Hidden IT Groups

What is a “Hidden IT Group”?

Within IT organizations, you will find there is a formal organization chart, with defined roles and responsibilities. These often form around functional areas like IT Operations, Application Development, Security or Portfolio Management, or Service Management. There are also hidden and invisible ‘groups’ that are defined by the traits and characteristics that the people share. While these groups might align to a formal organization in the org chart, they might not.

Why are hidden groups relevant

When you consider modern organizations and culture, often we organize into groups that share common values, culture, processes, language, standards, and norms. Understanding the culture and values of these groups is incredibly important when we try to connect with them and offer solutions to alleviate their pain points.

Trait	Description
Values	Some people may value innovation, while others value quality
Culture	How people work may be different
Challenges	They will perceive different challenges in their work
Thought leaders, analysts, & conferences	They will follow and learn from different leaders
Tools	the tools they choose will meet their specific needs
Processes, practices, and standards	ITIL, CMMI, Agile, PMI, etc
Conflicts	They may see things differently form other ‘it groups’)

IT Groups in enterprise IT/technology

In IT, there are several ‘hidden groups’ that describe groups of people and their shared values and common traits. While there are many possible ‘IT Groups’ to explore, the goal here is to offer a simple framework of the most typical and common divisions in order to understand their needs, goals, challenges and language.

Groups vs Personas

Groups are Not personas. Rather ‘personas’ are found inside of different groups. Think of these IT groups as a collection of different roles and personas.
Groups are Not (necessarily) Organizations, but many places might have teams defined closely to these ‘Group’ boundaries.

IT Groups 1.0

Hidden IT groups	Organize	Build / Develop	Test	Run	Protect
Values	On time, on budget, on track. Organization. Keeping the team focused on delivery for the business.	Innovate and deliver cool new solutions as fast as possible, help the business compete with the best solutions to meet their needs.	Quality is key, finding defects, protect users have a bad experience	Uptime, performance, availability, efficiency. Keep it running with the lowest cost. Restore service as fast as possible. Avoid and recover from outages (disasters)	Manage and minimize risks, protect our systems, data and business from cyber threats everywhere, inside and outside.
Culture	Complex projects and programs, securing teams in a matrixed world to organize and deliver. Agile makes it difficult to predict future delivery.	Collaborative and creative. Early adopters of new technology.	Processes and traceability to double check that each release is suitable for production. Often view their role as guardians, protecting users from defects.	Process oriented, often based on ITIL processes.	People, process, technologies are a constant balancing act. The goal is to have enough of each. You can’t be 100% secure, but need to have a layered approach to security. While security does introduce friction, the goal is to enable the business.
Typical titles	Project Manager, Scrum Master, Product manager, Business Analyst	Developer, architect, DBA, DevOps Lead, DevOps Engineer, DevTest	QA Lead, Tester, Performance tester, Automation Tester, DevOps Lead?, DevOps Engineer, DevTest	Sys Admin, Perf Monitoring, Incident Mgt, Release Mgr, SRE, DevOps Lead, DevOps Engineer	Security Operations, Security Analyst, Application Security, Penetration Tester, others
Hidden IT Groups	Organize	Build / Develop	Test	Ops	Protect
Tools they use	PPM, Agile Portfolio Mgt, Project Management, Value Stream mgt, Requirements Mgt,	SCM, Code Review, Code Quality, API Mgt, Architecture Mgt, Binary Repository, CI	ALM, Quality Mgt, Test Automation, Perf Testing	CD, Container Mgt, Cloud Mgt, ITSM, Service Desk, Incident Mgt, APM,	App Security, Web App Firewall, SEIM?, SW Composition Mgt,
Process	PMI, PMBOK, Prince2, SAFE, Earned Value, WBS	CI, Agile, RUP, Pair Programing,	Risk Based Testing, Traceability, TMMI, CMMI	ITIL, Release Mgt, Change Mgt, Incident Mgt, Service Management	COBIT, ISO
Challenges	Complex projects and programs, securing teams in a matrixed world to organize and deliver. Agile makes it difficult to predict future delivery.	Contributing to multiple projects, workstreams and systems. Supporting production and new development. Burdensome processes get in the way of delivering value.	Complicated software changes that is hard to accurately test. Test environments that don’t match production and keeping up with the rate of change from Dev	Managing complex legacy infrastructure where business expects 24x7 at no cost, while developers want to make changes and break things. Stuff breaks for no reasons outside of your control.	Expected to protect everything, but rarely involved in projects early or often enough. Frequently blamed for project delays and rework. Often late in SDLC, an isolated team, not included in developing new requirements, testing etc. From an operational standpoint, signal fatigue is a real problem.
Utopia	Able to quickly prioritize business demand, initiate projects and organize resources to deliver on time and on budget. Visibility into execution helps to solve issues early.	Able to focus on innovation and solving business problems. Responsive to change and not burdened by bureaucratic processes. They care about their software and the business value they deliver.	Testable requirements and testable applications enable automated testing of every change identifies defects, enabling the QA team to focus on exploratory testing and edge cases.	Changes never break SLAs, when problems happen, MTTR is rapid. Production infrastructure is easy to manage, scalable, efficient and available to support business demand. Self service enables day to day work and there are no snowflakes.	Because security is never 100%, ideally, we would have both proactive and reactive capabilities. For example, application security and shifting left would be proactive measures, along with secure SDLC training for developers. On the reactive side, we have security operations and red teaming capabilities that catch what wasn’t discovered earlier in the process. All of these capabilities need to be driven and governed by policy and process, and adequate technologies need to be deployed to ensure success.
Hidden IT Groups	Organize	Build / Develop	Test	Ops	Protect
GitLab Stage Mapping	Manage, Plan	Create, part of Verify	Verify, part of Plan	Package, Release, Configure, Monitor	Secure, Protect

- What about DevOps?

DevOps is a movement, bringing teams together to work across their group differences.

- What about Stages?

These hidden IT groups relate to one or many stages. See the above table.

- Are there other ‘hidden groups’?

The closer you look at any of these macro groups, you might see ‘sub groups’ with in them. For example in the Run group, you might discover a service faction or an infrastructure/network faction. Or in the QA/Test group, you may find performance testing and devtest factions.

Build

Overview People who are part of the build IT Group are typically developers, designers, architects and DBAs. They share common values and culture as they strive to design, develop and ship new applications and features. Values Innovate and deliver cool new solutions as fast as possible, help the business compete with the best solutions to meet their needs. Culture Collaborative and creative. Early adopters of new technology. Personas / job titles Clearly these titles: Contributors: Developer, Software Engineer, Architect, DBA, Managers: Development Manager, Lead, Executives: VP of Apps, Director of Applications, But, they might also include titles such as DevOps Lead, DevOps Engineer, and DevTest

Organize

Overview People who are part of the Organize IT Group are typically project, program and portfolio managers who are responsible for organizing, planning, and executing large projects and initiatives. They are focused on building the team, defining the tasks and work, and then delivering on the commitments. Values On time, on budget, on track. Organization. Keeping the team focused on delivery for the business. Culture Complex projects and programs, securing teams in a matrixed world to organize and deliver.

Protect IT Group

People who are part of the Protect IT Group are typically information security and compliance professionals who are responsible to minimize business risk in IT systems.

Run

Overview People who are part of the Run IT Group are typically information operations professionals who are responsible for the day to day operation and efficiency of the organization’s IT systems. Values Uptime, performance, availability, efficiency. Keep it running with the lowest cost. Restore service as fast as possible. Avoid and recover from outages (disasters). Culture Process oriented (often based on ITIL processes), people in the “Run” group are dedicated, hard working, and often the first line of defense keeping production running smoothly and efficiently.

Test

Overview People who are part of the Test IT Group are typically quality assurance professionals who are dedicated to improving the overall quality of their business applications. Many have spent careers supporting business users and they strive to ensure that new application changes are of the highest quality. Values Quality is key, finding defects, protect users have a bad experience Culture Processes and traceability to double check that each release is suitable for production.

Last modified November 21, 2023: Post marketing migration link migration (95292dbd)

View page source - Edit this page - please contribute.