'IS is a journey'
a General Manager at Larsen & Toubro Infotech, Anantha Sayana, is
responsible for mediating the transfer of services, expertise and knowledge
between the L&T Group and L&T Infotech. Sayana tells Deepali Gupta
about the systems that keep the IT infrastructure humming at one of India's
What are the factors which must be taken care of while
formulating an organisation's IT strategy?
L&T Infotech's goal was to unify common IT services within the group. L&T's
WAN, for example, is centralised and its services monitored. IT must be sensitive
to business requirements and should be able to deliver the services needed of
Once the basic processes such as payroll and CRM are in place, what needs to
be done to ensure a competitive advantage? If I get my invoice and trial balance
on time it is not going to give me an edge over competition. So how do I get
that advantage? If a majority of the procedural work is done on enterprise applications
then the productivity is enhanced.
We have now reached the point where we need IT governance. IT governance relates
to four issues: delivering value, aligning IT with business, risk management
and performance feedback to units.
What are the ERP and upgrade policies of the L&T group?
The major businesses of L&T-the heavy equipment manufacturing, the engineering
and construction business and the electrical business-function more or less
independently. Despite this, we try to synergise the separate infrastructures
and ensure that everyone complies with L&T's broad guidelines. The company
predominantly uses SAP, but between L&T and its subsidiaries we are running
16 ERP systems.
The system depends upon the need of the unit. One unit uses Baan. The message
when investing in ERP was that each business would pick the ERP that suited
its requirements. Therefore the heavy engineering department, which has long
business lead times is radically different from the electrical one. The heavy
engineering plant manufactures a pressure vessel or a regenerator, a process
that takes 18 months. After that, it may rarely do the same task again. For
that kind of application, Baan is better suited than any other system.
Our upgrade policy for ERP is that having got into ERP, we stay current or as
close to the current as possible. Newer features are available only on the current
platform. So we time the upgrade in a convenient manner to work around annual
and periodic closing. You can't do an upgrade without users being involved.
For instance, four of our companies have already moved to the current upgrade
Even if the upgrade is not required, the policy is to upgrade and to start exploring
additional functionality after the upgrade. The policy helps us to move with
current technology. Some functions that may not run smoothly in the ERP system
are carried out in Excel and legacy systems. Such work is not available to the
organisation, it lies on individual desktops, and is lost. The new versions
usually deal with such glitches.
Every change means some amount of business process reengineering
and that disturbs users. How do you ensure the optimal usage of the system?
We undertook an analysis exercise, where we went to every business and listed
activities that should be done on the ERP system, and asked them to tell us
which of the activities are done on ERP and which are kept outside the purview
of the system. We also asked if there was something that ERP did not address?
That gave us two indicators: first, whether or not there was some tweaking that
could be done to address the issues, and secondly, we found units could learn
from each other. A few strategic business units were doing certain work inside
the ERP because they had figured a way to do it. So, we went to the other unit
and asked them to learn from each other.
From the list we also arrived at an ERP business usage index, which we passed
on to all the group companies. This index helped because it motivated and created
competition between our companies on ERP usage levels.
Before we invest in any technology, we get a buy-in from users. Now there is
no resistance to new technology and people want to adopt new and efficient ways
of doing their jobs.
Enterprise Infrastructure Management (EIM) is an important
part of optimisation, is it more about technology or processes?
It's a little bit of both. We use CA Unicenter and it measures all network parameters.
It helps us identify problems, such as those connected to uptime and capacity
utilisation. The tool aids in capacity planning. It also has agents that generate
parameters such as hard-disk usage on the server, response times and so on.
All the planning is done on this tool, because complex systems cannot be monitored
Having said that, the tool itself needs to be implemented. You need to define
processes, publish the information and decide on what you want to do with the
information. We listed this in a manual that we have developed and is aligned
to the IT Infrastructure Library (ITIL) framework. In security, we got L&T
Infotech certified for BS7799. That was important for our international clients
as well as the L&T group. Securing L&T Infotech was an important step
in the process of securing the entire organisation. Standards hold merit because
they define processes.
There appears to be a greater threat to security from the
inside than the outside. How do you ensure information security (IS)?
We've said in a number of forums that IS is a journey. Earlier Internet access
was restricted to a handful of users. Then we realised that everyone was a knowledge
worker, and could benefit from Net access. Then the management needed remote
access from outside the office.
To address internal threats we said that a firewall at the perimeter was enough.
Now we have directory services so that the administrator can take complete control
of the desktop. The rights to install an executable file is no longer with the
user. We have to be on the lookout for technology that allows us the alternative
to take away discretionary usage from users.
Thereafter, training is an integral part of security. Errors and slip-ups can
be avoided by training people.
Deepali Gupta can be reached at firstname.lastname@example.org