In addition to showcasing your executive experience and accomplishments, effective and targeted personal branding can demonstrate thought leadership and expertise within specific domain areas, as well as make a statement about your core values, character, and attitude. It can also help you move roles, whether from an operational “keep the lights on” CIO position to a more forward-looking innovative one (or vice versa), or even a CDO, COO or CEO role.

There’s a financial component, too. The Thinkers360 2023 B2B Thought Leadership Outlook study, conducted in association with the British Computer Society (BCS), found that over 86% of thought leadership creators rate their content as adding over 25% to the brand premium they command in the marketplace, and over 48% stated it added over 75%.

So no matter where you are in your personal branding journey, here are 10 best practices to help you maximize your personal brand both in the near-term and throughout your career.

Determine your commitment to personal branding – This is the “why” of your personal brand. What do you want your legacy to be? What do you want to be known for? Think about your personal branding goals for this year, but also where you want to be in up to 10 years’ time. It’s fine to adjust your personal brand as well. For example, if you’re known for your expertise in emerging technologies, it makes sense to keep your brand up to date with the latest trends (while being careful not to spread yourself too thin attempting to cover too many topics).

Pick your thought leadership persona – As a CIO, your primary persona is likely that of an executive, but think about other thought leadership personas that can help to amplify your primary persona. This might be as an author, influencer or speaker, for example, from your perspective as a CIO. If you’re uncomfortable with keynote speaking, you can be just as effective as a panelist at industry events and conferences, or on the receiving end of media interviews. The most important thing is to choose a persona that’s authentic to your personality and something you enjoy doing.

Pick your area of expertise – Once you’ve chosen your thought leadership persona, you’ll want to think about the area of expertise you’d like to anchor to your personal brand. This might be your CIO role itself, or even a specific technology or leadership discipline such as artificial intelligence, machine learning or change management. For example, Claire Rutkowski, CIO of infrastructure engineering software company Bentley Systems, gives advice from her perspective with actionable insights such as her experience with ProSci’s ADKAR model, which can be useful for change enablement.

Start small – If you’re new to thought leadership and wish to add this aspect to your personal brand, you can often start small with a ‘land and expand’ approach. Start small with an article or blog, a media interview, a speaking slot at an industry event or conference, or even by entering some suitable industry awards. This all builds credibility, adds to your personal profile, portfolio, and media kit, and can help land your next “win” such as a book, a keynote, or a major award, such as the CIO 100 Awards. When selecting any of these outlets, choose wisely, since your personal brand will be shaped by the brands you associate with.

Amplify your personal brand – The Thinkers360 study found that specialist communities were the number-one destination for access to thought leadership content by readers, and a top-three destination for thought leaders to disseminate their content after social media and individual web sites. Depending on the business model, these specialist communities can often help you to build, amplify and monetize your personal brand as well.

Use your career journey to tell your brand story – Your life experiences and career journey all tell a story about your personal brand. Think about the various career moves you’ve made over the years, the rationale for each move, and how this helps to shape the narrative about your personal brand. This may also help influence your next move too.

Round out your competency over time – Once you’ve become a world-class author, influencer, or speaker (no small feat in itself), the next step is to round out your skills so you’re even more versatile. Gartner encourages this among their analysts and advisors, so they develop their skills not only in terms of one-on-one advising and writing research reports, but also in public speaking in front of both small private groups and large audiences at conferences. This helps to develop skills to best connect with your audience regardless of the context.

Use your personal branding to promote your organization – As a CIO, you can be an excellent employee advocate for your own organization, and many CIOs do this to a greater or lesser extent based on personal preference. This may involve piloting solutions internally before they’re released to the public, and helping with internal case studies. Many CIOs, not only pilot internally, but hit the road with other members of the C-suite to meet with key clients and share their experience.

Make your content insightful, engaging, and actionable – The Thinkers360 study found that thought leadership consumers cited insightful (94%), forward-looking (90%), engaging (89%), relevant (88%) and actionable (84%) as extremely important or very important attributes of thought leadership. In an era of increased competition for attention, thought leaders plan to cut through the noise by making their content highly actionable (73%), multichannel (59%), and shared via specialist communities (55%).

Treat your personal brand as your most valuable asset – According to Tom Koulopoulos, author of Revealing the Invisible, the great myth of the Internet is if you have volumes of great content, you don’t need to worry about creating a thought leadership brand. This is no truer for a thought leader brand than it is for a corporate brand. In many ways you must be more vigilant about how you present yourself to the market, prospects, and clients. His advice is to craft, curate, and care for your brand as though it were your most important asset, because it is.

As a CIO, you’ve put a lot of energy into advancing your organization and its mission. Putting some energy into your personal branding is well worth the effort and it will benefit your organization too.

Careers, CIO, IT Leadership

In an IT marketplace marked by turbulence, inflation, and economic uncertainty, the process of contracting with vendors for technology products and services has gotten significantly more challenging for CIOs.

IT leaders may find that prices are going up without an accompanying increase in benefits, with technology providers — less dependent on any one industry or geography — taking a harder line on deals, says Achint Arora, a partner in the pricing assurance practice at Everest Group.

“Prices are increasing, and negotiation is becoming more difficult,” agrees Melanie Alexander, senior director analyst on Gartner’s sourcing, procurement, and vendor management team. “Vendors are not granting the same concessions they have in the past.”

Evolving regulations related to data privacy, data sovereignty, and responsible AI further complicate matters as customers and vendors work out the responsibility and costs of meeting increasingly stringent requirements.

What’s more, technology contracts are often multilayered. The SaaS provider you’re negotiating with may be constrained by its own deals with IaaS vendors and IT service providers.

“Today’s biggest challenges are complexity and compliance,” says Brad Peterson, a partner in Mayer Brown’s Chicago office and leader of its global technology transactions practice. “There are an increasing range of technologies and providers. Technologies such as AI and processes such as agile make it more difficult to know what commitments to seek. The group of stakeholders keeps growing.” 

Pricing models and metrics can also be complex, making it difficult to understand when additional costs might kick in, Alexander says. Indeed, the arithmetic can be downright opaque.

“Some contracts are structured as a black box with limited view into the components and their commercial impact,” Arora says, adding that buyers with limited access to market data are at a disadvantage when negotiating. “The sell side typically has the information advantage.”

Technology capabilities, often provided by third parties, are intrinsic to business operations and growth, so the deals IT leaders set up with their vendors and service providers are of strategic importance, making effective negotiation a key difference maker not just for IT, but the business. talked to technology transaction experts, who live and breathe contracts and pricing, about the best actions IT leaders can take to negotiate effectively with vendors for the outcomes they seek. Here are their top 10 tips.

Recognize the significance of the contract

The legal agreement between vendor and customer is not just a document standing in the way of getting work started; it sets the tone for the relationships and the expectations for vendor performance. If what you’re looking for isn’t in the contract, it won’t happen.

“The biggest missteps seem to flow from applying approaches that succeed internally across organizations,” says Peterson. “This causes the IT leader to underestimate the role of the contract as the foundation for the relationship and the importance of the supplier’s incentives, culture, and business to the success of the contract.”  

Build in the time for back and forth

Coming to terms takes time that IT leaders should factor into the process and any business expectations for how quickly a deal can be done. “We often see that IT leaders do not allow enough time for a successful negotiation,” says Arora. “Reaching a win-win agreement takes patience from both parties.”

This is particularly important for as-a-service contract renewals. “Neglecting to track contract renewal dates inevitably results in little time to effectively negotiate,” says Alexander. “Proactively manage software maintenance and support renewals, as well as SaaS renewals, and allow enough time to truly evaluate how these deals fit your technology roadmap.”

Seek cross-functional expertise and input

A host of issues can crop up when those who do the negotiating are disconnected from those who operationalize the agreement, says Marc Tanowitz, managing partner in the advisory and transformation practice at West Monroe.

“That causes some friction as the operations that are conceptualized in the agreement don’t necessarily make their way through to the delivery team,” Tanowitz says. “This can ultimately erode confidence and value delivered to the client.”

Before negotiating with any supplier, IT needs to get on the same page with other business leaders regarding core objectives, risk appetite, and standards by which to assess deal terms — before a product or service contract is even on the table.

“IT sourcing is a team sport,” says Peterson. Deals done by business users alone may be technically unsound. Deals done by procurement professionals alone may reduce costs but disappoint users. Deals done by IT departments alone provide leading-edge technology but often at high cost and legal risk. That’s why IT leaders should build an advisory team — or at least get appropriate input — when deciding on key deal points.

Peterson advises creating a team with representation not just from IT, but also users, operations, finance, procurement, and legal. “Get specialists advice early, to avoid costly pitfalls,” Peterson says. “[And] run an informed, efficient, effective process designed to make good decisions while building good relationships.”

Look beyond price

It’s the biggest misstep Tanowitz sees in vendor negotiations? “Over-indexing on price — for example, the perceived lowest cost —rather than value,” he says, adding that IT buyers who work collaboratively with their service providers to structure full solutions that add value to their enterprise end up with greater satisfaction levels in their IT service provider relationships.

IT buyers may think they got a good deal if they get the vendor to come down on price. But that’s almost never the case. In fact, low prices may be a red flag — an indication of hidden costs that will emerge later or under-sizing of the deal by the vendor. “A deal that is priced too low can have greater negative impact than overpaying,” Arora says.

Do your homework

“Consider benchmarks, market norms, and strategy before entering the room for a negotiation,” advises Amy Fong, partner in the sourcing and vendor management group at Everest Group. Price should be part of the pre-negotiation assessment, but not the lead factor.

“Build a holistic service delivery view and consider factors beyond cost such as performance, efficiency, and risk management,” Fong says.

Decide on your negotiation approach

“One of the common complaints is when either party considers the negotiation to be win/lose,” says Arora. “This tends to be driven by a position-based negotiation strategy.”

Taking a unilateral stance to serve your own needs, demanding outcomes, or making ultimatums may simplify the process or speed it up, but it doesn’t foster collaboration. “In fact, it often results in splitting the difference with both parties compromising on benefits,” Arora says.

A more effective approach is interest-based negotiation. “In this framework both parties work to understand the other’s needs, desires, and problems to be solved,” Arora says. “While this extra effort can be difficult to execute – deconstructing and analyzing positions can be complicated and nuanced – the process focuses more on problem solving.”

The result is better value distribution and typically a stronger relationship with the vendor. Seeking mutual gains, agreeing on equitable terms, and executing a balanced contract should be the goal, says Fong.

Look beyond the obvious solutions

IT buyers often end up negotiating a deal as an end unto itself instead of looking more broadly at how to generate business value. For example, they might focus on signing an IaaS deal rather than looking for a reliable platform for running specific software.

Even when negotiation begins in earnest, it pays to set pricing aside at first. “Design the right solution from the business before negotiating the final price,” advises Tanowitz. “Allow the service providers the opportunity to differentiate based on the unique assets or tools or accelerators that they can bring to the operations.”

There may be alternative deal models that make sense. “Buyers should stop running away from more complex commercial models like outcome-based contracts,” says Arora. “Discussing outcome-based contracts with service providers should be a strategic decision, geared toward better business results for both parties.”

Get all-in pricing and press for cost protections

Even as IT leaders take a win-win approach to vendor deal-making, it’s important they protect their interests. That begins with making sure you get “all-in” pricing from vendors to eliminate surprise costs, says Peterson.

Alexander advises pushing for cost protections for deals and renewals. “Some deals that lack such protection have resulted in increases in annual fees between 5% and 20% — sometimes even higher,” Alexander says. “Negotiate caps on renewal increases, reveal and protect against hidden costs, and include flexibility in the pricing model or contract term length.”

Tanowitz also recommends “hard-wiring” any productivity and cost savings improvements in vendor contracts to ensure they are realized.

Take advantage of economic volatility

Macroeconomic dynamics are changing faster than ever and IT leaders should ensure that their deals flex with the times.

“As we move from a hot tech economy to recession, IT leaders have tremendous opportunities to optimize cost through contracting with IT vendors,” says Peterson. “Use an agile approach based on the negotiating leverage you gain in the downturn. Focus negotiating energy to what past downturns have demonstrated are the ‘money points’ in the negotiations while building for the future.”

Have an exit plan

Just like startup founders have a clear exit plan when they launch, so too should CIOs when approaching a vendor contract.

“IT leaders need to have an understanding of what it will take to disentangle themselves from that vendor and, just as importantly, when they can,” says Alexander. “Ensure a smooth transition to another solution by including data extraction and transition assistance in contracts.”

CIO, IT Leadership, Outsourcing

The transition to a modern business intelligence model requires IT to adopt a collaborative approach that includes the business in all aspects of the overall program. This guide focuses on the platform evaluation and selection. It is intended for IT to use collaboratively with business users and analysts as they assess each platform’s ability to execute on the modern analytics workflow and address the diverse needs of users across the organization.

“It all went live in less than two months,” said Paul Egan, It Manager of Business Intelligence at Tableau. “The CEO had his new production-strength dashboards in Tableau in less than two months of the server being deployed—and that was a pretty phenomenal turnaround.”

Download this free whitepaper to learn more.

Digital Transformation

Salesforce skills are among the most sought-after in the IT industry and demand is soaring. The most performant CRM system today, Salesforce is a core technology for digital business, and its associated applications and ecosystem help make it in a leading platform for those seeking a lucrative IT career.

Salesforce certification is an excellent path for acquiring niche knowledge and skills to push your IT career forward. Salesforce’s certification scheme changes often, and its paths and prerequisites can be confusing. Following is an up-to-date guide on certifications that Salesforce offers to help you earn a competitive edge leading to new opportunities.

Benefits of Salesforce certifications

Salesforce jobs range from the technical (architects, developers, implementation experts) to those related to marketing and sales. Each role varies in terms of the required depth of understanding of Salesforce platform.

Earning Salesforce certifications can set you apart for lucrative roles. The average salary for an entry-level Salesforce administrator is around US$100,750, and senior Salesforce administrators make approximately US$128,000, according to Salesforce Ben. According to a study by, 70% of Salesforce developers in the US are satisfied with their salaries given the cost of living in their area.

Salesforce certification overview

Salesforce certifications are based on a role-based scheme centered on six roles: Administrator, Architect, Consultant, Designer, Developer, and Marketer. Details about the certifications and certification paths for these roles are available below.

Salesforce Administrator certifications

Salesforce administrator certification emphasizes admin functions, including defining user requirements, customizing the platform, and helping users get the most out of Salesforce. The certification is offered at two levels: Administrator and Advanced Administrator. Administrators can earn additional certifications for app building, CPQ (configure price quote), and business analysis (see below).

Salesforce Administrator

A Salesforce Certified Administrator manages and maintains an organization’s Salesforce CRM system. This includes creating and modifying user accounts, managing data, creating and maintaining custom fields and objects, and configuring the system to meet organizational needs. The Salesforce Administrator certification demonstrates a candidate’s in-depth knowledge of the platform’s configuration and customization, as well as their proficiency with the platform’s features. To earn this cert, candidates should know how to maintain and modify Sales Cloud and Service Cloud applications; manage users, data, and security; and construct dashboards, reports, and workflows.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Administrator60 multiple-choice questions105 minutes$200/$100None

Salesforce Advanced Administrator

A Salesforce Certified Advanced Administrator has more advanced knowledge and experience compared to a Salesforce Administrator. They handle complex tasks such as customizing the platform, configuring advanced security features, and optimizing performance while ensuring the platform aligns with company requirements and goals. To earn the Salesforce Advanced Administrator certification, candidates should understand advanced Salesforce admin capabilities and be skilled at designing advanced reports, dashboards, and automation processes.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Advanced Administrator60 multiple-choice questions105 minutes$200/$100None

Salesforce CPQ Specialist

A Salesforce Certified CPQ Specialist is responsible for implementing and maintaining the Salesforce CPQ solution for an organization, ensuring accurate pricing and quotation processes while providing technical support to streamline sales operations. The Salesforce CPQ Specialist certification demonstrates a candidate’s ability to implement Salesforce CPQ solutions, design and build quoting flows to meet customer requirements, and troubleshoot platform issues. A candidate who earns the certification will have proved their ability to build bundle configurations, pricing, output documents, and renewals and amendments.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce CPQ Specialist60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

Salesforce Architect certifications

Salesforce Architects design and implement solutions on the Salesforce platform to meet specific organizational needs. This includes managing the technical aspects of Salesforce, such as customizing objects, fields, and validation rules, as well as developing and maintaining integrations with other systems.

Salesforce Application Architect

A Salesforce Certified Application Architect designs and develops custom solutions on the Salesforce platform. This certification requires deep understanding of Salesforce features and functionality, as well as the ability to model a role hierarchy, data model, and appropriate sharing mechanisms. While there is no cost associated with this certification, to earn this credential, candidates must complete all four certifications, each of which has its own associated exam and fee:

Salesforce Certified Data ArchitectSalesforce Certified Sharing and Visibility ArchitectSalesforce Certified Platform Developer I (see below under Salesforce Developer certification)Salesforce Certified Platform App Builder (see below under Salesforce Developer certification)

Salesforce Data Architect

A Salesforce Certified Data Architect designs and manages the data architecture and data integration strategies for a Salesforce implementation, ensuring data quality, security, and integrity to support business requirements and drive effective decision-making. To earn the Salesforce Data Architect certification, candidates should be able to design and implement data solutions within the Salesforce ecosystem, such as data modelling, data integration and data governance. 

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Data Architect60 multiple-choice questions105 minutes$400/$200None

Salesforce Sharing and Visibility Architect

A Salesforce Certified Sharing and Visibility Architect is responsible for designing and implementing the access controls, sharing models, and security settings in Salesforce, to ensure the appropriate sharing of data within an organization and protection of sensitive information. The Salesforce Sharing and Visibility Architect certification is designed for architects, analysts, and administrators with the knowledge and skills to design secure, scalable security models on To earn this certification, a candidate should be good at communicating technical solutions to technical stakeholders and ensuring quality and success through a structured project delivery framework.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Sharing and Visibility Architect60 multiple-choice questions120 minutes$400/$200None

Salesforce System Architect  

A Salesforce certified System Architect focuses on the overall architecture of a Salesforce implementation, including the design of custom solutions, data architecture, security, performance, and scalability. The certification emphasizes testing, governance, and integration with external systems within an organization’s infrastructure. While there is no cost associated with this certification, to earn this credential, candidates must complete all four certifications, each of which has its own associated exam and fee: 

Salesforce Certified Development Lifecycle and Deployment ArchitectSalesforce Certified Identity and Access Management ArchitectSalesforce Certified Integration ArchitectureSalesforce Certified Platform Developer I (see below under Salesforce Developer certification)

Salesforce Development Lifecycle and Deployment Designer

A Salesforce Certified Development Lifecycle and Deployment Designer designs and manages the development, testing, and deployment processes for Salesforce projects. The Salesforce Certified Development Lifecycle and Deployment Architect credential is designed for those experienced with applying DevOps, Application Lifecycle Management, and governance to support client requirements.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Development Lifecycle and Deployment Designer60 multiple-choice questions105 minutes$400/$200None

Salesforce Identity and Access Management Designer

A Salesforce Certified Identity and Access Management Architect designs and implements security and access controls for a Salesforce implementation. The Salesforce Certified Identity and Access Management credential demonstrates a candidate’s knowledge, skills and capabilities at assessing identity architecture and designing secure, high-performance access management solutions on Customer 360.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Identity and Access Management Designer60 multiple-choice questions105 minutes$400/$200None

Salesforce Integration Architect

A Salesforce Certified Integration Architecture designs and implements integration strategies between Salesforce and other systems, ensuring seamless data exchange and the optimization of business processes through use of APIs, middleware, and other technologies. The Salesforce Integration Architect credentials exam shows a candidate’s fluency in effectively communicating technical solutions to technical stakeholders and providing a project delivery framework that ensures quality and success.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Integration Architect60 multiple-choice questions105 minutes$400/$200None

Salesforce B2B Solution Architect

A B2B (business-to-business) Solution Architect designs and implements solutions for businesses that operate in B2B context, leveraging Salesforce to optimize business processes, improve customer engagement, and drive growth for the organization. Prerequisites include earning Salesforce Application Architect certification (see above). Candidates must then successfully pass the Salesforce B2B Solution Architect exam, which tests their ability to architect and drive multicloud B2B solutions that deliver business value for the customer.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce B2B Solution Architect60 multiple-choice questions105 minutes$400/$200Salesforce Administrator

Salesforce B2C Solution Architect

A Salesforce Certified B2C Solution Architect designs and implements solutions for businesses that operate in a B2C (business-to-consumer) context, leveraging Salesforce to enhance customer experiences, improve customer relationships, and drive growth. Once candidates have completed the three prerequisite certifications (chart below), they must successfully pass the Salesforce B2C Solution Architect exam, which tests their ability to design and implement multicloud solutions, as well as their understanding of the Salesforce Customer 360 Vision and Platform.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce B2C Solution Architect60 multiple-choice questions105 minutes$400/$200Salesforce Platform App Builder Certification; Salesforce Integration Architect Certification; Salesforce Marketing Cloud Email Specialist Certification

Salesforce B2C Commerce Architect

A B2C Commerce Architect designs and implements commerce solutions for businesses that operate in a B2C (business-to-consumer) context. The B2C Commerce Architect Certification is designed for candidates who have expertise in designing global sites that support multiple brands and channels using standard design patterns and storefront integrations. Certification also designed for candidates with knowledge of the commerce ecosystem and solution architecture, including primary integrations for client business needs and process flows. 

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce B2C Commerce Architect60 multiple-choice questions105 minutes$400/$200Salesforce B2C Commerce Developer

Salesforce Heroku Architect

A Salesforce Certified Heroku Architect designs and implements scalable, secure, high-performance applications on Heroku, leveraging the platform’s capabilities to deliver business-critical solutions for the organization. The Salesforce Heroku Architect certification is targeted for a Heroku Consultant or Partner who understands how to build scalable apps on Heroku and to apply Heroku best practices within the enterprise, as well as how to integrate Heroku apps with Salesforce via database, API, and event systems.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Heroku Architect60 multiple-choice questions120 minutes$400/$200Salesforce B2C Commerce Developer

Salesforce Technical Architect

A Salesforce Certified Technical Architect designs and leads the implementation of complex, enterprise-level Salesforce solutions that align with an organization’s business objectives and technical requirements. Candidates must have hands-on experience as follows before taking the exam:

Over five years of implementation experience, including development, across the full software development lifecycleOver three years of experience in an architect roleOver two years of experience on the Lightning Platform with at least one of those in a lead architect role, implementing Salesforce applications and technologies

The prerequisite include earning the Salesforce Application Architect (see above) and Salesforce System Architect (see above) certifications both of which are granted after all respective prerequisites for each is completed.

To earn the Salesforce Technical Architect certification (post completion of the prerequisite and experience), the candidate must successfully pass the Architect Review Board Evaluation (step 1) and the Architect Review Board Exam (step 2).

Technical Architect Review Board Evaluation: The candidate must review and solve a hypothetical situation and then present their solution to a panel of evaluators, who lead a question-and-answer session after the presentation.

CertificationExam FormatDurationCost/RetakePrerequisite CertsTechnical Architect Review Board EvaluationOnline format: Solve hypothetical scenario60 minutes for solution preparation, 30 minutes for presentation, 30-minute Q&A, and additional 45-minute Q&A$1,500/$750Salesforce Application Architect; Salesforce System Architect

Technical Architect Review Board Exam:

CertificationExam FormatDurationCost/RetakePrerequisite CertsTechnical Architect Review Board EvaluationOnline format: Solve hypothetical scenario180 minutes for solution preparation, 45 minutes for presentation, 40-minute Q&A, 45-minute additional Q&A$4,500/$2,500Technical Architect Review Board Evaluation

Salesforce Consultant certification

Salesforce offers 10 certifications for customer-facing consultants who design and implement solutions in their area of expertise. In addition to the 10 they can also pursue Salesforce marketing cloud consultant certification covered under Salesforce marketing certifications

Salesforce Business Analyst

A Salesforce Certified Business Analyst bridges the gap between business requirements and technical solutions, using their knowledge of Salesforce to analyze, design, and recommend solutions that drive success for the organization. The Salesforce Business Analyst Certification tests a candidate’s ability to capture requirements, collaborate with stakeholders, and support the development of solutions that drive business improvements.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Business Analyst60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

Salesforce Education Cloud Consultant

A Salesforce Certified Education Cloud Consultant designs and implements solutions for the education industry using Salesforce Education Cloud. The Salesforce Education Cloud Consultant certification demonstrates that a candidate has experience consulting within the education industry and has expertise in Salesforce applications, including the knowledge required to apply several applications in common customer scenarios.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Education Cloud Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

Experience Cloud Consultant

A Salesforce certified Experience Cloud Consultant designs and implements solutions using Salesforce Experience Cloud. This includes leveraging the platform’s features to enhance customer experiences and improve business processes. The Salesforce Experience Cloud Consultant certification is for candidates with experience consulting on Experience Cloud in a customer-facing role and can troubleshoot and solve platform issues.

CertificationExam FormatDurationCost/RetakePrerequisite CertsExperience Cloud Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

Salesforce Field Service Consultant

A Salesforce Field Service Consultant implements and optimizes the Field Service module within the Salesforce Service Cloud. This includes working with clients to design and configure FSL for their field service operations, such as scheduling, dispatch, and mobile workforce management, and providing ongoing support to ensure continued success with Field Service. The Salesforce Field Service Consultant certification recognizes professionals who design Salesforce solutions for customers and who administer and configure Salesforce applications on customer premises.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Field Service Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Administrator; Salesforce Service Cloud Consultant 

Salesforce Nonprofit Cloud Consultant

A Salesforce Nonprofit Cloud Consultant plays a critical role in helping nonprofit organizations to utilize Salesforce for managing their operations. The role involves consulting with clients to understand their needs, customizing Salesforce to meet those needs, providing training and support, and ensuring that the platform is being used effectively and efficiently to support organizational goals. Candidates with this credential can successfully design and implement Nonprofit Cloud solutions that contribute to long-term customer success.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Nonprofit Cloud Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

OmniStudio Consultant

A Salesforce OmniStudio Consultant creates and implements solutions using Salesforce OmniStudio,  working with clients to understand their business requirements and customizing the platform to meet those needs. The Salesforce OmniStudio Consultant certification is ideal for candidates with at least one year of Salesforce experience in one or more roles such as Business Analyst; Business Consultant; Solution Architect; Delivery Manager/Director; Project, Product, or Program Manager; or UX Designer

CertificationExam FormatDurationCost/RetakePrerequisite CertsOmniStudio Consultant60 multiple-choice questions105 minutes$200/$100None

Salesforce Pardot Consultant

A Salesforce Pardot Consultant helps organizations maximize their investment in the Salesforce Pardot marketing automation platform, working with clients to understand their needs and leveraging use the platform to optimize lead generation. The Salesforce Pardot Consultant certification is for professionals experienced with implementing Pardot and who can explain Salesforce administration concepts that relate to Pardot features.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Pardot Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Pardot Specialist

Salesforce Sales Cloud Consultant

A Salesforce Sales Cloud Consultant helps organizations leverage Salesforce Sales Cloud to manage their sales processes. This includes configuring and customizing the platform, providing training and support to users, and implementing best practices for sales management. To earn the Salesforce Sales Cloud Consultant certification, candidates must be able to design and implement Sales Cloud solutions, including application and interface design, and be able to manage and design analytics for tracking purposes.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Sales Cloud Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

Service Cloud Consultant 

A Salesforce Service Cloud Consultant designs and implements solutions for a company’s customer service using Salesforce Service Cloud, working with clients to understand their business requirements and configuring the platform to suit their needs. This Salesforce Service Cloud Consultant certification recognizes individuals who design solutions for contact centers, as well as analytics solutions for metric tracking. This credential proves that you can design, build, and implement Service Cloud functionality.

CertificationExam FormatDurationCost/RetakePrerequisite CertsService Cloud Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Administrator

Saleforce Tableau CRM & Einstein Discovery Consultant

A Salesforce Tableau CRM & Einstein Discovery Consultant helps organizations use Salesforce CRM, Tableau, and Einstein Discovery tools to manage customer relationships, visualize and analyze data, and make informed business decisions. The consultant provides implementation, customization, and integration expertise in these technologies, as well as training and support. The Tableau CRM & Einstein Discovery Consultant credential is intended for individuals experienced with data ingestion processes, security and access implementations, and dashboard creation.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSaleforce Tableau CRM & Einstein Discovery Consultant60 multiple-choice questions105 minutes$200/$100None

Salesforce Marketing certification

Salesforce also offers certifications aimed at marketing professionals, including two for Salesforce’s B2B marketing automation platform Pardot. In addition to the detailed certifications below, Salesforce Marketeers can also pursue Marketing Cloud Developer certifications (covered under Salesforce Developer Certification) and Pardot Consultant certification (covered under Salesforce Consultant Certification).

Salesforce Marketing Cloud Administrator

A Salesforce Marketing Cloud Administrator manages and configures Salesforce Marketing Cloud to meet the organization’s marketing automation and communication needs. This involves setting up email templates, managing data, configuring integrations, and monitoring performance. The Salesforce Marketing Cloud Administrator certification tests a candidate’s ability to execute administrative functions within Marketing Cloud in accordance with business requirements.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Marketing Cloud Administrator60 multiple-choice questions105 minutes$200/$100None

Salesforce Marketing Cloud Consultant

A Salesforce Marketing Cloud Consultant helping organizations use Salesforce Marketing Cloud to achieve their marketing goals, by identifying client needs, designing and implementing solutions, and providing ongoing support and training. To earn the Marketing cloud consultant certification candidates must be able to configure and implement Salesforce Marketing Cloud Email application tools and troubleshoot platform issues and should be able to provide solutions to execute both tactical and strategic email campaigns.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Marketing Cloud Consultant60 multiple-choice questions105 minutes$200/$100Salesforce Marketing Cloud Administrator

Salesforce Marketing Cloud Email Specialist

A Salesforce Certified Marketing Cloud Email Specialist designs, executes, and optimizes email marketing campaigns using Salesforce Marketing Cloud, ensuring the effective delivery of targeted and relevant messages to drive engagement and improve business outcomes. The Salesforce Certified Marketing Cloud Email Specialist certification is designed for individuals who can demonstrate knowledge, skills, and experience in email marketing best practices in the areas of content creation, subscriber and data management, delivery, and analytics within the Marketing Cloud Email application.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Marketing Cloud Email Specialist60 multiple-choice questions105 minutes$400/$200Salesforce Platform App Builder Certification; Salesforce Integration Architect Certification; Salesforce Marketing Cloud Email Specialist Certification

Salesforce Pardot Specialist

A Salesforce Pardot Specialist manages and optimizes a company’s use of the Salesforce Pardot marketing automation platform. This includes configuring and customizing the platform to meet business needs, creating and executing marketing campaigns, analyzing and reporting on campaign performance, and ensuring the platform is integrated with other sales and marketing tools. To earn the Pardot Specialist certification, candidates should be able to design and build marketing campaigns within Pardot and be versed with email marketing, lead generation, and lead qualification.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Pardot Specialist60 multiple-choice questions105 minutes$200/$100None

Salesforce Designer certification

Salesforce offers two certifications under the Designer credentials: one centered around User Experience and the other around Strategy Designing.

Salesforce User Experience Designer

A Salesforce User Experience (UX) Designer designs and improves the UI and overall experience of Salesforce. This includes conducting user research, prototyping, testing, and creating user-centered design solutions to meet business requirements. The User Experience (UX) Designer credential is for candidates who have a baseline knowledge of problem-solving and design using core UX concepts and who are able to use’s core features.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce User Experience Designer60 multiple-choice questions105 minutes$200/$100None

Salesforce Strategy Designer

Salesforce Strategy Designer helps create and visualize sales and customer success strategies with Salesforce. The designer addresses challenges at the system level, maps out ecosystems, aligns stakeholders across organizations, and incorporates user insights to drive innovation. The Salesforce Strategy Designer Certification validates candidates’ ability to design systems-level solutions toward desired business and user outcomes. Candidates with this credential also have the expertise to lead innovation across product lifecycles.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Strategy Designer60 multiple-choice questions105 minutes$200/$100None

Salesforce Developer certifications

Salesforce developer credentials are for professionals who build custom applications on the platform. This track includes the Salesforce Certified Platform Application Builder, which can also be applied to the Salesforce Administrator track. There are two types of developer certifications: the two-tiered platform developer credentials and one aimed at developing ecommerce solutions.

Salesfoce B2C Commerce Developer

A Salesforce B2C Commerce Developer designs, builds, and maintains the e-commerce platform for businesses to interact with their customers. They create custom functionality and integrate the platform with other systems to enhance the customer experience and drive sales. Candidates should be experienced full-stack developers for Salesforce B2C Commerce Digital. The B2C Commerce Developer certification is geared toward those adept at setting up the development environment, working with the digital data model, working with site content, using Salesforce Business Manager to perform site configuration tasks, using scripts to extend site business logic, interacting with external applications, optimizing site performance, and troubleshooting.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesfoce B2C Commerce Developer60 multiple-choice questions105 minutes$200/$100None

Salesforce Industries CPQ Developer

A Salesforce Industries CPQ Developer customizes and implements Salesforce CPQ solutions for clients in industries such as Manufacturing, Healthcare, and Financial Services. They work to streamline the quoting and proposal process by automating pricing, discounts, and product bundles while ensuring compliance with industry regulations. The Industries CPQ Developer certification is created for candidates who have experience developing configure, price, quote applications for Salesforce Communications, Media, and Energy & Utilities Clouds.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Industries CPQ Developer60 multiple-choice questions105 minutes$200/$100None

Salesforce JavaScript Developer I

A Salesforce JavaScript Developer I creates and implements custom JavaScript code within Salesforce to meet specific business needs, using JavaScript, Apex, and other programming languages to build, test, and deploy custom applications, automations, and integrations. This Salesforce JavaScript Developer I certification is intended for candidates owning the knowledge, skills, and experience developing front-end and/or JavaScript applications for the web stack. The certification comprises two parts: the JavaScript Developer I exam and the Lightning Web Components Specialist Superbadge, which vets hands-on Lightning Web Component development skills.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce JavaScript Developer I60 multiple-choice questions105 minutes$200/$100None

Salesforce Marketing Cloud Developer

A Salesforce Marketing Cloud Developer designs and implements marketing automation solutions using Salesforce Marketing Cloud, working with stakeholders to understand business requirements and to design effective marketing campaigns. The Salesforce Marketing Cloud Developer certification is designed for candidates who can develope effective, personalized marketing assets such as emails, landing pages, and forms leveraging HTML, CSS, and AMPscript. To earn this cert, candidates should be proficient in SQL and have experience using Marketing Cloud APIs.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Marketing Cloud Developer60 multiple-choice questions105 minutes$200/$100Salesforce Marketing Cloud Email Specialist

Salesforce OmniStudio Developer

A Salesforce OmniStudio Developer designs, develops, and maintains custom applications using Salesforce Lightning, Apex, and Visualforce. They also create, configure, and customize components in Salesforce OmniStudio. This Salesforce OmniStudio Developer credential demonstrates a candidate’s ability to develop cloud applications with OmniStudio declarative development tools, including FlexCards, OmniScripts, Integration Procedures, DataRaptors, Expression Sets and Decision Matrices, and Industry Consoles.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce OmniStudio Developer60 multiple-choice questions105 minutes$200/$100Salesforce Marketing Cloud Email Specialist

Salesforce Platform Application Builder

A Platform App Builder creates custom applications leveraging tools such as Apex, Visualforce, and Lightning components. The Salesforce Platform App Builder certification is for individuals who want to exhibit their skills in designing, building, and deploying custom applications on the Lightning Platform, including creating, managing, and updating data models, application security, business logic, and process automation.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Platform Application Builder60 multiple-choice questions105 minutes$200/$100None

Salesforce Platform Developer I

A Platform developer creates and deploys business logic and UIs using the programmatic capabilities of Lightning. The Salesforce Platform Developer I credential is intended for individuals experienced in building custom applications on Lightning.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Platform Developer I60 multiple-choice questions105 minutes$200/$100None

Salesforce Platform Developer II

A Salesforce Platform Developer II builds custom solutions using Apex, Visualforce, and other programming languages. They play a crucial role in designing, coding, testing, and deploying complex business requirements to meet the needs of the organization. To achieve the Salesforce Platform Developer II certification candidates must be experts in the advanced programmatic capabilities of the platform and data modelling so they can develop complex business logic and interfaces on the platform. The certification involves a multiple-choice exam, a programming assignment, and an essay exam. To pass, candidates must be able to design, develop, test, and deploy maintainable, robust, and reusable programmatic solutions following Apex design patterns and object-oriented best practices.

CertificationExam FormatDurationCost/RetakePrerequisite CertsSalesforce Platform Developer II60 multiple-choice questions105 minutes$200/$100Salesforce Platform Developer I

Careers, Certifications, CRM Systems, IT Jobs, IT Skills,

Networking isn’t just for holiday parties. It’s something you should do all year long and, if approached correctly, it works no matter where you are on the career ladder.

The two cardinal rules of networking, according to CIOs and career coaches, are to schedule time to do it for at least an hour every month, and to approach it as something you do to help others in addition to yourself.

Joe Topinka, a career coach with CIO Mentor in Charlotte, NC, says he was not originally a big fan of networking. “My boss encouraged me to do it back when I was in software development, and I actually resisted it,” he recalls. “I used to try to do it on Fridays, and I’d get up and start whining about it to my wife. But then I started doing it, and I’d come back energized and full of ideas.”

These days, like most people interviewed for this article, Topinka puts networking on his calendar to make sure he blocks out the time, and he advises his CIO clients to do the same.

Know you are not alone

Of course it’s critical to stay current with your contacts if you’re looking for a job, but networking goes far beyond that. Edward Wagoner, CIO of Chicago-based commercial real estate firm Jones Lang LaSalle, says that attending events with other CIOs has given him a much-needed confidence boost.

Edward Wagoner, CIO, Jones Lang LaSalle

Jones Lang LaSalle

“For years I avoided networking events because I felt I didn’t belong,” he says. “I suffered from a crippling lack of self-worth.” But after sharing these feelings at conferences with other CIOs, he heard from a number who had the same issue. “I’d walk into a room and think, ‘Oh, my God, look at all these very accomplished people.’ But it turns out they were thinking the same thing. We’re more alike than I ever gave myself credit for.”

In addition to building a sense of comradery, networking helps in other ways, too. CIOs talk to each other about approaches to major projects — techniques and technologies that have or have not succeeded for them — as well as tips for working with various vendors and how to address staffing issues, among other topics.

“‘We’ is smarter than ‘me,’” says Larry Bonfante, an executive coach with CIO Bench Coach in West Nyack, NY. “The more you can surround yourself with smart people, the more you can avoid stepping into the same rabbit holes.” Plus, he says, given how quickly the industry is evolving, networking “helps you see what’s going on in the broader world.”

Ken Piddington, VP and CIO, US Silica

US Silica

In fact, networking can help keep you marketable even before you start a job search, says Jayne Mattson, a career coach and author. Talking to others can help you see how your accomplishments can transfer across industries and how you can add value to other companies. It’s also a great way to hear about other opportunities, including at companies that may be laying off in some technology areas but staffing up in others, she adds.

Some CIOs, including Ken Piddington, CIO at US Silica, use networking events to “keep recruiters warm,” by connecting with national or local IT specialists. Even if he’s not looking for a job, he might know other CIOs who are and can help get them in touch. Plus, he says, “I want to understand the different [HR] firms and where they specialize, and then I find a way to get introduced.”

Make the most of online opportunities

Most experts agree you’ll get much more out of an in-person outing. But if budget or time are tight, online conferences can work, Mattson says. If you do opt for a webinar, make sure your camera is on, and comment when you can.

“When you participate, people look at you as a go-to person, and that’s how you want to be seen,” Mattson says. “If you’re on mute and don’t look at the camera, that defeats the purpose.” And make sure to take advantage of any online networking opportunities the conference organizers provide.

The pandemic has been a boon for online conferences. Megan Duty, vice president of technology and project delivery at Puritan Life, says her time available for networking increased because she was working at home more. “I wasn’t commuting as much and felt these conferences were important,” she says.

Choose your groups carefully

Generally, Duty attends meetings that are relevant to insurance, leadership, women in technology, or those hosted by consulting groups she wants to get to know better. A lot of these forums are back in person, she says, and she traveled a lot during 2022. But she used her virtual time to figure out what the most valuable conferences were before attending in person.

Megan Duty, VP of technology and project delivery, Puritan Life Insurance Company of America

Puritan Life Insurance Company of America

Another technique, she suggests, is to tap into the people you meet. She asks professional acquaintances which groups they belong to and whether they have found value in attending their meetings or annual conferences.

JLL’s Wagoner says he selects conferences that will help him learn things he doesn’t already know, or that “challenge me to think differently.” For instance, he doesn’t need to hear that cybersecurity is important; he already knows that.

Another plus is to have inspirational speakers, like Sabina Ewing, the global CIO at Abbott Laboratories, or Danielle Brown, CIO at Whirlpool, “people I’d pay to be in the room to hear from,” Wagoner says. He explains how he was impressed by how Whirlpool, a mature manufacturing firm, knocked a tech company out of The Wall Street Journal’s “Management Top 250” list, and wanted to learn more about how it did that.

Wagoner recently hosted a group of CIOs at JLL’s Chicago corporate headquarters, and he spoke about his company’s efforts to be carbon-neutral as part of his firm’s commitment to help educate people about what it’s doing. Another speaker at that event was Dr. Nancy Tuchman, founding dean of sustainability at Loyola University Chicago, “one of the most sustainable” secondary institutions in the world, Wagoner says. “The audience was asking questions and engaging even before we asked them to.”

Ron Mathis, corporate IT operations director, Illinois Tool Works

Illinois Tool Works

Ron Mathis, operations director for information technology at Illinois Tool Works, says he needs to pick and choose which groups he belongs to because “there are many different organizations targeting my demographic; I can’t participate in all of them.” Most of his networking time and energy are spent with the Chicago chapter of the Society of Information Management (SIM), a national group for IT leaders with many local chapters. He’s also active on LinkedIn.

His counsel: “Pick one, and don’t look for an immediate ROI on your investment of time. Over time, I’ve found significant value in building a network of other people I ask for professional advice.” 

Start local and small — and do it now

Don’t wait until you need a network; you don’t know when that will happen. Instead, build it before you need it, which means now. “A good network doesn’t happen by accident,” says US Silica’s Piddington. “It has to be purposeful.”

If you’re just getting started with networking, it’s probably best to begin with local MeetUp groups, or the closest SIM chapter — in other words, something small that includes people you can keep in touch with afterward. Choose a group where you will be as comfortable as possible with your peers, and where you can give something back. Keep in mind that other attendees really do want to hear about your relevant professional experiences, both positive and negative.

Prepare questions before you go, then pick a couple of names off the agenda as people you want to talk to, and do it. Ask to meet for coffee at the conference venue or nearby (and pick up the tab), have a half-hour conversation, then ask if it’s okay to keep in touch after the conference is over. Build from there; most people remember what it’s like to be new in their role and are generous with their time.

CIO Bench Coach’s Bonfante says, “It’s not about being the most interesting person in the room; it’s about being the most interested. Ask about the people around you — what they’re doing, what they’re having problems with.”

You can also start by leveraging your existing professional social-networking contacts; Mattson is a big fan of using LinkedIn as a networking medium. Just make sure your profile is up to date.

Where to get some help

For the truly introverted or absolute beginner, you can learn the basics by doing some reading before venturing out. US Silica’s Piddington recommends Some Assembly Required: How to Make, Grow, and Keep Your Business Relationships, by Thom Singer.

Mattson wrote a book, You, You, Me, You, explaining how to develop and nurture professional relationships. She says she wrote the book out of frustration because people often believe they know how to do this well when, in fact, they don’t.

Give back

Once you find your tribe and are comfortable, volunteer to be a mentor, be on a panel, or lead a discussion. It helps build your brand, too, CIO Mentor’s Topinka says.

CIO Bench Coach’s Bonfante recalls when he left Pfizer and tried to keep in touch with someone who was still at the company. For a year his calls went unanswered, “and I got the hint” and stopped calling. Two years later, the person called him to ask for a favor. Bonfante did it, but as he spent time helping the guy, “I was thinking, ‘Wait, when I tried to call you, you were in witness protection, and now you want something from me?,’” Bonfante says.

Don’t be that guy.

Everyone knows something of value, but it might take some time before you’re up for genuine sharing, JLL’s Wagoner advises. “I wasn’t ready for self-reflection until a bit later in my career,” he says. It took some time to develop “the ability to look at myself critically, in the right way, and share with others, to really open up and help people.” For him, these days, networking is about being authentic as both a human being and a CIO, and that realization was the result of “a lot of coffee and a lot of angst.”

It takes some time and effort, but networking is more important than ever, especially for younger people or those new to an IT leadership role. “You’ll get out of it what you put into it,” Wagoner says. “Figure out a way to participate.”

Careers, CIO, IT Leadership, Mentoring

With the cloud becoming such an integral part of the IT strategies of so many enterprises, it’s natural that managing the expense of all these services would be an emerging priority for executives.

Although the cloud is touted by providers as a way to potentially save money because of greater efficiencies and shared expenses, an abundance of cloud-based resources can also lead to cost runaways if not managed properly. That’s where FinOps comes in.

What is FinOps?

Blending the terms finance and operations, FinOps is a business discipline and set of best practices and technologies for optimizing enterprise cloud spend.

The FinOps Foundation’s Technical Advisory Council further defines FinOps as “an evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value by helping engineering, finance, technology, and business teams to collaborate on data-driven spending decisions.”

The foundation, a program of the Linux Foundation dedicated to advancing people who practice the discipline of cloud financial management through best practices, education, and standards, says at its core FinOps is a cultural practice for managing cloud costs — one in which everyone takes ownership of their cloud usage supported by a central best-practices group

The term “FinOps” comes from the DevOps software development model, with the addition of the financial component, and emphasizes communications and collaboration among various teams involved in the use of cloud services.

“The FinOps market is white hot today, growing faster than both IT general and public cloud spending,” says Jevin Jensen, research vice president of Intelligent CloudOps Market service at IDC. “I expect this to continue as IT budgets will be under increasing pressure in 2023. FinOps culture change and the rapidly advancing cloud cost transparency tools offer an excellent opportunity for enterprises to realize tremendous cost savings.”

How does FinOps work?

As a practice, FinOps operates by bringing together representatives from IT operations, development, finance, and procurement, as well as business unit leaders, Jensen says. Doing so gives the organization a central, cross-functional team focused on optimizing the enterprise’s outlay in the cloud.

“Enterprises can create a single source of truth for cloud spending,” Jensen says. “Additionally, they can develop metrics and set goals for each metric, including forecasting cloud spending, targeting saving opportunities, and benchmarking future cloud projects before approval.”

Agreeing on the charge-back method of cloud spending is another important task for a FinOps team, Jensen says. “FinOps is more about people and processes than a technology tool,” he says. “The tool is still an important enabler for the FinOps team. The FinOps culture change is about collaboration, spending accountability, and ensuring anticipated return on investment.”

The FinOps Foundation lists six principles of FinOps:

Teams need to collaborateEveryone takes ownership of their cloud usageA centralized team drives FinOpsReports should be accessible and timelyDecisions are driven by the business value of the cloudTake advantage of the variable cost model of the cloud

Why do organizations need FinOps?

“FinOps brings financial accountability — including financial control and predictability — to the variable spend model of cloud,” says J.R. Storment, executive director of the FinOps Foundation. “This is increasingly important as cloud spending makes up ever more of IT budgets.”

It also enables organizations to make informed trade-offs between speed, cost, and quality in their cloud architecture and investment decisions, Storment says. “And organizations get maximum business value by helping engineering, finance, technology, and business teams collaborate on data-driven spending decisions,” he says.

Aside from bringing together the key people who can help an organization gain better control of its cloud spending, FinOps can help reduce cloud waste, which IDC estimates between 10% to 30% for organizations today.

“Moving from show-back cloud accounting, where IT still pays and budgets for cloud spending, to a charge-back model, where individual departments are accountable for cloud spending in their budget, is key to accelerating savings and ensuring only necessary cloud projects are implemented,” Jensen says.

And because FinOps facilitates improved collaboration and communication among groups around cloud use, organizations can reduce or eliminate redundant applications and cloud initiatives, Jensen says.

FinOps “is the management of cloud economics,” says Lydia Leong, distinguished vice president and analyst at Gartner. “Ideally, it should not merely be cloud financial operations, but a broader perspective that maximizes the value of cloud computing rather than minimizing the cost. Properly done, FinOps helps an organization contemplate the business value it is receiving — or not receiving — from its cloud use, so it can decide how best to optimize its investments.”

What are some best practices for adopting FinOps?

When implementing FinOps, one best practice is to create a cloud center of excellence (CoE) to centralize the organization’s FinOps approach. “Neither technology nor finance can go it alone; this needs to be a cross-functional initiative,” says R.J. Hazra, senior vice president and CFO of global technology and security at consumer credit reporting agency Equifax.

The multinational consumer credit reporting company is using Apptio’s Cloudability platform integrated with a general ledger system and configuration management database for enterprise reporting on cloud usage, trending, and anomaly detection. It created a cloud CoE composed of sourcing, financial planning and analysis, and site reliability engineers, Hazra says. The CoE set up a strategy to better align cloud spending with the firm’s goals, and set targets for all of its cloud platforms to drive shared accountability.

Still, FinOps needs to be a cultural practice across the organization, not something that’s solely the responsibility of a “FinOps team,” Gartner’s Leong says. “It requires collaboration between business leaders — the business owners of applications — application developers or application management teams, cloud operations, finance, and sourcing/procurement/vendor management,” she says. “FinOps is a continuous process, not just a monthly cycle of playing whack-a-mole with the cloud bills.”

Designating a FinOps practitioner is an essential first step, IDC’s Jensen says. “This person is the evangelist of FinOps for your organization, and should have a solid understanding of IT and financial constructs.”

This individual will need sponsorship from a C-level executive, such as a CFO or CEO, to establish a cross-functional team and hold them accountable for meeting regularly and hitting metrics, Jensen says.

“Selecting a tool and getting buy-in for using it as a single source of truth for all cloud spending and its recommendations is the next logical step,” Jensen says. “The FinOps teams should then set metrics and provide a transparent company-wide dashboard to facilitate control of cloud spending.”

To adopt and deploy a successful FinOps strategy, enterprises should look to the FinOps community to learn through events, meetings, and other channels, Storment says. “No one needs to do this alone and FinOps practitioners will get farther, faster by sharing learnings and best practices,” he says. “Also, to have a viable and thriving FinOps culture and practice, invest in career development of practitioners through training and certification.”

What role should the CIO play in an organization’s use of FinOps?

“Executive buy-in has a massive influence in building successful FinOps practices, and the role of a CIO or CFO is often to ensure that the FinOps strategy and deployment are well crafted and carried out,” FinOps Foundation’s Storment says.

The CIO has several pivotal roles to play in the use of FinOps, he adds. One is as a promoter and vocal supporter. “The CIO sets the tone for the IT resources in the business,” Storment says. For the past two years the foundation’s survey of FinOps practitioners indicates that encouraging engineers to take action on cost optimization is the primary challenge facing organizations. “If the CIO is not supportive — through words, actions, incentives — it is very difficult to get an engineer to consider cost in their daily work.”

CIOs can also inspire collaboration. “The CIO doesn’t operate in a vacuum separately from the CFO, COO, and other C-level executives,” Storment says. “When using the cloud, the CIO’s resources are also not able to operate in an isolated silo.” The CIO should work to demonstrate cross-discipline collaboration by working with other senior executives to communicate about the cloud’s role in the organization and to reinforce the need to understand cost, he says.

While CIOs don’t have to lead FinOps initiatives, they should play an important advisory role. “CIOs are critical sponsors of FinOps efforts,” Leong says. “But in order to make it work as a cultural practice, [they] must have the cooperation of their peers in the business, and preferably the CFO as well.”

How can someone become a FinOps professional?

FinOps continues to proliferate around the world and there will be growing demand for people with related skills. “In the coming years, innovative technology solutions will be built using the cloud,” Storment says. “But cloud is a very different delivery model from traditional data center IT and requires FinOps” in order to be used effectively.

A recent survey by the FinOps Foundation showed that FinOps team sizes are expected to increase to an average of eight people over the next year, up from five.

“FinOps isn’t just a technical discipline nor solely finance-based,” Storment says. “It’s a cultural one that brings together finance, engineering, product, and management, and so roles and responsibilities encompass all of those arenas.”

One way to gain the proper skills is through certification programs, such as those offered by the FinOps Foundation.

“We see a need to certify people to be ‘certified practitioners’ to validate their FinOps knowledge and enhance their professional credibility,” Storment says. “Certified practitioners are enabled with key concepts and terminology to be contributing members of this community and interact with other practitioners and disciplines in their companies in detailed and meaningful ways.”

The foundation also offers a training course designed for engineers to understand how to work effectively with FinOps teams to manage cloud use and costs more efficiently, and to derive more business value from cloud, Storment says. “This is important, because [the] biggest challenge among organizations is getting engineers to take action on cost optimization.”

What are the top FinOps technology providers?

Based on IDC research, some of the top FinOps vendors in terms of market share include:

Budgeting, Cloud Computing, Cloud Management

By Saket Srivastava, Chief Information Officer at Asana

There has never been a better time to be a CIO. The pandemic has evolved how we regard the IT organization within businesses, in no small part due to the extensive role it played in keeping teams connected and able to perform during a more disconnected time than ever. No longer is the tech function conceived of as a back-office team — we are leading the charge in how the workplace adapts.

The year ahead will bring new and continuing challenges for all businesses. Organizations are once again turning to CIOs to bring about digital transformation that drives productivity, agility, and growth for the future. With two decades of experience working in technology, I’m no stranger to leading through uncertain times. With this in mind, I’ve created a survival guide for CIOs — with five key tips to help tech leaders navigate the year ahead while improving customer and employee experiences alike.

Make hyper prioritization a growth opportunity: While many organizations are faced with challenging economic conditions and resource constraints, CIOs have an exciting chance to turn these factors into new growth opportunities. Start by identifying and prioritizing which investments will have the biggest impact on your organization both in the short and long-term, enabling your teams not to spread themselves too thin focusing on less critical goals. Market constraints mean the opportunity to focus and double down on work that matters most.Scale up security investments: The move to a more distributed workforce has reset the level of flexibility employees have. However, it has also created security challenges — with more access points and sensitive information available to share and download on personal and corporate devices. Enhanced cybersecurity practices should be a priority for any CIO as they look to balance work between corporate and home offices. Additionally, make sure that your cloud technology tools use security industry best practices when it comes to how data is transmitted, stored, and processed. Internally, it’s vital for everyone to be aware of the dangers around sharing sensitive information — organizations should invest in robust security training to ensure company data isn’t compromised.Automate ongoing, low-skill tasks: Companies must increasingly focus on getting the most out of the investments they make in AI, tech, and data to optimize ongoing operational efficiencies. Automation is a sound investment to make, especially when it can free up employees to focus on high-impact work, optimize resources, and drive productivity. A few ways to get started are automating workflows through a work management platform to save employee time, reduce the need for status updates, and evolve from clunky spreadsheets and never-ending email chains; utilizing advanced data science models to understand customer pain points; and assessing the value your organization might gain from incorporating chatbots to power support teams. Tune in to customers: One of the single best investments that an organization can make in the coming year is ensuring that employees have the tools to be engaged, efficient, and productive. When teams can focus on work that drives meaningful results, it ultimately trickles down to improved customer experiences and outcomes. In the coming year, having a good read on customer needs will be crucial as many organizations battle resource constraints, challenging economic conditions, and continuing uncertainty when it comes to planning. Optimize distributed workforces: Today’s enterprise organizations rely on distributed teams, and it is important to ensure that employees collaborate effectively across time zones, geographies, and departments. One of the biggest challenges to workplace efficiency is that employees are distracted, often switching between an average of nine apps a day. This makes it easy to miss critical messages and updates from teammates. For CIOs, there will be a greater need for work management platforms to update individuals across multiple channels, integrate more productivity-focused tools, and minimize redundant cross-functional work and errors. 

CIOs have a breadth of touchpoints across any business. By optimizing both employee and customer experiences, they have a golden opportunity to help reduce friction and increase productivity. This will prove pivotal in positioning organizations not just for the year ahead, but also for longer-term growth. It’s a tall order, but by focusing on the priorities above, CIOs can ensure their enterprise remains nimble, relevant, and able to pivot around whatever the future may hold.

To learn more, visit us here.

Saket Srivastava, Chief Information Officer at Asana


Digital Transformation, IT Leadership

Welcome to the holiday season. Sure, I know the holiday season’s true start date is sometime in September, but I didn’t want to hurt Halloween’s and Thanksgiving’s feelings. Which is why I’ve refused to start my shopping until after the last of the turkey leftovers and Kit Kat Bars are gone.

Once upon a time I delayed my holiday shopping until the middle of December for a more practical reason: procrastination. I just like to think I was ahead of my time by being behind in my shopping.

But it’s December now. The time for procrastination has passed. Here’s your CIO holiday season shopping list for your IT and business colleagues, as well as your loved ones (and even yourself):

For the Head of App Dev: A methodology that’s designed for the work App Dev actually does, which isn’t developing applications. No, App Dev is more often responsible for configuring and integrating COTS (on-premises-installed commercial off-the-shelf software) and SaaS (cloud-hosted commercial off-the-shelf software) solutions.

The usual candidates are Scrum, Kanban, and Lean Development. The right candidate is Conference Room Pilot. It’s good so far as it goes, which is to configure a new package so that it supports users’ desired business processes. But that still leaves developers high and dry when the time comes to design and implement the robust set of ESB connectors they’ll need to keep the integration process manageable.

You’ll have to do some shopping, and probably some head-scratching to get that piece of the puzzle. Hint: It starts with SOA.

For the Head of IT Operations: A full-tilt automated, accurate, and correct regression and integration test suite. Yes, the gift goes to App Dev, not Ops. But that’s okay. An automated test suite everyone can rely on to make sure app changes don’t crash PROD might be used by App Dev but Ops gets most of the benefit.

For your company’s Executive Leadership Team: A magic wand you can wave so they understand why improvements to and remediation of Architecture — that’s both business and technical architecture — are legitimate rationales for approving action.

For your IT Service Desk: Several barrels of empathy along with a few dozen demijohns of patience, to be shared as necessary with both end-users and service desk analysts whenever a frustrating incident risks boiling over and becoming personal.

For your SINOs (sponsors in name only): A lump of anthracite. A SINO is the business executive or manager who is the sponsor of record for a project but feels intensely apathetic regarding its successful completion.

SINO-hood isn’t necessarily the SINO’s fault. Sometimes, a manager’s boss assigns or volunteers someone to serve as a project’s sponsor should an otherwise promising project proposal lack one. Should that be the case for a project, the SINO’s manager gets a chunk of bituminous.

For your business sponsors — real ones, who understand the nature of their role: A ceremonial deep-dish pizza, served at the completion celebration of the successful project they sponsored. They deserve it, because most projects need their sponsor to stick their necks out a few times to resolve the sticky situations that project managers lack the authority and influence to address.

For your project managers: A career path. Some companies still treat project management as a trial role for employees with managerial promise. The result is that, when a project is successful, the project manager is promoted to a “real” management job, thereby ensuring the company never builds a cadre of competent and experienced project managers, pretty much guaranteeing a high project failure rate.

For your loved ones: A healthy supply of Maxalt, to help them get over the migraines you induce by sharing your professional trials and tribulations with them.

Or else, better, keep both the conversation and the Maxalt for yourself. This only makes sense, as stifling your desire to share is likely to give you the migraines you’re sparing your friends and family.

For yourself: A daily dose of perspective, to get you past your daily annoyances so you remember that in the end your chosen profession lets you play with a lot of cool toys — either personally or vicariously — that someone else gets to pay for.

To all of you CIO Survivors: A happy Hanukkah, St. Nick’s Day, Winter Solstice, Diwali, Christmas, Sir Isaac Newton’s birthday, Boxing Day, Kwanzaa, New Years Day, Perihelion, Isra & Mi’raj, or whatever seasonal holiday you celebrate that I somehow managed to miss.

See you in 2023.

Business IT Alignment, IT Leadership, Software Development

The enterprise IT scene today is characterized by continuous digital transformation and data generation of epic proportions. With remote and mobile work being the new norm in a post-pandemic world, mobility and agility have become essential drivers of business continuity in the enterprise.

In an effort to automate and integrate every possible business function, centralize and speed up the flow of data and information, improve productivity and provide a better customer experience, organizations are building agile DevOps environments with complex hybrid multi-cloud operational models.

However, with great mobility and timely data comes great responsibility. Enterprises face increasing challenges in keeping data, services, and Personally Identifiable Information (PII) secure. Despite the advances in technology, we continue to see record-breaking numbers of data breaches year after year.

How do enterprises evolve their data storage, management, and protection methods to make sure employees have a straightforward way to access digital resources while reinforcing the security of the whole IT infrastructure?

The answer lies in effective secrets management.

What is secrets management and why is it needed?

Secrets management is the appropriate set of tools and best practices used to securely store, access and centrally manage digital authentication credentials (or “secrets”) through their entire life cycle. Secrets are data items used in authentication and authorization – they include passwords, public and private encryption keys, SSH keys, APIs, tokens, and certificates. Both machines and humans use secrets to authenticate and communicate.

But why do you need secrets management in the first place?

“With the universal shift to hybrid multi-cloud infrastructure and reliance on app containerization, the need for both machines and people to continuously access systems and data has grown substantially. For example, more and more applications must continuously access different data sources, cloud services, and servers, often with different kinds of credentials needed for each resource. This has created an exponential need for secrets throughout the DevOps process,” explains Oded Hareven, CEO and co-founder of Akeyless, a SaaS-based secrets management tool.

What makes it tricky is, developers frequently encode various secrets into app or microservice code, scripts, automation tools, and code repositories – all residing across various infrastructures. Worse, these codes are at different development stages with a real risk of being mismanaged and unprotected. The result is an overall lack of control and integration of secrets, leading to what is referred to in security circles as “secret sprawl.”

The trouble doesn’t end there. Secrets kept in cloud platforms that perform continuous integration/continuous delivery (CI/CD) are required, by their nature, to manage and allow access to other machines and software. For this, they need to store secrets and signing keys (used for sealing code and software updates), which are frequently stored in non-secure locations such as a developer’s laptop or a build server.

Secret sprawl not only makes credentials difficult to track and manage, but also vulnerable to hacking. In fact, stolen credentials account for nearly half of all data breaches, according to a report from Verizon.

Many recent hacks, including software supply chain hacks, take advantage of secrets that have been placed in code, which is again stored in easily accessed repositories such as GitHub. In fact, GitHub recently detected over 700,000 potential credential leaks across thousands of private repositories, ripe for the taking.

The examples just keep coming. A recently exposed software supply chain attack hijacked popular PHP and Python libraries to steal AWS keys. In another instance, a commonly-used service that helps open source developers write and test software was found to be leaking thousands of authentication tokens and other secrets, allowing hackers to access developers’ private accounts on Docker, Github, AWS, and other code repositories.

But aren’t there a zillion methods already available to protect passwords, keys, and other credentials, you ask?

There are. And that’s part of the problem.

Challenges in secrets management

There is considerable inefficiency and duplication in today’s security solutions when it comes to managing secrets. Some of these challenges are:

Secret sprawl:

The world is moving from on-prem to the cloud – and so are secrets. The big 3 cloud service providers (and others) all offer their own secrets management solutions, which most companies accept by default, simply for want of a better solution – what could be safer than the provider’s own platform?

But with a hybrid multicloud architecture taking centerstage (it’s the only IT operational model that’s growing in adoption), most DevOps teams find themselves dealing with multiple environments chock full of microservices and containers for different workloads. These in turn have thousands of machine-to-machine components that communicate with each other, leading to a mind-boggling number of keys, tokens and other secrets in circulation.

The explosion and decentralization of secrets is a huge operational burden on admins and DevOps practitioners. The myriad cloud and virtualization solutions available today let users create and destroy VMs and apps on a massive scale. Needless to say, each of these VM instances comes with its own set of secrets that need managing. Further, SSH keys can alone number in the millions in enterprise organizations. Other than that, Ansible jobs, Kubernetes containers, and daily batch routines all tend to have passwords that need rotation.

All these systems are unable to access security resources that are external to their environment. There is no unified control plane that can help you manage multiple secret repositories stored across different platforms.

Insufficient visibility:

Static secrets localized to different environments (such as cloud, on-prem, edge or hybrid) are managed by different individuals, teams and administrators, creating “secret islands.” This inevitably leads to auditing challenges and security gaps.

Complexity of vault solutions:

Due to the large number of incumbent and legacy tools and platforms (both DevOps and non-DevOps) and the huge number of extensions for each of them, on-prem vault solutions don’t work well in many cases. Plus, it’s difficult to configure vaults according to the underlying compute, storage and networking infrastructure in a hybrid environment. The need for frequent updates only increases the complexity of on-prem vaults.

Cloud-based vaults are no better. A huge red flag is that these offerings are proprietary to the provider and only support workloads that run within their own environment and ecosystem, so again they’re not a good fit for hybrid cloud architectures. Even if you use only one major cloud provider, a multicloud environment, it only leads to vault sprawl. Another concern is that your master keys are shared with your cloud provider. This means a rogue admin, hacker or government agency could access them and you’d be helpless.

The perfect secrets management solution…

might not exist. But that doesn’t mean you can’t create foolproof Identity and Access Management (IAM) policies that keep your enterprise safe from every known threat and every known type of threat.

IAM is the new perimeter – it is fundamental to a modern security strategy. Validating the identity (authentication) of human and machine users and justifying their need to access the resource (authorization) is becoming more complex every day with the rise in automation and the number of dynamic workloads that fluctuate with demand.

Further, the nature of authentication is constantly changing. Application and database modules are no longer confined to a large block of code as they used to be. Rather, they are a complex and dynamic integration of microservices and subcomponents, each of which has its own authentication process.

Here’s what enterprises that operate in a multicloud environment or have a hybrid mix of on-prem, private and public cloud systems in place should look for in a secrets management platform or solution:

Works in hybrid, multicloud and multi-locale setups: This is perhaps the single most essential factor for enterprises. Wherever possible, choose a platform that integrates seamlessly with cross-platform, cross-environment workflows using cloud-native technology. Your secrets management solution should support IAM-enabled machine-to-machine and human-to-machine authentication and verification for different types of secrets such as SSH certificates, API keys, x.509 certificates, encryption keys, and so on to enforce continuous security compliance.

Works with different authentication protocols, languages and devices: It’s important that your secrets management tool support human, hardware and software authentication via third-party identity providers via all major interfaces, (certainly) including a command line, GUI, REST API and SDKs for major languages. Needless to say, it should facilitate dynamic secrets and integrate with common cloud-based platforms such as Docker, Kubernetes, Terraform, Ansible and Jenkins for undisrupted DevOps operations.

Then there is the question of scaling. If you want to grow at “cloud scale” and expand your geographical or technology infrastructure, you need to be able to scale your secrets management capabilities to support all existing as well as upcoming tools and plugins.

Can be managed via a unified SaaS platform: Security teams today need centralized visibility and control of authentication for all users, applications and devices across all environments used by the organization. “An intuitive SaaS-based secrets management tool with real-time visibility into every instance of secret use, audit logging and robust analytics is the need of the hour according to every security head I’ve talked to,” says Hareven.

Solves the secret zero problem and enforce the zero trust model: Password management is a common function these days. An individual might have a spreadsheet or doc in which they store all passwords for the various applications or control panels they use. However, to open this spreadsheet, they’d probably have another password. And they’d also need user credentials to log in to the OS and access the spreadsheet. Multiply this scenario by the endless types of secrets you have today, and you get the “secret zero” problem.

Your secrets management solution should provide you a set of initial credentials with an ephemeral token or key for continuous authentication into the parent machine so that the “secret zero” is never compromised.

This falls within the premise of the zero trust architecture (ZTA), which follows the principle of least privilege (PoLP), under which users and applications are granted “just-in-time” and granular access to a specific number of resources for a specific period of time – only after “justifying” their request to the administrator. These privileges are dynamically granted and automatically expire after the pre-set timeframe.

Keep your secrets

The ideal secrets management platform empowers DevOps, cloud migration and digital transformation in the enterprise by enabling different teams to access the resources they need and manage their secrets autonomously. With a solution delivered “as a service” from the cloud, you can reduce maintenance overheads, improve availability and scale your operations to meet your organizational growth targets.

Data and Information Security, Data Privacy, Devops, Security Practices

In the 1970s and ’80s, IT was the recognized driver of business change, albeit under the moniker “data processing,” followed by “management information systems,” followed by “information systems.”

Having automated the daylights out of general accounting, IT’s programmers and their friendly supplicants — business managers under constant pressure to cut costs — attacked business processes with glee to automate the daylights out of them.

The fun lasted until Joseph Juran invented the so-called “internal customer” and IT’s leadership role in helping the enterprise and everyone in it be more effective evaporated.

Instead, IT, in its role as “supplier,” sent out its business analyst emissaries to find out what these internal customers wanted from the products they were buying from IT.

That’s when we all fell headlong into perdition.

Hear me out: Business analysts in old-school, industrial-age, internal-customer-focused IT organizations asked business managers what their requirements were — what, that is, they needed an application to do.

Old-school, industrial-age business managers tried hard to provide useful answers, even though to their ears the question sounded a lot like “Explain the roles of dark matter and dark energy in keeping the universe from flying apart.”

You can see the problem: Business managers weren’t supposed to be experts in what software can do. The question they wanted to answer, if only the business analyst would have asked it, was, “How do you want your part of the business to run differently and better?” followed by “Would you like some help figuring that out?”

IT’s failure to ask the right questions led to its sad transition from business change leader to the dispiriting supplier-to-internal-customer perspective that continues to distort our industry.

It also led to the rise of business process optimization methodologies that promised business managers a route to making their part of the business run differently and better — without having to involve IT.

Sure, business managers, encouraged by business process optimization “belts” and supported by a bunch of spreadsheets that business users create when the IT they need isn’t the IT they have, can improve the business processes they follow.

But not as well as they can improve them when IT is integrated into business process optimization.

How? Start with a clear picture of what the leading business process optimization methodologies are for. Then, and only then, can you improve on them.

Making sense of process optimization methodologies

Four methodologies have come to dominate business process optimization efforts: Lean, Six Sigma, Theory of Constraints, and Business Process Reengineering. To succeed in today’s digital world, each should be second nature to IT’s business analysts.

Regrettably, however, these methodologies have become competing schools of thought (pick mine!) that evolved into religions (mine is better than yours!). It’s about as sensible as arguing about which works better, a screwdriver, a pliers, a soldering iron, or a lathe.

And you wonder why we consultants answer so many questions with, “It depends.”

When it comes to supporting business change, the “it depends answer” amounts to choosing the most suitable methodology, not the methodology the business analyst has the darkest belt in.

But on the other hand, the idea of having to earn belts of varying hue or their equivalent levels of expertise in several of these methodologies, just so you can choose the one that best fits a situation, might strike you as too intimidating to bother with. Picking one to use in all situations, and living with its limitations, is understandably tempting.

If adding to your belt collection isn’t high on your priority list, here’s what you need to know to limit your hold-your-pants-up apparel to suspenders, leaving the black belts to specialists you bring in for the job once you’ve decided which methodology fits your situation best.

Before you can be in a position to choose, keep in mind the six dimensions of process optimization: Fixed cost, incremental cost, cycle time, throughput, quality, and excellence (for a refresher, take a quick scan at “The hard truth about IT process success.”) You need to keep these center stage, because: You can only optimize around no more than three of them; the ones you choose have tradeoffs; and each methodology is designed to optimize different process dimensions.

One at a time:


Lean is Henry Ford by way of Toyota. Lean’s core focus is shrinking waste, which, when you boil it all down, means reducing incremental cost. Lean can deliver other benefits as well, like improving quality and reducing cycle time, but only insofar as they don’t impinge on waste reduction.

Lean’s proponents will be quick to point out that it emphasizes continuous improvement, too. And rightly so. Just keep in mind that Lean equates improvement to less waste.

If waste is your problem, Lean is just the ticket for you.

Six Sigma

Six Sigma is the heir to total quality management. Its focus is reducing variance, which it accomplishes by identifying and addressing the root causes of variability — the reasons process outputs fail to be identical and don’t meet the specifications.

Six Sigma’s focus, then, is on improving quality. To the extent defective outputs are discarded or funneled back into the process for correction, Six Sigma can, as a fringe benefit, reduce incremental cost, too.

But at its core, Six Sigma is your choice if quality is what matters most to you. Otherwise, you might find it disappointing.

Theory of Constraints

Theory of Constraints is the best process optimization methodology nobody’s ever heard of. That’s unfortunate.

Invented by former physicist Eliyahu Goldratt, ToC assumes insufficient throughput is your problem, and that your process has bottlenecks (constraints) that limit it. Speed up or eliminate process bottlenecks and you increase throughput — capacity, that is — and reduce cycle time in the bargain.

If a symptom of a business process’s shortcomings is that it can’t keep up with demand, look to Theory of Constraints for help.

And while it isn’t part of ToC’s official doctrine, you can apply the fundamental ToC loop — find bottleneck, fix bottleneck, rinse-and-repeat — to whichever process optimization goal you decide is most important. It doesn’t have to be a capacity bottleneck.

Business Process Reengineering

Michael Hammer’s and James Champy’s Reengineering the Corporation was the book that focused business leaders on the importance of well-designed processes. The focal point for Business Process Reengineering is that the right place to start is a blank sheet of paper.

So where Lean, Six Sigma, and Theory of Constraints look for the few bad process steps that cause the most mischief and go about fixing them so as to reduce waste, defects, or bottlenecks, BPR’s primary impact seems to be maximizing consultant billing hours.

Which isn’t entirely fair — there are situations where BPR is your only choice, for example when you’re in-sourcing a previously outsourced business process.

But of the four dominant process optimization methodologies, BPR is the riskiest.

Take the fifth

While Lean, Six Sigma, ToC, and BPR are the major business process optimization methodologies of choice, IT groups that want to lead business process improvement have another alternative available to them: To offer the process flows built into commercial applications as the logical places to start.

Software is an opinion. Commercial business applications are opinions about how a business process should flow. And while these opinions aren’t always a great fit, they’re usually a useful place to start.

And while starting with an application’s built-in processes makes both initial integration and ongoing maintenance easier for IT, this isn’t just a replay of the old, tired, plain-vanilla versus chocolate-sprinkles argument that so often derails application implementations.

The problem with arguing about ice cream varieties was … is … that they’re arguments about whether IT or “the business” gets its way.

But as there’s no such thing as an IT project, arguing about which flavor of software to use shouldn’t be allowed.

Starting with the built-in process? Yes, this is, as a happy fringe benefit, closer to accepting more vanilla-ish software for IT to maintain. But vanilla-ism isn’t the point. Effective processes are the point.

Going with the application vendor’s process design opinion has a business fringe benefit, too: Nobody has to design it.

And a second: It’s a workable place to start applying Lean, Six Sigma, or ToC if it isn’t good enough out of the box.

Business Process Management, IT Leadership