The cyber security team within the oil and gas company was responsible for delivery of policy, compliance and reporting services which underpin safe and secure services and operations of over 100,000 people (staff and suppliers).
The cyber security team’s aim was to improve CX, service delivery and value offered to support customer community in a more agile way.
Due to a major transformation project within IT, this team needed to respond by also transforming the way it worked to deliver effective support to their organisation in an agile fashion.
Oil and gas companies are always going to face threats. Cyber security therefore is a critical part of the overall proactive security for the business. Within our customer, the IT function (a key area that cyber security protects) had undergone an agile transformation. The cyber function intended to deliver its own agile transformation to better align to its internal customer and support the broader organisation with increased responsiveness.
A Cyber Security team within a FTSE 100 oil and gas company wanted to improve, customer experience, service delivery and value offered to support their customer community in a more agile way.
The customer initially engaged the team from Kerv Consult to deliver an agile transformation project. Over six-months we delivered an initiative to embed agile ways of working, improve service delivery and improve the overall customer experience.
The customer had already selected their preferred toolset, Microsoft Azure DevOps, for managing delivery activity. They engaged us to ensure that their team adopted the new tool, embedded agile principles and put the customer first. As the services delivered were critical to the business, both the customer and the Kerv Consult team were passionate about embedding improvement at pace.
We started by leading workshops to identify the key outcomes which the joint team wanted to achieve. There were six outcomes identified which were aligned to the company strategy and socialised up to CISO level to ensure that they were of direct value to the company.
These outcomes (slightly modified for anonymisation) focused on:
We worked with the team to identify a roadmap of improvement activities that would achieve their 6 key outcomes, with the key focus areas being improving the customer experience and empowering their internal customer to deliver more securely. This formed our backlog of delivery activities, which could be planned into 2-week sprints (applying a tailored SCRUM approach). However, the true agile transformation was about ‘how we worked’ not ‘what we delivered’ and would be achieved on top of this delivery activity.
We started by implementing the ritual of retrospectives, or retros. These are fortnightly meetings to look at ‘What went well?’, ‘What did not go so well?’ and ‘What would we do differently?’. These formed the foundation of a continuous improvement culture, with the team increasing velocity every sprint as they embedded new ways of working and improvements.
The question of ‘What would we do differently?’ was the key focus of the retros, as many valid and useful suggestions were brought up in this section, which challenged the current method and strengthened the ability to deliver the outcomes the team had identified.
In addition to challenging the processes and methodology through retros, we embedded regular stand-ups to track what needed to be achieved within the sprints. The team used this time to focus on removing their biggest bottlenecks by the end of every sprint and allowed the right people to team together to focus on to delivering their milestones. Soon the team had adopted the agile practices into their day to day delivery and it increased the pace of productivity.
Some simple examples of the improvements identified and embedded were:
The core delivery activities (i.e. what was being delivered) were always focused around key customer outcomes listed above. However, in parallel the team was adopting an agile culture and constantly changing and improving the way that they worked.
Following an initial series of 12 sprints and their associated retros, the team had improved their throughput by 335%. These improvements were measured and evidenced by both effort and number of work items completed. This improvement was down to the customer embedding more agile ways of working, underpinned by the Kerv Consult team led agile transformation.
Following the success of the first engagement, the customer engaged Kerv Consult for a second project to deliver further transformation, focussing this time on a clear integrated risk management approach to governance, risk and compliance. This included defining both clear measures and metrics to ensure clarity as to how the risks were being mitigated and a clear value chain between different cyber security services.
within the team
a clear understanding’ of core security accountabilities
in customer service
There were 3 key benefits from the agile transformation:
Kerv Consult brought passion, energy and vision that matched our own. This coupled with a strong understanding of agile methods and a focus on delivery meant we achieved our goals. Kerv Consult helped us increase delivery and improve customer satisfaction but the most valuable outcome was the change in mindset of the team.
The Kerv Consult team have since supported other teams within the customer organisation to embed similar improvements and agile transformation across the other areas. We look forward to building on this relationship, into the future in ways where Kerv Consult can add real value to the customer.
Whilst this Case Study is anonymised, we are proud of the work we have done with this customer, even more so since they launched their new company vision and are actively embracing renewable energy and working to eliminate their carbon footprint.
In a continued effort to ensure we offer our customers the very best in knowledge and skills, Kerv has acquired Worth Digital.
