Long gone are the days when the chief information officer’s role was to “keep the lights on.” That isn’t enough in this digital age. CFOs, along with CEOs and board members, expect technology to be at the heart of their organization’s business transformation.
While the old IT operating model focused on creating sustainable competitive advantages, nothing is truly “sustainable” anymore. But C-suite executives, including the CFO and the CIO, still have to find competitive advantages. The new IT operating model derives transient ones from agility: the ability to jump into a window of opportunity, seize the market, and deftly move onto the next opportunity using technology’s speed, ubiquity, and cost mode.
That trend may have been behind a sharp increase during 2014 in the amount of time the average chief information officer spent with other C-suite executives. According to the 2015 IT Trends Study by the Society for Information Management (SIM), responding CIOs said they spent 40% more time with their CFOs last year than in 2013 and 29% more time with their CEOs.
But how much of it was quality time? McKinsey & Co. reported last week that just over half of respondents in a recent survey of business executives, including CFOs, said that while the CIO is on their senior team, most don’t see him or her as a strategic business partner. It’s a troubling observation, as the average portion of the revenue pie that companies now spend on IT is 5.1% and growing, according to SIM.
Why is there such a rift between the CIO and the rest of the C-suite? According to McKinsey, it may be that the CIO has not aligned IT strategy with business strategy. For example, reducing IT costs was one of the top three priorities for IT executives McKinsey surveyed, but one of the bottom three priorities for business executives.
Indeed, the traditional CIO may soon be facing a Darwinian moment. According to McKinsey’s study, 18% of executives believe a change at the top of their IT organizations could fix their companies’ technology shortcomings.
In 2011, when CBS Interactive sought to fill the role, it didn’t promote an IT leader from within. It didn’t recruit one from a competitor. Instead it hired the chief executive of a technology company, serial entrepreneur Peter Yared (who has since moved on to found application infrastructure company Saphos).
Still, in many cases CFOs and other business leaders can and should help save their CIOs by positioning them to add to their skills and expand their value. Following are several things you encourage them to do in order to become a strategic CIO.
Simplify the IT Portfolio
The new IT operating model described above can’t take hold if the organization is too much encumbered by IT assets that don’t create value for the enterprise.
In the 2014 Application Landscape Report from consulting firm Capgemini, 48% of respondents reported having more applications than they needed, a solid jump from 34% the previous iteration of the survey in 2011.
In order to reduce the sprawl strategically, companies can benefit from applying to their application portfolio a model that CFOs and CEOs are very familiar with: the “buy/hold/sell” analysis. It’s often performed when evaluating a potential acquisition target’s technology, asking questions like:
- What applications does the target run that will be immediately redundant upon Day One after the transaction? (Sell.)
- What ones should you maintain for a transitional period before making a decision? (Hold.)
- What ones does the target run that are better than your own? (Buy.)
CFOs can partner with their CIO colleagues to apply this process not only when evaluating acquisition targets but also when the existing application portfolio gets too crowded. Shut down applications you don’t need, keep running those that you need at least during a transitional period before making decisions on buying or building new technology, and then buy or build what you need to work better than what you currently have.
Indeed, CFOs should be full partners in that analysis. If, as Gartner’s Peter Sondergaard suggested in 2011, “Information is the oil of the 21st century, and analytics is the combustion engine,” CFOs have a fundamental need to understand the company’s data and digital strengths and weaknesses.
Understand ROI Expectations
If you asked your CEO, “What is the single most important metric you use to evaluate your effectiveness,” he or she might say total shareholder return. As a CFO, you may consider return on invested capital as your most important metric.
But what would your CIO say?
Here’s a tool: IT’s return on investment can be defined simply as the business capabilities delivered by the applications it runs divided by its costs (such as software licenses, application maintenance and hardware leases). It’s similar to how miles per gallon measures a car’s efficiency.
In the case of IT, the equation can be performed by weighting each capability (which is not the same thing as an application; a company may have thousands of apps but just dozens of capabilities) according to its value. One way to weight IT capabilities is placing each into one of four progressively higher-value categories: table stakes, differentiators, incremental revenue drivers, and innovations.
Understanding IT’s business capabilities helps CFOs foster dialogue across the organization and provide better visibility on IT investments, what capabilities those investments provide, and what business results they’re expected to achieve.
Manage Shadow IT
Generally defined as the use of systems and solutions that haven’t gotten explicit organizational approval, “shadow IT” can pull an IT organization or the entire enterprise off-course. Gartner reported in its 2015 CIO Agenda that shadow IT can consume as much as 20% of a company’s IT resources.
The cost may not be entirely measurable in dollars. For example, shadow IT can lead to violations of regulations Sarbanes-Oxley. According to the 2015 State of Resilience Report from disaster recovery solutions provider Vision Solutions, 52% of IT executives said they don’t have adequate processes in place to manage outside resources, such as Dropbox. So when Dropbox experiences system downtime, what happens to that important causal analysis your financial reporting manager stored there so she could work on it from home?
If you don’t think that’s likely to happen, consider that 70% of employees that use Dropbox use it solely for work, according to a 2013 report from Forrester Research. If you don’t think at least some percentage of that usage could expose sensitive information beyond any realistic grasp of your internal controls, you’re not paying attention. IT leaders should be ever-vigilant in finding and dealing with instances of shadow IT.
Align on Security
Perhaps even more importantly, what kind of security risks does shadow IT create for your organization? What happens when that financial reporting manager protects her Google Drive account with “password” as her password? What if she has a better password on her Google account, but it’s the same one she uses for her enterprise account, and that password happens to fall into the hands of a hacker?
As former FBI director Robert Mueller once said, “There are only two types of companies: Those that have been hacked and those that will be.”
And he said that in 2012. In 2013, the Identity Theft Resource Center reported more than 600 data breaches. In 2014 it reported a record 783 data breaches that resulted in the release of more than 85 million individual records.
Build Strategic Internal Relationships
According to the McKinsey report, Companies that have CIOs who are more involved in business strategy report better IT performance.
CFOs can help cultivate IT leaders who have business as well as technology know-how by exposing them to different roles in the organization, fostering partnerships with different executives and business-unit heads, and exchanging knowledge across the C-suite.
Bob Dvorak is founder and president of KillerIT, a division of Forsythe Technology. Forsythe is an infrastructure integrator helps large companies solve business problems through technology. KillerIT if focused on helping its customers make data-driven decisions on IT investment, value generation, and risk mitigation.