Gartner runs a CEO survey every year and in his blog, Mark Raskino asked what questions we should be asking in these surveys. The focus is on how the CEO sees the current state of IT and how it needs to change to support the business.
In my time as CIO, I have often wanted to ask my CEO that killer question that reframes his view of IT. I am not sure that I ever quite succeeded, but the accelerating pace of change driven by technology is probably making some CEOs nervous. Time to hit them with the big one ….
But first I need to frame the state of play as I see it.
The executive and senior management in many organizations are disappointed with IT and do not trust the IT department to deliver the technology that they need for transformation. IT departments provide solutions too slowly; they are too expensive and overly restrictive. The existing solutions are often not fit for purpose. CEOs don’t want to restrict innovation and profit by forcing all technology solutions through IT, so they are allowing the business to buy their own cloud solutions.
The IT departments are frustrated by the way that the business engages with IT issues. Best practice approaches to architecture, IT governance or security are only paid lip service by business leaders. I hear comments like “the business really needs to improve its maturity to be successful with IT”. Furthermore IT budget are constantly under pressure and IT management is having to focus increased effort on supporting products that they had no part in procuring.
A classic Mexican standoff, with the majority of guns pointing at the unlucky CIO!
So how does the CEO think IT should be run in their organization?
Do you believe that following IT best practices would deliver the right IT solutions for your business?
The best practices are there to ensure agility, quality, alignment, risk management and costs control – exactly the problems that organizations are experiencing. IT best practices stretch well beyond the IT department and can only work when the CEO is committed to them. The nexus of the question is who the CEO trusts to fix IT.
If the CEO does not trust the CIO, do they trust ISACA, ITSMF, or PMI (the best practice organizations)? If they don’t trust these industry groups who do they trust? Please let me know your thoughts
I am passionate about making organizations work better through technology. We could vastly improve business performance and prevent wanton destruction of wealth. With the resources freed up we can tackle poverty, the environment and global inequity – or am I getting carried away?
The agenda is clear and many would agree that the solutions are clear – but not simple. Every organization should be doing the following 5 things:
1. Corporate governance of IT. Technology is not a separate thing to the business, it needs to be managed by management and not by the IT department. There are best practices (Cobit5, ISO38500) but the real implementation challenge is that many senior managers do not have the skills and knowledge to make the right decisions about the technology in their business.
Implement a corporate governance of IT best practice and develop your senior staff to be excellent in its application
2. Enterprise architecture. This must not be confined to the IT department, it must become a central component of all business initiatives. Enterprise architecture is very difficult to do well despite the best practices (TOGAF, FEAF etc).
Invest in an enterprise architecture and use it broadly for business decision making
3. Continuous improvement. If you have ever taken delivery of a new enterprise IT system, it probably resembled a bath tub and not the speed boat that you expected. It takes time to update practices, fix bugs and improve processes. This should never stop, even when you realize that the system has grown into the beautiful sleek machine that you were expecting.
Formalize continuous improvement in all areas of the business, maybe through Six Sigma and an Improvement Register
4. Service management. It is now almost universally accepted that the only way to run IT in complex organizations is through a service management approach (ITIL, ISO20000 etc). In my view this approach should be extended to other internal service departments such as HR and finance.
Commit to a service management maturity level of 3 and above
5. Execution methods. Execution of technology projects is notoriously tricky, with 70% not delivering to expectations. Those that do deliver use proven methodologies run by high quality people. Project management, business process management, software development lifecycle, security, and information lifecycle are 5 key areas to look at.
Develop and nurture excellence in execution to deliver 90% on time, on budget initiatives
All organizations can benefit from the above approach, but the government sector is probably most in need. Citizens who see their hard earned tax payments go up in smoke through the likes of the Queensland Government Health Payroll debacle should be insisting on a plan from politicians. This was a $6M technology project that cost $1.2Bn (or $1000 from my family).
Commit to the above 5 steps and not only will IT disasters be less likely, we should also get IT enabled and connected governments. From this we can expect transparent government, a citizen centric approach, better social inclusion and at a reduced cost.
This would be a good start on the quest for a better world!
I have worked as a CIO in a number of industries and each has their peculiarities. One segment where the CIO has to be particularly nimble is in the mining sector. There are a few top tips that I have learned from working for a contract miner, producing ore from working mines.
I’ll try to frame up the key requirements in this industry
1. The mining industry is cyclical and when it is hot, it is hot. They need solutions quickly and run high profit margins in the good times. As the cycle turns there is a focus on cost control. In many cases IT is delivering projects late in the cycle and appears out of step with reality.
2. The equipment used in the mines has become technologically complex. There are management systems on the trucks, the crushers have IT components and there are a myriad of complex systems such as slope stability monitoring. The vast majority of this equipment is purchased without IT involvement, but these days most of the systems connect to the internet via the corporate LAN.
3. Many in the mining workforce are engineers or technicians and technologically literate. They often source their own technology solutions and have the skills to make them effective in the workplace. Examples are collaboration systems and mobile enabled ordering systems. These are nearly always disconnected from the corporate IT systems.
As CIO, I was keen to get onto the front foot with these issues. I wanted to understand why the IT department could not deliver the solutions as quickly and cheaply as business units buying it themselves. I succeeded in providing solutions quickly, cheaply and properly supported (my perspective), but I don’t think I won the business over for the following reasons:
1. Acceptance of risk. The business had a higher tolerance of risk than that practiced in IT. When the business implemented their own technology there was no business continuity planning, security was dealt with in a superficial manner and there was often a complete loss of capability when a key staff member left (key man risk). The truth was that these systems would fail, but as different systems were used on different sites the impact would not be catastrophic.
2. Opaque costing. The actual costs of these systems were not well understood. There was no aggregated cost (as you would find in an IT budget) and the costs were often wrapped into other high value contracts. The costs benefits were calculated simplistically by referring to the punitive expenses of having plant not working.
3. Inconsistent expectations. Business provided solutions would fail and they often had poor maintenance arrangements. The business was surprisingly accepting of these issues (given the costs of down time) and much more accepting than for corporate provided IT systems. I put the inconsistency down to the extra control that the business had over the issue. They would deal directly with the supplier and often leverage a relationship to accelerate resolution.
So here are my 3 top tips for success (or at least avoiding disaster)
1. Know when to get out of the way – you may not have the capability or resources to deliver. Ensure that you engage the key stakeholders in this decision.
2. Map therisk – ensure that you have a holistic view of technology risk, not just IT risk. The Audit and Risk committee should be thankful for such a perspective.
3. Be excellent atproject management – if you are providing solutions apply a professional, agile project management technique. Good people, a strong methodology and business involvement is a recipe for success.
What are your experiences with IT and the mining industry?
We all know “it” is coming, although we really don’t understand exactly what “it” is. It has something to do with new ways of working, new business models, changing customer habits and connectedness. For certain it is all driven by changing technologies and information technology is at its heart. Businesses want to be on the wave and are asking how to achieve this. I think it would be more useful to frame the question the other way:
How do we stop technology from destroying the value in our business? I have three easy steps:
1. Be excellent at running technology within your business. There are a host of best practices for IT out there, and while there are differences in approach at the edges, they basically agree about the major concepts. The business leaders must mandate a level of maturity to these business practices.
The key areas that should be in place are: Quality & improvement (e.g. ISO9000, Six Sigma, Continuous Service Improvement); Corporate governance of IT (e.g. ISO38500, ValIT); Service management (e.g. ITIL, ISO20000 or my new favourite Cobit5); Execution methods (e.g. BABOK, PMBOK, Prince2, CMMI); and architecture (e.g. TOGAF, FEAF or Zachman).
2. Make technology a core component of strategic planning. You should be rewriting your business strategy with some urgency if it does not have technology as an important component (yes this applies to every business). The market analysis that informs the strategy should include a technology evaluation (use your CTO if you have one).
Once you have current state, transition state and target state identified, you need to model the organization. This is called enterprise architecture and will identify what needs to change (people, technology, processes) as you progress. With this you can estimate costs and create a business case around the strategy.
3. Drive accountability. You now have a strategy, an investment plan and expected benefits (increased profit, more loyal customers, better compliance etc). Make key staff accountable for delivery on time, on budget with all benefits realized. Be particularly careful to manage scope and do only those things that truly drive the benefits.
The above is not the complete recipe for success – you still have to get the right strategy, but it is likely to eliminate a key cause of failure. Unfortunately I do not see many businesses doing this.
A recent Queensland Chamber of Commerce event, showed the poor state of engagement with the digital economy by Queensland businesses with nearly 70% realizing less than 10% of revenue through the internet. Improving in this area is a cultural challenge and not a technology challenge.
So how can organizations engage? The answers are different for different sized businesses:
Small and micro business. These businesses rarely have dedicated IT resources, but the tools on the market are accessible to everyone. Create a basic web site as a reference point. Think about whether you should have a mobile version (recommended), an online payment gateway, videos, maps, blogs and a Facebook presence. Some sites may gain an advantage with more than one language. You might be able to get a keen teenager to throw something together for a small sum, but someone must go in and continually review the site. .
Medium sized businesses often have limited IT resources who manage key business systems and interface with external providers. Focus your internal resources on the systems that directly relate to the business niche. Buy everything else from the cloud (email, web, Salesforce.com etc.). Make sure that your IT resources are kept in the loop on business decision making – these all have technology impacts these days. .
Larger businesses and enterprises need a different approach to technology. A professional IT department is needed with an IT strategy that forms part of the business strategy. If you can state your competitive advantage, you should have an investment plan that develops the technology to support this differentiator. IT should be buying most services from the cloud and integrating them for the business. Service management might be the most boring term in the universe, but it is key to making a transition to the cloud.
I once did some work with the Congalese Red Cross. They had no IT systems outside of their head office in Brazzaville. One year they had to postpone their annual general meeting, which was not a simple as sending an email or a phone call. They had to dispatch messengers to all their branches – an exercise that cost as much as hosting the meeting!
The digital economy has brought us a long way. If you don’t jump on the bandwagon will you end up with your own story like the Congalese Red Cross?
You can tell who vendors are marketing to by where they place their magazine ads. When you start seeing ads for cloud services in golfing magazines, the Economist and airline giveaways, you can be fairly sure that they are targeting the mobile executive and not the IT department. So how do executives ensure that they get best value from this opportunity?
There is a growing view amongst those who know that cloud is the future and that IT departments are not embracing it quickly enough. The impact on IT costs should be understood by the business leaders:
1. Cloud is a different financial model and budgets need to change. Traditionally IT departments have lived on budgets with two components – and operational budget and a development (capital) budget. It has been thought that a 70/30 split is good practice. Cloud could change all this.
IT systems need constant maintenance and every 5 years or so they need major upgrades. The maintenance is an operational cost, whereas upgrades can be capitalized under accounting rules. I have seen many cases where business conditions have led to delays in upgrading systems, often associated with howls of pain from the users. After a big capital injection everyone is happy for a few more years.
With cloud, there is no upgrade cost. You pay an ongoing fee and if business conditions are good you can increase your services for an incremental cost. When business conditions turn, you can reduce or cancel the service. This is a huge relief to users and IT Departments alike.
There will be a rebalancing from capital to operational budget, but the capital budget will no longer be buying depreciating systems. It can now be spent on business process improvement and organizational change.
Key tip – Ensure a granular recharge so that business units know exactly what services they are paying for.
2. Cloud should be cheaper – but then they said that about outsourcing! The key to reducing costs is to buy commoditized cloud services. These are services that are used in the same form by many customers. Good examples are email, web sites and Amazon servers. Providers can leverage economies of scale and can multi-tenant systems (house multiple customers on the same gear).
Whenever the business identifies special needs, the commoditized model falls down and you start paying cloud providers like outsourced providers. It is important to recognize the non-standard processes that deliver real business value vs those that are driven by personality.
I remember a discussion on how we run our HR systems. The organization had for a long time used dual reporting (some staff members had 2 line managers). This model was not supported in cloud performance management systems – leading to a choice between building something bespoke or changing business processes. We changed to the accepted good practice business processes, lost some flexibility but saved money on IT systems.
3. Extract savings from the IT Department. This might sound like teaching you to suck eggs, but investing in cloud should show savings elsewhere. If cloud is just an extra cost for a new service, you do not have an effective cloud strategy.
Within IT, a move to the cloud may reduce workload on some staff, but their roles may still be needed. Managing a small number of servers is not a full time role, so moving all infrastructure to the cloud adds operational costs without reducing staff expenditure.
IT departments should be re-organizing roles around a short term and long term view of which services will be provided internally and which bought from the cloud. I suggest planning to move systems to the cloud at the time when a major upgrade cost would be incurred.
My experience with moving services to the cloud is that the financial impacts can be difficult to understand. I was able to extract savings in the network costs by moving some servers to a cloud based “infrastructure as a service” model. I was also able to extract savings on licensing through purchasing a cloud solution that replaced a number of onsite solutions. I have no doubt that I reduced the long term costs of IT by moving services to the cloud, but I never managed to reduce staff numbers based solely on purchasing a cloud service.
CEOs are there to create outcomes for their stakeholders – the shareholders, staff, community or government. In many cases this is a thankless task, so how would it feel to get a letter 10 years from now congratulating you on some of the important calls you have made that put the business in a strong position. I put my mind to what those big decisions would be, and the answers might surprise you:
1. Well done for identifying that all your key people will need to be excellent in managing technology! You recognized that your technology is a key driver of business improvement. The solutions were not going to come exclusively from the IT Department, but you had to avoid the chaos of business units all purchasing their own disconnected systems.
You created development opportunities for staff to understand the relationship between the business and technology. This meant formal education in the tools of technology (enterprise architecture, business cases, service management etc), as well as on the job engagement with technology procurement, implementation and operations. Your senior managers became expert in understanding the risks and opportunities from various approaches to technology.
You have adapted your succession planning to incorporate technology competence as a key differentiator. Managing technology is a serious stream of business, as important as financial competence or technical expertise. The language of business has adapted to incorporate concepts that many of your business leaders were uninterested in 10 years ago.
2. Your approach to business process management was revolutionary and may have been a game changer. You understood that there is both value and opportunity in your company’s processes. Inside your organization, you focused on awareness and incremental improvements, using full scale process re-engineering only when the benefit clearly outweighed the risk. Your key metrics were achieved through great people running great processes on the right technology platforms.
The real difference that you made was to not stop at the edge of your business. You understood your customer’s business (and life) processes. You drove your organization to seamlessly become part of your customer’s processes. This was a challenge because of the complexity of such integrations, but it created a stickiness in your customers – you were no longer a supplier, you became part of their value chain.
3. Relationships. There it is all in that one little word, you moved relationships to the forefront of strategic thinking. You created a relationship architecture that provided clarity and direction. You reset your relationships with suppliers to provide transparency and shared success. You invested in relationships with your peers and competitors, and most importantly you encapsulated the relationship with your customers as a key value set in your organization.
You acquired and organized information to provide insights into your stakeholders. Every touch point with stakeholders was fully informed and provided them with value. All this required investment, but with savings from business process improvements and reliable internal data this was manageable. There is further to go in this area, but the lack of skilled resources has curtailed your aspirations.
My heartfelt thanks from your imaginary friend ……
We hear stories of the CEO who has creatively transformed the business, like Steve Jobs. The reality is that many transformations fail and most successful businesses strategies are around incremental improvements and intermediation. All of the above approaches can be tackled as increments, through pilots and gradually acquired competencies. You have after all got 10 years to achieve it!
Have you identified the long term initiatives that are going to differentiate your company? How long is your list and does it have anything in common with mine?