logo jabes

Command & Control Realisations


🎭 Concerns & Indices Elucidation 👁 Summary Vitae 🎭
👐 C-Steer C-Serve C-Shape 👁 I-C6isr I-Jabes I-Know👐
👐 r-steer r-serve r-shape 👁 r-c6isr r-jabes r-know👐
🔰 Contents I_Floor  C_Tasks  H_Culture C_Theory CMM0-SIM 🔰
  
🚧  PT_GAP ✅-TechSec C_Steer C&C_PT ✅-Morphing CMM3-SIM 🚧
  
🎯 I_Vuca ✅-AppSec C_Bani C_Vision ✅-fractals CMM5-SIM 🎯

W-1 Command & Control - acting on situations


W-1.1 Contents

W-1.1.1 Global content
Building data design data devops meta devops bianl design meta design math The data explosion. The change is the ammount we are collecting measuring processes as new information (edge).

📚 Information requests.
⚙ measurements monitoring.
🎭 Agility for changes?
⚖ solution & performance acceptable?

🔰 Too fast .. previous.
W-1.1.2 Local content
Reference Squad Abbrevation
W-1 Command & Control - acting on situations
W-1.1 Contents contents Contents
W-1.1.1 Global content
W-1.1.2 Local content
W-1.1.3 Guide reading this page
W-1.1.4 Progress
W-1.2 Floor plans, ordered dimensions C6autist_02 I_Floor
W-1.2.1 Context information technology: master data
W-1.2.2 Definitions products, goods, services: master data
W-1.2.3 Services orientation at information technology
W-1.2.4 Roles tasks levels in Information Services
W-1.3 Steering roles tasks C6autist_03 C_Tasks
W-1.3.1 Technical "how to" for understanding steering
W-1.3.2 The what to start operational steering
W-1.3.3 Understanding the data flow, data lineage
W-1.3.4 Roles tasks levels supporting Information Services
W-1.4 Culture building people C6autist_04 H_Culture
W-1.4.1 Project management, the change challenges
W-1.4.2 Project into Programme into Portfolio (3P)
W-1.4.3 Managing flow in activities, portfolios
W-1.4.4 CPO, CPE, Managing living viable systems
W-1.5 Sound underpinned theory, foundation C6autist_05 C_Theory
W-1.5.1 Chosen colours and shapes for the floor plans
W-1.5.2 The viable system, conscious decisions
W-1.5.3 The viable system, autonomic technology
W-1.5.4 Mediation: Technical autonomy vs organisational control
W-1.6 Maturity 0: Strategy impact understood C6autist_06 CMM0-SIM
W-1.6.1 Determining the position, the situation
W-1.6.2 Individual logical irrational together
W-1.6.3 Value stream VaSM vs Viable system ViSM
W-1.6.4 Flexibility in architecture, engineering, design
W-2 Command & Control working on gaps for solutions
W-2.1 Understanding ICT Service Gap types C6authow_01 PT_GAP
W-2.2.1 Understanding the technical design processes
W-2.2.2 Understanding technical performance choices
W-2.2.3 Data governance, knowing wat is going on
W-2.2.4 Data governance, knowing who is acting at what
W-2.2 Floor plans, understanding ICT operating value streams C6authow_02 ✅-TechSec
W-2.2.1 Technology quality & risk rating
W-2.2.2 Information process: Identities, Access, incident response
W-2.2.3 Safety Monitoring for anamolies by open source issues
W-2.2.4 Safety Monitoring for anamolies known internal processes
W-2.3 Information systems: Actuators - Steers C6authow_03 C_Steer
W-2.3.1 Communicating a shared value, mission for understanding
W-2.3.2 Communications, variety & velocity and regulators
W-2.3.3 Communications, variety & velocity within systems
W-2.3.4 Product vs Service provider & Top-down vs Bottom-up
W-2.4 Roles tasks in the organisation C6authow_04 C&C_PT
W-2.4.1 Team member and organic system roles
W-2.4.2 The ignored Engineer executing everything
W-2.4.3 Mediation technology: functionality - functioning
W-2.4.4 Interactions in the organic viable system
W-2.5 Sound underpinned anatomy of a viable system C6authow_05 ✅-Morphing
W-2.5.1 Fundaments of activities processes (0-1-2, 4-5)
W-2.5.2 Operational deliveries, functioning portfolio (1-2)
W-2.5.3 Changing products, services, functionality portfolio (2-3)
W-2.5.4 Autonomic compliancy control & conscious decisions (3-4)
W-2.6 Maturity 3: Enable strategy to operations C6authow_06 CMM3-SIM
W-2.6.1 SIMF-VSM Safety with Technology at Technology
W-2.6.2 SIMF-VSM Uncertainties imperfections at processes, persons
W-2.6.3 Dichotomy: generic approaches vs local in house
W-2.6.4 SIMF-VSM Multidemensional perspectives & revised context
W-3 Command & Control planning for innovations
W-3.1 Information processing in the information age C6autsll_01 I_Vuca
W-3.1.1 Master data, understanding information
W-3.1.2 Volatile master metadata and information chains
W-3.1.3 Strategy conflicts: safe platforms, business applications
W-3.1.4 Strategy conflicts solution: change to systems thinking
W-3.2 Floor plans, optimizing value streams C6autsll_02 ✅-AppSec
W-3.2.1 Information quality & risk rating
W-3.2.2 Chain of Information change & Master data Context
W-3.2.3 Information knowledge qualities by product, service
W-3.2.4 Information impact by product, service
W-3.3 Why to steer in the information landscape C6autsll_03 C_Bani
W-3.3.1 Understanding information: data, processes, actions, results
W-3.3.2 Understanding goals with needed associated change
W-3.3.3 Activities in the organisation for the organisation
W-3.3.4 6C-Control is not specific it is very generic
W-3.4 Visions & missions boardroom results C6autsll_04 C_Vision
W-3.4.1 How to Structure engineering the enterprise
W-3.4.2 Learning structuring the enterprise by examples
W-3.4.3 Beliefs, social networks influencing the enterprise
W-3.4.4 The closed loop in structuring the enterprise
W-3.5 Sound underpinned theory, improvements C6autsll_05 ✅-fractals
W-3.5.1 A structured enterprise, the organic cycle
W-3.5.2 The structured enterprise, backend and frontend
W-3.5.3 A structured enterprise, the hidden organisatonal synapse
W-3.5.4 Primary and indispensable secondary processes in the whole
W-3.6 Maturity 5: Strategy visions adding value C6autsll_06 CMM5-SIM
W-3.6.1 SIMF-VSM Safety with Information at Technology
W-3.6.2 Structuring viable systems with competing dichotomies
W-3.6.3 People authoritative leader "PAL" - Operational Units "OUs"
W-3.6.4 A generic context of the 6C in viable systems
W-3.6.5 Following steps
M-1.1.3 Guide reading this page
Avoiding the tooligan trap.
What's a 'Tooligan'? How often do you find yourself falling in love with a tool and then finding a problem so that you can use it?
Whenever I learn something new, I often want to go and try it out and test it on the peeps or systems that I work with, so I start with the tools and look for a problem.
I see this in many organisations and teams that I have worked with. I was talking to a friend expressing my frustration about the number of tools they used that didn't seem to solve any problem but were just there for the sake of a tool.
As humans, we are innately tool makers and users. Tools can help us express our ideas better, allow us to create beautiful things and solve real problems. We might want to ask a different question: This is a great question, but probably not the first one to ask.
👉🏾 How will we know what we do is getting us what we want?
Before deciding what we will do, we might want to ask… And so before we decide how to shift the system, we must understand what we value.
The Spine Model.
What are the system's needs?
This brings us to possibly the first question we want to ask:
👉🏾 "What problems are we solving here?"
When we look at things this way, we use a model that I love, The Spine Model. The Spine Model encourages us to start with understanding the system of work and the Needs of that system or the problem we are trying to solve. It asks us to identify what we Value and what we want to optimise for.
  1. Once we know what we like to optimise, we can look for Principles and levers that apply.
  2. Once we know what we value/want to optimise and what principles are necessary, we can decide what to do.
  3. What Practices will we use?
  4. Then, finally, we can choose the tools that will support all of this.
Let's walk an example through and see.
Getting the tooligans into the system's needs
"If you want a straight spine, you have to start at the top, at Needs and work down iteratively."
😱 I have seen so many organisations do the opposite. They start with a tool (Jira, Pivotal Tracker, Microsoft Azure, etc.), and then that tool defines their practices.
😲 Those practices shape the principles that apply and determine what optimisations are possible. More often than not, the original problem remains, and sometimes, the cycle continues with the following tool.
“The value of the Spine Model is to enable thinking and communication, heterodoxy.”
😉 The Spine Model can help us put our critical thinking hats on and ensure we are solving the right problem. It's about communication and shared understanding, which can save us time and money on useless tools and unsolved problems in the long term.
👉🏾 When I find myself being a "tooligan", I remind myself to begin with Needs.
M-1.1.4 Progress
done and currently working on:
Planning to do & changes:
Build modern01

W-1.2 Floor plans, ordered dimensions

Building any non trivial construction is going by several stages. These are: Non trivial means it will be repeated for improved positions.
Before any design, tools are needed for measuring what is going on. Without knowing the situation or direction there is no hope in achieving a destination by improvements.
W-1.2.1 Context information technology: master data
Functional data governance 101.
There is no options in avoiding accountability. Foundation managing information processes products services for data, information is functional about:
  1. The context purpose: 📚 it is describing.
  2. Who is using and when: 🎭 access control and monitoring
  3. Reliability availability: 👁 Transactional integirty, optional system recovery
  4. Relationships: ⚙ between logical elements (meta context plan)
  5. An inventory: ⚖ What is really being important & used
SQL liefe
Technical data governance 101.
Using a relational database for managing information is one of the many technical options to realize the functional information processing.
The technical translation of the functional context uses a different language:
  1. DDL Data Declaring: 📚 The translation from logical to technical has functional impact. Transactional processing is very different compared to analytics.
  2. DCL Data Control: 🎭 This is partially "access control", "information security".
    That is a generic functional topic for another level of tasks & responsibilities.
  3. TCL Transaction Control: 👁 Loosing information can be catastrofal when it is about legal agreements. An example of critical systems is payments.
  4. DML Data Manipulation: ⚙ Modification
  5. DQL Data Querying: ⚖ Usage
Avoiding misunderstanding: platforms & applications
What is a "platform" is as confusing by lack of a shared definition as "the application". Not clear anymore if tangible are machines, servers.
In IT, a platform is any hardware or software used to host an application or service. ... The term platform may also go beyond simply describing the underlying architecture to also include software that is built upon the architecture. For example, the adoption of virtual machines in an enterprise requires a hypervisor platform. ...
Tools are software but inseparatable parts of a platform. Even though an application may require an underlying computing system, such as a particular OS and server or storage hardware, an application may be considered a platform when it is used as a tool for performing meaningful work. ... For example: The goal of platform engineering is to create organized groups of resources and services that developers can use without needing to deeply understand or directly manage them. These organized groups, called platforms, are often built using many of the same software development skills and abilities found across DevOps teams.
The "system programmer" role as defined by IBM in the mainframe context (80's).
The platform team uses tool experts to understand developer needs, select the best tools for the required tasks, perform integrations and automations, and troubleshoot and maintain the established platform over time. ...
But platforms don't just happen, and one size never fits all. Platforms themselves are typically considered a product, and they must be created and maintained for the business and its specific software development and productivity needs. Because platforms are composed of discrete components and services, they can be changed and enhanced over time.
Using a shared environment, shared way of practices, controlled quality for the production environment, there is no other option than a regulated centralised approach for platforms. It are the equivalents of machinery in the industry. These should usually not be installed nor maintained by the intended operators of the machinery. It is far too demanding to combine those skills to excel.
W-1.2.2 Definitions products, goods, services: master data
Products, Goods, Services, what is it about?
There is not a good single reference understanding the mastedata object container "service". Combining multiple sources is the best option. Links with ideas about services, goods for products: Using chatgpt result for the definition of Services and from the linked sources: Services are intangible activities or benefits that an organization provides to consumers in exchange for money or something else of value.
Products: Goods vs Services
Differences are: Unique characteristics of Services:
Products, Goods, Services: types and quality
The human factor is often the key success factor in service provision.
Types of Services: Types of Services: Service quality can be measured through various dimensions such as: Both inputs and outputs to the processes involved providing services are highly variable, as are the relationships between these processes, making it difficult to maintain consistent service quality. Many services involve variable human activity, rather than a precisely determined process.
Service-commodity goods continuum
The distinction between a good and a service remains disputed. Classical economists contended that goods were objects of value over which ownership rights could be established and exchanged. Ownership implied tangible possession of an object that had been acquired through purchase, barter or gift from the producer or previous owner and was legally identifiable as the property of the current owner.
😲 Adam Smith's famous book, The Wealth of Nations, published in 1776, distinguished between the outputs of what he termed "productive" and "unproductive" labor. The former, he stated, produced goods that could be stored after production and subsequently exchanged for money or other items of value. The latter, however useful or necessary, created services that perished at the time of production and therefore did not contribute to wealth. Building on this theme, French economist Jean-Baptiste Say argued that production and consumption were inseparable in services, coining the term "immaterial products" to describe them.
🤔 In the modern day, Gustofsson & Johnson describe a continuum with pure service on one terminal point and pure commodity good on the other. Most products fall between these two extremes. For example, a restaurant provides a physical good (the food), but also provides services in the form of ambience, the setting and clearing of the table, etc.
W-1.2.3 Services orientation at information technology
Managing service gaps
Consequently, customers evaluation of overall service quality is based on a combination of all five aspects outlined above. Knowing the way customers evaluate service, it is important to understand, identify and measure the potential gaps that may exist in the service delivery process.
  1. knowledge gap This occurs when there is a disconnect between what a customer wants or expects in service quality and what the management team of the service provider thinks the customer wants or expects from the service delivery.
  2. standards gap This occurs when there is a difference between what the management team wants and the actual service delivery specification that management develops for employees to follow in delivering the service.
  3. delivery gap This gap can occur when there is a disconnect between the service standard and the actual service delivered to the customer.
  4. communications gap This happens when there is a difference in what the customer is told they can expect and what service is actually delivered.
  5. Expectation gap This gap can appear when there is a difference in what the customer expects from the service (prior to consumption or purchase) and what the customer perceives of the service after it has been provided.
Service Gaps

The soll in infomration service provision
Changes in the way of working are needed at a lot of levels. Bottom-up from technology perspective starts at 6. The columns are: Customer Focus, Processes & Tools, Continuous Learning & Improvements, Team structure, Value stream management, Culture.
👉🏾 The "soll" in a matrix (top-details, context-bottom):
data literacy RRU data literacy ACA
Customer P&T CLI Teams VSM Culture
➡ What ➡ How ➡ Where ➡ Who ➡ When ➡ Which
6 5 ➡ seek satisfaction continuous improvement quickly actions organic autonomy eliminate bottlenecks diversity in thinking
7 4 ➡ visible deliveries automate: no defects evolving skills knowledge sharing balance: speed - quality shared visions missions
8 3 ⟳ feedback loops effective efficiency small iterations breaking hierarchy informed decisions safe, blame-free
8 3 ⟲
9 2 ⬅ value creation collaboration mistakes = learning responsible autonomy flow measurements trust & openess
0 1 ⬅ Understand needs lean: avoid 3m adaption culture diversity in teams lean: flow optimisation transparancy

🎯💡 Promoting this way of working can be only succesfull by showing it by example.
W-1.2.4 Roles tasks levels in Information Services
Building up the Information service bottom-up
Every floor level is build on the next one by logical dependencies. When a task has not found its destination on the intended floor, ad-hoc bypasses are used.
Execution machines floor 0/1, the how for the organisation
operational Tech
Execution processes floor 1/2, the how in value streams
operational Tech
Change enacting floor 2/3, the what for value streams
operational Tech
Change control floor 3/4, the what quality & quantity for the organisation
operational Tech
In a mature situation all levels are in place and aligned with their antipodes.
Build modern01

W-1.3 Steering roles tasks

Managing the building any non trivial construction follows several stages. These are: Non trivial means it will be repeated for improved positions.
Managing the process, information is needed for understanding what is going on. Without knowing the situation or direction there is no hope in achieving a destination by improvements.
W-1.3.1 Technical "how to" for understanding steering
Build modern03
The V-model extended to a W-model
Organizing, planning the work in the primary value stream is a common activity. Time is important for delivering results.
In engineering using the V-model is the standard, doing as much as possible in parallel. There is no final design for every detail during construction. The most important things at high level are however defined for achieving a defined goal.
To be extended to:
BI_transforms01.jpg
Transactional operations - Normalization
In transactional systems it is important to avoid any duplication of an artefact, element, because it is too complex to keep duplications synchronized. Details: 👓
The concept of database normalization is generally traced back to E.F. Codd, an IBM researcher who, in 1970, published a paper describing the relational database model.
Definion of the third Normal Form (3NF):
Reporting Business Intelligence (BI)- Denormalization
Denormalization is the process of reversing the transformations made during normalization for performance reasons. It's a topic that stirs controversy among database experts; Tthere are those who claim the cost is too high and never denormalize, and there are those that tout its benefits and routinely denormalize.
Classic Business Intelligence are reshaping all operational data into new dedicated data models. The reason for this is taht facts and dimension used in the operational process are not suited for reporting and analyses.
The concepts of a transactional operational data design with normalization are followed.
schedule job flow
National language Support (NLS)
National Language Support (NLS) and localized versions are frequently confused. NLS is about: In the moment the NLS options are propagating into logical constructs the logic has become dependent on a NLS setting. Many tools are suffering from this not wanted effects.
This also has impact on the realisation in the data processing. 👓 details
Examples:
W-1.3.2 The what to start operational steering
Scheduling, planning operations.
Scheduling is the other part of running processes. Instead of defining blocks of code in a program it is about defining blocks of programs for a process. Processes are planed in time to run in time windows with dependencies.
avoiding confusion by same word other context:
Building a process flow
Building a process flow (job) is defining the order how to run code units (jobs). See figure, link 👓, details.
schedule job flow
Time events schedule
Operational control process flows I
Operational task: Monitoring the progress within a running process.
When automated there is only human interaction needed when there is signal of things going wrong. Andon , stop the line , and do not push the problem downstream.
Human intervention ready for action (Andon).

Running planned proces flows
Having process flow defined the planning is: In the example, see figure: Developing a system like this is more easy, understandable when the scheduling and program units are designed and build as a system.
See figure, link 👓, details
What is processed are indicators of deliveries, results for information products.
W-1.3.3 Understanding the data flow, data lineage
data lineage following the cycle
Knowing what information from what source is processed into new information at a new location is lineage (derivation), "data lineage" .
Understanding changes in data requires understanding the data chain, the rules that have been applied to data as it moves along the data chain, and what effects the rules have had on the data. Data lineage includes the concept of an origin for the data—its original source or provenance—and the movement and change of the data as it passes through systems and is adopted for different uses (the sequence of steps within the data chain through which data has passed). Pushing the metaphor, we can imagine that any data that changes as it moves through the data chain includes some but not all characteristics of its previous states and that it will pick up other characteristics through its evolution. Data lineage is important to data quality measurement because lineage influences expectations.
full pull push request service delivery
In a figure,
See right side.

Details 👓

Capacity Considerations, the enterprise data warehouse (EDW)
A standardised location in normal information processes using data is brings normal capacity questions. Change data - Transformations
More in details the transport of data, flow goes:
This breaks with the common acceptance of using a data ware house. The data warehouse is not used for operational processes but only for doing analytics to inform decision makers. In normal industrial approaches the ware house is used for operational processes. Measuring what is going on, informing decision makers is a different topic, different information flow.
The enterprise warehouse 3.0: df_csd01.jpg In a figure,
See right side.

Details 👓
In a figure,
See right side.

When the Collecting and sending area's of the EDW 3.0 are the ones that are most limiting the flow, the planning is best done for traffic by managing this service.
Data lineage, data quality, information quality is "by design" of the information products.
W-1.3.4 Roles tasks levels supporting Information Services
Building up the Information lineage bottom-up
Every floor level is build on the next one by logical dependencies. When a task has not found its destination on the intended floor, ad-hoc bypasses are used.
Information quality, service product
A specification can be clearly and completely, consistently and concisely specified by means of standard attributes that conform to the MECE principle (Mutually Exclusive, Collectively Exhaustive). The MECE principle is used in mapping process wherein the optimum arrangement of information is exhaustive and does not double count at any level of the hierarchy. By reorganizing the information using MECE and the related storytelling framework, the point of the topic can be addressed quickly and supported with appropriate detail.
SCQA: Situation, Complication, Question, and Answer, a brief overview: From this a generic approach for pruducts, goods and/or services: In a mature situation all levels of support are in place and aligned with their antipodes.
Confused-2

W-1.4 Culture building people

Managing the working force at any non trivial construction is moving to the edges. The cultural changes are: Non trivial means it will be repeated for improved positions.
Managing the working force at processes, information is needed for understanding what is going on. Without knowing the situation or direction there is no hope in achieving a destination by improvements.
W-1.4.1 Project management, the change challenges
Culture by frameworks, hypes
There is for a many years a fight going on in the information technology world how work should get managed. Instead of learning from other STEM, Science Technology Engineering Mathematics, what they have learned and what is is possbile, reinventing the wheel is common.
No such thing as Waterfall (A.Dooley 2024)
The Agile movement has greatly enriched the project management landscape. Unfortunately the ‘cult of Agile’ is doing more harm than good with its narrow evangelical views. ...
It was perhaps naïve of me to not anticipate that there are many, many different views of what the term 'Waterfall' actually means. That shouldn't have been a surprise since there is a similar lack of common understanding of what 'Agile' actually is, so if Waterfall is the antonym of something that isn't well defined, why would I expect the term Waterfall itself to be well defined? ...
All of this has reinforced my view that in the world of project and programme management, we should stop using the terms Agile and Waterfall (and, as a consequence, Hybrid) and just talk about agility. All projects demonstrate some degree of agility at some point in their life cycle and agility can take many forms.
Feel lost The confusion of: Development life cycles focus on the delivery phase of a project or programme and often arise from particular domains such as construction, engineering or IT. They should not be confused with governance life cycles or specialist life cycles. ... As uncertainty about the detail of objectives increases, development life cycles need to be more iterative so they can adapt as more information becomes available.
Future for project, programme management
Vision is linking Innovation and value (L.Bourne)
The key is an effective and viable strategic planning process that is capable of developing a realistic strategy that encompasses both support and enhancements for business as usual, and innovation. Strategic planning is a complex and skilled process outside of the scope of this post, for now we will assume the organisation is capable of effective strategic planning. ...
There is a close link between the portfolio management processes and strategic planning, what's actually happening in the organisation's existing projects and programs is one of the baselines needed to maintain an effective strategic plan (others include the current operational baseline and changes in the external environment). In the other direction, the current/updated strategy informs the portfolio decision making processes.
linking innovation to value
In a figure:
See right side.

The strategic plan is the embodiment of the organisation’s intentions for the future and the role of portfolio management is to achieve the most valuable return against this plan within the organisation’s capacity and capability constraints. ...
👉🏾 The long term viability of any organisation depends on its ability to innovate.
W-1.4.2 Project into Programme into Portfolio (3P)
Planning, a life cycle for a product, service
life-cycle Project, programme and portfolio management (P3M) is the application of methods, procedures, techniques and competence to achieve a set of defined objectives. The goals of P3 management are to: Investment in effective P3 management will provide benefits to both the host organisation and the people involved in delivering the work. It will: A consistent approach to P3 management, coupled with the use of competent resources is central to developing organisational capability maturity. A mature organisation will successfully deliver objectives on a regular and predictable basis.
A P3 life cycle illustrates the distinct phases that take an initial idea, capture stakeholder requirements, develop a set of objectives and then deliver those objectives.
The goals of life cycle management are to: Projects and programmes are the primary mechanisms for delivering objectives while portfolios are more focused on co-ordinating and governing delivery of multiple projects and/or programmes.
As a result the project and programme life cycles have many similarities and follow the same basic approach. The simplest life cycle is a project life cycle that is only concerned with developing an output.
Programme
A typical programme life cycle is shown.
praxis life cycle
Steps: Benefits realisation start at the first delivery.

See figure.
It all starts with someone having an idea that is worth investigation. This triggers high level requirements management and assessment of the viability of the idea to create a business case. At the end of the phase there is a gate where a decision made whether or not to proceed to more detailed (and therefore costly) definition of the work. ...
The full product life cycle also includes: In a parallel project life cycle, most of the phases overlap and there may be multiple handovers of interim deliverables prior to closure of the project.
praxis portfolio life cycle
Portfolio
Unlike projects and programmes, portfolios are less likely to have a defined start and finish. Portfolio management is a more continual cycle coordinating projects and programmes. It may, however, be constrained by a strategic planning cycle that reviews strategy over a defined period.
If an organisation has, for example, a three-year strategic planning cycle, then the portfolio cycle will have compatible time constraints.
👉🏾 The portfolio management team may be responsible not only for co-ordinating the projects and programmes to deliver strategic objectives, but also for improving the maturity of project, programme and portfolio management.
W-1.4.3 Managing flow in activities, portfolios
TOC Theory of constraints
BlueDolphins Love the FLOW
To make the long story (s. above) short, "the current accounting is so complex because it tries to optimize everything! The main assumption of accounting is: But that is impossible because every system has exactly one constraint. Without a constraint, it would grow with infinite speed, explode or exhaust all resources. And will die immediately. ...
This algorithm based on the Theory of Constraints (TOC) and Throughput Accounting (TA) is easier because every step is deterministic and easy to understand for everyone.
TOC Dolphins book: Management 4.0, Handbook for Agile Practices (3.0 )
The buzzwords “Agility, Agile or Agile Management” are often interpreted as miracle-workers. But the number of different meanings attributed to these terms is immense: There are thousands of experts and tens of thousands of books and articles on what agile work actually is.
Subject of agility: everyone is an expert, everyone knows how to do it best. ...
This book was conceived as a manual or "handbook" and ended up as a "brain book". It is full of concepts and principles, some rough and coarse, some fine polished. But all help to understand and put into practice the agile movement, and to ride this great wave without sinking!
Highlights:
Managing a living viable system
Current enterprises are, to a great extent, pushed by a permanent demand for change and adaption. One of their main requirements therefore is their ability to react accurately and precisely to dynamic and quickly changing market demands.
BlueDolphin VSM
Cybernetic combined with a hierarchy 6w1h.

Management cybernetics provides a structural framework of managerial functions and the required interactions that will enable the long-term success of businesses. ... changing the normative setting in an organization is crucial for reaching the desired synergy effects, i.e. initiating a process where “the whole is greater than the sum of its parts” (Aristotle).
The main driver for a collective interconnection between people, is ... We cannot stress strongly enough how important it is from our point of view that any increase in S1’s self-organizing capabilities should always be accompanied by an agile reshaping of the higher management functions S2 through S5 in the sense described above.
W-1.4.4 CPO, CPE, Managing living viable systems
Lean Product and Process Development (LPPD)
LPPD Guiding Principles (Jim Morgan, Lara Harrington, Steve Shoemaker) CPO Chief product officer, the goal focus on the product, good or service.
The LPPD Guiding Principles provide a holistic framework for effective and efficient product and service development, enabling you to achieve your development goals.
  1. Putting People First: Organizing your development system and using lean practices to support people to reach their full potential and perform their best sets up your organization to develop great products and services your customers will love.
  2. Understanding before Executing: Taking the time to understand your customers and their context while exploring and experimenting to develop knowledge helps you discover better solutions that meet your customers’ needs.
  3. Developing Products Is a Team Sport: Leveraging a deliberate process and supporting practices to engage team members across the enterprise from initial ideas to delivery ensures that you maximize value creation.
  4. Synchronizing Workflows: Organizing and managing the work concurrently to maximize the utility of incomplete yet stable data enables you to achieve flow across the enterprise and reduce time to market.
  5. Building in Learning and Knowledge reuse: Creating a development system that encourages rapid learning, reuses existing knowledge, and captures new knowledge to make it easier to use in the future helps you build a long-term competitive advantage.
  6. Designing the Value Stream: Making trade-offs and decisions throughout the development cycle through a lens of what best supports the success of the future delivery value stream will improve its operational performance.
 Lppd Putting 1 People
In a figure:
See right side.

Scaling without sacrificing innovation
👉🏾 Developing adaptiveness in a changing world (Sandrine Olivencia) Chief product Engineers take on the critical role of balancing customer value technology and also finance to craft their products. Actually a chief product engineer is not tied to a specific role like in agile.
Product manager or Tech lead is more of a responsibility or and a mindset.
CPE: Chief product Engineers can emerge from any part of the organization
3 Practices to scale artisanship (19m06): Chief product engineer (22m42) : The goal of this mentorship system is for experienced leaders to pass on their knowledge their vision and their artisanship to the next generation. The Cornerstone of the system is the chief product role the chief product engineer role.
Product-led approach (262m42) :
Dimensions Floor

W-1.5 Sound underpinned theory, foundation

Knowing the position situation in by observing several types of associated information . These are: Non trivial means it will be repeated for improved positions.
Command & control needs information for what understanding what is going on. Without knowing the situation or direction there is no hope in achieving a destination by improvements.
W-1.5.1 Chosen colours and shapes for the floor plans
SIMF colours for area's
An organisation in two dimensional blueprints for a three (and more) dimensions needs elaboration. Presenting idea's by only figures is too difficult to understand without an explanatory reference.
Explanation for the areas Image
Steer: An orange colour are organisational command & control for:
  • high abstracted level to the operational floor activities
  • for functionality, the change and functioning getting the value.
Area Steer
Serve: A green colour are technology aspects for:
  • high abstracted level to the operational floor activities
  • for functionality, the change and functioning getting the value.
Area Serve
Shape: A blue colour are mediation aspects for:
  • high abstracted level to the operational floor activities
  • for functionality: medium & long term closed loop information
Area Shape
Synapse: A gray colour are the logical communication aspects for:
  • The short term, quick communication, quick reaction at the same floor level.
  • The short term, quick communication, quick reaction over floor levels.
This area is the equivalent of command & control of a viable system. The viable system theory is mentions a fifth level. Questions for that one:
Who are our customers? What problems do we solve for them? What are they really willing to pay money for? This is crucial because answering those provides the primary control criterion that anchors accountability. 		Area Synapse

SIMF structure in shapes
Explanation for the areas Image structures
Steer: Structures:
  • Circles
    ➡ Interactions
    related to:
    • Organisation
      magenta
    • Technology
      green
    • Consumer focus
      brown
    • Supplier focus
      indigo
  • A circle of circles, controlled
  • Hexagons
    ➡ defined actions
  • collection
    delegated actions, controlled
  • duality
    ➡ Materialised information
    vs processing information
Act Process Act Delegate
Serve: Structures:
  • Circles
    ➡ Interactions
    related to:
    • Organisation
      magenta
    • Technology
      green
    • Consumer focus
      brown
    • Supplier focus
      indigo
  • A tree of circles, controlled
  • A V-shape control
    ➡ adaptive change
  • Hexagons
    ➡ defined actions
  • Hexagon flow
    ➡ fast closed loops
Act React Planned Act React Learn
Shape: Structures:
  • Hexagons
    ➡ defined actions
  • Hexagon flow
    ➡ fast closed loops
  • Circles
    ➡ Interactions
    related to:
    • Organisation
      magenta
    • Technology
      green
    • Consumer focus
      brown
    • Supplier focus
      indigo
  • A collection of circles, controlled
Act Flow Act Planned
Synapse: Structures:
  • Circles
    ➡ Interactions
    Same floor defined orientation:
    • Organization
      magenta
    • Technology
      green
    • Consumer focus
      brown
    • Supplier focus
      indigo
  • Hexagons
    ➡ defined actions
  • Rectangles
    ➡external influence
  • Antennas
    ➡ receiving signals
Act Nerve Act External Act Antenna

W-1.5.2 The viable system, conscious decisions
SIMF the organisation for realisations, outside view
👁 Industrial age: the manager knows everything, workers are resources similar to machines.
👁 Information age, required change: a shift to distributed knowledge, power to the edges.
Understanding the business, organisation in their four levels (bottom-up).
The complete area of information processing for the organisation in a figure: SIMF building build-run

W-1.5.3 The viable system, autonomic technology
SIMF the processing for realisations, outside view
👁 Industrial age: the manager knows everything, workers are resources similar to machines.
👁 Information age, required change: a shift to distributed knowledge, power to the edges.
Understanding the technology service in their four levels (bottom-up).
The complete area of information processing for technology in a figure: SIMF building operations

W-1.5.4 Mediation: Technical autonomy vs organisational control
SIMF Support in improving the product, service
The dichotomy Technical autonomy vs organisational control is not a common historical topic. Diplomacy is not associated with wealth, honour and glory. MEDIATION IN ARMED CONFLICT
The practice of mediation involves third-party intervention to facilitate conflict resolution between parties. Mediators act as neutral facilitators, assisting in communication, negotiation, and finding common ground to reach a peaceful resolution. It is a diplomatic tool used to de-escalate tensions, prevent conflicts, and promote cooperation.
Seeing the two different side that are a lot of frictions to manage: Some peculiar interesting attention points: The complete area of changing products, goods, services at information processing in a figure: SIMF improving external

Confused-2

W-1.6 Maturity 0: Strategy impact understood

From the three PPT, People, Process, Technology interrelated areas in scopes.
Only having the focus on others by Command and Control is not complete understanding of all laysers, not what Comand & Control should be.
Each layer has his own dedicated characteristics.
W-1.6.1 Determining the position, the situation
Don't waste your precious time on creating something that is not serving the greater good: Start moving beyond the “toolbox mentality” or "my Lean-thinking" and unlock real potential.
W-1.6.2 Individual logical irrational together
LGC devilstriangle
Paradoxes in lean, agile
Thinking about Lean Thinking Part IV Paradox Mindset At 12m40 there is a nice list of paradoces in defining lean (see 12m40) A complete list: Lean Global 2024 Here's a terrific collection of paradoxes that are inherent in Lean, compiled by Rachel Reuter and Eric O. Olsen. Rachel presented it, with John Shook, at last week's Lean Global Connection event.
Paradox, or apparent contradictions, can be in the challenge statement of the Improvement Kata model, or pop up just about anywhere along the way (Figure 2 below). Practicing Toyota Kata teaches you to work toward challenges with a scientific mindset and approach, making you more accustomed to the discomfort that uncertainties and paradoxes bring. It enhances your ability to create 'both/and' solutions rather than limiting yourself to 'either/or' options. Scientific thinking and what Rachel and John refer to as 'paradox mindset' are closely related.
  1. Customers-focused yet employee empowering Lean is driven by delivering value to the customer. Employees focus which ultimately benefits the customer.
    Yet empowering and engaging employees to reach their full potential is the focus.
  2. Structured yet flexible Lean views structure, including standardisation and stability as key enablers for flexibility, adaptability creativity and innovation.
    The framework provides a foundation for continuous improvement.
  3. Bottom-up, yet top down Lean requires leadership to provide clear direction and create an environment where all workers drive innovation and improvements.
    Both leadership and individual contribution are essential.
  4. People-centric, respectful yet challenging Lean shows respect for people by challenging them to learn, grow, and never settle for the status quo. Respect includes providing physical professional and emotional safety to enable development.
    The level of challenge is tailored to the individual's role and abelites, to stretch them appropriately.
  5. Stop, yet flow Lean requires stopping to immediately address problems, yet this enables unsurpassed efficiency, productivity and flow. You cannot have flow without quality vice versa.
  6. Reflection-seeking yet failure-tolerant lean pursues perfection and defined by providing on demand detect free one by-one , waste free, safe products and services.
    Yet it recognizes the importance of surfacing problems and learning from mistakes through continuous improvement, rather than wating for perfection.
LGC devilstriangle do
Dominiating: "either-Or"
Befudding us for at leat 25000 years ... With "Either-Or" explicitly dominiating much of our, especially western, thinking for centuries. No grey: no allowance for uncertaintity.
W-1.6.3 Value stream VaSM vs Viable system ViSM
Project, Programme, Portfolio (P3)
Project, Programme, and Portfolio Management (P3M) is the application of methods, procedures, techniques, and competencies to achieve a set of defined objectives. It encompasses three key areas: Effective P3M ensures that initiatives are aligned with organizational strategy, resources are used efficiently, and desired outcomes are achieved.
Cybernetics S1-S5 into S1-S6
The are three areas mentioned: Operation (O), Management (M) and the environment (E). Systems are classified and numbered system-1 to system-5.
💡 The environment fits into the strict naming scheme when named system-6.
Command & control a viable system
"The commander must work in a medium which his eyes cannot see, which his best deductive powers cannot always fathom, and with which, because of constant changes, he can rarely become familiar." Carl von Clausewitz, 1832. On War.
To put effective command and control into practice, we must first understand its fundamental nature—its purpose, characteristics, environment, and basic functioning.
We often think of command and control as a distinct and specialized function—like logistics, intelligence, electronic warfare, or administration—with its own peculiar methods, considerations, and vocabulary, and occurring independently of other functions. But in fact, command and control encompasses all military functions and operations, giving them meaning and harmonizing them into a meaningful whole. None of the above functions, or any others, would be purposeful without command and control. Command and control is not the business of specialists—unless we consider the commander a specialist—because command and control is fundamentally the business of the commander.
Command and control is the means by which a commander recognizes what needs to be done and sees to it that appropriate actions are taken. Other forms may require such a degree of judgment and intuition that they can be performed only by skilled, experienced people—as in devising tactics, operations, and strategies.
Furthermore, planning increases knowledge and elevates situational awareness. Effective training and education, which make it more likely that subordinates will take the proper action in combat, establish command and control before the fact. The immediate-action drill mentioned earlier, practiced beforehand, provides command and control. A commander’s intent, expressed clearly before the evolution begins, is an essential part of command and control. Likewise, analysis after the fact, which ascertains the results and lessons of the action and so informs future actions, contributes to command and control. Some forms of command and control are primarily procedural or technical in nature—such as the control of air traffic and air space, the coordination of supporting arms, or the fire control of a weapons system. Others deal with the overall conduct of military actions, whether on a large or small scale, and involve formulating concepts, deploying forces, allocating resources, supervising, and so on. This last form of command and control, the overall conduct of military actions, is our primary concern in this manual. Unless otherwise specified, it is to this form that we refer. ...
An effective command and control system provides the means to adapt to changing conditions. We can thus look at command and control as a process of continuous adaptation. We might better liken the military organization to a predatory animal—seeking information, learning, and adapting in its quest for survival and success—than to some “lean, green machine.” Like a living organism, a military organization is never in a state of stable equilibrium but is instead in a continuous state of flux—continuously adjusting to its sur- roundings. ...
Second, the action-feedback loop makes command and control a continuous, cyclic process and not a sequence of discrete actions—as we will discuss in greater detail later. Third, the action-feedback loop also makes command and control a dynamic, interactive process of cooperation. As we have discussed, command and control is not so much a matter of one part of the organization “getting control over” another as something that connects all the elements together in a cooperative effort. All parts of the organization contribute action and feedback—“command” and “control”—in overall cooperation. Command and control is thus fundamentally an activity of reciprocal influence—give and take among all parts, from top to bottom and side to side. (MCDP6 1996).
W-1.6.4 Flexibility in architecture, engineering, design
Fixed mindset trivial systems
The mindset for trivial systems is that they are that simple everyone understand it, anybody can do it. As soon it is experienced non-trivial than nobody is there to do it.
Example St-Pauls cathedral
A cathedral is a non trivial construction, for example: St Pauls Cathedral . (to visit) and (wikipedia)
StPauls warrant The task of designing a replacement structure was officially assigned to Sir Christopher Wren on 30 July 1669. Charged by the Archbishop of Canterbury, in agreement with the Bishops of London and Oxford, to design a new cathedral that was "Handsome and noble to all the ends of it and to the reputation of the City and the nation". The design process took several years, but a design was finally settled and attached to a royal warrant, with the proviso that Wren was permitted to make any further changes that he deemed necessary. The cathedral was declared officially complete by Parliament on 25 December 1711 (Christmas Day).

StPauls result
The final design as built differs substantially from the official Warrant design. Many of these changes were made over the course of the thirty years as the church was constructed, and the most significant was to the dome.
After the Great Model, Wren resolved not to make further models and not to expose his drawings publicly, which he found did nothing but "lose time, and subject [his] business many times, to incompetent judges". The Great Model survives and is housed within the cathedral itself.
The cathedral is one of the most famous and recognisable sights of London. Its dome, surrounded by the spires of Wren's City churches, has dominated the skyline for over 300 years. At 365 ft (111 m) high, it was the tallest building in London from 1710 to 1963. The dome is still one of the highest in the world.
StPauls result The St Paul’s Collection of Wren Office drawings is unrivalled as a record of the design and construction of a single great building by one architect in the early modern era. Consisting of 217 drawings for St Paul’s dating between 1673 and 1752 (nine others, catalogued in the final section, are unconnected with the building), the Collection was originally part of a much larger corpus. This included 67 drawings now in the Wren Collection at All Souls College, Oxford, and a single plan at Sir John Soane’s Museum in London. The whole corpus is only a fraction of what must originally have existed, for it contains very few executed designs and just one full-sized profile for construction, although hundreds – if not thousands – of such drawings must have been made.
He revised the design stage by stage as work moved from one part of the building to the next. The entire design process depended on close collaboration between Wren and his draughtsmen. Often working in pairs, they produced finished or alternative schemes for his approval and made large-scale working drawings for construction.
Race to the moon
The Space race was a 20th-century competition between two Cold War rivals, the United States and the Soviet Union, to achieve superior spaceflight capability. It had its origins in the ballistic missile-based nuclear arms race between the two nations following World War II and had its peak with the more particular Moon Race to land on the Moon between the US moonshot and Soviet moonshot programs. The technological advantage demonstrated by spaceflight achievement was seen as necessary for national security and became part of the symbolism and ideology of the time. ...
Gagarin's flight led US president John F. Kennedy to raise the stakes on May 25, 1961, by asking the US Congress to commit to the goal of "landing a man on the Moon and returning him safely to the Earth" before the end of the decade. The US successfully deploying the Saturn V, which was large enough to send a three-person orbiter and two-person lander to the Moon. Kennedy's Moon landing goal was achieved in July 1969, with the flight of Apollo 11.
It is this program met those many launches that initiated the project management as we know these days (2024) for information technology. The used computers in those days were the first ones that could be used enabling those projects.
The Learning the Lessons of Apollo 13 appollo 13 ITIL The story of Apollo 13 is one of hope, inspiration and perseverance, and one that holds many useful parallels for those in the field of information system project management.
Open mindset non trivial systems
What we can learn from these kind of great examples: More examples like this one of a non trivial project, non trivial construction can be found.
The questions for this is: why should we do it different for non trivial information systems?
Organisational culture
BlueDelphins: Hence, it is dependent above all, on the leadership skills of management, to implement a vivid corporate culture, which embraces change as a steady companion of agile living.
SIMF understanding the management improvement cycle
  1. A vision: Product / Service
  2. Geo-mapped roles
  3. Persons methodologies
  4. Flows, value streams
  5. Optimizing at constraints
  6. Functionality, technology
  7. Safety, technology
  8. Product Service knowledge
SIMF framework
in a figure: See right side.
💡 Start with knowing what task roles are relevant for the organisation and work from there to value streams going for aligning technology achieving the knowledge of the portfolio.
🔰 Contents I_Floor  C_Tasks  H_Culture C_Theory CMM0-SIM 🔰
  
🚧  PT_GAP ✅-TechSec C_Steer C&C_PT ✅-Morphing CMM3-SIM 🚧
  
🎯 I_Vuca ✅-AppSec C_Bani C_Vision ✅-fractals CMM5-SIM 🎯

W-2 Command & Control working on gaps for solutions


Alchemie

W-2.1 Understanding ICT Service Gap types

Preparing the building of any non trivial construction sould include safety.
❗Aspect: People, safety, functioning topics are: A viable system is non trivial, it will be repeated in structures in every layer. Conscious leading a system by command & control needs only the information for what is relevant in understanding what is going on. The shared vison mission defines a direction.
W-2.1.1 Understanding the technical design processes
Development of products and processes as a single effort
A confusion: What is called ‘waterfall’ or sometimes ´v-cycle’ is in fact systems engineering.
It is not project management although the links and connections are tight. (Jean-Charles Savornin) See ISO ISO 15288 on: Systems and software engineering — System life cycle processes
Systems Thinking in Project Management
The term "system" is often used to describe a collection of processes. However, it is only sometimes used in the form defined by Systems Engineers. INCOSE definition: There are shorter ones, my favorite is... The point of these two definitions is that when someone speaks of "systems," they don't always speak of the processes that go along with the products.
Separation of product from process is the basis of some "world views", that is not a system view.
Another confusion: A critically missing process in many IT projects, especially Agile development projects, is the principles of Systems Engineering. Systems Engineering dominates the programs in Space Flight, Embedded Systems, Software Intensive Systems of Systems.
In these domains, 12 principles are used to increase the probability of success.
These principles come from Section 3.2 of Engineering Elegant Systems: Theory of Systems Engineering, A Whitepaper, Michael D. Watson, NASA Marshall Space Flight Center (2020).
Systems Engineering activities Principles
  1. Systems engineering integrates the system and the disciplines considering the budget and schedule constraints
  2. Complex Systems build Complex Systems
  3. The focus of systems engineering during the development phase is a progressively more profound understanding of the interactions, sensitivities, and behaviors of the system.
    Sub-Principles:
    1. Requirements and models reflect the knowledge of the system
    2. Requirements are specific, agreed to preferences by the developing organization
    3. Requirements and design are progressively defined as the development progresses
    4. Hierarchical structures are not sufficient to fully model system interactions and couplings
    5. A Product Breakdown Structure (PBS) provides a structure to integrate cost and schedule with system functions
  4. Systems engineering has a critical role throughout the entire system life cycle.
    Sub-Principles Systems engineering :
    1. obtains an understanding of the system
    2. models the system
    3. designs and analyzes the system
    4. tests the system
    5. has an essential role in the assembly and manufacturing of the system
    6. has an indispensable role during operations and decommissioning
  5. Systems engineering is based on a middle-range set of theories.
    Sub-Principles Systems engineering has:
    1. a physical/logical basis specific to the system
    2. a mathematical basis Sub-Principle
    3. a sociological basis particular to the organization
  6. Systems engineering maps and manages the discipline interactions within the organization
Systems Engineering managing Principles
  1. Decision quality depends on the coverage of the system knowledge present in the decision-making process
  2. Both Policy and Law must be adequately understood, not overly to constrain or under constrain the system implementation
  3. Systems engineering decisions are made under uncertainty, accounting for risk
  4. Verification is a demonstrated understanding of all the system functions and interactions in the operational environment
  5. Validation is a demonstrated understanding of the system's value to the system stakeholders
  6. Systems engineering solutions are constrained based on the decision timeframe needed for the system
nasa domains quadrants
Agility Project Management and Systems View.
In the search for a definition of Agile Project Management, the Declaration of Interdependence (DoI) proposed a set of principles.
We are, in fact, "engineering a system" when we develop software and manage the project that develops the software. Are these principles compatible with the systems engineering view?
Realizing successful systems (products) is undoubtedly the goal. So why does the Agile Project Management world still need to have a connection to the Systems Engineering worldview? It seems like a natural connection.
A much better connection than to the linear, silo-focused set of processes described in PMBOK. In PMBOK, the customer is connected to the process loop at the start and at the end.
 There is however no connection made, more work needed.
Definitions of terms like value, rapid, early, customer, frequent, innovation, performance, effectiveness, and reliability are used by the DoI. When these terms are given "units of measure," and those units of measure are connected to analytical outcomes for the business, Agile Project Management will have moved into the system engineering domain. A domain where the "trade space" of decisions is where management and engineers live every day.
Asking questions like:
W-2.1.2 Understanding technical performance choices
Performance & Tuning - Software, Hardware.
Solving performance problems requires understanding of the operating system and hardware. This is basic classic, the architecture was set by von Neumann.
vonNeumann_perftun01.jpg Optimizing is balancing between choosing the best algorithm and the effort to achieve that algorithm. The time differences between those resources are in magnitudes factor 100-1000.
➡ A single CPU,
these days many.
➡ limited internal memory,
these days capable of holding massive data.
➡ The external storage.
these days several types for speed and purpose even more massive data.

vonNeumann_perftun02.jpg Neglecting performance questions could be justified by advance in hardware the knowledge of tuning processes is ignored. Those days are gone, a Fundamental Turn Toward Concurrency in Software,
By Herb Sutter. (2009) The Free Lunch Is Over .
If you haven´t done so already, now is the time to take a hard look at the design of your application, determine what operations are CPU-sensitive now or are likely to become so soon, and identify how those places could benefit from concurrency. Now is also the time for you and your team to grok concurrent programming´s requirements, pitfalls, styles, and idioms.
❗ Moore's law is about the number of components, not speed. More: 👓 details
Additional components:
➡ multiple CPU's and the GPU farm for processing.
➡ external storage using the internal memory types avoiding mechanical delays.
➡ Storage in a network cam be a SAN (Storage attached Network) or a NAS (Network attached Storage). They are different in behaviour and performance.
Performance Data processing
Performance is impacted by:
IBM db2 dio cio ➡ Use of keys indexes, positieve and negative effects
➡ The order of sorting. For bulk processing presorted works the best. Transactional applications are better with a random spread.
➡ Set in Limited physical sizing. Saving all history in a single space will have a negative impact. There are more reasons to split spaces by historical values.
➡ Cache setting for both the OS level and DBMS.
For managing tables a DBA should be aware of the effects by choices.
File system caching configurations 👓 Use concurrent I/O to improve DB2 database performance (ibm 2012)
In some cases, caching at the file system level and in the buffer pools causes performance degradation because of the extra CPU cycles required for the double caching. To avoid this double caching, most file systems have a feature that disables caching at the file system level.
This is generically referred to as non-buffered I/O. On UNIX, this feature is commonly known as Direct I/O (or DIO). On Windows, this is equivalent to opening the file with the FILE_FLAG_NO_BUFFERING flag.
query concurrency management To ensure that heavier workloads that use column-organized data do not overload the system when many queries are submitted simultaneously, there is a limit on the number of heavyweight queries that can run against a database at the same time.
You can implement the limit on the number of heavyweight queries by using the default workload management concurrency threshold. This threshold is automatically enabled on new databases if you set the value of the DB2_WORKLOAD registry variable to ANALYTICS. You can manually enable the threshold on existing databases. The processing of queries against column-organized tables is designed to run fast by using the highly parallelized in-memory processing of data.
W-2.1.3 Data governance, knowing wat is going on
ELT processing pre & post steps
Doing Extract / Load processing there are many tools due to 👓 CWM (Common Warehouse Metadata specification). The standard is almost forgotten in all hypes for tools. Extract Transform Load ELT, Data Integration, control & performance usually only focus on the technical behaviour. However doing ELT in real life something is missing, that is functional control & monitoring: This kind of logic is only possible by having an adjusted pre and post process in place. That kind if fucntional logic is impossible to be solved by an external generic provision. It is relative easy with local customisations and using local naming conventions.
DI control performance
In a figure:
See right side.

More Details 👓
Transport of data - information
Having systems in place the usual question is how to propagate the data -information- from one system to another in a reliable way. A technical service, "micro service" is a direct interactive way with no need for storage and building up an inventory with time delay. Not every process is an interactive needing immediate response. Dedicated transfer steps are other options.
In any case a well defined storage location is needed with an associated security alignment.
In any case a well defined Functional control & monitoring is needed: receiving safe data
Transferring moving information's conform moving goods.
More 👓 details

Any business application has little value when there are no interactions, no consumers.
feel_brains_05
W-2.1.4 Data governance, knowing who is acting at what
DevOps ICT - Transformations
Kim Cameron In 2000 he became the architect of Microsoft’s Active Directory, which evolved into the most widely deployed identity technology used in enterprises globally. As the growth of the Internet made the importance of identity increasingly evident, his role expanded to become chief architect of identity for Microsoft. In 2004 he wrote the Laws of Identity, a document that has long influenced both technologists and regulators, and which Microsoft adopted to guide its innovation.
blog See: "laws of identity in brief".
The Laws Of Identity
Several types of usage an identity: Any application developer, department, enterprise, or group of enterprises can create policies.
What is Azure Active Directory B2C? Then applications and portals can, depending on their context, invoke the identity experience engine passing the name of a policy and get precisely the behavior and information exchange they want without any muss, fuss or risk. (nov 2015)
PIM, Privileged Identity Management
What is privileged identity management (PIM)? PIM is a process or program for identifying the privileged accounts, also known as superuser accounts, within an organization. Doing this can help with the monitoring, control and management of the access privileges each superuser has to the organization's resources in order to protect those resources from harm.
Superusers, such as database administrators and system administrators, can perform actions on an enterprise system that a typical end user cannot. For example, a superuser can change other users' passwords; add, remove or modify user profiles; change device or network configurations; install new programs on enterprise endpoints; or modify enterprise databases or servers.
Business continuity management
BCM ( "Business and IT Continuity: Overview and Implementation Principles" (2008) a part of risk management.
Business Continuity is the term applied to the series of management processes and integrated plans that maintain the continuity of the critical processes of an organisation, should a disruptive event take place which impacts the ability of the organisation to continue to provide its key services. ICT systems and electronic data are crucial components of the processes and their protection and timely return is of paramount importance.
Business Continuity (BC) is now recognised as an integral part of good management practice and corporate governance.
SFluchs Enabele Secure
Structured defined Cyber Security.
blog (Sarah Fluchs).
The least amount of information is needed at the pyramid top. If you want to communicate a product’s security to a consumer who only needs to use a product securely, you don’t need to communicate much. A list of features is fine. A cybersecurity label assuring the list of features is met is fine too. This is what all the consumer IoT labels are for.
If you want to communicate a product’s security to an authority, they will want to know more.
At the pyramid bottom, your addressees need to make security decisions themselves for two reasons. First, because they’re regulated themselves, as many critical infrastructure operators are. They need to do their own threat models and risk assessment, and they need to explain their security measures to authorities themselves. Second, because they often do a fair share of engineering themselves. The products they buy are just building blocks that are further integrated into complex systems of systems Interesting are the labels for the products, they give an idea of content within a managed portfolio supporting this kind of items.
Build modern02

W-2.2 Understanding ICT operating value streams

Building any non trivial construction is going by several stages.
❗Aspect: Machines, technology topics are: A viable system is non trivial, it will be repeated in structures in every layer. Conscious leading a system by command & control needs only the information for what is relevant in understanding what is going on. A shared vison mission is a pre-req.
W-2.2.1 Technology quality & risk rating
operational Tech safe1
Communication acting at the viable system
CapCom: the primary point of contact and source of truth about the state of the system.
In IT Service management the goal of acting reacting got lost, incidents, problems, changes.
👉🏾 CapCom these are not the attributes known from ITIL but are reverted to the source: the incident with apollo 13. The time to react on an issue is important. Variations: Able to communicate within all levels is a prerequisite for able to react in time.
👉🏾 There is a duality in being very safe but not having the service available and running the service but that service has known safety issues. To balance in the conflicts is a task role not to combine with either of the conflicting sides, segregation in duties.
Incident response readiness, education mandatatory internal
EU directive NIS2, the CapCom: article 1
Member States adopt national cybersecurity strategies and to designate or establish competent authorities, cyber crisis management authorities, single points of contact on cybersecurity (single points of contact) and computer security incident response teams (CSIRTs).
EU directive NIS2, Also requires educations for executives: article 20
Member States shall ensure that the members of the management bodies of essential and important entities are required to follow training, and shall encourage essential and important entities to offer similar training to their employees on a regular basis, in order that they gain sufficient knowledge and skills to enable them to identify risks and assess cybersecurity risk-management practices and their impact on the services provided by the entity.
Confusing: prodcuts with digital elements
is not technology neutral defined. The assumption of simple devices would be different to complicated and complex or even chaotic is not underpinned.
Risk rating, readiness
This is a standard activity. A split in technology related risk and fucntionality risks is not made yet although this is by nature of a system logical to do. An open source option: Ravib
Risk matrix The purpose of this tool is to register risks in order to control them. Controlling risks requires knowing your risks, assigning them to people who actively deal with them and keeping track of the measures that mitigate those risks. This tool supports in that. This register is just a tool.
👉🏾 How well risks are controlled depends on how well the responsible people deal with them.
Technical resource qualities
Metrics: kpis
W-2.2.2 Information process: Identities, Access, incident response
operational Tech safe1
Continuity planning
This goal and drivers are not about technology but driven by the business organisation.
Business continuity (r-steer) measures are however technology related such as backup management, emergency planning, and crisis management. The recovery time objective (RTO) amd recovery point objective (RPO) (techtarget) are described from technology perspectives.
Metrics:
  • Portfolio, without an accurate inventory, there is no way having a complete BIA.
    • 👉🏾 Simplistic if a computer, system or network goes down as a result of a hardware, program or communications failure:
    👉🏾 The simplistic idea for a DR is missing the intentional actions disabling components.
    Identity & access
    The "Devils Triangle" on its own with IAM: Conflicting types of interests, focus areas.
    Frictions:
    secure_relate01.jpg
    In a figure:
    See left side

    IAM (C-Serve).

    The issue is not the execution of the actions implementing something, these are at the S1 level floor 0-1. The issue is definining well defined policies that are aligning all area's with the frictions solving the higer level goals of the viable system as the organisation technology and change as a whole. That is control S4 at level 3-4 and conscious choices S5 at 4-5.
    Well defined policy challenges:
    W-2.2.3 Safety Monitoring for anomalies by open source issues
    operational Tech safe1
    Security operations Processes
    The security operations center is often outsourced, not being an indespensible part of the viable system. This is possible by the more generic aspects of safety. What functionality in details is needed is different for each system at a moment.
    👉🏾 An outsourced SOC introduces a problem in more complicated systems where the anomalies of the internal processes is decisive for understanding a healty situation recognizing unhealty signals.

    Security operations: The Team
    Cybersecurity's the Team (linkedin post)
    Critics: The ciso is missing the trainers on the side line like risk managers compliance managers. The people watching the game employees operaton managers and ofcourse the club owners in the skybox paying top dollars for the players which resembles the business owner or board. The FIFA as regulatory compliance institutions. Imagine a football team, but instead of players, we have cybersecurity heroes on the field, each playing a vital role to secure the "goal" (protecting systems and data)! Here's how the ultimate Cybersecurity Dream Team shapes up:
    The security team
    1. Incident Handler: The goalkeeper, always ready to block threats and recover from attacks.
    2. Malware Analyst: The defender who tackles malicious players (malware) and keeps them off the field.
    3. SOC Analyst: The sweeper, constantly scanning the field for suspicious activity to prevent attacks.
    4. Threat Intelligence Engineer: The playmaker, analyzing the opponent's strategy and planning countermeasures.
    5. Security Engineer: The solid midfielder, building a resilient defense and ensuring the game flows securely.
    6. CISO: The captain, leading the team with strategy, vision, and oversight.
    7. Security Architect: The tactician, designing the winning formation (secure infrastructure).
    8. Security Consultant: The team’s engine, delivering expert advice and strategic "passes" to ensure both defense and attack operate at peak performance.
    9. Pentester: The striker, finding and exploiting weak spots in the defense (but for good!).
    10. Ethical Hacker: The winger, always pushing boundaries to test the team’s resilience.
    11. Red Teamer: The challenger, simulating real-world attacks to prepare the team for anything.
    Together, they form an unbeatable force, each with a unique role to ensure every play (whether defense or attack) is executed flawlessly. (Credits to @Aliou FALL.)
    W-2.2.4 Continuity monitoring with anomalies known internal processes
    operational Tech safe1
    Monitoring, Network - Storage
    Organizations are debating the need of a SOC, what kind of SOC and which components their SOC should include. SOC Roles and Responsibilities .
    SOCs can provide continuous protection with uninterrupted monitoring and visibility into critical assets across the attack surface.
    They can provide a fast and effective response, decreasing the time elapsed between when the compromise first occurred and the mean time to detection.

    Product & Service continuity
    The effects of the SOC centre is directly related to what external customers are experiencing. Therefor colour brown is chosen although the others in this area are green, technology.
    There is a continuously feed back knowledge needed of the organisational needs. Therefor an activity with the colour magenta is present in the SOC interaction.
    Monitoring, Processes - value stream flows
    Knowing how processes are normal functioning, how value streams are normally behaving is learning from measurements. Learning from information, data. This is contionously changing evolving approach, applying AI is in a hype.
    Secure AI Access by Design , enabling Safe Usage of GenAI Apps. The rapid proliferation of GenAI apps, coupled with their unique characteristics and evolving AI ecosystems have introduced new security challenges. Empower your security teams to not only keep pace with the latest GenAI apps but make informed risk-based decisions about which apps to sanction or tolerate.
    These policies can be customized based on user roles, departments or specific data uploads, helping ensure that AI apps are used in compliance with your organization’s security and governance standards.
    The questions in this: what are the " organization’s security and governance standards"?
    From: "How CISOs Are Supercharging Their Teams With Generative AI Augments" (gartner 2024, William Dupre, Anthony Carpino, Nader Henein, Kevin Schmidt), notes for GenAI.
    The initial hype around GenAI rushed many organizations into adopting the technology without much in terms of planning. Scenarios like this come with a high rate of risk because, outside of some fringe cases, the reward will never match the hype. The results are often months of trial and error, followed by a retroactive assessment, a financial write-off and potentially a sacrificial executive departure, depending on the size of the write-off. The bigger impact will come later, in the form of opportunities lost when the rollout of generative capabilities is delayed. The paradox, failure by: "We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run." ( Amara's law)
    Feel lost Several examples for AI usage, one of them (no 3): The assumption of the required creativity could be automated trustworthy is questionable.
    Build modern02

    W-2.3 Information systems: Actuators - Steers

    Using a system is simpler than designing those actuators in the construction.
    ❗Aspect Processes topics are: A viable system is non trivial, a repeated structure in every layer. Every layer has their actuators to manage by observing for what is needed. Without knowing the shared goal, mission, there is no hope in achieving a destination by improvements.
    W-2.3.1 Communicating a shared value, mission for understanding
    A history for he most complex social system: top-down
    A short extract from the introduction "conversations for action" (fernando flores). Argues that certain speech acts, particularly requests, promises, offers, assessments, and declarations, serve as building blocks for activating and fulfilling commitments in working relationships and, hence, in organizations.
    The essays in his book are all about how to effectively make commitments that allow us to create something of value, to generate value for ourselves and for others in the world. In essence, they are about instilling a culture of commitment in our work with others, whether that be in an organization, our own start up, or even in working together as a family to get ahead or raise children. He was anticipating what would become the greatest challenge of capitalism hence far: unregulated free markets that coexist with value creation for the world at large.
    The point is that people work together to produce value, not just for self interest.
    The networks of commitments/conversations for action framework for designing organizations makes explicit who is creating value and for whom value is being created, and what are the promises being completed that act as value producers at every step of the way.
    The core business has to think about how its products, manufacturing processes, business processes, employee relations, services, and role in the community impact the world.
    Designing work to produce value is very different from designing work for maximizing the self-interest of each party involved. Fernando Flores developed a unique theory of work and organizations that has had numerous practical applications.
    The seeds of these classic works were first developed in his dissertation, “Management and the Office of the Future,” which was written in 1980.
    A system without classical hierarchy: Cybersyn
    A viable system according CyberSyn (1970-s) ViSM is a different context than the value stream VaSM.
    On July 13th 1971 Stafford Beer received a letter from Fernando Flores, then President of the Instituto Technologico de Chile, and Technical General Manager of Chile's equivalent of the National Enterprise Board, which had been charged with the wholesale nationalisation of the economy. Flores spoke of the "complete reorganisation of the public sector of the economy" and said he was "in a position from which it is possible to implement, on a national scale, at which cybernetic thinking becomes a necessity, scientific views on management and organisation". ...
    The entire story has been told on several occasions, but some accounts miss the essential nature of this, and indeed all VSM applications: the key is to enhance and encourage autonomy at all levels (as the only way of dealing with environmental variety) but to ensure that the autonomous parts work together in a harmonious, coherent fashion and thus enjoy the synergy which comes when parts join together to create a whole-system.
    Simple ViSM
    The viable system as a whole
    A viable system according Stafford Beer (1960-s) ViSM is a different context than the value stream VaSM.
    The model was developed during the 1950s as a practical tool capable of dealing with issues of organisational structure. An understanding of the theory begins with the observation that operational units must be as autonomous as possible, and thus Beer's model of sees any organisation as a cluster of autonomous operational parts which bind together in mutually supportive interactions to create a new, larger whole system.
    The job of management is to provide the "glue" which enables this to happen. The diagram shows the three main elements:     VSMB_SYST_01: Classification systems types including the environemt 1-6.
    System-1: The operation. The operational units are given as much autonomy as possible so they can respond quickly and effectively. This is limited only by the requirements of system cohesion.
    System-2: There will be conflicts of interest which must be resolved. Harmonise interactions, to keep the peace, to deal with the problems. Without this the system would shake itself to pieces.
    System-3: is concerned with synergy. Look at the whole interacting cluster of operational units from its meta-systemic perspective. Considering ways to maximise effectiveness through collaboration.
    System-4: ensures the whole system can adapt to a rapidly changing and sometimes hostile environment. It scans the outside world in which it operates, looks for threats and opportunities, undertakes research and simulations, and proposes plans to guide the system through the various possible pathways it could follow.
    System-5: Rules come from System 5: not so much by stating them firmly, as by creating a corporate ethos, atmosphere: identity, ethos, ground rules under which everyone operates.
    Re-thinking the workings of any organisation in these terms. Take any enterprise and identify the operational parts. Questions to answer: As the process continues a diagram something like the figure shown above will develop. Once this is complete, the diagnosis can begin:     System-6: The purpose and regulations, come from System 6: the environment.
    This is a real holistic way to look at organisations, systems, avoiding the technical hope beliefs.
    W-2.3.2 Communications, variety & velocity and regulators
    VSM, multiple information channels
    Viable System Model (Michael Frahm)
    The static facet of the VSM involves analyzing present systems using its framework. The VSM is a strong homeostat. The VSM can be very well combined with other methods like lean management, scrum, OKR and others.
    This framework process goes beyond system viability, addressing issues within the corporate structure, and the structural and procedural organization. The objective is to uncover cybernetic insights and pinpoint any absent elements by employing a cybernetics oriented checklist. This serves as a foundation for the conceptual design of an enhanced system, ensuring a comprehensive consideration without the risk of overlooking crucial asp ects. The VSM can be used for design, analysis and diagnosis. ...
    and six vertical information channels ...
    VSMB_SYST_02: A classification in channel types: 1-6.
    1. Intervention Regulation
    2. Allocation of Resources
    3. Operational Interrelationships
    4. Interrelationships of the Environment
    5. Coordination (Sympathicus) System 2
    6. Monitoring (Parasympathicus)
    Moreover, within the Viable System Model, there exists an algedonic channel and transducers. Algedonic signals, serving as alarm signals, convey either positive or negative messages directly into System-5. Transducers, acting as converters, establish the interface between subsystems, guaranteeing the preservation of information authenticity.
    Autonomy vs. Alignment: an important conflict wherof the outcome should never be resolved.
    Viable System Model (Michael Frahm)
    The organizational management can only be as good as the model on which it is based. ... Dealing with megaprojects means dealing with the functioning of complex systems.
    Measuring and managing change, closed loops.
    VSMB_SYST_03: A well defined way of using good regulators in functionality and functioning.
    1. The Nyquist-Shannon sampling theorem is an essential principle for digital signal processing linking the frequency range of a signal and the sample rate required to avoid a type of distortion called aliasing. The theorem states that the sample rate must be at least twice the bandwidth of the signal to avoid aliasing.
      This is a well known principle in electronical communications.
    2. The Conant-Ashby good regulator theorem , which established that "every good regulator of a system must be a model of that system," is a key tenet of the model-centric cybernetics paradigm.
      The paradigm defines that a cybernetic regulator consists of a purpose, a model, a well-defined observer that only observes what the model requires as input parameters, some kind of decision-making intelligence, and a control channel that transmits selected actions or communications to the regulated system.
      Conant-Ashby good regulator Thus, in order to be effective:
      • a first-order (simple) cybernetic regulator requires a model of the system that is being regulated and
      • a second-order (reflexive) regulator can only achieve reflexivity by also having a model of itself, which encodes a real-time representation of the possible variety that is available to the regulator.
      • Finally, an ethical regulator is realized by using a third regulator to regulate a reflexive regulator to constrain it to only exhibit behavior that does not violate the ethical schema that is encoded in a third model.
      3. A PID controller is the simplistic closed loop. The good regulator adds specific requirements.
    W-2.3.3 Communications, variety & velocity within systems
    viablity the ability to survive or live successfully
    The viable system (VSM) as a whole VSM (Michael Frahm, Dr. Martin Pfiffner - research gate)
    The predominant model of organizations in the past was the machine: A more or less complicated construction designed to perform a more or less well-defined task. We still use this model when drawing organizational charts and describing processes. But a machine does what it does. Its predetermined behaviour keeps its variety low.
    A model of much higher variety is the model of the living organism. ...
    Simple'VSM system-3 operations Todays management practice deals only with two of three organizational dimensions. As a rule, however, we neglect the third dimension: the neurology of the organism.
    VSMB_SYST_04: Enablement to adapt to external changes, variety.
    1. Have more variability in the system than expected to get exposed to.
    2. Allow, create controlled paradoxes, in the system for the variety.
    Simple VSM recursive Variety is both in horizontal and vertical lines in the strcuture. This is the most important dimension in modern projects because it helps managers cope with complexity and dynamics. System 3 (i.e. operational management) has several communication channels at its disposal. These allow it to take well-informed decisions as well as to implement them even if they restrict the autonomy of System 1 (i.e. operations).
    Please note that we are talking about a control and communication structure here, and not about boxes in an organizational chart. In the VSM, we no longer enter names in the System 3 box. Instead, we ask a crucial question: What mission-critical tasks must System 3 perform, and who is involved? Quite often, the same person is involved in different control functions, and thus "wears different hats".
    The viable system as a whole, floor level 0-1
    Categorizing an inventory of processing topics for secure information management (SIMF). The result presenting it using nine areas is (see figure):
    SIMF n3

    There was no immediate associations with ViSM (Viable System Model), but:
    W-2.3.4 Product vs Service provider & Top-down vs Bottom-up
    Autonomy vs. Alignment: an important conflict whereof the outcome should never be resolved.
    The identity has important consequeunces. Produktanbieter oder Dienstleister? (blog Conny dethloff "Diagnosis of organizations with the VSM") When breaking down an organization into operational units, the VSM systems-1, this question is crucial:
    Knowing that most product providers also offer services around their products, this 0-1 decision should still be made as it has implications for the organizational design, namely: Let's take a trading organization and go through both cases. Because of the necessary differences between the operational units, it is easy to see that the "commerce" and "platform" business models should not be executed by one and the same organization, otherwise neither of the two can really be served well from an organizational design perspective.
    Paradoxes in an organization increase variety and the range of actions. One could also say that without paradoxes an organization would operate in a way that is too simplistic and would neither be able to react appropriately to market surprises nor provide them with any. Organizations need paradoxes. Task force mode therefore only works for a short time at best.     .
    Hierarchy levels VSM person to conglomerate
    Top-down VSM vs bottom-up VSM.
    Having the idea on what viable systems is about there are the following questions: What is seen in many examples is about analyzing systems top-down.
    A bottom-up design and build is missing for viable systems. The natural evolution is building those from the bottom into complex systems, going into complex systems build on complex systems.
    The bottom-up approach has become to live.
    New insights: The start for building new planes is when the team becomes too big. A stable point is achieved when a division is completed, roles for accountability for the product are clearly settled.
    explore landscape

    W-2.4 Roles tasks in the organisation

    Managing the working force at any non trivial construction is moving to the edges.
    ❗Aspect: Communication, cultural changes are: Every layer has their actuators people to manage for what is needed. Only knowing the shared goal, mission, there is hope in achieving a destination by improvements.
    W-2.4.1 Team member and organic system roles
    team diversity - roles I
    Humans are viable systems and follow what is defined by some unknown invisible goal, a purpose. The personal interest vs the social community is a dichotomy. Belbin Team Roles Building Effective and Balanced Teams for Success.
    Dr Meridith Belbin developed the Belbin Team Roles Theory in the 1970s, based on how individuals perform in a team environment. ... What came out of the experiment was that particular individuals gravitated towards certain roles when working in a team context. Role balance within a team was found to be crucial to the positive and timely outcome of a task.
    It is easy to see this in everyday life. When a team performs well, be it in sport, school, projects or general business, you can see that there is a degree of uniformity, whereby everyone knows what they are doing and how to do it. Everything looks easy and well-structured and success typically flows through the team. ...
    Belbin Team Roles can be split into three different behaviours:     People acting in teams.
    Each function is associated with typical team work behaviour and interpersonal strengths and weaknesses. The goal: Belbin Team roles three layers
    The Belbin roles in a figure:
    See right side.

    team diversity - roles II
    The Belbin Team Roles are as follows: Belbin team roles are a good indication; a great way to analyse the makeup of your team, but you should not use this model as set in stone. After all, we rarely live in a perfect world and what looks good on paper proves tricky to perfect in reality.
    Belbin Team roles 9 areas
    The Belbin roles align to the SIAR model supporting a full PDCA cycle, pull-push and 10 detailed steps.

    In a figure:
    See right side.

    Another Belbin reference part of a training knowledge promotion: Belbin Team Roles explained . Competencies includes a vast array of skills, from IT expertise to an understanding of production methodologies. This is what we call the 'task focus', the primary force behind accomplishing the job at hand. This relates to how something collaborates within a group and boosts its overall efficacy.
    balancing the teams! It's not just about getting the job done; it's about the process and the dynamics of how it's achieved.
    W-2.4.2 The ignored Engineer executing everything
    ViSM: some important principles
    Aside the principles about variety in the system and velocity of the communication signals there are many more principles in Viable System Model (Michael Frahm).
    VSMB_SYST_05: A set of principles for behaviour.
    Principles:
    1. Black box principle: (not necessary to understand the inner workings)
      1. Understand how it performs
        Example: You don't need to understand in detail how a car drives, but you do need to know how it reacts.
      2. Dealing with the variety it produces
        Measuring complexity is not necessary. Assessing quantities and the right matching are important. The decisive factor is behavior and not primarily the inner workings of the system. Complexity is deliberately ignored the focus is on the input output relationship or on relevant systems or relevant tasks.
    2. Darkness Principle: No system can be completely captured.
      Systems are dynamic and change while you observe them. This must be accepted residual uncertainty must be dealt with.
    3. Adam's 3rd law: It states that a system built from a series of components selected on the basis that they each represent the least risky option is exposed to higher overall risk.
    4. Agility theorem: In order to survive, the rate of change of the organization must be greater than or equal to the rate of change of the environment.
    5. Relaxation time principle: System stability is only possible if the relaxation time of the system is shorter than the mean time between disturbances.
      • Example 1: An employee, team, department or organization is organized in such a way that a task cannot be completed "in order". Accordingly, production planning must be improved and bottlenecks avoided.
      • Example 2: Organizational change, stable performance is disrupted by change. If changes are made too often, stability is never achieved.
    6. Principle of homeostasis: A system is stable if all its key variables remain within their physiological limits. It is about self regulation, balance and ultra stability. In the course of changes, it is about dissolving homeostasis..
    VSMB_SYST_06: Theorem of recursive systems. The theorem states the solution should be similar, not that the problem is the same.
    W-2.4.3 Mediation technology: functionality - functioning
    ViSM balances
    VSM principles and balances
    When discussing variety flows, we are qualitatively addressing the organization's ability to manage the ratio between disturbance variety and system reaction within each relationship. It also pertains to the organization's capacity to cope with the inherent variety or com plexity.
    The change variety challenge.
    To gain a deeper understanding of the VSM's dynamic perspective, consider these five significant variety balances:
    1. Workload
    2. Line balancing
    3. Autonomy vs. Cohesion
    4. Change Rate
    5. Change vs. Status Quo
    ViSM: recognizing problematic patterns
    Common failures are lessons to learn from. Viable System Model (Michael Frahm). The following is just a brief introduction to recurring problematic patterns, which are referred to as pathological archetypes and are suitable for identifying and communicating problems in systems through the viable system model:
    Examples of what to avoid and how to correct them:
    W-2.4.4 Interactions in the organic viable system
    Power and the edge
    Power to the Edge (David S. Alberts, Richard E. Hayes 2003) The source is defence but mentioned is that is generic appplicable.
    An organization's power is also a function of the power of its members and the nature of the interactions among those members. Organizations realize their potential power by instantiating mission capability packages. ... In a hierarchical organization, one with a topology organized by status and power, those at the top are at the center and those at the bottom are at the edge. In addition, there is a significant portion of the organization in the middle.
    Those at the top have the power to command, to set the direction for the organization, allocate its resources, and control the reward structure. Information flows along the axes of power, hence these flows are vertical. Information collected at the bottom flows vertically to the top, and directives flow vertically from the top to the bottom.
    The middle is needed to deal with the practical limits on span of control.
    The question: is the classical hierarchical power C&C a fit for the "information age"?
    The middle serves to mediate and interpret information flows in both directions, allocate resources, and delegate authority. ... Worst of all, stovepipes result in cultural differences and tensions between and among different parts of the organization. ...
    In the Industrial Age, stovepipes were necessary because the economics of information made it prohibitively costly to support widespread information sharing and peer-to-peer interactions. ... The adverse affects of stovepipes often come to light as a result of a catastrophic failure. ... The only way to ensure that information will be shared and that individuals and organizations will work together appropriately is to move power to the edge.     (page 173- 176)
    Beyond individuals, beyond hierarchical Command & Control
    The challenge of a problem without any lead in command. The puzzles were meant to be so demanding that no individual could possibly complete them all. But immediately after the discovery of the game on the Web, teams of curious players developed organically across the country. Working together, their combined knowledge allowed them to complete the first 3 months' worth of game content in only 1 day.
    These teams excelled at solving problems, and they could do so at surprising speeds. However, learning the work processes associated with information sharing, exploiting collective knowledge, and conducting the efficient, authoritative collaboration will require establishing new mind sets (education and training) as well as new tools.
    The question: How to change the classical hierarchical power C&Control?
    Without being able to fall back on traditional approaches to strategic planning, without being able to rely on intuition, from where does leadership and direction now come?
    The answer for industry is the same as for the military; constantly dealing with unfamiliar situations places a premium on agility in all of its dimensions.
    The approach to developing the agile organization, the Information Age approach to command and control presented in this book, is based on the application of power to the edge principles. This enables an enterprise to bring all of its available information and its brain power to bear by allowing information to be recombined in untold ways and by allowing individuals to interact in unplanned ways to create understandings and options not previously possible. ...
    Four minimum essential capabilities are required for a given operation:
    1. The ability to make sense of the situation;
    2. The ability to work in a coalition environment including nonmilitary (interagency, international organizations and private industry, as well as contractor personnel) partners;
    3. Possession of the appropriate means to respond; and
    4. The ability to orchestrate the means to respond in a timely manner.
    Three of these four essential capabilities involve command and control. The third is about the tools of war and policy implementation.     (page 90-98)
    Power to the edge
    Power to the edge involves changes in the way we think about the value of entities and desirable behaviors and interactions. Ultimately, this involves a redefinition of self and the relationship between self and others, and self and the enterprise. Thus, in order to move power to the edge, we need to do more than redraw an organization chart; we also need to change what is valued and the way individuals think and behave. We need to rethink the way the enterprise is motivated and led.
    We need to revamp processes and the systems that support these processes. We need to reeducate and retrain. ... The concept of adaptability (changes in organization and work processes) is a crucial element of agility.
    The question: is the classical hierarchical power C&C a fit for the "information age"?
    However, it directly contradicts Industrial Age solutions of complexity, decomposition, deconfliction, specialization, and optimization. ...
    However, a network topology alone will not achieve the desired result; it does not create the conditions necessary to achieve productive self-synchronization. To complete the package, a suitable approach to command and control must be developed to leverage the capabilities provided by a robustly connected network topology.     (page 181- 186)
    Dimensions Floor

    W-2.5 Sound underpinned anatomy of a viable system

    Understanding the position, situation by understanding the system.
    ❗Aspect: Information, types of association relations: A viable system is non trivial, it will be repeated in structures in every layer.
    Conscious lead of a system needs only the information for what is relevant for understanding what is going on. Using the knowledge of the anatomy enables to limit the set of information flow for improvements.
    W-2.5.1 Fundaments of activities processes (0-1-2, 4-5)
    The enterpise organisation, viable system model
    👁 Industrial age: the manager knows everything, workers are resources similar to machines.
    👁 Information age, required change: a shift to distributed knowledge, power to the edges.
    A viable system according Stafford Beer ViSM Added to the usual viable system model is:
    The enterpise organisation, system-5 executives
    When the product service is what is about, the CPO (Chief Product Officer) has a pivotal role.
    An abstracted proposal for a structure: All of them are universal exchangeable to other type of enterprise.
    Positions within the green areas are changed when the context is changed between operational or change, innovation.
    hierachy 9 areas
    Top-down theoretical view:

    Figure, see right side
    The enterprise organisation, system-5 executions
    When the product service is what is about, the CPO (Chief Product Officer) has a pivotal role. A CPO is also accountable responsible for the coordination at the floor, empowering people.
    An abstracted proposal for a structure: All of them are universal exchangeable to other type of enterprise.
    Positions within the green areas are changed when the context is changed between operational or change, innovation. Lean 9 areas
    Bottom-up practical view:

    Figure, see right side
    SIMF the foundation floor 0-1
    Some peculiar interesting attention points: In a figure: SIMF n3

    W-2.5.2 Operational deliveries, functioning portfolio (1-2)
    SIMF the value stream in information processing
    A full complete generic value stream flow in a cycle with a pull-push.
    Some peculiar interesting attention points: In a figure: SIMF run build devops complete

    W-2.5.3 Changing products, services, functionality portfolio (2-3)
    SIMF changing the vale stream
    A full complete approach for creating & changing value streams in managed suggestions, backlog for requirements in a cycle with a pull-push. This is a segregated from system-4 and
    Some peculiar interesting attention points: In a figure: SIMF modify build devops complete

    W-2.5.4 Autonomic compliancy control & conscious decisions (3-4)
    SIMF The organisation as a whole: ambiguity at the same horizontal plane.
    ⌛ ⏳ When C&C gets more mature there are options in proactive starting activities by risk evaluated changes (system-4). What gets attention and what gets ignored is the identity, ethos, ground rules. These should be an indispensable part of the vision.
    The technical peculiar interesting attention points: In a figure: SIMF c3 command control

    Why there is that much ambiguity at this level?
    Confused-2

    W-2.6 Maturity 3: Enable strategy to operations

    From theoretical to practical needing the collaboration.
    ❗Aspect: Purpose, value, interrelated areas in scopes: Only having the focus on others by Command and Control is not complete understanding of all laysers, not what Comand & Control should be.
    Each layer has his own dedicated characteristics.
    W-2.6.1 SIMF-VSM Safety with Technology at Technology
    How to act in a situation, plan driven vs goal driven
    When to choose a plan or a goal, Agile Cynefin
    I believe the simplest explanation of Agile has its roots in military warfare. Understanding Agile begins with understanding friction and how it affects our plans, actions and results. ...
    Why does this matter? Well, the level of friction we face determines the amount of surprises and the extent to which we can rely on planning and prediction. When what we’re doing is Clear or Complicated, plan-driven approaches work well.
    Clear or complicated, is what I have labelled as: trivial. A plan driven approach will work but is an overkill for the clear situation.
    When plan-driven approaches work, where we can plan and predict while leaving the goal implicit and embedded in our plans, then we don't need Agile approaches.
    Complex Those, complex or chaotic, is what I have labelled as: non-trivial.
    It is important to don't get lost in confusion.
    When we want to people to do what is expected of them, let them define the plans and actions, and report them back to the higher levels. When our actions don't pan out as expected, let the people that do the work adjust plans and actions as necessary in line with the intent of the original plan. ...
    When we can't adequately plan and predict to achieve the desired results, we should switch towards goal-driven approaches. We should start with humble plans that are adjusted as we learn and discover what’s necessary while we do the work.
    Why does it matter?
    In complex systems there exists algedonic channels and transducers.
    Principles: Safety with Technology at Technology
    There is a lot of autonomy expected from the technical perspective by the organisation. Too often ignored or only poorly getting some attention are the expectations for the organisation by technology.
    A categorized list for Safety Technology at Technology SaTT :
    W-2.6.2 SIMF-VSM Uncertainties imperfections at processes, persons
    Two-valued logic and liveliness
    Viable systems and Polycontextual Logic (PCL), "The Viable System Model as a transclassical organizational model" ( PKL VSM Conny Dethloff 2017)
    I was asked to explore and describe the similarities between Stafford Beer’s Viable System Model (VSM) and Gotthard Gunther's Polycontextual Logic (PCL). My suspicion of some similarities was certainly there, since the VSM is a model for liveliness and the PKL is a formal language for modeling liveliness. The PCL, designed by Gotthard Günther, represents a formal theory that makes it possible to model complex, self-referential processes that are characteristic of all life processes in a non-reductionist and logically consistent manner.
    The problem at modelling human actions: This is why this fact of trivialization is so dangerous.
    Please do not confuse this with multi-valued logic.
    Kore The PCL includes the person making the statement and does not just deal with the statement itself. That's why this logic is often called multi-digit or location-dependent logic. Often, "place" is used instead of "location". It therefore addresses where someone is standing who is making a statement. Each person making a statement makes their statement on the basis of two-valued logic.
    Now here comes the trick. dillema in duality With two-valued logic, this quasi-objectification is created outside the logic framework because this framework does not know any mediation. Only when this mediation has been done, for example in values of "yes", "no", "maybe", etc., can the logic be applied. ...
    The clue, novelty of VSM is not the individual systems 1 to 5, but the reflexive, interrelated structure between the individual systems. ... We humans are capable of acting polycontextually because we are alive. However, since we are not able to model this ability in the classic sense.
    As a result, people in binary systems are always caught "between the devil and the deep blue sea". Dichotomous poles: There must be no hierarchy and therefore no priority between these pairs of values. They must be treated equally, but this is not possible in the classic models.     Why does it matter?
    Because the real world is full of uncertainties imperfections we should not ignore that in our models and assumptions. When we ignore that will create bad systems with undesired behaviour.
    Principles for information procseeing as a vaiable system (VSM)
    dichotomies, uncertainties for inputs and results These two are the drivers for a lost of issues when not managed well. misunderstdrviing aT. alendrivers in informa
    W-2.6.3 Dichotomy: generic approaches vs local in house
    Project manager centric
    Product-based vs Project-based
    A project managers perspective by a nice cycle in the same orientation that is used following the SIAR model. The post attention was for the image, agility for projects: Topic: Project Manager in a Product Based Company? Key difference: Product-based PMs work on roadmap-driven initiatives, while project-based PMs focus on client-specific solutions.
    Team member balancing the construction of a system
    The Belbin figure is adjusted in the related paragraph (W-2.4.1). Goal: fit into the SIAR orientation and directions. Communication between persons in a system will impact the system.
    Details on topics that made in the paste
    Data information chain links:
    feel_longroad01.jpg
    Reference Topic
    👓 Performance OS system level
    👓 ETL constructs performance & monitor
    👓 Data flow Data lineage & xml, json
    👓 NLS National language support
    👓 Scheduling Scheduling

    Master data links:
    feel_longroad02.jpg
    Reference Topic
    👓 master data Naming artifacts
    👓 receive&send information transport
    👓 information
    pull request         		Requesting data
    information as pull
    👓 private metadata metadata driven
    👓 Security by design Technical & Business

    feel_brains_06 Dichotomy: generic approaches that are insufficient secure and special local builds to get it secure. personal frustrations resulted in some local builds.
    Examples using SAS, code:
    Source Description
    xkeypsw Using a manageable Password vault without needing obscurity.
    xgetsetpsw Synchronise account stored obfuscated.
    xmetadirlst Obfuscated definitons reading to visible usable syntax.
    (no code) failing home dir definition, missing saswork, wrong pwd, java /tmp
    correcting run time settings.
    (no code) Dictionary database processing synchronise (users/rights).
    W-2.6.4 SIMF-VSM Multidemensional perspectives & revised context
    Principles: dichotomies, uncertainties for inputs and results
    Information Technology Communication Structured Processing (ITCSP):
    SIMF ViSM: the VSM connection
    The three dimensional perspectives wiht a prodcut oriented mindset (green) and a service oriented one (magenta). The system-4 and system-5 on top that is repeated at the bottom. Three system-1 constructs form the highest perspective. Functional perspective in a figure: SIMF ViSM functional

    Technical perspective in a figure: SIMF ViSM technical

    SIMF ViSM Extending complexity variety at floor (3-4).
    Both the technology and organisation have dualities dichtomies at their system-1 and system-5 in dimension-2 there is a recursion for the system.
    For the two safety, security options: All the detailed activities to get reported to the highest chief in command is a mission impossible for understandable Command&Control. Limiting the information loop-back for managing a system appropriate is the real challenge.
    🎯 I_Vuca ✅-AppSec C_Bani C_Vision ✅-fractals CMM5-SIM 🎯
      
    🚧  PT_GAP ✅-TechSec C_Steer C&C_PT ✅-Morphing CMM3-SIM 🚧
      
    🔰 Contents I_Floor  C_Tasks  H_Culture C_Theory CMM0-SIM 🔰

    W-3 Command & Control planning for innovations


    Alchemie

    W-3.1 Information processing in the information age

    Information processing, administration using machines tools is a rather novelty for mankind. Status: Exceptions are successful organisation everyone wants to copy.
    👉🏾 Preach: set the purpose, customer central. ✅ When the service for a customer is the core value dot it in a effective efficient way: no overburdening, no unnecessary complexity.
    W-3.1.1 Master data, understanding information
    Master data - Naming artefacts
    Naming conventions, when done correctly, are narrowing down a complex environment into many smaller, less complex environments. Reference patteren: book library has a fine tuned labelling (naming) convention to be able to find and store a huge number of books.
    sheltered area.jpg For a information system is needed:
    1. Life Cycle indications on any component
    2. Unique business process lines
    3. Classification business artefacts (technical)
    4. Classification technical artefacts (tools)
    5. Hierarchy in: technical, administrative and monitoring
    6. Decoupling and connection to other business processes
    A proposal for a naming convention see: 👓 details
    The intention is to bring this into an operational environment. Important is the segregation of the tool from the business process.
    Master data: on premise vs a bought solution
    When the problem to solve is a standard well known one there would be a good chance there is commercial software available for that. Building and maintaining once for many is usually cheaper and giving more functionality than building it yourself. There is no way out in avoiding responsibility for the own organisation.
    💣 There are many cases there is not a usable standard in place.
    Requesting data - communicating what is going on
    An approach in defining similar to the pull question is defining the data lineage as a value stream. The request for interactions of information starts with the following questions: See see: 👓 details
    receiving safe data
    Starting at: IV
    goes to III
    (pull demand)

    proceeeding to:
    I and II
    (push delivery).

    in a figure:
    see left side.
    W-3.1.2 Volatile master metadata and information chains
    receiving safe data
    A volatile private metadata approach
    The challenge is how to manage the metadata when the data, information, doesn't follow the well known solutions. Describing the problem, requirements exchanging information: This can be a bought solution, pitiful that is only available when the situations are obvious.
    Using a spreadsheet (Excel) is a simplistic way that could also be very advanced. Technical details for this idea: There are many other often used approaches, most of them are using a fixed data-structures very difficult to change. Defining the elements dynamically for a request avoids that change limitation.
    See for more 👓 details
    The volatile chain of information
    Information is not: Just an attempt to visualize:
    chain of information
    in a figure:
    see left side.
    See for more 👓 details
    Interactions between process quantums on shop floors
    A product is never created from scratch without materials being supplied, with tools being supplied. There are several complicated supply chains: Tools, platforms, are products that should comply to service agreements for products by other parties. The chain of supply in materials is a complicated one by dependencies other external products, reuse of partial information products. Just an attempt to visualize:
    Supply chain factories shop-floors
    in a figure:
    see right side.
    Platforms, application security AppSec
    Platforms are the enablers for realisations of the core processes. See for more 👓 details platform and 👓 details devops
    log_legal1.jpg
    W-3.1.3 Strategy conflicts: safe platforms, business applications
    Accountability product safety
    Creating or delivering a product, good, service comes with responsibilities accountabilities. Legal people are easily missing the point what it is about but are well capable in good descriptions. The CRA act (eur-lex/2847) has a limited scope. However, the text and definitions could be made applicable for all type of information products. This part is very generic, Jabes could cover that:
    Annnex II, Information and instructions to the user
    At minimum, the product with digital elements shall be accompanied by:
    1. the name, registered trade name or registered trademark of the manufacturer, and the postal address, the email address or other digital contact as well as, where available, the website at which the manufacturer can be contacted;
    2. the single point of contact where information about vulnerabilities of the product with digital elements can be reported and received, and where the manufacturer’s policy on coordinated vulnerability disclosure can be found;
    3. name and type and any additional information enabling the unique identification of the product with digital elements;
    4. the intended purpose of the product with digital elements, including the security environment provided by the manufacturer, as well as the product’s essential functionalities and information about the security properties;
    5. any known or foreseeable circumstance, related to the use of the product with digital elements in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, which may lead to significant cybersecurity risks;
    6. where applicable, the internet address at which the EU declaration of conformity can be accessed;
    7. the type of technical security support offered by the manufacturer and the end-date of the support period during which users can expect vulnerabilities to be handled and to receive security updates;
    8. detailed instructions or an internet address referring to such detailed instructions and information on:
      1. the necessary measures during initial commissioning and throughout the lifetime of the product with digital elements to ensure its secure use;
      2. how changes to the product with digital elements can affect the security of data;
      3. how security-relevant updates can be installed;
      4. the secure decommissioning of the product with digital elements, including information on how user data can be securely removed;
      5. how the default setting enabling the automatic installation of security updates, as required by Part I, point (2)(c), of Annex I, can be turned off;
      6. where the product with digital elements is intended for integration into other products with digital elements, the information necessary for the integrator to comply with the essential cybersecurity requirements set out in Annex I and the documentation requirements set out in Annex VII.
    9. If the manufacturer decides to make available the software bill of materials to the user, information on where the software bill of materials can be accessed.
    Scope details product safety
    The list of wat is in scope in the CRA act dos mention prodcuts in the generic "TechSec" area. The CRA act (eur-lex/2847 ): Annnex III, Important Products With Digital Elements
    Class I:
    1. Identity management systems and privileged access management software and hardware, including authentication and access control readers, including biometric readers
    2. Standalone and embedded browsers
    3. Password managers
    4. Software that searches for, removes, or quarantines malicious software
    5. Products with digital elements with the function of virtual private network (VPN)
    6. Network management systems
    7. Security information and event management (SIEM) systems
    8. Boot managers
    9. Public key infrastructure and digital certificate issuance software
    10. Physical and virtual network interfaces
    11. Operating systems
    12. Routers, modems intended for the connection to the internet, and switches
    13. Microprocessors with security-related functionalities
    14. Microcontrollers with security-related functionalities
    15. Application specific integrated circuits (ASIC) and field-programmable gate arrays (FPGA) with security-related functionalities
    16. Smart home general purpose virtual assistants
    17. Smart home products with security functionalities, including smart door locks, security cameras, baby monitoring systems and alarm systems
    18. Internet connected toys covered by Directive 2009/48/EC of the European Parliament and of the Council (1) that have social interactive features (e.g. speaking or filming) or that have location tracking features
    19. Personal wearable products to be worn or placed on a human body that have a health monitoring (such as tracking) purpose and to which Regulation (EU) 2017/745 or (EU) No 2017/746 do not apply, or personal wearable products that are intended for the use by and for children
    Class II
    1. Hypervisors and container runtime systems that support virtualised execution of operating systems and similar environments
    2. Firewalls, intrusion detection and prevention systems
    3. Tamper-resistant microprocessors
    4. Tamper-resistant microcontrollers
    Olympia_odenon.jpg
    W-3.1.4 Strategy conflicts solution: change to systems thinking
    Choice, decisions for intended paths, directions
    The most important thing for the futurre is knowledge in the intentions of a future state. The future state defined in a Vision. (LI G.Alleman 2024 )
    The five immutable principles of performance-based planning are designed to meet the definitions of a principle and Wideman's requirement that they be effective. These questions can be applied to projects just as they can be applied to any endeavor, from flying to Mars to taking a family vacation. If we use the dictionary definition of immutable, "not subject or susceptible to change or variation in form or quality or nature," we can apply these principles to any project in any business or technical domain. The questions that need to be answered:
    1. Where are we going?
    2. How are we going to get there?
    3. Do we have everything we need?
    4. What impediments will we encounter, and how will we remove them?
    5. How are we going to measure our progress?
    The five practices derived from the five immutable principles keep the project on track.
    1. Identify needed capabilities
    2. Define a requirements baseline
    3. Develop a performance measurement baseline
    4. Execute the performance measurement baseline
    5. Apply continuous risk management
    Choice in product type, obvious - complicated or complex chaotic
    Expections dichotomy wanting something obvious is not the correct change approach: misunderstandings by project work (LI G.Alleman 2024 )
    It is popular to construct charts showing the strawman of deterministic and waterfall approaches, then compare them to stochastic approaches and point out how much better the latter is than the former. Deterministic: The only explanation here is the intentional ignorance of basic science, math, engineering, and virtual computer science.
    This is a clear signal on what is wrong with seeing how systems are working. In this post there is a reaction from T.Gilb
    Shoulders
    How to improve systems?
    There is a lot existing information to combine:Standing on the Shoulders of Giants (A.Shalloway 2024)
    Instead, I build on the shoulders of giants and have integrated the main teachings of Dr. Russ Ackoff, Dr. Christopher Alexander, Dr. W. Edwards Deming, Don Reinertsen, Dr. Eli Goldratt, and Tom Gilb into one cohesive perspective to improve the way people think. The mindset that we need to be adaptive using only empiricism to drive us only takes us so far. To truly be effective, we need to add systems thinking and understanding of our system of knowledge work.
    There is some hope for getting things better. Systems thinking:
    Build modern03

    W-3.2 Floor plans, optimizing value streams

    Building any non trivial construction is going by several stages. These are: Non trivial means it will be repeated for improved positions.
    👉🏾 Practice what your preach. ✅ When as a service provider the real lean culture is promoted for customers the service should be according the real lean service culture.
    W-3.2.1 Information quality & risk rating
    operational Tech safe1
    Service as a Product, Information processing
    Communication acting at the viable system
    CapCom: the primary point of contact and source of truth about the state of the system.
    In IT Service management the goal of acting reacting got lost, incidents, problems, changes.
    👉🏾 CapCom these are not the attributes known from ITIL but are reverted to the source: the incident with apollo 13. The time to react on an issue is important. Variations: Able to communicate within all levels is a prerequisite for able to react in time.
    👉🏾 There is a duality in being very safe but not having the service available and running the service but that service has known safety issues. To balance in the conflicts is a task role not to combine with either of the conflicting sides, segregation in duties.
    Incident response readiness, education mandatatory internal
    EU directive NIS2, the CapCom: article 1
    Member States adopt national cybersecurity strategies and to designate or establish competent authorities, cyber crisis management authorities, single points of contact on cybersecurity (single points of contact) and computer security incident response teams (CSIRTs).
    EU directive NIS2, Also requires educations for executives: article 20
    Member States shall ensure that the members of the management bodies of essential and important entities are required to follow training, and shall encourage essential and important entities to offer similar training to their employees on a regular basis, in order that they gain sufficient knowledge and skills to enable them to identify risks and assess cybersecurity risk-management practices and their impact on the services provided by the entity. Confusing: prodcuts with digital elements
    is not technology neutral defined. The assumption of simple devices would be different to complicated and complex or even chaotic is not underpinned.
    Risk rating, readiness
    This is a standard activity. A split in technology related risk and fucntionality risks is not made yet although this is by nature of a system logical to do. An open source option: Ravib
    Risk matrix The purpose of this tool is to register risks in order to control them. Controlling risks requires knowing your risks, assigning them to people who actively deal with them and keeping track of the measures that mitigate those risks. This tool supports in that. This register is just a tool.
    👉🏾 How well risks are controlled depends on how well the responsible people deal with them.
    Technical resource qualities
    Metrics: kpis
    W-3.2.2 Chain of Information change & Master data Context
    operational Tech safe1
    Service as a Product, Information processing
    At first sight this is there is no difference with the technology. The question to rethink: Why is there an important difference?
    Business application security
    What is application security (AppSec)? (2024-06 )
    Application security (AppSec) is an integral part of software engineering and application management. It addresses not only minor bugs but also prevents serious application vulnerabilities from being exploited. An ongoing process rather than a single technology, application security (AppSec) is a crucial component of cybersecurity, encompassing practices that prevent unauthorized access, data breaches and code manipulation of application software. As applications have become more complex: DevOps and security practices must take place in tandem, supported by professionals with a deep understanding of the software development lifecycle (SDLC).
    The choice of being in control over processes:
    Some organizations choose to manage application security internally, which enables direct control over processes and tailored security measures by in-house teams. When not managed on-premises, organizations outsource application security, a part of managed security services (MSS), to a managed security service provider (MSSP). An MSSP can provide: These can benefit organizations that lack internal resources and expertise. Whether managed internally or outsourced, strong security measures are essential to safeguard applications against evolving cyber threats and vulnerabilities.
    W-3.2.3 Information knowledge qualities by product, service
    Applicable correctness, traceability
    operational Tech safe1 The categories in information safety, cybersecurity: There is an important change needed when this all is going to be well in control.
    feel_brains_06
    Safety products, primary processes
    Primary processes for information processes are referred for safety as: cybersecurity. Safety for primary processes is an "AppSec" topic not to be confused with "TechSec" although "TechSec must be in place there is an important difference in accountability. Safety for delivered products is very generic, the scope culd be extended to all kind of information products. Regulation on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) No 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act), CRA act (eur-lex/2847 ) Annex I, Essential Cybersecurity Requirements.
    Part I Cybersecurity requirements relating to the properties of products with digital elements
    1. Products with digital elements shall be designed, developed and produced in such a way that they ensure an appropriate level of cybersecurity based on the risks.
    2. On the basis of the cybersecurity risk assessment referred to in Article 13(2) and where applicable, products with digital elements shall:
      1. be made available on the market without known exploitable vulnerabilities;
      2. be made available on the market with a secure by default configuration, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, including the possibility to reset the product to its original state;
      3. ensure that vulnerabilities can be addressed through security updates, including, where applicable, through automatic security updates that are installed within an appropriate timeframe enabled as a default setting, with a clear and easy-to-use opt-out mechanism, through the notification of available updates to users, and the option to temporarily postpone them;
      4. ensure protection from unauthorised access by appropriate control mechanisms, including but not limited to authentication, identity or access management systems, and report on possible unauthorised access;
      5. protect the confidentiality of stored, transmitted or otherwise processed data, personal or other, such as by encrypting relevant data at rest or in transit by state of the art mechanisms, and by using other technical means;
      6. protect the integrity of stored, transmitted or otherwise processed data, personal or other, commands, programs and configuration against any manipulation or modification not authorised by the user, and report on corruptions;
      7. process only data, personal or other, that are adequate, relevant and limited to what is necessary in relation to the intended purpose of the product with digital elements (data minimisation);
      8. protect the availability of essential and basic functions, also after an incident, including through resilience and mitigation measures against denial-of-service attacks;
      9. minimise the negative impact by the products themselves or connected devices on the availability of services provided by other devices or networks;
      10. be designed, developed and produced to limit attack surfaces, including external interfaces;
      11. be designed, developed and produced to reduce the impact of an incident using appropriate exploitation mitigation mechanisms and techniques;
      12. provide security related information by recording and monitoring relevant internal activity, including the access to or modification of data, services or functions, with an opt-out mechanism for the user;
      13. provide the possibility for users to securely and easily remove on a permanent basis all data and settings and, where such data can be transferred to other products or systems, ensure that this is done in a secure manner.
    feel_brains_06 Why is the scope not made generic? Documenting the cybersecurity knowledge is what Jabes covers.
    Part II, Vulnerability handling requirements
    Manufacturers of products with digital elements shall:
    1. identify and document vulnerabilities and components contained in products with digital elements, including by drawing up a software bill of materials in a commonly used and machine-readable format covering at the very least the top-level dependencies of the products;
    2. in relation to the risks posed to products with digital elements, address and remediate vulnerabilities without delay, including by providing security updates; where technically feasible, new security updates shall be provided separately from functionality updates;
    3. apply effective and regular tests and reviews of the security of the product with digital elements;
    4. once a security update has been made available, share and publicly disclose information about fixed vulnerabilities, including a description of the vulnerabilities, information allowing users to identify the product with digital elements affected, the impacts of the vulnerabilities, their severity and clear and accessible information helping users to remediate the vulnerabilities; in duly justified cases, where manufacturers consider the security risks of publication to outweigh the security benefits, they may delay making public information regarding a fixed vulnerability until after users have been given the possibility to apply the relevant patch;
    5. put in place and enforce a policy on coordinated vulnerability disclosure;
    6. take measures to facilitate the sharing of information about potential vulnerabilities in their product with digital elements as well as in third-party components contained in that product, including by providing a contact address for the reporting of the vulnerabilities discovered in the product with digital elements;
    7. provide for mechanisms to securely distribute updates for products with digital elements to ensure that vulnerabilities are fixed or mitigated in a timely manner and, where applicable for security updates, in an automatic manner;
    8. ensure that, where security updates are available to address identified security issues, they are disseminated without delay and, unless otherwise agreed between a manufacturer and a business user in relation to a tailor-made product with digital elements, free of charge, accompanied by advisory messages providing users with the relevant information, including on potential action to be taken.
    feel_brains_06
    Top down structuring safety
    Governance frameworks for cybersecurity al start with a vision for structure for vision in strategy. An cognitional structure shortlist:
    1. Policies : Roles - responsibilities, segregation of duties
    2. Relations and communication: governmental agencies, interest groups, stakeholders
    3. Adaption to Issue & incident solving: continuous learning, continuous improving
    4. Supplier Management: Relationships, agreements and supervision
    5. Documented compliance: policies & standards, independent assessments verifications
    6. Business Continuity : readiness for actions by disruptions
    7. Legal requirements & Privacy : personal data safety, Legal - contractual compliance
    Other list are for:
    W-3.2.4 Information impact by product, service
    operational Tech safe1
    Applicable correctness, traceability
    Those interacting to the external customers should have this in liablity of the organisation. What is application security (AppSec)? (2024-06 ) Application security encompasses various features aimed at protecting applications from potential threats and vulnerabilities. These include: A frequent challenge to application security lies in intra-organizational confusion about who exactly is responsible for it. This ends up with a lot of pointed fingers and not a lot of positive action. It’s difficult to protect something that you aren’t aware you have, and it’s also not so easy to convince people you’re doing something if you aren’t even sure yourself. To provide transparency in whats is in use there should be a Software Bills of Material (SBOMs)
    Limiting Potential: -If It Works, Don’t Touch It-
    😱 A blocking culture is not wanting to understand the infromation process. The issue:
    Many programmers and organizations stick to the mindset: "If it works, don’t touch it". (Li post michael-tchuindjang). It feels safe and reliable; after all, if something isn’t broken, why change it?
    But this way of thinking has its limits. Instead of exploring why and how things work, it can lead us to avoid improvement and miss opportunities to innovate.
    This has a relationship with not documenting attempts and experiences. The real challenge is not the coding but understanding what the code by fucntionality does.
    Innovation impediment In dynamic fields like cybersecurity, AI, and technology, this approach can actually prevent us from keeping up with new challenges. On the other hand, the scientist’s mindset pushes us to constantly question, investigate, and refine.
    Scientists: This curiosity leads to breakthroughs and solutions we wouldn’t find if we only focused on the status quo.
    By shifting from “If it works, don’t touch it” to a mindset of discovery, we open doors to growth and advancement.
    👉🏾Let’s embrace the scientist’s curiosity to not just keep things running, but to improve and evolve them.
    (Credits to @Cyber Writes)
    Build modern01

    W-3.3 Why to steer in the information landscape

    Managing the goal for any non trivial construction follows several stages. These are: Non trivial means it will be repeated for improved positions.
    Managing the process, information is needed for understanding what is going on. Without knowing the situation or direction there is no hope in achieving a destination by improvements.
    W-3.3.1 Understanding information: data, processes, actions, results
    What is a business application?
    A business application is defined by:
    1. Composed of two complementary components.
      • Information at the value stream seen materialised as "data".
      • Transformations of information in the value stream, "processes".
    2. Materialised data is seen at some type of storage.
    3. Transformations are processed by tools, platforms.
    4. Covers the value stream for customers and
      all related activities, documentation, registrations.
    What is a Platform?
    Platforms are the combination of tangible goods (hardware) and intangible and services (software & support) that are enabling the business applications.
    Detailed atributes are:
    1. A platform is composed of many complementary components.
      • Tangible products, goods (hardware): servers CPU-s GPU-s-s memory, network components, cables, storage, etc.
      • Intangible products, services (software): operating system, databases, communication, programming tools, etc.
      • All products, goods &services, are at some support level by a suplier for support
    2. Have a defined functionality.
      Specficiations are how functionality is defined and communicated.
    3. Have a defined way for functioning.
      Usage instructions are how that is defined. An education and certfication program is a way for communication when usage is non-trivial.
    4. have a defined set of maintenance instructions.
    Business applications, transformation types
    Three types of business applications transformations:
    1. ALC-V1 A process that is run once.
      When after each run many adjustments are needed, then it is also a one-off.
    2. ALC-V2 processes with transformations are based on rules set by human decisions. Development and verifications is done with fake, synthetic information.
      ❗ Only the production environment uses operational information.
    3. ALC-V3 processes are based on what is seen at operational information and what is known by operational examples. Development and verifications are done with operational information.
      ❗ All environments are using operational information. Segregation between the stages is important but not the same as at ALC-V2.
    The AI act, what is an algorithm
    Artificial intelligence is getting a lot of attention. There are a lot of misunderstandings and confusing opinions not resulting in clear guidelines. From a post on Li: To classify an AI system as high-risk under the AI Act. This is a formal process: either you are a regulated product (Annex I) or a high-risk use case (Annex III), or you are not. There's little room for debate. There are four exceptions to this classification: There is an indication on what was done by science and what it assuming what is the new approach. When a data scientist manually builds these models, selecting variables and validating results step by step, it's clearly traditional statistical analysis. But modern credit scoring systems are a different beast entirely.
    They use automated logistic regression that: This autonomous inference of patterns from data is exactly what art. 3(1) AI Act targets when it defines AI systems as those that "infer, from the input it receives, how to generate outputs such as predictions." The logistic regression algorithm itself is performing this inference by mathematically determining which combinations of input variables best predict creditworthiness, without being explicitly programmed with these relationships.
    This assumption essentially declares what has been achieved by e.g. medical science, improving the living standards and survival chance improvements, as a forbidden high risk.
    Paradoxial: how information processing was done, interepreted, by scientists.
    Oracel Delphi odeon
    The AI act, how to understand an algorithm
    History repeats itself with the uncertainty of predictions about the future. However there is progress possible when accepting that uncertainties in the predictions are intangible part of the systems.
    "They were shocked when two actuaries, calculations differed by 10%, as if writing down formulas could somehow eliminate the variation in underlying assumptions."
    The distinction between "pure statistics" and "automated inference" isn't about the mathematical technique, it's about how autonomously the system operates in drawing conclusions from data. Consider three phases in actuarial evolution:     This states the problem of expectations that are expected to be defined in very certain definitions. Once the predictions from an oracle (Pythia), these days the predictions from "algorithms".
    Business applications, context
    The everlasting duality of control & command vs fulfiilment effectuation implementation.
    Two contexts to see, evaluate business applications:
    W-3.3.2 Understanding goals with needed associated change
    Symbiosis between humans and computers
    Changes for humans at the information age. Generative AI and the Ethical Risks Associated with Human-Computer Symbiosis
    The central philosophy of the tech pioneers proposed a synergy, a symbiosis or a partnership between humans and computers. For them, it would be preferable for humans and machines to work together cooperatively instead of not at all. At the big-picture level, it questions whether society would be better if people were to use GenAI. It may also be considered in a much more nuanced, detailed way; that is, is it preferable to use or not use GenAI?
    While it may not be necessary to maintain the exact same values, it is important to note their early cautions. Their philosophy urges us to foreground education on the ethical use of AI, leaving a potential choice not to use it as the preferred ethical choice, and emphasizes the priority and value of human thought, creativity, and responsibility. Together with education, the social responsibility of tech companies and the need for rigorous governance systems have been highlighted in support of successful human-computer symbiosis using GenAI
    7s mckinsey model
    The 7S Model is designed to help organizations achieve their goals and implement change. It focuses on the importance of coordination over rigid structure in driving effectiveness. 7-s-framework (LI post) To use the 7S Model effectively:
    1. Identify the seven key elements.
    2. Assess each element.
    3. Align them and identify gaps.
    4. Develop improvement strategies.
    5. Implement changes.
    6. Monitor and adjust as needed.
    7s 9s mckinsey It is a nice good model. Adjustments: alignment with the SIAR model structure in 4 quadrants and 9 areas
    Added: Combined:
    When introduced in the late 1970s, the 7-S framework was a watershed in thinking about organizational effectiveness. A previous focus of managers was on organization as structure: who does what, who reports to whom, and the like. As organizations grew in size and complexity, the more critical question became one of coordination.
    The lack of hierarchy among these factors suggests that significant progress in one part of the organization will be difficult without working on the others. Today, more than ever, structure alone isn't organization. 7-s-framework
    W-3.3.3 Activities in the organisation for the organisation
    Value Chain, primary & secondary activities
    Value chains Streamline the processes that take a product from concept to market. The integral linkages are supported by both structure and effective communication between direct, indirect, and support components. Activities, such as hiring and training human capital, are further supported through activities, as record keeping and quality control.
    When analyzing the effectiveness of a value chain model, the economist Michael Porter introduced 10 cost drivers that help identify areas for improvement:
    1. Economies of Scale: cost analysis for the size of the demand (local, national, or global).
    2. Learning: Activities that change the environment for efficiency or improvement.
    3. Capacity Utilization: efficient levels preventing under-utilization or unnecessary capacity.
    4. Linkages among Activities: Identifying areas of cross-functional improvements.
    5. Interrelationships among Business Units: Opportunities information and resources sharing.
    6. Degree of Vertical Integration: Identifying areas of joint integration or, de-integration.
    7. Timing of Market Entry: Driven by external conditions and competitive positions.
    8. Firm's Policy of Cost or Differentiation: Identified value integrated into the process.
    9. Geographic Location: Including wages, climate, and raw materials, quality - quantities.
    10. Institutional Factors: Include taxes, unions, and regulations.
    In the model: primary and secondary activities that relate to an organisation.
    Porter support and primary activities
    In a figure,
    see right side:

    Adjusting primary & secondary activities
    A gap in activities by Porter is how to initiate and manage the activities by changes. How to do that must be universal applicable, have a relationship with the backlog, issues, wishes, ideas.
    USM generic service model
    In a figure,
    see right side

    An universal service approach.
    The flows:
    W-3.3.4 6C-Control is not specific it is very generic
    A guide, manual on leadership
    11 Timeless Principles of Leadership (T.Deierlein). "The same skills that companies today need to prevail in a climate of intense economic uncertainty." (Harvard Business Review).
    1. Know yourself and seek self-improvement
    2. Be technically and tactically proficient
    3. Seek responsibility and take responsibility for your actions
    4. Set the example
    5. Know your people and look out for their welfare
    6. Keep your people informed
    7. Ensure the task is understood, supervised, and accomplished
    8. Develop a sense of responsibility among your people
    9. Train your people as a team
    10. Make sound and timely decisions
    11. Employ your work unit in accordance with its capabilities
    Why are they still unchanged after being reviewed every few years for 60+ years by different people over the course of time?
    Obeya 6p Approach
    Changing products, services
    Obeya Is a team spirit improvement tool at an administrative level, originating from a long history of learning & improving. ... Considered a component of lean manufacturing.
    Obeya objectives are rapid decision-making, reduction in rework and reconsiderations, and reduction in unnecessary discussions.
    The Obeya Association enumerates 11 Obeya Principles that define Obeya and guide its improvement. ...
    😉 It is the alignment of all involved persons.
    Changing the organisational structure
    Vision and culture the foundation in the information age. Unleashing the power of small, independent teams (2017) Small, independent teams are the lifeblood of the agile organization. Top executives can unleash them by driving ambition, removing red tape, and helping managers adjust to the new norms.
    The empowering executive:
    1. Focuses small teams in customer-facing areas
    2. Stacks small teams with top performers
    3. Gives teams a clear, direct view of customers
    4. Allocates resources up front, then holds teams accountable
    The independent team:
    1. Authorized to conduct activities without first seeking approval
    2. Has minimal dependencies on internal functions
    3. Builds and launches digital solutions on its own
    4. Draws on preassigned funding with no formal budget requested
    The enabling manager:
    1. Defines outcomes for teams to pursue as they see fit
    2. Acts as a steward rather than superior
    3. Prioritises problem solving over decision making
    4. Spends more time than usual on coaching and learning
    Water found

    W-3.4 Visions & missions boardroom results

    Managing the working force at any non trivial construction is moving power to the edges. The cultural changes are: Non trivial means a complex or chaotic situation to get improved
    Managing the working force at processes, information is needed for understanding what is going on. Without understanding there is no hope in achieving a destination by improvements.
    W-3.4.1 How to Structure engineering the enterprise
    Inseparable product documentation layer
    The operational performance of the organisation is having many dependencies.
    "The core business" is the one that matters. The flow of that activity is a value stream.
    Once the structure of information processing and the structure of the enterprise, organisation is understood optimizing to survive can become a part of the system to survive.
    Learning by example of succesfull organisations
    Only looking at how the success looks like and just simulating the appearance is a failure by design. Used references are given some foundation on "how to do it". "Use cases" or in normal words "stories and experiences" are another source for learning.
    W-3.4.2 Learning structuring the enterprise by examples
    High performance organisations
    high performance organisations with Steve Spear (agile podcast - M.Robinson) Explaining how to use a developmental leadership approach with collaborative problem solving, workflow visualization and iterative improvement to become a high performing organization with an unbeatable competitive edge. ...
    What's motivated over many decades is to identify those organizations able to deliver so much more value with so much less effort and then figure out what it is that explains their ability to do so versus everybody else. ... Paradoxical examples exist and they're not limited to a sector, a phase, it's just a common human condition that some organizations are much better run in terms of generating and delivering value than their counterparts.
     A summary from the podcast:
    We started out with a existential threat. The US looked at manufacturing organizations in another country and said, they are so much better than what we're doing that actually we've got an existential threat. And that drives change because you had no choice. It's either a change or disappear.
    And when you started looking at those organizations, everything you looked at they were markedly better than the competitors. They were better at everything.
    And then you talked about this idea that those organizations were hyper focused on solving problems. But the key was, they then tested their hypothesis for a solution on how to fix that problem. They were not bringing in more faults because they were testing iteratively until it worked.
    This quite different than the agile software hype of delivering features fast no matter of the quality.
    Another important difference is in the reporting, metrics.
    ... If we don't understand who we depended on when, and who's dependent on us then we optimize our location. It's local optimization, not optimization of the system because that's what we paid for. Those metrics aren't important.
    It's really is the organization haphazard in their way of merging many into one? So focus on:     In the podcast is more.
    😉 Notes on software information processing: 😱 Notes on confusing misunderstandings: Of course there is some promotion, See to Solve is about enterprise engineering, business processes in flows. Not explicitly mentioned it is systems thinking, viable systems.
    Agile project management
    No wikipedia page but sure related to what is Project Managemenmt (PM) in the agile world including PMI. agile project management johanna rothman with Johanna Rothman (agile podcast - M.Robinson)
    A summary from the podcast:
    Some things that aren't important and you could probably outsource those if you have to, but apart from that, if it's part of your core business and that's what you're there for why would you give it to somebody else to build for you? In the podcast is more.
    😱 Notes on software information processing: 😉 Notes on confusing misunderstandings: Of course there is some promotion, expertise in Managing Product Development is about more effective project and program management so customers receive products they love when they want them by applying agile and lean principles. The combination is breaking usual silo's in the dichotomy of project management vs. product management. Avoiding the binary logic assumptions: Estimates are guesses. That doesn't prevent people from wanting to know the estimate. You can make better estimates, predictions, and increase their usefulness and accuracy.
    W-3.4.3 Beliefs, social networks influencing the enterprise
    The boardroom tribal politics turning the situation
    Why Your Product Transformation Will Fail and Surviving organisational politics with John Cutler (agile podcast - M.Robinson) on product management and service design.
    The review of the Sense Maker Survey by J.Cutler:
    Backgrounds are in product management and UX research with some sort of business analyst type roles or just general tech roles thrown in for good measure over the years.
    It's very tribal at the moment and my sense is that when times are though, you get this infighting you get this heavy asymmetries of experiences within companies.
    The situation described is one of full of misunderstandings, unsafety and fear for the future.
    From the "product transformation", the positive advices in what to avopid.
    😉 The challenges, your product transformation will fail if you: The paradox in this is: it is easier to mention a list of causes were each of them is a possible root cause for failure than a list what not to miss.
    The boardroom organisational politics driving situations
    Executive influence with Rich Mironov (agile podcast - M.Robinson) on the difference in physcial goods to software development. The review of organisational politics (J.Cutler):
    Nothing in there that was a surprise. There was nothing I haven't heard every week for the last 6 or 12 months. Folks in the product and engineering and design spaces are hurting, their jobs are being reduced. They often don't have representation in the executive suite. Much of the company doesn't really understand what they do and nobody's helping them understand that.
    it's a great job for a very narrow group of people who have a certain odd set of skills and capabilities. But it is hard, I've stopped doing that CPO, VP of product job because it was too hard.
    it's a job that has a lot of responsibility and very little authority or budget.
    People are complaining every executive gives them a different goal or they give them a goal and then change their mind a week later. There's no unified goal that people can gather around. Product folks at every level need to suggest or propose possible strategies or maybe alternatives on the assumption that maybe actually nobody else knows what a strategy is, or they haven't thought it through.
    In the podcast is more.
    😱 Notes on software information processing: 😉 Notes on confusing misunderstandings: Of course there is some promotion, expertise in Managing Product Development is about product executives, product management teams and revenue software organizations. Larger companies face product/portfolio issues more complex than single-product market validation. How do we balance competing interests and technology roadmaps?
    W-3.4.4 The closed loop in structuring the enterprise
    Hoshin Kanri Simple
    The Hoshin kanri, X-matrix loop
    Discovering Hoshin Kanri (Verka Alexieva) In a translation the intended meaning gets easily lost. The name X-matrix is meaningless.
    👉🏾 Ho Shin, Kan RI (13m14) some translations: The validation is the last bottom right corner, getting too little attention.
    We identified the need for more regular reviews and adaption of objectives - min Quarterly!
    Leadership is the key to ensure Commitment.     (21m55, 25m55)
    X-matrix product - production
    Scalable Industry 4.0
    An EnterpriseArchitecture (LI: R.Grover 2024-12) Phases Product vs production an X:
    1. Foundation: current situation assessment & core implementation
    1. Integration: capabilities implementation, deployment & full automation implementation
    1. Optimization: implementation capabilities, deployment
    2. Innovation: Ecosystem integration, advanced capabilities, embedded transformations
    In an era where hashtag#technology evolves daily and data drives business decisions, organizations need more than just digital tools—they need strategic clarity and practical innovation. The challenge isn't just modernizing systems; it's about creating sustainable value in a rapidly changing landscape.
    6w1H into lean
    WS Work Standard vs SW Standard Work
    💣 Everything that is documented is now referred to as STANDARD WORK. NO! Confusion in the Lean Community WS vs SW (LI: M.DeLuzio, C.Roser 2024-12)
    There is a need for best practices by the worker how to do the work (what most call work standards). Different from technical specifications (which below were also called work standards).     This visual closes the theories for the gaps in:
    Dimensions Floor

    W-3.5 Sound underpinned theory, improvements

    Knowing the position situation in by observing several types of associated information . These are: Non trivial means it will be repeated for improved positions.
    Command & control needs information for what understanding what is going on. Without knowing the situation or direction there is no hope in achieving a destination by improvements.
    W-3.5.1 A structured enterprise, the organic cycle
    SIMF understanding the management improvement cycle
    An understandable visual for what is going on, what will go on, is not easy. Pitfalls: undercomplex, overengineered, too many not relevant details. The logical steps for understanding and improvements looks to be dependent in a cycle.
    The reality is: The question in this is where to start for better understanding, better improvements.
    SIMF improve org goal framework
    in a figure:
    See right side.

    The context of the audience: organisation.
    Switching into a another approach, not focussing on what could be dependencies but on options in the system to change some thing for the better. The question of what and how to start for changes:
    In a different presentation acknowleding a level of autonomy in system components that are systems on their own:
    Cid Organisation Technology Cid
    descriptionVSM VSM description
    9 Start-up: Vision & Execute system-5 system-1 Start-up: Operations & Planning 4
    Scaled: only Vision Scaled: only Operations
    0 Coordination system-2 system-2 Coordination 5
    1 Enabling system actvities system-4 system-3 Planning & processing 6
    2 Portfolio planning system-3 system-4 Enabling system Products 7
    3 Local: people execution system-1 system-5 Local: synergy technology 8
    Global: synergy people system-3 system-1 Global: system realisations

    Surprising interactions by the transformations during scaling and way of growth in dichotomies.
    SIMF understanding the technical improvement cycle
    Suppose the same figure but mirrored, same actions for the technology audience.
    SIMF improve org tech framework
    in a figure:
    See right side.

    The context of the audience: technology.
    It is missing the ultimate system improvements for the intended purpose(s), the goal being changed into technology hypes. Building products goods, services (new sytems) from components is forgotten. The association reading left to right and following cycles clockwise is very strong.
    W-3.5.2 The structured enterprise, backend and frontend
    Mastering the purpose, the backend perspectives
    Searching for processing structure, interactions: in a figure: SIMF building build-run

    Mastering the purpose, the frontend perspectives
    Searching for processing structure, interactions: in a figure: SIMF building operations

    W-3.5.3 A structured enterprise, the hidden organisatonal synapse
    Improving the organisation
    Given a purposes working top-down to tools. Both tools and purpose are left out in the generic approach, four of the six levels are left. in a figure: SIMF improving internal

    W-3.5.4 Primary and indispensable secondary processes in the whole
    lost in space stairs
    Extending dimension-4 to include important secondary processes
    Integrating corporate identity, corporate branding, corporate communications, corporate image and corporate reputation (Researchgate: J.M.T.Balmer 2006) It was during the 1950s and 1960s that the marketing philosophy and function began to be elucidated by scholars and adopted by managers. Key proponents of the above include Drucker (1954), Levitt (1960) and Kotler and Levy (1969). In terms of the marketing mix the contributions made by Borden (1964) and McCarthy (1960) are noteworthy. In a similar vein, Robert Keith made a clear distinction between having a production/manufacturing orientation, a sales focus and, finally, a truly marketing orientation. Greyser (1997) reflecting on Keith's tripartite categorisations observed that each is underpinned by a central question/concern which he detailed as follows:
    1. Production and manufacturing orientation: “Can we make it?”
    2. Sales orientation: “Can we sell what we can make?”
    3. Marketing orientation: ”Can we determine what consumers, or a group of consumers, want that we can make and sell profitably within our zones of skills?”
    4. Relationship marketing orientation: “Can we generate continuing business via consumer/customer satisfaction with what, and how, we make, sell, and service?”
    Fractals splitting divide and conquer
    reconnect into diverging by dichotomies
    Seeing the marketing activities got that autonomous it has worn organisations into disfucntional parts it is strange seeing it has the same origin as many of the other changes.
    The conclusion for this only can be that management has failed into better converging actvities.
    Root-cause most likely are: The question: A simple manual attempt with all imperfections.
    in a figure, see right side.

    Confused not understanding
    SIMF dichotomy to important secundairy procesess
    There are several indispensable secondary processes, most noteworthy legal financial obligations and customer intelligence, information management closed-loops. These are in a position to bypass the normal information processing approaches where they should be part of the whole. The problem is this that they are not seen or not evaluated as important as should be by the technology pillar.
    A logical line would by a system-5(ethos policy) by technology and system-4 at the organisation for adapting change. Going into the system-3 and system-1, there is a that big challenge in technology alignment the usual gap in misundertandings: Servicing technology important secondary processes:
  • SIMF_DSEC_01: Support for mandatory legal obligations e.g. financial reporting.
  • SIMF_DSEC_02: Support for research e.g. customer intelligence and decision information provisioning.
    • Confused-2

    W-3.6 Maturity 5: Strategy visions adding value

    From the three PPT, People, Process, Technology interrelated areas in scopes.
    Only having the focus on others by Command and Control is not complete understanding of all layers, not what Command & Control should be.
    Each layer has his own dedicated characteristics.
    W-3.6.1 SIMF-VSM Safety with Information at Technology
    A Paradigm Shift in the Information and Cybersecurity Mindset
    From Compliance to Culture
    Heisenberg’s Paradox in Information Security
    Focusing on compliance offers a challenge that parallels the uncertainty principle, also known as Heisenberg’s indeterminacy principle, introduced in quantum mechanics. The principle explains that we cannot simultaneously measure two complementary properties of a system, such as position and momentum, with absolute precision. The more accurately you measure one property, the less precise the measurement of the other becomes.
    In the context of information security, this principle offers an insightful analogy. By focusing intensely on measuring and documenting compliance (a static attribute of security), organizations lose clarity on the more dynamic and contextual aspects of security:     This creates a paradox: When organizations pour resources into proving compliance, they often fail to anticipate future risks. These blind spots leave them vulnerable to emerging threats, as their efforts focus on past performance rather than adaptive resilience. Measuring and documenting security is important, but it shouldn’t come at the expense of actually being secure.
    2ekamer Handelingen
    Principles: Safety with Information at Technology
    There is a lot of autonomy expected from the information processing perspective by the organisation. The challenges:
    SIMF component: Safety at Information processing at Technology, SaIT:
    W-3.6.2 Structuring viable systems with competing dichotomies
    Systems thinking, differences between the systems
    Another challenge: correctly manage the work There's a vast difference in types of work. Two fundamental mistakes people make, especially in the management and consulting space:
    1. Misunderstanding: nature of the work. Not understanding why the outcomes are suboptimal.
    2. Misapplying management approaches that are intended for a specific type of work to others.
    That leads, at best to waste. And at worst, to complete and utter failure.
    Now, the difficulty is that you may need to be an expert in the work itself to determine which is which. And that's why the concept of "manager experts" is fundamental to complex environments where all types of work are present.
    That's already hard. That's hardly possible - as a simple routine might explode in complexity when circumstances suddenly change!
    Hoshin Kanry C.Roser
    Systems thinking, optimizing KISS principle
    Kiss "Keep It Super Simple" is the fundament for many good viable systems.
    Introduction to Karakuri Kaizen
    Industry 4.0 is currently all the rage. Yet, karakuri kaizen with its focus on mechanical solutions is pretty much the opposite!
    These gadgets are not connected wirelessly, and not online as part of the internet of things or cyber physical systems. Heck, they don’t even have a microchip! So why use them? After all, any of these actions can also be done using sensors , actuators, and processors.
    Yet, karakuri is often better. In my view, there are a few advantages. Hence, karakuri devices allow for a grass-roots continuous improvement in lots of little steps. Computer systems are big steps, usually initiated by management when they notice the problem (often too late, and only the biggest ones), and implemented by engineers and programmers when they have the time (rarely). In sum: Kaizen is so much easier with karakuri!
    In the information landscape there are no known nice examples of simplicity. Why not?
    The four seasons are well understood, it is hard in a X-matrix, (Hoshin Kanri).
    Systems thinking, variety undercomplex
    When acknowledging a dichotomy between two competing subsystems lead to undercomplexity. undercomplex - variety Systems (Li C.Dethloff). Organizations are often modeled too trivially: with exactly one center and exactly one periphery. Management is allocated in the center and teams that create value for customers are in the periphery.
    Why is this view too simplistic? In the language of organisational cybernetics, the variety to be managed would be far too high.
    Fractals splitting divide and conquer The question: A simple manual attempt with all imperfections.
    in a figure, see right side.
    The world of chaotic systems that are predictable full of uncertainties unordered orderings.
    Mathematical:
    The famous visual, Mandelbrot fractals (1980). The set is defined in the complex plane as the complex numbers for which the function f_{c}(z)=z^{2}+c} does not diverge to infinity when iterated starting at z=0 remains bounded in absolute value.
    W-3.6.3 People authoritative leader "PAL" - Operational Units "OUs"
    Systems thinking, span of control
    About: managing variety (Li C.Dethloff) In the context of leadership, the question is often about the level of span of control: A suitable answer can be found using the "VarietyManagement" thinking tool from "Organisational Cybernetics". This tool brings varieties of the vertical and horizontal control axis into a suitable balance. The horizontal control axis describes the connection between people and their respective sphere of action (tasks and responsibilities of each person).
    The following factors are horizontal "variety" (increasing):
    1. Number of people
    2. Diversity of people's sphere of action
    3. Freedom in self-organization of people
    Dethloff span of control variety The autonomy of individual people should be high so that they can fill their sphere of action.
    Horizontal "OUs" variety should be absorbed by the variety of the vertical control axis, the "PAL" task.
    The vertical control axis describes the connection between people and the "PAL". Freedom in self-organization, is restricted to achieve more alignment.
    Factors that influence variety absorbtion (increasing):
    1. Overlapping service recipients between people
    2. Auditability in creating transparency
    3. Operational dependencies between people
    4. Shared use of resources
    5. Operational control by the "PAL" at people
    6. Coordination between people in the form of rules, principles, guidelines, standards, etc.
    When these options are not sufficient the "PAL" is overwhelmed.
    The consequence: the span of control, i.e. the number of people to be managed, could be minimized by adding another management level. This creates a suitable span of control without guessing numbers out of context. The following applies: This has been ignored in recent years, especially in the "agile bubble". More emphaty has been placed on the "OUs" efforts for autonomy neglecting the alignment by management.
    Floors Gates
    Floor: 0-1, 1-2, 2-3, 3-4 growing maturity
    The indicator floor 0-1 was chosen because a start-up starts wirh nothing creating the first ones. This for the first valuable product. The 1-10 journey for the company achieved a product-market fit and going for scaling its business.
    The transformation over the floors is a fit to VSM and CMM.
    What about floor 4-5, 5-6?
    There are the parts for enabling to react, react for the whole wit on top the rules and ethos, the attributes that were emerging from a start-up.
    Roles tasks Floor: 0-1, 1-2, 2-3, 3-4
    Now we have a system model in floors, the questions is: what roles are a good fit at what location? Key tasks roles by the verticals:
    floor Organisation Mediation Mediation Technology
    system-5 system-3 system-3 system-5
    0-1 Executive officer Human facilities Process planner Technology specialist
    Captain, Driver Purser Loadmaster Machinist
    1-2 Resource manager Account Manager Project Manager Operations Officer
    Sales Manager Customer Service
    2-3 Portfolio manager Program Manager Product Manager Product Engineer
    3-4 Financial specialist Business analyst Market analyst Technology Officer
    Risk specialist Product officer

    W-3.6.4 A generic context of the 6C in viable systems
    Improving vs innovation for products, services
    The military sources are mentioning the concepts are generic valid, is that all there is?
    The philosophy of a corporate-level how people think and behave
    Integrating corporate identity, corporate branding, corporate communications, corporate image and corporate reputation (Researchgate: J.M.T.Balmer 2006) Like the Roman God Janus, we gain perspective by looking both backward and forward. In looking forward we conclude that marketing is undergoing another paradigm shift and is increasingly characterised by having an institutional-wide focus. The label “corporate marketing” to the area. ...
    ^c marketing framework A corporate marketing philosophy represents a logical stage of marketing’s evolution and introduce a revised corporate marketing mix (the 6Cs) as an illustrative framework representing the key concerns that underpin this expanded viewpoint of marketing. ...
    Each model employs different assumptions about the power/balance in the marketplace,
    1. the origin of consumer needs and desires,
    2. the type of consumer power exercised,
    3. the “warning” to consumers or business that pervades the marketplace,
    4. and the role of the marketer.
    5. To us, corporate marketing represents a logical fourth stage in terms of the above. ...
    For this reason the mix of elements should be seen as informing an organisational-wide philosophy rather than as encompassing a mix of elements to be orchestrated by a department of corporate marketing. This closes marketing philosophy back into the culture of the enterprise:
    internal Culture ⇄ i 1 ⇆ What we feel we are
    Character ⇆ i 2 ⇄ What we indubitably are
    Communication ⇄ i 3 ⇆ What we say we are
    External Constituencies ⇆ e 4 ⇄ Whom we seek to serve Stakeholders
    Covenant ⇄ e 5 ⇆ What is promised and expected Brand
    Conceptualisations ⇆ e 6 ⇄ What we are seen to be Reputation

    W-3.6.5 Following steps
    Missing link devops bianl devops meta design data design meta design math
    These are practical data experiences.

    MetaData Information generic - previous
    bianl, Business Intelligence & Analytics 👓 next.



    Others are: concepts requirements: 👓
    Data Meta Math
    🎯 I_Vuca ✅-AppSec C_Bani C_Vision ✅-fractals CMM5-SIM 🎯
      
    🚧  PT_GAP ✅-TechSec C_Steer C&C_PT ✅-Morphing CMM3-SIM 🚧
      
    🔰 Contents I_Floor  C_Tasks  H_Culture C_Theory CMM0-SIM 🔰
    © 2012,2020,2024 J.A.Karman
    🎭 Concerns & Indices Elucidation 👁 Summary Vitae 🎭