The Visible Ops Handbook
This is a book review I wrote back in 2007 for a past version of this website. I am resurrecting it because it is still applicable today. I can't recommend this book enough for system administrators.
I also recommend the book last May in the context of vulnerability management here: http://www.learnsecurity.org/single-post/2017/05/09/Where-are-the-Real-Vulnerabilities
Book Review: The Visible Ops Handbook
If you are in Information Technology, do you spend more time on fixing problems or more time innovating and maintenance? Often when I ask that question I get laughs. The truth is many IT professionals in organizations spend most of their time putting out fires.
I have been on audits where the IT staff has no time to implement anything new because they are swamped with 'fix it' requests. Now imagine how much they could implement or improve the IT infrastructure if they can get out of the 'fire fighting' mode of operation. Imagine how the health of the IT professional would improve with the reduced stress. Imagine the reduced costs and downtime.
Well, if you are ready to see the light, I have a book for you. The Visible Ops Handbook, shows you how to get you out of the 'fire fighting' mode and move your IT organization to the next maturity level, while reducing stress, cost and downtime. Sound to good to be true? Did you know most downtime can be linked to change? Something was changed on the server and wham! The server goes down. The technician who made the change may not even be there when it breaks. So, technicians have to scrabble to fix what they are unaware of.
Are you starting to see what it is the book is getting at? If not, I guess you need to run out and buy it. (I don't get any money by pushing this book. It is just a really, really, really good idea!) This book will lead you into the ITIL framework of IT Service Management, and from this book you can move to having ITIL or MOF (Microsoft Operations Framework) implemented in your organization. (The benefits of an IT service management framework are numerous and beyond the scope of this post.)
It is a short read and I highly recommend it.
by Kevin Behr (Author), Gene Kim (Author), George Spafford (Author) "Our goal in this phase is to reduce the amount of unplanned work as a percentage of total work done down to 25% or less..."
Publisher: Information Technology Process Institute (June 15, 2005)
Available in Kindle format and paperback
"The Core of Visible Ops Visible Ops is a methodology designed to jumpstart implementation of controls and process improvement in IT organizations needing to increase service levels, security, and auditability while managing costs. Visible Ops is comprised of four prescriptive and self-fueling steps that take an organization from any starting point to a continually improving process. Making ITIL Actionable Although the Information Technology Infrastructure Library (ITIL) provides a wealth of best practices, it lacks prescriptive guidance: What do you implement first, and how do you do it? Moreover, the ITIL books remain relatively expensive to distribute. Other information, publicly available from a variety of sources, is too general and vague to effectively aid organizations that need to start or enhance process improvement efforts. The Visible Ops booklet provides a prescriptive roadmap for organizations beginning or continuing their IT process improvement journey. Why Do You Need Visible Ops? The Visible Ops methodology was developed because there was not a satisfactory answer to the question: “I believe in the need for IT process improvement, but where do I start?” Since 2000, Gene Kim and Kevin Behr have met with hundreds of IT organizations and identified eight high-performing IT organizations with the highest service levels, best security, and best efficiencies. For years, they studied these high-performing organizations to figure out the secrets to their success. Visible Ops codifies how these organizations achieved their transformation from good to great, showing how interested organizations can replicate the key processes of these high-performing organizations in just four steps: 1. Stabilize Patient, Modify First Response – Almost 80% of outages are self-inflicted. The first step is to control risky changes and reduce MTTR by addressing how changes are managed and how problems are resolved. 2. Catch and Release, Find Fragile Artifacts – Often, infrastructure exists that cannot be repeatedly replicated. In this step, we inventory assets, configurations and services, to identify those with the lowest change success rates, highest MTTR and highest business downtime costs. 3. Establish Repeatable Build Library – The highest return on investment is implementing effective release management processes. This step creates repeatable builds for the most critical assets and services, to make it “cheaper to rebuild than to repair.” 4. Enable Continuous Improvement – The previous steps have progressively built a closed-loop between the Release, Control and Resolution processes. This step implements metrics to allow continuous improvement of all of these process areas, to best ensure that business objectives are met."