Learning never stops and as the saying goes ‘it is never too late to learn’. New challenges appear every day and we are forced to deal with them. If the same problem crops up every time we will know how to deal with it but that is not what usually happens. We live in an environment that is rapidly changing which throws up new challenges and we always need new knowledge and skills to effectively deal with them. It is therefore important not to remain static but to keep improving.
It is natural for us to stay in the comfort of the world we know. We may, at many times keep doing the same thing day in and day out and feel like an expert in the area. We then flaunt our experience to claim superiority over those who have spent less time. Once when one of our seniors proudly proclaimed that he had 20 years of experience, my boss quietly whispered into my ears saying ’20 years of experience or one year of experience 20 times’. That was quite a loaded comment and that little expression stayed with me for long. Experience has very little meaning if it is not rich with knowledge gained over this period.
CIOs shouldn’t miss out the opportunity
While learning is essential for everyone, I will specifically speak about the learning culture that CIOs need to adopt in order to stay relevant. There are many a chances that CIOs miss out. Take for example interaction with vendors – they hand out hardware or software specifications to vendors and ask for the price quote. Selection is often based on superficial comparison of features and commercials. However if CIOs define their requirement and let vendors suggest solutions, they may get new ideas and if they raise queries on technology, the vendor would educate them for free. CIOs again would do well to attend external events like seminars, symposiums, user group meets etc. which could accord a great opportunity to understand the current trends and new solutions. I have also seen a lot of CIOs being shy of networking with fellow professionals from other companies where they could share ideas and also experience of dealing with various situations. Nothing could be better than hearing from users who have done it themselves.
Learning cannot be in vacuum as all the knowledge we gain is based on interaction with others. It is a good practice to involve our team in an act of discovery. If we involve our team members and throw up a challenge asking them to work out solutions, you may see innovation at work. The interaction that ensues creates a learning environment where each of the stakeholders benefits. While we can learn on our own, a collective effort makes learning faster and well grounded. A well informed and an intelligent team carries much more weight than stray individual brilliance.
Putting learning into practice
Knowledge gained remains incomplete till it is applied in the real world. So here is the catch. New ideas, new technologies learnt and new solutions evolved have to be put into practice. The CIO has to overcome the challenges of budget, approvals and getting users on board. New initiatives always come with a risk element and it is important for the CIO to muster courage and be ready to put his neck on the block. Great leaps take place when there is a will to win and a desire to go where we have not been before.
Learning should not be a forced activity or a routine to be prescribed and followed. It is the hunger to evolve and get better, a desire to break new grounds and a commitment to excel that gets us into a continuous learning mode. It is a habit that does not require extra effort but sets us on the path of excellence.
We always choose the easy way to take care of issues we face. When confronted with a problem, we wish for a readymade solution to make use of, or having successfully solved a difficult problem, we want to use this success mantra in every situation that we are faced with. We tend to pick up a solution from somewhere and try to plant it in our environment ; and I have seen this happening in many places, often with undesirable results.
The problem could be with the CIO who brings in technology solutions from his previous company or vendors that he is comfortable with. At other times it could be the user who tries to suggest the same process or systems that they had experienced with their earlier organization. We may have also to contend with the CEO who may insist on installing the environment that he is familiar with. Let me delve into such cases based on my observations and experience.
The CIO syndrome
Being the chief architect of the IT play in the organization, CIOs orientation is key to the right solution mix that the organization adopts. In many occasions he may be influenced by solutions that he had put up in his previous organization, on grounds of familiarity or from fear of treading into the unknown. He may also want to deal with the same technology vendor or service provider rather than trying new ones. I have often seen CIOs insisting on say a Microsoft solution, Oracle database or a certain ERP irrespective of what the organization already has or what suits them. They try to justify the change stating various reasons that managements don’t understand. Some CIOs also tend to replace the current consultants or service providers with those that they are familiar with explaining a close working relationship as justification even though the existing vendor could have had a good run with the organization. These cause disruption and the organization may not really benefit from such a change. Early in my career I also tried a similar trick that did not work and soon realized the folly of replicating systems. Thereafter I made a point not to carry any papers or solutions prints from my previous organization or refer to them when I made a change.
The users push
The users too may want to put their stamp on the systems they run. Why wouldn’t a HR head who had used Peoplesoft solution or a functional head who used SAP or the CFO who used a certain dashboard not insist on the same solution for his needs. This situation is not unfamiliar. I have come across situations where companies put in say a Peoplesoft package for HR, BAAN for manufacturing, or IFS solution for Plant maintenance in spite of having implemented another enterprise ERP package in the organization. CIOs sometimes feel helpless when a strong willed functional head says that it will be his choice or none. I have come across situations where business heads keep opposing measures in the steering committee just because their choice of package was overruled. In one instance I had to give in to the demand of the Sales head to introduce mobility for sales force automation (he had done so in his last outing) as he convinced and got a go-ahead from the CEO. It was clearly not a viable solution for the organization and it finally met its fate a year later and got into disuse. Users also wish to play favour to their old contacts who come to them for business and they then put their overt pressure on the CIO to act.
The CEO dictat
The boss often has his way and especially so if he claims to be IT aware. I have seen two kinds of their interference – one when he has just come from another company that used a certain solution or when his advisor or a fellow CEO from another organization recommends a particular technology or a solution. I once got into one such tense situation when the CEO almost ordered a proprietary large server at a time when standard unix systems were gaining ground. He didn’t understand that his earlier organization had installed the system many years ago and that the scene had changed since then. It took considerable convincing to shake him off his stand.
Kicking the habit
This habit obviously is not rewarding – it provides only a temporary comfort but spanks you at the end. Solutions cannot just be lifted from one place and planted at another. Each situation is different and needs a fresh look without bias. Solutions emerge as we analyze the requirements dispassionately and it is fun to explore new solutions that fit the scene better.
Use of IT in organizations is all pervasive. IT penetrates into every function and most users are dependent on IT systems in one way or another. It is not only large corporations today but the small and medium sector that are impacted by IT. Deployment and usage however differ from one organization to other. Large corporations often have high profile managers or hire consultants to help them strategize, plan and define a proper IT architecture for moving ahead. While some of the medium sized organizations too have a good set up, others stutter and struggle with their IT plans.
Lack of an enterprise approach
I have been associated with a few such organizations and I see the need for many of these companies to rework their approach and make IT work for business. This is more true of medium sized organizations which have grown in size to match their larger counterparts and small organizations that have expanded to come into the medium sized category. I see these companies struggle with their IT set up leading to a certain level of dissatisfaction at the management level. Though basic operations run well, expectations of the management are higher than what IT can deliver. Reasons for this situation are many but let me deal with a few.
Linear expansion of IT: As the business grows, IT heads add on more servers, storage, network equipment etc. for handling more users, larger data and to cater to additional traffic on the network. While some additions are in order, there comes a stage when the entire architecture needs a re-look. The IT capacity starts cracking at the seams and the IT man is left chasing the needs expressed by the business. For example tailor made applications become woefully inadequate but the CTO may take too long to make the required transition to newer software packages.
Lack of the required skill at the CTO/CIO level : Some of the companies I interacted with understood the inadequacies of the current set-up but could not proceed because the IT team with them did not have the required knowledge or skill to identify, evaluate and decide on newer and contemporary solutions. Quite often they are stranded and some of them are forced to consult external experts for help.
Maintaining status-quo: There are other CIOs who keep on giving various explanations to the management and try to maintain status-quo. They are rich with explanations why a new system will not apply to them and that their needs are very different from others or that if they make any change, much of the current investment would be laid to waste.
Budget constraints: A few other organizations get caught in a bad business cycle and decide against further investment in IT. Unfortunately IT gets the first kick during budget cuts and any talk of IT restructuring is deferred to a later date which is often indefinite. Surely management personnel here display a lack of appreciation for modernization at a time when the environment is moving ahead with increased automation.
When companies get into such a bind, they limp, stutter and fall and the same time lament the poor status of their IT which is of very little help to business. They may be right in many cases but in other case it is because of their own making. They have however, to move, take the right measures so that they correct the situation without much delay. Some of the steps that can be taken are :
Management should seek to understand : Awareness at the management level is crucial. CEOs in some of the companies are well updated of the situation and get into conversation with IT vendors and other experts but in many of the other companies, the awareness level is low. They need to open up to the market realities and come out of their conventional mindset. Cutting down the IT budget may be the easiest of things to do but they fail to realize the damage they do to the IT support that the organization needs to measure up to the competition.
Take external help: When requisite knowledge does not exist within, it makes sense to step out and tap experts who can advise the company of the right path to take and to guide the local IT team in implementing the new measures. Companies adopt various modes, they sometimes ask their main IT vendor to draw the right path, or hire a consulting organization or seek guidance of a known expert to take them through.
Management to participate or form a Steering Committee : It is not enough to just sanction budgets and give approval to projects. It is essential for the CEO to participate and monitor the progress of IT projects or set up a steering committee and place senior management personnel there to guide the teams to achieve the end result.
The small and medium enterprises (SME) today form an integral and a meaningful part of the Indian economy. They have contributed to the growth of the industrial sector in quite some measure, have been feeder companies to large industrial houses and have provided employment to a large section of our population. Their growth and prosperity therefore augurs well for the economic health of the country.
During the last couple of years I have been trying to help small and medium sized organizations enhance their efficiencies and competitiveness by using IT. The attempt is to bring to them systems and good practices that are used in large and professionally run organizations. My experience has so far has been a little short of expectations and I think more effort is needed to bring them into the right fold.
I had an encounter with a large number of SME owners a little while ago at Ludhiana in Punjab. I was a speaker in the event and the event was a part of the seminar series sponsored by one of the leading Banks and coordinated by one of the technology media companies. The sponsors intended to wake up these companies to the new reality so that they prosper, though the interest of the sponsor could be to seek a share in this prosperity. However the effort was commendable as it exposed these companies to the contemporary industry practices.
The first speaker at the seminar was the country head of a global consulting organization. He spoke about the life cycle of small and medium companies based on a study and experience from across countries. He explained the journey that such companies take right from its birth through to survival phase, stabilization, consolidation, growth, decline and death. He laid special emphasis on one of the reasons why these companies fail – that is when in a growth phase they fail to modernize and professionalize or when inducting professional they are unable to manage the conflict between the new breed of professionals and the old guard. The audience listened intently and asked quite a few questions eating up a lot of time. They demanded more of such session and were ready to walk the path.
As I rose to speak, I got a request from the organizers to shorten my talk as we had overshot time. In keeping with the flow I explained to the audience the importance of IT and the need for modernizing their set up with automation. With examples I explained to them how companies have leveraged IT to reduce inventory/outstanding, to enhance customer reach, to bring efficiency to operations etc. I also emphasized the fact that if they continued to ignore, their competitors could steal a march over them. I listed down few of the emerging technologies and explained a few including cloud computing, ERP and web content management and told them how they can use these technologies to get benefits to business. I thought they listened but there were no questions at the end and it looked like a pass-through session. In the subsequent cocktails & dinner session too no one came up and asked for help.
Later as I mused on the subject, the situation looked a little grim to me. Owners of these companies were generally ignorant (based on questions I raised to them during the session) of IT but did not seem to be keen in understanding it either. Advice of the earlier speaker asking them to modernize and use IT did not seem to have penetrated their minds too. They were more concerned about building their businesses and not worried about how to run them.
I spoke to the sponsors and I shared my concerns with them. They agreed to take up this matter with the industry associations and persuade them to organize events focused on educating these organizations to understand and use IT. While the rest of the world is progressing and leveraging technology for their benefit, our small and medium sector should not miss out on this trend and repent later. I think vendors, media, industry associations and Government should play a part in spreading awareness.
I recently attended a seminar organized by a media house titled, ‘The CISO Summit’, and this was the fifth edition of the seminar series. The reason why this seminar stands out is that it was exclusively for CISOs and devoted only to the subject of security. The organizers had also instituted awards honoring CISOs who had done outstanding work in various areas. I was one of the jury members to decide on the awards and also got drawn as a panelist for one of the sessions.
The seminar was well-attended and had people drawn out from different cities. The event was well-organized. The two days of discussions proved very useful and there were quite a few takeaways for the participants. It was refreshing to see the subject of ‘security’ being given full coverage befitting its importance in today’s world of computing and connectivity. A few aspects of the seminar I thought were eye openers and they deserve a mention here.
There was good participation comprising mainly information security heads from various organizations. This was the fifth event in the series and I remember attending the first one five years ago. Most of the participants then were CIOs and therefore the change in the composition of the people over the years clearly indicates that Chief Information Security Officers (CISOs) have assumed a certain level of importance in their organizations and that information security as a function is receiving the desired attention.
The survey findings
The organizers presented the findings of a survey they had conducted on various aspects of security in organizations across industry segments and companies of various sizes. An important aspect of the survey was that the responses were taken not only from CISOs but also from business heads and CEOs which gave a wider view of the subject. When compared with previous years the results showed improvement in CISOs levels, in their interaction with the Board and C levels, in the strategic alignment with business, in the scope, and in the number of people directly reporting to the CEO or COO. Responses from CEOs and CXOs also indicated an improvement in their perception and their willingness to directly participate in defining good security standards.
The seminar covered a wide variety of topics and it was heartening to see that the subject had enough breadth to fill in for two days content. The sessions carried presentations and discussions on the new age threats, about third party risk management, on private public partnership in Cyber Security, on data privacy in enterprises, on Governance, Risk and Compliance and about the Cyber Laws in India etc. Speakers and panelists were drawn from companies (CISOs), experts, vendor representatives, heads of Industry bodies like CERT and a lawyer specializing in Cyber Laws. We also heard of government initiatives in dealing with cyber crimes and about increasing public-private partnership on various projects. The discussions were rich and may have enhanced the knowledge levels of the participants. In short the subject of information security was very comprehensively dealt with, laying emphasis on the fact that this discipline has matured in India and deserved a pride of place not only in organizations but on the national scene as well.
Emphasis on strategic fit
Deliberations in the seminars and a reading of the projects submitted for the awards were a clear pointer to the fact that information security is today considered an integral part of Corporate Governance. I found that the security measures in many of the organizations were taken up as projects which had the blessings of the management. They were in line with the organizations’ overall plans and therefore strategically aligned.
While the event had good participation, they covered only a sample of organizations in India, yet the lessons drawn are significant. Information security is being considered important in this age of all pervasive connectivity and the consequent threats posed by many a hacker, other rogue elements on the net and from bad elements within. Rather than being considered a mere IT measure, it is now part of risk management and governance and CISOs are measuring up to the task.
We often complain of overwork and lament lack of adequate support from within our department. Non-availability of the right people is the usual refrain and we wish we could get good people who would start delivering from day one. Day dreaming, isn’t it? But how often do we look around, spot good people, develop them and encourage them to get better? Perhaps, we are so lost in ourselves that we forget to notice talent around us.
It is therefore prudent to make use of the talent already available with us before looking outside for a Spiderman or Superman to come and save us. Let us look at ways to give shape to this thought.
We often have very capable people in our department but we fail to notice them. It is therefore important to review each one’s performance and identify those who are good but dissatisfied with their roles. If we find someone performing below his potential, it is important to find ways to tap his talent.
Putting them in the right slot
Once identified, these talented people should be assigned proper roles and not let them to languish. I have often seen brilliant staff weighed down by the tyranny of incompetent managers and supervisors. They have to be freed from such situations and positioned in such a way that their strengths are utilized. Putting round pegs in square holes is an old adage but true situations when you find people in wrong roles. For example when I transferred a poor performing software developer to a system administration role, I did so sensing his temperament – he was an action oriented person who was adept in quick analysis and resolving issues. He blossomed in this new role and rose to the position of senior manager in a few years.
Acknowledging / rewarding
We have to watch ourselves and examine if we are miserly in acknowledging people who do good work. A simple pat on the back or a word of praise goes a long way in exhorting people to do better, for otherwise work for them is drab and monotonous. Rewarding select people for good work is a good practice and it not only encourages people to do better it also goes as a message to non-performers to rise up and get better. In two of the companies that I worked for, they had a practice of giving a cash award to outstanding performers based on the recommendation of the functional head or a spot reward for someone who saved a difficult situation.
Good people are often laid to waste if not developed properly. So it is important to identify the staff development needs and sent them on training and development as per their needs. The training should be targeted; meant to address their specific technical or behavioral needs so that they get back and perform better in their respective areas.
Delegation & empowerment
Even if talented individuals have been given the right roles and have been developed, they still may not perform to their true potential. To develop them further it is important to test them with higher responsibilities from time to time. Delegating tasks so that he assumes total responsibility for a certain area or a project would test his abilities, and if successful he/she will rise in his own esteem. Empowering them so that they take their own decisions without referring to us (though with our supervision) will give them more opportunities to build on their talents to rise higher in the organization.
Fast track for high performers
Some companies do have the policy of providing an accelerated path for outstanding performers and those with high potential. Many known personalities in the industrial world are living examples.
If chosen staff in our department start taking up responsibilities and free us from daily hassles, wont we have time to apply ourselves to meeting the organization goals and to play a proactive role our companies. We can then relax a little and free our mind from needless complaining.
We all complain about lack of resources when executing our plans. Manpower availability is always an issue and we wish we had the right manpower to complete our assignments on time or to take up new initiatives. During good times our people leave looking for greener pastures and at the same time recruiting new staff becomes so much more difficult.
The responsibility falls on CIOs and it depends on the way they manage their staffing. They sometimes are unable to deal with this issue adequately, either in the distribution of responsibilities or in deploying the right people on tasks or in their inability to get approval for additional manpower. Let me discuss a few steps that a CIO can take.
Organization structure: The CIO should define a proper organizational (org) structure for his department in keeping with the IT strategy and plans that he may have formulated. The org structure should be in line with organization’s strategy and business priorities and should be formalized and approved by the management. CIOs quite often prefer to stay put with the existing staff and work structure to maintain a status quo but this is what lands them in trouble. The new structure could be very different from what exists today and that would be the organization’s need. It would be inappropriate to start cutting, sieving and filling positions in haste as this could disturb the current work arrangement. The new structure is a statement of intent and a direction which CIOs should aim to move towards, repairing the structure over time so that they get to the final objective in a reasonable time.
Identifying right people in right positions: Even if they define a structure, it may still be a challenge to have the right people in the right roles. I am reminded of my experience when I shifted one of my colleagues from the development team to infrastructure management group despite his protests. This person later blossomed into a valuable asset as he was an action oriented person and a hands-on individual who would roll up his sleeves to set right any problem and he thought of new ways of strengthening the infrastructure. He would just have languished if he had stayed in his earlier position. Similar was the case when I moved a person from portal and content management work to regular SQL programming. In short, when a person gets a role that suits his temperament, he shows excellence.
Dealing with the wrong people: We sometimes find wrong people in our setup. These may either be people who are unqualified, or those who simply do not have the capability or those with wrong attitudes. I am reminded of the advice of Jim Collins in his book ‘How the mighty fall’ when he says that when on a journey, don’t carry the wrong people on the bus – they should be off-loaded. He further says, ‘Having wrong people in positions brings in bureaucracy and decline’. Taking a cue from this, I would say that CIOs should either relocate them or give them an honorable exit in the larger interest of the group.
Training and development: Some of the staff members who are not up to mark can be made useful through targeted training or developmental workshops and courses. It is best to make best use of the existing resources rather than looking for new ones.
Recruitment: When the necessary expertise is not available within, it is best to recruit new talent from outside. The recruitment process should be handled with due seriousness by laying down job description, the desired profile of the candidate and his reporting relationship. Candidate should be chosen after careful assessment of his technical skills, behavioral traits and his cultural suitability. A new person should be inducted for the long run.
Right staffing is therefore of utmost importance for the function to carry forward its program with confidence and to build capability to make an impact in the organization.
IT departments in most organizations try to do its best to help organizations achieve their goals. Some of the IT departments are effective and some are not. Those who pursue their work with a purpose go farther than those who meander their way reacting to the situations as they arise. Those with purpose usually have a clear road map which is understood by most in the department as also by the users they serve. Let us understand how they achieve a clarity of purpose.
Good IT setups strive to define a mission for themselves and set out to achieve what they lay down as goals. This is a serious exercise and just not about writing an attractive statement and hanging it on the wall. They try to engage in serious discussion about what they are, how they are perceived by others, and what they want to become. I have found two types of such engagements in organizations. Some do this exercise because they are required to do so as per their company’s mandate and others do this of their own volition. I have been in both situations and I can state with confidence that the former case does not work; but when people carry out the study because they want to, they achieve excellence.
Such exercise requires considerable patience, understanding, ability for accepting criticism, knowledge of business, foresight and willingness to change. This is a process of enquiry and of redefining purpose and therefore needs participation and debate. Engaging an external consultant to do this work will be foolhardy because they cannot infuse enthusiasm and dedication in the group. However, to cover lack of internal expertise one can have a person as a guide or facilitator who can show them the way and ensure the group does not go astray. The group will have to debate and discover their strengths and opportunities and rededicate themselves to the task. Let us consider some ways to go over this exercise.
There are a few questions that we need to raise and answer. I am sharing these on the basis of my experience of going through this journey.
Who are we? This, is my opinion is the starting point where we try to understand ourselves and of our strengths and weaknesses. There is no harm in being self-critical so long as it is with the intention of improving ourselves. This opens up our minds to adding necessary expertise whenever the need arises.
Why do we exist? This is an important question to answer. We usually take our positions for granted and assume that we are essential part of the organization. My colleagues were taken aback when I asked them what if the management were to decide on outsourcing IT instead of retaining an in-house IT department. There were immediate protests but they had to be cooled down and asked to think and reply why their existence was important. We then went about addressing the question ‘who needs us’?
What are the needs of the organization or the expectations? This is where the needs of ‘the business’ come into play. The CIO has to understand and articulate to the team, the main direction of the organization’s business and its defined goals and priorities. The CIO also has to talk and interview various business heads to understand their issues and expectations. IT then has to align itself to business and chart out its path for playing the role of value addition. If the entire staff is aligned, they will ensure every step taken is in the right direction.
Do we fit the bill? Once this is understood, the group will have to assess their capability in delivering value and wherever there are gaps, they would need to endeavor to fill in with required resources.
Agree to walk along together: This is an important message here saying we agree to walk hand-in-hand or agree to perish together. This speaks of a shared mission on which everyone will contribute.
Having gone through these steps, the task of defining a mission statement for the group turned out to be easy summarization of the most significant ideals drawn up by us. The advantage was that the mission statement represented a value shared by all, and the group commitment went beyond the written statement.
We talk of pesky calls and the ways to exercise control over them. But there is another type of unwarranted call the CIOs often face: the unsolicited contact by overzealous target-driven salesmen. It is not uncommon to receive phone calls from salesmen either through the operator in the office or direct calls to our handsets, sometimes at very inconvenient moments, when we are in a meeting or busy otherwise.
I do empathize with their plight and try not to be harsh with them. Poor guys, they take it easy till they near the quarter-end or the year-end. Realizing that they still have a large ground to cover, they come under pressure and desperately try to pick an order or two from customers like us. People who call may either be vendors who have ongoing business with us or others, aspiring to build new relationships. While we can avoid or ignore a few calls, we are generally obliged to pick up a few.
Let me describe types of calls that I encounter:
Cold calls: These generally are from new vendors who pick up your contact number and call up without a reference. They insist on a short meeting pleading their case and promising path breaking solutions. A few smart ones manage to slip into the organization in the pretext of meeting someone and suddenly appear in front of your desk seeking a minute to introduce themselves. Their desperation surely kills our peace and quiet.
Follow-up calls from the current vendors: Vendors currently engaged with us use their privileged position to fix up review meetings or to make courtesy calls. The intention however is to persuade us to expand our footprint, use new features or to use further services.
Friends & acquaintances who seek a meeting: Some of these are our friends who would have dealt with us in the past or who would have met us in a seminar and exchanged cards with us. Then there are others who are referred to by one of our friends and they use that channel to seek an audience. It is difficult to say ‘No’ and we are obliged to meet.
Vendors engaged in ongoing talks: They are the vendors with whom talks are on and the assignment could either be at the feasibility, exploratory, or evaluation stage or even at the negotiation phase. However, being under pressure to meet their targets, they press on asking us to close the deal immediately so that they can add those numbers to their tally. Refusing to give up easily, they come back to lure us in the form of special discounts and freebees to close the deal. We have to endure and pass this test of patience.
How to manage these situations
New parties or non-significant salespersons can easily be given a go-by but we may not be able to cold-shoulder many others for a variety of reasons. It may be necessary to grant audience to a few in the interest of maintaining relationship or to understand if there is anything worthwhile for us to consider. The CIO can himself meet a few who he considers important but pass on the others to his managers.
Delegating this responsibility to some of your senior officers is a good way to spread the extra load of answering sales calls. This has three advantages. One it gives your manager a sense of importance as he acts as the company’s representative and gets vendors’ attention. Second he develops wonderful experience of dealing with vendors and also gets updated with the latest technology introductions. Thirdly, vendors are happy for having got a hearing.
The term IT Strategy is a commonly spoken of and the subject is often discussed in various seminars and talks. Being of so common a usage, it is assumed that all CIOs know about it and that it is practiced in most organizations.
In my interactions with CIOs in the last few years, I found that ‘strategic planning for IT’ is a practice which is a much less prevalent than what it should be. CIOs apparently have well-run programs in their companies; but on further enquiry, it transpires that many of them do not have their plans laid down on paper and nor do they have those shared with their managements.
If a plan is not clearly spelt out, it will remain unauthentic and not understood by others. In fact, people may even suspect whether such a plan exists. It is therefore important for any strategic plan to be laid down and articulated so that main stakeholders understand and are able to contribute to its fine tuning and its subsequent implementation.
IT plan Vs. IT strategy
Though IT strategy is a very familiar term it is still not understood clearly by many. Many tend to confuse it with the IT plan and hence claim to be on track. There is no disputing the fact that they have good IT plans and some may be running their programs efficiently, but they still do not carry the strategic element in it. In fact, many of the IT plans are really budgeting exercises for the year which list out the investments / expenses and the projects planned. CIOs therefore live from year to year and plan their activities based on user demand and technology additions / upgrades that they chalk out. They lack a discernible direction.
Let me define the subject in simple terms. IT strategy is an IT plan which has a definite direction and purpose. What differentiates an IT strategy from an IT plan is the purpose it serves. IT strategy is not a standalone plan but one which is in sync with the organization’s plans. Therefore the first step for the CIO is to understand the business the company is in, the market that it operates in, the competitors, business challenges, company’s inherent strengths, strategic direction, business priorities, and targets set. Once he gets that straight, he can make plans for IT to address these business issues with the same set of priorities. Obviously, IT strategy will require inputs from business and the final plan drawn up has to be vetted out by various wings of the organization.
Is there a methodology?
Yes, there are many. Management and IT consultants do help organizations and have developed their own sets of methods and practices. However, the CIO himself can adhere to simple principles of needs-discovery if he has the required capability. He has to hold discussions with the CEO, business heads, and other stakeholders besides visiting various company locations, the markets and even meeting business partners to understand the business imperatives and possible solutions. Once having compiled his findings, he could discuss it with technology-partners and seek solutions. He has to be receptive and be in a learning mode.
In case the CIO feels he does not have the requisite skills, he should muster courage to admit his inability to carry out the exercise himself. He should in such cases seek external assistance for help in making a comprehensive plan. It is better to have a good plan even though with external help rather than dishing out a poor plan claiming solo effort.
What holds him back?
Some CIOs fight shy of asking about strategy, feeling that they may get exposed for ignorance. They are sometimes at crossroads not knowing whether to seek consulting help (a lingering fear that they may get an adverse reaction of management) or do it in-house so that they could impress the management and claim saving money for the organization. Unfortunately, none of these tricks work in the long run, it is best to deal with these matters head-on and take hard decisions for the good of the organization.