Wall Street & Technology CIO Round Panel

Here is an interesting round panel discussion on 2009 challenges in the financial industry from Wall Street & Technology. 

There is a major challenge for CIOs because they know what’s coming in the next year or two. They know they are going to be called upon to do much, much more with potentially much, much less. So potentially driving the efficiency in the IT organization is no small feat. They are going to have to figure out ways that technology can help.

The observations are specific to the financial industry, and as such are not very surprising. The industry remains beset by toxic assets on its balance sheets and declining (or highly volatile) asset values. Profitability challenges will constrain spending throughout 2009, on the top and bottom lines. Economists widely blame the current recession on “creative’ instruments and lack of regulatory oversight of the financial industry. In this environment leaders have little choice but to retrench on spending and deal with increasing regulatory scrutiny.

These observations don’t necessarily apply to other industries. Although the economic climate is challenged, there is opportunity in change, and 2009 may become a “breakout” year for aligning IT with organizational drivers. Alignment is a two-way street, and for many organizations it will not occur until IT is more successful in helping define strategic plans, rather than merely reflecting the organizational strategic plan in the IT strategic plan.

Why ISACA Certifications Will Supercede ITIL

Below is a list of the top reasons ISACA’s COBIT Foundation and CGEIT certifications will become more popular than ITIL certifications. I am not suggesting the ITIL certifications will go away or be replaced by ISACA, in part because their frameworks are complementary and not entirely competitive. Nevertheless, ITIL and COBIT going in different directions, particularly ITIL doing everything wrong and COBIT doing things mostly right.

  1. ITIL V3 framework has become complicated and convoluted. Although ITIL V3 is supposed to provide clearer guidance for implementation, in most cases it is simply too complicated for organizations who still desire a piecemeal approach. Most IT practitioners still think in ITIL V2 terms (Incident, Problem, Change, Configuration) and ignore the V3 additions.
  2. COBIT is more rigorous and intellectually consistent. It lends itself easier to auditing. Many organizations wish to adhere to SOX requirements, even if they are not publicly traded. On the other hand, I haven’t yet seen an organization that desires ISO/IEC 20000 certification.
  3. ISACA documentation is more readily available to organizations at affordable prices. ITIL documentation has become expensive, and an apparent moneymaker for OGC and its related organizations.
  4. ITIL certifications (beyond Foundation) require classroom training that are mostly a moneymaking racket for APM Group and the OGC. Few will afford the $10K plus costs to obtain higher levels of certification–fewer will want to. ITIL Foundation will remain far more popular than the higher certifications, even among practitioners with significant experience with ITIL.
  5. The COBIT Foundation certification is similar in structure to the ITIL Foundation, and serves the same basic function. The two are equivalent and complementary, and COBIT Foundation will soon become as popular as ITIL Foundation. I believe this was a brilliant move by ISACA.
  6. The CGEIT requires real-world experience, in addition to a structured exam. In this way CGEIT is similar to CISA and PMI’s PMP certifications, both of which are very popular and respected.

McKinsey Survey: IT Potential Unmet

In a December 2008 survey of C-level executives titled IT’s unmet potential: McKinsey Global Survey Results (free registration required), McKinsey Global Institute documents the discrepancy between the desired and actual business results of IT. It also demonstrates some differences between the expectations among IT and non-IT executives. Of particular interest:

  • Nearly two-thirds of executives believe their organizations are at risk of information or technology-related disruptions, and less than half believe they are prepared to manage these disruptions. Concern is greater among IT executives.
  • IT efforts are concentrated on improving the efficiency of business processes, but there exists stronger desire to improve the effectiveness of these processes. An even stronger gap exists between the ability and desire for IT to help create new products or services.
  • An even stronger discrepancy exists in the alignment of IT and business strategies. Whereas 67 percent of C-level executives desire strong alignment (“Business and IT strategy tightly integrated, influence each other”) only 22 percent said they actually are. Twice as many organizations said their corporate strategies are developed first.

The discrepancies between IT and non-IT executive responses were even more interesting:

  • IT managers were more likely to emphasize improving the talent of their IT staff (57 percent) than their non-IT counterparts (42 percent).
  • IT managers want to consolidate IT functions to a centralized IT (21 percent) than their non-IT counterparts (14 percent).
  • IT managers are more concerned about reallocating budgets to focus on value drivers and improving IT governance and oversight.
  • On the other hand, non-IT managers were more interested in outsourcing IT functions (22 percent) than were IT managers (18 percent).
  • Whereas more managers expect to reduce IT operating costs in 2009 versus increase them (43 percent versus 23 percent), the numbers are almost perfectly inverted when they look at new IT investments (26 percent versus 41 percent).

The final point suggests 2009 may become a turnaround year for IT executives, in which IT is able to influence organizational strategy in order to capitalize on strengthening their positions during this global recession. This final point is important: change begets opportunity, and those organizations who strengthen their positions during the downturn will benefit during the next recovery. Often the ability to seize the opportunities is inversely related to debt carried, so look for cash-strong companies to become stronger.

By the way, the outlook for IT project managers also remains relatively strong.

IT Spending Flat in 2009

Computer Economics reports zero growth in IT spending in 2009

IT operational spending growth peaked in 2007 at 5.0% and then declined this year to 4.0%. As reported earlier in this study, however, a significant number (41%) of respondents do not expect to spend all of the money budgeted for this year, which means that the 2008 growth rate will almost certainly fall short of the budgeted 4.0% rate. That pessimism extends into 2009.

The news is even worse: Not only do more companies expect spending cuts in 2009 than increases, but many organizations have spent–or plan to spend–less than their budgets in 2008. It also means that in fixed dollar terms, IT spending will be down 3-4%.

IT spending is now a microcosm of the economy as a whole. The best and worst of expectations of Information Technology have been removed from C-suites, which means IT spending is more grounded in actual business performance. This is good, in that we don’t expect IT spending to underperform the broader economy, as we saw in the 2001/2002 recession, but it also means outlandish ideas of IT-derived productivity will not buffer IT from the current recession either.

In a nutshell, IT investments are more closely aligned with business requirements, which is a major goal of good IT governance.

On Enterprise Risks

Here are some nice observations on risk. 

Risk in the case of the meltdown of the balance sheets of the world’s most important financial institutions is quite different than the type of risk that financial institutions and insurance agencies were used to dealing with. What characterizes what we might term “normal risk” are three things: it is exogenous, stationary and uncorrelated.  

Although non-standard risks are difficult to plan for and manage, we must do so nonetheless. Risk models that breakdown when risks are endogenous, moving, or correlated is like building a car whose seat belts when the driver falls asleep, or whose car bag fails over 10Mph.

Transparency is a core issue. Risks cannot be managed if they cannot be measured. If government is to become the insurer of last resort, then it has the right (and obligation) to ensure transparency of the markets. The CDO and DSO markets are very opaque, to the benefit of nobody except a small handful of inside players.

If ERM is limited to risks that are exogenous, stationary, and uncorrelated, then I wonder whether we need to begin applying principles of BCP to ERM, particularly the need to identify and plan for the “worst case scenario”, which will help identify systemic risks which cannot be identified with traditional methods.

Researching the Value of Project Management

On Tuesday I attended the monthly dinner meeting of Portland Chapter of the Project Management Institute, where Dr. Janice Thomas presented some results of her three year study that PMI will sell this year in a paper called Research on the Value of Project Management. The research team studied over 60 organizations over a year and a half in a variety of industries. They gained access to senior managers and detailed project records in order to corroborate interview statements with actual findings.

I initially skeptical of the research. Imagine this: research sponsored by the Project Management Institute finds that organizations always find value in Project Management. The research sponsor proclaims “I can definitively say that project management will bring value to companies”. However, the presentation by Dr. Janice Thomas showed she was very intelligent and thoughtful, and she was aware of the implicit biases.

Some interesting observations:

  1. Companies who focus on project management to control costs find a strong correlation with customer satisfaction, and that correlation is negative.
  2. No company in the sample could deliver ROI numbers for their project management programs. In other words, there was no ROI for calculating ROI.
  3. Companies who benefit from project management cannot simply make a one-time investment and then let it go. They must continually adjust, improve, and invest in the project management program for it to continue to succeed.

The full research paper will be available at PMI.org for $50 for non-members and $40 for members.

Numara Software Introduces FootPrints 9

Last week Numara Software announced the new version of FootPrints. Cutting through the marketing hype, the new version of the product consists mostly of minor refinements and enhancements to functionality. For example, customer accounts can now be Change approvers (only Agent accounts could approve Changes in v8), and the Address Book now allows a field for manager, which will assist in approving Changes. Otherwise they expanded the tabbed interface in the Project Administration and System Administration screens.

The lack of major new functionality is a good thing, as the product shouldn’t be plagued with a lot of new bugs typically associated with new products. The major new piece of functionality they did add is the Service Catalog, which uses (and extends) the CMDB. Service Catalog is free for CMDB customers. I will review the Service Catalog functionality later, as I haven’t yet had time to play with it in depth.

Note: The author is a contractor and consultant for Numara Software.

IT Spending Down (but not out) in 2009

As reported in Redmondmag.com, a new study released by Computer Economics suggests IT departments do anticipate major cuts in 2009, despite the downturn. However, a third anticipate cuts in travel and expenses. The executive summary, which is available here, says the research is based on surveys of 200 IT professionals, and it the 19th annual production.

However, they performed all the surveys in the first quarter of 2008, as would be expected of a survey of this scale. As a consequence, these results are probably out of date, as the economy has deteriorated even further since September 2008. Several technology and software providers posted disturbing surprises. Sun posted a loss of $1.68 billion. In October 2008 both Intel and SAP announced mediocre results, but suggested future sales would slow as a result of the downturn. Forrester reported overall tech spending growth may slow to 3-4%, if current trends continue through 2010. This is disappointing compared to previous projections, but IT spending appears to be holding up relatively well compared with other sectors.

I will keep my eyes on tech spending as more data becomes available.

Four Day Workweek

I found this CNET article interesting. The benefits of a four-by-ten workweek include lower energy costs, higher retention, higher morale, and higher productivity. It might also improve commute times.

A past study showed changing the lighting improved productivity, albeit temporarily. Reverting it back had the same affect. Productivity improves temporarily because employees feel management cares about their concerns. The affects of the four-by-ten workweek may be termporary as well.

I see resistance from managers who would say “we are already getting ten hours per day out of the employees, so wouldn’t this simply cut off 20% of our productivity?” This one is harder to address, except that productivity drops with number of hours worked. Productivity is hard to measure, but number of hours worked is easy, so managers often opt for the latter as a proxy of productivity. Most execs would continue to work five or six (or seven) days per week anyway.

From an IT perspective, I see this having a positive affect on Change Management and Release Management–longer change windows on the weekend for changes, upgrades, and rollouts. We might expect higher success rates, but to my knowledge this has never been studied.