What Is VSM? as told by IT, security, and executives
The response to "what is VSM?" can change dramatically based on whether you ask IT leaders, security leaders, or business executives, and their different responses teach us about the different priorities of each business area.
Dean Leffingwell on
what is a value stream?
Do you know what a value stream is and how it will impact your organization when you adopt SAFe? Dean Leffingwell defines what a value stream is and explains how it is a fundamental element of SAFe.
Value stream management (VSM) is an emerging set of methods used to align business areas and objectives in order to seek better value measurement and creation. At Digital.ai, we could define it as follows: "Value stream management (VSM) is defined as a process for enabling an organization to align business objectives and investments with software development and delivery efforts to produce products that delight customers, drive positive business outcomes, and realize the benefits of their digital transformation initiatives."
Many business professionals are aware of the methods VSM proposes, but they may have differing ideas of what VSM actually is. And, unfortunately, having an incomplete understanding of VSM can lead to organizations missing out on the full transformative potential it can offer.
During a recent survey, Digital.ai was intrigued to learn that the response to "what is VSM?" can change dramatically based on what job role was being asked: IT leaders, security leaders, or business executives. The differences in responses can be analyzed to understand the different priorities of each business area.
Understanding different views among industry teams is key. By knowing how perspectives shift and where priorities lay, teams can collaborate to pursue aligned objectives and a cohesive approach. When employed across the organization in this fashion, VSM has a high chance of delivering digital transformation expectations that often fall short, including the realization of ROI.
All responses to "what is VSM" from among the different teams were not only interesting but at least partially on-the-mark. Combining these views gives leaders a deeper impression of VSM, what it is capable of, and how to wield it in order to attain desired business outcomes.
A recent survey reveals how business stakeholders define VSM
Digital.ai recently conducted a comprehensive survey, which was analyzed in our Digital.ai's 2021 State of Digital Transformation Progress Report. The survey gathered data on hundreds of queries, most of which aimed to learn about how organizational leaders view their own progress on digital transformation.
Respondents in the survey were targeted to three broad categories: IT Decision Makers (ITDM), Security leaders, and Business Executives.
One important query in the survey was to ask these stakeholders how they would define/explain/interpret value stream management. Some of the top responses we received overall can be found in the table of results below:
Broad differences in VSM definition between IT, security, and business leaders
Top Responses to "What is VSM?"
Our results on the definition of VSM were very telling. They showed that business leaders in different areas had differing interpretations of what VSM actually is.
When separating respondents into their individual business role, here were some of the top responses we received:
- It is breaking down the business into various data streams that are driven by lines of business
- It is a business job that works to find the worth of software development and delivery efforts
- Information flow along with other important related data
- Doing the right thing for the company and ourselves
- VSM is a lean tool that employs a flowchart documenting every step in the process
- It is a concept that makes for a better and smoother workflow
- Helps management keep up-to-date on product status and performance
- Delivering best practices for customer service
- It means to have good security and data applications
- Efficiency in handling data flow
- Helps to determine the value of software development
- Manage the stream of concept, from start to finish
How different responses reveal different perspectives and priorities
While none of the definitions provided hit the nail on the head for how we, as a VSM platform provider, would define value stream management, the responses were, nevertheless, revealing. Specifically, the range of different responses from each business area shows how each receives different benefits and outcomes from using VSM.
The variety of responses also reveals the reality of what it means to introduce VSM, from each domain's perspective. I.e. it answers the question: "what difference does it make to my line of work to have VSM?"
Looking at the differing responses, here is how we would interpret the reality of VSM from each domain's perspective:
IT decision-makers prioritize operations stability, development quality, and a low rate of escaped defects that can cause product problems or service interruptions. Accordingly, ITDMs are focused on improving processes, achieving more efficient operations, and attaining more value delivery with each step of work — value that reveals itself in the final product.
Accordingly, ITDM is largely concerned with internal stakeholders: meeting and exceeding work performance expectations while easing the burden of DevOps management. As such, their focus on "what is VSM" corresponds largely to internal improvements, revealed in better, more efficient processes. Their goals, ultimately, serve the customer, but from the outside-in perspective — e.g. asking "what can we do, from our end, to improve the customer experience and to deliver them quality products in a leaner way?"
Security professionals know that many security vulnerabilities arise during development and don't reveal themselves until days — sometimes months or years — after the release has made it into production. Because of this risk, security teams have prioritized "pushing left" security concerns by making security audits more comprehensive and more focused on the earlier stages of development.
As a result of their priorities, security leaders considering the purpose of VSM take a wide scope view. When used properly, VSM is a means to codify how not just work flows in terms of value streams, but also how data flows through the app. By mapping value streams and app architecture, VSM can provide security leaders with the proverbial "10,000 mile-high" view needed to highlight vulnerabilities and isolate the chain of custody for how digital app/product handles data.
The primary goal of an infosec professional is to ensure a "closed envelope" app/product environment. This mentality emphasizes a high level of transparency and traceability for data flowing into and out of the product. Based on our survey responses, infosec leaders predict that if they can see everything that goes into the product — including both the practices used to build it and the data used to fuel it — they can achieve better security outcomes.
Based on our responses, executives took a decidedly concise view of VSM. To them, VSM as a process allows them to obtain the big picture of value streams and the sum of work. When value stream mapping is performed and value stream management becomes a prevailing goal, the business can succinctly chart and makes sense of, information across all business processes.
The generalized response from executives that VSM is, "doing the right thing for company and ourselves," can be interpreted to mean, "VSM helps us focus on the meaningful accomplishment of most important business goals/priorities."
Across the board
One major positive despite the broad range of responses: none of these interpretations are mutually exclusive! All show various facets of how VSM works, but also more importantly what it does when you use it.
But, importantly, all perspectives may miss the critical factor, which is that VSM optimizes value delivery to customers as well as internal stakeholders. Done properly, VSM aims for value-indicating end results, such as higher levels of customer satisfaction, better brand reputation, and improved revenue generation among all customer groups. VSM focuses on the inside as well as the outside — offering insights on how to improve processes while measuring the outcome of these changes in terms of concrete value creation for customers.
When given a more-specific definition, most respondents still say they are using VSM
One negative aspect to having so many different perspectives on VSM is that they allow someone to say: "Yes, we are doing VSM!" based on what are actually small facets of overall VSM practices. Practicing VSM in part is vastly different from using VSM to guide the organization from top to bottom.
VSM, as a whole, represents a disciplined way of approaching work. It demands that value remain the focus of all decision-making, and it gauges success on being able to make value-indicating metrics move in a positive direction.
Practicing VSM also means having specific organizational capabilities. For instance, in order to track value metrics accurately, including how they are affected during key steps of DevOps, the organization must be able to view aggregated data across silos. This data must be contextualized to the entire work process, based on how work and value flows through a value stream map.
In order to represent these specific outcomes, Digital.ai's official definition (at least for the purposes of the survey) is as follows:
"Value stream management (VSM) is defined as a process for enabling an organization to align business objectives and investments with software development and delivery efforts to produce products that delight customers, drive positive business outcomes, and realize the benefits of their digital transformation initiatives."
When respondents were given this definition (after providing their own), 95% of stakeholders say they believe their company is practicing VSM as stated. The actual breakdown of responses was as follows:
- 59% say they "definitely are" practicing VSM
- 36% say they "probably are"
- 4% say they "probably aren't"
- Just 1% says they "definitely aren't"
- Another 1% says "not at all sure"
Based on experience, Digital.ai expects that even fewer respondents would agree that they are practicing VSM when asked about specific capabilities. For example, if the survey asked: "Is your organization capable of following work from start to finish through a single dashboard, tool, or portal?" then affirmative responses would likely be much lower. As another example, few organizations might be able to affirm when asked: "Can your organization produce a single metric for average lead time across all DevOps steps/processes?"
These criteria seem strict, but VSM is all about the sum of the parts. Skipping steps or overlooking parts of the equation hurt the ability for organizational leaders to see the sum of value creation across all processes. They must retain the ability to visualize all processes as part of individual value streams, as well as the ability to track key value metrics within these streams. Without these abilities, there will inevitably be blind spots, and teams will not have singular alignment towards value-oriented outcomes.
Learning from each other to implement VSM and succeed in business transformation
The differing perspectives among business stakeholders offer hints as to how to align departments and achieve digital transformation success through VSM:
- IT responses show the importance of focusing on internal improvements and achieving beneficial process changes through VSM implementation
- Security responses show how VSM can improve not just app quality but also integrity, eliminating common blindspots or oversights caused by an incomplete view of processes
- Executive responses show the critical role of VSM in making "big picture" goals a reality, viewing the sum of each part of the business and how the department contributes (or diminishes) value through their processes
Overall, the focus on VSM may need to shift to more external definitions of value: i.e. delighting customers. Based on the survey, executives happen to be ahead in this area.
The good news is that all three — ITDM, Security Leaders, and Executives — can agree on the importance and benefits of VSM. If they listen to each other and seek to meet in the middle to deliver a holistic VSM framework capable of charting and optimizing value creation, they can achieve true alignment and achieve value delivery goals for all stakeholders, inside and out.
See the full survey results in our recent publication: "Digital.ai's 2021 State of Digital Transformation Progress Report"