The dot-com hangover is over and business is being re-energized by new technologies, including social, mobile, cloud, analytics and cyber security and overwhelmed CIO's need lots of help making sense of it all. That's great news for the profession.By Eric Krell
Call it a slight alteration to Moore’s law: The amount of pressure bearing down on corporate chief information officers (CIOs) doubles approximately every two years. So, too, do the sources of this pressure.
CEOs and boards of directors want CIOs to provide strategic input on acquisitions and spin-offs as well as a clear picture of how major IT investments influence the bottom line. CFOs want analytics, harvested from an ever-expanding universe of data, to drive more accurate forecasting and financial planning activities. COOs and operational vice presidents want help scaling new and existing business quickly in response to suddenly materializing threats and opportunities.
Chief risk officers want information to feed scenario planning activities and assistance in ferreting out specific data in response to detailed compliance requests from regulatory bodies. And an increasingly technology-literate workforce expects information technology (IT) departments to keep pace with the latest device, software and experiential offerings from leading consumer-technology companies.
“For the first time since the dot-com days, the business is deeply excited about new technologies,” observes Janet Foutty, Deloitte Consulting’s national managing director, technology. “CIOs have to figure out how to respond in a very thoughtful manner to demands for cloud, social, mobile, cyber-security and analytics.”
While doing so, many CIOs confront a bigger challenge, says Tom DeGarmo, the leader of PwC’s technology practice. “CEOs and CFOs are asking CIOs for their thoughts on leveraging IT investments to drive innovation and growth.”
These demands have CIOs clamoring for help from their external advisors in decoding and prioritizing a tangle of challenges whose complexity rivals the immense intricacy of their networks, platforms and applications.
“Ten to 20 years ago you could walk into a computer room and literally put your hands on everything that was important from a data processing perspective,” observes Gary Curtis, Accenture’s chief technology strategist and global managing director of the firm’s technology consulting practice. “You can’t do that any longer because their servers are everywhere. Today’s networks are too complex to even draw a diagram of them.”From Plumbers to Profit Centers
This, of course, is good news for consultants, who thrive on complexity. Recent earnings releases indicate that IT consulting shows signs of flourishing once more following a historic recession and widespread reduction in all forms of corporate spending.
Count IBM among firms with positive growth figures. In the first quarter, IBM Global Business Services’ practice grew 6.8 percent compared to the first three months of 2010. Big Blue’s IT-consulting strategy focuses on helping CIOs deliver “excellence in the fundamentals” (e.g., the secure and reliable delivery of “lights on” IT), IBM Corporation Vice President and CIO Jeannette Horan notes, while also helping them achieve much more strategic objectives.
“CIOs are now increasingly in step with CEOs’ top priorities,” Horan writes in IBM’s 76-page The Essential CIO: Insights from the Global Chief Information Officer Study, which appeared earlier this year. “One priority they agree on is how critical it is for today’s public and private sector organizations to derive insight from the huge volumes of data being amassed across the enterprise, and turn those insights into competitive advantage with tangible business benefits.”
Although CIO Magazine’s annual “State of the CIO” survey results indicate that the IT “retrenchment that has ruled the past two years” is over, a widespread demand for more efficient IT operations persists. Horan says that one of her strategic goals is to cut in half the number of enterprise applications within IBM by 2015. “CIOs are challenged every single day by the most senior leadership of the business to be more efficient and more effective at the same time,” Curtis says. “That probably will never go away.”
Michael Hugos, principal of Chicago-based Center for Systems Innovation, agrees. “The big challenges facing CIOs are to transition their IT groups away from the traditional focus on operating data centers,” he asserts, “and focus instead on delivering quick and responsive services to meet the needs of business in the global, real-time economy.”
This transition began several years ago, and its progress was in many cases impeded by the cost-cutting that occurred in response to the recession. “In the past 36 months or so, many CIOs have gone from managing the data pipes and plumbing to becoming a general contractor for shared services and outsourcing,” DeGarmo notes. “Today, many CIOs are now on the CEO’s agenda.”
Challenges and Cloudy Opportunities
To thrive in this new role, DeGarmo and other IT consulting veterans say, CIOs need to respond to a number of major threats and opportunities, including the following five areas:1. Greater Agility
Roughly 70 percent of IT budgets traditionally have been devoted to the installation and operation of IT hardware and legacy systems, Hugos explains. Cloud computing and software-as-a-service (SaaS) offerings enable the outsourcing of much of this work at an attractive price.
As a result, “CIOs and their in-house IT groups now need to focus more than ever before on delivering IT agility to drive business agility,” says Hugos, a former CIO. “This means finding ways to respond quickly and cost effectively to rapidly changing business needs. CIOs need to find ways to do this without asking for large up front capital investment budgets and taking six to 24 months to deliver solutions… CIOs need to implement strategies to respond quickly to business needs.”
This means that IT needs to get deeper into the business of enhancing existing products, rolling out new products, identifying better suppliers, identifying new market opportunities and finding ways to differentiate products and services to ultimately increase profit margins. CIOs also need to respond quickly when a business or the company needs to contract,” Foutty points out.2. The Cloud
As Hugos notes, cloud computing and SaaS can enable greater agility. This helps explain why every IT consulting practice leader identifies cloud as one of the top challenges, and opportunities, facing CIOs.
Hugos, author of Business in the Cloud: What Every Business Needs to Know about Cloud Computing, points out that “cloud computing is happening in a big way” following four years of increasingly intense tire-kicking by CIOs, some of whom expressed concerns related to data security and service level agreements (SLAs).
Today, major IT vendors, including IBM, Microsoft, Hewlett Packard, Amazon, Dell and others, “are investing billions of dollars in delivering cloud services, and this is changing the nature and value proposition of the traditional in-house IT department,” Hugos says. “Business units want their IT groups to offer services to what they can get from cloud, SaaS and consumer IT providers. CIOs must upgrade their in-house IT infrastructure to create private clouds so they can quickly provide computing resources as needed.”
Curtis says Accenture’s client-company CIOs are trying to figure out where they can apply cloud architecture to gain the best leverage for their IT departments and the overall business.
“Many companies are not on a path toward implementing some form of cloud operations and technologies,” reports Arthur Filip, worldwide vice president and general manager of HP Technology Consulting. In April, HP announced the formation of its “Strategic IT Advisory Services,” a consulting arm specifically designed to help CIOs “use IT as a key driver of innovation, growth and profitability.” One of the practice’s core services is “Cloud Business Readiness.”
“Cloud creates a whole different way of seeing, understanding, utilizing, processing and sharing information and data,” Filip continues. “CIOs, more than anyone in their enterprise, can show C-level executive committees and business unit leaders how to take advantage of cloud opportunities.”
The cloud model also creates new opportunities for innovation that companies and their IT consultants are in the process of figuring out. Foutty says that the promise of cloud is being leveraged on the infrastructure side and is beginning to be realized with regard to software. Small businesses, for example, now have much more affordable access to leading-edge enterprise technology that only larger companies could previously afford.
“We’ve been playing around with the cloud concept as it might apply to a virtual workforce,” Foutty confides. “How do you take cloud concepts of a virtual workforce and develop a better, more coherent strategy for using contractors and consultants as well as offshore and on-premise resources to allow you to respond more effectively to changing business needs?”3. Other Technologies
In addition, IT consulting executives point to social media, mobility and analytics as posing major challenges and opportunities for CIOs and IT departments. “You really have a confluence of disruptive technologies occurring right now,” says DeGarmo. “And CIOs as well as CEOs need to respond to these developments.”
For example, CEOs and CIOs need to figure out how social networking can affect an organization’s ability to attract and retain top talent, profitable customers and valuable supply chain partners. Just about every corner of the business is looking for analytics that will improve the accuracy of business forecasting, establish new correlations between employee engagement and profits, sharpen the executive suite’s understanding of emerging risks and strengthen decision-making in many other areas as well.
“Mobility,” which refers to the explosive growth of computing power (both personal and business) each employee now commands, represents a classic risk in that it can be both a major threat and a major opportunity (and sometimes both, simultaneously). The “consumerization” of IT has produced in large organizations thousands of amateur CIOs who hold the IT department to the same standard they expect when using Amazon, iTunes or their Droid-powered smart phone.
“A number of CIOs I talk to see many of their employees starting to outpace the capability of the IT department,” Filip reports. “When some employees want an application or have a need for a new IT capability, they don’t call the IT department anymore. Instead, they download something, create something on their own or adapt something via open source. You have a much more technologically savvy workforce, which creates a whole new set of challenges and opportunities for CIOs.” 4. Security and Privacy
Every week, if not more often, the news features a story about a major information-security breach within a large corporation or public institution. In April, thieves swiped names, addresses and possibly credit card information from more than 70 million user accounts in Sony’s online video game network.
In May, the U.S. Health and Human Services department released reports identifying major weaknesses within electronic medical records (EMR)—a major source of IT-healthcare consulting work right now—that could result in data theft, injuries or even deaths. In June, the U.S. Government Accountability Office (GAO) reported that taxpayer identity theft had increased fivefold from 2008 to 2010.
“This is nearly a daily occurrence,” Curtis says of information security and data privacy issues. “And professionals in the business will tell you that what you read about is the tip of a very large iceberg. A lot of the security breaches that occur within enterprise networks … don’t incur the kind of losses that make the front page. They’re still important, they’re still troublesome and they are increasing in frequency.”5. Regulatory Demands
There’s Sarbanes-Oxley, Dodd-Frank, IFRS, healthcare reform…the list of major regulatory changes is long and getting longer quickly. Each of these changes places great demands on an organization’s ability to locate, extract, organize and report massive amounts of information.
In the U.S. healthcare industry, for example, companies are contending with the largest regulatory overhaul in 50 years, yet the magnitude of these changes may be surpassed by another rules change that receives very little attention outside the industry. The implementation of International Classifications of Diseases, Tenth Revision (ICD-10)—the documents physicians and insurers use to code patients’ aliments—has been compared in scope to Y2K remediation efforts.
By October 2013, U.S. healthcare companies will need to adapt their systems, processes and training to reflect the addition of more than 50,000 more diagnosis codes as well as the addition of more than 80,000 procedure codes.
The daily regulatory demands—usually in the form of specific requests for compliance-related information from various regulatory bodies—bearing down on the financial services industry also receives scant attention outside that industry.
“Regulatory pressures are now at an all-time high,” asserts Curtis, who notes that relatively few companies possess the capability to respond sufficiently to more frequent and more detailed ad hoc regulatory inquires. “It is very tricky for companies to respond [to requests for information] as quickly and as adeptly as the regulators want them to,” Foutty agrees. “So much of the information that is being requested resides on a bunch of spreadsheets on employees’ laptops. So, the questions become, how do you respond the first time and then how you institutionalize the response?”Smaller Projects, Broader Skill Sets
The confluence of pressures IT consultants describe here places new challenges on the nature of IT consulting projects as well as the skill sets IT practices need to assemble.
DeGarmo reports that the pace of change within the CIO’s purview has increased dramatically, which requires IT consultants to possess a “much more varied” set of skills than they needed a decade ago. In addition to their individual impacts, cloud, social media, mobility and other disruptive technologies also interact with each other to create other impacts, DeGarmo explains.
As a savvy IT consultant, “you need to be smart on all of those individual technologies, understand how they affect your clients and, even more important, how they interact with each other,” he says. “You really can’t think about them independently … instead you want to put them together in unique and novel ways to manager suppliers, customers and the workforce more effectively.”
Additionally, CIOs have different expectations about the project work that generates these innovative ideas and solutions. For years, most CIOs have demanded a well-defined return on investment (ROI) for their consulting spend. Today, that demand is greater than ever because scrutiny on all operational and capital investments has grown even more intense. This demand is shrinking the size of many IT projects, a shift that may increase the cost of individual projects while reducing their risks.
“We have to show value in much more discrete pieces,” Foutty notes of the general IT consulting environment. “In many cases, what that means is that we sell smaller projects. “The pressure on IT costs and return is just overwhelming,” Foutty adds. “CIOs feel incredible pressure on investments that their organizations are making in technology.”
And that pressure just doubled.For additional technology coverage, see Empowered CIOs Generate Revenue.
|CIO Magazine’s 2011 “State of the CIO” survey results contains a finding that looks shocking on first glance: 41 percent of CIOs expect to head their company’s risk management programs in the future. However, this trend seems less surprising when one considers the depth and breadth of governance, risk management and compliance (GRC) experience CIOs and their departments are amassing every day. Consider how the intensifying demand from regulators for compliance-related information involves the CIO.
“Every business leader and CIO will tell you that today’s regulatory compliance issues are more immediate, more intrusive and generally more of a challenge to meet,” reports Gary Curtis, Accenture’s chief technology strategist and global managing director of the firm’s technology consulting division.
For example, one of Accenture’s global financial services clients received a formal regulatory inquiry, one that many other large banks also received, several months ago from a U.S. regulatory body. The document requested an assessment of all of the “non-integrated financial applications,” that contained data used in calculations of capital adequacy and other measures required by one of the regulatory body’s many rules.
In other words, this agency wanted to know which data in which spreadsheets are used in these calculations, and whether or not the data is accurate. The first step the company took was to identify how many applications meet this definition. It turned out that more than 100,000 individual applications did so. The next step was to determine how many of those applications contained compliance-relevant data. It turned out that roughly 20,000 did.
“Finding those applications required an immense amount of custom work,” Curtis recounts. “Conducting assessments to determine which applications fit the regulators definition also required an immense amount of one-time work.” Finally, raking through the applications that met the definition to check the data quality and controls required a third round of intensive, one-time work.
“And this is just one example,” Curtis adds, “of the type of significant inquiries that can arrive one a week or even more frequently at large banks.”
Although financial services is one of the business realm’s most highly regulated sectors, Curtis and other IT consulting leaders emphasize that nearly every industry is being subjected to more frequent and more involved requests for regulatory data that needs to be extracted from complex information systems.
As a result, CIOs may be heading up GRC efforts sooner rather than later.