S2E4: Dark Side: Business decides and IT delivers

Last year, according to Berkshire Hathaway company, the global information technology market exceeded 8 trillion USD and is expected to grow by 10% (CAGR) in the foreseeable future. The early days of 2022 saw a new high score with single company, Apple in this case, reaching the eye-watering market cap of 3 trillion USD. There could not be more evidence every day that IT moved from yet-another-supporting-function into the wheel of growth that occupies a paramount space in most companies’ strategy.?

However, let us not forget that it is the business that matters as business talks to customers and brings revenue. IT is only to deliver and as Martha Heller stated in “The CIO Paradox” the more senior a corporate executive is, the more likely he is to blame IT when things go wrong. After all as she smartly summarises: “there are only two types of projects: business successes and IT failures”. Sounds about right?

IT is strange and as such shall be controlled?

Quite often people working in IT devisions have in-depth knowledge of particular domain combined with large degree of independence and quite introvert tendency to focus on the technology itself. They focus on the “real stuff”, as we might often hear. In large organisations this often comes on top of the heavy governance with multi-step approval processes, various layers of supervision and tendency to focus on broadly understood compliance. That, multiplied by usage of quite specific and ever-growing technology jargon, may lead to difficult communications between IT and business folks. This is turn creates mutual disappointment and quite often mistrust. Mark Schwartz illustrates business- side view in “A seat at the table” via the following description: “They made you feel stupid. They were unpredictable. They were somehow other - while you were focus on business outcomes, they were focussed on … what? … They babbled away in acronyms and tossed cute but baffling little techie terms around, always with peculiar sense of humour”

Naturally the organisation needs to respond to such a grave threat and this is where CIO kicks in. We need control so CIO is there to keep the geeks at bay and ensure they bring business value. In order to get things in order, the most senior IT officer responds by enforcing policies, standards, maturity models and related governance. Entering is the strict world of business case as each step has to offer clear business value, else “you shall not pass”.

Let’s rollout the controls, shall we?

If you can not convince them, confuse them. Such was a phrase often used by a fellow CIO and a colleague of mine. To the business, Arthur Clarke’s law holds: “Any sufficiently advanced technology is indistinguishable from magic”. So the more business finds IT as a cost centre and IT personnel as somehow reckless troops, the more IT responds in … and IT way. If you want to obtain business value, we need clear business requirements. Too bad with fast changing markets it is a near impossible request and I will deliver exactly what you stated in requirements. No more and no less. You reap what you sow.

The best business response is to invest in business analysts and ensure ample time is spent to adhere to strict architecture standards, security policies, risk assessments and proper project management framework. We need to invest further in proper control functions: risk management, audit, project management oversights, enterprise architecture and IT control. This starts to significantly slow down organisation and makes business change expensive, but after all it is for the greater good since we are finally regaining control. Business will decide what to do and IT is to deliver.

Very well, responds IT, if the business tries to control IT teams by telling them what they must do, IT teams will control the business by forcing it to specify and stick to its initial set of requirements. After all, nobody wants to experience the “scope creep”. Regardless of the fact, nicely captured by Jeff Patton in “User story mapping” that: “Scope doesn’t creep; understanding grows”.

But this is not all, business says, we will benchmark you and since IT is clearly a cost centre we need to consider outsourcing to keep costs at bay. Incoming are various consultancy firms doing sophisticated target operating models (TOM), checking maturity of operations and making efficiency comparisons. That will surely prove we are not in upper-right (aka magic) quadrant of our industry, so there is a potential to cut costs even further. We did this for operations already and works good as gold, so how difficult it might be for IT to follow suit.

We need a transformation

However despite all the right controls and all the best intentions, it seems we are not there yet. One might actually spot early signs of implosion. Bottom-line still grows, people morale is mediocre, time-to-market is increasing, while even the once friendly consultants start to chat about growing Tech Debt. All in all we need a more decisive approach, a transformative one. So let us spin off series of programs and projects enriched by transformation office, data office, digital office, process office and controls office. Since the line organisation proved not being capable of bringing an increased business value, we need to ring fence it and double down on digital transformation. We will transform and we will do acquisitions.

McKinsey study clearly shows that the larger the program, the risker it is. According to this consultancy, large projects run 45% over budget and 7% over time while delivering 56% less value than predicted. If that is not convincing then Gartner, another consultancy, researched that failure rate of projects with budgets over 1m USD is 50% higher than those with budgets below 350k USD.

Hence, few years and hundreds of millions later, it looks like the holy grail to manage IT is still out of reach. IT still delivers a limited business value and perhaps Mark Schwartz is right by stating: “Transformational projects are evidence that a mistake has been made. The worst of these transformational projects are so-called “modernisation projects” - transformational projects undertaken to bring technology platforms up to date .. they are the result of poor stewardship of IT assets and old ways of thinking about IT governance and execution”.

So how about there is a different way. On that ensures business and IT work hand-in-hand and the model is sustainable. The one that uses bright side of the Force…

We are all business

Traditional models can work in markets that are very static, products that are well entrenched and cycle times that are very long. To be honest I find it quite hard to provide an adequate example since all markets these days are less predictable and the age of technology is accelerating at non-linear pace. This brings hardship to many CIOs since they struggle to “prove business value” and quite often have no other means, but to become chief constraint officer. The quest to ensure control means IT resorts to strict standard adherence, hiding behind processes, insisting on upfront clarity on business requirements and becoming extremely risk-adverse. So noble effort to bring business value might result in destroying it. Remember that the greatest risk the company manages is the one of not reaching its business objectives.

If we set the usual business-IT equation aside, then modern way to run the company is an agile one, which in essence means that we inspect and adapt frequently rather than lavishly following a plan. Once this realisation is universally accepted the magic commences. Employees from various teams start to communicate more and do it in a very transparent way. That is because there is no other way to plan and execute together instead of traditional waterfall tollgate cycle. The model usually starts within IT organisation itself where project-based organisation turns into product management with blurred boundaries between the traditional maintenance (aka run) and delivery (aka change). The notion of product owner brings a holistic view, while scrum methodologies ensure we simply keep selecting the highest value (business value) items from a shared and transparent backlog. And those could be items that bring new business features (aka functional) as well as items that ensure adherence to regulations / lifecycle management / production stability or cyber resilience (aka non-functional). Depending on the industry and business model there are limits to what extend this DevOps could progress. However, once benefits are visible the spillover outside IT commences into what is called BizDevOps.

The new model to “control IT”

Once we ensure a holistic ownership and empower line business/IT organisation to make decisions and drive the results, the control appears thanks to increased visibility and ability to adapt very fast (aka agility). We stop referring to everything as urgent and/or mandatory business need, but rather agree that business need is an idea that people believe will improve the business so create return for the stakeholders. We stop using requirements as a way of controlling development teams by constraining their creativity.

Instead, the joint business/IT team is engaged in a voyage of discovery, generating and testing hypotheses and adjusting course where necessary. As Mark Schwartz nails it down “The age of IT organisations hiding behind requirements - “just tell me what you need” - is gone. IT leaders must instead take ownership, responsibility and accountability fro accomplishing the business’s objectives”. And these are diverse and specific to the industry. Sometimes the emphasis is on regulatory compliance and staying within risk appetite, sometimes it is about rapid time-to-market of innovative products and quite often a combination of both.

Pick the right battles

Quite often the goal is not to build faster, but to build less. It takes some time to understand one of agile principles that is to maximise … the amount of work not done. Modern organisations with large IT divisions are plagued by fictitious deadlines, where everything is ASAP and IT troops waste lots of time and energy in frequent task-switching. This makes long-term product roadmaps pivotal as joint business/IT takes a long term view on objectives while having short-term insights into execution. As a result proper time-boxing could follow and the amount of work-in-progress (WIP) decreases drastically. The multi-year priority setting offers executive committee the possibility steer investment efforts on the company level, while IT organisation have predictability to ramp up and adjust accordingly. This is result enables QBR (quarterly business review) practise that glues the firm around company-wide objectives and smoothens cross dependencies and impediments to delivery. And that brings high employee satisfaction stemming from newly gained transparency and confidence in getting things done. Win-win, isn’t it?

Get the right financial insights

In order for the new IT model to work, the traditional approach to finances has to adjust. Project world tends to generate assets that can be capitalised and spread over years and is recognised as change cost (aka good). The holistic model relies on constant enhancement and maximising value within fixed velocity very often consuming cloud services. Therefore we recognise it as run cost (aka bad). There comes a controversial notion that CIOs who are successful in keeping run costs low may be actually doing their company a disservice by creating Tech Debt and making the future risky transformation programs inevitable. So key function of CIO is to ensure total cost of ownership (TCO) per product is properly recognised and “sweating the assets” practice does not occur. Instead joint business/IT owner is always in control keeping low operational risk (Tech Debt). Gone are the cycles of cost cutting -> sweating assets -> operational issues -> transformation uplifts and entering is a stewardship and continuous delivery.

And here comes enterprise architecture

Next to holistic ownership via transparent investment model and proper financials to bring clarity, you need a decent enterprise architecture function. One that is not locked into standards setting and control mentality over series of projects, but ensuring that little debt is created while the company grows. This is thanks by ensuring solutions are built based on good and accessible design patterns, using clear and easy principles, utilising a loosely coupled architecture, integrating ready cloud solutions, automated regression testing and proper monitoring. From yet another control tower into the business facilitator of “solutions that scale and are future-proof”.?

And the best possible summary coming from spectacular “A seat at the table”: “The job of IT leaders is not to execute projects on behalf of the business; it is to steward the asset that is the total of all of the enterprise’s IT capabilities - an asset that has functional capabilities but also latent capabilities to support agility and offer options in the future.”

So CIOs fundamentally create clarity, capability and commitment. Since … we are all business.