in this episode of titans of now we interview dante hooker 13-year veteran of the servicenow ecosystem and one of the best architects i know with a wide range of experience in itsm itbm and grc titans of now reaches a broad audience of servicenow resources so if you'd like to sponsor this content check out the links in the description below if you want to know what i'm up to lately check out vivid charts and stop exporting data off platform for reporting hey everyone after a long hiatus welcome back to another episode of titans of servicenow in this episode we are talking to a servicenow architect extraordinaire and a mover and shaker behind the scenes of the ecosystem someone i've had pleasure to work with on a number of projects and it's an absolute pleasure every single time ladies and gentlemen dante tay hooker dante welcome to the show thank you sir glad to be here the pleasure is mine my friend finally dante and i have been playing this for like a year at least at least at least but now here we are okay we always start at the start tell us how you got your start on the servicenow platform you know i've been doing service now for 13 years now i'm one of those guys who started pre aspen a bay area kid started with a memory chip company down in milpitas california and i just got in love with the tool right they had one of those cold calls they gave us an instance and we fell in love with it there so again about you know let's say 2007 2008 and i ran with it from there man i've been on the platform since then pre aspen uh i was on the first user group in the bay area and we helped servicenow deal with their first servicenow sysadmins certification that was kind of cool so that's how i got my start wow that is way back in the day 2007 is about the same time i started but you guys got cold called yeah man yeah we got cold called direct from sales and then they actually emailed my boss which is the director of infrastructure ops i was an itsm program manager at the time owning the monitoring tools and remedy remedies [Laughter] yeah we were on hp and it was so bad we googled what is better than hp service desk and servicenow's marketing campaign at the time was comparing themselves to hp service desk and it was like the first link we found on google we clicked it we cold called them was pretty fun right i mean because once they they cold called us we got them out they came and did the demo we were trying to get a change workflow going for about three months and they took our workflow and did it in an hour you know that good old days of the workflow editor at its finest back then so that was really cool and that blew my boss away they tried to do the stone face well we'll get back to you as soon as they left we're getting that now you got to play hard to get sometimes you got to yeah it was fun so that's how i got started man just doing that and it was pretty fun rolling it out for the first time i learned a lot about it i was not a application developer at the time i was actually an infrastructure guy who my servicenow says anybody can do it and sure enough 13 years later i am an architect nice and so what are you doing now i am rolling out a lot of grc right now i mean grc is hot and heavy as you know i've been doing policy and compliance audit risk management and vrm probably in the last year maybe did six to eight implementations some were small some were large but really really fun stuff as you know it could get boring with grc it's not fun as the most applications like a csm but it's necessary and i really enjoy doing the grc application right now especially when you get into the maturity levels of someone doing like an audit management or risk management buddy i love grc and it's always baffled me why more people don't and maybe it's just because back when we were using magic total service desk and hp service desk i was always the dude who had to run the reports out of the ticketing system to satisfy the auditors same here yeah it's just like i hate this i'm licking every surface in the office trying to get sick so every time and i was the same way which is why i'm a fan of grc now because i was that guy too not just a report guy but i was the middle man for all of it so i held eny and all those different auditors hands who set up the walkthroughs so the fact that servicenow has that in that audit application really makes it more fun so i could see what i used to do in the application and actually tracked so that was the biggest thing that people had back in the day is like hey i have to do my work but no one knows i'm doing this work because they give a report and it goes off and of course it takes them time to do it an audit has a thousand questions but the fact that they could track it in grc was really awesome yeah do you find people use grc for the kind of i constantly know what my compliance level is well they do i think everybody's at that beginning stage even though they may say they're more mature a lot of people say i'm compliant at this level or i'm not complying at this level i think everybody for that first implementation and let's just get the automated task right that's all they really want to do they want to get the control test out so they can say let me just automatically do that get them out of spreadsheets that's what they do now these later implementations you'll see then you start seeing true compliance reporting that beginning they really just want to be able to automate all the tasks then they come back and say how can i get better reporting and that phase is when we start talking about all right the compliance score that's at every tier here's how that rolls up on the dashboard and hear how it makes sense the biggest thing i'm seeing now is that people want these custom compliance dashboards like in a portal style those are the biggest thing i heard a episode you had here with nate nathan first back when on the portal the portal is blowing up for grc right now so everybody wants this compliance portal because they don't want people to have access to the back end they want to have people have access to a portal page where they can go see our compliance and then especially these security officers that have to produce a pdf and things of that nature you know servicenow built out and export out of audit management now so compared with that portal and that export that gives you that findings report out of the audit management application now those are the two things i'm seeing a lot of and so that's how that compliance score now is headed cool yeah i've done one grc implementation and participated in a couple others and the one thing i always imagined would be the end point is being a cso or being some other party interested in some compliance framework being able to look at the dashboard and say 78 compliant and here's the areas i got to improve and so you're kind of like perpetually ready for the audit do you find people going after that target or is that just something i'm imagining it is and servicenow is getting to that level they have some serious updates coming out in the future releases that i'm hearing about enhancements that are going on in that scale what's going on is that people are definitely looking for compliance score cards like true score cards i don't know if you remember the old vendor performance module that had score cards for vendors they're looking for that same level they could say hey we are 90 i do a lot of that custom very small customization on the authority documents on the policies where they have the compliance score but they want to see a percentage of compliance from a different angle so it's just two different things that i do there but they already have the one out of the box now which is really cool that shows you your compliance levels either on the authority document on the policy itself and you can also see it down on the control so those are really cool how you could see all of those and then the inner relationships against the risk also give you your complete picture awesome what do you think is the hardest thing for servicenow customers to get about grc the hardest thing the hardest the if anybody can hear me the hardest is is what you may call the entity well that's the current release excuse me the entity but before that it was a profile but now the entity and these entity types are really the hardest thing and if people understand or grasp the concept of an entity or an entity type it's really just surrounding not just your cmdb or your functional process areas so if we take that example of the cmdb an entity type could be all pci compliant servers so you may have an attribute on the cmdb that says this is pci for that server so then when you configure an entity type you can query or filter down to just all pci and then associate those control objectives to that entity type but a lot of times people have a hard time understanding what an entity type is it's really one or two things an application or infrastructure our collection of those that you can associate controls to whether it be for a specific authority document or control objective or for a specific process so that's really the hardest thing is to understand and define the entity or entity type am i correct in assuming the entities is just it's basically a query with a label that you relate the other grc objects to that's correct awesome cool if you could have any one feature in grc right now what would it be oh and grc specific i think exporting data into an actual report that everybody is using in the industry that's not just for servicenow but a lot of times when the implementations i go into they always want this specific output in some type of pdf that they want to export a specific look um you may get into this thing where they're looking for not just their audit findings are not just their control tests that failed but it's an overall scorecard dashboard and then take that look and feel and export to a pdf file now i've done it a couple of times and it does look pretty decent but i wish servicenow would build that into the tool to where they can do that output and also integrations with external tools that deals with authority documents or other grc type information for governments or other type of regulations so these are industry standards that we really can get involved in with servicenow application if they just get those integrations and those exports to different formats down that would be really cool what do you think about all the new risk stuff coming out is it changes to the grc risk or is it an if it is a different way of looking at risk that sits on top of grc because i've been coming at it from the itbm side which has its own risk tables right but then that integrated risk sits on top of it how is it on the grc side it's pretty much all the same a risk is a risk as you know before you had your itbm risk which was its own entity by itself but now they're doing an integrated risk because they're saying a risk is a risk we need to score and then evaluate and see how we're going to mitigate respond or avoid so they're basically taking ibm and bringing them along instead of having them play in their own world which i think is pretty good the biggest thing for me that i see in risk though is around the risk scoring mechanisms and also the whole process of risk response i mean so when you get into that i think it's a good thing because now i take itbm or project management risk that i really need to know that's maybe a risk to my organization before it comes over there it's already living in that process already living in that workflow and already being reviewed before that project goes live that's been the gap this whole time product goes live we have these known risks that's out there and nobody knows about them in grc because they're sitting in itbm what other platf parts of the platform besides grc are you either really into or have a lot of experience in i've been very well versed in itbm now of course we know the itsm space that's our cornerstone but itbm is also a very well spaced i've been playing in and hrsm cool our hrsd these days it's actually it's funny that you mentioned itbm because that's one of the reasons i wanted to have you on the show i'd work with you in the itsm space on a couple gigs but i remember when i had my first itbm gig and i was swinging out of my league the customer picked me anyway you know i was convinced i was going to lose that proposal but they're like no you look like you know something or or you know dante so you should go that's right i did say i have yeah but then i remember knocking on your door can somebody help me yeah that's right that's right yeah and then we had a bunch of phone calls and you set me straight man but let me reiterate dante is exceptional at itbm exceptional appreciate it uh what part of itbm do you like the best i like demand management because it's part of the intake process and my former walk of life being involved in infrastructure operations a project of the project but when you know about it ahead of time then you can work out all the scoring the staffing that's always a really cool part for me to work with the customers on because a lot of people have issues with that area yeah so they love the fact that they can catch things up front know what they need to do to develop their pipeline so that's just from a process perspective what i like functionality i'm a big fan of the portfolio workbench when they implemented that i thought they really had something because the portfolio workbench being able to see your overall you know yearly what i'm doing this year the next year whatever it is and then also budget it out and then see what your forecast budgets are put your projects in the proper place and now here's my road map not just in theories if you remember in the old days we were doing the guitar hero road map right starting in date that's all you had now you actually have something with financials backing it into a portfolio management space i thought that was one of the really cool things another one when they implemented pcr project change request i thought that was a good ad right because we live this stuff right we do this what we do all the right acts man all the time and nobody you know everybody changes scopes changes time change resources you know the project gets bigger whatever may happen and we need to do a pcr so when they put that in service now it was an easier sell to other customers because that was the first thing they say well if i need to do a pcr here we are building a custom table for that so when they added it i was like great but again my number one portfolio workbench now that was one of the big things that and you know when it couples with the financials makes that much more powerful itvm to sell yeah i gotta agree with you on the demand part i love the portfolios but i'm just not familiar enough with the financial deep end of the itbm but demand oh demand solves so so many problems for me quickly too yeah and what i love about demand is that the default answer isn't yes the default answer to demand is we'll see yes i think about the olden days of itsm after you got over the euphoria of catalog you were dealing with stuff of like generic service requests and incidents that should have been requests and requests and incidents that are really projects in size and scope and then we have an agile team over there and none of it really fits together and you're constantly dealing with work that switches type where the customer's already been told yes or the assumption is yes right and if we could somehow finagle demand into the front of everything and break demands kind of it's a pmo only thing like no it's an everybody thing right that's right and then you could get to the point where the act of demand management is seeing what pile it belongs to yeah that small will do that throw it in somebody's agile bin right oh that should have been an incident just create an incident from the demand like yep you know oh this is defect creating enhancement and then again it's in a space where you can work it accordingly and you can size it accordingly most people don't have a problem with doing the work is where it should live and when you say this is your demand and that demand may be one of these four areas now i know where to put it and that's why demand is always a quick win because some people say itpmo project management no atbm i need i need a demand first yeah then let's go work the project if it is a project because if you size it properly it may be an enhancement it may be a defect if it's something broken so i'm agreeing totally agree on that demanding yeah and just like we asked for grc what do you think is the hardest thing for people to wrap their head around when they're doing an itbm implementation okay you ready resource management man let me put on my choir robe resource management we could figure out how to work a project in task all right as i say it's not waterfalls agile it's watch out right everybody knows development phase you do your project you get project tasks okay fine you even kind of know who's gonna work on it right but true resource management from a servicenow perspective how much time do you need from dante i need a hundred hours twenty hundred dollars but those are the biggest things in service now because most companies may not be a consulting firm they're internal working so they're saying i want dante halftime so that concept from resource management where people have to say okay i need to develop resource groups to then allocate them on a soft booking than a hard booking yeah right and then validate and then can i over book how do i stop from overbooking so all of that stuff you know again not consulting people we live this but an internal customer who has nothing but internal resources that's hard for them to grasp that concept because if i need dante for 40 hours i'm just going to grab him real quick and say hey i need you to do this stuff and even though he has seven projects right he's over allocated 20 times and to put that in the tool and then they look at it and they're like wait that doesn't look right no it does that's your data that's what you're doing right now and so it's hard for them to consume that because they're living bad habits and now they have to stop so then they can't grasp that well we don't want to do research management that's always the answer we're not going to do resource we're just going to assign people to task and then we're going to move on yep doing project management you can't do everything you can't be perfect in every way because project management is a guess at what reality will be like meeting reality having reality shatter your plans and then replanning in real time is the essence of project management to me yes yes and resource management has that capability to go right to the subatomic level how many of dante's molecules do you need for how many plank length seconds or it can get super atomic and people want to get down to that atomic level in the planning and then when someone gets sick and it's just all your resource plans everywhere just get out of sync all of them all the time and that's it's why people don't do resource management to the fullest capacity right they don't they don't want it because of that like you said everything is gray what i try to tell customers is take a step back and think about how you plan it just how do you plan it typically without a tool what do you do what do you do when dante gets sick so if i get sick and i need robert to back me up during this project you know that's going to occur why not put robert on the project as oversight and then allocate hours to him up front so then we could split the time and then if you change that allocation when dante actually gets sick we flip that around and change the allocation updates robert's time to show now he's going to take over for dante during this week because he's out and people don't know about those updates to those resource plans because they think that initial set is law i can't go back and change it but there's functionality to do so right but again that gray right i think once i plan it and i put in the tool this is it it's over i can't change it no you can't yeah that's why we have pcr that's how we have update resource plans you can actually modify the resource plan and send it back for approval to say hey dante's out sick robert's taking over and update the resource that's why you plan for those contingencies there's some profound pieces in there folks i've been sitting here taking notes because it's fundamentally not the way i've taught myself how to deal with those situations but so wise i i think praise be to the servicenow product owners because resource management is a lot more flexible that way now yes like holy cow this person's mia i don't have to really difficult mechanical transactions just to get somebody else slotted in you can just modify stuff at a lower level absolutely and there was a time you couldn't do that exactly and it would just start the entire resource management thing over again you couldn't even over allocate back in the day if you're allocated no one could put you on a resource plan because you're allocated and i was like that is not gonna fly yeah right we did a lot of really true customizing script includes just for that to make sure they can over allocate one question that my audience tells me that they appreciate is the deep trench war stories can you tell me about a situation where you were in the trenches and things were not looking good and how did you fight your way out of that to victory in a servicenow context man i got one maybe seven years in before all this new functionality came out with the platform before developer studio i got tasked with a custom compliance application that was masked as a grc implementation and it was truly building a custom application from beginning to end to set compliance on every server application that was deemed as peii we developed it in the ui pages don't laugh at me okay we did that we did ui pages and it just didn't look good it didn't play well it didn't show the customer what they really wanted so i think the biggest we learned about this situation is okay what are we doing right now we allowed the customer to dictate to us what we should do we allow them to tell us exactly how it looks they didn't want this they didn't want that and we listened so we tried to go super nerd custom code and with straight ui page old cms portal before the service portal now we're back to the hard part we did a demo they hated it we hated it so the first thing we did was says all right listen servicenow has a platform that they do very well why are we trying to build something that'll be built on the native platform so we scrapped the whole thing we built it on the native platform just as this basic form and related list and had a cms page of it and they loved it so the lessons for me wasn't that don't over complicate things don't allow them to tell you exactly what it should be use the platform for what it has because again we tried to go overly custom because it didn't exist instead of extending a task table but just overthinking and just not knowing again i'm looking at today's of course out there the service port and all this nice fun stuff but again it wasn't available but that was the hard part trying to think outside of the box without using the native platform so again how we came out of it was just using the native platform for what it had and explaining to the customer this just doesn't exist yet and now you fast forward years later they came back to us we built that entire application on the service portal which now they love and they continue to use yeah it reminds me of something i keep on bumping up against that expression that the customer is always right and i like to qualify that with the customer's intentions are always right yes you know that's a good one but they're coming to you because they don't know how to build it so why are you going to listen to i always put in there is the customer's process is always right right but then that's not even right right have you ever heard my amish metaphor i have yeah i said it again okay if you and an amish person were trying to solve a problem you're both talking to somebody who wants to go from pennsylvania to new york the amish guy is going to be okay well we got to figure out the size of the wagon to carry all the dried goods because it's going to take us days for our horse to to take us there meanwhile you're sitting over here why why don't we just go to the airport man we'll be there in two hours exactly i think that's the best analogy because again they only know their world and what they've been doing so if they've been doing like i just go back to grc or even itbm they're tracking projects they're tracking compliance on the spreadsheet that's what they know so their requirements aren't going to be based on a spreadsheet so the object of what we need to do at that essence is that hey i see your spreadsheet but let me show you how servicenow handles out of the box so i always start with here's how it works yeah how we're going to fit to out of the box not how we're going to change out of the box to fit your excel spreadsheet yep yep i'm with you all right dante we are at time so i'm going to give you the final word so you can tell us things you wish for if you could change the ecosystem anyway how would you do it or if you give up and comers advice what would it be i would choose up and comers learn everything you can about the platform and what i mean by that is just don't go run out and just learn everything and just try to read everything in one fell swoop no as you deep dive into the platform and you get yourselves into situations remember what servicenow does their intention is to provide a good product they have a platform that could be extended do not go out there and reinvent the wheel right many times we become jobs developers and we get out there we want to code sometimes it's just a check box check the box don't code if you don't have to and it helps the customer more than you know writing some great code may be great for us what i like to say who want to geek out but when the customer goes to upgrade when a customer goes to change something and they have to look at code rather than unchecking a box it makes their life harder we're no longer there we're consultants they are going to remain there so make sure you leave them with good low code that they can maintain that's what i would say sage advice all right that's a wrap thanks so much for joining dante i appreciate you for having me man anytime and have a good rest of your day everybody stay healthy out there yeah you too thanks brother nice if you'd like to sponsor this channel's content email me at the address pictured here if you need a conversation on where your servicenow implementation is or where it's going you can reach me on super peers and book a short consult if you want to contribute to high quality high frequency output consider a donation if not i still appreciate your viewership consider hitting the like button and sharing within your network thanks for watching