With all the pressures on IT to deliver effective, efficient and economical services that also are compliant, process design is more important than ever.
In understanding current processes, as well as designing new processes, it is vital to recognize the roles and responsibilities required. To this end, processes can be flow-charted and then mapped using a RACI chart in order to understand and clarify responsibilities.
The RACI chart (pronounced “racey”) allows for each task step to be identified; then each stakeholder and their responsibilities can be identified. The resulting chart can be scrutinized for opportunities for improvement.
With a standard RACI, there are four responsibilities and issues to consider with each opportunity:
RACI charts are very useful both in terms of understanding the current responsibilities within a given process and also for discussing revised processes, clarifying roles and responsibilities, etc.
Now, let’s take an example process and use the RACI technique to identify responsibilities for each task and role combination. (Chart at bottom of page.)
Step 1: The business manager is both responsible for completing a new user form and is accountable for it being complete. The system owner is informed of the new request form being initiated.
Step 2: The system owner is both responsible and accountable for the review and approval of the new user account form. Security is consulted with to ensure the request is consistent with current security policies. Finally, Security is notified of the authorized form as is the Service Desk. (Note, for simplicity we aren’t covering the rejection of a request which would be another branch in the flow chart for this particular procedure.
Step 3: The Security group is responsible for the creation of the user profile on the system in question. The IT Manager for the department is held accountable for the task being completed according to defined standards. Note that the accountability lies with one person ideally. Diffused accountability reduces accountability! In addition, after the account has been created, the Business Manager and the Service Desk are informed of the task being completed.
The documentation supporting the request is then filed according to defined standards by the Security group and, again, the IT Manager is accountable for the task being completed. The Service Desk is informed that the documentation has been appropriately filed, which essentially means the work has been completed in this case. Step 5: The Service Desk is then responsible for informing the Business Manager that the new user account has been successfully created.
When reviewing the charts, look vertically down the columns to see how each stakeholder is involved. Additionally, look horizontally at how each stakeholder is involved with each task. Look for lack of accountability, excessive workload, segregation of duties issues, too many people being informed or consulted, and so on.
In closing, when attempting to understand processes, both those currently in place as well as new ones, RACI charts can be a useful tool in their formal documentation and then discussion with groups to try and ensure proper design.
Note: An Excel RACI chart template can be downloaded here.