In today’s IT world, it’s no longer enough to have the best, latest or
greatest piece of gear or software in your data center; there has to be a
solid business reason for doing what you do and the decisions you make.
In other words, the “value” of your choices have to be demonstrable and
quantifiable.
So, does that mean upgrading technology for the sake of technology is dead?
Well, pretty much. Although IT budgets of late have become less restrictive,
business leaders are looking for more from IT than just faster servers and
more network bandwidth. They are looking for projects that will provide the
overall business with some sort of advantage.
“What we have to do is show the vision — what is the strategy?” said Mark
Egan, CIO of security products vendor Symantec. “And then what are some
incremental steps towards that? Because I think we would be hard-pressed to
show a grand vision and (say) ‘Give me a pile of money’. It just isn’t going
to fly anymore.”
Defining Value
But value can be hard to define and quantify. If your company has a set of
long-term goals, then you can use these as your roadmap for decision making.
You can compare the myriad project requests that come across your desk
against the business goals of the company and see where things shake out.
Combined with a traditional cost/benefit analysis where ROI and TCO are
factored into your “go/no-go” thinking, then you stand a good chance of
coming up with an answer your boss can live with and one you can articulate
based on the numbers, said Bill Vass, CIO of Sun Microsystems.
“First of all, you have to drive with metrics so you know where you are and
where you are going,” he said. “And then, after you have the metrics in
place, you have to understand what is the ‘value’ from a metrics perspective
as far as future metrics go; ROI and TCO. And then you have to make a value
call, like security is a good value judgment.”
But security is also a good example of where defining value can an elusive
target. Everyone knows network security is something that all companies
should have in place. But how do you place a “value” on security?
If you go just by the numbers, its ROI and TCO, then the cost/benefit
analysis will probably come up short.
But, by looking at the big picture, the “value” of IT security initiatives
is easy to articulate, said Vass.
“So what’s the value of not being a CNN event?” said Vass. “Obviously, you
have to sit back as a CIO and say ‘Listen I don’t want to be on CNN and
saying how stupid (we) didn’t have an intrusion detection system’, right? I
don’t care how much it costs — that’s a value to the company to put it in
place.”
The same goes for things such as compliance initiatives. From an ROI and TCO
perspective, these efforts are a losing proposition from the start; until
you factor in the penalties for non-compliance. Then, all of a sudden,
things like your company’s stock price are showing up in your cost/benefit
analysis (not to mention keeping your job).
Or, put a little more succinctly: “I don’t go to jail and neither does my
CEO,” said Vass. And that’s definitely a value call the head of IT probably
did not have to make until fairly recently.
To make this value call is fairly straightforward, but other things like
business benefit may be a little more elusive, said Dave Simon, CIO of the
Sierra Club and a former Anderson Consulting (now Accenture) business
consultant.
A Holistic View
Simon is often shocked by conversations with peers whose sole purpose is
“keeping the lights on” in their organizations. For Simon, deciding on which
projects to go forward with and which ones to kill comes down to figuring
out the whether the project will forward the organization’s overall goals.
“You really need to think ‘What are the business ramifications, the
organizational ramifications?’ of any project,” he said. “How’s it going to
fit into your overall strategy? If I’m going to do something that’s not in
sync with our overall strategy, it kills me, but there’s got to be a very
good reason to do so.”
You can’t just think about the number of hours it will take to implement a
project or its ROI/TCO. You have to take into account the benefit even a
failed project (so long as it is just a small failure, that is) may bring to
the organization as a whole.
This was the case for Simon in the last election cycle where some folks in
Sierra’s Washington office went ahead with one part of a larger IT
initiative to coordinate the club’s grassroots and Washington-based lobbying
efforts.
Because the Washington folks were less than successful at their efforts,
which were done without input from Simon’s office, he found some glaring
holes in the way the organization went about managing projects.
From these lessons, IT and the organization as whole have learned how they
can improve their efforts in the future. This has value, according to Simon,
and was well worth the lost effort trying to do things the old way.
“The beauty is the organization learned, the field offices, the people in
the trenches learned, ‘Oh, we can’t do it this way next time, we really have
to do it differently,'” he said. “So now there’s this great willingness to
cooperate with more coordination, more fully thought-out approaches. So it
actually turned out quite well, frankly.”
For Ann Sein, a practice leader at Deloitte Consulting, the idea of value is
all about working as effectively as possible with your available resources
and being able to quantify the results those efforts bring to the company.
“Am I delivering short-term financial performance; freeing up working
capital; reducing inventory; delivering increased revenue; improved
margin? … whatever it is,” she said. “Am I delivering longer-term financials
for the business? And am I delivering this at an acceptable level of risk?
So when you look at the 1,000 projects, you’ve got to start sorting through
that list and say what are those projects trying to do?”
And that may be the most important and hardest value judgment of all: What
am I trying to do? If you can answer this question, then value already is
part of your decision-making process. If not, then it may be time to step
back and take a look at how IT relates to the organization as a whole, what
role it plays and why.