Value from IT – There is a Better Way!

I have just returned from a hectic, but very successful couple of weeks in Australia. There I had the opportunity to meet with and talk to many people, including many CXOs, on the topic of “Delivering on the Promise of IT”. Overall, I was encouraged that there is more awareness of the need to do better when it comes to managing IT investments, but discouraged that there is still little awareness of how to do so, and even less appetite to take it on. As always, at the end of many sessions, a frequent reaction was “you have given us a lot to think about.” As I continue to say, we certainly need to think before we act, but thinking cannot be a substitute for action. A couple  of people echoed a comment that my friend Joe Peppard from the Cranfield  School of Management in the UK told me he had had from a senior executive of a European bank – “I didn’t know there was a better way.”

Well, there is a better way! As originally presented close to 15 years ago in The Information Paradox, proven Value Management practices exist, including, but certainly not limited to ISACA’s Val IT™ Framework, including:

  • Portfolio Management – enabling evaluation, prioritization, selection and on-going optimization of the value of IT-enabled investments and resulting assets;
  • Programme Management – enabling clear understanding and definition of the outcomes and scope of IT-enabled change programmes, and effective management of the programmes through to their desired outcomes;
  • Project Management – enabling reliable and cost-effective delivery of the capabilities necessary to achieve the outcomes, including business, process, people, technology, and organizational capabilities; and
  • Benefits Management – the active management of benefits throughout the full life-cycle of an investment decision.

This is illustrated in the figure below.

If enterprises are to successfully adopt and meaningfully use these practices, their leaders will have to change their behaviour. They will need to acknowledge that this is not an IT governance issue, it is an enterprise governance issue. Further, they will have to evolve from an enterprise governance model rooted in a culture of delivery (of technical capabilities) to one based on a culture of value – creating and sustaining value from investments and assets (for more on this, see a recent paper that I wrote with the Benefits Management SIG of the APM in the UK). In the IT context, this means recognizing that we are no longer dealing with “IT projects”, but with increasingly complex programmes of organizational change – change that is often both shaped and enabled by technology, but of which the technology is only a small part.

They should start by focusing on the business case. The business case sows the seeds of success or failure. Most today are woefully inadequate – based on “delusional optimism” and “strategic misrepresentation” (aka lying!), resulting in:

  • limited or no clarity around desired outcomes
  • limited or no understanding of the scope (“depth” and “breadth”) of change required to achieve the outcomes;
  • failure to balance “attractiveness” with “achievability” (including organizational change capacity, project and programme management capabilities); and
  • limited or no relevant metrics (both “lead” and “lag”).

In the context of IT, business cases must be owned by the business, and for any type of investment, used as a living, operational management tool to manage the full life cycle of an investment decision, and supported by the value management practices outlined above.

Again, in the context of IT, as Susan Cramm states in her book, 8 Things We Hate About IT, this will require  a significant  realignment of roles, responsibilities and accountabilities related to IT. There must be a partnership in which:

  • The IT function moves from providing infrastructure to being a broker of services (both internal and external – and increasingly external) while retaining responsibility and accountability related to fiduciary, economies of scale and enabling infrastructure;
  • Business units accept responsibility for defining the requirements for, meaningful use of, and value creation from these services; and
  • The IT function, as a trusted partner, helps the business:
    • Optimize value from existing services;
    • Understand the opportunities for creating and sustaining business value that are both shaped and  enabled by current, new or emerging technologies;
    • Understand the scope of business change required to realize value from those opportunities (including changes to the business model, business processes, people skills and competencies, reward systems, technology, organizational structure, physical facilities, etc.; and
    • Evaluate, prioritize, select and execute those opportunities with the highest potential value such that value is maximized.

The challenge here is not a lack of proven value management practices – it is the “knowing – doing gap”, as described by Jeffrey Pfeffer and Robert Sutton in their book of the same name. We know what to do, and (should know) how to do it. Yet, so far, here has simply been little or no appetite for, or commitment to the behavioural change required to get it done, and stick with it.

The cost in money wasted and, more importantly, benefits and value lost, eroded or destroyed is appalling. It’s way past time to move beyond word to action – the status quo is not an option!

There is a better way!

Helping Businesses Help Themselves

This morning, I spent little over an hour listening to Susan Cramm on the above live HBR webcast. I always enjoy what Susan has to say. She is a former CIO and CFO who definitely “gets it” when it comes to enterprises realizing value from IT-enabled change.

My takeaways – not new but very much reinforcing – from Susan’s webcast, which was based on her book “8 Things We Hate About IT” and the study which it describes, are that:

  1. It’s time to align authority and accountability for IT – in that the same way that we don’t expect the HR function to manage all our people, or the finance function to manage all our finances, we shouldn’t abdicate (my word) accountability for the intelligent (my word again) use of IT to the IT function.
  2. This means we need to re-architect our IT capabilities – key points being business leaders going from being “IT-dumb” (as the study reports 75% are today) to IT-smart, moving beyond thinking of IT as an organizational function to IT as a business asset, and moving beyond oversight to accountability, i.e. acknowledging their decision “obligations” (again, my word).
  3. The IT function should retain responsibility and accountability related to fiduciary, economies of scale and enabling infrastructure, while the business units must accept responsibility and accountability for delivery.
  4. The IT function stops doing things for the business that the business should be doing for themselves – shifting from an “IT Provides – Business Helps” model to an “IT Helps – Business Provides” model.

Basically, business leaders need to stop thinking of IT as a technology they can leave to IT specialists  to a business asset/tool that they need to manage such that it creates and sustains value for their enterprise and their stakeholders.

While it seems improbable that this has not yet happened, we know, as reinforced by Susan’s study, that this has not happened. From my experience:

  • A CEO told me, not that long ago, that while he knew IT was important, he was much more comfortable focusing on the “core business”. Years – no decades – ago, this might have been OK but today, in most enterprises, IT is embedded in most if not all aspects of the “core business”.
  • When we were developing Val IT 2.0, we added a practice within the VG1 process, Establish Informed and Committed Leadership, that was  VG1.3 Establish a Leadership Forum. The objective of this practice was to “…help the leadership understand and regularly discuss the opportunities that could arise from business change enabled by new or emerging technologies, and to understand their responsibilities in optimising the value created from those opportunities.” I was amazed – and somewhat disheartened – during the review process how many people questioned the need for this practice.
  • There is a consultant living just over the water from me who facilitates CEO forums and has become very successful at it. I approached her to see if we could work together to introduce the topic of CEO responsibilities, and accountabilities related to realizing value from IT or, more specifically IT-enabled change. Her response was “CEOs don’t want to talk about IT – they leave that to their CIOs.”

I am giving a keynote speech in November at the ER 2010 Conference in Vancouver. As I was listening to Susan, I reflected on the work of Steven Alter – a recognized authority in the evolving ER (or, more accurately, conceptual modeling)  space, who says: “IT success isn’t just about IT, it is about the effectiveness of people and organizations – IT usage makes an important difference only when it is part of a work system, and IT success is really about work system success.”

In the same way as the IT function – even if it were willing and capable – cannot be held accountable for the ultimate success of IT-enabled change, they cannot be held accountable for the ultimate success of work systems. They are undoubtedly accountable for delivering the enabling infrastructure, and responsible for working in partnership with the business to help them better understand potential opportunities – and the business responsibilities  and accountabilities related to successfully exploiting those opportunities, but cannot be held accountable for their ultimate success.

For this to happen requires significant behavioural change – there is and will continue to be resistance from both business and IT leadership. For this change to happen, we need – as Susan said today to “engage senior leadership in exploring the appropriate role for IT” and, I would add, their role responsibility and accountability in the context of that role. We need that leaderhip forum – an ongoing forum – that we proposed in Val IT 2.0 so that we can get “the right people in the room having the right discussion”.

The response from a number of listeners to the webcast, which is the same as I always get when I present, was “you have given us a lot to think about here.” Yes, we always need to think, but thought must be balanced with action. We have been talking about the role of business leadership related to IT-enabled change for well over a decade now – it’s time to move beyond thinking to action!

If you missed Susan’s webcast, you can watch a recording at http://s.hbr.org/cR3qlT

Value Management is not just a challenge for IT

I had the opportunity to deliver the closing keynote to the APM Benefits Management SIG Annual Conference at the National Motorcycle Museum in Birmingham, UK on Tuesday – from my home office in Victoria on Vancouver Island in BC, Canada (the view from which you can see below).
Slide1
The purpose of this blog is not to dwell on the technology that allowed me to do so – which has both advantages (in terms of not having to travel) and disadvantages (in terms of audience engagement and feedback) but to share some thoughts that I got from listening to the presentation that preceded my keynote. The presentation was entitled “Benefits in the Built Environment” and given by Matthew Walker.

Matthew defined the “Built Environment” as being “output centric” and relating to infrastructure programmes in the communications, energy, transportation, waste and water sectors. Within the UK context – and indeed any nation – these are often taken for granted – only thought about when they break – but are of strategic importance in terms of providing an economic backbone, having national security and quality of life implications and impact, and requiring sustainability targets. Investment in these sectors in the UK 2005/6 to 2009/10 has been ~£30b/yr and is currently projected to be ~£50b/yr in 2010/11 and to continue at that level until 2030, with the current drivers for investment in these areas being the economic situation, population growth and carbon reduction. Rising to this challenge requires diversification of investment methods and the political will and capability to make long-term investments. To deliver value for money, this will require prioritization of desired outcomes, and understanding of interdependency’s through effective benefits management, or – in my preferred terminology – value management. Does this sound familiar? This is what we have been talking about in the context of IT – or IT-enabled change programmes – for well over a decade or more! It gets even more familiar.

The track record of benefits management for such infrastructure investments – if you go beyond schedule, cost, and delivery to specification is largely unknown, but the indicators are not good. A 2009 APM report, “Change for the better. A Study on Benefits Management across the UK”, found that >60% of organizations had no more than an informal or incidental approach to benefits management, and ~70% felt that value was added only some of the time, or never.

Matthew’s recommendations included:

  • defining success in terms of benefits;
  • putting benefits management at the heart of oversight and governance of major programmes and projects;
  • increasing awareness and exposure of the business case;
  • using benefits management to prioritize investments; and
  • providing transparency through assurance.

Matthew stressed that achieving such a “benefits renaissance” would not be an “overnight journey”, but one that we must take – the “we” in this case including:

  • funders;
  • professional bodies;
  • business executives; and
  • construction industry practitioners.

I have long said that the issues around realizing value from IT investments or, more accurately investments in IT-enabled change, are not an IT issue but a business issue – a business issue that is not unique to IT. They are a symptom of our preoccupation with cost, activities and outputs, and our failure to move beyond this preoccupation to a focus on value – understanding the desired outcomes of an investment, and the full scope of interdependent effort required to deliver these outcomes, assigning clear accountability for outcomes – supported by relevant metrics and an aligned reward system, and designing and managing complete and comprehensive programmes to deliver those outcomes. Only when we do this – which will require significant behavioural change – will we  address “the challenge of value”,  and begin to consistently create and sustain value  for all stakeholders, including shareholders in the private sector, and taxpayers in the public sector. In today’s complex and rapidly changing economic environment, to quote from “Apollo 13”, “Failure is not an option!” Or, to quote General Erik Shinseki, a former Chief of Staff of the US Army, “If you don’t like change, you’re going to like irrelevance even less!

Waltzing with the Elephant

I have just finished reading Mark Toomey‘s Waltzing with the Elephant, subtitled A comprehensive guide to directing and controlling information technology. This has taken me longer than I had thought as the book is indeed very comprehensive. I was reminded as I read it of a comment from an early reader of The Information Paradox who described it as  “a book you want to have read but don’t want to read. If you’re an executive with control over your company’s information technology purse strings, you probably don’t want to read a book this detailed in the intricacies of IT, which is exactly the reason that you should.” But will they? I will return to this point later.

As Mark says in the book’s dedication “Through better, more responsible, and effective decision making and control, we can make better use of information technology, and we can improve the world.” I couldn’t agree more – indeed it is that belief that has driven me for the last 20+ years, and which continues to drive me. There is certainly considerable room for improvement – as Mark goes on to say “…there is a compelling reason to improve the performance of IT use within many organizations.” I would  be even stronger here in that I believe this to be the case in most, if not all organizations.

Waltzing with the Elephant is organized around the the six principles of ISO/IEC 38500:2008:

  • responsibility;
  • strategy;
  • acquisition;
  • performance;
  • conformance;
  • human behaviour.

And the three fundamental Governance tasks that it defines – Evaluate, Direct and Monitor.

Mark does a good job of explaining the principles, and of putting “meat on the bones” of what can be seen as fairly high level and broad concepts. The book is a long, but relatively easy read – helped by Mark’s refreshingly irreverent style, and the many real world examples and anecdotes he has included. Mark also makes good use of models to frame and organize sections, including an earlier version my Strategic Governance framework. Although my brief summary may not do the book justice, what I believe you should take away from it, somewhat adapted and, of course, biased by my beliefs, include:

  1. While much has been written and talked about IT governance over the last decade or more,  progress has been painfully slow. As Ian Wightwick says in his introduction, “…there is a fairly strong case for arguing that the investment in IT improvement has not delivered the desired rate of improvement.”
  2. Slide2

  3. A fundamental reason for this lack of progress is that most IT governance activities  deal only with one side of the problem – the supply side. This is what another Australian colleague of mine, Chris Gillies, calls IT governance of IT –  focused on the IT “factory”. If we are to have effective enterprise governance of IT,  as illustrated in the figure to the right, we also need to pay equal attention to the demand side – business governance of IT – focused on how the organization uses IT to create and sustain business value. For more on this, go to Back to the Basics – the Four “Ares”.
  4. If we are to make progress, there must be the  understanding that governance of IT is an important part of the overall governance framework for any organization, and that governance itself is a business system.  Governance must deal with both compliance (meeting regulatory and legislative requirements) and performance (setting and achieving goals).
  5. Ultimately, the people who should control, and be accountable for how IT is used are the business executives and managers who determine what the focus of the business is, how the business processes are performed, how the authority and control structure operates, and how the people in the system perform their roles. None of these decisions are normally within the scope of the CIO, and so, without the means of enacting any decision, the CIO cannot be held responsible or accountable for the organization‟s use of IT. The CIO should be responsible for administering the system of governance on behalf of the governing body, and accountable for most elements of the supply of IT, but not responsible for the demand and certainly not accountable for the use of IT by the business.
  6. Increasingly, we are not making investments in IT  – we are making investments in IT-enabled change. While IT may be a key enabler, all the other aspects of the business system – the business model, business processes, people, and organization need to be considered. Enterprise governance of IT must  go beyond IT strategy, the IT project portfolio and IT projects to more broadly consider the business strategy, and the portfolio(s) of business investment programmes and business and technology projects that enable and support the strategy (for more on Programme and Project Portfolio Management, go to Moving Beyond PPM to P3M and Get With The Programme.)
  7. It is not enough to just focus governance on new investments. Effective governance must cover the full life-cycle of investment decisions – covering both the initial investments and the assets that result from those investments – assets that all too often fall into what Mark calls the “business as usual” space and receive little attention until something goes wrong.
  8. Essential ingredients of the system for governance of IT include transparency and engagement. Transparency means that there is only one version of the truth – that real, accurate and relevant information flows up, down and across the system to support decision making. Engagement means that, at each level, the right people are involved in the system, in the right way with clearly defined, understood and accepted roles, responsibilities and accountabilities.
  9. Effective governance of IT will rarely be achieved by simply following a standard or a generic framework. Rather, it requires fundamental thinking about the issues that are important, and it requires that the leaders of the organization behave in ways that maximise the value and contain the risks in their current and future use of IT.
  10. Ultimately, while standards, such as  ISO/IEC 38500, and frameworks, such as Val IT™ are useful tools, improving the return on IT investments, and improving governance around those investments and resulting assets is about changing human behaviour. Merely developing and issuing policy is insufficient in driving the comprehensive behavioural change that is essential for many organizations that will seek to implement or improve the effectiveness of their enterprise governance of IT. Behaviour is key…changing or implementing a new system for governance of IT necessarily involves taking all of those people on a journey of change – which for some will be quite straight-forward and which for others, will be profoundly challenging.
  11. This journey of change must be managed as an organizational change programme. While much has been written and should be known about this, the absence of attention to the individual and organisational contexts of human behaviour in plans for IT enabled change to business systems is profound. Where there is understanding of the need to do something, enterprises often then run into “The Knowing-Doing Gap” as described by Jeffrey Pfeffer and Robert I. Sutton in their book  of the same name. As the authors say in their preface, “…so many managers know so much about organisational performance, and work so hard, yet are trapped in firms that do so many things that they know will undermine performance.” They found that “…there [are] more and more books and articles, more and more training programs and seminars, and more and more knowledge that, although valid, often had little or no impact on what managers actually did.” For more about this, go to The Knowing-Doing Gap.

I want to return now to my initial comment about who will read this book. In a recent review of the book, Fiona Balfour described it as recommended reading for academics, students of technology, all IT Professionals and “C‟ role leaders and company directors. The book provides very comprehensive and practical guidance for those who have decided that action is required, but will those who have not yet understood or committed to action read it or, more importantly, take action based on it? Almost a year ago, I was having lunch in London with Kenny MacIver, then Editor of Information Age who, after listening to me expound on this topic for some time, said “What you are saying is that we need a clarion call!” Mark’s book adds significant value to those who have decided to embark on this journey, and he is to be commended for the tremendous effort that he has put into it and for his willingness to share his experience and wisdom – but will it provide that Clarion call? It will play well to the converted, but will it convert? Going back to Ian Wightwick’s introduction, he says “Clearly the purpose of Mark Toomey‟s text is to promote the need for adequate IT governance. It is commendable in this regard, but is only the beginning. Company director (including CEO) education courses and regular director briefings will need appropriate attention with provision of simplified explanatory material and check-lists, as well as encouraging the de-mystifying of the whole business-critical IT issue.”

Despite overwhelming evidence of the need to take action to improve enterprise governance of IT, business leadership – boards, executives and business managers – have shown little appetite for getting engaged and taking accountability for their use of IT to create and sustain business value, or to embrace the transparency that must go with it. I hope that, at least in Australia, the emergence of the ISO standard, and  Mark’s book provide that much needed “clarion call”. History, unfortunately, tells us that it may take more than this – we may still have a long way to go!

Back to the Basics – the Four “Ares”

Well, having now finished with the Sidney Fine Art Show – which was incredibly successful – it’s time to get back to this blog.

As I prepare to head down to Seattle where I am speaking at SIMposium09 on November 9th – just 6 weeks before my 65th birthday – I have been reflecting on the underlying foundation of what I have been doing over the last 20 plus years – what have come to be known as the “four ares”. They have certainly guided my thinking and, since they were published in The Information Paradox, continue to be widely referenced  – sometimes those references are even attributed. The idea came when I was presenting a diagram of, what we then called, the Information Resource Planning approach, to the executive of a large Canadian utility. As I was going through it, one of the executives stopped me, saying: “This is all “gobbledygook” to me – can you just explain it in plain English?” So, I turned the somewhat obtuse and long-winded statements on the chart into the questions each box was trying to address. What had been somewhat of a “talking head” session turned into a lively discussion which resulted in a  successful assignment with very positive outcomes. After that, I applied the same approach to almost everything I was doing including, at the time, DMR’s (now Fujitsu’s) Macroscope methodology – and the four “ares” were born. They have been “tweaked”, but have essentially remained the same for more than two decades.

At the time, I am not sure that I had even thought about the term governance, or could have described what it was. However, over time the two ideas have come together in that, in my view, the ability to continually ensure that enterprises can get positive answers to the four “ares” is the essence of effective enterprise governance. I use the term enterprise governance because, although the origins of the four “ares”, and much of their current application relate to governance of IT, they are equally applicable to the broader enterprise governance view. Indeed, one of the comments/criticisms I have had of both The Information Paradox, and the Val IT™ Framework, is that the term IT should have been dropped, or at least de-emphasized,  as they are both more broadly applicable to any form of investment or, indeed, any form  of asset.

For those of you still wondering what I am referring to, the four “ares” are:

  1. Are we doing the right things?
  2. Are we doing them the right way?
  3. Are we getting them done well?
  4. Are we getting the benefits?

Whenever I am talking with executives, I always have to pause when I get to the four “ares”as they invariability write them down. They are questions that are easy to understand although, unfortunately, not always easy to answer. Indeed, I often feel guilty that they appear too simple. I also feel somewhat guilty about the term “right” in the first two questions. I am not sure that there can always, or even ever be a totally right answer to those questions. However, asking these questions can definitely eliminate a lot of “wrong” decisions. A key point about these questions is that they need to be asked continually. Whilst important to ask them when an initial investment decision is being made, it is equally important to ask them throughout the full economic life cycle of that investment decision. That life-cycle includes a number of stages:

  • Development  – creating the necessary capabilities (hereinafter referred to as assets)
  • Implementation  – delivering the assets
  • Value creation  – adopting and using the assets to achieve the expected level of performance
  • Value sustainment  – assuring that the assets resulting from the investment continue to create value, including additional investments required to sustain value
  • Retirement phase – decommissioning some or all of the resulting assets
The four questions, in order, essentially apply to strategy, architecture, delivery, and value. As illustrated below, they collectively encompass alignment with strategy, business worth, including benefits and costs, and risk – including delivery risk and benefits risk.Slide1

As further illustrated below, within the context of governance of IT, the first and last  questions relate to the “demand” side – business governance of IT, while the second and third relate to the “supply” side – IT governance of IT. Collectively, they represent a complete view of enterprise governance of IT.
Slide2

As we said in The Information Paradox [with some updates], “ Tough questioning is also critical to get rid of silver bullet thinking about IT and lose the industrial-age mind-set that is proving extremely costly to organizations.  Asking the four “ares,” in particular, helps to define the business and technical issues clearly, and thus to better define the distinctive roles of  business executives and IT experts in the investment decision process. Are 1, Are we doing the right things? and Are 4, Are we getting the benefits?  raise key business issues relating to both strategic direction and the organization’s ability to produce the targeted business benefits.  Are 2, Are we doing them the right way?  raises a mix of business and technology integration issues that must be answered to design successful [IT-enabled] change programs.  Are 3, Are we getting them done well?  directs attention to traditional IT project delivery issues, as well as to the ability of other business groups to deliver change projects.”

In Val IT, specifically in version 2.0, we fleshed out these questions and also expanded them to include IT services, assets and other resources (while this is in the context of IT – they could equally well be expanded to include other assets).

1.  Are we doing the right things? The Strategic Question.

  • Are our investments:
    • in line with our mandate and vision?
    • consistent with our business principles?
    • contributing to our strategic objectives, both individually and collectively?
    • delivering optimal benefits at an affordable cost with a known and acceptable level of risk?
  • Are resulting IT services, assets and other resources continuing to deliver value by addressing real business needs and priorities?

2.  Are we doing them  the right way? The Architecture Question.

  • Are our investments:
    • in line with our organisation’s enterprise architecture?
    • consistent with our architectural principles and standards?
  • Are we leveraging synergies between our investments?
  • Are our IT services delivered based on optimal use of the IT infrastructure and other assets and resources?

3.  Are we getting them done well? The Delivery Question.

  • Do we have:
    • effective and disciplined management, delivery and change management processes?
    • competent and available technical and business resources to deliver the required capabilities and the organisational changes required to leverage them?
  • Are services delivered reliably, securely and available when and where required?

4. Are we getting the benefits? The Value Question.

  • Do we have:
    • a clear and shared understanding of what constitutes value for the enterprise?
    • a clear and shared understanding of the expected benefits from new investments, and resulting IT services, assets and other resources?
    • clear and accepted accountability for realising the benefits, and relevant metrics?
    • an effective benefits realisation process over the whole investment economic life-cycle, to ensure that we are maximising business value?
One of the objections we often here to implementing or improving governance practices or frameworks is that we are making it much too complex. There is indeed some truth to this given that the IT industry appears to have single-handedly invented English as a second language, i.e. talking in “techno-speak”. There are also a growing number of what are perceived to be competing frameworks in the marketplace. The four “ares” rise above this and provide a very simple yet comprehensive and powerful set of questions that can be used to help you to start the conversation – a conversation that is long overdue in many enterprises.

CIOs in the Era of Doing More with Less

A shorter post than usual, but I wanted to  highlight an interesting article by Brian P.Watson in CIO Insight which quotes, among others, Peter Whatnell, CIO of Sunoco and President of the Society for Information Management (SIM).

While quite a bit of the article is about tactical stuff, the quotes below capture the type of thinking we should be looking for from CIOs, and that CEOs should be demanding. These include:

“Most importantly for IT leaders today, doing the right things means focusing on the long-term view—the strategic components of your plan and that of the overall business, not the bits and bytes of whatever hot technology is dominating the IT buzz”. – Brian Watson

“…the opportunity for IT leaders is more strategic than tactical, more business than technology.” – Peter Whatnell, CIO, Sunoco and President, SIM

“When all is said and done, blending a strategic business focus with the right IT decisions could be what separates the CIO wheat from the chaff. Put those skills together, and you’ll become a true partner:  A CIO has to become the internal, go-to expert consultant for every functional head in the organization to help them execute, innovate and enable strategy more efficiently with the right technology.” – Vincent Cirel, CIO, Norwegian Cruise Line

While these quotes are encouraging, we should remember that the requirement for CIOs to be more strategic business partners should not come as a “Eureka” – resulting from the current economic crisis. The requirement has existed for a long time – certainly well over two decades. The difference today is that the consequences of not doing this are much more serious. CIOs and CEOs who do not understand this are putting the very survival of their organizations at risk!

You can be assured that I will be discussing this topic more in presentation at my SIMposium09 in Seattle on November 9th.

The Challenge of Business Engagement

When I ask individuals or groups around the world what their greatest challenge is related to implementing effective enterprise governance of IT,  the answer is consistently “getting the business appropriately engaged”. Conversely, where they have made progress, the “tipping point” has also consistently been when the business accepted ownership of, and accountability for the use of IT to create and sustain business value. We will continue to come nowhere near to realizing the potential value of IT-enabled investments until we address the challenge of business engagement and ownership.

A number of years ago, my wife and I built a house – or, more accurately, signed a lot of cheques to get the house built. We spend an enormous amount of time up front – first with our architects, then with Mike, our builder and the architects – and once actual construction started, were on-site almost every day – often more than once. Despite all the time we had spent up front, there were many decisions to be made – decisions that often cost little or nothing, even saved money,  but – if they had not been made – would have resulted in livability issues and/or increased costs down the road. We were, and still are very pleased with our house.

Now, if we had built our house the way most organizations acquire/develop IT systems, what would we have done. We would have spent some time sketching out what we thought we wanted, probably bypassed the architects because we didn’t need them, and then told Mike what we wanted, what we wanted to spend and left it at that. After all,we weren’t in the house building business – we had other more important things to do. When Mike would have called to tell us the house was ready, we wouldn’t have liked it – we might even have hated it! We would have fired Mike – if we lived south of the 49th parallel probably sued him. We would then have hired someone else to “fix it” and/or sold it and started again. Sound familiar? While it was certainly true that we weren’t in the house building business – we were in the house living business, and  – as the owners – the house was being built with our money. What we would have done was abdicate our responsibility as owners – the ones who would have to live in that house for the next 10 – 15 or more years – to Mike. It wouldn’t have been Mike’s fault – it would clearly have been ours!

As long as the business continues to see anything to do with IT as an IT problem (“we’re not in the IT business”) and abdicates their responsibility as the owners and ultimate users of the technology to the IT function, we will continue to have significant challenges around realizing value from IT. Putting it in the governance context, only when IT is seen as an integral part of enterprise governance will the issues around realizing value from IT investments be addressed. A 2007 report from the BTM Institute[1] confirms that enterprises focused on converging their business and technology disciplines exhibited superior revenue growth and net margins relative to their industry groups and exhibited consistently greater rates of return than those of their competitors.

Boards and executives need to understand that they can no longer treat IT as a “black box” – something distinct and separate from their core business.Today, the box is empty; its contents distributed and embedded throughout the enterprise as electronic bits of business processes that run up, down, across and among enterprises and their customers, suppliers and other stakeholders. In The IT Value Stack, Ade McCormack says “Information technology isn’t an optional extra, it is a condition of entry to most markets. It is the enabler of business sustainability. The CEOs who don’t get that are either in the wrong job or have done some calculations in respect of their retirement date and this reality dawning on the shareholders.”

The need for dialogue

A number of years ago, a senior Australian public sector executive said to me “I need to get the right people in a room having the right discussion.” His statement captures the essence of the problem. We need to break down the current siloed view of IT and the business – the “two solitudes” as I often describe them. We need to create and sustain an on-going dialogue between the business and IT leaders. Whilst an important part of this will be informal, this is necessary but not sufficient. We need a formal governance framework which promotes and supports such a dialogue.

Depending on the current maturity of an enterprise, this dialogue needs to include a number of key elements:

  1. Understanding the role of IT in an enterprise – a role that has evolved over the last few decades from automating transactions to fundamentally transforming the nature of the enterprise;
  2. Understanding what constitutes value for the enterprise, how value is created and sustained, and how IT contributes, or can contribute to creating and sustaining value. We need to get away from trying to measure IT’s precise value which is a meaningless exercise guaranteed to keep ranks of MBA toting consultants busy, to understanding how IT contributes to value;
  3. Understanding the roles, responsibilities and accountabilities of the board, executive management, business unit and IT function management in maximizing the contribution of IT to business value;
  4. Developing a comprehensive program of change to implement or improve governance processes and practices around value management, focused initially on key “pain points” where early results can be achieved;
  5. Managing the journey – learning by doing, leveraging successes and continually improving the processes and practices.

Enterprises do not have to start from scratch when undertaking such a program. There is a growing body of knowledge in this space. Since The Information Paradox was first published some 10 years ago in 1998, many more books and articles have been written on this subject and many organisations such as the IT Governance Institute (ITGI), the Office of Government Commerce (OGC) and the Project Management Institute (PMI), as well as academic institutions such as Cranfield and UAMS, and vendors such as Fujitsu have developed frameworks and methodologies to assist enterprises on this journey.

The need for effective enterprise governance of IT is real – the on-going cost of not doing so is huge – the resources are available to make it happen – it is time to act!


[1] Business Technology Convergence Index, The Role of Business Technology Convergence in Innovation and Adaptability and its Effect on Financial Performance, BTM Institute, June 2007