SkarpSkarp

Chapter 19 of 21

Process Modeling and Analysis: From Current State to Future State

Visualize how work really flows through an organization, spot bottlenecks and waste, and design leaner future‑state processes that still satisfy required controls.

27 min readen

From Messy Reality to Clear Process Models

Why Process Modeling Matters

You move from vague complaints like "our onboarding is slow" to precise, visual process models you can analyze, improve, and defend in audits.

Current vs Future State

Current state (as-is) shows how work actually happens today, including workarounds. Future state (to-be) shows how you want it to work after improvements.

What You Will Learn

You will define process boundaries, use swimlanes, SIPOC, and value stream maps, spot waste, design better future states, and document controls and access.

Exam Connection

These skills sit mainly in Business Analysis Frameworks but support all CAPM domains, because clear processes drive realistic scope, schedule, and quality.

Step 1: Define Process Boundaries and Purpose

Name the Process

Use a clear verb + object: "Approve expense reports", not "Finance". You are modeling a flow of work, not a department.

Start and End Events

Start: the trigger that kicks off the process (e.g., report submitted). End: the outcome that means you are done (e.g., reimbursed or rejected).

Purpose and Metrics

Clarify why the process exists and how you will measure success: cycle time, error rate, and compliance are common metrics.

Exam Trap

On questions about scope, include only steps between the defined start and end events. Strategy talks or later support are usually out of scope.

Step 2: Model the Current State with Swimlane Process Maps

What Is a Swimlane Map?

A swimlane process map shows activities over time and who performs them, using lanes for roles or systems and arrows for the flow.

Core Elements

You use lanes for actors, rectangles for activities, diamonds for decisions, start/end events, and arrows to show sequence and handoffs.

Building the As-Is Map

List actors, walk through steps, place each activity in the correct lane, add decisions, and mark obvious waiting points or loops.

Expense Approval Example

Employee submits, Manager reviews and approves or rejects, Finance verifies and schedules payment, with arrows showing the handoffs.

Step 3: Use SIPOC and Value Stream Maps to See the Big Picture

SIPOC Overview

SIPOC stands for Suppliers, Inputs, Process, Outputs, Customers. It gives a high-level, 5-column overview of a process.

SIPOC Example

For onboarding: suppliers (HR, IT), inputs (offer, data), process (5–7 steps), outputs (accounts, equipment), customers (new hire, manager).

Value Stream Map

A value stream map shows the flow of value, with processing time, wait time, queues, and information flows across the whole journey.

Tool Selection

Use SIPOC for quick high-level context, VSM to quantify time and waste, and swimlanes for detailed role-by-role steps.

Step 4: Identify Bottlenecks, Delays, Handoffs, and Rework

Spotting Bottlenecks

A bottleneck is a step where work piles up because capacity is too low. Look for long queues, delays, or constant overtime at a specific step.

Delays and Waiting

Waiting occurs when work is idle, such as forms sitting in an inbox or requests pending a weekly approval meeting.

Handoffs and Rework

Too many handoffs increase risk and time. Rework loops show where errors or missing info send work back to earlier steps.

Analysis Mindset

Trace a single item through the process and ask which step takes longest, who is overloaded, and where most errors originate.

Step 5: Classify Activities as Value-Added or Waste

Value-Added Work

Value-added activities change the product or service in a way the customer cares about and that must be done right the first time.

Necessary Non-Value-Added

NNVA steps do not add customer value but are required by law, regulation, policy, or essential risk control, like compliance checks.

Non-Value-Added Waste

NVA steps add no value and are not required: duplicate entry, unnecessary approvals, waiting, searching, or unused reports.

Using the Classification

Label each step VA, NNVA, or NVA. Eliminate NVA, streamline NNVA, and protect VA steps when designing the future state.

Step 6: Design the Future-State Process (While Preserving Controls)

Future-State Goal

You design a to-be process that is faster and simpler but still meets regulatory, policy, and security requirements.

Remove and Streamline

Eliminate pure waste steps, and simplify or automate necessary controls so they are less burdensome but still effective.

Reduce Handoffs and Rework

Empower roles to complete more tasks end-to-end and add up-front validation to avoid errors and loops.

Keep Controls Intact

Maintain segregation of duties and mandatory checks. On exams, the best option improves flow without breaking compliance.

Step 7: Build Shared Terminology: Glossaries and Data Dictionaries

Why Shared Terms Matter

Different teams often use the same word differently. Glossaries and data dictionaries align meaning to prevent process errors.

Glossary Basics

A glossary lists key business terms with agreed definitions, such as what "customer" or "order date" means in your context.

Data Dictionary Basics

A data dictionary details each data element: name, definition, type, format, allowed values, source system, and owner.

Exam Signals

If reports conflict or stakeholders argue about definitions, creating or updating a glossary or data dictionary is often the best next step.

Step 8: Capture Security and Access-Control Requirements

Access-Control Focus

You must specify who can view, create, modify, delete, or approve key data and actions, not just say "secure the system".

Access Matrix Example

For expenses, employees can create and edit their own drafts, managers can approve, and Finance can verify and schedule payments.

Eliciting Rules

Ask who should see or change each data type, who must never see it, and what regulations or policies apply.

Tie into Processes

Show where logins, authorization checks, and audit logs happen, and maintain segregation of duties in your future-state design.

Thought Exercise: Gap Analysis Across People, Process, Policy, Technology

Use this scenario to practice gap analysis between current and future states across people, process, policy, and technology.

Scenario (current state):

  • New employees email a generic inbox to request system access.
  • HR manually retypes data from a PDF form into the HR system.
  • IT receives access requests as forwarded emails; some lack manager approval.
  • There is no standard definition of "start date"; HR and IT use different dates.
  • Employees often start without full access; managers create workarounds by sharing accounts (a security violation).

Proposed future state (high-level idea):

  • Access requests are triggered automatically when HR marks the offer as accepted in the HR system.
  • A standardized online form with mandatory fields is used.
  • Roles and access are selected from predefined profiles; manager approval is captured in the system.

Your task:

  1. List at least one gap in each dimension:
  • People
  • Process
  • Policy
  • Technology
  1. For each gap, write a one-line required change.

Example start:

  • Technology gap: "No integration between HR system and access management".
  • Required change: "Implement integration so accepted offers automatically create access requests".

Pause and actually write your answers. Then compare mentally with the hints that follow.

Hints to self-check:

  • People: training, roles, accountability.
  • Process: steps, handoffs, approvals.
  • Policy: rules about shared accounts, required approvals.
  • Technology: systems, forms, integrations, automation.

Quiz 1: Choosing the Right Modeling Tool

Answer this CAPM-style question about process modeling techniques.

A business analyst is asked to analyze why expense reimbursements are slow. Stakeholders emphasize that approvals pass through several departments and often get stuck when managers are on vacation. Which modeling technique is MOST appropriate to start with?

  1. SIPOC diagram focusing on suppliers and customers
  2. Swimlane process map showing each role and the approval flow
  3. Value stream map focusing only on processing and wait times, without roles
  4. Data dictionary describing all fields in the expense system
Show Answer

Answer: B) Swimlane process map showing each role and the approval flow

The problem centers on approvals, handoffs, and who is responsible when. A swimlane process map best shows roles, steps, and handoffs. SIPOC is higher-level and would not reveal detailed approval paths. A value stream map focuses on time and waste but often abstracts away specific roles. A data dictionary describes data elements, not the flow of approvals.

Quiz 2: Value-Added vs Necessary Non-Value-Added

Test your understanding of value classification in process analysis.

In an online loan approval process, an automated credit check is performed against a credit bureau before the loan can be approved. Customers do not see this step and might not care about it directly. How should this step be classified?

  1. Value-added, because it directly changes the product
  2. Necessary non-value-added, because it is required for risk control and compliance
  3. Non-value-added, because the customer does not see it
  4. Non-value-added, because it could be removed to speed up the process
Show Answer

Answer: B) Necessary non-value-added, because it is required for risk control and compliance

The automated credit check does not directly add value from the customer's perspective, but it is essential for risk control and regulatory compliance. It is therefore necessary non-value-added. It is not pure waste, so options C and D are incorrect. Option A is wrong because the step does not directly transform the service in a way the customer would pay for.

Key Terms Review: Process Modeling and Analysis

Flip through these cards to reinforce core concepts for the CAPM exam.

Current-state (as-is) process
A model of how work actually happens today, including real behaviors, workarounds, delays, and rework, used as a baseline for analysis and improvement.
Future-state (to-be) process
A model of how work is intended to happen after changes, designed to reduce waste and risk while preserving required controls and compliance.
Swimlane process map
A diagram that shows process activities over time, organized into lanes representing roles, teams, or systems, highlighting handoffs and responsibilities.
SIPOC
A high-level diagram summarizing Suppliers, Inputs, Process, Outputs, and Customers for a process, used to clarify scope and context.
Value stream map
A visualization of the flow of value from request to delivery, including processing times, wait times, queues, and information flows, used to identify waste.
Value-added activity
An activity that directly changes the product or service in a way the customer cares about and that must be done right the first time.
Necessary non-value-added activity
An activity that does not add customer value but is required by law, regulation, policy, or essential risk control, so it cannot simply be removed.
Non-value-added activity (waste)
An activity that does not add value and is not required by any rule or control, such as unnecessary approvals, duplicate entry, or avoidable waiting.
Glossary
A list of key business terms with agreed definitions, used to ensure consistent understanding across stakeholders and documents.
Data dictionary
A structured catalog of data elements, including names, definitions, types, formats, allowed values, and source systems, supporting consistent use of data.
Access-control requirements
Specifications of who is allowed to view, create, modify, delete, or approve specific data and actions in a business solution, often captured in a matrix.

Step 9: From Models to Metrics and Solution Evaluation

Metrics from Models

Your diagrams suggest metrics: cycle time, wait time, error rates, queue lengths, and access-control incidents.

Baseline and Targets

Record current performance, then set target metrics for the future state, such as shorter cycle time or lower rework.

Evaluate After Change

After implementation, measure again, compare to targets, and investigate gaps in process, people, policy, or technology.

Segmented Evaluation

Check results by user group. If one group still uses workarounds, you may need targeted process, policy, or training changes.

Key Terms

SIPOC
A high-level diagram summarizing Suppliers, Inputs, Process, Outputs, and Customers for a process, used to clarify scope and context.
rework
Additional effort required to correct errors or omissions in work that has already been performed, often sending items back to earlier steps.
handoff
The transfer of work, information, or responsibility from one role, team, or system to another within a process.
glossary
A list of key business terms with agreed definitions, used to ensure consistent understanding across stakeholders and documents.
bottleneck
A step in a process where work accumulates because capacity is lower than demand, limiting overall throughput.
gap analysis
A comparison between current-state and future-state capabilities across dimensions such as people, process, policy, and technology to identify required changes.
data dictionary
A structured catalog of data elements, including names, definitions, types, formats, allowed values, and source systems, supporting consistent use of data.
value stream map
A visualization of the flow of value from request to delivery, including processing times, wait times, queues, and information flows, used to identify waste.
swimlane process map
A diagram that shows process activities over time, organized into lanes representing roles, teams, or systems, highlighting handoffs and responsibilities.
value-added activity
An activity that directly changes the product or service in a way the customer cares about and that must be done right the first time.
non-value-added activity
An activity that does not add value and is not required by any rule or control, such as unnecessary approvals, duplicate entry, or avoidable waiting.
access-control requirements
Specifications of who is allowed to view, create, modify, delete, or approve specific data and actions in a business solution, often captured in a matrix.
future-state (to-be) process
A model of how work is intended to happen after changes, designed to reduce waste and risk while preserving required controls and compliance.
current-state (as-is) process
A model of how work actually happens today, including real behaviors, workarounds, delays, and rework, used as a baseline for analysis and improvement.
necessary non-value-added activity
An activity that does not add customer value but is required by law, regulation, policy, or essential risk control, so it cannot simply be removed.

Finished reading?

Test your understanding with a custom practice exam on this chapter.

Test yourself