From alignment to convergence for IT and business
“Is IT the business’ keeper?” was the somewhat odd question that came from a consultant with an odd title: IT paradigmologist.
Mark Smalley is an IT consultant and studies the emergence and evolution of paradigms in IT, hence the title.
The question he posed was to do with how the relationship between IT and the business has evolved recently, particularly in light of the digital transformation trend. Smalley’s presentation was at the itSMF service management conference, where the major theme was managing IT risk.
In the digital world, information technology is becoming too important to the business, Smalley suggested, to leave to the IT department. He said, citing the old example of the chicken and the pig and their contribution to a bacon and eggs breakfast, that what was needed was the “porcinification of the IT business relationship”. Smalley said that IT needed to move more from the participatory role, to that of life-long commitment.
This, said Smalley, meant that IT and the business were moving from alignment to convergence, and within this context, articulating the business value of IT is a key capability. It was up to each organisation, he said, to determine where to align and where to converge.
“From buzzwords to bizzwords—where IT speaks the language of business and delivers accordingly”
Smalley presented a model for how this might work. With guidance from best practice and new thinking in the IT industry, the IT department turns investment from the business into IT systems and services that meet requirements, and get refined through use in a virtuous cycle. The result is meeting business goals. He characterised this as the transition “from buzzwords to bizzwords”—where IT speaks the language of business and delivers accordingly.
Smalley said that IT needs to use the language of the MBA: benefits, costs, risks etc.
IT has traditionally been very poor in this respect, and Smalley cited figures that showed few organisations knew their percentage IT costs across the entirety of the business. In the financial sector, it was 20-30%, but the average was 10-12%. A show of hands among the audience revealed no one was willing to venture a figure for their own organisation.
Helen Coughlan, head of IT risk governance, AIB, spoke in the context of the Pareto Principle and IT risk management.
She said it is critical for organisations to identify their 20% to allow them to correctly address risk.
Risk remains with the organisation, she argued, it does not matter how far down the supply chain you go for a service.
Applying the 80/20 rule, she said, means assessing risk and impacts to understand the 20% and communicate the 80%. Know what is critical, and start with activities, she advised. Align IT risk with business risk, and develop key risk indicators and key controls.
However, the burden of risk is not IT’s alone, said Coughlan, and it cannot be expected to provide all the answers. Do not assume you know the business criticality of an IT system or service, she warned, communicate with the business at all levels, speaking business language.
Dr Don Page, strategic director of service management, Marvel Software, argued for an outcomes-based approach to risk. He said that we need to start with the desired business outcomes and work backwards to how they might be achieved, identifying risk as you go.
IT is not necessarily aware, he said, of the business risk of IT failures.
He left the audience with some key points for IT:
“If you are not clear on what services are important/critical—ask the business.”
“If you are no clear on the risk of a service failure—ask the business.”
“If you are not clear on service dependencies and relationships—ask the guys who designed it.”
“Identify all elements during the design stage—not after it.”