The Art of Managing Agile Delivery – It’s About Balance

Hirotaka Takeuchi’s and Ikujiro Nonaka’s 1986 paper “The New New Product Development Game”, set in motion a new era in product development. Their key message was that the sequential way of building products, which resembled a relay race, was outdated. A faster and more flexible model that included self-organizing teams was taking its place. The new model would look more like “a holistic or rugby approach—where a team tries to go the distance as a unit, passing the ball back and forth”, said Takeuchi and Nonaka. Building upon this new model, the Agile Manifesto was created in 2001, and the Agile movement was under way. 

Nowadays, it is common knowledge that agility is crucial for product delivery. This is especially the case in software development. A whole slew of Agile frameworks exists to build products faster and better. In fact, an entire industry for Agile training and certifications was born two decades ago due to this need. 

While product development evolved over time, managing agile delivery remains misunderstood. What is the role of management when it comes to modern agile delivery? Here are a couple of common views I encounter. 

  1. The Agile purist. The Agile purist operates less from a practical standpoint, and more from theory. Their belief is that management plays a minimal role in Agile delivery, if any. They contend that most organizations have unnecessary managerial overhead. Management should fund, staff, and empower teams, then get out of the way. The purist has in depth knowledge on Agile, yet often what they advocate is unrealistic for organizations. 
  2. The Agile enforcer. These folks are strong advocates of Agile. They bring in Agile training, start Agile clubs, and promote Agile to the nth degree. Yet behind the scenes, their behavior resembles something different. Unaware of the contradiction, they apply a command-and-control scientific management theory (Taylorism) style. They often focus on tools and processes, but they tend to be strong in delivery and trusted by leadership. 

Both examples, though extreme, have benefits and drawbacks. While the agile purist promotes empowerment and trust, in the real world, managers are accountable for delivery. It would be wrong for managers to give up complete control of product delivery. Yet, managers need to empower as much as possible, and not interfere in the delivery process.

So, what is the most effective way to manage agile delivery? Over the past ten years I’ve been consulting for organizations in a delivery lead capacity. Sometimes as a Scrum Master/Coach, other times as a program manager or capability/product manager. Here is what I have learned. The key to effective agile delivery management is balance.

Below are four key areas to apply balance:

  • Empower others, but do not relinquish all control
  • Trust, but verify
  • Coach instead of giving orders, but apply appropriate pressure
  • Focus on emotional intelligence and relationships, but stress accountability


Managing agile delivery is an art form. Effective managers apply a healthy balance between empowerment and control. They manage agile delivery using an approach that combines both theory and practicality. In short, to manage agile product delivery, one needs to be agile with their management approach. 

About the Author: Mike MacIsaac is a principal consultant for MacIsaac Consulting, providing leadership as an Agile Delivery Consultant and IT Project/Program Manager.

3 Critical Skills Required for Epic Leadership in The Digital Age

Over the past decade the world propelled like a rocket ship into the digital age. Everything we do, from purchasing products and services, to working from home, we do through technology. Smartphones and devices have become extensions of our body. Data has become an asset for organizations, and an improved digital customer experience is one of the best ways to differentiate products and services. Experience is the new currency.

Yet with all the wonderful opportunities the digital revolution brings, it also brings challenges. Many organizations struggle to transform their business to a digital model, and the adoption of Big Data and AI (Artificial Intelligence) continues to be a major challenge. 

To confront these challenges and opportunities, we need leaders with the right skills. Here are 3 critical skills required for epic leadership in the digital age:

1. Business Imagination – Often the biggest roadblock to digital success is business imagination. As an example, most data analytics projects fail because companies neglect to connect the analytics to business value. It’s not enough to focus only on analytics output, tools, and technologies. Leaders must find ways for human intelligence and machine intelligence to work together. As I learned from Professor Ravi Bapna in the Carlson Executive Education program, “The future belongs to those (individuals, leaders, business units, societies, countries) that optimize the man-machine duality!”.

“It’s not enough to focus only on analytics output, tools, and technologies. Leaders must find ways for human intelligence and machine intelligence to work together”

2. Empathy – Empathy is one of the pillars of emotional intelligence and when it comes to business, empathy is often misunderstood. I once had a professor in business school tell me empathy was not important for business success. That statement couldn’t be further from the truth. Today, employees feel high pressure to deliver. This stress increased tenfold with the effects of the pandemic.

Image by Gerd Altmann from Pixabay

Behind the financial targets and technologies, companies are made up of people. People are emotional beings who need to feel understood and cared for by their leaders. Performance, wellbeing, and results improve when leaders treat employees with empathy.  Empathy is good for business, and it is critical in the digital age.

3. Digital Savviness – Gone are the days when IT was an afterthought. Technology now has a seat at the table. Digital leaders must have a strong understanding of technology. They don’t need to know how to write code, but they need to have digital savviness. In a recent study conducted by MIT Sloan Management Review, they found that “large enterprises with digitally savvy executive teams outperformed comparable companies without such teams by more than 48% based on revenue growth and valuation”.


The digital age is here, and organizations need leaders with the right skills. Business imagination, empathy and digital savviness are three critical skills for today’s leaders. With these skills, leaders can take advantage of opportunities to reimagine their business and thrive in the digital age. 

About the Author: Mike MacIsaac is an IT program delivery consultant providing leadership for large business driven initiatives.  

Privileged Access Management (PAM) – Why It Is Important

privilege access management

What is privileged access management (PAM)?

Users with privileged access accounts can cause major damage to your organization. Privileged accounts have elevated access rights. These accounts could be used by humans or machines. Think of accounts like domain or local administrative accounts. Other types of privileged accounts may include accounts that have broad access to underlying company information that live in applications and databases.

To manage this risk, organizations need to have a privileged access management, or PAM, solution in place. PAM puts special controls in place to secure privileged access accounts and track their usage. Think of PAM as holding the keys to the IT kingdom. PAM is used to protect against the threats posed by credential theft and privilege misuse. PAM is different from identity and access management (IAM), but they are closely related.

Good PAM solutions provide just in time privileged access programs, and zero trust security architectures. A central goal is the enforcement of least privilege, defined as the restriction of access rights and permissions for users, accounts, applications, systems, devices (such as IoT) and computing processes to the absolute minimum necessary to perform routine, authorized activities.

What are the main features of a PAM system?

PAM systems are made up, but not limited to, the following five key features:

  1. Password Vaults – Password vaults are secure encrypted repositories that store passwords used to access sensitive accounts. With password vaults, nobody knows the passwords for the privileged accounts. Passwords are created automatically by the password vault. When a user needs to log into a privileged account, they log into the password vault and the password vault then logs into the target system. The security of the privileged account password is maintained, even when multiple users access the same privileged account.
  2. Command Proxying – PAM provides proxying of commands which eliminates the needs for direct server access. Instead of a user login into a remote system directly, the privileged account manager receives the command that the user wishes to execute, verifies the user is authorized, then issue the command to the target system on the user’s behalf.
  3. Monitoring – PAM provides enhanced monitoring capabilities that can log every action taken by a user in a privileged session. The logs are stored for later review. This gives auditors or investigators to retrace the steps taken with administrative privileges.
  4. Credential Management – PAM typically performs account management functions. This can include rotating passwords automatically which will create new and strong passwords.
  5. Emergency Access Workflow – This is necessary when a user needs to bypass the account manager and access a system directly with administrative rights. The is a “break glass” scenario. The account manager should allow this with the permission from a manager. The account manager would then log the emergency access and ensure the emergency password is changed after the disclosure.


Users with privileged access accounts pose a major risk to your organization. To manage this risk, you need to have a privileged access management (PAM) solution in place. PAM needs to be a critical component of your organization’s cybersecurity strategy.

Identity Access Governance Benefits Your Business in 4 Ways

Identity Access Governance

Identity and Access Management, or IAM, is a framework of policies and technologies within an organization that ensures the right people have access the right resources at the right time for the right reasons. IAM plays an important role in any organization’s security program. Today more than ever, organizations need to protect who has access to their applications and data. This can be achieved through identity access governance.

When we refer to identities, we are referring to digital identities. These include employees, contractors, partners, and customers. They could also include applications, devices, software bots and temporary identities that perform work in the cloud.

Without proper identity access governance, it is challenging for organizations to assign and keep track of the applications and resources that identities have access to. Some organizations have hundreds, even thousands of applications.

Here are four important ways that identity access governance benefits your business:

1 – Strengthen security and lower risk – Compromised identities caused by weak, stollen or default user credentials are a threat to organizations. With centralized visibility into access data, you can detect and address inappropriate access, policy violations or weak controls that put your organization at risk.

2 – Improve compliance and audit performance – Identity access governance allows organizations to verify that the right controls are in place to meet the security and privacy requirements of regulations like SOX, HIPPA and GDPR. You can establish more repeatable practices for a more consistent, auditable, reliable, and easier to manage access certification effort.

3 – Deliver fast efficient access to the business – By giving your users timely access to the resources they need to do their job, identity governance enables them to become more productive. It also empowers business users to request access and manage passwords, which reduces the workload on Helpdesk and IT operations teams. With automated policy enforcement, identity access governance allows you to meet service level requirements without compromising security or compliance.

4 – Reduce operational cost – Identity access governance automates labor intensive processes such as certifications and password resets. This can reduce the time IT staff spends on administrative tasks.

There are many identity access governance administration systems on the market to choose from. Gartner recently provided a list of top IAM systems for 2021.

If your organization needs help to select and put in place an identity governance system, MacIsaac Consulting can help. We have helped both large and small organizations succesfully deliver IAM programs. We help companies stay compliant and avoid access deficiencies related to risk and compliance audits.

Reach out to us today for our free consultation and assessment.

About the Author: Mike MacIsaac is a principal IAM consultant for MacIsaac Consulting.

Trust Is the Key To Management in 2021

As an IT program manager, I have long felt that there is no better form of communication than two people face to face at a white board. I am an advocate of teams sitting close together to collaborate. The Agile way. While Agile teams usually sit together, there is another element of Agile more important than where people sit. Trust. Trust is the key to successful teams.

When the pandemic hit and everyone had to work from home, I thought it would crush team efficiency. Like many things in life that I made presumptions about, I was wrong. The remote program teams I have worked with have been productive and efficient. We use tools like MS Teams to collaborate throughout the day. In many ways, the remote work has brought about more efficiency. It has eliminated the time required to prepare and travel to the office.

Remote work provides companies with cost savings due to requiring less office space. This and the fact that work productivity remains high will make working from home permanent for many. This is especially true for those who work in technology. For this reason, the task for managers in 2021 is to improve and promote trust.

Once Covid-19 took hold in 2020, many in management had difficulty adjusting to a new way of working from home. They did not empower and trust their staff, they micromanaged. This combined with kids being home from school drove stress and burnout through the roof for many. Work life balance got way out of whack.

The key to managing those working from home is trust. Towards the second half of 2021 things will start to return to some level of normalcy. In the meantime, let us trust employees to do their jobs, whether they are in the office or not.

About the Author: Mike MacIsaac is a principal IT consultant for MacIsaac Consulting, providing IT Agile and cyber security consulting.

Happy Holidays from MacIsaac Consulting!

Our purpose at MacIsaac Consulting is to create long term relationships built on trust. Although 2020 has been a challenging year, we are grateful for our clients, friends and family.

Looking ahead to 2021 we are optimistic! The right set of circumstances are in place for companies to gain tremendous value through digital projects. Optimizing and securing data should be top priority across industries.

We are ready to help companies along their digital journey and we also hope to provide consulting opportunities for those who were out of work due to the pandemic.

We wish you and your family a safe and healthy holiday season!

Kind regards,

Mike & Tere MacIsaac

MacIsaac Consulting provides IT delivery, cyber security and agile transformation consulting. Connect with us or subscribe to the MacIsaac Consulting blog.

5 Ways To Improve Agility and Adapt a Product-Driven Mindset

The concepts of improving agility and adapting a product driven mindset are not new. Yet many companies struggle to make any meaningful change. Why do they struggle? In short, they invest in Agile training and focus on processes but fail to address culture, roles, and talent skills. They slap new labels onto old roles without changing organizational structure.

Below are five adjustments companies can make to have success changing to a product-driven model with measurable results:

Form stable cross functional teams. A stable cross functional team is made up of people from different areas within the company (IT, business, operations…etc.). This is a shift away from functional silos where resources are farmed out to various projects. Allocating resources to projects follows the outdated Taylorism philosophy that people are replaceable. 

Within cross functional teams, experts work together to achieve a common goal. Over time the team develops synergy and becomes high performing. The team synergy exceeds the productivity of individual efforts.

Work is brought to teams instead of “bringing people to work”. Teams that stay intact allow for expertise and relationships to build over time, improving velocity and moral.

The picture below represents the product team model made popular by Spotify. The squads are teams, and the chapters represent skillsets.

Hold business and technology organizations accountable. Agile delivery is not only an IT practice. The business needs to be committed and held accountable for the success of product outcomes. In a recent study conducted by Deloitte of companies that implemented Agile methods, they found that 31% of the business still did not understand Agile. The business must have skin in the game, and they must go through Agile training.

Hire and train for emotional intelligence. Tech skills are essential, but interpersonal skills and business knowledge are more critical than ever. Since the product driven model is team based, team members need to be able to collaborate. This is all dependent how well the team can harmonize, which requires emotional intelligence or EQ.

What is Emotional Intelligence? | OneDayU
EQ represents self-awareness, self-regulation, motivation, empathy, and social skills.

When a team is made up of people with high IQ and EQ, the team has a strong group IQ. Group IQ is the sum of the talents and skills on the team. In Daniel Goleman’s book “Emotional Intelligence”, he writes: “The single most important element in group intelligence, it turns out, is not the average IQ in the academic sense, but rather in terms of emotional intelligence. The key to a high group IQ is social harmony.”

Managers need to empower and coach, not command and control. In a product model there is a shift away from command and control towards trusting teams to make decisions. This removes the organizational bottleneck of decision making and enables work to get done faster. Management hold teams accountable for results, but teams are empowered to make decisions.

Agile training can help managers understand their role in an agile product-driven organization. They will learn how to let go of control and start coaching. Sir John Whitmore, author of coaching for performance, defines coaching as “unlocking people’s potential to maximize their own performance” (Whitmore, J, 2017).

Develop technical acumen for business leaders. Business leaders today must have technical acumen, this is the new normal. Business and technology work together as one. Technology leaders also need to have strong business acumen. More and more we are seeing the need for technology leaders to step up and lead beyond their role in IT. Leaders with strong technical and business acumen are best positioned to lead their organization towards increased agility.


There has never been a greater need for agility than our current era of digital transformation. By shifting to a product-oriented approach, companies can stay competitive and deliver value early and often to their customers.

About the Author: Mike MacIsaac is a principal IT consultant for MacIsaac Consulting, providing IT Agile and cyber security consulting.

MacIsaac Consulting is Proud To Be Minority Owned

Tere MacIsaac – Owner, CEO & President

MacIsaac Consulting is proud to be certified as a minority owned business by the North Central Minority Supplier Development Council (NCMSDC). We are also proud to be certified as a woman owned business  by the Women’s Business Enterprise National Council (WBENC).

Our Capabilities

MacIsaac Consulting is an IT consulting firm that specializes in Agile consulting and Digital Security.

Agile Consulting – We teach companies how to deliver products to market faster by using Agile frameworks such as Scrum, SAFe and Kanban. Our certified Agile consultants can provide coaching at the enterprise or team level. We also provide Agile Scrum Masters, Program/Project managers, delivery leads and developers.

Digital Security – We provide digital security consulting, specializing in Identity and Access Management (IAM). Our consultants are have delivered large scale IAM projects for large financial services organizations. We have specific expertise with SailPoint IIQ implementations. In the wake of Covid-19, we recognize the importance of digital security and we help companies safely secure their user access and data.

Company History

Since 2016 we have supported many companies with their Agile IT and digital security needs. Our consultants show companies how to break down barriers that impede agility. We teach our clients how to deliver value early and often through small cross-functional teams. Our core values are trust, commitment and results.

Our Leadership Team

Tere MacIsaac – Owner, CEO & President
BS, Mathematics
University of Philippines
Mike MacIsaac – Vice President
MBA, PMP, A-CSM, Bethel University
Business Certificate of Excellence, Carlson School of Management,
Ryan Shea
Agile & DevOps Delivery Lead
BA, CPPM, PMI-ACP, University of Minnesota
Kerry Ann MacIsaac
Board Member & Adviser
​BA, Business Administration, Villanova University

Reach out and connect with us. We are more interested in building relationships founded in trust than trying to sell services.

Contact Information

MacIsaac Consulting

5201 Eden Ave Suite 300, Edina, MN 55436

[email protected]

Phone: 612-670-9204

Office Space in Grandview Square - Serviced Offices | Regus US
Company Office Location in Edina MN

How To Destroy an Agile Transformation In 3 Easy Steps

Getty Images

Agile transformation continues to be a goal for many organizations. The old sequential approach to product delivery (Waterfall) is no longer adequate. To respond to change and compete with the speed of globalization, companies must move to an Agile model. The goal to improve agility is not limited to the tech industry. Financial services, retail, healthcare, and many others are all on board with Agile.

Many companies find the shift to Agile difficult. As a consultant, I know the challenges firsthand. Some of the problems are more difficult than others. For example, companies with a culture at odds with Agile values is a major problem. No number of Agile consultants will be able to come in and change a company’s culture. Other, more avoidable problems are due to managerial decisions.

This article is about how management can destroy an Agile transformation in three easy steps. To be clear, this is what not to do.

1- Put a non-Agile person in charge of the Agile transformation

I know this sounds ridiculous, but I have seen it happen many times. A CEO, who does not understand Agile, provides a bucket of money to a senior leader, usually in IT. The CEO says, go off and do that Agile thing you keep talking about. Unfortunately, the CEO does not realize that they put the wrong person in charge. It is difficult for people who spent their whole career working in a traditional Waterfall setting to change their mindset. They might claim on the outside that they are for Agile, but often their behavior conflicts.

There is no surer way to destroy an Agile transformation than to put a Waterfall person in charge. My recommendation to companies is to create a new position for the role of the Agile leader. Look within the company to find the right person, someone with an Agile mindset, to fill the role. If the right person does not exist within the company, then hire one from outside.

2 – Keep using a balanced matrix organizational structure

The balanced matrix organizational structure is suitable for Waterfall, not Agile.  Agile is about using stable cross functional product delivery teams. Work gets flowed through the teams, as opposed to forming teams around work. Agile organizations use a Product delivery model, not a Project model. For more on how the balanced matrix organization conflicts with Agile, see my post “Why Middle Management Is The Ultimate Agility Killer“. For more on the importance of changing from a Project to Product model, see my post “Why Product Focus Is So Important“.

3 – Force teams to use specific tools and processes

In Agile, individuals and interactions are valued more than processes and tools. The traditional PMO mindset loves processes and tools. Some of the clients I have worked with would have meetings upon meetings discussing processes. You need processes but PMOs bogged down with processes and bureaucracy kill agility. The same is true with tools. Forcing all teams to use the same tool, like Jira or VersionOne, is not good. Often management will want teams to use the same tool for reporting purposes. This is wrong because Agile teams need to be empowered and have autonomy.


If you want to improve your chances of having a successful Agile transformation, do the following. 1) Put someone in charge of the transformation who has an Agile mindset. Do not use someone who has worked their whole career using Waterfall. 2) Do away with the balanced matrix organizational structure. Put in place stable product delivery teams with single line management structures. Start delivering using a product model instead of a project model. 3) Let teams be autonomous, do not impose rigid compliance to processes and tools.

About the Author: Mike MacIsaac is the principal consultant for MacIsaac Consulting. Mike provides leadership as an IT Project and Program Manager as well as an Agile Scrum Master. You can follow Mike on Twitter@MikeMacIsaac or subscribe to Mike’s blog.

3 Ways To Improve Cyber Security In Wake of Covid-19

From an increase in online shopping to entire workforce’s working from home, cyber security if more important than ever. The Covid-19 pandemic has forced corporate technology executives to focus on protection.

Shankar Arumugavela, CIO of Verizon’s Communications Inc states “The three things that keep me up at night are credential thefts using phishing attacks and malware, the threat of social-engineering attacks to manipulate customers and employees into divulging confidential or personal information, and third-party risk management to prevent malicious actors from infiltrating our network via our partners’ systems.”

Shankar’s concerns are well founded. In response to Covid-19 there have been major spikes in fraud and online scams. Consumers are being targeted using phishing. IT systems have been under increased hacking attacks. The FBI has reported a 300% increase in cybercrimes since the beginning of the Covid-19 Pandemic (The Hill).

To deal with these increased threats, here are three ways to improve cyber security:

  1. Review and communicate data security policies and practices. Employees are your companies first line of defense. Review and update data security policies to ensure they are compatible with a remote work setup. Communicate data security policies to your employees and send frequent reminders to employees about data security best practices while working from home. Remind employees to be diligent in their review of emails before opening links or attachments, and to report phishing attempts as soon as possible once discovered.
  1. Tighten up IAM (Identity and Access Management). Limit access to protected and confidential information. Consider restricting employee access to confidential and protected information on a role-specific basis. This will ensure employees have access to only the information needed to complete their specific duties. It is important not only to protect the perimeter of systems, but also the underlying data. You must be asking the who, what, where, why and how for every attempt to gain access to your critical data. This requires relentless authentication. For more on the importance of identity and access management, see my post “IAM is more important than ever
  1. Use strengthened VPN access. To the extent possible, encourage employees to work using a virtual private network (VPN). This will provide an extra layer of protection to your company’s information. Put in place multifactor authentication for VPN access, IP address whitelisting, limits on remote desktop protocol (RDP) access and added scrutiny of remote network connections.

In the wake of Covid-19, improved cyber security needs to be top priority. CIO’s and technology executives must lead the effort to protect their systems, users, and data. All it takes is one breach to compromise an entire system and cause a crisis.

About the Author:Mike MacIsaac is a principal IT consultant for MacIsaac Consulting. MacIsaac Consulting, based out of Minneapolis MN, provides IT Agile delivery consulting and staffing.


Page 1 of 15

Powered by WordPress & Theme by Anders Norén