Pritam Dey [email_address] Using Technology Transformation Effectively to Improve Business-IT Alignment 2009
Agenda Agenda Case Study What Went Wrong? What Can We Do Differently?
Application Portfolio Optimization (APO)
Service-oriented Architecture (SOA)
Putting It All Together
Case Study Consider a scenario: A national retail bank in India, with hundreds of subsidiaries and branches, decided to automate its operations and move its services online. Since most of its services are common across all its branches, the bank decided to implement a Service Oriented Architecture (SOA) to increase the interoperability. It was decided that the corporate IT group would be in charge of execution of the complete project, including the implementation of SOA and definition of its services. Needless to say, the project started with much optimism and excitement. However six months into the project, it ran into roadblocks. Cracks started to become visible. There were frequent disagreements among the various business units on who is responsible for defining and administering the SOA services. Who is responsible for the overall governance of the project? Some groups have also questioned corporate IT’s shortsightedness of not carefully considering the complexity of integrating existing applications built across diverse platforms and technologies. The need for a clear IT strategy and technology roadmap was clearly felt. A year later, the project was scrapped. It became impossible to execute the project without a well-defined IT Roadmap, Enterprise Architecture and IT Governance mechanisms. What went wrong?
What Went Wrong? SOA is a paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains. It provides a uniform means to offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations. - OASIS Group IT Roadmap
A technology roadmap was not clearly defined.
How would the existing applications be integrated/upgraded?
How would the bank stay attuned with constantly evolving technology?
Service Oriented Architecture (SOA)
Was the decision to implement SOA carefully considered by taking into account the interoperability and a need for a federation of resources?
Was an SOA Governance Structure created to resolve trust issues across teams?
How would the SOA security issues be handled?
Was a clearly defined Governance structure established to ensure that the organization’s IT sustains the organization’s strategies and objectives?
Did the board understand the overall architecture of its company’s IT applications portfolio?
IT - Business Alignment
Did the organization take a broader view of the business strategies and objectives and realize how IT is going to sustain and extend them ?
Was there a sincere effort to increase the value of IT projects and reduce the gap between IT and business?
What Can We Do Differently? “ Winners don’t do different things, they do things differently.” - Shiv Khera
IT – Business Alignment There is an increased call for CIOs to broaden their scope of action by adopting new levers, roles, and governance practices that go beyond the purely technical and traditional IT capabilities. – McKinsey- CIGREF (the association of French CIOs) collaboration Understand the business priorities
Understand expectations about IT and formulate them in business terms
Proactively propose business – IT initiative
Ensure faultless execution
Take action tightly synchronized with business units
Rank priorities and sequence levers to be used
Take a position on cross-functional projects
Build alliances and develop new skills
Develop non-IT skills
Reinforce IT’s cross-functionality
Find levers where IT and business units intersect Source: McKinsey Quarterly: How CIOs should think about business value
IT - Business Alignment: Best Practices Source: CIO: How to Close the IT-Business Alignment Gap A recent article in Harvard Business Review (“Radically Simple IT,” March 2008) advocates that Business and IT shouldn’t just be aligned, they should be “forged together.” One way to do this is by having the CIO report directly to the CEO or COO, not the CFO. All levels and all functions of the business must be accountable and work on their part of executing the corporate strategy. Start with Corporate Strategy and Objectives Take a Holistic View Highlight the Requirements Gap Have a long-term roadmap Accountability Design, build, and roll-out systems with a long-term IT roadmap. The roadmap should make some simple distinctions such as layers of information-value in the organization. It should also layer applications in the overall system architecture. Business/IT alignment happens when the gap between bottom-up and top-down is bridged. Big gap, low alignment. Take a holistic view when a business unit comes with a problem. Who else needs to see this information? How will this information be made “actionable” so we can watch trends over time, adjust for seasonality, compare with forecasts, and eventually fire unprofitable customers. Directly correlate all IT initiatives with overall Corporate Strategy. IT should be able to show multiple correlations from many systems to many strategic objectives. More correlations, high alignment.
Technology Transformation Source: HCL Technologies Use technology transformation services to align your business needs and thereby ensure operational efficiency Desired Output Technology Transformation ensure that IT systems do not become a drag but are optimized and managed so as to transform business functions by being better-aligned to business needs while ensuring operational efficiency. – HCL Technologies Analyze IT landscape
Create outsourcing plans
Create IT portfolio
Operational Cost Savings Analyze business processes; create IT roadmap
Re-engineer business processes
Create IT Strategy
Create IT Governance structure
Application Portfolio Consolidation
Business Process Efficiency Optimize IT portfolio; align IT with business
IT Strategy Innovation Capacity: the potential for the IT function to support new products, processes, and opportunities. Successful companies will grow their IT innovation capacity by focusing in how IT is sponsored, operated, and governed. - Forrester Research An effective IT Strategy plan helps to increase IT-business alignment, improve IT governance, boost IT value and prioritize IT investments. Source: CIO Roadmap – The IT Strategic Plan Step-By-Step Value Proposition
Helps to maintain short-term and long-term business goals
Helps to identify gaps between current and future IT architecture
Helps to fill in the identified gaps
Helps to adapt to changing trends and technologies
Five Phases of IT Strategic Plan Development Devising and revising IT strategic plan should be a core management capability, and an annual activity. When you create one for the first time, you might find that it isn’t as complete or as streamlined as you might like. Use each pass through the strategic planning process to capture learnings and apply them to the next version - Forrester Research IT’s strategic plan is an essential tool for running IT like a business. It is purpose-driven and a complement to IT governance structures and processes. Source: CIO Roadmap – The IT Strategic Plan Step-By-Step Phase One
Define Your Plan’s Purpose
Assess context: How does IT fit into the firm’s strategy and operations
Identify your stakeholders
Define the strategic plan’s purpose
Develop a straw man to validate your start
Capture And Evaluate Business Needs
Identify what type of business input is relevant
Identify your information sources
Capture and organize business needs into patterns
Assess IT’s Ability to Support Validated Needs
Evaluate implications of the business needs
Develop IT “to be” state or vision
Evaluate the gaps
Five Phases of IT Strategic Plan Development Devising and revising IT strategic plan should be a core management capability, and an annual activity. When you create one for the first time, you might find that it isn’t as complete or as streamlined as you might like. Use each pass through the strategic planning process to capture learnings and apply them to the next version - Forrester Research Phase Four
Develop Your Plan to Close The Gaps
Develop or revise your strategic IT principles
Identify gap-closing initiatives
Determine key performance indicators (KPIs)
Build an integrated roadmap
Source: CIO Roadmap – The IT Strategic Plan Step-By-Step Phase Five
Finalize The Strategic Plan And Roll It Out
Institute KPI tracking
Schedule strategic plan reviews
Five Phases of IT Strategic Plan Development Devising and revising IT strategic plan should be a core management capability, and an annual activity. When you create one for the first time, you might find that it isn’t as complete or as streamlined as you might like. Use each pass through the strategic planning process to capture learnings and apply them to the next version - Forrester Research Phases of Strategic Plan Development And On-Going Review
IT Roadmap Business-IT alignment can be greatly increased by taking into consideration Governance, Risk Management, and Compliance (GRC) considerations. A well-designed IT Roadmap can help to implement and refine GRC practices within an organization. Source: CIO – Your IT Roadmap For Governance, Risk Management, and Compliance Step One
IT Principles & Strategy
Discuss how IT can support GRC needs, including
Process / transaction needs
Control / monitoring needs
Documentation / system of record needs
“ AS-IS” Situation
Make an inventory of all processes and technology
What do we already have in place?
Who owns and maintains these systems?
Who operates them?
What do they really do?
Information systems and IT have become essential for the implementation of business activities in companies. In order for a business enterprise to make a suitable IT investment, it must be able to forecast the trends of significant technologies that will become available in the future and map out a technical strategy (IT Roadmap) based on such a forecast.
IT Roadmap Source: CIO – Your IT Roadmap For Governance, Risk Management, and Compliance Step Three
“ TO-BE” Vision
Define, enhance, and evolve an enterprise architecture that supports GRC needs
Leverage existing technology investments
Consolidate technology to serve multiple GRC areas
Integrate technology into core business processes to serve GRC needs
Priorities, Projects, Budgets & Ownership
Define priorities and specific projects to phase into ultimate vision
Start in a specific area and expand
Avoid “big bang” solutions
Consider parallel operation of “high stakes” system
Assign ownership and accountability
The description of “target state” is of paramount importance for the IT strategic planning. Lack of clear understanding of the “target state” deprives IT from the very fundamentals required for strategic planning. The important task CIO should set for himself or herself: to help the business to shape this “target state” at least to the point sufficient for IT management to plan how technology organization is going to enable the company future.
IT Roadmap: Maturity Levels of GRC While aligning IT with business, companies must understand their level of GRC maturity. Some of the basic maturity levels for GRC are: Source: CIO – Your IT Roadmap For Governance, Risk Management, and Compliance No awareness of interdependence of GRC and IT resources Limited understanding of GRC; no common platform for GRC Understanding of the need to integrate GRC with IT Businesses align and leverage GRC to realize GRC benefits, growth, profitability and asset utilization Highest level of GRC maturity. Businesses use a common language and set of metrics to continuously improve the platform YoY Level 5 Level 1 By themselves, GRC initiatives aren’t necessarily good or bad. But, depending on how organizations choose to interpret and implement them, they can be. Organizations should use the maturity model and GRC steps to help ensure more strategic alignment between their IT strategy and their GRC initiatives.
Enterprise Architecture The Enterprise Architecture guides an organization’s project portfolio and the development of solutions. It becomes an intrinsic part of the overall design and governance continuum for a business, with the top down process of realizing business strategy and goals through the architecture supplemented with learning from the experience of implementation. Aligning project architectures to an overall Enterprise Architecture bridges the gap between business/IT strategy and solution development. Source: Capgemini – Architecture and the Integrated Architecture Framework Expand IT Reach You can collaborate more effectively than your competition with your customers, suppliers and partners through your IT Increase Business Agility You can continuously adapt your business (by changing your IT) more quickly and with lower risk than your competition Increase Project Success You can significantly improve your success with your investment in IT enabled business projects Reduce IT Cost You can deliver new IT solutions and manage your existing IT services at lower cost than your competition Reduce Cost The Value of Architecture
Integrated Architecture Framework (IAF) Architecture is all about the business! Even for IT-centric projects, the solution must deliver business value and clearly align to the business direction if it is to be successful. For architecture to be able to deliver this, all decisions must be clearly justified and traceable back to business needs. The IAF provides the basis on which these architectures are delivered. IAF enables the architecture to be defined and justified in business terms and provides a reference model for planning, design and implementation. Source: Capgemini – Architecture and the Integrated Architecture Framework The Integrated Architecture Framework
Provides a model for architecture development and usage
Describes the format and content of elements of the architecture
Specifies the way in which these elements relate to each other
Application Portfolio Optimization (APO) In the IT context, an “application portfolio” is defined as a cluster of IT applications, infrastructure (hardware, software, tools), IT projects or a set of resources, skills and relationships. This IT assets portfolios constitute the “building blocks” that are used to deliver competitive advantage to the business. APO helps transform IT environments to align more directly with business priorities. It helps to reduce maintenance and development lifecycle costs and improve technology investment decisions.
Outsource Quick-Win Apps
Strategic Alignment Technical Quality Business Quality IT Sourcing AP Management AP Consolidation APO Assessment Transformation
Service-oriented Architecture (SOA) SOA is an architectural style that emphasizes well-defined, loosely coupled, coarse-grained, business-centric, reusable shared services. It’s an IT approach in which applications rely on services available on a network such as a web to facilitate business processes. – Sun Microsystems SOA offers the best opportunity for delivering the architectural flexibility necessary to achieve significant reductions in time to market (TTM) and total cost of ownership (TCO) for new business and IT services. Source: Sun Microsystems, Infosys POV Benefits Common Mistakes Challenges
Reduced time to market (TTM) for new services • Reduced total cost of ownership (TCO) of IT infrastructure and business services
• Failure to assess SOA maturity level and defining appropriate roadmap • Failure to obtain buy-in from all stakeholders and internal application owners • Failure to identify common data models leading to frequent changes • Tendency to build point-to-point interfaces even with SOA • Failure to setup a PMO team for audits and reviews for SOA Governance • Simple, easily consumed, complexity hiding interfaces • Open-ended future reuse • Technical complexity of implementing with each support system • Cross-Line-of-Business coordination required • Logic with service flows that can differ from the underlying logic • Security needs of services differing from the supporting applications security • Services as separately managed IT components Testing Challenges • Services may not have a user interface • Data-gathering • High-level of integration requires better planning and strategy to address availability problems • Need to ensure excellent exception management • Reuse challenges • Learning curve
SOA Best Practices SOA enables organizations to leverage their current IT investments to keep pace with today’s demands for business agility. Leveraging SOA, they can help transform their IT infrastructure from monolithic rigid architectures to a flexible and agile platform. HCL Technologies Source: SOA Governance: Framework and Best Practices, An Oracle White Paper Architecture Technology
Align architecture principles across lines of business by creating reference architectures
Centralize the creation of standards, policies, and processes
Select technical solutions and vendor partners that adhere to industry standards
Establish an enterprise data management function to define and monitor enforcement of data governance. This group should establish policies and procedures that cut across multiple departments
Enforce security policies at the data service layer using tools that enable declarative policy definition centrally and localized enforcement throughout the enterprise
Use a multilayer financial strategy to justify SOA investments
Consider central funding for services that are to be used across departments
The SOA approach should focus on high-value business processes
EA and SOA should be driven by multiyear strategic plans that integrate business and IT goals
Provide enterprise SOA training for managers and stakeholders as well as architects, developers, PMs, BAs, and QAs.
SOA Best Practices Source: SOA Governance: Framework and Best Practices, An Oracle White Paper Project Execution Operations
Utilize a service registry to catalogue existing services and define processes to identify and submit potentially sharable services
Centralize SOA operations and support until greater maturity is realized
Deploy a Web services management solution for runtime policy enforcement through distributed policy enforcement points
Six Steps to Successful Governance with SOA
Step 1: Establish SOA goals and strategies that are tightly aligned with the business
Step 2: Establish SOA goals, standards, policies, and procedures proportionate to SOA maturity
Step 3: Define clear metrics that are obtainable and can show progress in maturing SOA and EA efforts
Step 4: Put repeatable and well-defined governance in place and capture the metrics defined in steps 2 and 3
Automate as many of the governance processes and collection of metrics as possible
Step 5: SOA and EA should leverage kaizen concepts from manufacturing domain
Step 6: As SOA maturity increases, policies should be enacted in order to deliver on SOA and business objectives
SOA is part of enterprise architecture, and should be driven by strategic and tactical business goals and objectives.
SOA Tidbits Source: Sun Microsystems SOA’s core vision is a global computing model that eliminates interoperability roadblocks. Only through loosely coupled collaboration do you get the true value of SOA. No one company has fully defined the set of infrastructure services that are needed to fully complete an SOA platform, because the whole platform concept is still in its infancy. Developers should not wait until standards get sorted out before adopting SOA. SOA is the next big thing. It’s good for another 5 to 10 years. Just as the web changed the world, so will SOA. Make SOA loosely couple and coarse grained, and have a top-down approach.
IT Governance IT Governance refers to putting together structures around how organizations align IT strategy with business strategy to ensure that they stay on track to achieve their organization objectives, in addition to implementing ways by which IT performance can be measured and optimized. IT Governance is a subset discipline of corporate governance that ensures that all stakeholders interests are taken into account and that processes provide measurable results. An IT Governance solution helps businesses align IT spending with business strategy by combining the value of portfolio optimization with the power of improved execution. Source: HCL Technologies: IT Governance Drivers Key Areas Benefits • Misalignment between business and IT • Regulatory compliance • Reduced productivity • Absence of well defined processes • Confrontation with reduced budgets and increased expectation • No visibility for management to track key performance and quality parameters • Portfolio Management • Program Management • Performance Measures • Resource Management • Financial Management • Time Management • Deployment Management • Business-based decision making • Closer IT-business alignment • Predictable project outcomes • “Moment of Truth” for IT • Record for what IT is doing • Top-down / Bottom-up values alignment • Better IT governance compliant with regulatory specification • Cost reductions & productivity increase
IT Governance – Ten Principles IT Governance refers to putting together structures around how organizations align IT strategy with business strategy to ensure that they stay on track to achieve their organization objectives, in addition to implementing ways by which IT performance can be measured and optimized. IT Governance is a subset discipline of corporate governance that ensures that all stakeholders interests are taken into account and that processes provide measurable results. Source: IT Governance : HBS Press (Peter Weill and Jeanne W. Ross) Actively Design Governance Management should actively design IT governance around the enterprise’s objectives and performance goals. Focus on having the fewest number of effective mechanisms possible. Know When to Redesign Governance redesign should be infrequent. A change in governance is required with a change in desirable behavior. Involve Senior Managers CIOs and senior managers must be effectively involved in IT governance for success. Communicate IT governance on one page. Make Choices Good governance requires choices. Governance can and should highlight conflicting goals for debate. Clarify Exception-Handling Process Exceptions are how enterprises learn. Formally approved exceptions benefit organizations by formalizing organizational learning about technology and architecture. Provide Right Incentives IT governance is more effective when incentive and reward systems are aligned with organizational goals. Assign Ownership and Accountability for IT Governance IT governance must have an owner and accountabilities. The board or CEO must hold the CIO or a committee accountable for IT governance performance with some clear measures of success. Design Governance at Multiple Organizational Levels Consider IT governance at several levels. The starting point is enterprise-wide IT governance driven by a small number of enterprise-wide strategies and goals. Provide Transparency and Education The more education on IT governance, the more transparency. The more transparency of the governance processes, the more confidence in the governance. Implement Common Mechanisms Enterprises using the same mechanisms to govern more than one of the six key assets have better governance.