Gone are the days that IT was considered an operational backwater that could be delegated away by business leaders. Across many industries and successful enterprises, IT is at the forefront of identifying and enabling entry into new markets, responding to and even anticipating disruption of business models, providing a useful and enjoyable experience for customers, and, increasing the efficiency of internal processes. Successful business leaders, in various industries, have come to embrace the idea that their company is, at the core, a technology company that provides products and services. IT Platforms have become a vital source of competitive advantage.
In this era of increased opportunities and challenges, CIOs and other IT leaders have to excel at five aspects of their role: Vision, Strategy, Execution, Governance and Risk Management.
The vision for IT needs to be an articulation of bold, even audacious, aspirations for the IT platform and organization. It has to be an integral part of the vision for the business. It needs to explain how IT’s aspirations will enable the achievement of the ambitions of the company.
The bidirectional flow of ideas between business and IT, and rigorous discussion are essential for the success of these efforts. IT leaders need to have a strong understanding of the business, the marketplace and, customers. This understanding will enable them to be equal participants in discussions on the vision for the enterprise. IT leaders also need to have a firm grasp of emerging technologies (e.g., AI, Blockchain, and Quantum Computing) and disruptive innovation (e.g., Online Talent Marketplaces and Robo Advisors) occurring in their industry and adjacent industries. They need to encourage and enable active participation of business counterparts in the development of the vision for IT.
The strategy should outline the approach to realizing the vision. Strategy formulation for IT typically starts with making directional choices on:
Capability acquisition: build (in-house application development), buy and integrate (3rd party software products) or, rent (SaaS, PaaS).
- Infrastructure: own servers and data centers or leverage cloud platforms.
- Sourcing talent: hire employees, use traditional outsourcing, leverage online talent marketplaces (e.g., Kaggle, TopCoder, and UpWork), or acquire startups for their technology teams.
- Attracting talent: building university relationships through sponsorship of research and hackathons, sharing research online and contributing to Open Source efforts
- IT Structure: centralize IT skills or, distribute and embed IT in the business teams.
While no single set of strategies guarantee success, readily evident trends across many successful companies include leveraging of cloud computing platforms, heavy focus on attracting talent, and embedding IT skills in the lines of business.
Consistent, timely delivery of promised capabilities and reliability of services are the foundation for the IT-business partnership. Lean, highly technically skilled, business-proficient teams are essential for successful execution. Strong architectural standards, agile methods for assimilating new technologies, and lightweight but rigorous project management provide the necessary scaffolding. Frequent review of project progress with business users that rely on demos and actual use, and includes participation from a broad cross-section of the team has multiple benefits. It ensures product fit, provides complete transparency and fosters cross-pollination of ideas between the IT and business teams.
Prioritization of needs and budgeting require close collaboration with the business and should be jointly owned. While budgets are often decided annually, regular discussions on evolving needs and priorities, as well as the progress of projects are essential. Opportunities to reduce allocation for sustaining systems and free up resources for enabling innovation should be aggressively pursued.
There are three dimensions of risk that IT leaders need to contend with: technology risks, regulatory risks, and cybersecurity risks. Robust processes need to be established to identify, monitor and respond to risks relating to systems availability and performance that may result from architecture, capacity or obsolescence.
Many industries face daunting regulatory regimes. Regulatory initiatives such as the Global Data Protection Regulation (GDPR) and the Markets in Financial Instruments Directive (MiFID) require significant changes to IT platforms on compressed timelines. Optimization of these efforts requires developing a robust understanding of the requirements, implementing an adequate but non-superfluous solution, and not getting ahead of the finalization of the regulations.
It is essential to adopt a formal framework to prevent, detect and respond to cyber attacks. Keeping business leaders informed of emerging and persistent threats, and regularly running table-top exercises to practice responses to various scenarios is essential.
It is unlikely that one IT leader can excel at all aspects of the role. IT leaders should recognize their strengths and enlist help in other areas to ensure the organization’s success.