Lately, I’ve been contemplating the questions CIOs should ask as they formulate or revisit their IT outsourcing strategy. The analysts at McKinsey & Co. must be reading my mind (or perhaps I’m reading theirs?), because their blog this week includes a post about how organizations can make IT outsourcing strategy decisions based on business requirements. This is pertinent even to those organizations already outsourcing IT functions, as business needs can change, particularly in this economic climate.
According to McKinsey, the four questions to ask when considering or revisiting an IT outsourcing strategy are:
1. From which areas is the business looking to derive value from IT enablement?
2. What capabilities are required to deliver that value?
3. What are the expectations for IT in creating those capabilities?
4. In meeting those expectations, how can resources be procured in a way that meets our cost, timing and skills requirements?
I’d add a few more questions to that list, since we’ve found that organizations are seeking to outsource functions that will allow them to globalize, operate more efficiently and, of course, save money:
1. Will the cost savings provided by IT outsourcing cover the risks and management overhead of doing so?
2. Are we interested in consolidating or broadening the number of vendors with whom we outsource?
3. How will we measure success in IT outsourcing? What are the baseline results against which we’ll measure our IT outsourcing activities to determine whether we are saving money, increasing customer satisfaction, globalizing the business or whatever business goal we hope to reach?
I’m planning to attend Forrester Inc.’s Services & Sourcing Forum in Chicago next week, and will share more insights soon. Anybody else going? Look me up via email or Twitter — I’m @rlebeaux.
Good morning! Last week on SearchCIO.com, we surfed the Google Wave, examined the email retention policy (or lack thereof) that’s caused such consternation in Boston, explained how to complement your ITIL framework with other process methodologies, and presented some data recovery solutions for CIOs. Read the stories linked below and feel free to share your comments!
Google Wave: A sea change for business collaboration, communication? – Businesses are getting caught up in the Google Wave, contemplating how such mashup collaboration technologies stand to change the way they operate internally and do business.
Miscues abounded in Boston email retention policy, practices – Boston CIO Bill Oates talks about measures taken to tune an email retention policy after disconnects between user practice and system capability set off a political firestorm the week before the city’s mayoral primary. (Also see our initial story on the email scandal.)
Complementing your ITIL framework with other process methodologies — ITIL can be more effective when used with other process methodologies, like Six Sigma, PPM and ISO 20000. In this story, learn how to leverage mixed process methodologies and increase efficiencies in your company.
Data recovery solutions must address a range of concerns – In this piece, our expert describes how to do a reality check to ensure that your disaster recovery strategy and data recovery solution pay off in the long run.
SIM’s annual survey is out, and perennial CIO issues — IT security and business continuity/disaster recovery — have plummeted on the lists of both CIO management and technology priorities. What’s going on? I asked Jerry Luftman, executive director of graduate information systems and programs at Stevens Institute of Technology and SIM vice president for academic affairs, emeritus.
“This is a special year, given the economic conundrum,” Luftman said. “If you take a look at the top CIO management concerns, the first two are business productivity and cost reduction and the second is pervasive business IT alignment.”
During typical economic doldrums, IT cost reduction has topped the list of CIO management concerns. This year it is No. 5 — evidence, says Luftman, that CIOs are spending more time working with the business on leveraging IT to cut overall costs than on slashing IT budgets.
Is it possible that IT is no longer viewed as the profligate offspring of the corporate family but — gasp! — fiscally shrewd? A cost fixer? Certainly, CIOs feel compelled to step in, according to the SIM survey.
If CIOs are not concerned about cutting IT costs (already down to the bone, many CIOs have been telling us), they are also not blowing any dough on IT hardware and software.
As for security — scary as it is — CIOs have clearly put it on the backburner of CIO management and technology concerns. Antivirus protection, the No. 1 technology investment in 2008, has dropped off the list.
“When you look at IT budget allocation, the thing that has taken the biggest hit is IT infrastructure stuff, the hardware and software, and security is right there,” Luftman says.
Moreover, security, the only technology to make last year’s list of top CIO management concerns, is no longer on the headache list. Disaster recovery and continuity planning, the No. 3 technology investment in 2008, fell to No. 6.
Seems it’s not prudent to try to sell insurance for something bad that might happen when the business is struggling to survive what is happening — a very real economic disaster.
Emotional fatigue, or SOP
The question, says Luftman, is if the decline of security and antivirus protection as a top priority represents a “continuous change.” “Will it come back again when the economy turns around and we need to refocus our interest on infrastructure stuff?”
And his view? “Security was hot last year. Over time, as we either help address it or we emotionally feel that we have done as much as we can do, it will go away from the top list. The question is, how much time will it take to drop off the radar, or become accepted as standard operating procedure, is hard to tell.”
We’ll be delving into the results over the coming days for more insights. Meantime, here are the 2009 rankings:
2009 IT Management Concerns
- Business productivity and cost reduction
- IT and business alignment
- Business agility and speed to market
- Business process re-engineering
- IT cost reduction
- IT reliability and efficiency
- IT strategic planning
- Revenue-generating IT innovations
- Security and privacy
- CIO leadership role
Top Six Applications and Technology Investments
On the following list, priority No. 4 jumped out at us as a newbie on the list. Customer corporate portals give customers direct access to the information they seek without going through an intermediary. Luftman explains the reason behind the jump: “These are things that can help improve business productivity and reduce costs, the No.1 CIO management concern.”
- Business intelligence
- Server virtualization
- ERP systems
- Customer corporate portals
- Enterprise application integration
- Continuity planning/disaster recovery
Running large data centers is expensive and getting worse. No one knows that more than Google and Yahoo. At a panel on green data centers at MIT’s Emerging Technologies Conference this week, Yahoo’s senior director of data center engineering and operations, Scott Noteboom, described how Yahoo has grown its server plant by 12 times since 2005. Google’s head of data center research and development, Chris Malone, explained that Google has had to come up with its own server designs to accommodate the ultra-high densities of their data centers. Both have a maniacal focus on improving data center energy efficiency.
Yet both firms are doing things that ordinary enterprises can learn from:
1. Reconsider your business continuity plan. Yahoo is eliminating UPSes and backup generators. Instead, they are architecting each data center as a backup to the others. That eliminates UPSes as a significant power loss. They’ve had to install software that restarts servers in a controlled fashion after power resumes, however. Google took a different tack: eliminating larger UPSes in favor of small battery backups on each server motherboard. Either way, both data center approaches yield significantly greater energy efficiency.
2. Consider the weather when you site a data center. Yahoo is no longer building raised-floor data centers. By locating in more moderate climes, they’re able to utilize prebuilt warehouse-type buildings that use extensive ground-level air intake of cooler ambient air and roof-level exhaust of hot air.
3. Raise the temperature and humidity. Modern servers can run warmer and moister than you might think. A lot of conventional wisdom about server environments stems from the mainframe days, when you didn’t want punch cards wilting.
4. The big win in facilities power reduction in the data center is in cooling. Malone points out that typical chiller systems are only 60% efficient; Google has gotten to 90% by switching to evaporative cooling. Focusing on electrical transmission issues is good but yields much less improvement.
Google and Yahoo make extensive use of virtualization to improve capacity utilization and reduce the overall load. Noteboom and Malone stressed that senior IT managers need to make these issues part of the discussion with system architects, project managers and developers. All too often, those folks start from the premise of buying a certain kind of server for a certain kind of app, rather than asking how existing capacity could be deployed to meet that need.
And the result of all those efforts at Google and Yahoo? Dramatic improvements in power efficiency. The typical metric for this is power utilization efficiency, which means the ratio of total power consumed by the data center to total power consumed by just the servers themselves. Most contemporary data centers are in the 2.0-2.5 range – for every watt of power that a server uses to compute, they burn more than a watt in transmission loss, battery loss and cooling. Google is at 1.19 and Yahoo is targeting 1.03 in its next-gen data centers. In other words, if you’re typical, you’re spending twice what they are on power per server.
Good afternoon! This past week, SearchCIO.com looked at the importance of service portfolio management and culture management as part of ITSM and ITIL implementations. We also took a look at an email scandal that’s threatening to rock Boston’s mayoral race and serves to remind CIOs of the importance of an email retention policy or archiving system. Check out the stories linked below!
Service portfolio management: Helping IT get back to business — More mature IT shops are adopting ITIL v3’s service portfolio management approach to better manage the service lifecycle and provide business-centric services to the organization.
Culture management critical to ITSM and ITIL implementation — The goal of any IT Service Management program is not purchasing the tool or implementing the processes. Instead, it’s about creating an organizational culture that will positively embrace these new best practices.
For CIOs, email deletion scandal shows need for email retention policy — The email deletion scandal brewing in Boston is fair warning to CIOs to get their email policies in order.
A dinner this week on women in IT focused on midlevel women in technology and their challenges in getting ahead, given their frequently high family responsibilities and their own perceptions (realities?) of what advancing really demands. The program, featuring Telle Whitney, president and CEO of the Anita Borg Institute for Women and Technology and sponsored by CA, featured research on 1,795 women who work for technology companies in Silicon Valley, but sounded out themes that would resonate with any woman in IT regarding workplace realities and work/life balance.
The institute’s mission is “changing the world for women in technology one woman at a time.” You might also say that overcoming this gender gap means improving IT, corporate America and entrepreneurship one person at a time, since allowing success breeds more of it. Here are some of the ways we can all make that happen:
Be a mentor. Women need mentors, and often those mentors are men, who are three times more likely to be in a leadership position, according to Whitney. A story we did on high-powered women in IT also showed that nearly all of them had male mentors at some time in their career. No mentoring program at your organization? Start one. It needn’t (and shouldn’t) be gender-specific; the point is to get senior people involved in mentoring promising midcareer professionals.
Advocate for a family-friendly company culture. Some companies allow job shares or a split workday so parents can be home when school’s out or there are soccer games. My company, for instance, is very big on flextime, and we have a very generous maternity leave (12 paid weeks of time off). You can bet I work with a lot of smart folks who are also young parents.
Encourage our daughters, nieces and granddaughters to consider the sciences. Just one in four college or graduate science students today is a woman.
Then once they pursue the studies, help them get the skills they need for the workplace. One attendee suggested giving them the book Women Don’t Ask. And in that vein, let’s all tell someone today what we need to succeed, or reach out to a younger colleague with an offer of support. We can make change happen too, one person at a time.
I just returned from an amazing week in Costa Rica and have the tan (really, the sunburn) to prove it. Maybe surfing at the sunniest time of day wasn’t the smartest move? Anyway, I’m re-discovering how difficult it is to get back into the swing of things at work post-vacation, so this lineup of our latest work is as much for my benefit as it is for yours!
Over the past two weeks, SearchCIO.com has examined ITIL project leadership, swine flu preparedness, business continuity, IT disaster recovery outsourcing, IT strategies in a bad economy and more. Please check out the pieces linked below and let us know what you think!
Effective ITIL project leadership: Plan-Do-Check-Act – Successful ITIL project leaders are using the Plan-Do-Check-Act cycle to ensure their teams stay motivated, follow the same processes and contribute innovative ideas.
Uniting ITSM, PPM process methodologies yields IT management benefits – ITSM and PPM are typically separate disciplines, but integrating them can increase visibility, help with budgeting and more. Learn more about this dynamic duo.
Tips for business continuity and contingency planning for swine flu – IT business continuity plans for swine flu outbreaks focus on people and remote access issues. Here are experts’ tips on what to include.
IT disaster recovery outsourcing: A planning guide for enterprise CIOs – Planning for IT disaster recovery outsourcing requires CIOs to assess their DR needs, make the case for funding and select technologies. Learn more in our latest CIO briefing.
Talking swine flu and Conficker with the CIO of the CDC – In this Q&A, the CIO at the Centers for Disease Control and Prevention (CDC) discusses how preparations for H1N1 and other human viruses compare with the computer variety and more.
Tips from the CDC’s CIO on H1N1 flu preparedness – Get a CIO checklist for H1N1.
CIO advice: IT strategies in a bad economy – CIOs should consider re-evaluating their IT strategies in this economy. Get advice on addressing ROI, innovating and achieving project success in this podcast.
Swine flu preparedness: Business continuity during an H1N1 outbreak – Swine flu preparedness will top enterprise CIO agendas this fall as offices create business continuity plans in case of widespread absenteeism. Learn more in this H1N1 flu guide.
Health care security, HIPAA compliance on deck for CIOs in Obama era – HIPAA enforcement has long been lax, but that’s changing with stiffer HIPAA security and privacy rules and incentives to move to electronic health records.
Some companies are developing their own business process methodologies — such as GE WorkOut and fast track decision making (FTD) — to cost-effectively streamline processes and address the rapid changes in the market. But why? Aren’t the proven Six Sigmas, Lean and other business process methodologies of the world doing the job?
IBM’s 2009 Global CIO Study, released this week, revealed that more than half of the 25,000 CIOs surveyed said they plan to implement low-cost business processes this coming year. I started to wonder which low-cost business processes they were talking about and why they were suddenly on the rise. I did some research and came across two business process methodologies that could be considered “low-cost” — the GE Workout business process and fast track decision making.
The GE WorkOut business process isn’t new. GE developed it in the late 1980s as a way to help its own organizations and others become more lean, efficient and responsive to changes in the market. The GE WorkOut process works by bringing together a cross-functional team to solve a business challenge in 90 days. Taking on an issue identified by senior leadership, the team creates a plan with actionable items that must be implemented within the 90 days.
Companies using the GE WorkOut process — including L.L. Bean, Frito-Lay, IBM and Metropolitan Life Insurance — are doing so to streamline and simplify processes, eliminate non-value-added work and speed up the decision making process, according to C.A. Schifman and Co., a training and consulting firm. The process also allows companies to break down silos and improve employee morale.
The fast track decision making approach, meanwhile, is a rapid problem-solving method developed by the North Shore-LIJ Health System in 2002. The organization developed the process to deal with change and allow the right people to make decisions based on their areas of expertise. The LIJ was continuously struggling with change issues from corporate initiatives such as merging 18 individual hospitals into one health care system. The FTD process works by allowing teams of people closest to the process in need of improvement to develop and implement appropriate solutions. The process includes team involvement and in-meeting decision authority.
These two methodologies sound a little like “light” Six Sigma and Lean to me. They allow companies to build their own process methodologies at a low cost and customize them to their own business culture. So if you’re looking to use a low-cost framework and find Lean and Six Sigma intimidating or expensive, these two might work better for you.
While talking to an IT director about Google’s Gmail outage yesterday, I realized that it wasn’t so much the outage itself that bothered him (his organization does not use Gmail), but the sense of not being in control of a cloud computing environment.
Billy Rials, IT director for Rankin County in Mississippi, wants his throat to be the only one that public officials come after when something goes wrong.
He’s responsible for the IT that runs seven cities and knows his data center environments inside and out. He said the environment is no utopia, but he believes they are getting closer every day by adding more and more virtualization technologies for servers and desktops.
“What do I say when an official calls me and ask what’s wrong: ‘I don’t know, something is going on with the cloud provider’?” he said. “It should be my responsibility, and bringing someone in from the outside … I have no control or the authority that I think I should have.”
Then there’s the fear factor of other people you don’t know having access to the infrastructure that runs your stuff. At least in your own data center you know that Joe was the last one to work on server X, so if something goes wrong you ask Joe.
There’s a sense that your environment gets lost in the cloud. At shows I’ve heard people asking how they can find their data, servers, you name it, in a cloud computing environment.
These are people who are trying to keep track of virtual machines in their own environment. The thought of the complexities added by trying to track down what’s going on with an application on a virtual machine in someone else’s environment is a road they don’t want to go down.
There are those fully embracing cloud computing, of course. They consider it to be no different from the risks they faced with outsourcing or colocation. The ROI or cost savings is worth the risk of an occasional outage, and even giving up a little control. And after all, how often do your email servers go down within your own four walls?
Let us know what you think — email me at email@example.com.
Good morning! SearchCIO.com delved deep into IT disaster recovery this past week, looking into strategies for making the case for the value of disaster recovery, how technologies are changing IT disaster recovery outsourcing and how the recession is squeezing IT disaster recovery budgets. We also included part 2 of our look at IT outsourcing around the globe, focusing this time on the pros and cons of IT outsourcing in Latin and South America. Please review the stories below and let us know what you think!
Seven tips to make the value case for disaster recovery – How do you make the case in your company to invest in disaster recovery? Here are seven tips from leading providers that tell you how.
Technology is changing IT disaster recovery outsourcing – New technologies such as virtualization, disk backup and cloud are radically changing IT disaster recovery services.
Recession squeezing IT disaster recovery budgets – The recession is forcing CIOs to focus on risk assessments, processes and business resiliency to trim IT disaster recovery services. The result, say providers, is better decisions.
IT outsourcing pros and cons for Latin, South America – IT outsourcing pros and cons for Latin and South America range from time zone alignment and geographic proximity to a lack of vendors and language barriers. Learn more in this story (and also check out our story on the pros and cons of IT outsourcing in Asia).