Conduct discovery

Identify business-critical applications

Identifying key applications early helps you identify important contacts to make, helps define success metrics, and helps early prioritization. Your business may have thousands of applications, but can you identify a few key applications to benchmark progress and priority?

For large enterprises, you can import everything, but that additional information can be collected in parallel to help prioritize work and measure success. This should not be a blocker or delay, it can be done in parallel in the planning and implementation phases.

Confirm internal points of contact and roles

To successfully implement Snyk, you must identify the skills needed and the stakeholders who will be involved. For example, you will want to start to identify people who can:

  • Create the necessary single-sign-on (SSO) connections.

  • Generate tokens with the necessary permissions for Git repositories and other integrations being considered.

Identify stakeholders with a RACI matrix

In smaller organizations where a few individuals may have the necessary access, involving the stakeholders can be quick and easy. You can use a RACI matrix to determine who is:

  • Responsible: the person ultimately accountable for carrying out the task or deliverable

  • Accountable: the approver who must sign off on work before it is considered complete

  • Consulted: those whose opinions are sought, two-way communication

  • Informed: kept up-to-date on progress, one-way communication

For large enterprises, the following RACI matrix is useful to clearly define roles and responsibilities during rollout:

TaskChampionAdminSecurityDevOps

Onboarding

Responsible

Responsible

Responsible

Responsible

SSO setup

Responsible

Accountable

Responsible

Responsible

Admin training

Accountable

Responsible

Consulted

Responsible

Security training

Responsible

Consulted

Accountable

Responsible

DevOps training

Responsible

Consulted

Consulted

Accountable

Source Control, IDE, pipeline setup

Responsible

Responsible

Responsible

Accountable

Policy management

Responsible

Responsible

Responsible

Accountable

Security triage

Responsible

Consulted

Accountable

Consulted

This ensures all stakeholders are engaged in suitable capacities without duplicated or neglected efforts. Following the matrix enables smooth collaboration, with individuals contributing specialized skills within their designated areas.

The clear delineation of duties promotes productivity, efficiency, and accountability. Overall, the RACI framework is an effective method for orchestrating a structured, well-coordinated onboarding process, resulting in the successful implementation of Snyk.

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.