How to Develop an IT Strategic Plan

Benchmark the Current Landscape

Get Stakeholders Involved

Identify Gaps in Current Strategy

An IT Strategic Plan Requires Good Communication with all Stakeholders

 

Planning your IT Strategy

If you are in a CIO position at some point you are going to be given the task of developing an IT strategic plan.  This is a far reaching responsibility, and you will need to draw on information from the entire business.  Often this coincides with a major upgrade of core systems.

A good strategic plan will take into account the need for change and facilitate managing and expanding the plan as necessary.  Effectively, future-proofing the IT structure.

Step 1 – Collate opinions

In the first instance gather input from the CEO/Managing director, and his or her immediate executive staff such as heads of departments.  The idea here is to ascertain SWOT.  Strengths, weaknesses, opportunities, and threats of the current strategy.  To do this:

·         Interview CEO/Managing director and executive staff

·         Interview selected personnel  such as Business Information Managers, Application owners, Data owners, Information Security Managers, Compliance Managers, Strategic Sourcing Manager, Global and local Process Owners,  and ascertain business processes

·         Record the information in a spreadsheet and look for trends and themes

Step 2 – Benchmark the Current Landscape (IST)

Benchmarking the Enterprise Architecture is never straight forward.  How IT is viewed varies from company to company especially in relation to processes, applications, data and technology.  Some see it as costs to the business, while others see it as an enabler of business.

Where aspects become particularly murky is in relation to costs and outsourcing.  I would advise that if you feel like you are wading through the mud, you should call in outside help.

When you put your benchmarking report together consider:

• Business strategy, sourcing strategy and IT Strategy.

• Governance and Management Sourcing and Compliance.

• Your position in the multi vendor environment.

• Organisation and process Maturity level.

• Enterprise Architecture.

•Size and scope of the current organization.

• Business and IT spending.

• Are projects funded based on proactive or reactive thinking?

• Are information systems fit for purpose? Is there a multi-year plan for improvement?

• Do you include IT and Data leadership on the organization’s Executive team?

• How are new corporate directives and goals communicated to Business and IT?

• Would outsourcing some or all of IT for your organisation lower IT and even business expenditures?

Step 3 - Process, Application, Data and Technology Review

After you have answered the questions above, the next phase is to determine which elements are up to speed and which need to be replaced by innovative solutions.  Cost vs. Need will see your strategic decision making tested to the limit.

I suggest reviewing each process, application, data, technology elements and comparing it to the users’ needs.  Ask yourself:

·         Who are the “owners” and/or Business Information Managers?

·         What are the needs of the current “owners” and/or Business Information Managers?

·         Review the current elements and identify where the current information system is meeting or not meeting the needs of the Business.

·         Determine when the information system could be considered for replacement or enhancements.  This should be based on not meeting needs, purchase date, security, law, and regulatory requirements.

 Once you have this information you should then be able to formulate an action plan.  It will probably look something like this:

• Identify the current and anticipated needs by interviewing and working with the key stakeholders and related business processes and/or departments

• Speak to the main contractors and determine if the existing information system could or could not meet the needs identified in the steps above

• Perform the same process with alternative vendors, particularly if the current vendor could not meet the required needs sufficiently

Step 4 – Strategic Goals vs. Gaps in Current Plan

With all of this information the shortfall between the current plan and the strategic goals of your organisation will become apparent.  You should list what these are, as you will then have a basis to put your strategic plan to remedy gaps.

You might find:

• Growth goals for the organisation may not be in line with current business and IT investment

• Business and IT staff may be improperly sized to support growth or meet the current needs

• Information systems may be identified for replacement sooner than expected

• End-users lack sufficient training to maximize the use of existing information systems

 Step 5 – The Strategic Plan

It is best practice to create a multiyear plan to address the gaps you have identified, based on immediate needs first.  The plan should try and look to the future, and factor in the fact that some IT services and projects would be dependent upon gaps being filled in the plan. 

It is also a good idea to encourage the management team to give IT a ‘seat at the table’ if it is not already, to help facilitate changes as needed.

Good luck

 

How I Delivered an Architecture Streamlining Project

Use Teams to Their Strengths

Formulate a Robust Strategy

Identify Areas Where Problems Might Arise

Delivering the project

In this post I want to talk about a project I delivered.  I want to highlight the challenges I faced, how I formulated my strategy, and how I coordinated my team to successfully deliver the project on time and on budget. 

My hope is that it may help you with your future projects.

Using Tuckman's model I got the best out of my team

The Brief

To formulate a strategy and solution to replace/upgrade applications, servers, clients, contracts, licenses, business impact analysis, business continuity plans, while maintaining the IT infrastructure and architecture within the organisation, minimising downtime and ensuring replacements/upgrades were up to task.  Where possible, the replacements/upgrades would have lower maintenance costs and downtime.  The replacements have to comply with country specific laws and regularities as ISO27001.

 Assessment

The scope of the project was large.  The organisation had business applications, servers and clients running different and aged operating systems and applications.  Windows NT, Windows 2000, Windows 2003, Windows XP, and Windows 2008 were all in operation.  Most needed to be replaced and/or upgraded. 

Strategy

I decided that to meet the project deadline, I split my team into two, allocating sites to them respectively.  I felt this would speed up the project as the deadline was tight.  I was also determined to stay within budget, and I knew time would be a factor in that. 

The personnel in the team were chosen to compliment their strengths and weaknesses.   I ensured that they had natural project leaders, and I made them responsible for their team’s performance.  This provided me with one point of contact for each team.

After the teams were finalised I gave each team leader the following brief:

·         Take an inventory, rationalize and capture the following data:

Ø  Usage statistics including trends, capacity, performance, and growth since inception.

Ø   All applications and services running on the clients and servers.  This included usage within the organisation, business process maps, ownership and agents.

Ø  All data connections between applications, specifically middleware and interfaces.

Ø  A list of all SLA, licences, and contract requirements.

Ø  Business impact analysis, business continuity plans and disaster recovery plans.

Once this was complete on all sites I then decided to conduct a Product Risk Analysis. Although a lot of the architecture and infrastructure was going to be made redundant, a fair amount was going to be retained.  The aim of the analysis was to grade the amount of testing required and the amount of redundancy.  At this point I factored in security requirements outlined in the brief.

After discussions with my teams I identified:

·         The applications and services which required upgrading and the minimum technical specifications the replacements needed

·         Pinpointed the (business) applications, clients, servers to be retired

·         Mapped (business) applications dependencies to servers

·         With input from my teams we ensured the replacements/upgrades would meet SLAs, law, regularity and security requirements

·         Gap analyses, business and disaster recovery plans

From this point we had a clear path or at least a clearer path.  Although we had made good progress so far I wanted to bring in the next phases faster, as I knew bringing new architecture online and testing was going to be stressful.

At this point I assigned the following to my teams: applications, data, infrastructure, contracts & licenses and business continuity, as we knew this would be stressful as we carried out the following:

·         Local Consolidation of applications (incl. data(bases) based on standards and policies

·         Global Consolidation of applications and hardware standards and policies

·         Architecture work to define the new architecture and infrastructure, taking into account redundancy requirements etc.

·         Create test scripts for the SIT, UAT and PAT testing of the new IT landscape

·         Rework SLA and contract requirements.

Execution

Once I was satisfied we were ready for the next phase, we began to transfer users to the new environment, and integrate the architecture we were keeping with the new information systems.  I assigned teams to handle the transition and I kept a vigilant overview. I decided that we would integrate the business processes and supporting departments one at a time so we could monitor and address issues.

We scheduled the transition at a convenient time.  I negotiated this throughout the organisation, liaising with departmental managers and (international) leadership team.

The migration went extremely well and was able to address issues before they became problems. 

Overall the project went smoothly and I delivered it on time and on budget.  My teams were exceptional and many of the complications I foresaw never materialised thanks to our planning and execution and a hawk eye on project teams development during all stages.

To get the team to perform I followed the recognisable stages of “forming, storming, norming, and performing." Psychologist Bruce Tuckman, who created this memorable phrase, later added a fifth stage, "adjourning" or "mourning."

My advice is to use Tuckman's model to help your team reach the performing stage as quickly as possible. First you identify the stage of development that your team is at. Then, you use strategies that move your team through to the next stage in the team formation process. With focus and hard work, you'll quickly have a high-performing team.

This was invaluable for this project.

 

 

 

 

 

Implementing Vulnerability Management Programs

Prioritise Critical Areas

Go Beyond Compliance

Incorporate Operations

Developing your Vulnerability Management Programs

Identifying Threat Vectors is Essential

 

Most organisations have implemented a vulnerability program but it is fair to say it is underutilised.  The purpose of this post is to help you workout where you are with your vulnerability program and how you can improve it.

Remember, an organisation that can understand its vulnerabilities are in a better position to protect critical assets.

How often do you scan for Vulnerabilities?

Scanning for vulnerabilities is a good and important part of the process, but to make it work for you, you need to put in place workflows, processes, and analytics to manage the system and protect critical data.  If you are just scanning for vulnerabilities and patching once per week, well you need to up your game.

This is why;

As the infrastructure expands the more critical systems become exposed.  A “patch Wednesday” mentality is not adequate.

Start Prioritising

It is important that you start prioritising data in terms of importance and focus on protecting it.  You should consider implementing penetration testing on the assets that need the most protecting, and you should start to create metric reports.  Moreover, you need to analyse the reports and look for weak areas of your vulnerability management strategy.

Look Beyond Compliance

Once you have implemented good reporting systems and focused on mission critical data, the chances are you’re doing enough to meet compliance demands.  This should now be taken to the next level.  Think about a strategy and taking a risk based approach.  Identify areas which need improvement.  This will become increasingly important as the organisation grows.  The need to prioritise mission critical assets will increase.

Test each patch to try and expose vulnerabilities.  This will help you devise better patch updates and make you more aware of risks.

You may want to download fact sheets from the National Cyber Security Centre.  Click here.

Is your Organisation ready for the Robot Revolution?

Business Processes Already Benefiting from Artificial Intelligence

Countries Investing in the Viability of Robots Increases

Benefits from Artificial Intelligence is being Realised

Are you ready for the AI Storm in your Business?

Business intelligence is set to revolutionise business. Will you be ready?

 

A few years ago you probably would have laughed if someone said to you that software robots would be streamlining and handling your data.  If that same person then added that the robots would learn the business, influence decisions, and make businesses more agile, you would be within your rights to have them consigned to a mental hospital.

Come forward to the present day and that guy is being proved right.  Senior C-level executives, business decision makers, and technology experts believe that the age of artificial intelligence tools, which use big data, analytics, and are capable of learning how a business operates, will play a significant part in how organisations  extract value from business data.

If they are right, then businesses and organisations should be able to move a lot faster to meet the needs of their customers and clients.  They will be far more agile, and in theory should generate a lot more revenue.  And let’s not forget that machines tend to make fewer errors than their human counterparts.

A recent survey by Business Process Service Company Cognzant reveals that many believe this age is already with us.  Five hundred and forty seven respondents to a Cognzant survey believe they are automating around 25-40% of their business workflow.  Around half of the respondents believed that automation would enhance and improve their business.

Intelligent Process Automation (IPA)

This new form of workflow is more than just a belief in the business world.  The UK government has invested £327 million into the use of robotics and autonomous systems.  The chances are other countries will also invest in as the benefits become more pronounced.

Gajen Kandiah, executive Vice President of Cognizant said:  'The future of process work includes connecting skilled people to increasingly powerful technologies such as autonomic computing - including artificial intelligence, machine learning and deep learning - that can increase savings, enhance insights, and accelerate business. This shift is playing out in just about every industry.

 'Our new study findings show that this trend will only accelerate over coming years as business leaders seek agility, better customer understanding, and cost savings.'

With the possibilities of IPA, the future is exciting.  The question is however; will your organisation be ready to implement it?

 

How to Develop an Enterprise Data Strategy

Mine ‘Big Data’ Effectively and Efficiently

Appoint ‘Data Stewards’ to Manage Data

Develop your Business Strategy

Big data if mined correctly, can help better target your business strategy

Big Data Offers Opportunities

Despite ‘Big data’ being big news, and online material showcasing its advantages, most organisations are yet to develop a strategy to mine and analyse data.  The aim of this is post is to help you see the steps needed to develop a data strategy.  A good data strategy providing you act upon it will make your organisation more agile, increase revenue, and see business critical trends.

Your Data and Business Strategy

From the outset it is important you can see the link between your business strategy and the data you collect. Professionals in the field of data analysis often find that this is not always easy as businesses do not always have a defined strategy, or one that is immediately clear.

If your business does not have an immediately defined business strategy, it is a good idea to develop it.  This will make the link between your data and your strategy clearer.

Once this is complete it is time to link data to the business.  One approach is to take a forth coming project which spans the business.  This ensures that executives from every aspect of the organisation are involved.  Ideally, the project will either collate or draw on data in some way.  This makes data part of the project from day one.

Appoint Responsible People

To successfully glean information from your data, you will need to appoint people responsible for collecting it.  Business intelligence companies often refer to these people as ‘data stewards’.  They should be more business focused than IT focused as they will need to interpret the data they are collecting and quantify it.  Responsibilities for your data stewards will include:

• Collect relevant data
• Ensure compliance
• Define the management of data collected
• Correct data quality issues as they arise

To do it effectively, they have to have a good understanding of the business aspect they are collecting data for.  This will help them sort the wheat from the chaff, and as such, make the data useful and valuable to the business.

Making Sense of the Data

To make sense of the data, you need to determine what you want to find from the outset.  To that end it is a good idea to put together a team of people who can discuss what information you want to extract.  This could be fairly simple stuff at first, but as time goes on and your teams become more experienced, finding good quality trends will become a lot easier.

Overcoming Data Strategy Issues

Most business intelligence companies find there is often resistance when new data management policies come into play.  Mid-level managers and IT staff can often be resistant.  They often feel their territory is being impeded.  A good way to avoid these conflicts is to make them part of the process.  This not only gives them responsibilities, but it aligns your IT infrastructure with business goals.

Once you implement data strategy, you bring considerable benefits to the business.

Harness Big Data and Embrace Challenges and Reward

Use Big Data to Deliver Content Dedicated to your end Customer/Client

Improve your Services based on Big Data Results

Big Data is about Identifying and Analysing Trends

Big Data is a Big Deal

Undoubtedly, ‘Big Data’ gives you the power to analyse your customer/client choices and develop products and services which fit their needs.  You can also, arguably, influence their choices.  Given the right people and enterprise architecture, you can develop a user driven business.  This is has obvious advantages including lower marketing costs.

For years we have taken advice from websites such as Amazon and iTunes who employ recommendation engines:  “Customers, who bought this, bought that.”  This algorithm has no doubt contributed to more sales for both giants.  This has paved the way for one of the best uses of Big Data we have seen in recent times and how it can be utilised to give subscribers what they desire.  The company that has achieved this goal is Netflix.

Using data it mined from subscribers it discovered that customers liked political dramas, especially the BBC miniseries “House of Cards”, the actor Kevin Spacey, and director David Fincher.  The result was a remake of the BBC miniseries.  The TV show has been a huge success.  It is currently in its third season since it launched in 2012. 

Netflix did not just look at popularity but trends.  And it is these trends that your architecture and algorithms has to handle to make use of Big Data, and to justify developing the resources to handle it.

Big Data Influence

Big data is being used to influence how organisations are run at almost every level of our day to day lives.  Police collate data to predict where crimes are going to take place, and allocate resources accordingly. 

Purchase history is now being linked in ways which were a pipe dream a few years ago.  Target, a company which make various lotions and beauty products predicted with some accuracy that when sales of unscented lotions increased the chances are the purchaser was pregnant.  They then targeted her with related products.

In the realm of human health, air quality and certain conditions are being linked for the first time as researchers can pull in data from a wider variety of sources. 

For your organisation the results can be just as good.  Imagine what you could do if you had algorithms capable of predicting with a high degree of accuracy the spending habits of 80% of your customers.  How much you would sell if you could influence their decisions?  Netflix have stated that 3 out of 4 customers are influenced by their recommendation engine.

Big data is not just limited to service delivery but impacts other aspects such as stock control, and the times of year when you are going to be busier.  This influences how much stock you need to hold and when you need to take on temporary staff.

Big data is active in business and public life.  Providing you have the infrastructure to collate and make sense of the data, a new world of revenue streams becomes available.  In fact your organisation might change the way it develops products and services entirely.

Understand Cloud Vendors for Better Cloud Performance

Choose Vendors who use Multiple Systems

Ensure you Have Good Relationships with your Vendors

Ensure your Supplier is Suitable

Understanding cloud vendors will make all the difference to your business

 

Making the cloud work for you

A key area for effective cloud management is to understand your vendors.  This is true in performance terms, security, and their future direction.  The idea of this article is to help you understand the sourcing strategy you require for the cloud and that through careful consideration you can decide exactly what you need from your cloud supplier.

Key Elements of Cloud Suppliers

Business Needs

As the cloud allows you to build apps which are bespoke to business requirements, it is important you choose a supplier which is more aligned and in-tune with your business.  Ideally, you want vendors that can facilitate multiple software systems, to minimise your API development.  Without covering well trodden ground, some aspects you need to consider are:

Data Storage: Where will your data be held?  Does it violate your present client contracts?  See my article; Will Compliance stop you implementing the Cloud?

Suitability: Will it deliver what you need to make your business more efficient?  If you are going to endure a transfer period to the cloud, related hardships during the process, you have to ensure you will have a better more agile way of working at the end of it.  See my article, Transforming to the Cloud- A Restructure Story

Cost:  Do the long term costs justify the expenditure?  This is often hard to assess as pricing models for the cloud are quite different from traditional IT services models.  Nonetheless, it is possible to get a reasonably accurate picture of cloud costs by looking at data consumption of previous years.  Where it is hazier is trying to predict the impact of having more of your staff working on app development.  This is a major selling point of the cloud.  Your workforce will be more agile once implementation is complete.

Business Security

With a cloud platform security both in terms of accessibility and data storage location are issues.  Given that your provider can store your data to the satisfaction of your clients and regulation, how is accessibility managed by your provider? And how effective are the controls?  This may not be a major concern with bigger established suppliers such as SAP, IBM, and Microsoft, but it might be a problem if you go with a small independent supplier.

Future Direction of your Cloud Provider

A key to good cloud vendor management is to understand their future direction.  Are they comparable to the needs of your business?  A year downs the line do you envision a better or worse cloud system?  The key to getting a picture of their future direction is to maintain a good relationship with your supplier.  Make sure you have a way of getting advance notice of major changes, and from your side ensure you have key people involved at every stage.

When you choose to go down the cloud route your selection of vendor will be crucial to success.  Ensure you choose one which can both deliver a good agile system and one which complies with your business needs.