Author Archives: theitriskmanager

About theitriskmanager

A IT programme manager specialising in delivering trading and risk management systems in Investment Banks. I achieve this by focusing on risk rather than cost. A focus on costs can lead to increased costs.

Capacity Planning

Capacity Planning is a process whereby an organisation comes together to agree on what they are going to focus on in the medium term. There are two outputs from the Capacity Planning process:

1. An ordered backlog of initiatives (MVDs) that the entire organisation agrees on.
2. A list of the constraints and options within the organisation.

The Capacity Planning does NOT produce a plan or schedule of work.

The purpose of Capacity Planning is to provide the organisation with focus. To agree a backlog based on the constraints that exist within the organisation. Rather than determine the capacity of the organisation based on its headcount, the capacity is based on the capacity of each group within the organisation.
Without an organisational backlog, there is a very real chance that the organisation will end up with too much work in progress because each group will seek to develop their own locally optimised priority.


The start of the process is to create a roughly ordered list of Minimum Viable Deliveries (MVDs*). This provisional list is then pruned to create a list that is probably about twice the size of the eventual backlog. I call this a list of unicorn horns as it little to do with reality.

The groups are the set of Scrum Teams that look after a particular system, service, component or function within the organisation. In fact, any potentially limited resource that needs to participate in the delivery of an MVD.

The (product) owner of each MVD then engages with the product owners working with the groups. The groups create an Epic for each MVD they need to contribute to, and provide a SWAG, a Sweet Wild Assed Guess. The minimum effort required is that the group’s product owner makes up a SWAG. It would be too much to involve the team in a story point style estimate (even if bulk estimation is used) as they are only needed to help order the backlog and identify constraints. They are not a commitment by the team. The units for a SWAG are team weeks, the work that a single “Scrum” team can do in a week. One of the main reasons for the SWAG is to ensure that there is engagement between the MVP Owner and the Group’s Product Owners, To ensure that the groups are aware of any work that may be required of them in the medium term.

You will probably want control reports to help product owners spot any gaps.

Each group calculates its available capacity. The default is the number of weeks in the period multiplied by number of the “Scrum” teams in group, multiplied by 50%. The 50% is based on the work of Todd Little.

<strong>Capacity Planning</strong>

Capacity Planning should involve all key decision makers. If any are missing they may go outside the process to get their MVD done.

Now that you have the ordered list of MVDs, you go through them in order. For each MVD, you check to see if there is enough Capacity in each of the groups to deliver all of the Epics in the MVD. If there is enough capacity, the MVD is included in the backlog and the remaining Capacity of the groups is reduced by the amount on the Epics. Whenever the Capacity of a group becomes zero, the group is identified as a constraint. If there is not enough capacity in one or more of the groups, then the following can be done:
1. The decision makers decides to deselect one of the MVDs that has already been selected in order to free up the capacity.
2. The MVD can be reduced in scope. Theoretically it should be impossible to reduce something that is minimal but given the choice between nothing and something, the MVP Owner will find a way to shave some functionality off.
3. The MVP Owner and Group Owner can defer the decision to reject the MVD by looking for additional Capacity.

Eventually, it will not be possible to do any further MVDs as they all rely on groups that have run out of Capacity.

You will find that about 20% of the groups will be constraints, having used all of their capacity. About 60% will have some work on the Corporate Backlog, and 20% of groups will have no work on the Corporate Backlog. This list is gold dust for the IT management team.

How the spare capacity is allocated will be the subject of a subsequent blog post.

You now have a backlog agreed by all the key decision makers, and the list of constraints in the organisation. You have done step one and two of Theory of Constraints, namely Identify the constraint, and prioritise the constraint. The rest is easy from here on in.

* I have deliberately avoided defining an MVD. Its the smallest piece of work to deliver value.

A tale of two coaches.

It was the best of times, it was the worst of times. In the words of Jim Collins, some coaches supported “The Tyranny of the OR” whereas other Coaches promoted “The Genius of the AND”.

This is a tale of Yves and David. Two coaches working with identical companies in a way that is only possible in literature, movies and the minds of thought leaders. The similarities are spooky. Even the managers had the same name… Neil, though David spelled it with a K.

David’s Story

David: “Hello, I’m your new Agile coach.”

Kneel: “Let me explain how our business works.”

David: “No need for that, I’m off to the Gemba.”

Knell: “What’s a Zumba? Is that like my wife’s fitness dance class?”

David: “Sigh. Nothing for you to worry about. You go and learn to be a servant leader.”

Kneel: “A savant lieder? What’s that?”

David: “You have to work it out for yourself whilst you still have a job.”

Six months later. Kneel is talking to his team.

Kneel: “So let me get this right. He changed it, and now its broken something else but if we change it back it will break the thing it fixed.”

Peon: “Yep. What happened to that David guy.”

Kneel: “He told the CEO to sack all the middle managers and get you lot to self organise. The CEO sacked him for being a moron.”

Yves’s Story

Yves: “Hello, I’m your new Agile coach.”

Neil: “Let me explain how our business works.”

Yves: “Great, that will be useful context. After that we’ll head off to the Gemba.”

Neil: “What’s that?

Yves: “I’m going to pair coach with you so that you learn how to coach your teams?

Neil: “Is that necessary? Surely you can do it? Do I need to do coaching?”

Yves: “Management are part of the governance, risk management or control function of the process. Imagine a simple boiler with a controller. Now imagine that the controller does not know how the process works. What would happen?”

Neil: “Chaos. I see your point. But what if they need skills I do not have?”

Yves: “You can help them to find them. It may be someone on one of the other teams or you may need to bring someone in.”

Neil: “So if I go to the Gemba, I don’t need to sit in the glass booth anymore?”

Yves: “You need to do both. Some risks are best observed close up. Some, you need to get some distance”.

Neil: “Can you give me an example.”

Yves: “Imagine all of your teams are burning down through work nicely. However, you have a feeling you are not delivering as much as you think you should.”

Neil: “I get it. Management reporting will help me get the big picture view to spot risks and issues that are at a higher level. A bit like fractals. If you measure the coastline using a one metre ruler you will get a very different answer to if you measure it using a mile long ruler.”

Yves: “Yes, you are looking for problems at a different scale which means you need a different measure and viewpoint. Sometimes at the Gemba. Sometimes in the glass booth.”

Six months later

Neil: “Hi Yves, You remember that change we put in. Well we had to take it out again, and replace it with something else. I didn’t need to get involved, the team did it. They just wanted me to keep an eye on things… Anyway, you know how you said we would probably need to talk about Cynefin and Staff Liquidity. Well I think we’ve hit that point. When can we bring you in again?”

This post is a response to Chris Young’s excellent post and a tweet by Joshua Arnold

All names of the characters are purely fictional. Any resemblance blah blah…

Given When Then – A Cynefin Case Study

Dan and I created the “Given When Then” pattern on August 23rd 2004, or rather, that was the day we realised we needed the “Given” part. On November 30th, I wrote a series of blogs explaining the format that Dan and I had created in its more familiar form. JBehave II , JBehave III, JBehave IV and JBehave and Postmodernism.

This experience report is best explored by considering it through the lens of the Cynefin framework. Although I read the Cynefin whitepaper before this time, I did not understand it until fairly recently.


Neither Dan or I deliberately set out to create the “Given When Then” framework. We were both working on other projects. Dan was working on BDD where he was trying to change the language of TDD using NLP to make it easier for people to learn TDD. I was trying to work out an analysis approach that would work with Extreme Programming. Dan had replaced TDD’s assert with “Should” and was having more success explaining TDD to people. A week or two before, we had traveled back from the Agile Development Conference together and we had realised that “should” was the language of specification.

On the day that Dan and I first came up with “Given”, our goal was for Dan to explain BDD with Mock Objects and Patterns to me as I was going on sales visits to clients and talking about something I had never actually done. As an amusing aside, several years later Liz Keogh told me it took her six months to remove the visitor pattern from JBehave v1.

The key point is that Dan and I were working on oblique problems. Dan was trying to create a better way to teach TDD and I was trying to learn TDD. We were not deliberately trying to create a pattern to allow non technical people to effectively communicate with Agile developers.

Activated Individuals

Dan and I did not create the “GIVEN” word. We tripped over it. It was literally a movie moment when I said something and Dan and I looked at each other realising it was something useful.

The night before I had been to see a friend researching a PhD in Historiography. Historiography is the study of Post-Modernism as applied to how history is understood and taught. Historiography shows us that the way History is taught, understood and interpreted is more a function of the context than the events themselves.

When Dan showed me the code for TDD with Mocks, my head was full of “Context” (thanks to my friend Rob) which meant I recognised mock objects as context. When I said “Mocks provide the context” Dan and I both realised it was significant as our goals had activated us to the importance of the statement.

The key point which Dave Snowden makes in his talks is that you need individuals in a heightened state of awareness to spot something important* You need experts to spot something subtle and significant.

Recipe Books and Chefs

Both Dan and I were “Chefs” in Dave Snowden’s language. I had a decade of experience of Business Analysis and was used to coming up with new approaches when needed. Dan had several lifetimes worth of experience as a developer, and in particular coaching developers.

As Chefs we recognised that “context” was a new ingredient that was missing from the meal shared between Agile developers and non-developers trying to communicate to them.

This was only possible because we had both served our apprenticeships, and had an understanding of how to combine ingredients that we knew the “GIVEN” was a new ingredient**.


BDD was designed for developers to more easily learn TDD. Dan and I adapted it to communicate between Non technical people and developers.

Actually, the “Given When Then” format is an exaptation of TDD. TDD has the steps Setup – Execute – Assert. Dan and I exapted the TDD form into a specification format that non developers could use to communicate more effectively to developers.

Multiple Safe to Fail Experiments.

I went off to develop Feature Injection while Dan developed JBehave and promoted BDD. Rather than focus all his attention on one BDD solution, Dan promoted and supported many open source communities as they developed tools. From JBehave, through rSpec, to Cucumber and SpecFlow, Dan has supported them.

So Dan engaged in Multiple Safe to Fail experiments in his search to realise a BDD tool that worked.


Thanks to Cynefin, I now have a better understanding of what happened when we discovered the Given When Then format. As a result in the future, I will have a better understanding the context I need to create in order for innovation to occur.

  • GIVEN I use Cynefin to understand the world
  • WHEN I look at situations going on around me
  • THEN I’ll find new meaning

* I’ve watched three of Dave’s keynotes to find the point where he says this but could not find it. My wording may be wrong.

**A while later I realised that GWT was a subset of the use case. Unfortunately the Use Case is so bloated as a tool that it is not focused on specifying behaviour. The Use Case has become the jack of all trades and master of none.

Pull – An experimental blog backlog

I would like to try an experiment. I currently have a fairly large backlog of blog posts that I intend to write that are fairly self constrained. Rather than put them out as I feel like it, I would like to try an experiment in pull. So I will give below a selection of posts I’ve planned. If you want to see one more than others, then leave a comment. I will count the comments (if any) on Monday evening. The one with the most comments will be the next one I write.

The backlog

1. Capacity Planning – An experience report on using Theory of Constraints to create an organisational backlog. This will use details (photos) from the experience report given by Lisa Long at XPDay 2013.

2. The role of the Agile Manager – A description of the role and the training for an Agile Manager (Delivery Manager, Risk Manager and Coach ). The importance of reporting.

3. Given When Then – A Cynefin Case Study. An experience report describing how Dan North and I created the Given When Then format made sense using Cynefin.

4. Using Cynefin’s Butterfly Stamping to determine the most appropriate to building the backlog.

5. The ups and downs of Hippos and Data Scientists. How to order your organisational backlog.

6. Something else you want me to write about. Some aspect of Feature Injection? Real Options? Staff Liquidity? Scaling Agile for Practitioners? What…evvva?

7. Tornado Maps and Skills Matrices. How to use your skills matrix and backlog to build a tornado map.

That should be enough. On Tuesday night, Dermot and Simon Cowell will count the votes and announce the vote on twitter.


Saint Sebastian and Scaling Agile

Last week we visited Florence and then spent a few days in Tuscany ( instead of attending Agile20xx like last year ). The Uffizi Gallery in Florence was formerly the office of the Medici family and is now one of the preeminent collections of Renaissance art in the World. Truth be told, the buildings and architecture of Florenze are more impressive than the art. For some reason, the pictures of Saint Sebastian (Thumbnails below with bigger images at the bottom of the post) held a particular interest for me.


After a while I realised that they are a counterpoint for Scaling Agile. The Artists all agree on certain points such as “St Sebastian was male”, “He was bound and shot with arrows”, “The arrows do not seem to affect him” and “He was wearing shorts made of a sheet”. They did not agree on other points though such as “Was he young or old”, “Where did the arrow pierce his body”, “Did the action take place inside or outside”. To the artists and those in the church who commissioned the works, the differences did not matter. All that mattered was that a Christian Saint was shot with arrows for his faith and survived. I sometimes feel that some of those involved in Scaling Agile are focusing on the details that differentiate them rather than the common things that are important. In a particular context, each of the approaches to Scaling Agile may be more or less relevant.

Instead of focusing on the differences, we should focus on the core common elements and then identify the context where the appropriate approach is more appropriate.

For the past year or so, @TonyGrout and I along with a bunch of other coaches have been trying to help a company to Scale Agile. This is the diagram and explanation I have been drawing for the past few months to help others understand the constraints and issues that we face.

Here is the description I’ve used to some success.

The scaled investment process starts with an Investment Decision Process which identifies an ordered list of investment possibilities ( I call it a list of Unicorn Horns as they are not realistic ). The ordering and naming of this list will be culturally specific. Do they use Weighted Shortest Finished Job, or Cost of Delay, or Business Cases, or just Hippos ( Highest Paid Person’s Opinion ). Who decides on the order? Do they call them MVPs or MVFs, or MMFs, or BVIs, or Investments or Stories or Bets or… The point is that the culture will determine the process to give a rough ordering to the list of potential investments. I will call them MVPs for this post.


The next step is to perform Capacity Planning for the coming period of time (typically quarterly).  For this, the owner/promoter of each MVP contacts all of the groups* that need to provide input to deliver an MVP and asks them for a SWAG ( Sweet Wild Assed Guess ) in units of Scrum Team Weeks. The group puts as much effort as necessary into the estimate ( I recommend a solid five to ten minutes at most ). The group also provides their capacity for coming period ( Default is number of Scrum teams in the group multiplied by weeks in period times by 50% ). <Editor’s note. I realised I have not described this process in full on this blog. Watch this space>

* Group – Random name representing a group of one or more Scrum Teams that can work on a component or system within the organisation.


During Capacity Planning, the business investors ( whoever they are ) all come together and select items from the list of Unicorn Horns. For each item they select, they reduce the capacity of the impacted groups. This means the groups form the constraints rather than a generic mythical man month notion of organisational capacity. There are two outputs from this process. One, an ordered backlog for the organisation that all business investors agree to which provides direction to the teams. Two, a list of groups that are constraining the organisations ability to deliver. Note that the constraints are dynamic based on the kind of work involved, although most organisations have a few groups that are needed for pretty much everything. The backlog is the focus for those interested in delivery (short term). The list of constrained groups is of interest to those managing organisational liquidity (longer term).

The Delivery involves the teams adding the items to their team Backlogs. They build the things needed for the MVP which eventually results in a release. The release results in an outcome which feeds back into the investment decision process. This is all very standard Agile/Lean practice.


This is also where our experience differs from standard Agile Doctrine. The belief is that teams will self organise to ensure delivery of the MVPs. This is not what we have experienced. The teams deliver but the organisation does not.

To address this issue we proposed that each MVP is assigned a Product Owner and a Scrum Master who are responsible for its delivery ( I consider accountable and responsible as synonyms. Hopefully someone will explain the difference ).


The MVP Product Owner is responsible for the value delivery of the MVP (The Outcome). As the teams develop the MVP, the MVP PO will let them know what can be descoped without impacting the value delivery.

The MVP Scrum Master is responsible for the delivery of the MVP. They will ensure that the MVP is initiated properly so that everyone involved is aware of their expected contribution. They will ensure that an appropriate architecture is in place. They will set up and facilitate the MVP Scrum of Scrums and Retrospectives. They will ensure transparency on the MVP to ensure all involved can see the status.

The roles are similar to traditional Project Manager and Business Analyst roles with one huge and significant difference. They have NO authority. They influence using transparency and they rely on facilitation instead of direction. This is particularly important as they will develop influencing skills they need when they operate on areas where they do not have authority or influence such as in clients or other business units. They will be servant leaders. To do this, they will need tools to report and show progress.

So this is the software investment process in full. However, we also need to consider governance. A governor was a device on a steam engine that stopped it from blowing up. Two balls would spin around, their speed a function the steam pressure. If the steam pressure went too high, centripedal force would force them out causing them to rise, opening a va would release steam resulting in the pressure dropping. The purpose of governance of governance in an organisation is the same. It ensures that the risks within the system are managed effectively.


The risk managers of the system ( another role without authority other than the power of transparency ) is to ensure that the risks in the system are properly managed, and if the individuals do not have the appropriate skills and experience to manage the risks, ensure that they are provided with coaching so that they can. Consider people playing by a cliff. The risk manager would help to make them aware of the danger. They would show them the cliff and help them work out an appropriate risk strategy. If they wanted to build a wall but did not know how, the risk manager would introduce them to people who could teach them how. The risk manager would monitor the risk to ensure it continues to be managed. This is not about control, but more the appreciation that whilst we are playing in the field, we might forget about other things like risks and demons. Recasting definition of done as a set of risks to be managed allows the teams to find the best solution for their context whilst ensuring that the organisation is not exposed to known risks.

These risk managers are responsible for staff liquidity at the team, group and organisational levels. They are responsible for ensuring the overall investment portfolio is balanced as well as ensuring investment is occurring where it should rather than where it is easy. Rather than simply looking at status of a team, they are considering the health of the organisation as a whole as well as in parts.

One of the most critical risks to address is to ensure that the correct approach is taken to building the teams backlog for the MVP.


The Cynefin Framework is ideal ( and necessary ) for helping teams understand whether they should build the backlog iteratively ( in the complex domain ), or build independent solutions ( in the chaos domain ), or up-front ( in the complicated domain ) or simply let the team do its thing ( for obvious domain ).

A risk management and coaching based approach to delivery and governance is vital for Scaling Agile. It allows software development to fulling integrate with the entire business. However, Cynefin is the “Fifth Discipline” of Scaling Agile to the organisational level, without it, we will be doing the “Wrong things righter, er, The right things wronger”.. without it, we will be barking at the wrong tree.

So have I painted a process where we agree he was shot with arrows? Or does this invite discussion about how old or how good looking he is?


Paintings of Saint Sebastian




Starboard! It Greg Brougham about to tack.

Dear All

Please welcome Greg Brougham ( @SailingGreg ) to the itRiskManager family of blogger.


Greg is an experienced IT Risk Manager with an amazing knowledge of the Cynefin framework. Check out his Cynefin article in Infoq. Greg was the person who explained the practical usage of Cynefin that lead to my taking the course.

Welcome aboard Greg.



A tale of two Feature Injections ( A Cynefin tale )

Earlier today I listened to Liz Keogh describe Feature Injection and state that “Feature Injection is a useful model but it does not work in practice”. The Feature Injection Liz describes is nothing like the Feature Injection tools I work with. The one Liz describes is a way of breaking down projects.

To differentiate them, from now one, I’ll refer to the one I use as “Value Mapping”**. I will also describe how you can use it relating to the Cynefin framework.

The key differentiator in Cynefin is between outcomes that are certain and outcomes that can only be known in retrospect.

If you are dealing with a product where the user has choice as to whether they use it, you are almost certainly in the complex or chaotic quadrant. In complex, you need multiple safe to fail experiments. Feature Injection Value Mapping can help by forcing you to look at the value to the user and the organisation. Once the value is better understood, you can identify a number of options (hypotheses) to deliver that value (Those multiple safe to fail experiments). You can then use feature injection Value Mapping to identify the dependencies needed to deliver the value and the options to deliver them. Value Mapping in this usage is very similar to Impact Mapping.

If you are dealing with a product where the user has no choice to whether they use it, you are probably in the complicated quadrant where enterprise software hangs out. You can use feature injection Value Mapping to help the user find the value and then get them to draw the output they need from the system to deliver the value. You can then use Feature Injection Value Mapping to identify the delivery options. One extra point, in enterprise software land you often do not want to specify the user group in advance.

From experience (been using it for a decade now), people on projects tend to zoom in on complicated problems like clever maths and stuff. Value Mapping is great for quickly surfacing complex issues such as necessary changes to business practices. Complicated problems are much easier to risk manage than complex ones… you just need to do analysis or find the right expert.


** A name that Dan North came up with.


Get every new post delivered to your Inbox.

Join 61 other followers