We were recently asked to support the CTO of a highly distributed global organisation that had grown rapidly over the last few years. Growth had delivered new capability and market reach, but it had also exposed weaknesses in quality, resilience and the day-to-day experience for both customers and employees. Service performance was increasingly linked to customer acquisition and sales conversion, while poor agility, fragmented tooling and a complex supplier landscape made it hard to respond quickly—or consistently.
Working across service transformation, service design, cloud and security, we helped the organisation identify the most pressing issues, shape a realistic improvement road-map, and mobilise delivery. The aim was not “cloud for cloud’s sake”, but a controlled programme that improved reliability and security, reduced operational friction, and made it easier to scale without continually increasing cost and effort.
A review of the global estate surfaced a familiar pattern of business risks that had built up over time:
- Limited maturity in service and change management, leading to uncontrolled or poorly governed change.
- Major service incidents, some compounded by weak configuration management, inconsistent deployments and core network design issues.
- Security controls that had not kept pace across both cloud and on-prem platforms.
- A growing financial burden from uncontrolled service growth in multiple regions, limiting the ability to invest in modernisation.
- A legacy service delivery structure that made global and regional coordination difficult.
- Minimal adoption of configuration management, DevOps or integrated tooling, resulting in labour-intensive and inconsistent deployments.
The organisation’s growth plans depended on faster, safer change. But the existing delivery and platform model was restrictive—every improvement seemed to require disproportionate effort, and incidents had become both more frequent and more impactful. The work needed to reset the foundations and create a repeatable way to deliver and operate services at scale.
Working closely with the CTO, we designed a cloud and security programme plan, supported the business case, and helped secure the initial transformation capability. A governance board was established to provide oversight, manage priorities and coordinate stakeholders across the global estate. The programme was framed around a clear goal: deliver a “minimal viable platform” within six months that could be adopted region by region.
Given the organisation’s investment in Microsoft and O365, the target architecture was confirmed as Azure-centric. This also aligned well with the security ambitions of the programme—adopting Microsoft’s security capabilities and tooling (for example, endpoint protection, threat detection and SIEM integration) and building on existing SQL Server and Microsoft-aligned technology choices. A key constraint was global operation, including a strong presence in China, so the platform and operating model had to join up people, processes and technology across regions in a way that was consistent but practical.
The programme plan was shaped around the organisation’s budgeting cycle and existing in-flight change programmes. The platform needed to support current delivery work—not disrupt it—while still creating a step-change in service quality and control.
Requirements were agreed through the Global Head of Architecture and the Design Authority, with regional and global leads involved early to ensure the approach would work in practice. Delivery followed an iterative design/build/test approach, drawing on established patterns (for example, TOGAF and ITIL concepts applied to modern cloud delivery), and focused on building confidence through working increments rather than big-bang documentation.
Adoption was treated as a delivery stream in its own right. A rolling programme of education, training, dual-running and handover was delivered to the client’s resolver groups (including teams based in China), so that new services could be operated confidently and consistently as they came online.
To keep delivery coherent, work was organised into four streams: Architecture, Engineering, Security and Migration. Each stream ran fortnightly sprints, supported by a programme office and led by a delivery lead and chief architect. Fortnightly demos, backlog refinement and retrospectives provided visibility and helped steer priority decisions. Weekly reporting and risk management rolled into a shared programme risk register, reviewed with stakeholders and presented to the programme board so that dependencies and assumptions were actively managed, not discovered late.
Service Design
The service design focused on three outcomes: better service quality, faster delivery, and stronger security—without creating a platform that only specialists could operate.
A key element was integrating with the organisation’s service desk so users could request standardised platforms through an online catalogue. Those requests were then fed into the CI/CD toolchain to deploy into target environments automatically, using repeatable IaaS and PaaS templates with consistent tagging and supporting configuration/asset management. In practice, that meant defining a set of “approved patterns” that matched real application needs—high availability options, resilient data services, clustered SQL, and common application platform components.
Operational visibility was built in from the start. Integration with Azure monitoring provided a service dashboard and a “single view of service”, giving delivery and operations teams a shared, consistent picture of health and performance. The MVP also embedded baseline security standards aligned to recognised benchmarks (for example, CIS), and integrated into the organisation’s emerging SOC/SIEM capability to support event monitoring, alerting, problem management and security incident processes.
Finally, the platform did not stop at build. Each service went through formal assurance and operational readiness—documentation, training and support handover—before being passed to the global delivery team to drive migration and adoption into steady-state operations. That emphasis on onboarding and operational readiness was crucial: it turned the MVP from a technical proof into a service the organisation could actually run, scale and trust.