CIO Longevity and IT Execution

Computers

This is a little longer than I generally like for a blog entry. So, I tell you what to expect... I quickly review the essence of IT, then consider why many IT groups are considered ineffective, and finally what can be done to improve execution.

The essence of Information Technology is to create, deliver, and sustain high-quality IT services that meet (on time and within budget) the functional specs and the on-going service level agreements (SLAs) as established thru a partnership with the owners of the requested services. This is, in a nutshell, the role and ultimate responsibility of the CIO.

The creation of IT services generally focuses on functional requirements (the purpose of the application - what the service needs to do for the consumer/user). The delivery and support of those services focuses more on quality of service (QoS) attributes, such as performance, as well as the non-functional or systemic qualities (aka: the "ilities") such as reliability, availability, maintainability, securability, manageability, adaptability, scalability, recoverability, survivability, etc. A quick Google search found this paper among many on the topic.

Unfortunately, achieving success is often doomed from the start. And is probably why the average CIO survives for just 30 months (a new Gartner report even suggests that 2/3rds of CIOs are worried about their job)! Quality is sacrificed on the alter of expedience. Developers focus exclusively on the functional spec. For example, it is rare to find developers who are concerned with Recovery-Oriented Computing techniques (ref: Berkeley's David Patterson, et al) that can help mask infrastructure faults by, say, performing run-time discovery and binding of alternate dependencies. It is too easy for a developer to assume their target platform is failsafe, or that recovery is outside their area of concern. That's just lazy or ignorant, IMHO.

Just as guilty are the teams responsible for the implementation of those services. Too often new services stand alone in a datacenter as a silo, constructed using a unique set of components and patterns. Often, even if there is an IT Governance Board and/or an Enterprise Architectural Council, their strategic vision, standards and best practices are ignored, ostensibly to achieve time-to-market goals. In reality, it's just easier to not worry about the greater good.

What am I leading up to? Well, I believe there are two key areas that IT must take more seriously in order to increase their value to shareholders and to those who desire their services. These might even help the CIO keep his or her job.

The first is the effective leadership and influence of an Enterprise Architecture Council. One that has a clear and compelling vision of a shared services infrastructure, and has established a pro-active partnership with the developer community and strategic vendors to realize that vision. One that fights hard against human nature to ensure that IT services meet standards in quality, adaptability, observability, platform neutrality, etc.

The second is a focus on the disciplines associated with running a world-class datacenter operation. There is a well established set of standards that are useful as a framework around which these disciplines can be built. It's called the IT Infrastructure Library (ITIL) and is widely adopted in Europe and increasingly being pursued in the States across business, agencies, and institutions.

There are 10 ITIL "Best Practice" disciplines associated with the Delivery and Support of IT Services. These prescribe relevant and desirable processes that an IT group should seek to implement if they desire to evolve to a higher level of Operational Maturity. ITIL is highly focused on building a working partnership between IT and the associated Business Units, on increasing the quality of IT services, on reducing the true cost of operations, on establishing communications and execution plans, on the promotion of the value of IT, on understanding the cost and priority of services, etc.

Of the ten focus areas, the ITIL discipline that is probably the most important to start with is "Change Mgmt". This is a key area with a significant ROI in terms of service quality and cost. The cost of sloppy change control is huge. In a Fortune 500 acct I visited recently, the S/W developers all have root access to the production machines and make changes ad hoc!! Unfortunately, this isn't uncommon. The introduction of structure and discipline in this area is a great test case for those who think they want to implement ITIL. While the benefits are self evident, it isn't easy. The change will take exec level commitment. There will be serious pressure to resist a transition from a cowboy/hero culture to one that produces repeatable, consistent, predictable high-quality service delivery. The "heroes" won't like it, and they often wield influence and power. But, if this ITIL discipline can be instilled, the other nine have a chance. It's a multi-year effort, but the results will be a highly tuned and business linked competitive weapon.

The journey that many IT shops will have to take to achieve higher levels of maturity as suggested by Gartner and Meta, and described by the ITIL Best Practices, is a systemic culture change that fills gaps, eliminates overlap, aligns effort, and establishes structure and methods, designed to increase quality and lower costs. But, ultimately, it is a journey to prosperity and away from dysfunction. ITIL isn't to be taken lightly. It isn't for all IT departments (well, it is to some level, but many aren't ready to make the commitment). These charts show that most (>80%) have stopped and camped on the shore of mediocrity way too early in the journey.





There is a certification track for ITIL. A 3-day ITIL Essentials class is available to provide an introduction and "conversant" knowledge of the various discipline areas. A multiple choice cert test validates this level of understanding. This class is a pre-req for the very intense two-week ITIL Managers (aka: Masters) class. More than 50% fail the two 3-hour Harvard Business School type essay exams that are taken to achieve this level of certification. This is a respected certification and actually demonstrates true command of the principles of IT service excellence.

Sun also has offerings around our Service Optimized Data Center program, a new comprehensive roadmap of services and technologies to help customers deploy and manage IT services faster, smarter and more cost-effectively in their data centers. EDS Hosting Services is pleased with it. SODC leverages, among other things, our Operations Management Capability Model, based on principles from the Information Technology Infrastructure Library (ITIL) and the Controls Objective for Information and Related Technology (COBIT).

I believe Sun can establish itself as more than a parts and technology vendor by demonstrating value in helping our customers address the "Process of IT", into which our Technical Solutions are best delivered.

January 15, 2005 09:35 AM EST Permalink