splunk partner logo

Uni of Exeter - Project Management Perspective

04/09/19 – Author: Matt Woodhams – Certified Project Manager

We work with a wide range of customers at Somerford, from multinationals and digital disruptors in the private sector to government departments and universities such as the University of Exeter in the public sector. This diversity necessitates a tailoring of Somerford’s project management approach to suit the customer and their project requirements. Some of our customers utilise the governance of PRINCE2’s methodology while others have embedded Agile concepts and techniques across their IT teams.

At Somerford, all our Project Managers are experienced and qualified in both PRINCE2 and Agile methodologies which allows us to draw on the advantages of the two approaches and work in tandem with our customer’s preferred method. For the University of Exeter, we drew on the principles and processes of both PRINCE2 and Agile to ensure an appropriate level of project governance was in place to meet the University of Exeter’s requirements while ensuring successful delivery within the agreed project constraints to achieve tangible early value.

To borrow the idiom Alan Hill used in his presentation at SplunkLive! London, “No plan survives contact with the enemy” but as project managers we have a responsibility to ensure there is resilience and adaptability to overcome challenges faced and deliver projects within agreed tolerances. Two of the key factors which enabled us to achieve this with the University of Exeter were clear, honest communication and collaboration between the stakeholders, and a focus on the business benefits rather than following a comprehensive plan to the letter; not letting the tail wag the dog.

The University of Exeter were clear from the outset that they had tight timescales in mind for delivery and this enabled us to plan accordingly from an early stage. Properly scoping the project and identifying the key data sources, desired use cases and required prerequisites are critical to the subsequent successful project delivery. With both sides of the project team fully aware of the project timescales we were able to efficiently collaborate throughout the project lifecycle with a shared understanding of the deadlines for each stage. Where risks were identified, these were swiftly raised so they could be appropriately resolved.

The openness on both sides enabled us to be candid when issues arose and utilise University of Exeter’s staff’s understanding of their environment alongside our Splunk expertise and experience delivering similar projects. This positive, proactive culture ensured that when we encountered obstacles on the project, the team’s response was to collaboratively work to surmount these challenges.

Focussing on the business benefits was particularly key for our project with University of Exeter which was delivered in a continuous block of professional services. While good planning facilitates delivery, there will always be unknown unknowns and when the timescales are fixed there needs to be flexibility in other areas.

When deploying Splunk Enterprise Security into a new environment there are some aspects of the delivery which are more amenable to adaptation than others. For example, deploying Splunk Enterprise and configuring the future-ready architecture (whether clustered, multi-site or single-instance) is a prerequisite for onboarding data sources into Splunk. Similarly, having relevant data available in Splunk is a prerequisite for deploying Enterprise Security, tuning use cases and creating dashboards.

As deploying Splunk Enterprise and configuring the required architecture comprise the core elements of the first sprint/stage, we can focus on controlling the variables as far as possible during the project’s initiation to deliver these elements smoothly. As the level of uncertainty increases when initially forecasting ahead into the latter stages, the focus shifts towards controlling risks rather than known variables.

A key tool in this regard is to utilise the differences between the data sources being onboarded to ensure the work streams are able to flow alongside the customer’s BAU workloads. For example, deploying Universal Forwarders to the customer’s Windows Endpoints might take longer than expected, but deploying forwarders to the Linux server infrastructure may involve a different individual/team and could be expedited to mitigate the impact of a delay with the former.

Borrowing from the Agile principle of responding to change over rigidly following a plan enabled us to adapt when we encountered obstacles during the data source onboarding sprints/stages and the demands on the University of Exeter’s wider IT teams were greatest. The close collaboration between our respective project team members and the clear communication ensured that we kept working in tandem even as we flexed the plan to deliver the targeted business benefits.

A final take away from this project was the benefit of the University of Exeter’s understanding of their IT estate and their readiness to focus our initial efforts on the key data sources and use cases needed to provide coverage of their highest risk areas first. As with other medium to large organisations, the University of Exeter are building towards using Splunk to cover a significant breadth of security, operations and other business applications. By focusing on the highest priority areas, we were able to quickly realise coverage of their critical infrastructure and deliver tangible business value.

We set out with a clear vision and an initial, targeted list of use cases; since our successful project delivery, the University of Exeter have continued to implement further use cases over the ensuing months and are working with us to scope and deliver Phase 2 in the near future.

Find out more through our University of Exeter Case Study

Scroll to Top