Re-Drafting IT & the ITO
The ITO gears up for the future
business needs such as corporate and IT governance are transforming the role
of the ITO into that of a service provider. Kumar Dawada reports
Initially, the role of an IT organisation (ITO) was restricted to hardware
and systems management. But today, companies are totally IT-dependent and hence
the importance of an ITO has grown.
Evolution of the CIO and ITO
Contemporary CIOs are proactively helping business growth. Their job is to improve
customer relationships, increase the organisations competitiveness and
raise overall efficiency, along with IT management. Todays CIOs
are on par with CFOs and CMOs and report to CEOs directly, says Amitabh
Satyam, Country Head, Mobi Apps.
So how can an IT person be good at managing business? This is a question which
is being raised infrequently these days. As Anil Khopkar, GM, MIS, Bajaj Auto
says, IT has become more business-focused as it is composed of functional people
and the senior management. The IT teams main job has changed to that of
understanding the environment in which business leaders operate and function.
The role of IT is to make business leaders successful rather than show
how technologically superior IT is. As long as IT can make the marketing or
manufacturing VP successful, IT itself is successful, says Vikas Gadre,
CIOs are now involved in the companys long-term
strategy and major policy decisions. These days they spend more time in
relationship-building and expectations-management rather than hard-core
technology. In the near future, the ITO will evolve into business teams
and manage service levels to ensure expected business outcomes
CIOs are now involved in the companys long-term strategy
and major policy decisions. These days they spend more time in relationship-building
and expectations-management rather than hard-core technology. In the near future,
the ITO will evolve into business teams and manage service levels to ensure
expected business outcomes. They will contribute more in managing IT business
processes and compliance-related operational risk, and less to managing hardware,
software and applications, predicts Captain Felix Mohan, Director, SecureSynergy.
Emergence Of Corporate And IT Governance
The need for corporate governance has created increasing transparency and integrity
of financial reporting. It has become critical for IT to adopt well-defined,
mature and repeatable procedures. Compliance requirements have extended
ITs role into operational risk management, for which it has to work hand-in-glove
with financial, legal and business operations, says Mohan.
To ensure that IT is aligned to business needs, CIOs are taking the help of
IT governance frameworks. IT governance aligns IT with business objectives,
manages IT risks and controls IT performance. Implementing IT governance and
making IT policy from scratch is difficult. It is better to choose from
a framework what is relevant, what can be implemented at present and how much
later, says Khopkar.
IT governance defines the acceptable use of IT resources and assets of the company.
So having a compliance framework in place does not necessarily make the job
of a CIO more difficult. It actually frees the CIO to do better things
which creates stakeholder value, says Gadre.
COBIT and IT governance structure have helped create a very well defined policy
framework. However they are guidelines and not actionable blueprints. It
cannot be taken and implemented directly. The organisation has to modify it
to suit its needs, adds Gadre.
Getting More With Less
Extracting business value is the primary objective of the CIO whether the business
of an organisation is on growth, sustenance or survival path. If it is
on the survival path then extracting maximum value of current ITs asset is mandatory,
No matter how efficient the ITO, declining budgets and rising responsibilities
require them to do more with less. It can be done by outsourcing
IT technical operations, vendor contract negotiation, systems and process standardisation,
technology retirement, tiered pricing, service levels, enterprise architecture,
automated tools, SOA, and integrating and reusing IT resources, outlines
Getting more for less also applies to manpower. How much value can be extracted
from existing IT staff is crucial. It is difficult to retain talent. In manufacturing
companies, the salary structure of IT staff is in tune with the company salary
structure and not with what the market offers to IT staff. The IT staff can
get a job with better salary elsewhere. The operating cost in terms of
salary is high, but the cost incurred when a person leaves is higher. It may
result in lack of service or inefficient service, both detrimental to the organisation.
We have no choice but to go for outsourcing, reveals Gadre.
When implemented properly, outsourcing of non-core IT functions can result in
significant cost savings and risk mitigation. It helps achieve standardisation,
replace legacy capabilities with state-of-the-art technologies, free up internal
resources, and provides competitive advantage by facilitating focus on core
capability, says Mohan.
For non-IT companies it makes better sense to outsource critical routine work,
which requires a minimum uptime at all times. Only the strategic and core
capabilities which create business value are retained in-house, explains
Outsourcings Twin Side
Outsourcing depends on a proper service level agreement (SLA) and statement
of work (SOW). Your expectation and delivery of service must match. It
is necessary to have a well-defined SLA and SOW. Identify and rectify the inefficiencies
because if they are not clear there is dissatisfaction, says Khopkar.
The improvement in cost, operations and business performance
through outsourcing can be obtained only if outsourcing goals align with business
goals, outsourcing SLAs are well defined and contracts managed properly. Though
outsourcing adds value by best practices, it is a double-edged sword as it has
manpower problems. Its competent staff too may go elsewhere so the providers
need to have a good knowledge mechanism and sharing of best practices to deliver
consistent performance, says Gadre.
|COBIT is an IT governance framework that helps organisations
gain competitive advantage by bridging the gap between IT and overall business
objectives. It has four main sectionsthe executive overview, framework,
core content and appendices. The core content is divided according to 34
IT processes. Each process is covered in four sections such as high-level
control objective for the process, detailed control objectives for the process,
management guidelines and maturity model for the process. COBITs controls
toolset provides means to implement an effective feedback-driven process
to manage IT risk and meet regulatory compliance demands. It supports the
overall business objectives by improving IT systems.
At present COBIT has become the focus of interest
due to Clause 49. The CEO and CFO have to give a personal declaration
and there is heavy penalty in terms of imprisonment if they are not up
to the mark. Now not only the organisation, the business leaders
too are dependent on IT initiatives, which are the CIOs domain,
reveals Vikas Gadre, CIO, Rallis.
Specialisation Moves In
Having a separate team to manage specialised functions brings
accountability, focus and core competency. There is a need to identify and compartmentalise
the pain points faced by an organisation.
Hence, many of these are choosing dedicated teams for specialised functions
like security and compliance. The role of IT is limited to resolving pain points,
so specialisation in that function is a necessity. Specialisation is happening
in IT governance, storage and security. They are all so vast that it is difficult
to find a know-it-all person who can manage everything, observes Gadre.
Since the functions of specialised teams cover not only IT
but also other business processes, the question is, whom should they report
tothe CIO or CEO? From the business point of view, they are responsible
to functional heads. But from a project point of view they are responsible to
the CIO, says Khopkar.
The contemporary CEO wants to limit his controls because he has to take care
of functions like finance, marketing, sales and procurement. Many CEOs insist
that only internal audit and quality report to him directly because they are
the watchdog departments. The CIO is responsible for lapses in security,
BI and IT governance. So it makes more sense for specialised teams to report
to him, says Gadre.
IT Turns Provider
As more companies gear up to provide better service, IT is also adapting its
role to that of a service provider. The traditional ITO, structured around functions
like network, server and applications, is making way for a new structure.
The movement towards service management is creating functions and roles based
on relationship management, customer and vendor, governance and security, ownership
and management of processes, process control and quality. We are all becoming
CSOs (Chief Sourcing Officers). This is because contracting provides service
rather than development, says Khopkar.