💡: it's possible to listen to this article! Find the audio at the bottom of the page 🎧
Do you have validation processes for requests for IT resources (software or hardware) in your company?
Whatever the size of your company, this question is relevant. All companies need a system for handling requests to the IT department and, above all, an upstream validation process.
It's such a chore, in fact, that it's a subject we generally avoid.
→ for employees, you have to go through the manager, then wait... and often relaunch,
→ for managers, you have to ask the IT department, and often you have to go through the purchasing department first,
→ for the purchasing department, you need to take into account the opinion of the manager, who is often in a much better position to know what his or her team needs. You should also check the contracts with the publisher or supplier.
→ for the IT department, you have to go back and forth with the manager, the employee and the purchasing department to obtain all the necessary approvals and precise information for account creation orequipment allocation. Then you have to send feedback to the manager and the employee to give them access.
All these processes have two major drawbacks:
- they waste everyone's time
- they are quite infantilizing
The manual resource request process
When there's no process, it's phone calls, post-its and tickets. This method, we can all agree, is not at all efficient. It has its share of forgetting, wasting time and going back and forth.
IT onboarding processes exist in just about every company.
There are also requests outside this process, and it's these that cause difficulties. Even so, you still have to go through a number of validation stages before your account can be created.
When the request comes from the manager, his N+1 may have to give his approval, the purchasing department is often involved, and the end of the line is IT, which has to collect the information, validate it and create the account.
All of this must be documented to justify requests and allocations. This not only ensures traceability , but also enables information to be shared within the team in the event that another person needs to take over the current request.
Requests are disorganized, and information is frequently missing.
Numerous tickets are created each time for a software request, putting a strain on the IT department and sometimes creating duplicate tickets for the same request.
From time to time, another solution may be found for the employee's initial need, either cheaper or already present in the company. But as they are disorganized and decentralized, requests create situations that are poorly managed, resulting in a financial loss for the company.
For the person initiating the request, it's impossible, without disturbing someone, to follow up on the request and find out where it stands.
What's more, in many cases this person is the employee, and he or she always goes to see the manager first.
So there's the request to make, any reminders to send and then waiting for everything to be done.
A lot of time elapses between the moment the request is formulated and the moment the employee has access to it. Time when the employee will be less productive.
You're the weak link! Goodbye...
In every company, there is a weak link in the process chain.
Often it's the manager, not because they're recalcitrant but because they're already overloaded.
The manager receives all the requests from his team, and even makes requests himself for specific resources. He must then formulate them to the purchasing department, then wait for approval before passing them on to the IT department. This process is extremely restrictive.
It's likely that he'll forget to make requests, or that he'll need to follow up with certain people, while in the meantime, one of his colleagues is stuck on a subject.
Lacking time, the manager may be too quick to validate his team's software requests, so as not to be the weak link.
In this article, we focus on requests for IT resources, but the manager also receives invoices, expense reports, vacation requests and other orders, in addition to monitoring his team's activity.
Compliance can take a hit: the manager doesn't check the access rights requested by the employee, nor whether the request is in line with his or her level of responsibility.
Data validation is a guarantee that the request and rights for the allocation of software or IT hardware to a user are appropriate and consistent. It ensures compliance with security rules.
Formalize the resource request process
First and foremost, to get things back on track and facilitate requests, you need to set up a validation process. We'll call this the validation cycle.
What is the purpose of this validation cycle?
The most obvious: to help structure requests within the company. Seen like that, it may make you smile. However, the interest is major:
Requests that are not part of a process go through informal channels. This encourages cronyism, favoritism, jealousy and so on.
Even if no one is privileged, without a process, rumors and discontent are rife.
Deciding internally on a formal process that everyone will go through simplifies things and understanding for everyone.
This cycle must therefore be decided in partnership with managers, various decision-makers such as purchasing, finance or other departments, and of course the IT department.
What needs to be decided at this time for each resource:
- What resources are involved?
- Who validates?
- What is the minimum number of people required to validate?
- Is a 'no' definitive?
- What rights?
- Who will create the resource?
Once the validation cycle workflow has been established and validated for each resource, it needs to be automated.
Software request workflow
Putting the workflow into practice can't really be done manually. Let me explain: for Salesforce, you've decided to send the request from the manager to the purchasing department, then to IT; for Microsoft 365, all you need is the manager's approval, then off to IT...
➡️ Who will remember all this?
➡️ Who's going to make sure that the application runs its course?
➡️ Who will ensure that the IT department receives the right information?
➡️ Who will check that the resource has been created and that the end user has received access?
Automation is not becoming a luxury, but a necessity in this process, to bring reliability and security to resource requests.
Which tool to automate IT resource requests?
It's important to choose a tool that can connect to your various resources, either via APIs, locally or offline, to automate a workflow. This tool must also be able to integrate your users.
In this case, an IAM (Identity and Access Management) tool is clearly relevant, as it natively integrates users, accounts and applications.
Automating the validation workflow is therefore a natural component of an identity and access management solution.
At Youzer, we have defined a workflow as follows:
- define your different groups of validators
- you define the minimum number of people per group who must validate
- you define your validation circuits for a given resource, and which validator group(s) must be assigned to it.
- define which resources are eligible for automatic validation workflows
- you assign your circuits to different resources
- define one or more managers for each resource, so that they can be kept informed of requests
What happens once the workflows have been set up?
Managers apply for team members on their Youzer platform.
An e-mail is automatically sent to the various validators. They are invited via a link to validate or invalidate the request.
For each validation, the manager receives an e-mail to keep him/her informed.
Once the minimum number of validations has been reached, an e-mail is sent to the manager to inform him/her that his/her request has been validated and is therefore being processed for creation of the resource.
Another e-mail is sent to the resource manager to inform him that a unit needs to be created.
The latter has all the information needed to create a unit quickly, since the settings are already defined in Youzer and the user is known, as well as all the information needed to create the account.
One click is all it takes for the IT department to create an account. Login details are sent to the user.
The manager validates the creation of the resource, and the manager is informed by e-mail.
The objectives of software request automation are to :
- a single application form
- centralize all requests
- formalize requests to keep track of them
- track requests, mainly for managers, so that they know whether their request is on track
- trace requests and assignments, particularly for audits
- make work easier for validators and the IT department
- avoid shadow IT, since the application is simpler and more transparent
- increased productivity for the employee, who has access to the information more quickly
- simplify work for the IT department, which only receives complete requests with all the information required
In conclusion
Resource demands are an inescapable fact of life in any company, whether we like it or not. Not facing up to the problem only delays the choice of a solution.
IT tickets will fix the problem, but they don't solve the time wasted going back and forth between different departments.
Integrating account creation into onboarding packages, as well as unitary requests, within the same platform relieves the burden on all those involved (IT, purchasing, managers, etc.), secures resource allocation and tracks requests and allocations.
An IAM solution like Youzer is easy to use, and perfectly suited to companies such as SMEs and ETIs, thanks to its rapid implementation.
The validation cycle workflow can be set up in 5 minutes, and the time saved is immediate.
If having self-service functionality to speed up requests for IT resources is on your radar, I invite you to 👉 schedule your demo, to see how this validation cycle workflow comes together!
