Taming IT complexity with real time SIAM orchestration

SIAM stands for Service Integration and Management and is a methodology for coordinating different service providers – both internal and external – and integrating their services into a single cohesive service model. “The need for SIAM has grown historically,” says Anne-Marie Covemaecker, Operations Lead Government at Proximus NXT. “Traditionally, a company would work with its own IT department to support its business. As the need for specialized IT services grew, companies began to bring in outside partners for that.”

In this way, the practice arose that we find in many organizations today: a hybrid approach in which the in-house IT department works closely with various external service providers. “Managing the whole thing is often complex. As well as entering into contracts, you have to integrate the services offered within a broader context. That includes SLAs – service level agreements – for example.” Above all, the internal IT department must be able to provide the business with seamless service. This only works when all these different parties work together smoothly within a clear framework.

Centralized governance

In this context, SIAM acts as the layer between the external service providers and the business. The Integration of services takes place through this SIAM layer. SIAM aligns all processes, tools and teams. In this way, it introduces an integrator that ensures consistent collaboration between all the parties involved, with a central control point that drives a clear division of roles, providing uniform KPIs and a single point of contact for all questions regarding collaboration, and for incidents and reporting.

Who assumes the role of service integrator in a SIAM setup may vary. “There are some organizations that keep tight control,” says Anne-Marie Covemaecker. “Others simply choose to completely outsource this role.” In practice, organizations very often take a hybrid approach here as well. In this process, one of the external suppliers – usually the one that carries the most weight – takes on the role of integrator and point of contact.

Anne-Marie Covemaecker, Operations Lead Government at Proximus NXT.

Create a business case

SIAM is now indispensable in companies whose business relies heavily on a complex IT environment. These are organizations with high expectations around the services provided, such as government agencies and companies with strict compliance and security requirements. “The benefits are obvious,” Covemaecker explains. “IT outages are no laughing matter. SIAM ensures that problems get resolved faster. At the same time, it’s also a way to make the operation of IT more transparent.“ Overall, we can say that SIAM eliminates wasted time and inefficiencies in supplier relationship management.

In this context, it is a good idea to make the value of SIAM tangible. “As a company, it is good to prepare a business case for SIAM. That way, you identify what SIAM costs, because it does require people and tools. However, you also make it very clear what you gain with this approach.

With SIAM, you bring down the operational costs of your IT.” This explains why SIAM can make just as much of a difference for small organizations. “They often work with different suppliers too. SIAM can help ease the coordination of those service providers by starting small, with a simple service catalog and a few KPIs.”

End-to-end visibility

SIAM's first goal, therefore, is to avoid the classic ping-pong game, where all the partners involved point to each other in the event of a failure. “A good SIAM setup provides end-to-end visibility, across suppliers,” says Covemaecker. “A robust observability tool is indispensable in this regard. It ensures that a failure is dealt with more quickly.” Without SIAM's central direction, handling an incident takes more time. SIAM maintains an overview, which allows of more efficient coordination and faster adaptation.

Processes, tools and teams

SIAM is also relevant to governance. One of its key aspects is the clear definition of everyone's role. A conflict of interest can sometimes arise between suppliers. SIAM provides a framework here that can be used to clarify the boundaries of the different areas involved. A typical situation is where each supplier has a different security policy. That can create risks. “One vendor wants to close a certain port, for example, while another needs precisely that port for a specific action.” SIAM ensures that there is a central policy that all suppliers must adhere to.

This involves processes and tools, but also people, of course, which explains why soft skills are also very important within SIAM. “The aim is to get everyone on the same wavelength. That is the only way to end up with a coherent service model. Inevitably it takes some change management to get everyone involved.” Equally, though, specific attention is paid to IT change management here. “SIAM aims to avoid a situation where one supplier makes changes to its part of the solution on its own initiative that could cause the whole thing to stop working properly.”

Anne-Marie Covemaecker, Operations Lead Government at Proximus NXT.

Real-time orchestration

SIAM has traditionally been based on fairly static governance. “For example, a SIAM model would call for monthly reporting on delivered scores against agreed KPIs and SLAs,” Covemaecker explains. “On its own, that approach is usually inadequate these days. Business is changing rapidly. IT has to be very flexible in responding to that.” At the same time, regulations are changing and cyber threats are increasing. “SIAM helps integrate compliance and security requirements in contracts with service providers. This raises the level of risk management and simplifies the auditability of processes.”

Moreover, SIAM makes it easier to view the entirety of services in a unified, objectively comparable way. “Vendors use different definitions and tools to measure their performance. That makes comparison difficult. SIAM provides one set of definitions and one dashboard, so everyone looks at things the same way.“ That unified approach allows the necessary data to be automatically captured and processed with AI. “We’re therefore evolving towards a system that constantly has its finger on the pulse and can be adjusted in real time,” Covemaecker concludes. “So we’re moving step by step from classical governance to real-time orchestration of compliance.”