Getting Healthcare Right

I have just returned from a trip to Australia where I gave a keynote speech at the HIC 2010 Conference in Melbourne. I also had a number of other meetings and workshops while in Australia. most around the topic of healthcare and, more specifically, eHealth.

Those of you who read this blog will know that my primary passion is around value – specifically enterprises realizing value from IT-enabled change. What you may not know is that there are two areas where I have worked in the past, and continue to work, where I believe IT-enabled change has enormous potential to deliver real value, including social value – but they have as yet come nowhere near to doing so. These are healthcare and education.

Staying with healthcare, and resisting the temptation to further lambaste the UK NHS’s National Program for IT in Health (NPfIT), my experience, and a review of case studies from a number of countries, reveals two disturbing common features among them. These are:

  1. Much is said about the biggest challenge in realizing benefits/value from major IT-enabled change programs in Healthcare (often lumped under the eHealth umbrella)  being management of change – process and behavioural change – yet little or no guidance is provided on how to manage that change, or even what the major elements of change are; and
  2. Benefits are usually treated as an afterthought, often not well defined let alone evaluated until years into the program.

Basically, the approach appears to be: let’s get the technology implemented first, then we’ll find out what changes are required to “meaningfully use” the technology, then we’ll worry about the benefits. As long as we continue with this technology first approach, we will continue to fall dismally short of realizing the potential benefits of such change – the waste of money is a scandal – the opportunity cost of not delivering on the value promise is even worse. We must move from starting with the technology to “starting with the end in mind”.

Over the last few months, I have been involved in working on a number of case studies of enterprises who have made significant progress in implementing value management practices and developing a “value culture”. In preparing my speech to the HIC conference, I drew on the factors that I found to be common in the success of these enterprises – factors that I believe should be seriously considered in the healthcare context. They include:

  • Shifting the focus beyond technology, activities and cost to focus on change – process and behavioural change, outcomes and value
  • Strong and committed business leadership – change programs must be owned by the business and the business must be held accountable for the benefits of those programs
  • Appropriate business engagement and sponsorship/ownership – change cannot be done to people – it must be done with them
    • Cascading sponsorship – there must be leadership at all levels in the enterprise – this should include “formal” leadership, those appointed to lead, and “informal” leadership, those selected/looked to by their peers as leaders
    • “Front-line”  input and feedback – these are the people who usually know what needs to be done, their voice is all too often not heard
  • Clearly defined governance structure, role and responsibilities
  • Don’t underestimate the emotional and political issues around “behavioural change”
  • Be prepared to change course – both the journey and the destination
  • A strong front-end planning process with inclusive and challenging stakeholder engagement
    • Get “the right people in the room having the right discussion”
    • Use Benefits mapping workshops
      • Build clarity and shared understanding of desired outcomes
        • Recognize and balance/optimize different views of value
      • Surface “assumptions masquerading as facts”
      • Surface, understand and manage complexity – understand the full scope of effort including changes to the business model, business processes, roles and responsibilities, skills and competencies, reward systems, technology. organization structure, facilities and management of change
      • Don’t treat  as a one-time event – revisit regularly through an ongoing process
    • Avoid the “big bang” approach – break work into “do-able” chunks that deliver measurable value
  • Define, develop and maintain standard and complete business cases
    • Clearly defined outcomes
    • Full scope of effort
    • Clearly defined – and accepted – accountabilities (for outcomes – not activities)
    • Relevant metrics, both “lead” and “lag”  – “less is more” – measure what’s important and manage what you measure
  • An aligned and results-based reward system
  • A clear and transparent portfolio management process to select and optimize investments in IT-enabled change
  • Manage the journey
    • Use the updated business case as a management tool
    • A strong gating process for progressive commitment of resources
      • When things are not going to plan, understand why and be prepared to change course, change the destination or cancel the program
  • Manage and sustain the change
    • On-going inclusive two-way communication
    • Support/sustain with one-on-one coaching/mentoring
    • Celebrate and build on success
    • Learn and share

All investments in IT-enabled change are important, but few have such impact on all of us as  those in healthcare (and, I would add, education). We cannot continue to muddle through with technology-centric approaches that are designed to fail. We must learn from past failures. There is a better way. Starting with the end in mind, with strong ownership and leadership, inclusive engagement, and pro-active management of change – managing the destination and the journey – we can do better. We must do better. We deserve no less!

Value Management is not just a challenge for IT

I had the opportunity to deliver the closing keynote to the APM Benefits Management SIG Annual Conference at the National Motorcycle Museum in Birmingham, UK on Tuesday – from my home office in Victoria on Vancouver Island in BC, Canada (the view from which you can see below).
Slide1
The purpose of this blog is not to dwell on the technology that allowed me to do so – which has both advantages (in terms of not having to travel) and disadvantages (in terms of audience engagement and feedback) but to share some thoughts that I got from listening to the presentation that preceded my keynote. The presentation was entitled “Benefits in the Built Environment” and given by Matthew Walker.

Matthew defined the “Built Environment” as being “output centric” and relating to infrastructure programmes in the communications, energy, transportation, waste and water sectors. Within the UK context – and indeed any nation – these are often taken for granted – only thought about when they break – but are of strategic importance in terms of providing an economic backbone, having national security and quality of life implications and impact, and requiring sustainability targets. Investment in these sectors in the UK 2005/6 to 2009/10 has been ~£30b/yr and is currently projected to be ~£50b/yr in 2010/11 and to continue at that level until 2030, with the current drivers for investment in these areas being the economic situation, population growth and carbon reduction. Rising to this challenge requires diversification of investment methods and the political will and capability to make long-term investments. To deliver value for money, this will require prioritization of desired outcomes, and understanding of interdependency’s through effective benefits management, or – in my preferred terminology – value management. Does this sound familiar? This is what we have been talking about in the context of IT – or IT-enabled change programmes – for well over a decade or more! It gets even more familiar.

The track record of benefits management for such infrastructure investments – if you go beyond schedule, cost, and delivery to specification is largely unknown, but the indicators are not good. A 2009 APM report, “Change for the better. A Study on Benefits Management across the UK”, found that >60% of organizations had no more than an informal or incidental approach to benefits management, and ~70% felt that value was added only some of the time, or never.

Matthew’s recommendations included:

  • defining success in terms of benefits;
  • putting benefits management at the heart of oversight and governance of major programmes and projects;
  • increasing awareness and exposure of the business case;
  • using benefits management to prioritize investments; and
  • providing transparency through assurance.

Matthew stressed that achieving such a “benefits renaissance” would not be an “overnight journey”, but one that we must take – the “we” in this case including:

  • funders;
  • professional bodies;
  • business executives; and
  • construction industry practitioners.

I have long said that the issues around realizing value from IT investments or, more accurately investments in IT-enabled change, are not an IT issue but a business issue – a business issue that is not unique to IT. They are a symptom of our preoccupation with cost, activities and outputs, and our failure to move beyond this preoccupation to a focus on value – understanding the desired outcomes of an investment, and the full scope of interdependent effort required to deliver these outcomes, assigning clear accountability for outcomes – supported by relevant metrics and an aligned reward system, and designing and managing complete and comprehensive programmes to deliver those outcomes. Only when we do this – which will require significant behavioural change – will we  address “the challenge of value”,  and begin to consistently create and sustain value  for all stakeholders, including shareholders in the private sector, and taxpayers in the public sector. In today’s complex and rapidly changing economic environment, to quote from “Apollo 13”, “Failure is not an option!” Or, to quote General Erik Shinseki, a former Chief of Staff of the US Army, “If you don’t like change, you’re going to like irrelevance even less!

Moving beyond IT Cost to Business Value!

I have been meaning to read KPMG‘s From-cost-to-value-2010-global-survey and today’s CIO Article by Beth BacheldorOutsourcing IT Must Create Value Worth More than Simply Savings, combined with a break between working on a couple of case studies (yes, of course, about value from IT) gave me the opportunity to do so. I don’t intend to review the whole document – it’s only 32 pages, many of which are pictures – but I do want to highlight and comment on what I see as the key points.

The management summary states “In the next few years, CIOs envision a shift in focus from cost efficiency and compliance to value creation and innovation“. I will avoid launching into my usual rant here, but would suggest that those CIOs who are not already well into doing this should be seriously reviewing their career options. The summary goes on to say “The days when IT was seen merely as a means of improving efficiency seem behind us. These days, IT contributes directly to realising the business strategy and has a central role in management. According to CIOs, this requires the distance between the business and IT as small as possible.” Again, I’ll hold the rant, but in organisations who ‘get it’, this has been the case for many years.

The survey goes on to present “eight clear conclusions” which I believe, ranting aside, organisations and their leaders would do well to heed. I will not go through each of these, but rather provide an overall summary (where I have included statements directly from the conclusions these are in bold):

  • IT is no longer about cost cutting – it is about creating value – IT value dominates the CIO agenda. Absolutely! Study after study show, and my experience would certainly support that organizations that are laser-focused on value outperform those that fail to do so. However, there is a danger here of falling into “the tyranny of ‘or’ vs. the beauty of ‘and’ trap, i.e. forget cost and think about value. The survey recognizes this saying that “Cost optimization remains important“. Of course it does and must continue to do so. We should always be looking for opportunities to reduce costs – but must do so in the context of value. The fundamental question that we should be asking is: Are we maximizing the value of our investments in IT-enable change (see my next bullet for more on this) such that we are getting optimal benefits, at an affordable cost, with a known and acceptable level of risk? The underlined words are carefully chosen. If we attempt to maximize all benefits, many of which are in conflict with each other, the result is sub-optimal. If we seek lowest cost, risk goes up. If we avoid risk, we fail to make the changes required for our organizations evolve and grow. Leading into the next bullet, as a Chief of Staff of the US Army once said: “If you don’t like change, you are going to like irrelevance even less.
  • IT value is not only about technology – people are the success factor behind IT value. Right on! IT, in and of itself has no value beyond what you can get for it on ebay – as we discussed in The Information Paradox, it is the change that IT shapes and enables that creates value. It is how we manage and use technology – more specifically how people use the information that technology provides – that enables that change and creates and sustain business value. How well this is done determines the success or even the very survival of organizations. This is far too important to be abdicated to the IT function but, unfortunately, all too often – in organizations that don’t ‘get it’ – this is the case. As the survey says: “Successful IT value creation needs to integrate and align the organization’s Technology, Processes and People agendas…CEOs and CIOs need to ensure that sufficient importance is attached to these aspects during project initiation.
  • Do not expect IT value from a CIO with an operational profile. A CEO once asked me “Why is it that whenever my CIO talks to me he only wants to talk about technology?” My response was “Because you let him!” As the survey points out: “The daily focus of a CIO depends to a large extent on the sector in which he or she operates. In addition, the results show that a CIO’s agenda is also determined by his position in a organization.”  There is, however, also the question of the CIO’s ‘comfort zone’. While somewhat unbelievable, given how long we have been talking about this, it is  regrettably true that there are still many CIOs who either don’t want to engage appropriately with the business, or are simply not capable of doing so. On this topic, KPMG provides a view on CIO competencies: “A CIO should have four important competencies. First, the ability to think like the organization’s customers and to understand clearly what they want. Second, the ability to obtain a good understanding of relevant technology trends and identify their specific business benefits. Third, the ability to manage IT investment for value creation. Finally, the ability to connect well with the organization’s business leaders, to help them unravel he mysteries of technology.” Although not a highlighted conclusion, there is an interesting discussion in the document on the merits of rotating people between IT and the other parts of the business. I have long been a proponent of this and echo the comments of Maarten Buikhuisen, IT Director Western Europe for Heineken Breweries when he says: “The general manager of the future has worked in IT.” (Tesco’s new CEO would certainly be a recent case in point.)

The survey covers a number of other topics, including process improvement, risk and compliance, and new ways of working including collaborative tooling and cloud computing, but I will restrict my commentary in this post to the above. Overall, ranting apart, I found the survey to be a very useful and well written document – one that is relevant to all executives, not just CIOs. They would do well to read and study it carefully.

The Traveler Returns

To quote Mark Twain, “The reports of my death are greatly exaggerated!” Understandable, however, as it has indeed been quite some time since my last post. This is largely because I have been traveling extensively – a mix of business and  personal time – including Toronto, Asia, Alaska, Vancouver, the UK and Greece. Part of the personal time included a 23 day cruise from Beijing to Vancouver. A quick scan of emails on my return – once I eliminated the 90% related to the (aptly named) Cloud –  had me yet again shaking my head and wondering whether I had not been on a cruise ship at all – rather traveling in Dr Who’s police box time machine – backwards! Here are just a couple of examples:

  • In his May 21st blog, Project Managers Need to Engage IT At the Right Time, commenting on a project predictability seminar, Jim Vaughan says “It was noted that problems with requirements management are rarely with the IT organization and process. This caught me by surprise at first because I usually thought of IT, myself included, as the source of the problem.To get to the right requirements you need the right people to define those requirements. These are not the IT people. If we let the IT people define the requirements we will likely get into trouble. That is why people will blame IT for failed projects. The correct people to define the requirements are the business people and end users.” As this is what I have done for more than 45 years – and what I assumed was well understood, if not common practice – I was amazed that Jim should be surprised by this.
  • In a May 24th Computerworld article by Julia King, These CIOs go way beyond IT-business alignment, she discusses “an admittedly unscientific short list of pioneers in IT-business convergence including  The Progressive Corp., Southwest Airlines Co. and The Procter & Gamble Co.” as well as Vanguard Group and Zappos.com where “business and IT are virtually indistinguishable” and “IT doesn’t just support the business; it enables and continually transforms the business, often creating new revenue and profit streams.” I think that this is great – but why, when we have been talking about this for decades, are there still only a small group of pioneers doing this?

On a more positive note, I attended the CICA conference in Toronto at the end of March, where I gave a Val IT™ workshop, and was pleased to have some people talk to me about Val IT before they even knew who I was, and also to discover that an increasing number of organizations, including the Office of the Auditor General of Canada, are using it, or planning to do so.

In May, I presented at the first annual CMC BC Consulting Conference in Vancouver – how could I resist speaking at a conference with the theme “Charting a course to value”. Among the other topics, there was much discussion about social media and networking and I was pleased to see a tweet sent from Chris Burdge of bWEST who was attending my presentation saying that he was finding it “surprisingly fascinating”. He has subsequently invited me to participate on a panel at a  SocialMediaCamp he’s organizing for October. My son, Jer (blprnt), is quite active in the social media scene, and has a digital art practice in which (I quote) he “explores the many-folded boundaries between science and art”. He and I have been spending quite a bit of time lately discussing the intersection of governance and social media/networking – not just the current preoccupation with how to control social media/networking but, beyond that, how it could be used to improve governance, specifically the quality of decision-making, by tapping into a much broader experience/knowledge base. I may need to spend more time with him before October.

After Vancouver, I headed off to Greece to speak at the Thessaloniki Business Conference. There was an impressive line up of speakers, all of whom had a strong focus on value.  Many of the messages resonated with me, including:

  • Professor Leslie de Chernatony, Professor of Brand Marketing Universita della Svizzera italiana and Aston Business School, who spoke about “Growing out of a recession through more effective brand strategies” stressed that that companies needed to focus on value – not price, to move beyond product quality to outcome quality, and to “watch how you invest”.
  • Howard Stevens, CEO of The HR Chally Group, talked about “Unlocking the Science of Sales Development” and reinforced the value and outcome quality messages saying that there is only a 2-3% difference in product quality between the serious players, all products can be replicated, and what really differentiates the players is the “customer experience”. He also discussed the importance of business analytics and contended that we have information management (IM) backwards – we start with the company executives when we should be starting with the customer.
  • Harold Stolovitch of HSA Learning and Performance Solutions spoke on “Maximizing Workplace Performance in Tough Economic Times” and reiterated the importance of really “walking the talk” when it comes to treating people as “your most important asset” and said that study after study shows that the most important performance blocks are failing to set expectations and failing to provide feedback.
  • Jeremy Hope, Director of the Beyond Budgeting Round Table talked about “How to save 20%-30% on costs, by managing operational bureaucracy and the introduction of modern tools for the running of the Finance Department”, claiming that replacing the annual budget with rolling plans and forecasts could save 90% of time currently spent on the budget process. This is certainly in line with my thinking as expressed in The Budgeting Circus.
  • Dr David Hillson, Director at Risk Doctor & Partners, covered the topic of “Managing risk in innovation projects”. In defining risk as “uncertainty that matters”, he suggested that risks present opportunities as well as threats, with both needing to be managed proactively, and made the case that Risk Management addresses both threats & opportunities in a single integrated process.

I spoke on the role of IT in the economic crisis, and the challenge of maximising the value from IT. I made the case that, while Nicholas Carr might say that “IT [as a commodity] doesn’t matter”, how we manage the change that IT both shapes and enables determines the success or even survival of our enterprises, and business leaders must own and be accountable for this –  it is far too important to be abdicated to the IT function.

En route to and from the Greek conference, I read Joel Kurtzman’s book, Common Purpose. The need for leadership came across in most of the above presentations, and Joel provides a very insightful critique of today’s leaders, and the need for them to move beyond the traditional “command and control” model to establishing a  “common purpose” and creating a “feeling of ‘we’ among the members of their group, team or organization”. I will review this book in greater detail in a later post.

On the subject of books, I am also reading Susan Cramm’s latest book, 8 Things We Hate about IT – as always, Susan is “right on the money” and, again, I will shortly post a review. Also, I  have received a copy of Stephen Jenner’s latest book, Transforming Government and Public Services: Realising Benefits through Project Portfolio Management, which I hope to be able to get to soon and – yes – will again be posting a review.

Hopefully, it will not be 3 months before my next post, but, as I will be slowing down somewhat through the summer – if it ever comes, it may be a while before I get back to being as prolific as I have been in the past.

Addressing the Behavioural Challenges

In my previous post, Behavioural Change – The Crux of the Value Challenge, I suggested that we don’t need any more frameworks – there is no shortage of books, frameworks, methods, techniques, tools etc. to address the effective governance and management of IT and the use of IT to create and sustain value. It is the adoption of these that is painfully slow. It is human behaviour – or rather our inability to change it –  that is at the core of the challenge. I am currently working – both individually and with others – on a number of initiatives around the need to change how we think, manage, and act – to change behaviour – both individual and group behaviour – from the Boardroom to the front-line.

I also said that I would be looking for ways to broaden the dialogue and to engage with practitioners who are wrestling with these issues on a daily basis. My silence on the blog front has largely been the result of my being engaged with a number of individuals and groups in this space, including a quick trip to Europe and the UK last week, where I met and talked with a number of enterprises – some of whom have been on this value journey for 10 years or more. These discussions, and subsequent reflection, have crystallized a number of thoughts in my mind. These include:

  1. A critical factor in determining success or failure of value management is the presence or absence of a clear owner of the value management issue or process.
  2. The “tipping point” – when value management practices start to get traction and become embedded in enterprises – is when the executive and senior management move beyond awareness and understanding of the issue to commitment to action – beyond “talking the talk” to “walking the talk”. This is illustrated in the figure below (figure and text below is adapted from The Information Paradox). Slide1At the thinking, or cognitive level, we recognize and become aware of a need to change. This often translates itself fairly rapidly into talk: “We at Thorp Inc. have to make fundamental changes to our organization.” All too often, the nature of those changes is not understood, and the definition of them is delegated, or more accurately abdicated. The reaction to this is often “This too will pass,” and all too often, it does. It is only when we wake up at three in the morning, reaching for the antacid, as we feel our stomach churning with the realization of the implications of the change and the breadth and depth of what has to change, that we begin to reach understanding. This is the precursor to commitment. The bottom line here is that we can only “walk our talk” when we fully understand what we are saying. Treating the implementation or improvement of value management practices as an organizational change programme – which it is – the use of some form of benefits modeling, which is discussed later, can bring you to an earlier awakening. When we have the understanding necessary to build commitment, to understand the full extent of what we are committing to, then, and only then, are we ready to act. Even then, we can act only if we have the resource capability and capacity to do so.
  3. Those enterprises that have passed this “tipping point” have been able to effectively apply value management practices to guide informed and intelligent decision-making during the current economic crisis – those that haven’t generally fell back to “old ways” with often across the board cost cuts.
  4. Value management practices are most effective when they are closely integrated with, and part of the business planning process. Going beyond this, they are most effective when they are integrated with overall enterprise governance.
  5. Incremental approaches to implementing and improving value management practices are more successful than  “big bang” ones.
  6. The areas of value management that appear to provide the greatest improvement in value management practices and outcomes are:
    1. Improving the business case process; and
    2. Taking the portfolio view.
  7. The factors that continue to constrain effective adoption of value management practices include:
    1. Failing to define, accept or put rigour into accountability for performance; and
    2. Clearly related to the above, failure to align the reward system such that there are consequences – both positive and negative.
  8. The interventions that appear to have been the most successful in changing behaviours, and helping enterprises move beyond awareness and understanding to commitment and action include:
    1. Inclusive engagement of all the stakeholders through workshops (for more on engagement, see The Challenge of Business Engagement);
    2. Use of benefits modeling techniques in workshops to get everyone “on the same page” – building a broader base of understanding of, and support for value management, including the need for business cases with clear accountability, relevant metrics and an aligned reward system;
    3. One-on-one coaching, and
    4. Active and on-going executive and senior management involvement where they are seen to be “walking the talk”.

In preparation for a workshop with one of the groups I am working with, I put together a short survey with the objective of:

  • Understanding the current and target levels of maturity related to value management (based on  the Value Governance [VG] domain high-level maturity model in ISACA‘s Val IT™ Framework 2.0.);
  • Understanding how long it has taken to reach the current level of maturity, and how long it is anticipated to take to reach the target level;
  • Identifying the factors that have either supported or constrained adoption, and to what extent they have done so;
  • Identifying interventions and the extent to which they have enabled adoption; and
  • Understanding the organizational context of the responding enterprise (optional).

Again, in the interests of broadening the dialogue, I would like to extend this survey to a broader audience. The survey is targeted at individuals who are involved in improving value management practices, including, but not limited to some or all of: leadership behaviour; process implementation and adoption (including business cases, portfolio, programme management and project management); roles, responsibilities and accountabilities (for both supply and demand); organizational structure (including Investment Decision Boards, and Value / Portfolio / Programme / Project Management Offices); information requirements (including metrics and reporting); and supporting tools (data collection, analysis and reporting).

You can access the survey here. The survey should not take much more than 10 mins to complete. The survey has 3 pages, and contains 10 questions.  Questions regarding “Current and target maturity levels”, and “Constraints to adoption and interventions to address” must be answered, but answers to “Organizational Context” questions are optional. Assuming that I get enough responses to yield a meaningful result, I will post results on this site in a later post. All information will be aggregated, and specific information about your organization, if provided, will be treated as confidential and will not be published without your express permission.

One of the challenges that we all have in trying to implement or improve value management practices is the perceived – and indeed real – enormity of the task. As per one of my observations above, this is why an incremental – and often pragmatic and opportunistic – approach is required. The business case, as discussed in an earlier post Lies, Damn Lies, and Business Cases, is the foundation on which all else is built, and, as such, sows the seeds of success or failure. Portfolio management is a powerful tool but if it is populated with “toxic” business cases, it will only give the illusion of progress. This is leading me to focus my attention on the business case and think about how, through workshops and benefits modeling, supported by one-on- one coaching we can change the view of business cases as a bureaucratic hurdle to be got over and then forgotten to being one of the most powerful tools available – turning it from an enemy to a valuable friend! If we can do this, we will have a solid foundation on which to further improve value management practices.

Behavioral Change – The Crux of the Value Challenge

As we start a new year, it is a time for me to reflect on what has passed, look ahead to what may be, and decide where to focus in 2010.

Not surprisingly, my two most referenced blog tags in 2009 were value and governance. Value because I believe that this is ultimately what everything we do should be about, and should certainly be the desired outcome of any investment, including, but certainly not limited to investment in IT-enabled change. Governance, because effective governance establishes the framework than ensures that management decisions and actions are focused on creating and sustaining value from investments  – through their full life-cycle from ideation to the management and eventual retirement of resulting assets.

I have found myself in many debates about value, including whether value is as or more important than cost or risk, or whether value implies financial and ignores intangibles. The Val IT ™ framework cuts through this debate by defining  value as “total life cycle benefits net of total life cycle costs adjusted for risk and (in the case of financial value) the time value of money”, and recognizing that benefits can be financial or non-financial. I prefer the term non-financial here to intangible as this can imply that the benefit cannot be measured. My definition of an intangible benefit is one whose contribution to value we have not yet learned to measure.

When it comes to governance, we must move beyond IT governance which perpetuates the separation between two solitudes of IT and the business. With IT embedded in just about everything we do, and becoming increasingly more so, we need to view governance of IT as an integral part of strategic enterprise governance – not a separate afterthought. We need to move away from simply talking about IT – which implies the technology alone – to IT-enabled change. IT in and of itself delivers no value – it is indeed a commodity and a cost. It  is how the business uses IT as a tool, to enable or, increasingly, to shape organizational change that actually creates or sustains value for the enterprise. The implication of this is that we will come nowhere near realizing the potential value of IT-enabled change until we have effective governance with appropriate engagement, ownership and accountability from business leadership – governance that encompasses the full life-cycle of an investment decision, including the original investment and the resulting assets.

My thoughts around what is going to take to get such effective governance include:

  1. We need to shift the focus of governance to value.
  2. Value does not come from technology itself (in this regard I would question the 2009 Capgemini Global CIO Report that assigns 20% of value to the technology) – it comes from how people use the information that technology “provides”. I have said in the past and continue to believe that information and people are the most important yet under-utilized/leveraged assets in any enterprise.
  3. While the awareness (I would not go as far as saying understanding) of executives and business management of the importance of IT is certainly (in words at least) increasing they still generally abdicate responsibility and accountability for realizing value from IT to the IT function.
  4. It may be useful here to explore the parallels (or not) with the HR function. Like IT, HR is pervasive and people are embedded in all of what an enterprise does yet, while the HR function sets HR policies and ensures compliance with laws and regulations, management of HR is recognized as the responsibility and accountability of line management – not abdicated to the HR function. This does not necessarily mean that it is done well but the responsibility and accountability are accepted.
  5. Most of today’s CIOs are not capable of fulfilling the role that has been abdicated to them or even of building the bridges that are necessary to develop the partnership with the business that is essential to move forward – many probably (again, despite what they might say) don’t want, or are not willing to do so. A recent BCS poll  identified the top 10 critical topics for CIOs, 8 of which could be addressed by adopting the principles, processes and practices contained in frameworks such as Val IT, but a leading CIO Group took the attitude that whilst they might be critical issues, they are intractable and will be with us for the next decade at least or until something traumatic happens to shake the Executive Suite into taking notice.
  6. We don’t need any more frameworks – there is no shortage of books, frameworks, methods, techniques, tools etc. to address the effective governance and management of IT and the use of IT to create and sustain value – it is the adoption of these that is painfully slow.
  7. In The Information Paradox, we talked about the need to change how we think, manage, and act – to change behaviour – both individual and group behaviour – from the Boardroom to the front-line. While recognizing this need, the years since the book was published have shown that we seriously underestimated the challenge this would present. This is where we now need to focus our efforts.

Behaviours do not happen in isolation – they are both influenced by and influence other factors. We need to look at a continuum of behaviour, the characteristics of behaviour – specifically expectations and constraints, how these change as complexity increases, and the role of technology in all of this. Human behaviour is at the core of the issue we are dealing with here.

  • Human behaviour is a continuum from individual behaviour through group behaviour (where groups can be families, committees, organizations, communities, industries, countries, regions, societies, etc.).
  • At any level, there are both expectations and constraints (habits, norms,…).
  • The larger (number of individuals), and more distributed (breadth of the network) the group, the more complex this issue becomes.
  • Technology, by increasingly operating across and breaking down physical constraints (geography, distance, time, etc.) has (exponentially) increased this complexity (of what is sometimes called the “ecosystem”).
  • Slide1Paradoxically, with the advances in technology it is becoming simpler to introduce more complexity more quickly. As illustrated in the figure below, technology creates greater expectations while at the same time requiring increasingly significant changes to behavioural habits, or norms if those expectations are to be met – all this within an increasingly complex and interdependent “ecosystem”.

In discussing the issue of complexity with a colleague, he reminded my of the words of Thomas Homer-Dixon in The Ingenuity Gap in which he says “Looking back from the year 2100, we’ll see a period when our creations – technological, social ecological – outstripped our understanding and we lost control of our destiny. And we will think: if only – if only we’d had the ingenuity and will to prevent some of that. I am convinced that there is still time to muster that ingenuity – but the hour is late.” While he was talking of loftier issues, the words ring true here also. We need to explore these behavioural challenges and, in doing so, to attempt to provide answers (or at least some insights) to the following questions:

  1. How far can we realistically move value management – including measurement and attribution of benefits – from an art to a science? (I have believed and stated for a long time that it is a total waste of time to try to get too specific/accurate about attribution where – as there usually are – there are many sources of contribution. I think that it is however very important to be explicit about assumptions that are being made and the nature of the expected contribution such that indicators can be identified which can then be tracked to validate (or otherwise) the thinking behind the assumptions and the contribution.) How long should we realistically expect this to take?
  2. What are the individual and group behaviours that both constrain and, possibly, determine how far we can go towards value management (et al) as a science? (Some/much of this revolves around understanding and acceptance of responsibility and accountability – and, possibly the prevailing “culture of blame” – as well as learning from both unsuccessful AND successful investments).
  3. What are the external factors that further influence these behaviours, e.g. boom times vs. bust times, national and industry cultures, leadership styles, etc. and how do they influence the behaviour? (This raises a further question: “To what extent is there a/one “right way” of doing this?”)
  4. What interventions can positively change these behaviours?

I am currently working on a number of initiatives around these questions, both individually and with others, I will be talking about these more over the course of the year. Beyond talking, I will also be looking for ways to broaden the dialogue and to engage with practitioners who are wrestling with these issues on a daily basis.

Getting Information Management Right

A couple of recent articles by Thomas Wailgum in CIO.com got me thinking – yet again – about information management (IM – for more on IM see Enterprise IT or Enterprise IM?). The first, Information Wants to Be Free, But at What Cost?, makes the point that the more information that enterprises continue to exponentially collect, the more difficult and expensive it’s going to be for them to understand and disseminate that information. The second, The Future of ERP, Part II, makes the case for change in that after four decades, billions of dollars and many huge failures, big ERP has become the software that no business can live without—and the software that still causes the most angst.

In The Information Paradox, and every time I present or discuss the topic of getting real value from our increasingly significant and complex investments in IT-enabled change, I use the slide below to explain how the way we use IT has evolved.

Slide1

When I started in this business, back in the early 60s, most, if not all commercial applications of IT were automation of existing tasks – where the focus was on doing the same thing more efficiently. I call this the appliance era – applications were stand-alone and very little business change was required (as illustrated by the pie chart on the slide). You could essentially have be given the application for Christmas – plug it in and it would do the job.

In the next era, which emerged during the 70s, things became  more complex. We moved beyond automation of tasks to creating, storing, distributing and manipulating information. The focus here was on effectiveness – using information to do things differently and to do different things. You now had to worry about what information was needed, by whom, where, when and in what form – and people had to be trained and incentivized to work differently. Appliances now had to work together in an integrated way, and the way business was done had to change – I call this the rewiring era.

In the next era, which emerged during the 80s, we began to see what I heard a Northrop Grumman CIO describe as “game changing plays” – changing the rules of existing industries and creating new ones. I call this the transformation era. While the changes might not be possible without the technology, the bulk of the effort required to achieve the desired outcomes involves changes to the business – including the nature of the business, the business model, business processes, peoples roles and skills, organizational structure, physical facilities and enabling technology. Those appliances – now ranging from “mainframes” to smart-phones – have  to work together in an integrated way, not only within an enterprise, but outside it – on a global basis.

Unfortunately, while our use of IT has evolved – our management of it has lagged. In far too many cases, the focus is still on the IT appliance  – “plug it in and the value will flow”. Those days are long gone. We are not today simply dealing with appliances – or with simple appliances – we are dealing with massive organizational and cultural change – transformational change. Change that is enabled by technology, but of which technology is only a small part.

The more that I have though about this, and talked about it, the more I feel that one of the sources of the perceived and real failure of investments in IT-enabled change to deliver the expected business value is that we have still not got the information piece right. (Note that in the following comments, I may appear to, and indeed do, to a certain extent, use the terms data, information and knowledge somewhat loosely. This is not because I do not understand the difference – or at least have an opinion on it – but because terminology in common use doesn’t always make a clear distinction, and I don’t want to bog this post down with that discussion.)

While the amount of data we store continues to grow – Gartner predicts that the amount of enterprise data will grow 650 percent during the next five years, a recent Forbes Insights survey of more than 200 executives and decision makers at top global enterprises found that nearly one-quarter of the respondents cited the availability of timely data as one of the top barriers to aligning strategy and operations today. In an earlier post, The Knowing-Doing Gap,  I quoted James Surowiecki, from his book, The Wisdom of Crowds, where he said “…information flows – up, down and across organisations – are poor, non-existent or “filtered” in all directions, decisions are made by a very few with inadequate knowledge and information, and there is limited buy-in to whatever decisions are made.” So, with an enormous and growing amount of data being collected, at considerable cost, why haven’t we got it right? I would suggest that there are a number of reasons for the current state of affairs:

  1. Knowledge is power
  2. Not knowing what information is relevant
  3. Too much information
  4. Bad data
  5. System complexity
  6. Go with the gut

Let’s examine each of these.

Knowledge is power

Building on the Surowiecki quote referenced above, Sir Francis Bacon was (among) the first to say that “Knowledge is power”. Peter Drucker expanded on this saying “Today knowledge has power. It controls access to opportunity and advancement.” This presents a cultural and behavioural barrier to sharing information and to getting it to (all) the people who need it – one that should not be under-estimated.

Not knowing what information is relevant

In another life, I led a lot of what we then called Information Resource Planning assignments. We would interview key stakeholders in an enterprise to find out what information they required. Once we had their requirements, I always asked one final question: “If you had this information, what would you do differently?” Very few people could answer this question or had even thought about it. Enterprises need to take an outcome and role based approach to identifying and meeting information requirements. Expanding on my earlier question, we need to ask: ” Based on the outcome(s) we want to achieve, what decisions/actions need to be taken, who needs to take them, and what information do they need – where, when and in what format – to take them, and what information do we need to know that things are working as they should be?”

Too much information

Today we are drowning in information and, as per the Gartner prediction above, it is only going to get worse. Even if the information that we require is available, it may be lost in the sheer volume of information – the information noise. This noise level is only going to increase. If we are to cut through this noise to what is relevant, it is even more critical to take an outcome and roles based approach to defining information requirements. We will also need to beyond the traditional reporting metaphor and simple, or simplistic dashboards to much more sophisticated, yet intuitive (see “System complexity” below) analytical and data visualization tools.

Bad data

One of the biggest risks to organizations is “bad data quality.” Results from Scott Ambler‘s September 2006 Data Quality Survey show that 46% of data have some data sources that are a “complete mess” or the data itself has serious problems. In an April 2009 data quality PRO survey of Data Quality in Business Intelligence, 42% of respondents reported minor issues, 50% reported major issues, and 4% didn’t know –  leaving just 1% reporting no problems. A 2007 Accenture CIO survey claimed that the costs of compromised data quality are clear—billions of dollars squandered each year due to mistakes, manual processes and lost business. Of the CIOs surveyed,  29 percent said that they had minimal or limited data quality efforts in place, even for critical systems, and only 15 percent of respondents believed that data quality was comprehensively (or near comprehensively) managed. Indeed, not a single North America-based organization reported that they have a fully comprehensive data quality program today. Information is only as good on the data it is based on. It will take time to implement workarounds for, and fix the mess that we have created. In the interim,  we need, at a minimum,  to know how credible the information is and what confidence we can have in decisions based on that information.

System complexity

ERPs were promoted as one “solution” to the information management challenge, but have  proven a challenge for many enterprises – see ERPs – Can’t live with them – Can’t live without them!. Where they have been successful, they may have done a good job of integrating data across enterprises, but few would describe them as easy to use. Even if relevant information is available, if it is too complex or time-consuming to get at it, people won’t. While somewhat simplistic, I have often felt, and even more often heard that “if I need to be taught how to use it, I won’t use it.” Again, information needs to be relevant, outcome and role based, and easy to access and understand.

Go with the gut

Business intelligence was identified in the 2009 SIM Trends Survey as one of the top technologies that enterprises were planning to invest in. Research reported by Accenture in 2008 found that close to half (40%) of major corporate decisions are based on “gut feel”.  The reasons for this executives cited most often, which reinforce some of the points above, were: because good data is not available (61 percent); there is no past data for the decisions and innovation they are addressing (61 percent); and their decisions rely on qualitative and subjective factors (55 percent). 23 percent of respondents identified “insufficient quantitative skills in employees” as a main challenge to their company, and 36 percent said their company “faces a shortage of analytical talent.” 39 percent of respondents said that IT capabilities restrictions were a major challenge and 27 percent said there was an inability to share information across organizations within their company. I also wonder if this might not also be a bit of the “cult of leadership” where they believe that they have achieved a level of knowledge/wisdom where they don’t need information to make good decisions.

Information and people are the two most important and, in all too many cases, the most ineffectively utilized assets in today’s enterprises. What information is available to people – be they executives, managers, workers, suppliers, customers or other stakeholders –  the quality of that information, and how they use it is a key part of what determines business success or failure – value creation and sustainment, or value erosion and destruction. This is true both for “business as usual” activities and – even more so – for transformational change. If enterprises do not get the information piece right, their transformational efforts, and their survival, will be in extreme peril.

The Budgeting Circus

This article in Computerworld by Mitch Betts, The dreaded IT budget process wastes big bucks,  discusses research by the CIO Executive Board which found that “the traditional annual budget circus can waste 6% to 11% of the IT budget”. Reading it caused me to revisit a blog that I had posted back in March which I felt worth repeating below.

Managing in the fog

This article in the February 28th edition of The Economist starts with an interesting quote from Jack Welch that reinforces what I have been thinking and saying for many years. He says:

Not to beat about the bush, but the budgeting process at most companies has to be the most ineffective practice in management.

There are a number of problems with the “traditional” budgeting process:

  1. It’s not dynamic – it is usually an annual event/ritual and tightly coupled with planning – the result being that planning also becomes an annual event/ritual.
  2. It’s not efficient – it is incredibly time consuming – I once heard a former CIO of Microsoft joke at a conference that Microsoft had to get all its work done in 3 months because the budgeting process took 9 months.
  3. It’s not focused on outcomes – when you cut through all the “window dressing”, people go into the process to justify keeping the resources they already have.
  4. It is far too detailed – as a result of point #3, enormous effort is spent on defining projects that might happen, to justify resources that might be needed for what might actually need to be done.
  5. It’s not objective – budget decisions are all too often emotional – the result of “relationship based ” or “decibel based” decision making rather than a rational, objective process.
  6. It’s not flexible/agile – once struck, the budget is hard to change – other than through “across the board” cuts.

Even before the current economic meltdown, the rate and pace of change makes annual budget cycles not just obsolete but downright dangerous. We certainly need some form of budgeting process, but we need a much more practical, pragmatic and dynamic process. The article discusses a number of alternatives , which I would summarize as:

An efficient and flexible/agile scenario based budgeting process, with contingency planning for each scenario, and dynamic rolling forecasts, at an appropriate level of detail, reviewed and adjusted regularly (monthly or when certain trigger conditions occur) by senior management, making objective, outcome-based decisions supported by relevant, reliable and up-to date information (as of today vs. last month/quarter).

Such an approach has implications for governance processes, for the information, and enabling technology required to support them, and for management behaviour.

Reflections on SIMposium09

I had the opportunity to attend and speak at SIMposium09 in Seattle last week. As Seattle is a great town and close to Victoria,  I took the opportunity to take Diane and we both enjoyed Seattle and spent a few very relaxing “Internet-free” days at the wonderful Lake Quinalt Lodge on the Olympic Peninsula after the conference. Having now had time to reflect on the conference, I offer a summary of my thoughts (and in doing so, draw on a number of my earlier posts).

Introducing the sessions on Tuesday, the Moderator, Julia King, Executive Editor of Computerworld, said that what she had taken away from the conference up to that point were three things – people, process and productivity. While productivity – specifically doing more with less – was a common theme, and there was considerable emphasis on people and some on process, I would expand on this somewhat. From what I heard, both through formal presentations, and in informal discussions, the things that I left thinking about, and which I will expand on below were – value (including but not limited to productivity), leadership, innovation (where I would include process), people, and change (specifically management of strategic change). I will talk a bit more about each of these below.

Value

It should come as no surprise that this is my first point. I was pleased that a number of sessions did focus on value, and it was mentioned to varying degrees in others. I was however disappointed when Jerry Luftman presented the results of the 2009 SIM IT trend survey that the word was not mentioned in any of the top ten CIO issues. In fairness, I do understand that in order to plot trends, there has to be some consistency in questions year over year. While it could be argued that the “alignment” question may be a proxy for value (although many people told me they never wanted to hear this question again), and that it is implied in others – I believe we have to make value explicit and  put it front and centre. Certainly, productivity is one aspect of value, but only one aspect – one that tends to focus on doing more with less, and by inference cost. In The Information Paradox, we talked about 3 aspects of value: alignment (NOT the infamous “Aligning IT with the business” topic which, in my mind, makes about as much sense as talking about “aligning our heart with our body”, but rather ensuring that investments are aligned with the enterprise’s strategic objectives); financial worth (which I now refer to as business worth including both financial and non-financial aspects); and risk (both delivery risk and benefits risk).  The Val IT ™ framework further defines value as “total life cycle benefits net of total life cycle costs adjusted for risk and (in the case of financial value) the time value of money”. We need to shift the discussion from the cost of technology to the value of the business change that it enables. We need to create a culture of value in our enterprises.

Leadership

A quick scan of the agenda shows that this was by far the most prevalent topic – not surprising given SIM’s target constituency. There is absolutely no denying that we need more and better leadership – but what do we mean by that? Are we talking about grooming those few who will rise to the corner offices in the top floor of corporate HQ, or are we/should we be talking about something beyond that?  A former colleague of mine, Don Tapscott, used to say (may still say) that “leadership can come from anywhere”. I have been thinking for a while about the “cult of leadership” – in his book, The Wisdom of CrowdsJames Surowiecki identifies one of the challenges is that we put too much faith in individual leaders or experts, either because of their position or track record and that these individuals also become over-confident in their abilities. I don’t want to question the ability and competence of all leaders or experts – while I certainly have seen my share of bad ones, most are good people doing the best they can. However, in today’s increasingly complex and fast-paced knowledge economy, much of which is both enabled by and driven by technology, it is unrealistic to expect individuals, however good they are, to have all the answers, all the time. The reality is that neither position nor past success is any guarantee of future success.

If organisations are to succeed in today’s knowledge economy, they cannot constrain themselves to the knowledge of a few individuals – to put it a more brutal way, they cannot be constrained by the habits or ego(s) of their leader(s)! Organisations must tap into the collective knowledge of all their people – retaining appropriate accountability, based on the law of subsidiarity – an organizing principle that matters ought to be handled by the smallest, lowest or least centralized competent authority. This means locating accountability and decision-making at the most appropriate level, while supporting decisions with broader and more knowledgeable input.

Innovation

We hear a lot about innovation and the potential for CIOs to become Chief Innovation Officers. Interestingly, a number of recent surveys show that executive leadership is disappointed with the lack of innovative ideas from CIOs. But what is innovation? The Oxford Dictionary defines innovation as [t0] bring in new methods, ideas etc. often followed by making change. All too often, we believe that innovation requires new technologies. In a recent Entrepreneur article, Tim O’Reilly, who launched the first commercial website, coined the term “Web 2.0” and was instrumental in the popularization of open-source software, isn’t buying the hype: He calls the era of the I-word “dead on arrival.” “If it is innovative, everybody will know,” O’Reilly says. “Adding words to it does not help.” The current “innovation” overload is the result of folks who don’t know what true invention is trying to pass themselves off as trailblazers. He’s seen companies throw away great ideas because it wasn’t immediately obvious how to make money from them. Then smaller companies and entrepreneurs would come along and play with the idea, just because they’re passionate about it. And they would be the ones to unlock the idea’s potential and grow into the money. While new technologies do indeed enable new methods and ideas, they are not necessary for innovation. Innovation is equally powerful, and often easier, by simply coming up with new and creative ways of using existing technologies.

People

Ultimately, it is people who lead, people who innovate, and, as a result, people who create value. Over the last few decades, much has been said and written about empowering the people within an enterprise – unfortunately little of that talk and writing has translated into reality. As James Surowiecki says, “Although many companies play a good game when it comes to pushing authority away from the top, the truth is that genuine employee involvement remains an unusual phenomenon.” As a result of this, information flows – up, down and across organisations – are poor, non-existent or “filtered” in all directions, decisions are made by a very few with inadequate knowledge and information, and there is limited buy-in to whatever decisions are made. As Peter Senge says in The Fifth Discipline Fieldbook , “…under our old system of governance, one can lead by mandate. If you had the ability to climb the ladder, gain power and then control that power, then you could enforce…changes…Most of our leaders don’t think in terms of getting voluntary followers, they think in terms of control.” I should add here, based on Monday’s closing keynote “It’s about the People”, given by Bill Baumann, Vice President of Information Technology for REI, that REI does appear to be one enterprise that does understand empowerment.

In this context, although there was not a specific session on the topic, social networking (including Web 2.0 and crowd-sourcing etc.) was discussed in many of the sessions, and in informal discussions. As I have said before, I am becoming increasingly interested in how social networking, rather than being viewed as a potential problem to be managed within the “traditional” view of governance and management – today still largely based on beliefs and structures that are a hundred years old – has enormous potential to revolutionize governance and management. In doing so, we could truly tap in to the experience of all employees (and other stakeholders) – not be limited to the knowledge/experience of those few anointed leaders or experts. This could actually make the much-abused term empowerment mean something by giving people the opportunity to contribute to/participate in decision-making, actually be listened to and, as a result, re-engage and really make a difference.

Change

The challenge facing enterprises today is not implementing technology, although this is certainly not becoming any easier, but implementing IT-enabled organisational change such that value is created and sustained, and risk is known, mitigated or contained. The creation and sustainment of value from innovation requires understanding and effective management of change in how people think, manage and act, i.e. change in human behaviour. Unfortunately, as we were reminded in one session by Jeffrey Barnes and Cheryl White, studies have shown consistently over the last 25 years that the failure rate of strategic change initiatives is between 85-90%. Let’s look at a number of scenarios where such initiatives can come to a premature halt.

The first of these is implementation by fiat, without an adequately thought out plan and commensurate resources. There is all too often a tendency for executives to believe that once they say something should be done it is – this is rarely the case. I sometimes describe this as the “Star Trek school of management”. Executives, just like Captain Picard, say “Make it so!” – they often don’t fully understand what “it” is or how they will know when they get there, and  the people they say it to all run off with very different ideas of what “it” is creating a lot of activity – often in conflicting directions. As Larry Bossidy and Ram Charam suggest in Execution, The Discipline of Getting things Done, the role of the executive when saying “make it so” is to ensure that no-one leaves the room until the executive is confident that they all understand what “it” is and, when they come back with a plan, that they don’t leave the room until he/she is confident that the plan has a good chance of delivering “it”.

In other cases, organisations take on too much in the first bite – this either results in “sticker shock” with no action being taken or, particularly when, as is often the case – especially in the current environment of short-termism – the time-frame is unrealistic, failure. The opposite can also be true, doing too little and/or taking too long to do it such that patience runs out and/or interest diminishes to the point of backing off.

Also, where progress is being made, success is not always promoted and built on – without demonstrated and recognized success it can be very difficult to maintain the interest and attention of executives to sustain the change initiative, especially one that may take many years, as many, if not most such initiatives can do. This can become particularly evident if a new executive comes on the scene and asks “Why are we doing this?” Without a sound response, this is often followed by “We did just fine without this where I came from!”

Many of these scenarios are exacerbated when insufficient thought has been given to metrics – measurements that must include both “lag” metrics – are we there yet? – and “leading” metrics – are we on track to get there?, as well as tangibles and intangibles. As Faisal Hoque, Chairman and CEO of the Business Technology Management Institute says, “…technology [itself] warrants evaluation with a tangible set of measures. But the majority of what technology actually does falls more into the sphere of the intangibles”. Understanding how those intangibles (often lead indicators) can contribute to tangibles (often lag indicators) is a key part of value management.

John Zackman offered another explanation for the challenge of change when positioning enterprise architecture – in the context of the overall enterprise – as being about managing complexity and change (which I very much agree with). John said “If you can’t describe it you can’t build it or change it.” John’s comments raise a number of  interesting questions which I won’t attempt to answer here.  Is it actually possible to “reverse architect” today’s complex global enterprises that have, somewhat like London’s Heathrow airport, grown ad hoc over time without any underlying architectural framework or design? If not, are they doomed to eventually fail? Will new and emerging enterprises take a more disciplined approach or will they follow the same pattern such that the cycle continues?

For more on the topic of change, go to Managing Change – The Key to Realizing Value and The Knowing-Doing Gap.

I will explore some or all of these topics more in subsequent posts.

Waltzing with the Elephant

I have just finished reading Mark Toomey‘s Waltzing with the Elephant, subtitled A comprehensive guide to directing and controlling information technology. This has taken me longer than I had thought as the book is indeed very comprehensive. I was reminded as I read it of a comment from an early reader of The Information Paradox who described it as  “a book you want to have read but don’t want to read. If you’re an executive with control over your company’s information technology purse strings, you probably don’t want to read a book this detailed in the intricacies of IT, which is exactly the reason that you should.” But will they? I will return to this point later.

As Mark says in the book’s dedication “Through better, more responsible, and effective decision making and control, we can make better use of information technology, and we can improve the world.” I couldn’t agree more – indeed it is that belief that has driven me for the last 20+ years, and which continues to drive me. There is certainly considerable room for improvement – as Mark goes on to say “…there is a compelling reason to improve the performance of IT use within many organizations.” I would  be even stronger here in that I believe this to be the case in most, if not all organizations.

Waltzing with the Elephant is organized around the the six principles of ISO/IEC 38500:2008:

  • responsibility;
  • strategy;
  • acquisition;
  • performance;
  • conformance;
  • human behaviour.

And the three fundamental Governance tasks that it defines – Evaluate, Direct and Monitor.

Mark does a good job of explaining the principles, and of putting “meat on the bones” of what can be seen as fairly high level and broad concepts. The book is a long, but relatively easy read – helped by Mark’s refreshingly irreverent style, and the many real world examples and anecdotes he has included. Mark also makes good use of models to frame and organize sections, including an earlier version my Strategic Governance framework. Although my brief summary may not do the book justice, what I believe you should take away from it, somewhat adapted and, of course, biased by my beliefs, include:

  1. While much has been written and talked about IT governance over the last decade or more,  progress has been painfully slow. As Ian Wightwick says in his introduction, “…there is a fairly strong case for arguing that the investment in IT improvement has not delivered the desired rate of improvement.”
  2. Slide2

  3. A fundamental reason for this lack of progress is that most IT governance activities  deal only with one side of the problem – the supply side. This is what another Australian colleague of mine, Chris Gillies, calls IT governance of IT –  focused on the IT “factory”. If we are to have effective enterprise governance of IT,  as illustrated in the figure to the right, we also need to pay equal attention to the demand side – business governance of IT – focused on how the organization uses IT to create and sustain business value. For more on this, go to Back to the Basics – the Four “Ares”.
  4. If we are to make progress, there must be the  understanding that governance of IT is an important part of the overall governance framework for any organization, and that governance itself is a business system.  Governance must deal with both compliance (meeting regulatory and legislative requirements) and performance (setting and achieving goals).
  5. Ultimately, the people who should control, and be accountable for how IT is used are the business executives and managers who determine what the focus of the business is, how the business processes are performed, how the authority and control structure operates, and how the people in the system perform their roles. None of these decisions are normally within the scope of the CIO, and so, without the means of enacting any decision, the CIO cannot be held responsible or accountable for the organization‟s use of IT. The CIO should be responsible for administering the system of governance on behalf of the governing body, and accountable for most elements of the supply of IT, but not responsible for the demand and certainly not accountable for the use of IT by the business.
  6. Increasingly, we are not making investments in IT  – we are making investments in IT-enabled change. While IT may be a key enabler, all the other aspects of the business system – the business model, business processes, people, and organization need to be considered. Enterprise governance of IT must  go beyond IT strategy, the IT project portfolio and IT projects to more broadly consider the business strategy, and the portfolio(s) of business investment programmes and business and technology projects that enable and support the strategy (for more on Programme and Project Portfolio Management, go to Moving Beyond PPM to P3M and Get With The Programme.)
  7. It is not enough to just focus governance on new investments. Effective governance must cover the full life-cycle of investment decisions – covering both the initial investments and the assets that result from those investments – assets that all too often fall into what Mark calls the “business as usual” space and receive little attention until something goes wrong.
  8. Essential ingredients of the system for governance of IT include transparency and engagement. Transparency means that there is only one version of the truth – that real, accurate and relevant information flows up, down and across the system to support decision making. Engagement means that, at each level, the right people are involved in the system, in the right way with clearly defined, understood and accepted roles, responsibilities and accountabilities.
  9. Effective governance of IT will rarely be achieved by simply following a standard or a generic framework. Rather, it requires fundamental thinking about the issues that are important, and it requires that the leaders of the organization behave in ways that maximise the value and contain the risks in their current and future use of IT.
  10. Ultimately, while standards, such as  ISO/IEC 38500, and frameworks, such as Val IT™ are useful tools, improving the return on IT investments, and improving governance around those investments and resulting assets is about changing human behaviour. Merely developing and issuing policy is insufficient in driving the comprehensive behavioural change that is essential for many organizations that will seek to implement or improve the effectiveness of their enterprise governance of IT. Behaviour is key…changing or implementing a new system for governance of IT necessarily involves taking all of those people on a journey of change – which for some will be quite straight-forward and which for others, will be profoundly challenging.
  11. This journey of change must be managed as an organizational change programme. While much has been written and should be known about this, the absence of attention to the individual and organisational contexts of human behaviour in plans for IT enabled change to business systems is profound. Where there is understanding of the need to do something, enterprises often then run into “The Knowing-Doing Gap” as described by Jeffrey Pfeffer and Robert I. Sutton in their book  of the same name. As the authors say in their preface, “…so many managers know so much about organisational performance, and work so hard, yet are trapped in firms that do so many things that they know will undermine performance.” They found that “…there [are] more and more books and articles, more and more training programs and seminars, and more and more knowledge that, although valid, often had little or no impact on what managers actually did.” For more about this, go to The Knowing-Doing Gap.

I want to return now to my initial comment about who will read this book. In a recent review of the book, Fiona Balfour described it as recommended reading for academics, students of technology, all IT Professionals and “C‟ role leaders and company directors. The book provides very comprehensive and practical guidance for those who have decided that action is required, but will those who have not yet understood or committed to action read it or, more importantly, take action based on it? Almost a year ago, I was having lunch in London with Kenny MacIver, then Editor of Information Age who, after listening to me expound on this topic for some time, said “What you are saying is that we need a clarion call!” Mark’s book adds significant value to those who have decided to embark on this journey, and he is to be commended for the tremendous effort that he has put into it and for his willingness to share his experience and wisdom – but will it provide that Clarion call? It will play well to the converted, but will it convert? Going back to Ian Wightwick’s introduction, he says “Clearly the purpose of Mark Toomey‟s text is to promote the need for adequate IT governance. It is commendable in this regard, but is only the beginning. Company director (including CEO) education courses and regular director briefings will need appropriate attention with provision of simplified explanatory material and check-lists, as well as encouraging the de-mystifying of the whole business-critical IT issue.”

Despite overwhelming evidence of the need to take action to improve enterprise governance of IT, business leadership – boards, executives and business managers – have shown little appetite for getting engaged and taking accountability for their use of IT to create and sustain business value, or to embrace the transparency that must go with it. I hope that, at least in Australia, the emergence of the ISO standard, and  Mark’s book provide that much needed “clarion call”. History, unfortunately, tells us that it may take more than this – we may still have a long way to go!