning four – how do you answer that?

Rather than try and water it down, I explained it like a tech-guy would. I casually spent about 3 minutes explaining in detail the process of nuclear fusion in the core of a star and how lighter elements fuse into heavier elements, releasing tremendous amounts of energy in the process. He listened intently, not missing a beat. When I had finished my explanation, I asked him if he understood all that I had told him.

Without even the slightest hesitation he said definitively,

"Yes, Daddy."

.. and then went back to playing Wii Sports.

I then realised that he has all the qualifications needed to have a long and very successful career in IT or finance.

Here we go… another Cleverworkarounds waffle!

Now, we all know that Joel Oleson is the Russell Crowe of the SharePoint world! I mean, he’s multi-skilled, loads of talent, has the respect of his peers and has built a well deserved reputation of being one of the best at what he does. (Although unlike Russell I am fairly sure that he has not thrown a telephone at an annoying IT manager in a fit of rage just yet).

But despite his best intentions and with his heart in the right place, Joel is one of the unwitting architects of a butterfly effect that is now plaguing the SharePoint world. One that is now causing much pain and damage to already beleaguered enterprises.

In short, he set the wheels in motion that helped destroy a word via buzzword abuse 🙂 That word is…

"Governance"

See, way, way back in the bowels of time (okay, around 2006), when the stock market was soaring and therefore SOX compliance was being conveniently ignored by investors in equities, Joel’s blog was one of a couple of blogs of any significance SharePoint-wise. He was out there doing his bit for the common good, stressing the importance of governance in the SharePoint world before the word governance was really used in this context. Joel cited this article by Matthew Cain at Gartner which seems to be the root of it all. Now this is perfectly fine and dandy, but Joel made one fatal mistake that we are still feeling the effects of…

He de-nerdified his blog and made this stuff accessible! Thus, somewhere in the world, a marketing person read it and understood just enough syllables to get a gist of what Joel was talking about. Sensing the opportunity to add a new word to glossy brochureware, from that moment forward the true meaning of "governance" was lost forever as the snowball effect of a new buzzword taking root gained momentum. As the snowball rolls faster, more and more vendors get onto the bandwagon, each skewing the definition to suit their own ends.

So now, I am afraid that governance is now irreversibly sliding down the same slippery slope as such luminaries as "convergence", "portal", "ubiquitous", "social networking" and the current cream of the crop – "web 2.0".

…and it’s all Joel’s fault, right? 🙂

So, how to reclaim this word? I don’t know if you can. I have, however, decided to start a social experiment making my own future buzzword. More on that in a minute.

Governance = systems thinking

Before I present my version of what governance really means, I want to enlighten you to an important philosophical concept that underpins governance called "systems thinking" or "the systems approach". Systems thinking approaches problem solving from the perspective that the problem must be looked at as parts of an overall system, rather than focusing on individual outcomes. Wikipedia has quite a nice quote which captures the philosophy nicely.

Systems thinking attempts to illustrate that events are separated by distance and time and that small catalytic events can cause large changes in complex systems. Acknowledging that an improvement in one area of a system can adversely affect another area of the system, it promotes organizational communication at all levels in order to avoid the silo effect.

Either I have been officially typecast, or many organisations are feeling the same pain. The reason I say this is because I’ve been called in to assist organisations that are suffering a crisis of confidence with the SharePoint platform. In each case there are one or more highly visible and persistent problems that are causing user dissatisfaction. That translates to a stressed and under-confident SharePoint/IT project team who are questioning the validity of the SharePoint platform.

My brief in each was to help them pinpoint the root cause of their immediate pain, but in the context of a more holistic review of the SharePoint service to try and identify the gaps that allowed the situation to arise in the first place. The interesting fact about these sites is that they did have governance plans and on the surface of it all, most of the boxes could be ticked.

So, what went wrong?

It all boiled down to this: Stakeholders had a different interpretation of what governance actually means – the curse of a buzzword!. Most stakeholders in fact were more interested in the fact that they had a thirty page document someone wrote with "Governance plan" in the title and thought "okay that’s done, what’s next?".

This is not a systems thinking approach and therefore, this is not good governance. In fact, it really has missed the point entirely.

"SharePoint Assurance" is the new buzzword :-) 

At the end of the day, there are two immutable facts of working life.

1. We are all accountable to someone. Whether it is the board of directors being accountable to shareholders or the guy on the helpdesk being accountable to his operational manager, the vast majority of us are tasked with various responsibilities that our performance is judged on. If we fail to perform to the expectations, we not only let ourselves down, but we can adversely affect others.

2. We all want to go home from work, secure in the knowledge that we performed what was expected of us and we are still going to have a job tomorrow.

Both of these facts underpin the principle that we are all cogs in a complex organisational machine where our individual (and organisation-wide) fate is reliant on each other in complex, often implicit interdependencies.

Governance therefore is all about providing assurance. If you do not provide assurance, you will have fear, uncertainty and doubt. Take a look at the stock markets crashing around the world. Clearly assurance is in extremely short supply!

A Social Experiment

Now what I want to do twofold. For some strange reason I see the funny side of creating a new buzzword and see how long it takes to get to a brochure. Thus I am officially raising a virtual flag and laying claim to being the first person to use the term "SharePoint assurance" instead of SharePoint governance. (at the time of a writing a google search on this phrase yields only 5 hits).

Once you see the term in a marketing brochure, please let me know 🙂

But on a more serious note, I think that assurance in the SharePoint space can be done a lot better than it is and I have a few ideas on how this can be achieved.

More (hopefully much more) on this topic area soon…

Thanks for reading

Paul Culmsee

Arno over at Sharepoint Magazine has published part 5 of my "Leave Form Tribute" series of articles. This latest article is a bit of a graduation from the first four, that were pitched squarely at new users. In part 5 we are now getting into the more advanced stuff – like attempting to explain web services to the masses 😉 I have found this to be a very challenging article to write.

Read it now!

(Nerds are going to find this post dead boring).

Before I start, let me state that I am a believer in the Honey and Mumford theory of learning styles, as well as the Marston DISC assessment. I think both are closely related, and go some way to explaining many mysteries of the world like – "Why are there Metrosexuals?", "Why doesn’t everyone listen to Opeth?" and most importantly of all "What goes on in the strange world that is the engineer mind"?

"Engineer mind"?

Don’t bother googling that term because I made my own definition. I’m really referring to tech nerds generally, but the definition actually extends beyond nerds to a certain type of personality that tends to be a combination of an Activist learning style with a Steady/Conscientious DISC profile.

The point is that engineer minded people live in a factual world. Questions are factual and answers are usually pretty absolute. An engineer’s dogma also has a way to make facts more ‘factual’ in their eyes as well.

For a chunk of the rest of humanity, factual questions are not quite that factual. In many contexts, particularly political ones, a factual question is often open to more liberal interpretation.

This is in essence why engineers dress badly and sales people commonly exhibit metrosexual tendencies. 🙂

Continue reading “It’s all in the way you ask the question…”

Had a good laugh over at the register today with this anti google article written by Ted Dziuba. I am his newest fan.

http://www.theregister.co.uk/2008/09/22/dziuba_anti_revolution/

The laughter came from the fact that its very well written with a ton of sarcasm. The google bash is actually secondary to the underlying message about panacea and bandwagonning that all vendors are guilty of

If there’s one thing all engineers love to do, it’s create APIs. It’s so awesome because you can draw on a white board and feel like you put in a good day’s work, despite having solved no real, actual problems. Web 2.0 engineers, in addition to their intrinsic love of APIs, have a real hard-on for anything having to do with a social network … This situation gets really dangerous when you start to involve people from San Francisco. Every person who lives in San Francisco has the intention of starting a nonprofit organization of some sort. Therefore, if you collect a bunch of Web 2.0 engineers in San Francisco, the inevitable outcome is the OpenSocial Foundation: a nonprofit organization that only exists to support an API for programming social network applications

If I could get away with his sarcasm I would 🙂

Paul Culmsee

I think as you age, you become more and more like your parents. Not so long ago I went out paintballing with some friends and we all agreed that the 16-18 year olds who also happened to be there were all obnoxious little twerps who needed a good kick in the rear. At the same time, we also agreed that we were just as obnoxious back when we were that age. Your perspective changes as you learn and your experience grows, but you don’t forget where you came from.

I now find myself saying stuff to my kids that my parents said to me, I think today’s music is crap, I have taken a liking to drinking quality scotch. Essentially all I need now to complete the metamorphosis to being my father is for all my hair to fall out!

So when I write an article whining about an assertion that IT has a credibility issue and has gone backwards in its ability to cope with various challenges, I fear that I have now officially become my parents. I’ll sound like grandpa who always tells you that life was so much simpler back in the 1940’s.

Consequences of complexity…

Before I go and dump on IT as a discipline, how about we dump on finance as a discipline, just so you can be assured that my cynicism extends far beyond nerds.

I previously wrote about how Sarbanes Oxley legislation was designed to, yet ultimately failed to, provide assurance to investors and regulators that public companies had adequate controls over their financial risk. As I write this, we are in the midst of a once in a generation-or-two credit crisis where some seven hundred billion dollars ($700,000,000,000) of US taxpayers’ money will be used to take ownership of crap assets (foreclosed or unpaid mortgages).

Part of the problem with the credit crisis was through the use of "collateralized debt obligations". This is a fancy, yet complex, way of taking a bunch of mortgages, and turning them into an "asset" that someone else who has some spare cash invests in. If you are wondering why the hell someone would invest in such a thing, then consider people with home loans, supposedly happily paying interest on those mortgages. It is that interest that finds its way to the holder (investor) of the CDO. So a CDO is supposedly an income stream.

Now if that explanation makes your eyes glaze over then I have bad news for you: that’s supposed to be the easy part. The reality is that the CDO’s are actually extremely complex things. They can be backed by residential property, commercial property, something called mortgage backed securities, corporate loans – essentially anything that someone is paying interest on can find its way into a CDO that someone else buys into, to get the income stream from the interest paid.

To provide "assurance" that these CDO’s are "safe", ratings agencies give them a mark that investors rely upon when making their investment. So a "AAA" CDO is supposed to have been given the tick of approval by experts in debt instrument style finance.

Here’s the rub about rating agencies. Below is a news article from earlier in the year with some great quotes

http://www.nytimes.com/2008/03/23/business/23how.html?pagewanted=print

Credit rating agencies, paid by banks to grade some of the new products, slapped high ratings on many of them, despite having only a loose familiarity with the quality of the assets behind these instruments.

Even the people running Wall Street firms didn’t really understand what they were buying and selling, says Byron Wien, a 40-year veteran of the stock market who is now the chief investment strategist of Pequot Capital, a hedge fund. “These are ordinary folks who know a spreadsheet, but they are not steeped in the sophistication of these kind of models,” Mr. Wien says. “You put a lot of equations in front of them with little Greek letters on their sides, and they won’t know what they’re looking at.”

Mr. Blinder, the former Fed vice chairman, holds a doctorate in economics from M.I.T. but says he has only a “modest understanding” of complex derivatives. “I know the basic understanding of how they work,” he said, “but if you presented me with one and asked me to put a market value on it, I’d be guessing.”

What do we see here? How many people really *understand* what’s going on underneath the complexity?

Of course, we now know that many of the mortgages backing these CDO’s were made to people with poor credit history, or with a high risk of not being able to pay the loans back. Jack up the interest rate or the cost of living and people foreclose or do not pay the mortgage. When that happens en masse, we have a glut of houses for sale, forcing down prices, lowering the value of the assets, eliminating the "income stream" that CDO investors relied upon, making them pretty much worthless.

My point is that the complexity of the CDO’s were such that even a guy with a doctorate in economics only had a ‘modest understanding’ of them. Holy crap! If he doesn’t understand it then who the hell does?

Thus, the current financial crisis is a great case study in the relationship between complexity and risk.

Consequences of complexity (IT version)…

One thing about doing what I do, is that you spent a lot of time on-site. You get to see the IT infrastructure  and development at many levels. But more importantly, you also spend a lot of time talking to IT staff and organisation stakeholders with a very wide range of skills and experience. Finally and most important of all, you get to see first hand organisational maturity at work.

My conclusion? IT is completely f$%#ed up across all disciplines and many will have their own mini equivalent of the US $700 billion dollar haemorrhage. Not only that, it is far worse today than it previously was – and getting worse! IT staff are struggling with ever accelerating complexity and the "disconnect" between IT and the business is getting worse as well. To many businesses, the IT department has a credibility problem, but to IT the feeling is completely mutual 🙂

You can find a nice thread about this topic on slashdot. My personal favourite quote from that thread is this one

Let me just say, after 26 years in this business, of hearing this every year, the systems just keep getting more complex and harder to maintain, rather than less and easier.

Windows NT was supposed to make it so anyone who could use Windows could manage a server.

How many MILLION MSCEs do we have in the world now?

Storage systems with Petabytes of data are complex things. Cloud computing is a complex thing. Supercomputing clusters are complex things. World-spanning networks are complex things.

No offense intended, but the only people who think things are getting easier are people who don’t know how they work in the first place

Also there is this…

There are more software tools, programming languages, databases, report writers, operating systems, networking protocols, etc than ever before. And all these tools have a lot more features than they used to. It’s getting increasingly harder to know "some" of them well. Gone are the days when just knowing DOS, UNIX, MVS, VMS, and OS/400 would basically give you knowledge of 90% of the hardware running. Or knowing just Assembly/C/Cobol/C++ would allow you to read and maintain most of the source code being used. So I would argue that the need for IT staff is going to continue to increase.

I think the "disconnect" between IT and Business has a lot more to do with the fact that business "knows" they depend on IT, but they are frustrated that IT can’t seem to deliver what they want when they want it. On the other side, IT has to deal with more and more tools and IT staff has to learn more and more skills. And to increase frustration in IT, business users frequently don’t deliver clear requirements or they "change" their mind in the middle of projects….

So it seems that I am not alone 🙂

I mentioned previously that more often than not, SQL Server is poorly maintained – I see it all the time. Yet today I was speaking to a colleague who is a storage (SAN) and VMware virtualisation god. I asked him what the average VMware setup was like and his answer was similar to my SQL Server and SharePoint experience. In his experience, most of them were sub-optimally configured, poorly maintained, poorly documented and he could not provide any assurance as to the stability of the platform.

These sorts of quality assurance issues are rampant in application development too. I see the same thing most definitely in the security realm too.

As the above quote sates, "it’s increasingly harder to know *some* of them well". These days I am working with specialists who live and breathe their particular discipline (such as storage, virtualisation, security or comms). Those disciplines over time grow more complex and sub-disciplines appear.

Pity then, the poor developer/sysadmin/IT manager who is trying to keep a handle on all of this and try to provide a decent service to their organisation!

Okay, so what? IT has always been complex – I sound like a Gartner cliche. What’s this got to do with SharePoint?

Consequences of SharePoint complexity…

SharePoint, for a number of reasons, is one of those products that has a way of really laying bare any gaps that the organisation has in terms of their overall maturity around technology and strategy.

Why?

Because it is so freakin’ complex! That complexity transcends IT disciplines and goes right to the heart organisational/people issues as well.

It’s bad enough getting nerds to agree on something, let alone organisation-wide stakeholders!

Put simply, if you do a half-arsed job of putting SharePoint in, you will be punished in so many ways! The simple fact is that the odds are against you before you even start because it only takes a mistake in one particular part of the complex layers of hardware, systems, training, methodology, information architecture and governance, to devalue the whole project.

When I first started out, I was helping organizations get SharePoint installed. However lately I am visiting a lot of sites where SharePoint has already been installed, but it has not been a success. There are various reasons;I have cited them in detail in the project failure series, so I won’t rehash all that here. (I’d suggest reading parts three, four and five in particular).

I am firmly of the conclusion that much of SharePoint is more art than science, and what’s more, the organisation has to be ready to come with you. Due to differing learning styles and poor communication of strategy, this is actually pretty rare. Unfortunately, IT are not the people who are well suited to "getting the organisation ready for SharePoint."

If that wasn’t enough, then there is this question. If IT already struggle to manage the underlying infrastructure and systems that underpin SharePoint, then how can you have any assurance that IT will have a "governance epiphany" and start doing things the right way?

This translates to risk, people! I will be writing all about risk in a similar style to the CFO Return on Investment series very soon. I am very interested in methods to quantify the risk brought about by the complexity of SharePoint and the IT services it relies on. For me, I see a massive parallel from the complexity factor in the current financial crisis and I think that a lot can be learned from it. SOX was supposed to provide assurance and yet did nothing to prevent the current crisis. Therefore, SOX represents a great example of mis-focused governance where a lot of effort can be put in for no tangible gain.

A quick test of "assurance"…

Governance is like learning to play the guitar. It takes practice, and it does not give up its secrets easily and despite good intent, you will be crap at it for a while. It is easy to talk about, but putting it into practice is another thing.

Just remember this. The whole point of the exercise is to provide *assurance* to stakeholders. When you set any rule, policy, procedure, standard (or similar), just ask yourself: Does this provide me the assurance I need that gives me confidence to vouch for the service I am providing? Just because you may be adopting ITIL principles, does *not* mean that you are necessarily providing the right sort assurance that is required.

I’ll leave you with a somewhat biased, yet relatively easy litmus test that you can use to test your current level of assurance.

It might be simplistic, but if you are currently scared to apply a service pack to SharePoint, then you might have an assurance issue. 🙂

Thanks for reading

Paul Culmsee

www.sevensigma.com.au