The latest McKinsey Global Survey Results , ‘IT under pressure’, made for some very interesting reading. A number of themes are evident, but the area that really stood out to me is the continuing issue around the development and acquisition of talent. In reading the McKinsey survey I was reminded of a paper I read several years ago by academic Joe Peppard, in which he noted:
“… many of the CIOs interviewed experienced problems in hiring senior staff with the right skills, experience, and attitude for their own leadership team. The CIO of a global insurance company noted, ‘Its difficult to find people with the right mix of skills – the deep IT understanding combined with broad commercial acumen’.” (Peppard, 2010)
Having moved from a technology background into mainly business-focused roles I am more the familiar with this refrain, and find myself largely agreeing with it. However, one aspect of the talent issue, which I feel is missing in the general discourse, is our view of technology in organizations and more importantly our approach to the provision of technology services.
Risk Aversion and Process Adherence
If we look at the systems and processes that are in use in most large organizations today to manage their IT estate we see a major focus on very structured methodologies such as ITIL and ITSM, CoBIT etc.
The primary, and overriding, theme of all of these systems is that of risk aversion, the second being unwavering faith in a defined process. Now both risk aversion and process are good things in their own right, and indeed in for certain types of IT function they are not just necessary, the are essential – a subject I come back to later in this post.
However, this focus on micro level processes and being risk averse to the point of stagnation is an extremely tactical and low-level approach. It is not possible for people to develop an understanding of the strategic needs of a business if their main goal is, and their reward system is based around, metrics such as those defined in service level agreements around call handling speed, ticket closures and so on. I refer to this as “keep the lights on” IT.
There in lies the rub, on one level CIO’s and business leaders are looking for people with “deep IT understanding combined with broad commercial acumen”, on the other the very systems they are asking large sections of their teams to follow do not allow for the development of either strategic thinking or commercial acumen. The ability to take a strategic view and a calculated risk when change is required is stripped away from many key staff by the very processes that we put in place to support the business needs of the organization.
As an industry we then compound this tactical risk adverse approach to IT with outsourcing agreements that are built around very rigid service level agreements, again based on the same methodologies.
We now create a two-tier system of risk aversion. Those managing the relationship within a business are concerned with ensuring that the SLA is upheld and additional costs are contained. Those working in the company we outsource to are goaled with minimizing change in order to preserve and enhance profit margins.
I am reminded of a WSJ Café talk by Mike Bracken of gov.uk which I attended in late 2012. Among the topics he touched on was the procurement of technology services in the public sector and gave a strikingly simple example of what is wrong with large parts of the current outsourcing model.
A government body had signed a multi year outsourcing agreement in 2008 (if I recall correctly) for the delivery of various services, including the maintenance of a consumer facing website. The service level agreement included a clause to maintain the existing website, and the required functionality at the time of was in place.
In 2010 consumers started to use iPads, mobile phones continued to become more ubiquitous and we all became more accustomed to being able to access services on multiple devices.
As for this particular website? Well updating it would require a change to the contracts, which in turn would incur costs. The end result for consumers is that they see a public service that is slow to change to meet their new usage requirements.
The underlying issue here was the failure to realize that the system being outsourced would need to evolve, and to build that into to the contracts.
While I am not privy to the contract details, my sense here is that the tactical need, outsourcing the maintenance and support of the system, was met. However, no one appears to have been tasked with considering the future direction the system may need to take and understanding what risks, such as effectively locking down the system, the outsourcing agreement was creating. In a risk adverse culture or process such risks are not considered, as the underlying assumption is that of little to no change.
Offensive and Defensive IT Strategy
Now this is not to say that the methodologies such as ITIL mentioned above should be abandoned, far from it – in many cases they are absolutely what is needed. What needs to be reviewed is the rigid adherence to such methodologies in the context of the industry and initiative we are discussing. This industry context should also consider any requirements for staff development.
The table below (extracted from my dissertation thesis) summarizes and relates work from two academic papers, Nolan and McFarlan (2005) and Peppard, Edwards and Lambert (2011)
Nolan and McFarlan (if you have the time I highly recommend reading the HBR article) gave a very simple and effective breakdown of IT strategies in an organization, dividing them into defensive and offensive, and sub dividing into four modes. Peppard, Edwards and Lambert provide a very useful explanation of the different types of CIO’s in organizations.
|Nolan & McFarlan
||Peppard, Edwards & Lambert
||Nolan & McFarlan
||Peppard, Edwards & Lambert
Business needs IT to run; minimal strategic differentiation with IT possible
|Utility IT Director
Large strategic benefits seen from IT; Business needs IT to run; minimal strategic differentiation with IT possible
|Agility IT Director
IT supports business needs; business can run without IT systems if necessary
|Utility IT Director
IT provides opportunities for major improvements
In my own experience I have yet to encounter an IT estate, programme or initiative that cannot be classified in one of the modes defined by Nolan and McFarlan.
Anything that can be classed as defensive is almost guaranteed to be a perfect candidate for rigid processes and frameworks, easy outsourcing and strict service level agreements. These tend to be the areas where strategic thinking and high levels of commercial acumen from IT staff is not required.
As we move into the offensive areas there are obvious opportunities for both strategic thinking and commercial focus. Having key staff work in these areas, rather than in “keep the lights on” IT would undoubtedly allow them to develop both technical skills and the commercial acumen that is highlighted in the recent McKinsey report and the earlier work from Peppard.
A Potential Answer?
The division of IT initiatives into defensive and offensive, and the subsequent allocation of staff, not a solution to talent issues. However by identifying the broad areas their initiatives are falling into CIO’s have the opportunity to develop the business focused, strategic and analytical abilities of their key staff.
While far from a panacea, allocating key staff to offensive initiatives would be a simple step for CIO’s to take in addressing the skills gap. A small step, but a step nonetheless.
- McKinsey (2014) ‘IT under pressure: McKinsey Global Survey Results’, McKinsey Insights, [Online], available: http://www.mckinsey.com/Insights/Business_Technology/IT_under_pressure_McKinsey_Global_Survey_results [28 March 2014]
- Nolan, R. and McFarlan, F.W. (2005) ‘Information Technology and the Board of Directors‘, Harvard Business Review, October.
- Peppard, J. (2010) ‘Unlocking the Performance of the Chief Information Officer (CIO)‘, California Management Review, vol. 52, no. 4, pp. 73-94.
- Peppard, J., Edwards, C. and Lambert, R. (2011) ‘Clarifying the Ambiguous Role of the CIO‘, MIS Quarterly Executive, vol. 10, no. 1.