This document summarizes a presentation given by Andrew Wasser on empowering the chief information officer (CIO) position. It discusses topics like why IT projects fail, the benefits of iterative development, managing shadow IT, and using principles from behavioral economics to motivate organizational change. Wasser argues CIOs should focus on small, incremental innovations to services rather than large technology projects. He also stresses the importance of having a clear enterprise architecture, valuing internal staff over external consultants, and addressing organizational readiness through principles like "what's in it for me." The overall message is that the CIO role can be empowered through practices like managing risks iteratively, prioritizing service improvements, and aligning incentives across stakeholders.

1. CIO360 Empowerment
Andrew Wasser
Executive Director of the CIO Institute
Dean of CMU’s School of Information
Systems & Management

2. Ranked by U.S. News & World Report, Carnegie Mellon is:
• 1st in Information and Technology Management
• 2nd in Management
Information Systems
and Quantitative
Analysis
• 3rd in Computer
Engineering
20 Nobel Laureates

3. IT Plus ‘ ’
• Healthcare
• Security
• Traffic
• Entertainment
• Crime
• Privacy

4. Topics for Today: Positioning your
CIO for Success
• Lead or follow?
• Why IT projects fail
• Iterative and incremental development
• Enterprise Architecture
• Shadow IT
• Principle-Agent theory
• Process or Innovate?

5. Public Vs. Private Sector CIO
Public sector IT lags three to five year behind
private sector technology initiatives

6. First Movers
• First Movers could be moving fast towards
a dead-end
• First Movers do not learn from other’s
mistakes
• First Movers are the province of the
private sector

7. Why do we take technology risks?
We listen to consultants and vendors in
expensive suits (with cocktails).
! Why do we respect the opinions of
outsiders more than we do our trusted
employees?
! Why do we let consultants and vendors
gain their experience at our expense?

8. You can still innovate
Innovate on Public Service, not Technology
• Open Data Websites:
• Weather patterns
• Census demographic data
• Transparency in government activities
• Speed and quality of service
• Building a smart city

9. Failed Government IT Projects
x FBI Case File System
x IRS Modernization
x Kinetic Energy Interceptor
x Denver Airport
x Federal Aviation Administration modernization
x DoD and VA’s joint health records
x Mississippi tax system automation
x Navy-Marine Corp Intranet
x HealthCare.Gov
x Pentagon’s DEAMS accounting system
x Security Border initiative

10. Why projects fail:
1. Too big, too ambitious
2. Too technologically advanced
3. Too many stakeholders with too many
competing interests
4. Poor leadership
5. The organization just isn’t ready or
properly incentivized

11. FedRAMP Collaboration
COMMON SECURITY RISK MODEL for CLOUD:
• Ensures government-wide cloud use has adequate
information security;
• Eliminates duplication of effort and reduce risk
management costs;
• Enables rapid and cost-effective procurement of
information systems/services for federal agencies.
• Private (IBM, Amazon, Microsoft) and Public (federal
agencies) covered
• Department of Defense, Homeland Security, and
GSA all on board

12. Give up on massive cross-departmental
IT projects
• One-off partnerships and incremental
agreements work better.
• The City of Chicago and Allstate Insurance
partnered to predict restaurants that carry
foodborne illnesses
• NIST and Census work together on a shared
cloud-based research platform
• Cause & Effect: The more stakeholders,
the higher the likelihood of a project failure

13. Small Wins towards Big gains
• Working in small (agile) chunks:
• Each mini project adds value in and of itself
• Each serves as a base for the next building
block
• People see progress and are motivated to
support you
• Allows you the flexibility to change
priorities and technologies

14. Little wins/Agile practices
• Requirements and solutions evolve
through collaboration between cross-
functional teams
• Fail quickly, learn, and move ahead

15. Agile Practices
Work on the most important things first
Not letting great stand in the way of
good enough (the law of diminishing
returns)
Decide as late as possible (just-in-time
feature-decisions)

16. (Not Agile) Fixed Price Contracts
Why do we like them:
1. The comfort of knowing how much you are
paying (low risk)
Why do we hate them:
1. We can’t change our minds
2. The incentive of the vendor is to do it in the
cheapest way possible
3. You may get what you asked for but not
what you want

17. Another major failure point
• Do you want to finish the last Director’s or
CIO’s strategic IT project?
• How much waste are you willing to live
with by abandoning projects?

18. Enterprise Architecture to the
rescue
• EA provides a strategic, integrated approach to
IT resource planning

19. EA sets Standards:
“We support Android
devices”
“We use Jive as our
collaboration tool”
EA as a Weapon for you and your
CIO
1. EA gives you a Plan
2. EA gives you Standards
3. EA drives your IT spend
EA as a Plan:
Which projects are
done 1st, 2nd, 3rd.

20. The End State with EA
• Stakeholders have better access to data
• IT Headcount reduced
• New systems delivered quicker
• Management / IT alignment
• Complexity & infrastructure costs
controlled
• Data integrity & security improved

21. Shadow IT
• Unauthorized applications and services used
without the permission of the CIO and the
tech team
• Driven by consumerized technology, mobility,
cloud, and frustration.
 GitHub
 Microsoft365
 DropBox
 SourceForge
 Yammer, Jive….
 A zillion apps

22. Shadow IT: Friend or Enemy?
Friend
• Fosters innovation
• Gets the job done
• Delivers agility & speed
• Escapes technical debt
Enemy
• Impedes cross-functional
collaboration
• Increases Security &
Compliance Risks
• Increases Privacy Risks
• Chaos will ensue

23. Shadow Innovation
• Allow and embrace small experiments
• Fast track new technologies
• Set boundaries and reinforce what will
not be tolerated

24. Last Major IT Failure Point
• Organizational Readiness
• Culture
• Unwillingness to change
• Competing interests
• Looking at it from a Principle-
Agent perspective

25. Principal Agent Theory (WIFM)
The problem of motivating a party to act on
behalf of another is known as ‘the principal-
agent problem’.
• Badly designed incentives or features
complicate the relationship between the
principle and agent
• Gaming the system using the rules and
procedures meant to protect a system to
manipulate the system for a desired outcome

26. Adopting a new system or practice
• Using ‘What’s in it for me’ (WIFM) to align
incentives
Incentives:
 Money
 Time-off
 Recognition
 Feedback
 Little Stuff

27. Is Process the enemy of Innovation?
• Process: You do things in an established
manner, never deviating from the Standard
Operating Procedure
• Service Level Agreements, Process Modeling
• Avoiding errors, minimal thinking
• Innovation: You take risks, you challenge
assumptions, you stay flexible, you
recover rapidly

28. The Rare Responsible Person
• Self motivating
• Self aware
• Self disciplined
• Self improving
• Acts like a leader
• Doesn’t wait to be told what to do
• Never feels “that’s not my job”
• Picks up the trash lying on the floor
• Behaves like an owner

29. “Good” vs. “Bad” Processes
• “Good” processes help talented people get more done
• Web site push every two weeks rather than random
• Spend within budget each quarter
• Regularly scheduled strategy meetings
• “Bad” processes try to prevent recoverable mistakes
• Get pre‐approvals for $5k spending
• 3 people to sign off on banner ad
• Permission needed to hang a poster on a wall
• Multilevel approval process for projects
• Get 10 people to interview each candidate

30. Two Types of Necessary Rules
1. Prevent irrevocable disaster
• Financials produced are wrong
• Hackers steal our customers’ credit card info
2. Moral, ethical, legal issues
• Dishonesty, harassment are intolerable

31. CIO Empowerment
• Have a clear enterprise architecture
• Do not place the consultants and vendors
over your internal staff
• Innovate on service, not on technology
• Small Wins, Small Wins, Small Wins
• Leverage but manage Shadow IT
• Use Principle-Agent Theory (WIFM) to
motivate behavior and change culture

32. Andrew Wasser
awasser@cmu.edu