The VSM flywheel

An endeavour like VSM can only be approached iteratively, step-by-step

📘

Be prepared

If you do it right, your VSM journey is never complete. We believe that transformation is continuous, and that use cases will emerge over and over. Key to a successful VSM onboarding & maintenance is a clear methodology.

Thinking backwards

It is tempting to get lost in technology & discovery. However, successful VSM implementations always start from the end - what is it that you want to achieve?

  • A concise Service Catalog?
  • 50% less time in your teams for Vulnerability Management?
  • Introduction of DORA as framework for Development Efficiency?

Initial discovery

In 90% of the cases, it's recommended to start initially with Software & Cloud Service Discovery - Teams & Software Artifacts will be the backbones of your VSM journey.

🚧

Hint

It's possible to start with API Catalog, but then make sure to either transition to business or team mapping soon to get value out of the discovery.

In your initial discovery, typically the choice is:

Start Development-based

Discover artifacts from GitHub Repository or via CI/CD, potentially with a real-time feed of deployment.

👍

Best practice

Check with your CI/CD pipeline expert to understand the effort - if you can hook into your pipeline centrally, great. If it's effort for every team, CI/CD might not be the ideal start, as you want to convince your teams of the value early on.

Start Runtime-based

Alternatively, also Public Cloud or Kubernetes & OpenShift can lead to very fast initial results.

👍

Best practice

Check with your operation experts - if e.g. a clear tagging strategy or account segregation is already in place, then starting out runtime-based is promising.

Ensure ownership & data quality

The team mapping is potential the most critical point in your early VSM journey. You can decide whether you run after the data quality, or whether you can involve a distributed group. Populate your Team Structure gives you a nice tutorial on how to map your teams.

👍

Best practice

Eventually, you want to automate team-mapping, e.g. with Github topics - but maybe it's easier to get started manually to achieve results faster

Start the flywheel

Once you have an initial service catalog, the following describes your most important options:

  1. Extend the catalog - adding different sources will enrich the outcome
  2. Embrace APIs - API Catalog gives you a nice overview
  3. Map into business context - see Business Alignment
  4. Seek simplification of governance & vulnerability handling - Manage Vulnerabilities & Compliance
  5. Venture towards measuring engineering efficiency - Engineering Efficiency

Did this page help you?