Build a winning storage budget

Building a storage budget—and getting it approved—is an annual uphill battle. By taking a business-plan approach to the process, you'll have a better chance of getting a green light while aligning your budgeting efforts with those of senior management.

Selling the budget
Fred Plimby, the new director of the Widgets Division, is responsible for nearly 50% of his organization's revenue. Ninety percent of his company's orders are done online and dispatched the same evening. Any downtime in his operation will have a disastrous impact on the business. Fred has asked Laurence Feducci, his division's business analyst, to research risk estimates and costs to the company if his production data is lost. Laurence will then use this information to work with Mary Heller, the storage director, to ensure that the coming budget process provides funding for the level of service Fred feels the business needs.

Mary and Laurence sit down together to build a business plan, gather the facts, analyze the financials and add in a dose of fear-based risk impact.

Mary knows that Laurence's business unit is the key client for her Gold-Tier Service offering, but the current service-level objective allows for a recovery time objective (RTO) of 24 hours after a disaster before return to viable operation is required. Worse, the recovery point objective (RPO) tolerates a data loss between last backup and time of disaster of nearly 24 hours.

To convince the CFO of their budget needs, Mary and Laurence decide to make a business case to move storage operations to the new Platinum-Level Service offering. In this business case, they identify the total cost of downtime in both revenue and profit. If Laurence's business unit is offline for just one hour, the company will lose immediate revenue of $300,000 and profit of nearly $30,000 ($624,000,000 in accounts payable/ 265 working days/eight working hours).

Laurence and Mary then do some research and gather the facts. According to Laurence, last year the Widgets Division brought in $42,500,000 in profits; next year, this is expected to grow to $65,500,000. Gross revenue is nearly 10 times the division's profit, and Laurence is expecting to pull in $624,000,000 in accounts payable. Laurence took more than 42,500 orders last year with an average profit of $100,000 per order. Of the 42,500 orders processed, Mary saw a capacity requirement of 4.25TB.

Now it's time for the financials. Mary has a cost model for last year's Gold-Tier Service. She works out a reference architecture and gets some scoping costs from key vendors. The current cost model for Mary's Gold-Tier Service offering runs approximately $5 per gigabyte. To add synchronous replication to support Laurence's desired RPO and RTO numbers, the cost model will need to grow to $8 per gigabyte.

Now Laurence and Mary prepare the fear factors. When a network failure took out the system last year, Laurence saw a 5% loss in his customer base. This would mean a potential loss of some $3,000,000 this year. And that's on top of the per-hour loss on orders he'll never see again. Based on the current numbers, it looks like even one hour of downtime during business hours will cost a minimum of $300,000 per hour.

Mary and Laurence put together the business proposal for a Platinum-Level Service for the company's Widgets Division. They show past usage and projected usage. They show current cost per gigabyte and the projected cost per gigabyte that would provide Laurence with the RPO and RTO he needs. They then rehearse their proposal with the CIO and seek her input before meeting with the CFO.

Laurence and Mary present their proposal to the CFO: a business plan for a new service-level offering, facts and figures on usage projections, financial information on tier of service costs and the clincher, a fears-based financial impact risk assessment. Overwhelmed by the pragmatic business-oriented nature of the proposal and the supportive facts, financials and fears, the CFO approves the proposal for the new Platinum-Level Service tier.

To a beleaguered storage manager, it may seem like the CIO and CFO are working as a tag team to "Just say no" to storage budget proposals that call for an increase over last year's budget. So how can a storage director make a sustainable and substantiated case for the expenditures required to manage and protect one of the organization's most valuable assets, its data? By using facts, financials and fear, an organizationally aware and prepared storage director can present the CFO with a budget proposal that's based on familiar business terms, contains options for discretionary funding and focuses on tangible services provided to clients.

Talking tech to a CFO could spell doom for a budget proposal. But a budget proposal crafted in CFO terminology; addressing known CFO hot buttons, fears and motivations; and offering risk-reward options substantially increases the odds that your negotiations will yield an appropriate end budget. The budget should be presented as a proposal of prioritized segments, and be in the form of business plans that associate investment with reward and risk.

How a CFO thinks
Generally, a CFO tends to think of a business unit's budget as an investment opportunity and an IT budget as an opportunity for cost constraint. Business units submit business plans showing how they'll make a profit for the company, grow the business and increase customer satisfaction. Each outcome has a benefit, risk and, often, a priority associated with the budget requirement. This allows the CFO to work with the business units to determine which segments of the plan can be financed in a given fiscal period.

CFOs have three possible answers to a budget submission: "No," "I'll think about it" and "Yes." "No" is the easiest answer to give to an "overhead" group's budget submission, closely followed by "We can't afford it." This creates an impossible situation for the storage manager who will have to achieve the same goals--namely, protecting the company's data--with no budget increase, even though the amount of data to be protected has most likely increased compared to the previous year.

To pitch a budget proposal successfully, it's essential to give the CFO material (and options) with which reasoned decisions can be made. The information should be presented in the same way business units frame their funding proposals. Avoid technical terminology and phrase the requests in terms of their business impact. Don't talk about information lifecycle management and disaster recovery (DR). Talk about compliance and business continuance.

Storage budget philosophy
A successful storage budget proposal is presented as a business plan, including a number of prioritized options for investment in the coming fiscal period. This approach requires extra planning, which will be detailed later in this article. The first step is to break the budget into separate sub-budgets, assuming you've already adopted the service provider model where tiered service options are offered to business units at a known cost with a committed level of service. The service provider model is supported by policy and standard operating procedures and is, in fact, the only way to continuously manage the unit total cost of ownership (TCO) of storage while improving predictability and containing risk.

Tiers of service are the visible component of the service provider model (or storage utility model). Many organizations find this model an essential prerequisite to providing predictable storage services at committed quality levels and with defined costs. The tiers of service are typically developed to support defined attributes, driven by business needs and riding on priorities based on the value of data to the organization. Thus, the highest value data tends to reside on the highest tier, with high levels of service and protection.

Step 1: Build a business plan
The first step is to build a mini-business plan for each tier of service. The goal is to present the case for storage in a manner familiar to executive decision-making, allowing management to see what's being provided/sold, to whom, at what cost and, most importantly, the value at risk in this product/service offering. It's the latter component, the business impact value, that justifies the expenditure. The business plan should follow traditional formats, preferably those already used in your organization. Some key factors to consider include:

  • What are the attributes of this tier of service (the product definition)?
  • What's the value at risk (the dollar impact on the business if the data was lost)?
  • What business unit is buying this tier of product/service today?
  • Is there a business transaction that can be directly related to storage growth?
  • How much storage, based on transaction projections, will be required?

Step 2: The facts
This step involves developing the statistical evidence that will substantiate your proposed budget expenditure. You need to identify the following for each service tier:

  • How many gigabytes or terabytes of this product/service were sold last year and as far back as can be tracked?
  • What's the growth trend? Chart it.
  • What's the projected capacity based on transaction volume? Chart it.
  • What's the current allocated and available capacity? Chart it.
  • What did it cost (per gigabytes or terabytes) to deliver this tier of service in each of the last three years? Chart it.
  • What secondary or supportive costs are involved for each gigabyte or terabyte? The tiered cost model should include primary and secondary storage costs as well, particularly because the latter costs are often greater. Secondary costs might include:
    • Archiving retention, retrieval and refresh costs.
    • Backup retention and retrieval costs.
    • DR testing costs.
  • What's the basis for administrative staffing? Build a model that includes a transactional basis for staffing numbers. At a minimum, the following aspects should be considered:
    • Typically, a competent techie can master up to three different technologies.
    • Number of provisionings per month per employee.
    • Number of alerts per month per employee.
    • Number of cartridge ejects per month per employee.
    • Loadings based on complexity of the environment.

Risk assessment
Tangibles of risk assessment can include regulatory penalties, loss of clients, loss of business or even loss of stock value. A colleague involved with the business analysis for the company can help you to pin down these numbers, but there are a few clear and compelling risk mitigation projects underway in the storage arena in most public companies. These include:
E-mail archiving and retrieval
Proof of data protection through backup completion
Demonstrating disaster recovery capabilities
Security of data at rest
Security of data in movement
To take the budgeting process a step further, develop a business plan that supports each project area described above, along with the more traditional project-oriented data, to determine the basis for project staffing and associated costs. At a minimum, develop the following aspects:
Risk statement. What's the risk to the company's data or business processes? Where did it come from and how serious is it?
Opportunity/exposure. What benefits and/or costs will or could be incurred?
Project sponsor (business unit) and the tier (importance) of that business unit's applications.
Conventional project detail

Step 3: The financials
This step requires corralling some of the basic financials behind many of the previously described factors. It's critical to have a handle on your existing asset base, both hardware and software. For your hardware asset base, the most critical components are likely lease expiration dates and/or current and projected maintenance costs. Without a plan to elegantly transition from an end of lease, significant penalties and costs can be incurred. Maintenance costs creep up, sometimes so precipitously that moving to new hardware is justified.

Having a detailed asset base along with data such as acquisition dates and cost, maintenance costs and planned obsolescence dates is critical to understanding the complexities of your budget. Develop and track a TCO model for your hardware; every six months or so, plug in and model the impact of replacement hardware.

At a tier-one service level, the decision to replace hardware will probably be driven more by service or performance requirements than by cost savings, particularly when you and your management look at the value at risk. The purchase of tier-three equipment will likely be focused more on cost savings. For most organizations, tier-two purchases fall somewhere in between. The issue is how to develop your chargeable cost model. If a new purchase of tier-one hardware results in better, faster, cheaper and thus a lower cost per gigabyte or terabyte, there could be a stampede from the now more expensive tier two or three. Therefore, chargeable costs may need to reflect the value of the tier, rather than the actual cost of the tier.

Finally there's the humdrum financial stuff--personnel costs, depreciation, etc.--that's a standard component of every budget. Don't overlook the need to develop a training budget based on a skills matrix that shows each employee's skill level compared to the technologies required to support the environment. Any prudent organization will have at least one backup--preferably two--for each primary skill set. The skills matrix can concisely illustrate training requirements.

Step 4: The fears
In this phase of the budgeting process, it's useful to list the risks that might be mitigated by various projects and, even more important, to add risk-based factors to some of the fact-based budget data. For example, shorter retention periods might save on tape costs, but increase exposure to data loss. Dropping the line item for data encryption can expose a company to great risk if its customer data backup tapes are lost or stolen. Longer recovery point objective and recovery time objective metrics might jeopardize business-continuance requirements. It's important to identify options where a lower level of service might be possible at an identified risk (see "Risk assessment," this page).

The budget proposal
Once you've mastered the facts-financials-fear approach, consider presenting your storage budget as a proposal that's the basis of discussion, rather than a final submission. If you develop your budget proposal along the lines we've discussed for each service catalog offering, you should have a defined business plan with risk/reward identified, as well as a series of projects with each phase as a business plan with its own risk/reward.

The key is to be aware that there are options to each proposed budget business plan/segment, and that it's your responsibility to offer those options along with empirical data related to each risk/reward. You should also formally prioritize your recommendations for budget inclusion.

The proposal format allows you to lead the CFO through a fact-based "with/without" analysis. This "sensitivity analysis," based on the risk/reward options you've identified and founded on recommended priorities, lets the CFO intelligently invest the organization's resources in a familiar business plan-based approach.

Developing a winning storage budget is simpler and more likely to succeed if you segment your operation into components, develop options and risk/reward metrics, prioritize items and then present the budget in the format of a business plan. Adopting this budget-process approach will better align your budgeting efforts with those of your organization's senior management and position you as a trusted advisor.

This was first published in May 2005

Dig Deeper on Enterprise storage, planning and management



Find more PRO+ content and other member only offers, here.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: