uGovernIT

A Practical Approach for IT Governance

Archive for October 2015

The Digital Enterprise and Shadow IT: A Management Enigma!

leave a comment »

Background

We have all experienced some shades of shadow IT.   Gartner shared some facts at the recent CIO Summit in Orlando. In 2005, CIOs controlled 70% of IT, now they control only 58% and in 2017 they will control about 50%.  Is the growth of the Digital Enterprise a major contributor to this shift? This has led to a flurry of discussions and questions:

  1. What is the cause for this trend?  Why has the CIO lost control of IT Spending.  Is it Cloud computing, SaaS models or the push towards the Digital Enterprise?
  2. Do we encourage this trend or impose a rigid IT Governance framework that brings all control back to the CIO?
  3. If we want to encourage the trend, who should control the IT spend not controlled by the CIO?  Should we leave it to individual departments (aka shadow IT) or should we create a new position? Or should we revert to the CFO as the arbitrator?

The New Governance Model

There are no clear answers. Some argue that the reason for the shift in CIO spending is the emergence of inexpensive cloud based applications, and innovations such as autonomous robots, Internet of Things and 3-D Printing  that has led business units embrace technology easily.  Some argue that it was not the technology shift that caused the CIO to lose control, rather, it was the lack of response from the CIO that caused the business units to embrace technology on their own.

The second argument has more teeth in it.  The paradigm most CIO’s use is top-down.  Nothing wrong with it, except that the innovation is not just happening top down.   Innovation is also, in fact more often than not, happening bottom up.  Users are demanding more and oppose any structure that inhibits them.  Top down models focus on data and users focus on experience which are workflow-centric.  Therefore organizations will lose out if they do not encourage innovation.

Was the CIO a tortoise or did the technology move fast or both? In a broader sense the argument is irrelevant.  Irrespective of the cause of the shift, be it the slow CIO or rapid technology shift, the outcome is clear.  The Digital Enterprise is real – it is only a matter of time.

The Chief Digital Officer

When organizations did not understand technology, they responded by creating the position of the Chief Information Officer.  The CIO was the bridge by helping businesses communicate their technology needs and helping IT align the resources to match those needs.  Many of the CIOs focused their attention on execution.  This focus on execution meant that CIOs were slow to respond to the Digital Enterprise.  The organizations responded by creating a new role – the “Chief Digital Officer (CDO)”.  Many CIOs disagree with this approach.  Ashwin Rangan, Chief Innovation Officer & CIO at ICANN, and former CIO at Edwards Life Sciences and Walmart, opined “To me, logic would argue that if the CIO is fully glued into the business of the organization, then the CIO ought to be the chief digital officer as well, because nobody understands the digital technology aspect as well as the CIO. The question that is being asked is who best understands the impact of the application, not the application itself. So, whenever there is a business-savvy CIO at the table who can understand and articulate the impact of digital technology as opposed to the application, I don’t believe there is a need for a separate chief digital officer.”

Relationship to the CIO

If we accept the role of the CDO, many believe that the CDO should report to the CEO and be independent of the CIO.  Not everybody agrees:  Janet Schijns, Chief Marketing Technologist, Verizon shared the view that if there is a Chief Digital Officer, then the CDO should report to the CIO.  Her rationale was that IT Governance was extremely critical and the core values of security, information integrity and quality of IT cannot be overlooked. There is considerable merit in this argument – imagine what would shadow CFOs do to the integrity of financial data.

Conclusion

Organizations need to be nimble, alert and innovate. That said, if it is the CIO who is responsible for technology, then the CIO should be responsible for all aspects: Keeping the Lights On, leveraging technology to increase revenues and decrease costs, and foster innovation. The CDO may just be a function like the CISO reporting to the CIO.    On the flip-side, the CIO should be some combination  of a business genius, technology wizard, a benevolent leader, a great communicator, and to be a bit cheeky, automate routine management functions using tools.

Written by Subbu Murthy

October 20, 2015 at 8:09 am

Posted in Helping CIOs, IT Governance

Tagged with ,

The C-Suite needs to wake up to the Digital Age!

leave a comment »

Background

At the Avasant CIO Digital Connect in Washington DC earlier this month, Kevin Parikh, CEO of Avasant,remarked “Today’s digital technology options are creating opportunities for government and corporations to be more nimble and better serve their constituents”.  He then posed a question to us (Jay Ferro, CIO, American Cancer Society;  Vivek Kalra, Senior Vice President, Tech Mahindra; and Subbu Murthy,  CEO, UGovernIT) sitting on the panel:  “How does digital innovation impact how we design and deliver technology to the Enterprise?”

The Old Paradigm 

Over the past decade, many IT Advisers, including yours truly have been canvassing the idea that IT needs to be aligned to the enterprise, IT should be an enabler, IT should be scalable, flexible, so on and so forth.  In an earlier blog post,  I identified that for the CIOs to run IT as a business, they need to develop an IT Governance mechanism that covers four key aspects:

The first and the most critical aspect is safety and security of the enterprise. This implies providing a scalable, reliable, and secure Enterprise Architecture.  It should be pointed out that the Enterprise Architecture is not just technology components, but using a framework like Zachman, it encompasses people, process and technology.  While cost efficiency, getting value out of IT and innovation are essential components of aligning IT to business, these do not matter if the enterprise is at risk. Target, Home Depot and now Anthem Blue Cross serve as grim reminders as to how critical managing risk is to the enterprise.  So the first pillar in managing IT as a business is Security and Mitigating Risk.

The notion of shared services helps IT manage and deliver shared services efficiently. This helps IT leadership use the same service framework within the department and extend its use to other functions in the business.  The second pillar in managing IT as a business is Shared Services.

Since there is usually more work than resources available, one challenge is how to identify and prioritize the IT workload?  The most effective way is to proactively work with users to enhance the value of IT delivered.  Traditional project management tools do not address this interaction between users and IT.  The key to success is to bridge the IT-User-Executive gap by providing a practical, efficient, and most important, a non-onerous process of managing IT workload.  The third pillar in managing IT as a business is Effective Demand Management.

The CIO has earned the seat at the table, but will not be able to keep it if the CIO is not helping the Enterprise meet its Strategic, Operational and Budgetary Objectives.  This requires the CIO to be the change agent driving efficiency and innovation to the Enterprise.  This also requires the CIO to align IT plans to the business plans and pay close attention to IT spend versus value delivered.  The fourth pillar in managing IT as a business is Aligning IT Spend to Business Needs.

The Digital Age and the Paradigm Shift!

As I reflected on the impact of the Digital Age, I recognize that the paradigm CIO’s use is top-down.  Nothing wrong with it, except that the innovation is not just happening top down.   Innovation is also, in fact more often than not, happening bottom up.  Users are demanding more and oppose any structure that inhibits them.  If top down design worked, why did the Taxi companies not anticipate Uber? By no means I am suggesting that we abandon IT Governance. Nor am I suggesting we abandon traditional IT alignment models.  I am suggesting that we need to incorporate the users in the innovation cycle.  We have to abandon top-down only models and add the bottom up model that keeps the user experience as a key component of developing the IT architecture.  Top down models focus on data and users focus on experience which are workflow-centric.

Janet Schijns, Chief Marketing Technologist, Verizon shared a great example.  When she manages her flights via the web, there is great help in making reservations but very little that is beneficial to the experience of the specific passenger on the specific flight.  For example:  Did your luggage make the connecting flight?  If there are delays, how are you rescheduled?

A Sandwich Model!

Borrowing from an old design paradigm,  we have to switch from the top down design model to the sandwich model.  By no means the sandwich model implies that we abandon the fundamentals we have all learnt as CIOs. But it does mean that we have to actively incorporate user-centric workflows built on easy to use platforms as part of our IT architecture, manage risk (not design rigid systems that eliminate risk), allow users to innovate, embrace change rapidly and harness the rapid changes in technology.

Implications of the Sandwich Model

Not that I have the crystal ball, but I feel that the CIO’s role will be very different from the present.  While CIOs will continue to be the change agent, and the bridge between Business and IT, the role will shift to becoming the “hermit” who will facilitate innovation.  From a technology perspective, there will be a radical shift to mobile computing.  This will force a fundamental shift from large monolithic Enterprise Systems such as SAP to modular, workflow centric mobile applications.  I hope so, I have spent millions building technology on this principle.

Written by Subbu Murthy

October 11, 2015 at 1:55 pm

CIOs are judged by the Results they Deliver!

leave a comment »

Close up shot of a caliper, measuring the word "Results".

My very good friend, and advisor, Ashwin Rangan, pointed out that in the early stages the CIO focussed on what needed to be done. Later they recognized that processes were needed to deliver technology.  This naturally led to identifying the tools that helped them.  Today’s focus, Ashwin argues, is all about the results they can deliver.  We can use a three stage framework for understanding the paradigm shift:  Corrective, Preventive and Results Driven.

The Shift From Corrective to Preventive

Let us look at how we measure our delivery of services.  SLAs helped CIOs  identify process bottlenecks, and helped them make the necessary corrections to improve the timeliness of the delivered services.  Surveys helped CIOs improve the quality of the delivered services.  While this is great, it was a corrective set of measures – not preventive.    The old adage “An ounce of prevention is worth a pound of cure” had not lost its luster.  CIOs realized the need to empower their organization to take proactive measures to prevent/mitigate gaps in the delivery of products and services they are entrusted to manage.

It was no different when CIOs delivered major IT initiatives.  They identified cost and schedule variance, and took corrective measures when they were off-track.  While corrective measures improve how CIOs delivered technology to the enterprise, preventive measures help them deliver more for less.  As an example, look at traditional project management tools.  Initially, they focussed on using cost and schedule variance as determinants of project success. The key thing they missed was “scope management”.  Scope creep accounted for delays and cost overruns about 70% of the time.  Agile methodologies mitigated this risk to a large extent by delivering projects on a specific schedule by controlling the scope of the delivered product.

The Shift From Preventive to Results Driven

CIOs used ITIL, and ITIL based tools, to help them be proactive.   ITIL, no doubt a great framework, caters to the older school of process adherence.  Most of the tools that support the CIO are focused on process adherence.  But the real challenge was not delivering the project or service efficiently, but did the CIO deliver the results the enterprise needed?

What is badly needed is an outcome focussed tool that helps the CIO define and deliver results to the enterprise.  CIOs need to walk the talk – they talk about the role of technology in transforming the enterprise, yet they fail to use the tools internally.  In an earlier blogpost I identified that “We are so involved with day to day challenges, we seldom get the time to use some of the same tools we are delivering to our customers. The solution is quite simple – we should think and act like CEOs of an IT company. Using Key Performance Metrics (KPMs) to help manage your IT as an enterprise, IT Analytics provides you the ability to prioritize your demand and allocate resources that best serves the interest of the enterprise.”  

However, shifting to Results Driven management is much more difficult.  It requires that IT is aligned to the Enterprise, and more important, the Enterprise has not just accepted the CIO to sit at the table, but to listen and act on the CIO’s advice as well.

Written by Subbu Murthy

October 11, 2015 at 1:51 pm

Five Rules of Thumb to help us Manage IT

leave a comment »

Lance Mooneys CartoonAs CIOs we are used to leveraging our experience and creating a cheat sheet (aka rules of thumb) to manage IT.  When IT was focused on costs, a few of the common measures were:

  • IT Benchmarks:    Our goal was always to be lower than others in our industry, particularly so if we reported to a CFO;  and if we were higher, we justified it by showing other indicators such as higher quality, customer satisfaction etc.
  • Adherence to Project Budget: We targeted actual versus planned consumption of financial and personnel resources to be within x% (we felt good if we were within 10%).
  •  Gaps in Process Automation: We kept the number of identified gaps to be minimal in the core business areas.  We were very good in creating new projects to cover these gaps.
  • Number of Planned New Services: Our goal was that the percentage of new services correlate with the allocated budget. We really did not care how many new services we created as long as they correlated with the IT budgets.
  • Duration of Service Interruptions: We maintained the average duration of service interruptions to be just a few and the impact mitigated in less than an hour.
  • Customer Satisfaction: We used a Likert scale to get responses and if we got within 25% of the top, we felt we had done a good enough job, and if we were within 10% of the top, we were bragging about it in CIO events.

All of these are important, but they do not help us keep the seat at the table.  As we shift our focus from managing cost to creating value for the Enterprise, what are the new “rules of thumb”?

  1. Spend at least 20% on Innovation: If you are spending less than  20% of your IT budget on projects that bring innovation and increased value to the enterprise, you are not likely to get traction at the leadership table.  This generally means that you should be spending less than 50% of the IT budget in maintaining your core IT systems to meet your business needs. Not that this includes applications (licensing, support, changes, etc.) and the infrastructure (data center, network, voice/multimedia and user devices).  If you are spending more, you are likely not leveraging the current technology (Cloud, Mobile Computing, SaaS, etc).  This also implies that managing IT should cost less than 10% of your IT expenditures.  This includes all management costs including the cost of the office of the CIO, PMO, tools you use for service desk, project management, reporting, etc. This implies you have a hands-on management team and are leveraging modern IT management tools – not legacy and onerous IT Governance practices.
  2. Spend at least 20% on shared services:  Build efficiency by sharing services.  Many services are found in more than one part of the organization or group. CIOs recognize this as an opportunity and have funded the development and implementation of shared services.   The services are delivered based on defined measures (KPIs, cost, quality etc.).  Examples of shared services are salesforce automation, employee on-boarding, business project request, adjudication and execution, financial reporting, content management, compliance and other core business activities that are typically not part of an ERP.
  3. Discretionary Projects Should Have an ROI:   Today, the businesses expect you to treat IT as an investment.  What is the return you are providing to the enterprise?  If you carefully observe the proposed metric, there is no specific ROI value I have proposed.  These depend on the type of project.  As a CIO, you should be very proud if you are thinking about ROI. The very fact that you are providing an ROI puts you in a different category of CIOs.
  4. Work Backlog Should be Less than 6 to 9 Months: The business units always wants more IT than you have resources available.    Good CIOs recognize that if you have a very huge backlog, you will be constantly prioritizing and triaging business project requests.  This leads to political friction.  You can minimize it by reducing the backlog.
  5. Most Projects Should be Less Than 6 Months in Duration:  This is probably the most difficult to achieve.  There may be a few that are necessarily longer term, but your goal should be that longer projects should be an exception – not the rule!  Businesses are fickle – they change their needs constantly.  Shorter projects help avoid costly mistakes.  Breaking up complex projects into smaller ones (each one having their own value proposition) is the best way to mitigate IT risk.  In fact in our tool, we have crafted a special 6 Month Project Methodology that combines agile and traditional waterfall models into a nimble yet managed project request and delivery process.

Written by Subbu Murthy

October 11, 2015 at 1:49 pm

The Six Stages of a CIO

with one comment

CIO Icon

Background

Over the past several months, I have been researching how best to sell ourintegrated IT Governance solution to a CIO. Being a CIO myself, I realize it is not an easy task.  One of the studies I started was analyzing the different CIO archetypes.  We have seen many theories on the different CIO archetypes.  CIO Executive Council indicates that the CIO role is made up of 3 CIO archetypes, specifically; 1) Operational/Functional (Business relationship: Service provider; 2) Transformational (Business relationship: Partner); and 3) Business Strategist (Business relationship: Peer).  Earlier this year, I felt we needed a more contemporary taxonomy for classifying CIOs. The taxonomy I proposed was on the background where the CIOs come from.

Imagine a three dimensional grid with one axis being business background, the other being technology background, and the third being the leadership skills. Since it is difficult to show a three dimensional grid in a blog, I developed two 2×2 grids. The two grids are separated by leadership skills – those who have it and those who do not. This framework helped me define our market.  Our target was CIOs who exhibit leadership skills to run IT like a business. They feel that their role is no different than that of a CEO of a IT company.

CIOs Based on Age

One of my colleagues asked me why I had not considered the “age factor”.   My first reaction was that age will be an absolutely weak differentiator.  Besides, you cannot discriminate based on age.  So why even look at this analysis.  Strangely enough, if you look at HR consultants they discuss why it is important to understand the various age groups and develop an organization culture that meets the needs of the different segments.  From purely a sociological perspective, I started wondering if these age based segments have any relevance in developing the CIO Archetypes.    I used the common accepted terms for identifying different age groups.  The one from Bank of America was simple and elegant.  They used six age groups: Late Millennials, Millennials, Generation X, Late Boomers, Baby Boomers and the Senior Set.  I looked around my network to see if I knew CIOs in the various age groups.  I have a network of several hundred CIOs, and over the years, I have developed a friendship with them. I found them in all age groups but one – I knew of none under 25.  For the rest of the groups, I asked what was the dominant characteristic of the CIO.  I tried the two frameworks identified in the previous section.  All age groups had overlaps and there was no clear differentiator.  When existing frameworks failed to deliver any meaningful results, a new idea emerged.  I focussed on what would be the focus if I were in the respective age groups.

If I were to be a Late Millennial (under 25), I may be focused on learning the role.  If I were a Millennial and had the CIO title, it is likely I would be in a small to mid sized firm with an eye for growth.  If I were a Gen X, then I likely would be trying to move ahead by leaping firms and gaining expertise in different verticals.  If I were a Late Boomer, I may be peaking in my job, gaining business acumen and maturing as a CIO.  If I were a Baby Boomer, I would probably be feeling that I have learnt all that is there to learn (personally speaking, learning never stops)and my focus may have shifted to stabilizing my job.  If I have climbed the hill and entered the Senior Set, I may be shifting to sharing and coaching. The good news is that there is a role for the CIO to play independent of the vintage!

Written by Subbu Murthy

October 11, 2015 at 1:45 pm

Is the CIO a Transient?

leave a comment »

TRansient

According to Larry Bonfante in CIO insightsAt the lowest point, the average tenure of a CIO was approximately three years. Today, at what is arguably the high point, CIO tenure is still under five years. In the 1990s a lot of this was by choice as venture capitalists were throwing wads of money at anything with .com in the name and IT executives were in high demand and living large.

I publish a newsletter that reaches out to over 4000 plus CIOs.  Over the past year, around 800 CIOs have either lost their jobs, retired or changed their positions.  Using fuzzy logic, we get a sense that the CIO’s tenure is around the five years as suggested by Larry.

Can we label the CIO as a transient leader?

Let us compare the tenure of  a CIO with that of a CEO or CFO or CMO.  CEO’s tenure is around 9 years and a CFO’s is around 6 years.  The CMO’s tenure is around 4 years.  While the CIO’s tenure is considerably less than that of a CEO, it is quite comparable to that of a CFO or a CMO.  On this basis, it is hard to call a CIO a transient.

Diving deeper into Larry’s analysis, why is the CIO becoming more stable?  A shift from 3 years to 5 years is quite significant.  Is it because, the CIO has earned the seat at the table and enjoying the role?  Is it because the CIO is aging and  seeking stability? Please see my blog post on the Six Stages of a CIO. Or is the CIO just taking on roles outside of IT?  Please see the latest article in the CIO magazine Going Beyond IT?  Or is it that the other leaders are falling in love with the CIO and enticing the CIO to stay longer?  May be it is a combination of all of these and more, but it is heartening to see that the tenure of the CIO has jumped over 60%! And please, let us not call a CIO a transient!

Written by Subbu Murthy

October 11, 2015 at 1:42 pm

Posted in Analytics, Helping CIOs