MEA01: Managed Performance and Conformance Monitoring
Collect, validate and evaluate enterprise and alignment goals and metrics. Monitor that processes and practices are performing against agreed performance and conformance goals and metrics. Provide reporting that is systematic and timely.
Provide transparency of performance and conformance and drive achievement of goals.
MEA02: Managed System of Internal Control
Continuously monitor and evaluate the control environment, including self-assessments and self-awareness. Enable management to identify control deficiencies and inefficiencies and to initiate improvement actions. Plan, organize and maintain standards for internal control assessment and process control effectiveness.
Obtain transparency for key stakeholders on the adequacy of the system of internal controls and thus provide trust in operations, confidence in the achievement of enterprise objectives and an adequate understanding of residual risk.
MEA03: Managed Compliance with External Requirements
Evaluate that I&T processes and I&T-supported business processes are compliant with laws, regulations and contractual requirements. Obtain assurance that the requirements have been identified and complied with; integrate IT compliance with overall enterprise compliance.
Ensure that the enterprise is compliant with all applicable external requirements.
MEA04: Managed Assurance
Plan, scope and execute assurance initiatives to comply with internal requirements, laws, regulations and strategic objectives. Enable management to deliver adequate and sustainable assurance in the enterprise by performing independent assurance reviews and activities.
Enable the organization to design and develop efficient and effective assurance initiatives, providing guidance on planning, scoping, executing and following up on assurance reviews, using a road map based on well-accepted assurance approaches.
SAFe spans across all life cycle stages of ITIL and corresponding COBIT domains. As SAFe principles and practices are leverage from Lean, Agile, Enterprise Architecture, DevOps practices, the emphasis is on Agility. The waterfall and control practices of ITIL, COBIT are not emphasised. SAFe defines five competencies and four configurations. The configurations provide a clear blueprint for scalability which was lacking in other Agile frameworks.
SAFe is released on 2011 and has gone periodic revisions. The industry adoption among large enterprises, especially in the USA is cited. As the scope of SAFe is quite broad, there are no dedicated tools to support. However, the tools that support Agile can be leveraged. It will be good to get an integrated tool that supports the full spectrum of SAFe practices including Lean Budgets, Value Streams, Enterprise Architecture, Release Train Management etc.
SAFe provides very good training support including certification. Accredited trainers are available in many countries.
SAFe is not intended for a formal assessment.
(4 / 5)
(3 / 5)
(2 / 5)
(5 / 5)
(0 / 5)
Competencies and Configurations
SAFe is organised based on competencies and “configurations”. There are five competencies.
The Lean-Agile Leadership competency describes how Lean-Agile Leaders drive and sustain organizational change and operational excellence by empowering individuals and teams to reach their highest potential. They do this by learning, exhibiting, teaching, and coaching SAFe’s Lean-Agile mindset, values, principles, and practices.
Team and Technical Agility
The Team and Technical Agility competency describes the critical skills and Lean-Agile principles and practices that are needed to create high-performing Agile teams who create high-quality, well designed technical solutions.
Team agility is the first half of this competency. Agile teams operate as a collaboration between the Business Owners, developers, and testers to create alignment, common understanding, and quick, predictable delivery of value. These teams have the authority and accountability to manage their own work, increasing productivity, and reducing overall speed-to-market. Agile teams commit to small batches of work, reducing feedback cycles, and adjusting to changing needs.
Technical agility, the second half of this competency, defines the Agile Software Engineering principles and practices teams use to deliver solutions quickly and reliably. Agile Software Engineering adds Lean-Agile values and principles and eXtreme Programming (XP) practices, agile modeling, proven approaches for software design, and more.
DevOps and Release-on-Demand
The DevOps and Release on Demand competency describes how implementing DevOps and a continuous delivery pipeline provides the enterprise with the capability to release value, in whole or in part, at any time necessary to meet market and customer demand.
Business Solutions and Lean Systems
The Business Solutions and Lean Systems Engineering competency describes how to apply Lean-Agile principles and practices to the specification, development, deployment, and evolution of large, complex software applications and cyber-physical systems.
Lean Portfolio Management
The Lean Portfolio Management competency describes how an enterprise implements Lean approaches to strategy and investment funding, Agile portfolio operations, and Lean governance.
Configurations are determined depending of the scope of the implementation.
There are four configurations:
The Essential SAFe configuration is the basic building block for all SAFe configurations and is the simplest starting point for implementation. It provides the Lean-Agile Leadership competency, the Team and Technical Agility competency, and the DevOps and Release on Demand competency.
Large Solution SAFe:
The Large Solution SAFe configuration introduces the Business Solutions and Lean Systems Engineering competency, which supports those building the largest and most complex solutions that require multiple Agile Release Trains and Suppliers, but do not require portfolio-level considerations.
The Portfolio SAFe configuration provides the Lean Portfolio Management competency which aligns portfolio execution to enterprise strategy. It organizes development around the flow of value through one or more value streams.
Portfolio SAFe provides business agility through principles and practices for portfolio strategy and investment funding, Agile portfolio operations, and Lean governance.
The Full SAFe configuration includes all Five Core Competencies of the Lean Enterprise. It is the most comprehensive version of the Framework and supports enterprises that build and maintain a portfolio of large and complex solutions.
SAFe requires multiple skills including Governance, Enterprise Architecture, Portfolio Management, Systems Development and Management, Software Design,
SFIA skills includes both predictive project management (water-fall approach) and adaptive approaches like Agile.
Lean Six Sigma is a structured methodology to improve the business and IT processes. Depending upon the scope of implementation Lean Six Sigma can be defined as philosophy, methodology, tool set or metrics. 1
Lean Six Sigma is a combination of two improvement methodologies – “Lean” and “Six Sigma”. Lean focuses on reducing the non-value activities in a process sequence of delivering a service/product to customers. Six-Sigma is a structured approach employing various statistical tools to improve the performance.
In the current business environment, “Lean” can be deployed without combining with Six-Sigma. However, Six-Sigma is always deployed as “Lean Six Sigma”.
Six Sigma is based on statistical process control which is centuries old. The Six Sigma as we know was introduced by Motorola and publicly shared after 1988.
The focus of industry adoption in the context of IT Service Management or Enterprise Service Management is not as high as the adoption in manufacturing sector.
Lean Six Sigma practitioners use statistical tools include Advanced Excel, SPSS and Minitab. These are generic tools and not tailored for Six Sigma and IT Service Management.
Until a decade ago, each enterprise adopted their own Lean Six Sigma certification programs. The curriculum and rigour varied between the companies. Currently there are independent certification providers.
Lean Six Sigma does not support any assessment.
(5 / 5)
(4 / 5)
(3 / 5)
(3 / 5)
(0 / 5)
Lean Six Sigma can be implemented as part of Continual Service Management life cycle of ITIL. It should be noted that Lean Six Sigma is not specific to IT and can be used to improve any business process.
Lean Six Sigma typically follows the following process approach.2. The approach can be tailored by different projects depending upon the nature of improvement or design. The process stages need not be linear and often involve iterative loops.
Define the problem, improvement activity, opportunity for improvement, the project goals, and customer (internal and external) requirements.
Measure process performance.
Analyze the process to determine root causes of variation, poor performance (defects).
Improve process performance by addressing and eliminating the root causes.
Control the improved process and future process performance.
The International Association for Six Sigma Certification (IASSC) is a Professional Association that is an independent certification body that accredits training providers. IASSC certifications do not mandate project completion as a requirement of certification
ITIL specialist and Masters level certification can be one path way to develop the skills in Continual Service Improvement. In addition, Lean Six Sigma certification can be considered to specialise in CSI.
The purpose of the information security management process is to align IT security with business security and ensure that the confidentiality, integrity and availability of the organisation’s assets, information, data and IT services always matches the agreed needs of the business.
The objectives of Information Security Management are to ensure that:
Information is observed by or disclosed to only those who have a right to know (confidentiality)
Information is complete, accurate, and protected against unauthorized modification (integrity)
Information is available and usable when required, and the systems that provide it can appropriately resist attacks and recover from or prevent failures (availability)
Business transactions, as well as information exchanges between enterprises or with partners, can be trusted (authenticity and non-repudiation
The purpose of the IT service continuity management process is to support the overall Business Continuity Management (BCM) process by ensuring that the IT service provider can always provide minimum agreed business continuity related service levels. To achieve this outcome, business and IT identify and manage the risks.
The objectives of ITSCM are to:
Produce and maintain a set of IT service continuity plans that support the overall business continuity plans
Ensure that the continuity plans are maintained in line with the changing business impacts and requirements
Conduct regular risk assessment and management exercises
Provide guidance to other areas of business regarding IT service continuity
Ensure that appropriate continuity mechanisms are put in place
Ensure the IT changes are assessed on their impact of service continuity
Negotiate and agree contracts with suppliers for the provision of the necessary recovery capacity
SFIA Continuity Management addresses the skills requirement for IT Service Continuity Management.
The purpose of Capacity Management process is to ensure that the capacity of IT services and IT infrastructure meet the agreed capacity and performance related requirements. Capacity management should consider both current and future needs of the business and address the capacity needs in a cost effective and timely manner.
The objectives of capacity management are to:
Produce and maintain an appropriate and up-to-date capacity plan, which reflects the current and future needs of the business
Provide advice and guidance to other areas of the business on capacity and performance related issues
Ensure that service performance achievements meet targets
Assist with the diagnosis and resolution of performance and capacity related incident and problems
Assess the impact of all changes on the capacity plan
Ensure that proactive measures to improve the performance of services are implemented in a cost-effective manner
SFIA Capacity Management addresses the skills required.
The purpose of the availability management process is to ensure that the level of availability delivered in all IT services meets the agreed availability needs and service level targets. Availability management is concerned with meeting both the current and future availability needs of the business.
The objectives of availability management are to:
Produce and maintain an appropriate and up-to-date availability plan that reflects the current and future needs of the business
Provide advice and guidance to all other areas of the business and IT on all availability related issues
Ensure that service availability achievements meet all their agreed targets by managing services and resources related availability performance
Assist with the diagnosis and resolution of all availability related incidents and problems
Assess the impact of all changes on the availability plan and the availability of all services and resources
Ensure that proactive measures to improve the availability of services implemented
SFIA skill Availability Management addresses the skills required.
The goal of ITIL Service Level Management is to ensure that agreed levels of current IT services are provided, and future services can be delivered within agreed targets. The objectives of Service Level Management are to:
Define, document, agree, monitor, measure, report and review the level of IT services provided
Investigate corrective actions when necessary
maintain good relationships with both business and customers
Ensure that specific and measurable targets are developed for all IT services
Ensure clear and unambiguous expectations of the delivered service levels
Implement proactive measures for service level improvement whenever costs can be justified.
SFIA skill Service Level Management addresses the skills for SLM. SFIA considers the skill as a senior leadership skill (level 7).