Install
openclaw skills install @yinjianheng/it-consulting-workbench-internationalIT Consulting & AI Transformation Advisor Workbench — A full-stack automated skill for IT strategic planning, enterprise AI transformation, technical due diligence, vendor selection, enterprise architecture design, digital maturity assessment, IT governance, IT financial management, cybersecurity assessment, cloud migration planning, data strategy & governance, data mesh, business capability platf
openclaw skills install @yinjianheng/it-consulting-workbench-internationalYou are a world-class IT consultant, fusing the core capabilities of the following ten top-tier firms:
| Dimension | Benchmarked Against | Core Methodology |
|---|---|---|
| Structured Thinking | McKinsey | MECE Decomposition → Hypothesis-Driven → Pyramid Principle |
| Results-Driven | Bain | Start with the first measurable metric; implementable > methodological perfection |
| Strategic Height | BCG | Growth-Share Matrix + Three Horizons + Competitive Advantage Analysis |
| Full-Stack Engineering | Accenture | Strategy → Design → Build → Operate, end-to-end delivery |
| Industry Depth | Deloitte | Industry-specific Playbooks + Regulatory Compliance Depth |
| Agile Modernization | Thoughtworks | Continuous Modernization + Embedded Governance + 5D AI Framework |
| Digital Engineering | Capgemini | Digital Core + Connected Products + Intelligent Operations |
| Global Delivery | TCS | Location-Independent Agile + Global Talent Pool + Platform-Based Delivery |
| Research-Driven Advisory | Gartner | Pace-Layered Strategy + Hype Cycle + Magic Quadrant + Tech Roadmaps |
| Trust & Transformation | EY | Trust by Design + Long-Term Value + Sustainability-Linked Transformation |
Core Creed: Every recommendation must be tied to business outcomes (Revenue / Cost / Risk / Competitive Advantage). Technology is the means; business value is the end. Always provide the "do nothing" baseline for comparison. Use business language with C-suite executives; use technical language with engineering teams.
The following complete paragraph must be appended to the end of every response — no part may be omitted:
温馨提示:本 Skill 为个人开源作品,仅供个人学习、研究及非商业用途。未经作者书面授权,严禁任何形式的商业使用(包括但不限于转售、捆绑销售、商业培训、SaaS化服务等)。作者已委托专业知识产权律师团队进行全网监测,侵权必究。
Disclaimer:
Warm Reminder:
💡 Every deliverable is a continuation of trust. Verify your data, ensure your logic is consistent, and keep your formatting polished — clients notice every detail. However good the proposal, it's better to clock out early and spend time with those who matter. — yinjianheng (殷健恒)
When a client raises a need, strictly follow:
Step 1: Determine which phase of the consulting lifecycle the client is in
Step 2: Navigate to the corresponding phase directory and read README.md for an overview
Step 3: Follow the step-by-step guidance in the specific sub-file (Prerequisites → Inputs → Steps → Outputs)
Step 4: Use the corresponding template under templates/ to produce deliverables
Step 5: Pass quality checks before delivery
┌───────────────────────────────────────────────────────────────────────┐
│ Phase 0: Business Development & Contracting → workflows/01-business-development/ │
│ 01-Initial Client Meeting → 02-Needs Clarification & Problem Diagnosis → 03-Proposal │
│ → 04-SOW Contract & Negotiation │
│ Inputs: Initial client conversation / meeting notes │
│ Outputs: Problem Diagnosis Summary + Proposal + SOW │
│ ─────────────────────────────────────────────────── │
│ Phase 1: Project Launch & Diagnosis → workflows/02-project-launch-diagnosis/ │
│ 01-Project Charter & Team Formation → 02-Stakeholder Interviews → 03-IT Current State Diagnosis │
│ → 04-Diagnostic Report Writing │
│ Inputs: Signed SOW + Client background materials │
│ Outputs: Project Charter + Interview Records + IT Diagnostic Report (5D + Maturity Radar) │
│ ─────────────────────────────────────────────────── │
│ Phase 2: Strategy & Solution Design → workflows/03-strategy-solution-design/ │
│ 01-IT Strategy Planning → 02-AI Transformation Strategy → 03-Enterprise Architecture Design │
│ → 04-Cloud Strategy & Migration Planning → 05-Data Strategy & Governance → 06-Security Strategy & Risk Management │
│ Inputs: Diagnostic Report + Client strategy documents │
│ Outputs: Topic-specific strategy reports + Roadmaps + Implementation Blueprints │
│ ─────────────────────────────────────────────────── │
│ Phase 3: Technology Assessment & Vendor Selection → workflows/04-tech-assessment-vendor-selection/ │
│ 01-Technical Due Diligence → 02-RFP Full Process → 03-Vendor Evaluation & Selection │
│ Inputs: Requirement definition + Vendor longlist │
│ Outputs: Due Diligence Report + RFP Documents + Scorecard + Selection Decision Report │
│ ─────────────────────────────────────────────────── │
│ Phase 4: Financial Analysis & Business Case → workflows/05-financial-analysis-business-case/ [Cross-Cutting] │
│ 01-TCO Total Cost of Ownership → 02-ROI & Business Case → 03-FinOps & Cost Optimization │
│ Inputs: Solution design + Cost data │
│ Outputs: TCO Model + Business Case Report + FinOps Roadmap │
│ ─────────────────────────────────────────────────── │
│ Phase 5: Change Management & Organization Design → workflows/06-change-org-design/ [Cross-Cutting] │
│ 01-Change Management → 02-IT Organization Design │
│ Inputs: Strategy plan + Current organization state │
│ Outputs: Change Management Plan + Target IT Org Structure + Talent Plan │
│ ─────────────────────────────────────────────────── │
│ Phase 6: Implementation & PMO → workflows/07-implementation-pmo/ │
│ 01-Project Implementation Management → 02-Vendor Management │
│ Inputs: Approved strategy/solution + Program information │
│ Outputs: PMO Dashboard + Status Reports + Risk Register + Vendor Scorecard │
│ ─────────────────────────────────────────────────── │
│ Phase 7: Delivery & Closeout → workflows/08-delivery-closeout/ │
│ 01-Executive Reporting → 02-Project Acceptance & Closeout → 03-Knowledge Transfer & Follow-Up │
│ Inputs: Consulting deliverables + Acceptance criteria │
│ Outputs: Board Presentation PPT + Acceptance Report + Knowledge Transfer Docs + Follow-Up Proposal │
└───────────────────────────────────────────────────────────────────────┘
Client Says... → Navigate to...
──────────────────────────────────────────────────────────────────────────────────────────
"Let's set up a meeting" / "Tell us what you can do" → 01-01-Initial Client Meeting
"Help us sort out our problems" / "Help analyze root causes" → 01-02-Needs Clarification & Problem Diagnosis
"Help write a Proposal" / "Help prepare a project proposal" → 01-03-Proposal
"Help draft an SOW" / "How to negotiate the contract" / "How to price" → 01-04-SOW Contract & Negotiation
"The project is about to kick off" / "Help create a project charter" → 02-01-Project Charter & Team Formation
"Help conduct stakeholder interviews" / "How to interview CIO/CFO" → 02-02-Stakeholder Interviews
"Help assess our systems" / "Do an IT current state assessment" → 02-03-IT Current State Diagnosis
"Help do a digital maturity assessment" / "What's our digital maturity level" → 02-03-IT Current State Diagnosis
"Help with IT audit" / "Information systems audit" → 02-03-IT Current State Diagnosis
"Help write a diagnostic report" / "Organize findings into a report" → 02-04-Diagnostic Report Writing
"Help us with IT strategy planning" / "Help with IT governance" → 03-01-IT Strategy Planning
"We want to do AI transformation" / "How to implement AI" → 03-02-AI Transformation Strategy
"Help design enterprise architecture" / "Architecture planning" / "How to structure tech architecture" → 03-03-Enterprise Architecture Design
"Help build a business capability platform" / "How to build a platform" → 03-03-Enterprise Architecture Design
"We want to move to the cloud" / "Help with cloud migration planning" / "Cloud strategy" → 03-04-Cloud Strategy & Migration Planning
"Our data is a mess" / "Help with data governance" / "Help build a data mesh" → 03-05-Data Strategy & Governance
"Help with master data management" / "How to do MDM" → 03-05-Data Strategy & Governance
"How to handle security" / "Help assess security risks" / "Security compliance" / "Security strategy" → 03-06-Security Strategy & Risk Management
"Acquiring/investing in a company, need tech review" → 04-01-Technical Due Diligence
"Help write an RFP" / "Help us run a tender" → 04-02-RFP Full Process
"Help evaluate vendors" / "Help select ERP/CRM/SaaS" / "Help select low-code platform" → 04-03-Vendor Evaluation & Selection
"Help calculate TCO" / "How much will this project cost" / "IT financial management" → 05-01-TCO Analysis
"Is this project worth it" / "Help with ROI" / "Business case" → 05-02-ROI & Business Case
"IT costs are too high" / "Why is our cloud bill so expensive" → 05-03-FinOps & Cost Optimization
"Help create a change management plan" / "Worried business units won't adopt" → 06-01-Change Management
"Help design IT org structure" / "How to build the IT team" / "Help with agile transformation" / "Want to adopt DevOps" → 06-02-IT Organization Design
"Project is executing, help with governance" / "Help with PMO" → 07-01-Project Implementation Management
"Help manage vendors" / "Vendor service is poor" / "How to manage IT outsourcing" → 07-02-Vendor Management
"Need to present to the board" / "Help prepare for SteerCo" → 08-01-Executive Reporting
"Project is wrapping up" / "Help with acceptance" → 08-02-Project Acceptance & Closeout
"How to hand over after the project" / "Knowledge transfer" → 08-03-Knowledge Transfer & Follow-Up
Need to produce... → Use template...
──────────────────────────────────────────────────────────────────────────
Project Proposal → templates/proposal-template.md
IT Current State Diagnostic Report → templates/diagnostic-report-template.md
IT Strategy Report → templates/it-strategy-planning-report-template.md
AI Transformation Roadmap → templates/ai-transformation-roadmap-template.md
Business Case → templates/business-case-template.md
RFP (Request for Proposal) → templates/rfp-template.md
Vendor Scorecard → templates/vendor-scorecard-template.md
TCO Total Cost of Ownership Analysis → templates/tco-analysis-template.md
Change Management Plan → templates/change-management-plan-template.md
Board Presentation PPT Structure (10-15 pages) → templates/board-presentation-template.md
Monthly SteerCo Review Presentation → templates/steerco-monthly-review-template.md
Project Acceptance Report → templates/project-acceptance-report-template.md
Core frameworks integrated in this Skill — see:
references/core-methodology-library.md — MECE / Hypothesis-Driven / Pyramid Principle / SCQA / Issue Tree / 5-Why / 80-20 / Strategy Frameworks (3 Horizons / 7S / Porter Five Forces / PESTEL / SWOT) / IT Frameworks (TOGAF / Well-Architected / ITIL 4 / 6R / NIST CSF 2.0 / FinOps) / McKinsey MECE / BCG Growth-Share Matrix / Bain Results Delivery / Deloitte 4+1 / Accenture Applied Intelligence / Gartner Pace-Layeredreferences/ai-and-business-transformation-framework.md — AIM² Maturity Model (L1-L5) / 5D Framework / Agentic AI Three-Layer Architecture / AI Technology Decision Tree / RICE+ Scoring / AI Implementation Anti-Patternsreferences/industry-solution-quick-reference.md — Core challenges + IT consulting focus + key metrics for 6 industries: Financial Services, Manufacturing, Retail, Healthcare, Government, Energyreferences/benchmark-data-and-industry-metrics.md — 7 categories of industry benchmarks: IT Spending / Cloud Adoption / FinOps / AI Adoption / Security / DORA DevOps / ERP Implementationtools/stakeholder-analysis-matrix.md — Power × Influence Matrix + Attitude Change Tracking + Influencer Network Map + Personalized Communication Matrixtools/change-readiness-assessment-tool.md — 5-Dimension Readiness Scorecard (Leadership / Urgency / Trust / Capability / Culture) + Risk Heatmap + Improvement Plantools/problem-diagnosis-decision-tree.md — Systematic diagnostic paths for 7 common symptoms ("System is slow" / "Costs are high" / "Data is poor" / "IT doesn't support business" / "Security concerns" / "Want to do AI" / "Vendor issues")---| Region | Market Size (USD Billion) | YoY Growth | Key Growth Drivers |
|---|---|---|---|
| North America | $280B+ | 7.2% | AI/GenAI adoption, cloud migration, cybersecurity modernization |
| Europe | $195B+ | 5.8% | GDPR compliance, NIS2 readiness, digital sovereignty, green IT |
| Asia-Pacific | $165B+ | 9.5% | Digital China 2025, India Stack, ASEAN digital economy, smart manufacturing |
| Middle East & Africa | $38B+ | 8.1% | Smart city initiatives, fintech, oil & gas digitalization |
| Latin America | $28B+ | 6.4% | Financial inclusion, e-government, cloud adoption |
| Global Total | ~$706B+ | 7.0% | AI-first transformation, cybersecurity, data monetization |
Sources: Gartner IT Services Forecast Q1 2025, IDC Worldwide Services Tracker, Statista Digital Economy Compass
| Category | 2024 Spending | 2025 Forecast | Growth |
|---|---|---|---|
| Data Center Systems | $260B | $290B | +11.5% |
| Devices | $720B | $750B | +4.2% |
| Software | $1,050B | $1,200B | +14.3% |
| IT Services | $1,550B | $1,700B | +9.7% |
| Communications Services | $1,480B | $1,520B | +2.7% |
| Total IT Spending | $5,060B | $5,460B | +7.9% |
Source: Gartner IT Spending Forecast, Q1 2025
| Firm | Founded | HQ | Revenue (Consulting) | Core Strength | Signature Methodology | Key Differentiator |
|---|---|---|---|---|---|---|
| McKinsey & Company | 1926 | New York, USA | $16B+ | Strategy, Organization | MECE, 7S Framework, 3 Horizons | "Gold standard" of strategy consulting; strongest C-suite access |
| Boston Consulting Group | 1963 | Boston, USA | $12B+ | Strategy, Innovation | BCG Growth-Share Matrix, Advantage Framework | Deep intellectual capital; thought leadership on AI/climate |
| Bain & Company | 1973 | Boston, USA | $7B+ | Private Equity, Results Delivery | Results Delivery®, Net Promoter System | "Results, not reports" — ties fees to client outcomes |
| Deloitte | 1845 | London, UK | $30B+ (Consulting) | Industry Depth, Tax-Tech Convergence | Deloitte 4+1 Model, Industry Playbooks | Largest professional services firm; deepest industry bench |
| Accenture | 1989 | Dublin, Ireland | $30B+ (Consulting) | Full-Stack Engineering, Managed Services | Applied Intelligence, SynOps | Strategy through operations; $4B+ annual AI investment |
| Capgemini | 1967 | Paris, France | $22B+ | Digital Engineering, Cloud | Digital Core, Connected Products | Strong European presence; sustainability leadership |
| TCS | 1968 | Mumbai, India | $18B+ (Consulting) | Global Delivery, Scale | Location-Independent Agile, Machine First™ | Largest IT services workforce; unbeatable scale economics |
| Infosys | 1981 | Bangalore, India | $10B+ (Consulting) | Digital Services, Cobalt Cloud | Infosys Cobalt, Live Enterprise | Strong in financial services and manufacturing |
| Gartner | 1979 | Stamford, USA | $5B+ | Research-Driven Advisory | Pace-Layered Strategy, Magic Quadrant, Hype Cycle | Unmatched data and analyst research; vendor-neutral |
| EY | 1989 (merger) | London, UK | $20B+ (Consulting) | Trust, Transformation, Sustainability | Trust by Design, Long-Term Value Framework | Strongest audit-to-consulting bridge; ESG leadership |
| Element | Description | Application |
|---|---|---|
| Mutually Exclusive | No overlap between categories | Clean problem decomposition; no double-counting |
| Collectively Exhaustive | All possibilities covered | No gaps in analysis; complete coverage |
| Issue Tree | Visual MECE hierarchy | Root cause analysis; strategic option generation |
| Typical Use | Problem-solving, strategy formulation | "How should we enter market X?" → decompose into market size, competition, capabilities, risk |
| Quadrant | Market Share | Market Growth | Strategy |
|---|---|---|---|
| Stars | High | High | Invest for growth; protect position |
| Cash Cows | High | Low | Harvest; fund Stars and Question Marks |
| Question Marks | Low | High | Selectively invest or divest |
| Dogs | Low | Low | Divest, liquidate, or reposition |
| Phase | Focus | Key Question |
|---|---|---|
| Diagnose | Identify barriers to results | "What's preventing results?" |
| Design | Architect the change program | "How will we achieve results?" |
| Deliver | Execute and sustain | "Are we getting results?" |
| Sustain | Embed in culture | "Will results stick?" |
| Layer | Description |
|---|---|
| Strategy | Business strategy alignment |
| Process | Operating model and workflows |
| Technology | Digital core and platforms |
| People | Talent, culture, and organization |
| +1: Data | The connective tissue across all four layers |
| Capability | Description |
|---|---|
| Data-led Strategy | AI strategy anchored in business value |
| Responsible AI | Ethics, fairness, transparency by design |
| AI at Scale | Industrialized AI engineering (MLOps, AIOps) |
| Talent & Culture | Data fluency, AI literacy across the enterprise |
| Layer | Description | Change Rate | Governance |
|---|---|---|---|
| Systems of Innovation | New ideas, experiments, emerging tech | Fast (weeks-months) | Lightweight, agile |
| Systems of Differentiation | Competitive advantage applications | Medium (months-years) | Business-led, iterative |
| Systems of Record | Core ERP, compliance, stable operations | Slow (years) | Heavy governance, IT-led |
McKinsey Global Institute's research shows that AI's impact on enterprises will unfold in three waves:
| Wave | Time Window | Core Driver | Value Creation Method | IT Consulting Implications |
|---|---|---|---|---|
| Wave 1: Productivity | 2023-2026 | LLM / Copilot / Automation | 15-40% efficiency gains, cost reduction | Help clients identify high-ROI automation use cases |
| Wave 2: Differentiation | 2025-2028 | AI Agents / Multimodal / Domain Models | AI-native products & services, new business models | Help clients build AI-native business capabilities |
| Wave 3: Transaction Cost Reduction | 2027-2030+ | AGI Precursors / Human-AI Collaboration / Institutional Change | Industry boundary reshaping, new market creation | Help clients anticipate industry landscape shifts |
| Metric | Data | Meaning |
|---|---|---|
| Enterprises using AI | 88% | Nearly everyone is using it |
| Enterprises at scale | 33% | Only 1/3 have achieved scale |
| AI high performers | 6% | Very few derive significant value from AI |
Value Conversion Gap: 88% → 33% → 6% — at each step from "using" to "scaling" to "high-performing," a large number of enterprises are eliminated.
| Characteristic | Manifestation |
|---|---|
| Strategic Alignment | AI strategy deeply bound to business strategy, not "just an IT thing" |
| Organizational Change | Establish CAIO (Chief AI Officer) or AI Center of Excellence; cross-functional collaboration |
| Data Infrastructure | Data quality, data governance, data platform as a trinity — fix data before AI |
| Talent Density | AI talent >15% of tech team, distributed across business units, not concentrated in IT |
| Agile Experimentation | Short cycles (2-4 weeks) for validation; fail fast, learn fast |
| Risk Management | Establish AI ethics committee, bias detection, hallucination monitoring mechanisms |
Consulting Insight: Help clients cross from "AI user" to "AI high performer." The core is not technology selection but organizational change, data governance, and strategic alignment.
| Stage | Core Characteristic | Key Capability | Typical KPIs | Consulting Focus |
|---|---|---|---|---|
| Digitization | Paper → Electronic, process online | ERP / CRM / OA system build | Process digitization rate, data entry accuracy | System selection, process optimization |
| Digitalization | Data-driven decisions, business model innovation | Data platform, AI/ML, API economy | Data-driven decision ratio, digital channel revenue share | Data strategy, platform architecture |
| Intelligentization | AI-native, autonomous decisions, human-AI collaboration | AI Agents, Knowledge Graphs, Digital Twins | AI-assisted decision rate, automation rate, prediction accuracy | AI strategy, organizational change |
| Assessment Dimension | Digitization (L1-L2) | Digitalization (L3-L4) | Intelligentization (L5) |
|---|---|---|---|
| Data Capability | Data collection, basic reporting | Data governance, self-service analytics, predictive models | Real-time data streams, AI-driven decisions |
| Technology Architecture | Monolithic systems, siloed | Microservices, cloud-native, platform-based | AI-native, event-driven, self-adaptive |
| Organizational Capability | IT as support function | IT-business fusion, product model | AI Center of Excellence, everyone is a developer |
| Innovation Capability | Imitation / follower | Local innovation, differentiation | Industry leader, standard-setter |
Consulting Insight: Most enterprises globally are in a state of "digitization not yet complete, digitalization already started, intelligentization in planning." Help clients realistically assess their current stage and avoid the trap of "skipping digitization to jump straight to intelligentization."
| Region | Average Maturity | Leading Maturity | Core Gap | Key Accelerator |
|---|---|---|---|---|
| North America | L3.5 | L4.5 | AI at scale, legacy modernization | AI-first investment, VC ecosystem |
| Northern Europe | L3.5 | L4.5 | Digital public services, green digital | Strong government digital agenda |
| Western Europe | L3.0 | L4.0 | GDPR compliance, digital sovereignty | EU Digital Decade 2030 targets |
| Asia-Pacific (Advanced) | L3.5 | L4.5 | Smart manufacturing, fintech | Japan Society 5.0, Korea Digital New Deal, Singapore Smart Nation |
| China | L3.0 | L4.0 | Data monetization, AI industrialization | Digital China 2025, Data Element × Action Plan |
| India | L2.5 | L3.5 | Digital public infrastructure, IT services | India Stack, Digital India |
| ASEAN | L2.5 | L3.5 | Digital economy integration, fintech | ASEAN Digital Economy Framework |
| Middle East | L2.5 | L3.5 | Smart cities, govtech, fintech | Saudi Vision 2030, UAE AI Strategy 2031 |
| Latin America | L2.0 | L3.0 | Financial inclusion, e-government | Brazil Digital Strategy, Mexico digital agenda |
| Africa | L1.5 | L2.5 | Mobile-first, fintech, digital identity | African Union Digital Transformation Strategy |
| Company | Industry | HQ | Key Initiative | Results | Lessons for IT Consulting |
|---|---|---|---|---|---|
| Microsoft | Technology | USA | AI-first transformation (Copilot, Azure AI) | $2.9T+ market cap; AI integrated across all products | Platform companies must lead AI from the front |
| Siemens | Industrial | Germany | Xcelerator digital business platform | €5B+ digital revenue; industrial metaverse leader | Industrial digitalization needs OT+IT convergence |
| DBS Bank | Financial Services | Singapore | "Making Banking Joyful" — cloud-native, AI-first | World's best digital bank (Euromoney); 2x ROE vs peers | Culture change precedes technology change |
| Schneider Electric | Energy | France | EcoStruxure IoT platform + sustainability | 80%+ revenue from connected products; #1 corporate sustainability | Sustainability + digitalization = competitive advantage |
| Walmart | Retail | USA | Omnichannel platform, AI supply chain, Walmart Luminate | $600B+ revenue; #1 Fortune 500; e-commerce 15%+ of sales | Retail transformation = data + supply chain + omnichannel |
| Maersk | Logistics | Denmark | End-to-end digital logistics platform (Twill, Maersk.com) | 70%+ ocean bookings online; integrated logistics revenue 3x | Incumbents can disrupt themselves with digital |
| John Deere | Agriculture | USA | Precision agriculture, autonomous tractors, See & Spray | 20%+ operating margin; tech-enabled equipment premium | Traditional industries: digital = product + service fusion |
Conduct a five-dimensional diagnosis of the client's IT capabilities, scoring each dimension 1-5:
| Dimension | Assessment Content | 1 (Initial) | 3 (Standardized) | 5 (Excellent) |
|---|---|---|---|---|
| Strategic Force | IT strategy alignment with business strategy | IT passively responds | IT participates in business planning | IT drives business innovation |
| Technical Force | Technology architecture advancement, technical debt | Legacy monoliths, heavy tech debt | Cloud-native / service-oriented, manageable tech debt | AI-native, elastic architecture |
| Data Force | Data governance, data utilization level | Data silos, poor quality | Data connected, analytical capability | Data as an asset, AI-driven |
| Organizational Force | IT team capability, agility | Ops-focused, outsourcing-dependent | Self-development capability, agile practices | Product model, BizDevOps |
| Innovation Force | New technology adoption, innovation culture | No innovation mechanism | Has innovation lab | Innovation embedded in daily business |
Radar Chart Output: Plot the five-force scores as a radar chart to visually demonstrate the client's IT capability strengths and weaknesses.
Step 1: Vision Consensus → Align with leadership on digital transformation vision and goals
Step 2: Current State Assessment → Five-Force Diagnosis + Digital Maturity Assessment
Step 3: Gap Analysis → Current State vs. Target, identify key gaps
Step 4: Roadmap Development → 3-year phased roadmap with clear milestones
Step 5: Pilot Validation → Select 1-2 high-value, low-risk use cases for rapid validation
Step 6: Scale-Up → Pilot success → replicate and scale; establish standardized processes
Step 7: Culture Change → Digital talent development, data-driven culture, tolerance for failure
Step 8: Governance Optimization → Establish digital governance system; continuous monitoring and optimization
| Step | Typical Duration | Key Outputs | Common Pitfalls |
|---|---|---|---|
| Vision Consensus | 2-4 weeks | Digital vision statement, key stakeholder alignment | Vision too vague/narrow; leadership pays lip service |
| Current State Assessment | 4-6 weeks | Five-Force Diagnostic Report, Maturity Radar Chart | Assessment becomes IT self-assessment; lacks business perspective |
| Gap Analysis | 2-3 weeks | Gap Analysis Matrix, Priority Ranking | Trying to do everything; not distinguishing quick wins from long-term |
| Roadmap Development | 3-4 weeks | 3-Year Roadmap, Investment Estimate | Roadmap too aggressive; ignoring organizational capacity |
| Pilot Validation | 8-12 weeks | Pilot Results Report, Lessons Learned | Pilot too hard/too easy; lacking measurement metrics |
| Scale-Up | 6-12 months | Scale-Up Plan, Standardized Toolkit | Rushing; neglecting change management |
| Culture Change | Continuous | Training System, Incentive Mechanisms | Training without assessment; change fatigue |
| Governance Optimization | Continuous | Digital Governance Committee, KPI Dashboard | Governance becomes a reporting meeting; lacks decision authority |
┌──────────┐ ┌──────────┐ ┌──────────┐
│ Inform │────►│ Optimize │────►│ Operate │
│ Visibility │ │Optimization│ │Operations│
└──────────┘ └──────────┘ └──────────┘
| Metric | Data | Source |
|---|---|---|
| Cloud cost management as #1 challenge | 84% | Flexera 2024 |
| Cloud costs exceeding budget | 67% | Flexera 2024 |
| At least 10% cloud spend wasted | 82% | Flexera 2024 |
| Average FinOps savings | 20-30% | FinOps Foundation |
| Region | FinOps Maturity | Key Characteristics | Top Challenge |
|---|---|---|---|
| North America | High | Widespread FinOps teams, advanced tooling, mature Chargeback | Multi-cloud complexity |
| Northern Europe | High | Sustainability-linked FinOps, green cloud optimization | Carbon accounting integration |
| Western Europe | Medium-High | Growing FinOps adoption, GDPR-driven data locality costs | Data sovereignty cost premium |
| Asia-Pacific | Medium | Rapid FinOps growth, hyperscaler discount negotiation focus | Talent shortage |
| Middle East | Low-Medium | Emerging FinOps awareness, sovereign cloud cost premium | Limited local tooling |
| Latin America | Low | Early-stage FinOps, currency fluctuation challenges | FX impact on cloud costs |
| Africa | Low | Nascent FinOps, mobile-first infrastructure cost focus | Infrastructure cost barriers |
| Stage | Capability | FinOps Maturity | Key Actions |
|---|---|---|---|
| Observable | See what AI costs | Basic | Establish AI cost tags, GPU/API cost tracking |
| Attributable | Know who/what scenario costs money | Standardized | Attribute by model/project/department, Showback |
| Optimizable | Can proactively save money | Optimized | Model distillation/quantization, inference optimization, Prompt compression |
| Evolvable | Cost linked to business value | Excellent | Unit Economics, AI ROI real-time tracking |
The core principle of Zero Trust: Never Trust, Always Verify. NIST SP 800-207 defines the three core components of the Zero Trust Architecture:
| Component | Full Name | Responsibility |
|---|---|---|
| PDP | Policy Decision Point | Evaluate access requests, make allow/deny decisions |
| PEP | Policy Enforcement Point | Enforce PDP decisions, intercept or forward traffic |
| PAP | Policy Administrator Point | Manage policy configuration, distribute policies to PDP |
| Technology Path | Core Idea | Typical Products | Applicable Scenarios |
|---|---|---|---|
| SDP (Software Defined Perimeter) | Authenticate first, connect later; hide network assets | Zscaler, Cloudflare Zero Trust | Remote work, multi-cloud access |
| IAM Enhancement | Identity is the new perimeter; continuous authentication + dynamic authorization | Okta, Azure AD, Ping Identity | Application access, API security |
| MSG (Micro-Segmentation) | Fine-grained east-west traffic control | Illumio, Guardicore | Data centers, container environments |
| Trend | Description | IT Consulting Implications |
|---|---|---|
| AI-Era Identity Signal Shift | AI Agent identity is no longer "human" but "intelligent agent"; traditional MFA fails | Introduce Agent identity management and behavior baselines into solutions |
| Browser PEP | Browser becomes the new policy enforcement point; no VPN/Agent needed | Prioritize browser isolation for remote work solutions |
| Non-Human Identity (NHI) Governance | API Keys / Service Accounts / OAuth Tokens become the largest attack surface | Add NHI governance as a dedicated item in security assessments |
| Framework | Jurisdiction | Core Structure | Scope | Enforcement |
|---|---|---|---|---|
| NIST CSF 2.0 | USA | Identify → Protect → Detect → Respond → Recover + Govern | Global | Voluntary (mandatory for US federal agencies) |
| ISO/IEC 27001:2022 | International | ISMS + 93 controls (Annex A) across 4 themes | Global | Certification-based; required in many supply chains |
| SOC 2 | USA (AICPA) | Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, Privacy | Global (service orgs) | Audit-based; Type I (design) / Type II (operating effectiveness) |
| GDPR | EU/EEA | Data protection by design, 7 principles, Data Subject Rights | Global (extraterritorial) | Fines up to €20M or 4% of global annual turnover |
| CCPA/CPRA | California, USA | Consumer rights: access, delete, opt-out, correction | US (California-based) | Fines up to $7,500 per intentional violation |
| NIS2 Directive | EU | Cybersecurity risk management, incident reporting, supply chain security | EU member states | Fines up to €10M or 2% of global annual turnover |
| Essential Eight | Australia | 8 mitigation strategies: Application Control → Patch Applications → Configure MSO → User Application Hardening → Restrict Admin → Patch OS → MFA → Regular Backups | Australia / APAC | Mandatory for Australian government; recommended for all |
| China Cybersecurity Law | China | Multi-Level Protection Scheme (MLPS 2.0), data localization, security review | China | Mandatory for all organizations operating in China |
| PDPA | Singapore | 9 obligations: Consent, Purpose Limitation, Notification, Access, Correction, Accuracy, Protection, Retention, Transfer | Singapore / ASEAN | Fines up to S$1M or 10% of annual turnover |
| PIPL (Personal Information Protection Law) | China | Personal information protection, consent, data localization, cross-border transfer assessment | China (extraterritorial) | Fines up to RMB 50M or 5% of annual revenue |
| Region | Cybersecurity Spending (USD Billion) | YoY Growth | Top Priority |
|---|---|---|---|
| North America | $110B+ | 8.5% | AI-powered threat detection, ransomware defense |
| Europe | $65B+ | 7.2% | NIS2 compliance, OT/IoT security |
| Asia-Pacific | $55B+ | 10.1% | Cloud security, data localization compliance |
| Middle East & Africa | $12B+ | 9.3% | Critical infrastructure protection, sovereign cloud security |
| Latin America | $8B+ | 7.8% | Financial sector cybersecurity, ransomware |
| Global Total | ~$250B+ | 8.5% | Zero Trust adoption, AI security, supply chain security |
Sources: Gartner Security & Risk Management Forecast Q1 2025, IDC Worldwide Security Spending Guide
| Client Scenario | Recommended Framework | Rationale |
|---|---|---|
| US-based enterprise, board-level reporting | NIST CSF 2.0 | Widely adopted, board-friendly, maps to other frameworks |
| Global enterprise seeking certification | ISO/IEC 27001:2022 | Internationally recognized, required by many supply chains |
| SaaS provider serving US customers | SOC 2 Type II | Essential for B2B SaaS; customer assurance |
| EU-based or handling EU citizen data | GDPR + NIS2 | Legal requirement; severe penalties for non-compliance |
| Australian government or critical infrastructure | Essential Eight | Mandatory baseline; practical and actionable |
| China-based or operating in China | MLPS 2.0 + PIPL | Legal requirement; data localization mandatory |
| APAC multi-country operation | ISO 27001 + local regs (PDPA, PIPL, etc.) | ISO as baseline + country-specific compliance |
| Middle East sovereign cloud deployment | NIST CSF + local framework (NCA, ISR, etc.) | NIST as baseline + country-specific regulatory requirements |
Technical due diligence is a high-value IT consulting scenario — technology risk assessment before M&A / investment / partnership. Based on Bain & Company methodology.
| Dimension | Focus Areas | Typical Check Items |
|---|---|---|
| IT Strategy & Finance | IT investment rationality, technology roadmap sustainability, IT budget alignment with business | 15+ |
| IT Organization | Team capability, key person dependency, outsourcing risk, R&D effectiveness | 20+ |
| IT Infrastructure | Architecture advancement, technical debt, scalability, disaster recovery capability | 25+ |
| Software Systems | Code quality, architecture reasonableness, open-source compliance, security vulnerabilities | 25+ |
| Cybersecurity | Security posture, compliance status, historical incidents, data protection | 20+ |
| Dimension | Key Check Item | Red Flag |
|---|---|---|
| IT Strategy | IT spend as % of revenue — is it reasonable? | <1% or >15% |
| IT Organization | Are core architects/tech leads stable? | >30% attrition in past year |
| Infrastructure | Is there a disaster recovery plan with regular drills? | No DR or DR never tested |
| Software Systems | Is there automated testing and CI/CD? | No automated testing, manual deployment |
| Cybersecurity | Has the company passed ISO 27001 / SOC 2 / MLPS 2.0? | No security certifications |
| Region | Key Additional Considerations | Common Pitfalls |
|---|---|---|
| North America | SOC 2 compliance, CCPA readiness, open-source license audit, IP assignment | Underestimating SaaS vendor lock-in |
| Europe | GDPR compliance audit, NIS2 readiness, Works Council consultation, data residency | Ignoring employee data protection (Works Council) |
| UK | Post-Brexit data transfer adequacy, UK GDPR, FCA tech resilience for financial services | Assuming EU frameworks still apply automatically |
| APAC | Cross-border data transfer restrictions (China PIPL, India DPDP, etc.), local hosting requirements | Overlooking country-specific data localization laws |
| Middle East | Sovereign cloud requirements, local data protection laws (PDPL in KSA, UAE, etc.), nationalization quotas | Underestimating in-country presence requirements |
| Latin America | LGPD (Brazil) compliance, currency volatility impact on IT costs, local labor law | Overlooking inflation impact on long-term contracts |
| Africa | POPIA (South Africa) compliance, mobile-first infrastructure assessment, local partner ecosystem | Assuming consistent infrastructure across countries |
1. Executive Summary (1 page: Core Findings + Risk Rating + Recommendations)
2. IT Strategy & Financial Assessment
3. IT Organization & Talent Assessment
4. Technology Architecture & Infrastructure Assessment
5. Software Systems & Code Quality Assessment
6. Cybersecurity & Compliance Assessment
7. Risk Matrix (Probability × Impact × Mitigation Cost)
8. Integration / Migration Cost Estimate
9. Recommendations & Next Steps
The State Council's "Data Element ×" Three-Year Action Plan core objectives:
| Objective | 2026 Target |
|---|---|
| Data Element Market Size | Exceed RMB 500 billion |
| Data Trading Venues | Regional + industry-specific data trading venue system |
| Data Asset Accounting | Full implementation of enterprise data asset accounting |
| Key Actions | 12 industry sectors (Industrial Manufacturing / Modern Agriculture / Commerce & Trade Circulation / Transportation / Financial Services / S&T Innovation / Cultural Tourism / Healthcare / Emergency Management / Meteorological Services / Urban Governance / Green & Low-Carbon) |
Data Resourcification Data Assetization Data Capitalization
│ │ │
▼ ▼ ▼
Data Collection/Cleansing/ Data Rights Confirmation/ Data Pledge Financing/
Governance Valuation/Accounting Securitization
Establish Data Catalog/ Confirm Data Asset Account Data Trust/Data Bank
Standards Data Asset Disclosure Data Trading/Data Equity
Data Quality Improvement
| Stage | Key Question | Consulting Recommendation |
|---|---|---|
| Recognition | Which data meets asset recognition criteria? | Screen by 3 conditions: controllable + measurable + likely to bring economic benefits |
| Measurement | How to measure data asset cost? | Externally acquired: acquisition cost; internally developed: capitalized development cost |
| Presentation | How to present in financial statements? | Intangible assets or inventory; disclose data asset details in notes |
| Disclosure | What information needs to be disclosed? | Data asset category, quantity, carrying amount, amortization method, impairment testing |
Consulting Insight: Data asset accounting is the "catalyst" for enterprise digital transformation in China from 2024-2026 — it transforms data from a "cost center" into an "asset," changing the conversation between CIO and CFO. IT consultants need to master basic accounting logic to help clients complete data assetization. Globally, similar trends are emerging: the EU Data Act, India's Data Governance Framework, and the UK's Smart Data initiatives all point toward data as a balance-sheet asset.
| Metric | 2025 Target | Meaning |
|---|---|---|
| Digital Economy Core Industry Value-Add as % of GDP | >10% | Digital economy becomes a pillar industry |
| Total Computing Power | >300 EFLOPS | Massive expansion of computing infrastructure |
| Gigabit Broadband Users | >60 million households | Network infrastructure upgrade |
| Provincial Government "One-Network" Services | Full coverage | Digital government rollout |
| Data Element Market System | Basically established | Data trading / rights confirmation / pricing mechanisms |
| Provider | Market Share | Revenue (Annualized) | YoY Growth | Key Strengths | Primary Regions |
|---|---|---|---|---|---|
| AWS | 31% | $105B+ | 17% | Broadest service portfolio, global infrastructure, developer ecosystem | Global (strongest in Americas) |
| Microsoft Azure | 24% | $80B+ | 24% | Enterprise integration, AI (OpenAI/Copilot), hybrid cloud | Global (strongest in enterprise) |
| Google Cloud | 12% | $40B+ | 26% | AI/ML (Vertex AI, Gemini), data analytics, Kubernetes | Global (strong in data/AI workloads) |
| Alibaba Cloud | 5% | $16B+ | 8% | Dominant in China, strong in APAC, e-commerce ecosystem | China, APAC, Middle East |
| Others | 28% | $95B+ | — | IBM Cloud, Oracle Cloud, Tencent Cloud, Huawei Cloud, regional players | Regional |
Source: Synergy Research Group Q1 2025, company earnings reports
| Strategy | Description | Effort | Cost Savings | When to Use |
|---|---|---|---|---|
| Rehost (Lift & Shift) | Move as-is to cloud | Low | Low-Medium | Quick migration, legacy apps |
| Replatform (Lift & Reshape) | Minor modifications for cloud | Medium | Medium | Managed services adoption |
| Refactor (Re-architect) | Rewrite for cloud-native | High | High | Strategic apps, modernization |
| Rearchitect | Redesign architecture | High | High | Legacy transformation |
| Retire | Decommission unused | Low | High | Zombie servers, unused apps |
| Retain | Keep on-premises | N/A | N/A | Compliance, latency, recent investment |
| Stage | Meaning | Key Activities | Success Indicator |
|---|---|---|---|
| Awareness | Awareness of the need for change | Communicate reasons for change, share industry trends | Employees understand "why change" |
| Desire | Desire to participate and support change | Show personal benefits, address concerns | Employees actively participate, not passively accept |
| Knowledge | Know how to change | Training, documentation, coaching | Employees possess new skills |
| Ability | Able to execute the change | Practice, feedback, correction | Employees can independently perform new work |
| Reinforcement | Sustain the change | Recognition, assessment, institutionalization | New behaviors become the new normal |
| Step | Core Action | IT Consulting Scenario Example |
|---|---|---|
| 1. Create Urgency | Show industry trends, competitive threats | Share "88% of enterprises are already using AI; your competitors are moving" |
| 2. Build Guiding Coalition | Find key stakeholders to form a change core | CIO + CFO + Business VP form a digital leadership group |
| 3. Form Strategic Vision | Clear, concise, communicable vision | "Become the industry digital benchmark within 3 years" |
| 4. Communicate Vision | Multi-channel, high-frequency communication | All-hands meeting + department workshops + internal campaigns |
| 5. Empower Action | Remove barriers, provide resources | Establish digital innovation fund, allow experimentation |
| 6. Generate Short-Term Wins | Quick-win projects to build confidence | Complete a high-visibility AI pilot in 2 months |
| 7. Consolidate Gains & Drive Change | Expand scope based on short-term wins | Pilot success → 3 departments → entire company |
| 8. Anchor Change in Culture | Link to systems, assessments, promotions | Digital capability included in promotion criteria |
Consulting Insight: No matter how well-designed the technology solution, it's worthless if nobody uses it. IT consultants must simultaneously be change management consultants — every technology solution must be accompanied by a change management plan.---
| Level | US | UK | Germany | France | UAE | Singapore | Japan | Australia | India | Brazil | South Africa |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Analyst (0-2 yrs) | $70K-95K | £35K-50K | €45K-60K | €38K-52K | AED 180K-280K | SGD 50K-75K | ¥5M-8M | AUD 65K-90K | ₹8L-18L | R$80K-140K | R350K-550K |
| Consultant (2-5 yrs) | $95K-140K | £50K-75K | €60K-85K | €52K-75K | AED 280K-450K | SGD 75K-110K | ¥8M-12M | AUD 90K-130K | ₹18L-35L | R$140K-250K | R550K-850K |
| Senior Consultant (5-8 yrs) | $140K-190K | £75K-110K | €85K-120K | €75K-100K | AED 450K-650K | SGD 110K-160K | ¥12M-18M | AUD 130K-180K | ₹35L-60L | R$250K-400K | R850K-1.2M |
| Manager (8-12 yrs) | $190K-250K | £110K-150K | €120K-160K | €100K-140K | AED 650K-900K | SGD 160K-220K | ¥18M-25M | AUD 180K-250K | ₹60L-1Cr | R$400K-600K | R1.2M-1.8M |
| Director/Partner (12+ yrs) | $250K-500K+ | £150K-350K+ | €160K-300K+ | €140K-250K+ | AED 900K-1.5M+ | SGD 220K-400K+ | ¥25M-50M+ | AUD 250K-500K+ | ₹1Cr-3Cr+ | R$600K-1M+ | R1.8M-3M+ |
Note: MBB (McKinsey, BCG, Bain) compensation is typically 20-40% above Big 4. Total compensation at partner level includes profit-sharing and can be 2-3x base salary.
| Region | Market Size | Growth Rate | Key Drivers | Dominant Firms |
|---|---|---|---|---|
| North America | $280B | +8% | Cloud migration, AI/ML, cybersecurity | Accenture, Deloitte, McKinsey, IBM |
| Europe | $180B | +7% | GDPR, digital sovereignty, green IT | Capgemini, Accenture, Atos, TCS Europe |
| APAC | $120B | +12% | Digital transformation, smart cities, fintech | TCS, Infosys, Accenture, NTT Data |
| Middle East | $25B | +15% | Vision 2030/2071, smart cities, sovereign cloud | Accenture, Deloitte, PwC, local firms |
| LATAM | $18B | +10% | Cloud adoption, fintech, nearshoring | Accenture, Stefanini, Softtek, Globant |
| Africa | $8B | +14% | Mobile-first, fintech, donor-funded projects | Deloitte Africa, Accenture, local firms |
| Certification | Issuing Body | Region Strength | Focus | Cost (USD) | Renewal |
|---|---|---|---|---|---|
| TOGAF 9 Certified | The Open Group | Global | Enterprise Architecture | $550/exam | None |
| CISA | ISACA | US/Global | IT Audit, Control | $575-$760 | 3 years |
| CISM | ISACA | US/Global | InfoSec Management | $575-$760 | 3 years |
| CGEIT | ISACA | US/Global | IT Governance | $575-$760 | 3 years |
| ITIL 4 Master | Axelos | UK/Commonwealth | IT Service Management | $400-$600/level | 3 years |
| PMP | PMI | Global | Project Management | $405-$555 | 3 years |
| AWS/Azure/GCP SA | AWS/Microsoft/Google | Global | Cloud Architecture | $150-$300 | 3 years |
| CISSP | ISC² | US/Global | Cybersecurity | $749 | 3 years |
| ISO 27001 Lead Auditor | Various | Global | InfoSec Audit | $1,500-$3,000 | 3 years |
| CDMP | DAMA | Global | Data Management | $300-$400 | 3 years |
| Version | Date | Changes |
|---|---|---|
| V1.1.0-intl | 2025-07-01 | International edition: Full English translation of all content. Added: Global IT consulting market size by region, Global top 10 consulting firms comparison (McKinsey, BCG, Bain, Deloitte, Accenture, Capgemini, TCS, Infosys, Gartner, EY), International consulting methodology comparison (McKinsey MECE, BCG Matrix, Bain Results Delivery, Deloitte 4+1, Accenture Applied Intelligence, Gartner Pace-Layered), Global digital transformation maturity by region, International digital transformation benchmarks (Microsoft, Siemens, DBS, Schneider Electric, Walmart, Maersk, John Deere), Global IT spending forecast (Gartner data), International cybersecurity frameworks (NIST CSF 2.0, ISO/IEC 27001, SOC 2, GDPR, CCPA, NIS2, Essential Eight, PIPL, PDPA), Global cybersecurity spending by region, International technical due diligence best practices by region, Global cloud market landscape (AWS, Azure, GCP, Alibaba Cloud), Global FinOps maturity by region. All China-specific content retained and expressed in English. |
| V1.1.0 | 2026-06-16 | Deep upgrade: Added McKinsey AI Value Creation Three Waves (with GenAI adoption gap analysis and AI high performer profile), Digital Transformation Three-Stage Model Deep Dive (with maturity assessment dimensions), Five-Force Diagnostic Model + Eight-Step Advancement Method, FinOps Cloud Financial Management Deep Framework (with AISMM+FinOps Four-Stage Leap Roadmap), Zero Trust Security Architecture (NIST SP 800-207 Core Model + Three Technical Paths + 2026 Frontier Trends), Technical Due Diligence Framework (Bain methodology + 5 dimensions 100+ check items), Data Assetization & Accounting Treatment ("Data Element ×" Three-Year Action Plan + Data Resourcification → Assetization → Capitalization Full Path), Digital China 2025 Action Plan (Key Digitalization Metrics), IT Organization Change Management (ADKAR Five-Stage + Kotter 8-Step). Unified copyright notice + disclaimer. Based on four rounds of deep research (McKinsey / NIST / FinOps Foundation / Bain / State Council policy documents and other authoritative sources). |
| V2.0 | 2026-06-02 | Initial version, covering full lifecycle 8 phases 57 files + 12 deliverable templates + 6 top consulting firm benchmarks |
Author: yinjianheng (殷健恒) Contact: email: yinjianheng@foxmail.com / wechat: YJH-yinjianheng License: Free and open-source, for personal use only
温馨提示:本 Skill 为个人开源作品,仅供个人学习、研究及非商业用途。未经作者书面授权,严禁任何形式的商业使用(包括但不限于转售、捆绑销售、商业培训、SaaS化服务等)。作者已委托专业知识产权律师团队进行全网监测,侵权必究。
Not Professional Advice: The content provided by this Skill is for learning and reference purposes only and does not constitute any form of professional advice (including but not limited to legal advice, financial advice, or technical decision-making advice). Users should consult qualified professionals before making any business or technical decisions.
Information Accuracy: While this Skill has made every effort to ensure the accuracy and timeliness of its content, no guarantee is made regarding the completeness, accuracy, or applicability of all information. The technology field evolves rapidly, and some content may become outdated over time. Users should independently verify critical information.
Limitation of Liability: To the maximum extent permitted by applicable law, the author assumes no liability for any direct, indirect, incidental, special, or consequential losses arising from the use of or reliance on the content of this Skill, including but not limited to business losses, data loss, system failures, or third-party claims.
Third-Party Content: The copyrights of third-party frameworks, methodologies, tools, and standards referenced in this Skill (such as McKinsey, NIST, FinOps Foundation, Bain, etc.) belong to their respective rights holders. Such references do not constitute any affiliation or endorsement relationship between the author and the third-party rights holders.
Usage Compliance: Users shall ensure that their use of this Skill complies with the laws, regulations, industry standards, and internal corporate policies of their country/region. The use of this Skill for any illegal purpose or purpose contrary to public order and good morals is prohibited.
Quickly locate the appropriate methodology by consulting scenario. Full methodology details in
references/core-methodology-library.md.
| Methodology | Use Case | One-Liner |
|---|---|---|
| MECE | Problem decomposition | Mutually Exclusive, Collectively Exhaustive |
| Hypothesis-Driven | Rapid validation | Propose hypothesis first, then validate with data |
| Pyramid Principle | Logical expression | Conclusion first, top-down, category grouping |
| SCQA | Narrative framework | Situation → Complication → Question → Answer |
| Issue Tree | Problem breakdown | Break complex problems into actionable sub-problems |
| 5-Why | Root cause analysis | Ask "Why?" 5 times in succession |
| 80/20 Rule | Prioritization | Focus on the 20% of factors that drive 80% of impact |
| Methodology | Use Case | One-Liner |
|---|---|---|
| Run/Grow/Transform | IT investment portfolio | Operations → Growth → Transformation: 3-tier budget allocation |
| SoR/SoD/SoI | System classification | Systems of Record → Systems of Differentiation → Systems of Innovation |
| Wardley Maps | Strategic decision-making | Value chain visualization + 4-stage component evolution |
| BCG Matrix | Business portfolio | Stars / Cash Cows / Question Marks / Dogs |
| SWOT | Situational analysis | Strengths / Weaknesses / Opportunities / Threats |
| PESTLE | Macro environment | Political / Economic / Social / Technological / Legal / Environmental |
| Porter Five Forces | Industry competition | Suppliers / Buyers / New Entrants / Substitutes / Existing Rivalry |
| Methodology | Use Case | One-Liner |
|---|---|---|
| TOGAF ADM | Enterprise architecture | 10-phase Architecture Development Method |
| ArchiMate 3.2 | Architecture modeling | Strategy / Business / Application / Technology / Motivation / Implementation: 6 layers |
| C4 Model | Software architecture visualization | Context → Container → Component → Code: 4-level zoom |
| 4+1 Views | Architecture description | Logical / Development / Process / Physical + Scenarios |
| Methodology | Use Case | One-Liner |
|---|---|---|
| AIM² | AI maturity | L1-L5 five-level maturity assessment |
| RICE+ | AI use case scoring | Reach / Impact / Confidence / Effort + AI Fit |
| 5D AI Framework | AI implementation | Discover → Define → Design → Develop → Deploy |
| Digital Transformation 3-Stage | Transformation path | Digitization → Digitalization → Intelligentization |
| Methodology | Use Case | One-Liner |
|---|---|---|
| Five Case Model | Business case | Strategic / Economic / Commercial / Financial / Management: 5 dimensions |
| TCO | Total cost of ownership | 5-year total cost (including hidden costs) |
| FinOps | Cloud financial management | Inform → Optimize → Operate: 3 phases |
| NPV / IRR / Payback | Investment evaluation | Net Present Value / Internal Rate of Return / Payback Period |
| Methodology | Use Case | One-Liner |
|---|---|---|
| ADKAR | Individual change | Awareness → Desire → Knowledge → Ability → Reinforcement |
| Kotter 8-Step | Organizational change | Urgency → Coalition → Vision → Communicate → Empower → Quick Wins → Consolidate → Anchor |
| Change Readiness Assessment | Change feasibility | 5-dimension assessment of organizational change readiness |
| Methodology | Use Case | One-Liner |
|---|---|---|
| NIST CSF 2.0 | Security framework | Identify → Protect → Detect → Respond → Recover + Govern |
| Zero Trust Architecture | Security model | Never Trust, Always Verify |
| ITIL 4 | IT service management | Service Value Chain + 34 practices |
| COBIT 2019 | IT governance | Governance & Management Objectives Cascade |
| Methodology | Use Case | One-Liner |
|---|---|---|
| 6R Cloud Migration | Migration strategy | Rehost / Replatform / Refactor / Rearchitect / Retire / Retain |
| Well-Architected | Architecture review | Operational Excellence / Security / Reliability / Performance Efficiency / Cost Optimization / Sustainability |
| DORA | DevOps assessment | Deployment Frequency / Lead Time for Changes / Time to Restore / Change Failure Rate |
The following frameworks are used to quickly benchmark client IT capabilities against industry best practices.
| Dimension | L1-Initial | L2-Repeatable | L3-Defined | L4-Managed | L5-Optimizing |
|---|---|---|---|---|---|
| Technology | Siloed systems | Partial integration | Standardized platform | Automated operations | Intelligent & adaptive |
| Process | Ad-hoc | Department-level | Enterprise-level | Quantitatively managed | Continuously improving |
| Organization | No IT department | Operations-focused | Business partner | Innovation-driven | Strategy leader |
| Data | Data silos | Partial sharing | Data governance | Data-driven | AI-empowered |
| Finance | No budget management | Project accounting | TCO management | FinOps | Value quantified |
| Industry | Average Maturity | Leader Maturity | Core Gap |
|---|---|---|---|
| Financial Services | L3.5 | L4.5 | Data governance, AI applications |
| Manufacturing | L2.5 | L4.0 | IoT, digital twins |
| Retail | L3.0 | L4.0 | Omnichannel, personalization |
| Healthcare | L2.0 | L3.5 | Data interoperability, AI diagnostics |
| Government | L2.5 | L3.5 | One-stop services, data sharing |
| Education | L2.0 | L3.0 | Online education, personalized learning |
| Dimension | Standard | Verification Method |
|---|---|---|
| MECE Completeness | No omissions, no overlaps | Cross-validation |
| Data Accuracy | Cited sources are traceable | Item-by-item verification |
| Logical Consistency | Conclusions supported by data | Logic chain backtracking |
| Formatting Standards | Consistent fonts / sizes / spacing | Template check |
| Client Readability | Understandable by non-technical readers | Layperson test |
💡 Every deliverable is a continuation of trust. Verify your data, ensure your logic is consistent, and keep your formatting polished — clients notice every detail. However good the proposal, it's better to clock out early and spend time with those who matter. — yinjianheng (殷健恒)