Compliance
Every business is being put under significantly more regulatory compliance. And the regulators have teeth with the ability to fine, halt operations or send senior executives to prison. This has focused minds, raised the stakes and released IT budgets.
Why IT?
The ability to comply with the plethora of regulatory standards requires sophisticated IT support. At the heart of all regulation is the management of information. The CIO is pivotal to achieving compliance — at an acceptable cost. And when it goes wrong, if an audit is failed, they are seen as partly to blame.
It’s said that “Compliance is easy.” All you have to do is write down what you want people to do, get them to do it and prove that they did it. See the problem?
To achieve compliance you need clearly documented processes which are presented in a way that end-users can understand, rather than BPMN, XPDL, BPEL, on an interface they want to use (Web, tablet or smartphone). It needs to be linked to supporting applications (SAP, Oracle, Salesforce, etc.), documents and policy statements must be held somewhere (Sharepoint , FileNet, Documentum, etc.), and there must be metrics (Excel and BI system, etc. interfaces). Finally, add collaboration and governance over all these artifacts and you have “auditable sustainable improvement.”
This user-centric business process management (BPM) is also being called SocialBPM. Some of our clients, such as Carphone Warehouse, call it How2 because that is what is means to their staff. Could you achieve this using Visio and PowerPoint with some Sharepoint thrown in? No. In exactly the same way that your finance department doesn’t do their accounts using Excel and some clever macros. They use an accounting package.
Fortune 500 companies around the world like Nestlé, HSBC, Chevron or Novartis see this approach is complementary to their core applications and critical to maintaining compliance at an acceptable cost. That is why this form of BPM is thriving in industries where compliance is critical such as pharma, banking, insurance, oil and gas.
But for the CIO compliance is far wider than just process management. It touches every information asset: customer data, process information, application configuration, user directory, social media and corporate websites. Much of it is outside the firewall in the cloud or on a person’s personal “device.”
So does CIO really stand for Career Is Over? Based on the backdrop of the 3Cs is seems that the role of the CIO today has a limited life. For those on a career path aiming towards CIO this is completely demoralizing, which can be summarized as, “You’ve been climbing the corporate ladder only to find it is leaning on the wrong wall.”
Thankfully, it is not as bleak as that. There are CIOs making a transition. They are embracing rather than fighting the 3Cs. Employees’ consumer orientated devices like iPads are more likely to be accepted and integrated into the network infrastructure. Cloud computing is being actively baked into IT strategies. And finally compliance is now considered a part of the business operations supported by IT, rather than delegated to the Quality or Risk team.
This shift will not be done tomorrow, but over the next two-to-five years. The smaller the organization the faster and more dramatic the transition. Yes, the role of the CIO, as manager of the IT department full of developers, service delivery and infrastructure will diminish. As per John Chamber’s recent comments at Gartner Symposium, the CIO will increasingly become a trusted advisor to the business. They will be architects of the IT capability. Managers of third party suppliers requiring commercial and procurement skills. Their role model and career path will be more like a partner at Accenture or PwC rather than through the ranks of IT. This has profound effects on who they see as role models, their career path and aspirations.
Like the addict looking for a way out, the first step of any transformation is admitting you have a problem.
Founder and CEO of Nimbus Partners. Ian Gotts is the author of six books including, Common Approach, Uncommon Results; Why Killer Products Don’t Sell; and two Thinking of … books on cloud computing. He is a prolific blogger with a rare ability to make the complex seem simple, which makes him a sought-after and entertaining conference speaker. His book, Thinking of … Offering a cloud Solution? Ask the Smart Questions, articulates the opportunities and the challenges ISVs face in their transition to the cloud.