Last Updated Mar 04, 2021 —

Key stakeholders are often averse to changes perceived as risky, but using data to tell a story of risk vs. reward can get an enthusiastic buy-in for necessary changes.


Organizational leaders must recognize that change is vital for the survival of their operations. This is especially true in light of how volatile the world economy has been in the past year because of the COVID-19 pandemic. Stagnancy can prevent an organization from doing what is necessary to pivot and adapt to better serve both their customers and the bottom line.

For a variety of reasons, many business leaders feel averse to changes, especially to ones that are perceived to carry risk. Some businesses, for example, are reluctant to continue investing in AI during a time when revenues are down.

As a result, strategic heads for product development and operations must work to convince top stakeholders that a change is not only prudent but ultimately beneficial and valuable. What is the best way to accomplish this? Experts say that securing buy-in does not have to be complicated.

“Despite its perceived complexity and difficulty, securing buy-in is fairly simple and straightforward,” writes the Project Management Institute’s Emad Aziz. “Give your audience what they want, and they will give you back what you want from them, as long as it is commensurate.”

With this stakeholder focus in mind, here are four methods that can be used to gain a more enthusiastic buy-in for all changes, not only those perceived as risky:

  • Measure and score change risk at the micro level
  • Cultivate custom metrics that appeal to each stakeholder’s purview
  • Incorporate value metrics into risk assessment and change activity in general
  • Build trust with a healthy production environment that keeps risk in perspective

Working with, not against, key stakeholder fears to achieve buy-in

Before developing a strategy to gain buy-in from leaders, it’s important for those proposing change to understand the fears and motivating factors that are behind the resistance to product changes in the first place.

Many top-ranking executives will be wary of putting resources behind new and unproven revenue streams, for example, fearing that the “gamble” won’t pay off. Others want to be sure they can maximize profitability for existing proven solutions, when they, instead, should be worried about disruption. Innovation has become a mandate, and there is rarely such a thing as a “fixed” product in this day and age. Yet another reason for apprehension is that some business leaders may be reluctant to let go of legacy processes, or they may fear that consenting to changes would lessen their power within the corporate infrastructure.

Once doubts like these are acknowledged and addressed, specifically from the perspective of the stakeholder, the work of convincing them to consent to changes is mostly complete.

One effective way to allay fear is using data to tell a story of risk versus reward with respect to the proposed change. Using data from sources and silos such as DevOps systems of records, as well as marketing and customer experience, creates a story that will eliminate aversion and replace it with enthusiasm.

Another priority should be to illustrate the opportunity costs of failing to make a change. Leaders and organizations must be proactive about initiating product changes that produce value. Without this focus, they run the risk of reacting to unanticipated situations, such as a sudden surge in user loads, ultimately resulting in service disruption and dissatisfaction.

Conversely, organizations concerned about unanticipated disruptions cannot freeze changes because of uncertainty or unexpected volatility. Implementing change freezes will only breed more uncertainty and result in technical debt which increases the risk of a major incident once new changes are finally implemented.

Both the opportunities for change and the threat of not changing can be modeled using data generated from the organization’s own systems of record. Once this data is visualized, it can be leveraged to build a consensus on the best way forward.

Measure and score change risk at the micro level

Aggregating data from across all IT and development systems of record can demonstrate why and how certain changes tend to fail. Along with sourcing the right data, it’s necessary to bring the data into an IT analytics solution capable of aggregating and analyzing it across organizational silos.

Using ML, in combination with analytics, IT leaders can consider unconventional relationships between changes, risks, and the current practices they use. For example, certain product infrastructural decisions, like over-reliance on outside API or calls for image files, can contribute to dysfunction seen in production. This relationship may be invisible to human observers, but ML modeling of random patterns can pick up a strong correlation like this. Such an evaluative process can help to not only understand risk but predict it as well.

Sourcing the most appropriate data will ensure maximum visibility of potential problems and make risk predictions more accurate. Linking IT analytics to the applications, systems, and services used daily in your organization allows you to source rich data that can help you predict, and possibly even prevent, major disruptions to critical services.

For example, a metric like the change risk credit score can be used to paint a clear picture of change risk, and then offer drill-down capabilities in dashboards to explore what’s triggering the risk warning signs. When objective metrics are used to score change risks, it curbs bad habits while making changes more likely to succeed. Furthermore, demonstrating success and putting risk into context can go a long way towards convincing stakeholders about the objective facts of a new proposed change.

Cultivate custom metrics that appeal to each stakeholder’s purview

A lack of buy-in from a particular stakeholder often comes from a clash in perspectives. For example, IT leaders and marketing leaders live in different worlds and maintain different or contradictory priorities. Marketing may want to emphasize an app environment that appeals mostly to advertisers, for instance, or that monetizes features by locking them behind subscription tiers. IT operations, on the other hand, may have directly observed that user attrition goes down once ad saturation reaches a certain limit. Or they may better understand that locking out certain core features behind subscription tiers deprecates the product to the point where free users aren’t compelled enough to desire an upgrade.

When considering different stakeholder perspectives, the easiest way to achieve buy-in from varying stakeholders is to “give your audience what they want.” They need to see the specific metrics that reflect their priorities.

Some examples of stakeholders and some relevant metrics include:

  • Head of product security — rate of security compromises related to associated change by type and configuration item (CI)
  • Head of marketing — increase in user attrition or weekly user volume related to particular feature improvements, QoL, UX, etc.
  • CAB — success of similar changes, along with known risk factors of the current change

Each metric can bring in data from across the product lifecycle, deconstructing organizational silos while keeping KPIs for each domain visible to development or operations leaders. Once answering specific questions becomes easier by using analytics as opposed to manual reporting, there will be much less apprehension and a lot more clarity and confidence in the metrics.

Providing team leaders and other key stakeholders with customized analytics can also help to drive CSI initiatives and prompts everyone to trust and consider the same “source of truth.”

Incorporate value metrics into risk assessment and change activity in general

Concrete “value” is often left out of the equation in product creation frameworks like DevOps. But there is a strong need to measure and highlight value, especially when it comes to specific product changes.

Using a value stream management (VSM) approach, IT leaders can derive value-indicating metrics from every part of the product creation process. Just as change risk can be measured and predicted, so can value creation in areas such as an increase in production maintenance costs or changes in active SaaS subscribers.

Emphasizing how IT can use analytics to lower costs and accelerate value production builds enthusiasm for a more data-based strategy that transforms processes. Some specific examples include using NLP to extract top user complaints or praise from corporate chatter, or topic clustering to generate a map of pain sources or positive UX. Data analytics can be used to model the value of changes based on the expected impact on UX, either positive or negative. This approach can also be used to indicate the added cost or either heightened or weakened app security.

It’s critical for DevOps leaders to put metrics that matter in front of those who have ownership and accountability. This is especially true in the areas of compliance, security, and governance. Compromising any of these three can mean severe damage inflicted upon the integrity of the product, the reputation of the company, or the relationship of the business with regulatory bodies. When a single data breach or categorical HIPAA violation can mean millions of dollars worth of fallout, there is a strong financial incentive to stay on top of metrics that indicate the health of these three priority areas.

Build trust with a healthy production environment that keeps risk in perspective

Business consultant and author Idowu Koyenikan says, “Many times, the thought of fear itself is greater than what it is we fear.”

Stakeholder responses that indicate a lack of trust are almost always based on uncertainty and a general apprehension of the unknown. Sourcing KPIs from across organizational data silos will present the impact of proposed process changes or optimizations with more clarity and certainty, helping to reinforce a foundation of trust.

Using these technologies can also build a benchmark of successful changes, which demonstrates both capabilities as well as the role that actual, measurable risk plays in the process. In other words, IT leaders can know what works and what doesn’t and prove it through the data, all while emphasizing the specific domain metrics that are most likely to catch each stakeholder’s eye.

Data-based guidance can provide the support that organizations need so that they can advance through uncertainty, make positive, proactive changes, and keep the biggest threats to business continuity on their radar.

The collective result goes beyond more stakeholder buy-in. It will also produce a product that is more stable and more value-focused than ever.

COVID-19 has disrupted many business processes while encouraging rapid adaptation. Learn how IT organizations can evolve to succeed through the pandemic and beyond in our recent webinar: “How to adapt your IT Service & Change Management for a distributed workforce

Are you ready to scale your enterprise?


What's New In The World of

May 15, 2024

Unlocking the Full Potential of AI-Assisted Development with’s DevSecOps Platform

Discover how’s AI-powered DevSecOps platform unlocks the promise of AI-assisted development, boosting productivity while managing risks.

Learn More
December 22, 2023

How DevOps and AI Together Maximize Software Delivery Efficiency

Explore the transformative power of AI and ML in DevOps. Predict delays, avoid software change failure, and leverage solution patterns for a more efficient SDLC.

Learn More
December 11, 2023

Key Findings from the Accelerate State of DevOps Report 2023

Unlock insights from the 2023 Accelerate State of DevOps Report and start enhancing software delivery, operations, and team well-being for sustained success.

Learn More