CIO role: A juggling act

CIO juggling act

In 2009 IBM published a study based on interviews of 2,500 CIOs from across the globe. They found:

“The voice of the CIO is being heard in new ways – as CIOs are increasingly recognized as full-fledged members of the senior executive team. Successful CIOs are much more actively engaged in setting strategy, enabling flexibility and change, and solving business problems, not just IT problems”.Many of the CIOs most important goals seemed to clash, e.g. how to be innovative whilst relentlessly cutting costs and how to introduce new services without causing disruption to the business.  These conflicting goals make the CIO role a constant juggling act.

The juggling act

The IBM study found that successful CIOs are simultaneously juggling three pairs of activities at any one time.

CIO juggling actFigure 1: The Juggling Act (IBM, 2009)

Juggling three roles

By integrating these three roles, visionary but pragmatist, value creator but cost-cutter and collaborative business leader and an inspiring IT leader; the CIO aims to :

      1. Make innovations real,
      2. Increase the ROI of IT and
      3. Expand the business impact.

Let’s look at each of these aims individually.

Making innovations real

Successful CIOs are active members of the executive team. They are always looking for ways in which technology and data can be used to improve products and services or open new market opportunities. They have a wide sphere of influence across the organisation and they encourage IT and business to co-create innovation opportunities. Visionaries also generate excitement from the business through ideas that differentiate the organization from others. They treat information as an asset and seek to leverage information for competitive advantage.

CIOs know that being visionaries and bringing new ideas is only part of the job. Keeping the wheels of the organisation turning smoothly and efficiently is a must. They recognise that faultless service delivery remains at the heart of their credibility and influence. Pragmatic CIOs understand what their organisations do well and effectively use third-party service providers to get results. They collaborate well within IT and with external partners to help make ideas a reality. These CIOs make it easy to work together and deliver results. To stretch as a Pragmatist, a CIO sets goals like achieving higher productivity and helping the organization become more flexible.

Raising ROI of IT

IBM found, “CIOs become Value Creators when they work with the business to enable superior customer experiences”. As more and more business is conducted via electronic means, customer interactions with business become easier and create value for the enterprise. Helping organisations leverage facts to gain new customer insights also leads to value creation opportunities. In some businesses, CIOs are leaders in establishing collaborative relationships with their high value customers / partners and finding ways to improve and enrich customer interactions.

While looking for new ways to create value, CIOs everywhere are continually finding ways to improve efficiency, streamline operations and cut costs where possible. Their mantra is to do more with less. CIOs drive centralisation of services and infrastructure to gain scale benefits. CIOs use standardisation, simplification and automation to cut more costs. Attacking business process inefficiencies and supporting IT solutions is another focus. Relentlessly focusing on cost cutting enables the CIOs to redeploy their departments’ efforts into creating more value opportunities.

Expanding the business impact

Successful CIOs act as true business partners. They work as collaborative business leaders in driving cultural change across organisations. “I help business leaders figure out what they want to do with technology, then I work on how to deliver it,” said a Defence and Security CIO in the United States. CIOs regularly meet with the board and executives and are fully across key business decisions and challenges. They understand changing future business models and remain alert to rapidly facilitating business model changes with enabling technology.

CIOs understand that while remaining engaged with the business leadership is important, maintaining IT expertise is also critical. They create an environment that helps the organisation to develop and apply IT expertise. CIOs encourage professional staff to learn and develop not only their IT skills but also their business acumen. Furthermore, many CIOs create IT centres of excellence to develop greater IT expertise. These centres can also create business technology innovation opportunities.

CIO profiles in high-growth and low-growth organizations differ

The 2009 IBM CIO study found that the profiles of CIOs who work in low-growth organisations were more like those of  IT Managers. They were good at leading  IT staff but weak in five other areas. On the other hand, CIOs in medium growth companies had a well-balanced profile across all six dimensions. High-growth company CIO profiles showed less emphasis on IT leadership skills but higher scores on every other dimension.

  1. An Insightful Visionary and an Able Pragmatist – The Insightful Visionary helps the business explore how technology can drive innovation, while the Able Pragmatist makes it possible to bring creative plans to life.
  2. A Savvy Value Creator and a Relentless Cost Cutter – The Savvy Value Creator devises better solutions by understanding customers’ needs, while the Relentless Cost Cutter stays vigilant about trimming expenses wherever possible.
  3. A Collaborative Business Leader and an Inspiring IT Manager – The Collaborative Business Leader thoroughly understands the business and builds strong partnerships internally and externally. The Inspiring IT Manager demonstrates personal IT expertise and advocates deeper skills across the IT organization.

Let’s look at these in detail.

A dozen tips for success

Not every CIO is strong on each one of the six dimensions above. The experiences of over 2,500 CIOs worldwide suggested some key actions to strengthen the areas where CIOs may not be doing enough.

Make innovation real:

  1. Champion business and technology integration
  2. Encourage innovation not just in the IT organization but in the broader group as well
  3. Make working together with IT easy
  4. Concentrate on core competencies and leverage suppliers where right

Raise the ROI of IT:

  1. Find way to reach customers in new ways
  2. Enhance integration between IT and business and transparency
  3. Standardize and centralize IT systems and technologies to economize
  4. Keep cost reduction a top priority.

Increase the business impact:

  1. Know the business well.  Present and measure IT in business terms
  2. Get involved with business peers in non-IT projects
  3. Lead the IT forces and cultivate truly extraordinary IT talent
  4. Enhance the data and turn it into usable information for the business

The balancing act

Many CIOs understand the balancing act necessary in their roles and work with goals that seem to be the opposite of each other. In doing so, they show a deep understanding of their role as CIOs and a high level of sophistication. Consequently, these CIOs are able to focus on what matters most in their organisations.

Happy juggling!!

Towards better IT governance

Introduction

As both business and public sector organisations are becoming increasingly dependent on IT, there is growing recognition that governance of IT is an essential part of the corporate governance. Governance is about who makes the decisions? How they are made and who is accountable for what? While the need for IT governance is accepted, implementing effective IT governance continues to be a challenge.

Many C-level executives still consider IT to be too complex, technical and difficult to govern. IT governance still is perceived as a CIO issue. Alignment between IT and business strategy as well as between IT and business governance remains weak.

This article demystifies the IT governance and provides practical ideas for improvement.

Four “ares” of governance

Governance is about ensuring that the organizations resources are used the right way to create value while managing IT risks. The Val-IT framework from IT Governance institute helps address these challenges. The four “Ares’ are the core of Val-IT framework. This is a sound framework which helps organisations ensure IT efforts are aligned and IT continues to deliver value.

Four "R"s of IT Governance

  1. Are we doing the right things? To quote Peter Drucker: “There is nothing so useless as doing efficiently that which should not be done at all”. This is the question about should we be doing something at all. It ensures strategic alignment between business and IT. Is what we are trying to do fit with the organisations vision and strategy? Is it consistent with the business principles?
  2. Are we doing them the right way? This is the question about architecture and standards. Is what we are doing conform to the architecture and processes?
  3. Are we getting it done well? This is the question about the execution. Do we have the disciplined delivery and change management processes? Do we have the right skilled re sources and are we managing them well? How does our performance measure up to others? Are we effectively managing risks?
  4. Are we getting the benefits? This is a question about realising value from investments in IT /projects.  Are we clear about the benefits? Do we have metrics? Is the accountability for the benefits clearly defined?

These four questions cover the core of Governance, which are Strategic alignment, IT value delivery, IT Risk management, Performance management, and IT Resource Management. When managers at all levels address these questions, IT governance will become part of the culture.

IT Governance Models

There is no one size fits all model for IT governance.  Three common models are based on three decision-making styles within organizations. These are: Centralised, Federated or Decentralised.

 

IT Governance models

Figure 2 – IT Decision making models

  • In the centralised model efficiency and cost control is emphasised over business unit responsiveness. There is greater focus on standards, synergies and economies of scale.
  • In a BU centric (decentralised) model there is greater business ownership and responsiveness but integration and synergies suffer, resulting in likely higher costs.
  • The federated model tries to combine the best features of these two. In the federated model common applications and infrastructure resources are pooled while business units control BU specific applications.

Here are some commonly used IT Governance forums. The above models influence the scope and membership of the IT governance forums.
Business Leadership Council / Executive committee – This is the top-level committee that makes enterprise-wide decisions including approving IT strategic plan and controlling major investments (including projects). Sometimes Ex-co may delegate the IT decisions to IT Council or IT Steering committee. This usually consists of key business executives, CFO and CIO.  They would consider IT policy and investment decisions more deeply than the Ex-co.
IT Leadership council – This group consists of most senior IT leaders across the enterprise.  They focus on decisions such as IT policy, IT Architectures and IT infrastructure.  This is a critical forum in Federated and decentralised models.
IT Architecture Council consisting of key IT and some business leaders who would oversee development of architecture standards, recommend them for endorsement by the Leadership council. This group may also monitor compliance with the architecture standards.
Business-IT relationship managers – These managers bridge the gap between IT and business units and act as two-way communication channel to address and resolve any gaps.

Characteristics of good IT governance

  • IT investments and decisions are assessed in a manner similar to business investments and IT is managed as a strategic asset. This means there is top management participation in key IT decisions. There is board oversight of IT investments and executives are held accountable for realising benefits.
  • IT is essential part of corporate planning and strategic planning. IT understands the business dynamics and contributes to the development of business strategy, which is interlinked to IT strategy. IT and business work together to identify opportunities.
  • Top IT risks are considered within the enterprise risk management framework. Risks such as data protection, IT security and business continuity receive periodic board oversight.
  • IT performance is regularly measured and compared with peers and best practice.
  • How decisions are made and why, is well understood and outcomes are clearly and formally communicated to the stakeholders. Formal exception processes are established and promote transparency as well as allowing organisational learning.

Steps to better governance

Improving governance in organizations is a strategic change process. There is no silver bullet. Governance is not just a new process but it also needs a new mindset and behaviours at senior levels of both IT and business. The established power centres within organizations do not always welcome greater transparency and accountability. Experience suggests that strong support from CEO and CIO and gradual increase in governance maturity usually works better than constant tinkering.

Here are ten steps for improving IT Governance:

  1. Visible and active top management commitment is absolutely critical for the success of any governance initiative. Governance is a disciplined approach. There must be consequences for all the executives for non-compliance.
  2. Treat governance as a change program requiring resources and commitment. It must have visible benefits for it to be considered successful. Also, consider organization’s culture, resources available and capacity for change. Establish credible goals, measure and communicate the benefits.
    If the IT is struggling to deliver reliable service, or have a poor track record of customer service or project delivery; focus the governance efforts for addressing these burning issues rather than going for the lofty goals of strategy alignment and such.
  3. Use recognised frameworks for the governance initiative. There are a number of frameworks like COBIT, ITIL and others. If service management were an issue using ITIL framework would be ideal.  Use knowledgeable experts to help establish a realistic program.
  4. Transparency of decision making and reporting gives governance its potency. Transparency whether it be business cases, standards compliance or project health reports create trust and creates peer pressure to address issues identified or to question unusual decisions.
  5. Create a formal process for handling exceptions. Then report on percent of exceptions and key reasons for these. May be the standard it inappropriate or the enforcement is poor. Openly discuss and address.
  6. Encourage peer group consensus at each governance tier and avoid escalations to higher levels. This will build trust and sense of compromise within the framework of good governance.
  7. Where possible align with the corporate governance mechanisms. Most companies would have risk management, investment management, and crisis or business continuity management mechanisms. Align IT with this where possible. This would accelerate the implementation as well as give it instant credibility. Seek input from internal or external Audit staff in design of the governance framework.
  8. Educate senior management on benefits of IT governance as well as on new technologies and challenges so that they can participate in an informed manner in key technology related decisions. Lack of technological knowledge should not be an excuse for executives not to participate in key technology investment decisions.
  9. Build accountability for benefits realisation in the business case itself. This will encourage active interest in delivery governance.
  10. Avoid clogging the IT steering committee or EX-co with technical or architectural details. Address the technical details at a technical forum and report only on compliance or non-compliance/ risk to the top team. The top team can then focus on ‘is this the right thing to be doing (or investing in)’ rather than ‘how’.

If you want to discuss steps to improve IT governance in your organisations contact me.