CIONET Magazine 12

3

What’s next.

I am proud to present you the new CIONET: new website, updated commu-nity site, new brand & logo, new countries, new tagline and new positioning.

We are CIONET, the biggest community of IT executives in Europe. Bringing together over 3,500 CIOs, CTOs and IT directors from wide ranging sectors, cultures, academic backgrounds and generations, CIONET’s membership represents an impressive body of expertise in IT management. CIONET’s mis-sion is to feed and develop that expertise by providing top-level IT executives with the resources they need to realise their full potential.

Faced with the rapidly changing role of today’s IT executive, CIONET not only helps its members keep up with the pace of change but empowers them to take an active role in shaping the future of their field, always challenging them with ‘What’s next’.

Our community continues to expand rapidly and I am excited to welcome CIOs from Sweden, Portugal and Luxembourg. We are on course to grow in 2012 to over 4,500 members in 11 countries, supported by 100 business partners.

In 2015, the shortage of IT workers in Europe is expected to rise to 700,000. This skill gap has major implications on the corporate IT function. In CIO City 2012 European Commissioner Neelie Kroes invited all CIONET members to join in a Grand Coalition for IT Jobs. are you up to the challenge?

Congratulations to the 2012 European CIO of the Year award winners: José Manuel Inchausti of MaPFRE, Pieter Schoehuijs of akzoNobel and Oliver T. Bussmann of SaP ag. Their stories are outstanding examples of the business value CIOs bring to their organisations.

This issue of CIONET Magazine illustrates what’s happening in our commu-nity today. The IT organisation of the future is the driving force of business transformation, new digital business models and innovation. The current IT transformation is driven by BYOD strategies, outsourcing partnerships, social media, cloud computing and the need for soft skills.

May the Force be with you.

Hendrik Deckers Founder and managing partner CIONET International

4 Event report CIO City 2012

CIO City 2012 predicts an increasing number of CIOs on the board in the coming years.

The IT organisation of the future

During its second outing, CIO City took a look at the future of the IT organisation and the role of the CIO. More than 150 CIOs and IT directors gathered in Brussels to exchange ideas during this international CIONET event.

The presence of a CIO on the board is a measure of the importance of IT. It often used to be the case that the role of chairman would be assumed by the CFO. More recently, this duty was assigned to the HR or market-ing director. Now, the expectation is that we will see an ever increas-ing number of CIOs occupying the chairman’s seat at companies in the coming years. Some idea of what a CIO can contribute to his or her company was gleaned, for example, from the presentation of the can-didates for the European CIO 2012 awards. Neelie Kroes, Vice President of the European Commission and Commissioner for the Digital agenda for Europe, had the honour of hand-ing out the awards, as she did last year. She stressed that language should never be a barrier. CIOs must be able to learn from one another was Kroes’ message, as she under-lined the importance of initiatives like CIONET and CIO City. “IT is of huge strategic importance”, she said. “IT is changing society. We must embrace this change even though it is some-

times difficult still to convince others to do so.” Neelie Kroes stated that she regards broadband as the basic building block for any truly con-nected economy. High-speed broad-band is essential for the cloud. This was also the finding of a survey into the business value of broadband that CIONET and INSEaD eLab conduct-ed among a selection of European CIOs.

a European IT policyEurope would like to see everyone have access to a network with a capacity of at least 30 Mbps by 2020. “Perhaps that should even be 100 Mbps”, said Kroes. In the meantime, Europe is investing seven billion euros in stimulating the broadband market. “Competition is vital because this will compel the players to put more effort into innovation.” Kroes is convinced that the cloud offers an important opportunity that might in time generate one million jobs and hundreds of millions in economic benefits. “It’s important that the cloud happens with Europe, not to Europe”,

‘Competition is vital because this will compel the players to put more effort into innovation.’

Neelie Kroes, European Commis-sioner for the Digital Agenda: “IT is changing society. We must embrace this change even though it is some-times difficult still to convince others to do so.”

Martin Mocker from MIT Sloan: “It is important that a common language for both IT and business is created.”


will be the emergence of generation Y in particular that will bring about change. “These are the people we refer to as digital natives”, explained Paul Redmond, Head of Careers & Employability at the University of Liverpool. “They have grown up in a world that has changed fundamen-tally, not just technologically, but economically and socially as well.” Where competition for jobs and careers always used to be confined to one area, genY must do battle with the whole world: not merely with people of their own age from their own city or university, but with con-temporaries from China and India, too. What is more, the young people

of genY have a very different mindset to their parents and grandparents. Paul Redmond: “They speak their mind on everything and are allergic to routine.” generation Y therefore looks at work and career in a com-pletely different way. These are young people who take it for granted that

their employer will provide them with a dynamic career path. It was par-ticularly fascinating to see the young professionals in the audience enter into dialogue with the CIOs present – typical representatives of generation X – at Redmond’s instigation.

The perfect stormNew technology is fundamentally changing business. “Technology used to come upon us in waves”, said Pascal Matzke, analyst with For-rester Research. “One wave followed another: first the mainframe, then the PC, then the Internet. But now we have the cloud, mobility and big data, all sorts of things are happening si-multaneously. We find ourselves in a perfect storm.” The success that the cloud enjoys today is not just down to the standardisation of the tech-nology or the availability of devices. a crucial part in the story is played by the consumers who pick up the trend. “The consumer is not really interested in the underlying technol-ogy, but in what a solution has to offer in terms of added value.” In this sense, the cloud provides a new form of engagement with the consumer, who is a firm believer in having smart technology at home, at the office or

‘Now all sorts of things are happening simultaneously.’

The emergence of GenY will bring about change.

More than 150 CIOs and IT directors gathered in Brussels to exchange ideas during the second edition of CIO City.

8 Technology-Driven Category European CIO of the Year 2012

MaPFRE is the largest insurance com-pany in Spain and Latin america. It operates in eighteen countries, em-ploys almost 33,000 people and gen-erates revenues in excess of 23 billion euros. José Manuel Inchausti began his career with MaPFRE in 1988. One of his roles was as general Manager of the organisation in Colombia. Since 2007, he has been the group’s CIO.

IT plays an important part in the suc-cess of MaPFRE. Like many insurance companies, MaPFRE’s business has become heavily intertwined with IT. “We have developed a business pro-cess platform that we support with IT”, says José Manuel Inchausti. “This allows the business to enter new markets and establish new offices quickly.” MaPFRE also has a platform that provides consistent support for the relationship between business and customers via various channels.

MaPFRE’s IT organisation is divided into two domains: demand and sup-ply. On the demand side, the IT or-ganisation looks at how it can meet the needs of the business, particu-larly through automation and optimi-sation of the business processes. The

supply side of the IT organisation is responsible for, among other things, architecture, IT governance and sup-plier management. But the business too bears an important responsibility. José Manuel Inchausti: “Even though they are often heavily dependent on IT, the business units do remain responsible for their own efficiency.” The IT organisation provides advice and support, but it does not inter-vene of its own accord in the man-agement of the business processes. Within each business unit a working group is charged with developing the business processes further, while the IT organisation supplies the neces-sary frameworks and tools.

'Focus, communi-cate and be proud of your work.'

MAPFRE is entering new markets and establishing new offices quickly.

IT supports rapid expansion

Three learnings of José Manuel Inchausti1. Focus. MaPFRE has brought knowledge relating to business intelligence, customer intelligence, business processes, human capital and social media together in centres of expertise.2. Communicate. MaPFRE uses social media to promote internal communication and cooperation.3. Be proud of your work. José Manuel Inchausti is proud of the strong ethical principles of his employer.

José Manuel Inchausti, CIO at MAPFRE: “Thanks to the technological initiatives, the costs for IT have fallen by nine percent, freeing up more budget for innovation.”

European CIO of the Year 2012 Business Process-Driven Category 9

Technology is assisting AkzoNobel with a radical transformation.

Closer to the customer

akzoNobel is the largest producer of paints and coatings in the world. The company operates in eighty coun-tries. akzoNobel has a workforce of 56,000 and realised revenues of almost 16 billion euros in 2011. Pieter Schoehuijs worked in a num-ber of roles, including IT Director at BaSF Catalyst and CIO at Church & Dwight, before his appointment as CIO at akzoNobel in 2009.

akzoNobel’s IT department has approximately a thousand staff and a budget of 300 million euros. IT is important to akzoNobel because the technology is assisting the company

with a radical transformation: the integration of the supply chain with key customers and suppliers. When Pieter Schoehuijs joined akzoNobel

as CIO, he encountered a particularly heterogeneous application land-scape. “There were literally thou-sands of systems present, and many more servers.” akzoNobel had de-veloped over the years out of fifteen different enterprises and entities. The company was keen to leverage the synergy potentials by bundling these into one group.

In actual fact, Pieter Schoehuijs wanted to consolidate the entire group on one single ERP platform. However, to give the different busi-ness units the necessary room to manoeuvre still, akzoNobel decided to limit itself to six ERP systems. “at the start of the project we had 183 ERP systems in-house. Today, that number has already been halved. This means that over the past three years we have shut down an average of two ERP systems a month. We will continue to do this for at least another four years, after

which we will be left with these six planned systems.” During this major consolidation operation, akzoNobel is harmonising its business processes so the group can better integrate its supply chain with customers and suppliers.

'If operational tasks are outsourced an inflow of specialist talent is lost.'

Three learnings of Pieter Schoehuijs1. Adopt a flexible attitude. The role of the CIO is changing, partly under the influence of the cloud and the consumerisation of IT.2. Orchestrate. The task of the CIO is shifting towards the management of information flows, in combination with an in-depth understanding of the business processes.3. Keep the door open. If operational tasks – such as network management – are outsourced an inflow of specialist talent is lost, with potentially disastrous consequences.

Pieter Schoehuijs, CIO at AkzoNobel: “As the CIO, I sit on steering commit-tees with, among others, the CFO and the HR manager. Together, we look at what we can do to harmonise the business processes further.”

10 Client-Driven Category European CIO of the Year 2012

SAP runs SAP.

A good example

SaP is a german enterprise that develops business software, which it markets to 183,000 customers worldwide. The company employs almost 55,000 people spread over more than 75 countries. In 2011, SaP generated revenues of 14 billion euros. Oliver Bussmann has been the CIO at SaP since 2009.

IT is not just what SaP sells, it is also something the company itself uses particularly intensively. Oliver Bussmann has performed an optimi-sation exercise on various fronts. He focused first of all on the operational aspect, which included increasing the availability of the systems for SaP’s 15,000 developers. IT is also involved in a major transformation operation. “Our aim is to post a turnover of 20 billion in 2015”, says Oliver Bussmann. “at the same time, we want to increase our margin from 30 to 35 percent.” In order to achieve these results, SaP is also counting on the innovative capabilities of its own IT department. Oliver Bussmann has transformed the silos of the IT department into an agile organisa-tion able to satisfy the plans for the business.

Bussmann’s most important accom-plishment has been the ‘SaP runs SaP’ programme. as a result of this, SaP itself is now the software company’s number one reference customer. Oliver Bussmann: “This means that we are best placed to know how to improve our products and services.” a central aspect of the programme is the close relation-ship between the IT department and SaP’s development team. The IT department provides the developers with regular feedback, which they

can immediately translate into soft-ware improvements. Whenever new products or services are available, SaP starts using them first, gener-ally six to twelve months before the rest of the market. The programme also explores possible synergies with other technologies. One outcome of this is that SaP’s IT department already now supports more than 15,000 iPads.

The silos of the IT department were transformed into an agile organisation.

Three learnings of Oliver Bussmann1. Look for the added value of IT. In three years, SaP transformed its IT organisation from a black box into a force that drives real and profound change.2. Think like your customer. SaP grew to become the largest customer for its own software. This gives the company an insight that all other customers enjoy.3. Know your customer. In 2011, Oliver Bussmann had 250 meetings with CIOs and IT managers of customers that themselves want to achieve more using SaP.

Oliver Bussmann, CIO at SAP: “We grew to become our own largest reference customer. This has enabled us to be on the ball even more quickly when it comes to improving our prod-ucts and services.”

European Commissioner’s blog 11

Observations of European Commissioner for Digital Agenda Neelie Kroes at CIO City 2012.

CIONET welcome to join the Grand Coalition

European Commissioner for Digital agenda Neelie Kroes was a prominent guest at CIO City 2012. These are some of her observations. It was really nice today to meet the members of CIONET again – IT leaders from businesses around Europe, showing what new technology and systems can do for businesses.

I’d asked them to give me evidence about what the ‘digital agenda’ means for them: like what fast broadband can do for their business. and the report they have compiled with INSEaD is great reading. It shows the positive difference of fast connections. and the great things they can do to boost their business if they do have consistently fast broadband – like getting all those great cloud benefits.

They also let me know some of the things we could do to help out Europe’s businesses – like promoting open competitive telecoms markets, and cutting excessive data roaming charges. I’m committed to delivering both of those – despite pressure from certain parts of the telecoms sector to actually reduce levels of competition.

Common challengesand we got to discuss the common challenges facing us – on the one hand as policymakers in the Commission, on the other as those responsible for managing huge IT systems in the private sector. In particular I highlighted to them the huge opportunities of IT employment in the year to come. and it’s clear that CIOs are already aware of these issues – in particular that increas-ing outsourcing means they are not always able to train IT staff for the long term.

Win-winSo I invited them to join me in a grand coalition for IT jobs. I am glad they agreed with me that this would be a win-win. On the one hand, doing justice to today’s young people by providing them with the tools to access future opportunities; on the other, ensuring businesses will get the human resources they are going to need for sure in the future. Plus I was there to reward some of the most successful CIOs – people who have shown what IT can deliver for big businesses. Well done to all of them!

‘The report the CIONET members have compiled with INSEAD is great reading.'

Neelie Kroes, author of this blog, is European Commissioner for Digital Agenda.


A great example of what IT can bring to a country.

Singapore, a pilot nation

at the CIO City 2012 event last april, commissioner Neelie Kroes met with Ms Choy Peng Wu, group CIO of the Neptune Orient Lines.

Ms Wu is also the former govern-ment CIO of Singapore and was the ‘asia Pacific CIO of the Year’ in 2011, conferred by IDC. Ms Wu was one of the keynote speakers at the CIO City event. given her background both in public administration and the private sector, CIONET took the opportunity of Ms Wu coming to Europe to set up a meeting with commissioner Kroes to discuss the asian experience and to share their views on IT.

a great ‘social leveler’at the end of the meeting Ms Wu concluded that in Singapore eSkills are just assumed by government, organisations and citizens to be there. This conclusion did not come by itself and was not easy. as early as 1981 Singapore established a 'Na-tional computer board'. Its objective was to exploit and export IT and bring Singapore in the 21st century. Initially, the government lead the way and the first ten years were used to show by example, automate the government and learn. after those ten years effort was made to automate the interac-tions with government and support SMEs to use IT. and online filing of your income tax is just a two-minute

exercise which gets a time reward above paper based filing which one has to hand in earlier.

also eSkills education starts early in life in Singapore. Every library and all primary schools have broad-band access and at least 15 PCs per classroom, there are common PCs in the school labs and there is a requirement that at least 30% of the normal school curriculum should be IT enabled. Furthermore, a major investment is made to train teach-ers in the use of IT. Ms Wu sees IT- enabled education as a great 'social leveler' where poorer families now get the same access to information and opportunities. afterwards, com-missioner Kroes indicated to be very satisfied with the meeting.

Europe and the rest of the world can learn a lot from Singapore. It is a pilot nation and a great example of what IT can bring a nation: prosperity and being prepared for the 21st century.

Frits Bussemaker, Partner CIONET The Netherlands, is the author of this article.

Singapore shows IT can bring prosperity to a nation.

Choy Peng Wu, Group CIO of the Neptune Orient Lines: “IT-enabled education is a great 'social leveler' where poorer families now get the same access to information and opportunities.”

14 CIO view CIONET Norway

CIO Mette Bakke developed her role in line with the evolution of WW group.

150 years of shaping the maritime industry

The global maritime industry group Wilh. Wilhelmsen Holding (WW group) has changed a lot during its 150-year history, often being well ahead of the others. Mette Bakke, senior vice president and CFO of the group’s maritime services organisa-tion has been in the centre of this change for the past 15 years.Mette is also the group’s chief information officer, responsible for IT, finance, strategy and human resources. Her background includes a degree in finance and a lot of leadership experience.

as the IT function has been auto-mated and standardised, her area of responsibility has expanded. It’s a trend in this field and a hot topic at CIONET these days.

IS LiteThe gartner group’s ‘IS Lite’ model encompasses this phenomenon, showing how a governance model can be used when developing a global IT organisation. It closely resembles Maslow’s Needs Hierarchy model, starting with basic needs and ending with self-actualisation – all within an infrastructure. The IS Lite model has three compo-nents:

Driving innovation, including strategic planning, architecture

design and business requirements definition. Delivering change, including system development and support of user changes. Supporting infrastructure, including desktop support and data centre and network operations.

In the WW group, this model has been the basis for how the IT func-tion is organised. It has proven to be successful. Its governance roots give it added power in collaboration with business areas, strategic vendors and sourcing partners alike.

LeadershipMette explains that she has devel-oped her CIO role in line with how the company has evolved and her leadership experience has grown. It has been quite a ride, she says! From 2005 to the present, revenue from maritime services has grown from MUSD 150 to MUSD 1,000. The company has grown and now has 400 offices in 71 countries supported by 5,500 employees and with the capability to deliver in 2,200 ports in 125 countries. Wilhelmsen Maritime Services is today a global integrated service group covering all time zones.

global processes and structures have been established to ensure that the IT organisation delivers, for example,

Wilhelmsen Maritime Services is today a global integrated service group covering all time zones.

CIONET Norway CIO view 15

the Balanced Scorecard methodol-ogy. Mette describes how the skills and experience of her different roles enable her to lead an efficient and streamlined organisation.Leadership is a key word in this context, she emphasises. The com-pany vision, shared values and basic philosophy all link the employees together and strengthen their effi-ciency and ability to develop. This is part of the Wilhelmsen group culture

and closely linked to the WW group brand, the proud W flag. The group culture and shared values make it possible to handle many complex issues at the same time. In her man-agement role, Mette focuses on leadership to inspire, influence and initiate productive change within people and processes.

Change managementThe changing CIO role is most eas-ily seen when discussing the future of the company. No matter which direction one looks, the pace of change is increasing all the time. The organisation and its supporting pro-cesses must be built for change.

The organisation and its support-ing processes must be built for change.

Various types of competence, com-bined with the employee’s ability to absorb new competence will be a key for the future, Mette says. “There is a clear trend towards organisa-tions that are multi-functional and prepared for centralisation, combin-ing different services. Leadership in knowledge-based companies will demand new skill sets.”

Judging from experience so far, Mette's type of background and experience may be a good model for others to use when the time comes to find tomorrow's CIO.

‘There is a clear trend towards or-ganisations that are multi-functional and prepared for centrali-sation, combining different services.’

Mette Bakke, CFO/CIO Wilhelmsen Maritime Services: “Leadership in knowledge-based companies will demand new skill sets.”

CIONET UK CIO view 17

addressed. Understanding before signature how each party will respond to problems is actually a good way of discovering how parties will work together on a daily basis and how resilient the relationship is likely to be.

Managing the relationship actively Stagnation is a risk and demonstrat-ing improvement through outsour-cing is an important success factor. Sound governance processes can ensure transformation stays at the top of the vendors’ agenda. There are many examples of prob-lems arising, despite service levels being met, because outsourcing ap-pears to have stopped adding value to the client’s business. Benchmark-ing can help, and regularly testing suppliers’ financial and service per-formance against others in the mar-ket will bring out aspects that would otherwise fester under the surface. Jeremy Smith, managing director at major benchmarking consultancy Maturity, says regular price bench-marking ensures competitiveness, even when the service changes over time. “If the vendor tries every route open to him to avoid undertaking a benchmarking exercise, there is usu-ally a reason – and that reason is not that the price is too low”, he says.Contracts are often concluded

where both parties have very specific objectives. The term of many agree-ments can be five years or more, and business priorities can change sig-nificantly over much shorter periods, causing major shifts in the risk profile. Renegotiation is infinitely preferable to termination for all parties involved.

Recognising IT is a people business Having the right people in place is possibly the most critical factor. Experience on both client and vendor sides of the negotiation is an increas-ingly important part of an IT profes-sional’s career resume. Confrontation is easy; successful long-term relationship management needs professionals with a sustained and balanced view of priorities. Smith says longevity of the vendor’s account team is a factor which is often overlooked. “In many of the cases where we have found unhappy relationships, the vendor’s account lead or team is changed on a basis which is too frequent. Whilst it is obviously good to see change occasionally – with a professional handover, to ensure fresh ideas and motivation – over-frequent changes will lead to frustra-tion on both sides.”Chris Tiernan of grosvenor Consul-tancy Services, who has been advis-ing buyers of outsourcing services for

Having the right people in place is possibly the most critical factor.

more than 20 years, says the key to success is three-fold: “Having realistic expectations of suppliers’ capabili-ties to deliver, of your own staff and advisors’ abilities to secure favourable contractual terms, and a requirement to manage the relationship through its lifetime.” as externally-provided IT services be-come increasingly critical to business performance, a balance of expecta-tions, governance and management will help to ensure sustained and successful outsourcing partnerships.

18 Special feature CIONET France

Growing popularity of Bring Your Own Device raises new challenges.

Impact and experience

Bring Your Own Device (BYOD) is a hot topic for CIOs. The request from users is getting higher and higher but numerous are the issues, which were discussed at the seminar dedicated to BYOD by CIONET France a couple of months ago.

Which issues do CIOs have to deal with? There are matters from a man-agement standpoint (How to handle diversity and security?), from a legal standpoint (Who owns data?) and, finally, from an HR standpoint (Where is the frontier between business and private life?). at its seminar CIONET France invited several experts to present two interesting views on that matter.

First, our media partner Silicon.fr, met with David Remaud (SPIE Com-munication) to get an overview on this topic. “One of the issues of BYOD is to enable access to all the company’s information system applications”, says David Remaud. “Numerous applications are now accessible thanks to a basic browser, which make them compatible with the majority of equipment and exist-ing OS. For those, requiring the use of client software said ‘heavy’, the desktop virtualisation may turn out to be an effective alternative and allow to respond to portability and even security issues.”

Security and Business organi-sationabove the security aspect, the BYOD has several consequences on the business organisation and more specifically on the telecommuting organisation. BYOD is not revolu-tionising teleworking, already widely used thanks to the Internet and to laptops, but it modifies employee’s behaviour. The frontier between private and professional spheres is more diffused when we use the same device. The employee is able to get connected to professional tools at any moment. Since then, do we need to count working hours made on secondary terminal?

HR issuesFurthermore, to avoid hypercon-nectivity, often source of stress, managers and collaborators will have to respect a labour framework regarding the use of computer tools.

It may, sometimes, be important not trying to impose standards regarding personal equipment, which stay, by definition, chosen and set following the user’s will. It is necessary, then, to avoid creating discrimination between collaborators who want to/can buy a smartphone, a tablet PC or a laptop and the others.

BYOD is not revolutionising teleworking, but it modifies employee’s behaviour.

CIONET France Special feature 19

The legal aspectsThe legal aspect is also of para-mount importance in a BYOD policy implementation. Regarding internal policy, it is smart to revise the good use charter of computer tools as a complement to company’s rules and regulations. Equipment and data they contain but also insurance respon-sibility notions are to be considered. Which procedure, which solution when equipment containing profes-sional information is damaged or stolen with confidential data? “Ques-tions regarding the BYOD notion are numerous, but answers still remain uncertain. Like any new phenomena resulting from society and its prac-tices, this change will be progressive and will need to be supervised within companies. In addition, to make their information system always more flexible, companies will have to integrate this new trend in their facili-ties and applications’ transformation plans”, concludes David Remaud.

bYOD at electricité de FranceElectricité de France launched its experimentation a year ago, for 100 users of a business department. Being members of CIONET France, Bruno Lambert, Director of the Shared Services Centre at EDF and Jean-Michel Sarda, Department Director explained us their project.

This is the feedback demanded Electricité de France got, both from the users and the IT department:

request from the users: To have different terminals adapted to their tasks and contexts. Demand of the ‘generation Y’ staff.iT expectations: Value of IT (‘state of the art’). To take into account terminal diversity (smartphone, tablet PC, laptops) for employees and for providers accessing to the EDF IS. To introduce a new activity model generating cost reductions (support of the workstation by the user itself). To integrate experience feedback in the design of the future workstations offered by the company.

During this experiment, EDF had to take into account various key issues:

security anti-virus access, Controlhr & Legal The BYOD offer is an alternative offer to the company’s standard one, we can’t constrain an employee. a barrier between professional and personal data must be granted. The co-financing conditions must be determined (acquisition of hardware, software, maintenance and insurance contracts is necessary). The use, in a professional context, of the hardware and software owned by the user must be checked. a mutual engagement convention must be created before any implementation (duration, security obligations, obligation in terms of working hours, sanction in case of no respect).change management Measuring the IT management activity impact (and in particular self-care). adapting IT management processes: assistance, repairing Telecommunication agreements Licences management

Bruno Lambert, Director of the Shared Services Centre at EDF, launched a BYOD experiment for 100 users.

20 Broadband CIONET Survey

Enhancing the business value

of broadband Recent views from Chief Information Officers

Results from the 2012 CIONET & INSEAD eLab survey of European CIOs on the business value of broadband

What’s next.

3. the challenge faced by many CIOs of managing across locations with different connection speeds; 4. barriers to adoption that CIOs believe the European Commission could help remove.

ConclusionDrawing from these insights, commissioner Kroes concluded: “This study shows that broadband delivers for businesses – whether it is by helping staff work collaboratively, or by giving access to important new resources like the cloud.” Commis-sioner Kroes further expressed her desire “to continue strengthening collaborative and constructive en-gagements going forward so that the European Commission can best en-able its organisations to operate and innovate competitively.”

INSEaD & CIONET proudly present the survey ‘Enhancing the business value of broadband: Recent views from Chief Information Officers’.

The broadband survey narrates key insights from CIOs on enhancing the business value of broadband. as a result of the successful collabora-tion on the 2011 European CIO of the Year awards and the 2011 IT-Enabled Leadership Report between CIONET, INSEaD eLab and her team, Neelie Kroes, Vice President of the Europe-an Commission and European Digital agenda, requested that CIONET and INSEaD eLab conduct a survey on the business value of broadband. The online assessment was completed by 110 CIOs from over six European countries, representing a variety of sectors.

Four major insightsThe findings uncovered four important sets of insights with regards to enhancing the business value of broadband.

They include:1. the impacts of having greater broadband connection speeds (rather than simply having access to broadband);2. the key drivers of future demand for greater broad band connection speeds;

INSEAD & CIONET survey presents the view of 110 CIOs from over six European countries on broadband.

Enhancing the business value of broadband

The European Commission could help remove barriers to adoption.

INSEAD and CIONET joined forces and produced an in-depth survey on the insights of CIOs on the business value of broadband.

Download the report here: cionet.info/broadbandvalue

22 CIO view CIONET germany

Big companies can’t innovate – we don’t believe so, says Danone.

Innovation can happen

In large organisations, not everybody with a good idea will succeed in getting it to the attention of senior management. and without that, there is probably very little chance that this idea will ever turn into a competitive advantage for the company.Michael Kollig, EMEa CIO of Danone, knows that: “as a more senior em-ployee in the organisation, I have the opportunity to create awareness with the right people, which increases the likelihood that something will happen with my ideas.” But what happens if you are an apprentice or junior staff member? Usually, they are too remote from senior decision-makers and thus, the hurdle for their ideas to be discussed is really high limiting the chance that they will ever make it. “an idea at the beginning is like a small plant, it needs protection and watering to grow strong enough to withstand the adverse environment”, says Kollig. “at the same time, it’s often the young people in our organisation who have plenty of new, out of the box ideas about the use of technology, based on their daily experiences with it.”

That’s why Danone Information Systems (DaN’IS) initiated a world-wide innovation process. Inspired by a similar approach in one of the business regions within Danone, the roll-out of the innovation process

has been started. It is based on the game Changer Methodology, which is also used successfully by organisa-tions like Shell (The game Changer Methodology is a flexible process

to incorporate innovation in normal working practices). Initially, the global IS organisation of Danone will be piloting the process, facilitated by Michael Kollig and his team. If that proves successful, the intention is to extend the approach to other parts of the Danone organisation and eventually also to open the process for external stakeholders.

So how does it work?Every member of the global IS staff can introduce ideas on an internal platform (you may call it Danone’s internal ideas social network). Other staff members are encouraged to

comment, like or dislike the ideas, so that popular ideas are becoming eas-ily identifiable. It’s really an internal crowdsourcing approach. Basically, there are no limitations to what type of ideas can be proposed, but they have to fulfil the following principles: They need to be relevant for Danone. There needs to be a clear reason why Danone should do it. a business potential is feasible.

Other than that, it’s an open field. So what happens with all these ideas, which are continuously created and qualified by like/dislike buttons?

a team of ‘internal venture capi-talists’, with funds and resources provided by senior management of Danone IS at their disposal, will pick the most promising ideas. The crea-tors of the ideas remain the owners and will drive the development. “This is very important to us; we want to give the innovator all the required room to develop his or her idea.” Leaves the question: When can they work on it? Is it late nights and early mornings? No it isn’t. Part of the decision to implement this innovation process included agreement amongst all involved people managers in the global IS organisation, that the people who work on their ideas are partially released of their daily tasks.

'It’s often the young people in our organ-isation who have plenty of new, out of the box ideas about the use of technol-ogy, based on their daily experiences with it.'

CIONET germany CIO view 23

“Obviously, this is a significant invest-ment, but we are convinced that the measureable ROI will be significantly higher, while we increase employee satisfaction and involvement at the same time.”

However, like all projects, it depends on the buzz created around it. “We need to promote this to keep the momentum.” There will be incentives to participate, video broadcasts and peak events to continuously create awareness for this project. and while the main communication line is a social media environment, there will be room for face-to-face meetings. This includes info events at the local sites and workshops, where the creators of the best ideas will be invited to discuss and develop their concepts. It’s also considered to include ’gamification‘ elements like leader boards in the process to keep it attractive and motivating.

CIO = Chief Innovation Officer?Is it logical that the CIO drives such an innovation process? It depends. The CIO is the person in the organi-sation who has probably the ‘broad-est’ understanding of the internal processes and usually knows all pro-jects and procedures. Furthermore, it is the responsibility of the CIO to provide enabling technology for the company to improve its competi-tive positioning. For that, he needs to understand the requirements of the internal and external customers. Combine all of that with the natural affinity for new technology and the CIO looks like the ideal candidate to be the Chief Innovation Officer. “It’s not really important whether innova-tion is driven by the CIO, it’s impor-

The CIO must provide enabling technology for the company to improve its competitiveness.

tant that innovation can happen”, says Mr Kollig. and for that, the Chief Innovation Officer needs to operate outside of the traditional hierarchy of the organisation to make innovation happen.

What’s next?Can this innovation process be compared with a typical IT project? “Usually the outcome of a regular IT project is known at the beginning, the question mark is more about when is it ready and how much did it really cost.” In this case, the project contains a high level of risk regarding the outcome. “Let’s talk about the re-sult next year”, says Mr Kollig. as we are curious how this great project will evolve, we agreed that we will come back on this Danone initiative in our CIONET magazine next year.

Danone is one of the world lead-ing companies in healthy nutrition. With the four business divisions fresh dairy products, baby food, waters and medical nutrition and brands like Activia, Actimel, Evian, Volvic, Milupa, Nutricia and Cow and Gate it gene-rated globally 19.3 billion euros sales in 2011.

Michael Kollig, EMEA CIO of Danone: “An idea at the beginning is like a small plant, it needs protection and watering to grow strong enough to withstand the adverse environ-ment.”

CIONET Italy Special feature 25

social media and information secu-rity management. The percentage of enterprises currently investing in these technologies and practices is presented in the picture (p 24).

Cloud solutions are maturing to the point where enterprise IT leaders are giving them a longer look. They might be under internal pressure to ‘go to the cloud’, but smart IT leaders are taking measured steps that make practical and economic sense for the business. Enterprises are becoming more trusting about moving auxiliary work to the cloud, but are still hesitant to move mission-critical work there because of security and control con-cerns. But, as cloud service providers continue to demonstrate their reliabil-ity, scalability and security, CIOs are considering them for more purposes.

Mobility has eliminated the bounda-ries of space and time. Customers are always connected, and compa-nies can interact with them at any time. The implications cannot be overstated. With information about products becoming as important as the products themselves, almost every company is now in the busi-ness of creating and delivering ‘con-tent’ – information that is personal, relevant and timely when accessed by customers.

Social media impactThe scale of the impact of social media can be staggering; real-time information amplifies the network effect. Social media represent a relatively new channel for engag-ing and conversing with custom-ers, prospects and employees in an open and transparent environment. These channels incorporate the basic components of a social interaction – listening, talking and asking questions

– and they use a variety of platforms and tools in lieu of, or in addition to, face-to-face interaction. The essence of social media is to listen, ask ques-tions, talk and engage with peers. So-cial media leverage the power of the Web to find, to engage and to build relationships with peers, and it is no secret that the relationship between businesses and their customers has changed dramatically, as has market-ing, sales and customer service plan-ning. any enterprise that is not using social media may be shut off from its customer and prospect base for mar-keting, brand management, service and support, and education.

Our Information Security Manage-ment research captures the evolu-tion of this practice. Throughout the intervening years, the protection of IT assets has evolved from tech-nology safeguards into a full-time management discipline. Today, large organisations employ Chief Informa-tion Security Officers (CISOs) along with dozens of security architects, analysts and operators. Furthermore, security management is continuing to advance from a tactical IT task to a strategic set of formal policies and procedures that are tightly integrated into the business.

Social networks and digital devices are being used to engage with gov-ernments, businesses and civil so-ciety, as well as friends and families.

People are using mobile and inter-active tools in general to determine who to trust, where to go and what to buy. at the same time, businesses are undertaking their own digital transformations, rethinking what customers value most and creating operating models that take advan-tage of what is newly possible for competitive differentiation. Nowa-days, the challenge for businesses is how fast and how far to go on the path to digital transformation.

In June, CIONET Italy organised its CIOsummit, where CIOs met a panel of CEOs and founders of Ital-ian enterprises whose brands have acquired global recognition. They held a challenging debate on how business and IT can enhance collab-oration and synergy better in a world where individuals and companies are embracing the digital revolution.

Enterprises are still hesitant to move mission-critical work to the cloud because of security and control concerns.

Mobility has eliminated the boundaries of space and time.

26 Special feature CIONET Spain

Francisco García Morán, Director General for Informatics at the European Commission, explains its ambitious strategy.

Is the Digital Agenda for Europe on course?

‘Identifying and fighting cyber-crime is one of our top priorities.’

The Digital agenda for Europe was adopted in 2010. Francisco garcía Morán, Director general for Infor-matics at the European Commission, explains how the strategy was devel-oped and sheds light on its future.

What are the objectives of the Digital Agenda for europe? “The European Commission adopted the Digital agenda for Europe (DaE) in May 2010 as a strategy to take advantage of the potential offered by the rapid progress of digital technol-ogies. The DaE is part of the overall Europe 2020 strategy for smart, sustainable and inclusive growth and comprises 101 specific policy actions (78 actions to be taken by the Com-mission, including 31 legal propos-als and 23 actions proposed to the Member States) intended to stimu-late a virtuous circle of investment in and usage of digital technologies. To monitor progress, we have set 13 key performance targets, we have taken stock every year and we have published the results on the DaE scoreboard.”

What have been the main achieve-ments since then?“Our last measurement was in 2011, and the picture at that moment was that progress in achieving the key performance targets had been promising but mixed. On the positive

side, regular Internet usage has risen rapidly, including among disadvan-taged groups, as has sporadic use, leaving fewer and fewer non-users. Citizens use egovernment more and more, including interactively, and are rapidly taking to buying online, as are SMEs. Basic broadband is increasingly available, even in the remotest corners. Finally, the market share of LED lighting is expanding swiftly. In all these areas, the targets will be met early if current trends persist.On a couple of other targets pro-gress is insufficient, albeit real. Citizens’ uptake of cross-border eCommerce is barely growing. SMEs are only gradually starting to sell online. access and subscriptions to very high-speed broadband remain concentrated in a few places for the moment. Roaming prices have fallen, but only slowly. and public investment in R&D has not risen. In all these areas, the targets will not be met if current trends persist.”

Trust and security are two impor-tant areas for the DAe. What is being done there?“The growing use of IT increases our need for trust and security in it. It is estimated that half of Internet users have refrained from at least some major online activities due to secu-rity concerns. Therefore, trust and

security is a key area for the Digital agenda. Identifying and fighting cy-bercrime is one of our top priorities, as is enforcing the right to privacy and to the protection of personal data – fundamental rights in the EU.Member States are best placed to protect their own infrastructures, but we are currently concentrat-ing much of our effort on critical infrastructure protection and on strengthening the CERT commu-nity in Europe. We are also working with the public and private sectors to properly secure new technolo-gies and business models, such as those arising from the adoption of cloud computing. I would also like to mention the role of ENISa, the European Network and Information Security agency, in preventing, de-tecting and responding to network and information security problems.”

CIONET Spain Special feature 27

One of the DAe’s projects is the eGovernment Action Plan. What are the objectives in that field?“The egovernment action Plan 2011-2015 is helping public authorities to use information and communication technologies to offer better ser-vices at a lower cost, while making life easier and better for individual citizens and businesses in terms of improved access to public services. It is supporting the transition to a new generation of open, flexible and seamless egovernment services at local, regional, national and EU lev-els, where users can actively shape the online public services that suit their needs best.

Our goal is to increase the use of egovernment services to 50% of EU citizens and 80% of EU businesses by 2015 and to ensure that a number of key public services are available on-line so that entrepreneurs can set up and run a business from anywhere within the EU independently of their original location and so that citizens can more easily study, work, reside and retire anywhere within the EU.National governments will play a central role in the implementa-tion of the action Plan whilst the Commission’s main responsibil-ity is to improve the conditions for the development of cross-border egovernment services. The action Plan builds on the Malmö Ministerial Declaration and contains measures grouped into four categories: empowering users, contributing to the internal market, enabling the effectiveness and efficiency of governments, and putting in place pre-conditions for developing egovernment, such as eSignatures and eIdentification.Concrete examples of action Plan measures include implementing once-only secure registration of data with government and developing the EU-wide use of national electronic identities (‘eID’) to smooth cross-border procedures, such as starting a company abroad, moving home or work abroad, arranging your pension online if you retire to another coun-try, or registering at a foreign school or university.”

What are the commission’s priorities and projects for the coming years?“Our goal is to create the neces-sary conditions to ensure long-term prosperity and growth in Europe.

‘We want to create the necessary condi-tions to ensure long-term prosperity and growth in Europe.’

The Europe 2020 strategy and the Digital agenda for Europe contain the framework we think is needed to ensure smart, sustainable and inclusive growth.Just to give you an example, the Commission has recently proposed the ‘Connecting Europe Facility’ (CEF), which plans to fund 50 billion euros worth of investment to improve Europe’s transport, energy and digital networks. Targeted investments in key infrastructures will help to create jobs and boost Europe’s competitiveness at a time when Europe needs this most. Of the 50 billion euros, it foresees that almost 9.2 billion euros will go into supporting investment in fast and very fast broadband networks and pan-European digital services, leveraging other private and public investments as well. In the area of digital infrastructure, our target for 2020 is that all broad-band access will be at speeds of at least 30 Mbps with at least 50% of households subscribing to speeds above 100 Mbps. as regards digital services, the money would be used for grants to build infrastructure needed to roll out eID, eProcure-ment, electronic health care records, eJustice and customs-related ser-vices. The money would serve to ensure interoperability and meet the costs of running the infrastructure at European level, linking up Member States’ infrastructures.and, internally, we are working on an ambitious egovernment initiative, called eCommission 2012-2015, with which we want to lead by example in the transformation of European public services.”

Francisco García Morán, Director General for Informatics at the Euro-pean Commission: “Our goal is to increase the use of eGovernment ser-vices to 50% of EU citizens and 80% of EU businesses by 2015.”

28 Event report CIONET Belgium

The cloud is still a hot topic in IT but the challenge is shifting.

Managing cloud vendors

The cloud remains one of the main hot topics in IT. But the subject of the debate appears to be shifting. It is no longer about whether a business should move to the cloud but about how. Managing the relationship with cloud vendors represents the most important new challenge.

The use of cloud services is framed within a contract. Only, contracts for cloud services often deviate in prac-tice from the obligations that used to be standard between a client and an IT provider. “a contract in the cloud often looks really simple, but it is still very much a binding document, of course”, says Ywein Van den Brande, lawyer and founder of Crealaw, a law firm specialising in technology and new media. “You can enter into an agreement with a cloud provider with just a couple of clicks. But even so

it is still important to go through the content of the contract thoroughly beforehand. Without a sound con-tract you will not have a leg to stand on, especially if something hap-pens to go wrong with the service afterwards.” according to Van den Brande, a contract needs to include not just the general and specific terms, but also clear information on SLas, the acceptable use policy and the privacy policy.

a number of points require special attention. “Quite a few cloud con-tracts state that the provider can amend the agreement unilaterally and without any announcement”, explains Ywein Van den Brande. Obviously, as a client you should be extremely wary about this. The same goes for the description of the quality offered. Cloud providers very

‘We do not see the cloud as the Holy Grail, but it is helping us move forward.’

Ywein Van den Brande, lawyer and founder of Crealaw: “You can enter into an agreement with a cloud provider with just a couple of clicks. But it is still important to go through the content of the contract thoroughly beforehand.”

Paul Danneels, CIO at VDAB: “Even in the cloud you have to avoid vendor lock-in and, at the same time, make sure you have a good exit strategy.”

Jean-Luc Robins, CRM Manager at SWIFT: “In the cloud you can never be one hundred percent in control. That’s why it is important to establish a relationship with your vendor that is built on trust.”

CIONET Belgium Event report 29

rarely offer cast-iron guarantees and tend to rely on a description that is rather more vague like ‘best effort’. In connection with these guaran-tees, you might want to consider at the same time whether it would be logical to conclude an agreement with a strictly defined SLa. Ywein Van den Brande: “This too requires careful thought. Does it make sense to demand a 99.9 percent uptime? How are you, as the client, going to monitor this? What kind of compen-sation can you demand if the service level has not been met?” as a client, it is important that you have an exit strategy right from the outset. “You need to pay close attention to the provider’s liability or lack of it, to the options for terminating a contract, to the security and recovery of data, and so on.”

Flexibility takes priorityPaul Danneels is the CIO at VDaB, the Flemish government service that matches the needs of companies that have vacancies with job seek-ers. “The challenge for us is to find a balance between supporting the business with more new IT initia-tives and doing so within the budget available.” The cloud offers a wealth of possibilities here. Paul Danneels: “We do not see the cloud as the Holy grail, but it is helping us move forward. For example, the cloud provides easy access to applications. The barriers are low, for the average citizen as well. In the cloud, gone are the days when bringing your own device was an issue. Everyone can make use of applications, regard-less of time, place or device.” The cloud is also helping the VDaB to cut costs. The organisation has less need for infrastructure and can rely, via the cloud, on cheaper applications. For instance, the VDaB is currently switching to google apps for email and collaboration. and ‘Wegwijs’ – an application that provides regional job information – also runs in the

cloud. What is more, the personnel employed by the VDaB are using the tool Yammer.

Paul Danneels has integrated the cloud into the VDaB’s IT roadmap. “The starting point was obvious: where can the cloud provide added value within our existing plan?” This enabled the VDaB to avoid any kind of vendor push. The organisation sought solutions to meet specific needs, adopting a proactive stance with regard to the business. Paul Danneels likens management of the relationship with providers of cloud services to the more traditional form of outsourcing. “They actually re-volve around the same issues: service levels, security and access to data. Even in the cloud you have to avoid vendor lock-in and, at the same time, make sure you have a good exit strategy. Before we embarked on our collaboration with google, we thor-oughly tested how we might retrieve all our data from the cloud and bring it in-house again should it ever prove necessary to do so.”

Full speed ahead to the cloudSWIFT is the platform that banks and financial institutions use to ex-change information. The organisation migrated its old systems for case management to Salesforce.com. “We don’t believe you should neces-sarily begin small in the cloud”, says Jean-Luc Robins, CRM Manager at SWIFT. “The implementation of Salesforce.com is a big project.” SWIFT names cost-cutting as a motive for the migration. “There is no such thing as a zero footprint, of course, but the total cost of ownership of a SaaS solution has to be lower than that of on-premise software.” at the same time, with SaaS it all comes down to finding the right bal-ance between price and content. Jean-Luc Robins: “Obviously, there is on-premise software that offers greater functionality, but the imple-mentation and maintenance costs will also be much higher. With SaaS, we can rely on a more effective delivery, with greater agility and less complexity.”at the same time, SWIFT is aware of the limitations that come with a cloud service. Jean-Luc Robins: “You have to accept that in the cloud you can never be one hundred percent in control. For this reason, it is important that you establish a relationship with your vendor that is built on trust.”

More smoothly than expectedIn the end, the VDaB migrated seven thousand users and the correspond-ing archive to google apps in just one weekend. Paul Danneels: “To be honest, that went more smoothly than we had expected.” The project has generated considerable cost savings for the VDaB and has also delivered high-level satisfaction among users. The latter, in particular, is an important point.

The cloud is helping the VDAB to cut costs.

30 CIO view CIONET France

During the last two decades, the IT department’s role moved from being a producer of technology to a ser-vices go-between. The externalisa-tion policies imply the CIO to be an integrator of multiple services pro-viders and also allow him to propose a wider scope of services that match the enterprise business needs, says Ludovic Tassy, corporate CIO of alain afflelou.

Today, with more than 1,000 optic shops in France, Switzerland, Spain, Luxembourg, Belgium, Morocco, Lebanon, Tunisia and the Ivory Coast, alain afflelou is a strong leader in its industry. In 2009, the IT department used to manage its infrastructure with a private cloud, with a single data centre. This sys-tem hosted the email services, an extranet and an EDI platform and had a limited disaster recovery plan. Today, the company has shifted the infrastructure management to a service provider. “Our group is moving very fast”, explains Ludovic Tassy, “and we needed to externalise the management of our platforms.” This decision had several objec-tives: mutualise the IT resources and optimise the infrastructure to reduce costs, become more agile thanks to virtualisation of the servers to be able to react more quickly to the fast-changing business require-

IT transformation leads to new role of the CIO as a multiple services providers integrator.

Services included

ments, avoid the physical moves of the data centre. Finally, simplify and make more consistent the various contracts with a unified manage-ment of the assets and a fee-based contract model with the suppliers. “Before it was difficult to know when to finish a contract. Now, with the externalisation, we have got much more visibility”, explains Tassy.

Significant progress

The project had four main parts: first, the externalisation of infrastructures (integrator plus hosting provider), virtualisation (with VMWare), IT consolidation and security (disaster recovery plan and data replication).

“The IT department became much more reactive thanks to this plan”, says Ludovic Tassy. “We made very significant progress in several fields.” Financially, the savings do exist but are limited. “The financial advantages are always stressed on in externali-sation projects but they are not the only ones”, says Ludovic Tassy. “There are also benefits at the management

‘With the externalisation, we have got much more visibility.’

Ludovic Tassy, corporate CIO of Alain Afflelou: “The financial advan-tages are always stressed on in exter-nalisation projects but they are not the only ones.”

Philippe Rosé, Chief Editor of the French magazine ‘Best Practices’ and member of CIONET France Advisory Board, interviewed Ludovic Tassy.

32 CIO view CIONET UK

Going digital relies on executive and consumer alignment says Wellcome Trust head of IT Mark Bramwell.

Follow the leader

Rapid growth requires a flexible architecture. So, how can CIOs establish the right kind of IT strategy that will allow the business to cre-ate a flexible enterprise architecture that meets the demands of the digital age?One thing is certain: technology chiefs must be at the forefront of organisational change. annual Hori-zons research undertaken by IT lead-ership expert CIO Connect shows 97% of CIOs believe one of their key areas of strength is connecting technological possibility to business opportunity. IT leaders, then, are in a prime position to take advantage of the fast-changing nature of IT-enabled business change.Mark Bramwell, head of IT at chari-table foundation Wellcome Trust, recognises the role of CIO is about creating the right enterprise architec-ture strategy for the digital organi-sation, yet he also suggests the IT leadership role must not be under-

taken in isolation.“any prioritisation in difficult eco-nomic times needs to be led by business objectives”, he says. “Long gone are the days when the CIO sat alone; modern IT departments have to recognise that they are part of the organisation and must be totally aligned with the expectations of business customers.”Bramwell joined Wellcome Trust five

years ago. after 16 years at retailer WHSmith, who he joined straight from university, Bramwell moved to become head of IT development at the Trust, before becoming head of IT three years ago. “It’s a unique organisation, where you are work-ing on something different – such as investment, research or finance – every day”, he says.

Delivering an IT strategy that is fit-for-purposeLooking back on his three years in the top IT job at Wellcome Trust, Bramwell says his key achievement has been the delivery of his first IT strategy. The back-to-basics pro-gramme, covering rationalisation, virtualisation, data centre technology and consolidation, has helped push the restructuring of the IT depart-ment, including some tough deci-sions around capability and customer service.Bramwell, for example, ran a two-year virtualisation project to concen-trate on system availability, which now stands at 99.97%. “Technology is all about service”, he says. “If people can’t use the IT you implement, then the CIO loses the invitation to be involved with making business decisions.”With the right footing in place, Bramwell is now turning his attention to this second strategy – and that

‘The whole concept of business IT inno-vation does not just sit with the CIO.’

Mark Bramwell, head of IT at chari-table foundation Wellcome Trust: “The IT leadership role must not be under-taken in isolation.”

CIONET UK CIO view 33

approach to enterprise architecture is all about repositioning the IT depart-ment so that it can meet business expectations in the digital age. “Ex-pectations are now very high – the bar has been raised and every outage is a major event. But that’s a healthy problem”, he says.Bramwell delivered 46 successful projects through 2011, and he says the biggest challenges are often around anticipating and meeting business expectations. “The bar has been set high now, and we must continue to deliver value through IT. You have to say that if the organisa-tion wants a particular agenda, it has to work with the IT team”, says Bramwell. “The new strategy is all about re-aligning IT. The specific pillars cover information exploitation, information access, mobility collaboration and engagement. It’s not rocket science but it’s absolutely crucial. The en-terprise architecture must be appro-priate for business need – and that could be cloud based or even more disparate, with apps set up for access across many locations.”

Supporting the digital enter-priseBramwell, who spoke to CIO Con-nect following an HP IT leadership panel analysing Economist Intelli-gence Unit research, says technology

chiefs have to recognise that there

is a huge expectation around the support of consumer services. Peo-ple often use multiple devices and the personal cost of computing has become much higher. Bramwell estimates desktop sup-port costs were about £500 to £600 a year five to six years ago and now stand at about £1,750 to £2,000 today, given the extensive use of mobile technologies, such as smart phones and tablet devices. Cost is an issue, then, but Bramwell also believes CIOs must find a way to support consumerisation. “I don’t think CIOs have the luxury of sitting back and ignoring the trend”, he says. “We have a tech-savvy board and IT is very important to the busi-ness. We take technology extremely seriously.” He gives the example of an initiative started 18 months ago that led to the deployment of 130 apple iPads to help executives in the business run paperless committees. Bramwell says performance issues are the key to creating a digital strategy that is fit-for-purpose. Employees need to know what they can expect in terms of IT provision, whether that is in relation to the desktop or mobile devices. “We’ve looked to decrease operational costs, but we want to be smarter, regard-less of where that impetus comes from”, he says, before returning to

the issue of outcomes-driven IT.“The whole concept of business IT innovation does not just sit with the CIO – technology is an enabler but the exploitation is just as important and that responsibility lies with the business”, says Bramwell. When it comes to key current trends in IT in-novation, he suggests the creation of a tangible business case of consum-erisation is not straightforward but that CIOs must get strategic.“We’re embracing regardless of return on investment because of the time and productivity benefits”, he says. “as a business, we’d prefer our staff to be working rather than updating their Facebook profiles. But consumerisation is all about creating IT that is fit-for-purpose.”

This is an edited version of an article by Mark Samuels in the spring 2012 edition of CIO Connect magazine. If you are interested in finding out more about the IT leadership net-work or our Horizons research, please visit: www.cio-connect.com

'Consumerisation is all about creating IT that is fit-for-purpose.'

34 Special feature CIONET Spain

Partnership CIONET Spain and IE Business School aims at sharing knowledge in search of wisdom.

A perfect couple

CIONET Spain believed from the outset that establishing a partnership in the academic world was the way to go. It has now concluded a part-nership with top business school IE Business School.

Sharing knowledge in search of wisdom – this, in a nutshell, is one of the key objectives that we at CIONET have been pursuing to set ourselves apart from the rest. Like in every community, sharing is one of CIO-NET’s main principles, which we ap-ply to all our members’ knowledge, to real-life experiences – not just the really good ones, but also the really bad ones – and to strategies that are defined jointly to guarantee that companies recognise the new role of the CIO and its importance to the future of the business.at present, Spain is seriously strug-

gling with the economic crisis. Nevertheless, we remain optimistic in spite of the negativity due to the qualifications and talents of Spanish IT professionals.For all these reasons, CIONET believed from the beginning in the need to establish the right partner-ship in the Spanish academic world. and we came across the perfect partner: top business school IE Business School, headquartered in Madrid. CIONET and IE Business School have recently formalised a collaboration agreement that goes well beyond a formal contract and aims to bring IT industry knowledge to all economic agents through the definition of a new paradigm and a distinctive busi-ness model for the country based on competitiveness and innovation.

Silvia Leal, IE Manager of IT aca-demic Programmes, antonio Crespo, Managing Partner of Quint Welling-ton Redwood (also an IE partner) and Mona Biegstraaten, Country Man-ager of CIONET Spain, explain what to expect from the partnership.

What, so far, has been your experi-ence of the collaboration between ie and ciOneT?Mona Biegstraaten: “Perhaps the most outstanding and surprising thing in the relationship between

CIONET and IE has been the sponta-neity and naturalness about the way we have built our collaboration. We started with a common vision, but instead of formalising a structured framework straightaway we let daily events and empathy guide us… When you have a common objective, and share a series of values and princi-ples, everything flows with ease.”

What specific activities have you performed in collaboration?Mona Biegstraaten: “There have been plenty of them, and in different areas. There are two that spring to mind. Our event ‘giving our small grain of sand’ broadly achieved its objectives. IE was the ideal setting to create an atmosphere in which we combined knowledge, experience, wisdom and willingness. In fact, afterwards we created the ICT Observatory, in which we have progressively includ-ed relevant industry experts, which ties best practices to theory and vice versa.”

has there been any collaboration with ie students?Mona Biegstraaten: “Of course. One of the programmes we launched last year, within the Information Systems Management Master, was about involving students in real CIO chal-lenges. To this end, several work-ing groups were set up to develop

‘IE was the ideal setting for an at-mosphere where we combined knowledge, expe-rience, wisdom and willingness.’

CIONET Spain Special feature 35

specific projects for CIOs in big companies – like Vodafone, Lilly and Repsol.”

You are now launching a new pro-gramme in iT management. What is it about?Silvia Leal: “We have realised that the IT labour market provides a wealth of opportunities to carve out a pro-fessional career in IT services man-agement. However, companies are having difficulty meeting this demand for labour. That is why we have decided to launch our advanced Pro-gramme in IT services management."

ie business school is a very innova-tive organisation… is the Advanced Programme in iT services manage-ment an innovative offering? And why?Silvia Leal: “Of course this new aca-demic programme is an innovative offering for the market. The labour market is calling out for profession-als with experience in the field, but it also needs networked individuals with official accreditations. Such a profile is not easy to achieve. That is why we have decided to launch the programme on a long-term basis in collaboration not only with CIONET, but also with aMPg and Quint – all of which are, in our opinion, key players in this field. Through this collabora-

tion, the programme will provide stu-dents with the knowledge to obtain three important accreditations: ITIL, Lean and Sourcing Foundations.”

Quint Wellington redwood is one of the key partners for this programme. What is Quint’s contribution?Antonio Crespo: “Over recent dec-ades (this year we are celebrating our 20th anniversary), Quint has developed extensive experience of IT management and governance chal-lenges, allowing us to build a body of knowledge that can be adopted and adapted in different markets, for different industries. In addition, the strength of our two main divisions, Consulting and Education, creates a best-in-class combination of practice leadership and thought leadership. For this pioneering programme, we have brought in new frameworks, meth-odologies and best practices, such as Lean IT and Sourcing governance. as an aPMg authorised Training Pro-vider, we also provide students who want to progress in IT management

with access to the most recognised certifications in this field that are also the most sought-after by employers.”

What value does this programme generate for ciOneT and ie?Mona Biegstraaten: “This programme has various objectives. Firstly, it is about shortening the distance be-tween companies – or rather busi-ness executives – and technology and its reality, including, of course, the value this can generate. another objective is to strengthen the rela-tionship between the academic envi-ronment and real-life experiences."

One objective is to strengthen the relationship between the academic environment and real-life experiences.

Mona Biegstraaten, Country Man-ager of CIONET Spain (left), Antonio Crespo, Managing Partner of Quint Wellington Redwood and Silvia Leal, IE Manager of IT Academic Programmes shared their experiences of the col-laboration between IE and CIONET.

36 Special feature CIONET Italy

CIONET Italy and Nextvalue® survey reveals needs to improve control and strategic principles in Information Security.

The next management practice

In a world in which information is increasingly digital and companies’ interaction with the market, staff members and external co-workers is evolving rapidly, the IT risk reaches beyond the boundaries of the IT department to become a risk for the entire organisation or for the business. This has been exacerbated in part by new technologies and operating models, such as enterprise mobility, cloud computing and social media, which tear down traditional borders and dismantle the IT security para-digms that have been used to date.

What we have discovered from the 214 CIOs, CSOs, CISOs and security managers of the top Italian enter-prises that participated in the survey carried out in the first few months of 2012 by Nextvalue®, the Italian research partner of CIONET, is a real need to improve control in any or-ganisation and to apply, at a strategic level, the governance, Risk Manage-ment and Compliance principles that align IT security operations more successfully with the business.

Information security has become a management discipline and requires the right balance between daily oper-ational aspects and strategic aspects. They probably have a long way to go but Italian companies, especially the top ones, are ready to undertake this

process in much the same way as other European companies.

an integrated approach to the issues of governance, Risk Management and Compliance (gRC) has been adopted by just 10% of the panel, but the good news is that this number will double in 2012, according to the survey participants. The investment required for this kind of project is medium/high on average and may, in some cases, reach a sum of one million euros. 44% of the companies that participated in the survey have Chief Security Officers (CSOs) or Chief Information Security Officers (CISOs). In many cases, these profes-sionals are not at the right hierarchi-cal level yet, though banks and public bodies are more advanced here. There is also a very strict correlation between the presence of CSOs and CISOs and of dedicated structures with major relevance of the security issue and related spending, which is usually above average. The CIO de-cides on security governance in 74% of cases, though the role of CSOs and CISOs is growing in importance.

CSOs and CISOs in actionLeonardo Casubolo, Chief Security Officer of the Kion group, a multi-national company that works in the forklift sector, states that security has to be regarded as a maturity element

Leonardo Casubolo, Chief Security Officer of the Kion Group: "Security has to be regarded as a maturity ele-ment that confers quality and guaran-tees trustworthiness."

Marco Goria, Chief Information Security Officer (CISO) of Ferrero: “Placing someone in charge of secu-rity is becoming common practice in Italian companies.”

CIONET Italy Special feature 37

that confers quality and guarantees trustworthiness. He goes on to say that for correct management of all aspects it is pivotal to adopt an engineering approach based on best practices and standards that influ-ence the structuring of activities and processes. He affirms that any organisation that has an excellent security management structure must separate roles. In this scenario, the CSO iden-tifies the basic principles, defines the policy on a macro level, and provides the operative guidelines that are applied by the IT department.

at multinational food company Ferrero, one of the duties of the CISO is to define the policies and se-curity procedures that dictate who is responsible for Risk and Compliance Management, according to Marco goria, Chief Information Security Officer (CISO) of Ferrero. He adds that the person in charge of secu-rity regularly attends meetings with a committee responsible for these aspects. These meetings result in a number of actions that have to be translated into activities and security projects.

For the Board of the Fiera Milano group, security is a necessary cost not just to protect company property

but also to comply with regulations, says giuseppe Ingletti, Director of Infrastructures & IT Services for the group. He goes on to say that securi-ty management is placed in the hands of external suppliers. The objective here has been to identify different security control suppliers for the management of infrastructures and applications. Thus, he claims, by con-trasting the interests of different sup-pliers, each becomes responsible for its own activities. He adds that they have kept overall security governance in-house – this involves the definition of guidelines and methods, as well as reporting and control activities.

Communicate, communicate, communicategiven this scenario, better internal communication and awareness of IT security risk becomes increas-ingly important for the success of an information security management strategy.

Ingletti of Fiera Milano says that they are raising awareness among end users because they can be con-sidered the weak link in the chain, triggering a loss of information with potentially serious consequences for the business. Ferrero, too, accord-ing to Marco goria, has promoted campaigns and courses aimed at end users, attracting 1,500 participants among staff, to spread a security culture, achieving positive results in terms of increased awareness.

What’s next.Information security is becoming more and more of a critical factor and, in some cases, also a strate-

gic investment for achieving better results. according to goria at Ferrero, placing someone in charge of secu-rity is becoming common practice in Italian companies; Casubolo from the Kion group feels that the CSO should be a point of reference for all roles within a business. For this rea-son, it is pivotal to establish dialogue between the different functions within an organisation.

We do not believe that companies can defeat cybercrime by them-selves, but they have a few more options available to them. Without a strategy and a programme of infor-mation security management, the organisation is an easy target for cyberspace criminals and may be the object of the next sophisticated attack. It is hard for Chief Information Security Officers to guide their own companies down a safe path. Unfor-tunately, there is no other way.

The 2012 Information Security Report is available in Italian on the CIONET.com website.

The CIO decides on security gov-ernance in 74% of cases, though the role of CSOs and CISOs is growing in importance.

Information security is becoming more and more of a criti-cal factor and also a strategic investment for achieving better results.

38 Special feature CIONET The Netherlands

IT profession shifts from hard skills to soft skills.

IT evolves into demand-supply organisation

Paul Slot has been the director of IT operations at KPN since 1 april. In his current role, he is responsible for the IT operation that KPN uses to deliver services to customers. His ambition is to transform the IT organisation into a demand-supply organisation that excels in operational excellence and compliance.“The market is constantly on the move, so in IT you have to be in a position to move quickly with it”, says Paul Slot. “It is the organisation that determines how we move with the market. a quick time-to-market and flexibility are essential. at the same time, it is important to keep an eye

on the costs, especially if revenues are under pressure.”at IT operations, the main priorities are operational excellence and com-pliance. The services have to support the business at an acceptable cost, comply with regulations and offer continuity.

“We provide the IT that is needed for the business to bring services for customers on the market. It is the combination of business and tech-nology: the business is developing all the time, and it is important that the technology grows with it. The busi-ness is the innovation driver.”“Technical developments happen mainly behind the scenes; we are al-ways looking for efficiency and flex-ibility here. This means that on the infrastructure side you look for solu-tions like cloud solutions and maxi-mum virtualisation, and a strategic vision for the setup of data centres. Some things we do in-house, like the infrastructure. as for the applications, we have all kinds of partners.”

From hard skills to soft skills“as a CIO, you have three axes you can target: innovation, customer inti-macy and operational excellence. By working more and more with

partners, you can outsource the technology component. This allows us to focus more on innovation and customer intimacy. Our plan for IT right now is to make important progress in the area of operational excellence by bringing all the man-agement organisations together in one large organisation. Our partners will supply the technology, while we concentrate on orchestrating the whole package.”Slot hopes this will raise the standard of the IT operations and optimise costs and supply. We are currently identifying the steps, including positioning the partners. What this actually means is that IT will become a demand-supply organisation. We already are to some extent – my predecessors took some major steps in this direction. It will have a huge influence on the organisation, at several levels. Some of the work will be transferred to suppliers, and that will have a direct impact on staff. Where previously they worked on the technology, at an operational level, now they will be managing suppliers. This calls for completely different skills. as a result, you will see fewer and fewer traditional IT professionals in the organisation; these will now be at the suppliers. It is a transition from hard skills to soft skills, like managing relationships.”

‘The business is the innovation driver.’

Paul Slot, director of IT operations at KPN: “The business is developing all the time and it is important that the technology grows with it. The busi-ness is the innovation driver.”

CIONET Belgium Special feature 39

What do you do if the CEO tells you to just get it done?

F*** the governance?

at a power lunch with several CIOs, one of them threw this issue on the table while looking at me knowing I have been a strong advocate of IT governance for years: “What do you do if the CEO tells you to get it done and f*** the governance? Well you probably go away and just do it no?”I should have been faster on my feet to say then and there that there are four good reasons why that was not necessarily the best response. These reasons are: Compliance. The probability is high that a compliance issue emerges in such a situation. However because of the small size and industry type of this company that may not have been a major problem. Efficiency. It is true that it is the prerogative of executives to make the trade-off between cost and timely results when get-it-done is more important for the enterprise. But then that should be very clear to all involved at the time of the decision. Risk. While compliance risks may be acceptable in this type of enterprise, there are other liabilities where governance plays an im-portant role in keeping them under control, liabilities related to prod-ucts, employee safety or continuing survival of the enterprise. There are legal standards a judge would use for what is acceptable and what is

reasonable, should a liability case emerge. Pointing out that the executive should consider what he will say to the judge when this occurs is a way to raise awareness. Effectiveness. It is clear that governance, in the case described, was not recognised as also a mechanism to help achieve effectiveness.

How did it get to this? The company is, on an international scale, an SME. Originally (and to some extent still) a family business, it is active in an industry where IT plays, comparatively, a less significant role than in similarly sized enterprises. The CEO took the position that he was the sole authority on governance. In this enterprise the balance of execu-tive and ownership power rests in one person who probably thought more as an owner than as an executive. The CIO accepted he was the major effectiveness tool. It is true that lead-ership is a major governance mecha-nism even more in small organisations with short effective spans of control. The CIO did have a problem with the situation which reminds me of a similar case a friend of mine told me where his advice was sought about strong differences of opinion at man-agement level and where he sug-gested the person to seek another job. This illustrates one version of the CIO acronym: Career Is Over!

However there is another version of the acronym I am reminded of because of the emerging role of the CIO as an influencer and educator. The CIO has to educate executives not only on the intricacies of tech-nology and how it creates value for the enterprise but also about the necessary governance mechanisms that help make that happen. There-fore CIO also stands for Communi-cation Is Obligatory!

So, f*** the governance? Yes, but only if more than one of these con-ditions are true: you’re small, IT is not important and the CEO is the owner.

Erik Guldentops, Researcher and Lecturer in Enterprise Governance of IT has been an Executive Professor at Uni-versity of Antwerp – Management School for many years after a career at SWIFT.

Documents

CIONET Magazine 12