Investment Planning

November 01, 2021

Over the past few weeks we have been on investment planning mode. You can think of it as a roadmap planning on steroids where the goal is not only to come up with a roadmap, but also detail team responsibilities, dependencies and discuss what success looks like and how it is measured.

As you can imagine this is a time consuming activity, but when done right it can bring alignment to the organization as a whole. It broadly follows an agenda like the one below:

  1. Mission and Organization
  2. Investment Planning
  3. Prioritization
  4. Presentation

These are split in three distinct meetings per team and every manager from the same product or service line should also attend. Leadership will also be present on these meetings to provide real-time feedback and ask probing questions. To make it clear, suppose your product line has two teams, this would result in eight different meetings.

Before each meeting managers are expected to have most of this work documented. Not doing this thinking beforehand decreases the usefulness of the investment planning and results in shallow planning.

Let’s break down each of these topics.

Mission and Organization

Before coming into this meeting managers are expected to:

  1. Identify and list their customers and explain what each constituency wants and needs
  2. Document what their team is currently responsible for

Customers

Identifying customers is a great way to describe what your team is responsible for and also find gaps in your organization. From the Security team point of view customers could be developers (internal and 3rd party developers), the Privacy and Partner Governance teams.

This step serves as a tripwire to uncover customers that are not the core responsibility of a team. For example, in a small organization the security team could also be responsible for dealing with privacy issues, but as the organization grows the effort and knowledge required to handle this topic might warrant an entirely new team.

After each constituency is identified it’s time to document what each one needs and wants. What does success look like and how do we measure it?

Using our Security team as an example yet again, we could say that the developers constituency wants to deliver new products and services with the confidence that they are secure. They also want helpful advice/training and actionable issues when they exist. In order to know whether the Security team is successful we can gather feedback in the form of a survey from developers, measure whether SLOs of issues are being respected and metrics like the performance of security toolings.

The understanding of what each constituency wants and needs tends to evolve every year as the team gets a better understanding of their domain and helps to define the future roadmap. This is also a great moment to prioritize which customers to serve.

What is the team responsible for

What Products and Services does your team own and provide? It doesn’t need to be only Software related, training is a great example of something that a Security team owns that is not related to Software. Listing the customers for each Product and Service is also helpful as a way to uncover hidden dependencies.

Sharing this with leadership and managers across your Product or Service line makes up for interesting conversations regarding team resourcing and ownership. It’s easy to spot whether a team is overstretched and whether they are achieving their mission within the organization or not.

This acts as a tripwire to understand which efforts are in a healthy state and which ones are underinvested and require more resources (support, money, people). In some cases deciding whether an effort should be dropped or not is equally important.

Investment Planning

Before coming into this meeting managers are expected to figure out:

  1. What the team will invest on in the following year
  2. What the team could invest on given unlimited resources (support, money, people)
  3. What’s the priority among investments

Investments

Time to detail and document what the team is planning to invest on. For each effort how do you describe it to leadership and which problems is the team trying to address with it? Think of this section as an elevator pitch for each investment.

Based on the investments that were identified above we should answer a few more questions. What does success look like and how to measure it? What are the dependencies in play? How many people are needed for this investment to be feasible?

If the previous meeting was responsible for raising awareness of what the team is currently owning, this one is responsible for raising awareness of what is to come. This is the perfect moment for leadership to intervene and give feedback in order to guide the roadmap.

This is not the moment to plan the execution of each effort, it is better to keep the discussion at a higher level.

Potential investments

What could your team tackle with unlimited resources? This is a fun exercise where you as a manager imagine a world without constraints. Any new initiatives come to mind? Any new products or services? This is extremely useful to share with leadership the long term vision of your team and what you think they would be capable of.

This hypothetical scenario can also be made possible with buy-in from the organization. If there’s an initiative that leadership really wants to make a reality your team could receive the green light to hire, seek third party providers or partner with other teams internally. If nothing, it is also a great way to think long term.

Prioritization

What are the key efforts from your team that should be fulfilled regardless of what happens? That’s what prioritization aims to answer. It makes for an interesting conversation of what you as a manager thinks that your team should prioritize versus what leadership thinks that should be prioritized. It also helps planning where new hires should be allocated and who will be responsible for their onboarding.

Presentation

After all this work with managers and leadership it is time to present the finished work to your own team. By this point in time you should have a clear picture of the roadmap and the team’s vision. Team members are usually inspired by the vision as opposed to the work, so focusing a bit more on it yields better results in terms of participation and feedback.

Recap

By the end of an investment planning your team and leadership should have a clear picture of the future roadmap and what should be prioritized. This will help to set expectations with team members and leadership and will also guide hiring efforts. It is also a great document to have at hand for new hires since it perfectly encapsulates what the team is responsible for and what they are planning to achieve for the year.

How does your organization approaches this topic? I would love to have a conversation if you feel we are missing steps or to clarify any of the topics above. As always you can reach me via email or twitter, see you next time!


Bernardo de Araujo

Application Security Engineer @Shopify.

© Bernardo de Araujo 2021