December 15 2007

Alert_DEC2011.indd 18 11/17/2011 3:27:58 PM

From The ediTor-in-ChieF

What is it about the Cio function that at once interests and pains IT leaders?

A CIO I posed this question to, replied a bit indirectly when he said that he had no issues

with his current role but he never wanted to have the epithet ‘support function’ describe

his next.

Writing for our sister publication Network World, Yankee Group founder Howard Anderson

referred to the CIO role as one of the worst jobs going around — “A job with a lofty title and

plenty of land mines, almost all of them more related to Machiavelli than technology”.

The anguish that Anderson revealed in the column came from his friend, a fairly embittered

CIO — “When you come down to it, I am just a high-priced purchasing agent… So what is my

job? Compromising all day long. And trying to find a reason to rationalize this complete mess

we call information systems.”

He went on to tell Anderson that not

only did he get blamed when systems

went down, but he also had to put up with

business leaders who had their ideas on

how they could do his job better.

Is that what the CIO role is all about — a litany of woes? I made it a point to discuss

Anderson’s column with a few members of our Advisory Board.

Alagu Balaraman, who heads strategy at Britannia, observed that while Anderson’s friend

was probably a good IT manager, he seemed a poor CIO.

Was the issue at hand one more about poor social skills and a lack of a service orientation?

It seems so.

“By definition, the work that a CIO does cuts across functional boundaries and is intrusive

to many people. Political or social skills are needed to get things done despite a lack of

authority over people you deal with,” Alagu pointed out.

Service orientation for an IT department is about a business focus and a style of working,

said Alagu, who went on to quote a CEO: Everyone in the company should be either selling

or closely helping others to sell.

If someone likes people, business and information, that person would probably enjoy the

position that Anderson’s friend and you are in. Then Anderson’s column would have started

with “Wow! Let me tell you about the best job in the world!

How do you see your role? Write in and let me know.

A combination of good social and political skills and a service orientation is essential for you to enjoy your work.

Have fun while negotiating the land mines that come your way.

The Best / Worst Job in the World

Vijay [email protected]

Vol/3 | ISSUE/032 d E C E m B E R 1 5 , 2 0 0 7 | REAL CIO WORLD

Content,Editorial,Colophone.indd 2 12/14/2007 5:35:03 PM

Co

VE

r:

dE

SIg

n b

y b

InE

SH

Sr

EE

dH

ar

an

contentdecembeR 15 2007‑|‑Vol/3‑|‑issue/03

Executive ExpectationsVIEW FROM THE TOP | 48Daljit Singh, President Strategy & Organizational Development, Fortis Healthcare, says the healthcare sector can absorb double the current investment. IT, he says, is the only way to meet this kind of growth and maintain quality. Interview by Kanika Goswami

Executive CoachCOnquERInG InDECIsIOn | 24Make better and faster decisions by changing your approach to the process.Column by susan Cramm

CIO | 08 THE YEAR AHEAD | 37A pictorial presentation of CIO’s forward-looking event held this year in Malaysia.

more»

I.T. Value Metrics

COVER sTORY | I.T.’s nEW MATH | 26CIOs are always faced with pressure to justify their IT expenditures. Now, new research can help correlate those IT dollars spent with business value accrued. Feature by Galen Gruman

PLAYInG IT sMART | 28Project justifications make sense only when you can draw a line between an ROI issue and a strategic play. War stories by Anwer Bagdadi

26

Vol/3 | ISSUE/036 d e c e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD

content (cont.)

Trendlines | 13 storage| Data Disasters 2007 quick Take On | SaaS Voices | Can Virtualization Really Help Cut Costs? VirtuaIization| Data Center Staffing Problems Grow survey| Are You Smarter Than an IT Manager? Opinion Poll | Budget Cuts in 2008 Internet| Snooping Through Your Inbox Phishing| Phishers Target Executives Research| CIOs See Value in Web 2.0 Anti-Virus| Building The Next-Gen Firewall Alternate Views| Employee Privacy VS Organizational Security

Essential Technology | 60 CRM| CRM’s Integration Network Feature by Galen Gruman Pundit | Shaping The Future Column by Michael Hugos

From the Editor-in-Chief | 2 The Best/Worst Job in The world By Vijay Ramachandran

2 2

dEpArTMEnTs

NOW ONLINE

For more opinions, features, analyses and updates, log on to our companion website and discover content designed to help you and your organization deploy IT strategically. go to www.cio.in

c o.in

Case File PAssAGE TO RuRAL InDIA | 32 How do you do a face-to-face screening of seventy percent of a billion people? You can’t. Which is why many farmers in rural India can’t get a loan. Until ICICI Bank found a way. Feature by Gunjan Trivedi

Business process Outsourcing PROCEss TRIP | 56

Declining sales. Cost pressure. Customers who wanted change, fast. Maritz Travel’s COO tells how a group travel giant facing all of these pressures revamped its business processes, and how business and IT came together to make the effort pay off. Feature by Laurianne McLaughlin

8 d e c e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD


ManageMent

Publisher & editor n. bringi dev

Ceo louis d’Mello

editorial

editor-in-ChieF Vijay ramachandran

assistant editor gunjan Trivedi

sPeCial CorresPondents balaji narasimhan

Kanika goswami

senior CoPY editor Sunil Shah

CoPY editor Shardha Subramanian

design & ProduCtion

Creative direCtor Jayan K narayanan

designers binesh Sreedharan

Vikas Kapoor; anil V.K

Jinan K. Vijayan; Sani Mani

Unnikrishnan a.V; girish a.V

MM Shanith; anil T

PC anoop; Jithesh C.C

Suresh nair, Prasanth T.r

Vinoj K.n; Siju P

PhotograPhY Srivatsa Shandilya

ProduCtion T.K. Karunakaran

T.K. Jayadeep

Marketing and sales

vP sales (Print) naveen Chand Singh

vP sales (events) Sudhir Kamath

brand Manager alok anand

agM (south) Mahantesh godi

Marketing Siddharth Singh

bangalore Santosh Malleswara

ashish Kumar, Chetna Mehta

delhi Pranav Saran;

Muneet Pal Singh;

gaurav Mehta

MuMbai Parul Singh, Chetan T. rai,

rishi Kapoor,Pradeep nair

JaPan Tomoko Fujikawa

usa larry arthur; Jo ben-atar

singaPore Michael Mullaney

events

vP rupesh Sreedharan

Managers ajay adhikari, Chetan acharya

Pooja Chhabra

AdverTiser index

All rights reserved. No part of this publication may be reproduced by any means without prior written permission from the publisher. Address requests for customized reprints to IDG Media Private Limited, 10th Floor, Vayudooth Chambers, 15–16, Mahatma Gandhi Road, Bangalore 560 001, India. IDG Media Private Limited is an IDG (International Data Group) company.

Printed and Published by N Bringi Dev on behalf of IDG Media Private Limited, 10th Floor, Vayudooth Chambers, 15–16, Mahatma Gandhi Road, Bangalore 560 001, India. Editor: N. Bringi Dev. Printed at Rajhans Enterprises, No. 134, 4th Main Road, Industrial Town, Rajajinagar, Bangalore 560 044, India

Avaya 4 & 5

canon Ibc

emerson 47

epson 1

Fluke 9

HP 7

Ibm 14 & 15

Intel 3

Lenovo bc

microsoft IFc, 11 & 21

This index is provided as an additional service. The publisher does not assume any liabilities for errors or omissions.

abnash singh

group CIo, Mphasis

alaganandan balaraMan

Vice president, britannia Industries

alok kuMar

global Head-Internal IT, Tata Consultancy Services

anwer bagdadi

Senior VP & CTo, CFC International India Services

arun guPta

Customer Care associate & CTo, Shopper’s Stop

arvind tawde

VP & CIo, Mahindra & Mahindra

ashish k. Chauhan

President & CIo — IT applications, reliance Industries

C.n. raM

Head–IT, HdFC bank

Chinar s. deshPande

CIo, Pantaloon retail

dr. Jai Menon

director (IT & Innovation) & group CIo, bharti Tele-Ventures

Manish Choksi

Chief-Corporate Strategy & CIo, asian Paints

M.d. agrawal

dy. gM (IS), bharat Petroleum Corporation limited

raJeev shirodkar

VP-IT, raymond

raJesh uPPal

Chief gM IT & distribution, Maruti Udyog

ProF. r.t. krishnan

Jamuna raghavan Chair Professor of Entrepreneurship,

IIM-bangalore

s. goPalakrishnan

CEo & Managing director, Infosys Technologies

ProF. s. sadagoPan

director, IIIT-bangalore

s.r. balasubraMnian

Exec. VP (IT & Corp. development), godfrey Phillips

satish das

CSo, Cognizant Technology Solutions

sivaraMa krishnan

Executive director, PricewaterhouseCoopers

dr. sridhar Mitta

Md & CTo, e4e

s.s. Mathur

gM–IT, Centre for railway Information Systems

sunil Mehta

Sr. VP & area Systems director (Central asia), JWT

v.v.r. babu

group CIo, ITC

AdvisorY BoArd

Vol/3 | ISSUE/031 0 d e c e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD


n e w * h o t * u n e x p e c t e d

S t o r a g e Ant-infested hard drives and failing parachutes top the list of data disaster horror stories for 2007.

The list provided by Ontrack Data Recovery illustrates some of the strangest and wackiest things that people put electronic storage devices through on a regular basis.

A woman called complaining she had 'washed all her data away'. Her USB stick had been through a cycle in her washing machine and unsurprisingly she couldn't retrieve any data from it.

A wedding photographer faced the potential wrath of a new bride when he discovered he had overwritten her photos with ones from another event. Two days before the couple returned from their honeymoon, he called Ontrack Data Recovery for help.

A scientist spilt acid on an external hard drive during an experiment. Thinking all the data had been burnt, he called in the experts, who were able to successfully recover the data on the drive.

This was another tough data recovery job. A British scientist was fed up with his hard drive squeaking, so he drilled a hole through the casing and poured oil into the mechanics. The squeaking stopped, and so did the hard drive.

In an effort to test the functionality of a parachute, a camera was dropped from a plane. Unfortunately, the parachute failed its test and the fragile cargo shattered into several pieces. Ontrack was able to reassemble the camera's memory stick and the video of the parachute's demise was recovered. —By Sandra Rossi

n e w

Data Disasters 2007

S o f t w a r e SaaS seems to be the way forward for cost-conscious organizations who want to retain their technological edge. To find out how SaaS helps her business, Kanika Goswami spoke to Anuradha Acharya, CIO & chief software architect of Ocimum Biosolutions, an R&D life sciences company.

How and why is Ocimum using SaaS? At Ocimum, we use salesforce.com and some collaborative groupware. It’s useful because we don’t have to scale up for new employees in our offices across the US, Netherlands and India and sales teams across the globe. We’re even in the process of making some of our bio-IT products available as SaaS.

Cost savings is an important reason. But it’s more about easy deployment. Especially during those times when I need something for just a month. This arrangement makes it much easier for us because I have ongoing collaborations. Many other applications will start

Anuradha Acharya on SaaSmoving in that direction. Therefore, we really feel it is a good time to be using SaaS.

Which issue is more thorny: security or connectivity?Connectivity is an issue in India for sure. We have dedicated Internet connection which compares quite well with service that is available internationally.

As for security, we like to focus on the opportunity. For us, the value we get out of SaaS offsets the risks involved. The point is to deliver and

build a relationship of trust at both ends. The rest can be worked around.

Why hasn’t SaaS taken off in a big way? One reason is that it’s still more suited for a CRM kind of role. Some years ago, this was one of the reasons people were reluctant to use SaaS. It’s better now.

We are looking at offering products on a SaaS model, but it will take a year or two before people start getting comfortable with the concept of storing data outside their premises.

Anuradha Acharya

REAL CIO WORLD | D e c e m b e r 1 5 , 2 0 0 7 1 3Vol/3 | ISSUE/03

n e w * h o t * u n e x p e c t e d

A scientist spilt acid on an external hard drive during an experiment. Thinking all the data had been burnt, he called in the experts, who were able to successfully recover the data on

This was another tough data recovery job. A British scientist was fed up with his hard drive squeaking, so he drilled a hole through the casing and poured oil into the mechanics. The squeaking

In an effort to test the functionality of a parachute, a camera was dropped from a plane. Unfortunately, the parachute failed its test and the fragile cargo shattered into several pieces. Ontrack was able to reassemble the camera's memory stick and the video of

Ants had taken up residence in a photographer's external hard drive. He took the cover off and sprayed the interior with insect repellent. The ants didn't make it but engineers were able to retrieve the data.

Data Disasters 2007

Ill

US

tr

at

Ion

by

bIn

ES

H S

rE

ED

Ha

ra

n

Quick take

tr

en

dl

ine

S

V i r t u a l i z a t i o n IT leaders continue to battle to find virtualization experts and other technical specialists to staff data centers, new research shows. A whopping 86 percent of data center managers say they struggle to find qualified applicants for data center jobs, according to Symantec's State of the Data Center Research report. Furthermore, 52 percent of respondents call their data center currently understaffed.

The news isn't great for current data center staffers, either: Symantec's results show that those employees may want to develop an emerging specialty like server virtualization or storage virtualization sooner rather than later. Sixty percent of data managers call their staff skill sets too narrow. And more than half, 57 percent, say employees' skills don't match current data center needs.

Looking at the bigger picture for data centers, 69 percent of respondents to the Symantec study say their data centers are growing at least 5 percent per year; 11 percent say they're growing 20 percent or more per year. During the past two years, the average budget increase was 7 percent.

A full 90 percent of respondents say they're at least discussing server virtualization. What applications are most frequently running on virtualized environments? Fifty-nine percent of respondents say Web applications are the most likely to run in a virtual environment; 42 percent say database management applications.

The Symantec study queried almost 900 data center managers worldwide, in Global 2000 companies and large public sector institutions.

—By Laurianne McLaughlin

Can Virtualization Really Help Cut Costs?

data center Staffing problemS

grow

B u d g e t We’ve done the reading and talked to experts about virtualization. But we still haven’t figured out if it can really impact IT budgets positively. Balaji Narasimhan spoke to three CIOs. Here’s what they said:

ajay khannaHead–It, Eicher Motors

r.k. upadhyayDGM–It & t & t bD, bSnl

“I think that the best way to look at this is that you'll have a pool “I think that the best way to look at this is that you'll have a pool “I think that the best way to look

of resources that at this is that you'll have a pool of resources that at this is that you'll have a pool

can be dynamically allocated. This is guaranteed to save money and effort.”

arun guptaCCa & Cto,Shoppers' Stop

Write to [email protected]

lend your

Voice

“I'm not very pro-virtualization becauseit has costs associated with it. Talk server virtualization and your costs actually go up because of licensing requirements.”

“Yes, it does. We had 13 area servers and paid 13 Oracle licenses until we

consolidated. Now we’re paying for just one Oracle

license. We have saved on real estate and

electricity costs.

Vol/3 | ISSUE/031 6 D e c e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD

Trendlines.indd 16Trendlines.indd 16Trendlines.indd 16Trendlines.indd 16Trendlines.indd 16Trendlines.indd 16

tr

en

dl

ine

S

S u r V e y The enterprise could be facing a growing number of self-professed ‘tech-savvy’ users, according to an Intel Canada-sponsored survey released recently by research firm Harris/Decima.

The poll found that 10 percent of the 503 respondents considered themselves 'tech-savvy.' Laptops and digital cameras contributed to consumers feeling more 'tech-savvy.'

Doug Cooper, country manager for Intel Canada, said that at-home adoption of technology will be helpful in the enterprise. "This will make it easier — for those who use technology at home — they will be able to use technology more capably at work," he said. These skills

can extend especially to the Web 2.0 applications that have been slowly seeping into the enterprise space. "These can be tweaked for a business environment," said Cooper.

Brendan Leddy manned the help desk for over two years at the University of Victoria while working on his computer science degree, and has seen the change in the way students — and future enterprise employees — interact with technology.

"It's becoming more of a problem. People are now pretty stubborn," he said. "They 'know' what the problem is, and something that happened isn't their fault. It's your fault."

IT managers need to be flexible with these new technologies, and work with

the 'tech-savvy' attitude that goes with it, Cooper said. "The biggest issue is that IT management needs to reset their expectations," according to Cooper. For example, an employee forbidden to use Facebook at work could be missing out on industry networking opportunities.

IT staff and management can try and stay ahead of the Web 2.0 curve by paying attention to what does and doesn't work.

The prevalence of Web-based interfaces — even in the more in-depth enterprise applications — should also ease the learning curve for these workers, says Cooper.

One way to help those in the workplace who don't consider themselves 'tech-savvy' would be to ask those who do to aid those who might be daunted by them.

This could be useful, as the IT staff itself might not be trained in dealing with the more uppity employees.

—By Briony Smith

are you Smarterthan an I

re you Smarterthan an I

re you Smartert

re you Smartert

re you Smarter Manager


re you Smartert Managert

re you Smartert


re you Smartert

re you Smarter

46%

6%

19%

29%

Source: CIo


1-10% Increase

11-20% Increase

Above 30% Increase

21-30 Increase

BudgetCuts in India? Where?We polled Indian cIOs to find out how much they expect their budgets to increase by in the coming year. Here are the results:

tr

en

dl

ine

S

P h i S h i n g With targeted phishing attacks on the rise, it's no surprise that cybercriminals are doing their research and aiming at those with the most to lose — executives.

according to security vendor Messagelabs, targeted phishing — e-mail scams that are directed at certain employees at an organization or members of a group, also called spear phishing — has grown significantly in the past two years. In 2005, the company would see roughly two targeted phishing e-mails per week; the company now sees roughly 10 per day, according to Paul Wood, senior analyst with Messagelabs.

the company spotted two outbreaks of what is now being called whaling. In these scams, phishers find the name and e-mail address of a company's top executive or handful of executives — often information freely available on the Web — and craft an e-mail specific to those people and their role at the company. the e-mail lures the executives into clicking on a link that brings them to a website where malware is downloaded onto their machine that can copy keystrokes or ferret out sensitive information or corporate secrets, according to Wood.

With whaling, the sender must do some upfront research about the target as well as the subject in order to craft an e-mail that sounds convincing, says Wood.

"It's really the social engineering that has tipped the balance now; phishers are becoming much more technologically sophisticated as well as applying psychology to what they're doing," he says.

this is particularly true for executives who don't read their own e-mail, he adds. For example, if an assistant sees an e-mail in the CEo's inbox regarding an invoice, he may automatically forward it to the finance department, which then believes the e-mail is from the CEo, opens it, and clicks on the link.

— by Cara Garretson

i n t e r n e t A researcher working at the Air Force Institute of Technology (AFIT) in Ohio has found a new use for an open-source algorithm, reports New Scientist. While the software was originally used to analyze the topics people talk about, researcher Gilbert Peterson and his colleagues have found a new use: snooping through company e-mail.

Author-Topic, developed by researchers at the University of California, is essentially a data mining tool that chews on textual information. If it's fed academic journal articles, New Scientist suggests, Author-Topic ‘examines the frequency with which words appear in each and uses that to infer which topic that document is about. It then identifies topics that each person writes on most.’ According to the article, Petersen has used the Author-Topic system to mine e-mail data. "It also identifies those who are discussing sensitive topics externally and classes them as having 'clandestine, sensitive interests.' People who are flagged in both categories could pose a risk to a company," say the authors.

The software can also spot whistle-blowers. "When it was fed 250,000 e-mails sent between employees at bankrupted energy company Enron, it flagged employee Sherron Watkins as one of just three who were both alienated and had clandestine, sensitive interests."

Adds the New Scientist article, "In most US states such software is legal, but Ian Brown of the Oxford Internet Institute says that in Europe employees can be monitored if they are suspected of fraud."

Before you tell your e-mail administrator to install such a system, however, be sure to read up on employee privacy and e-mail policies. In How to Monitor Workers' Use of IT Without Becoming Big Brother (on CIO.com), Arthur Riel, hired by Morgan Stanley in 2000 and put in charge of the $52 billion financial company's e-mail archiving system, discovered the hard way that the ethics of doing so were not exactly business-as-usual.

As the article says, "E-mail exchanges that contained sexual banter and involved Riel's boss, CIO Moira Kilcoyne, added to Riel's conviction that something was wrong at the top. Believing, he says, that he was doing his duty, Riel claims to have sent hard copies of the offending e-mails to Stephen Crawford, Morgan Stanley's then-CFO, anonymously via interoffice mail." And that's when the trouble started.

—By Esther Schindler

Phishers Target Executives

Through Your In-Box

Ill

US

tr

at

Ion

by

bIn

ES

H S

rE

ED

Ha

ra

n


Snooping

Trendlines.indd 18 12/14/2007 12:56:21 PM

tr

en

dl

ine

S

r e S e a r c h A recent report by Forrester Research suggests that corporate IT departments have seen demonstrable value from Web 2.0 technologies in the workplace and should continue to adopt more of those applications at their own pace. But the report also reveals that the unsanctioned use of consumer, Web-based applications (a phenomenon known as 'rogue IT' or 'shadow IT') remains high, behooving IT managers to get in the trenches to find out where sensitive corporate data could be exposed.

"Of the rogue usage going on, it's often difficult to see which poses privacy or security concerns," says Rob Koplowitz, a Forrester analyst and one of the authors of the study, Web 2.0 Social Computing Dresses Up for Business.

Around 15 percent of the IT decision-makers surveyed at firms with 500 or more employees say their workers have used technologies like blogs, wikis and really simple syndication (RSS) for business purposes. On average, about 27 percent of those companies have already made formal enterprise investments in all three of those technologies and another 16 percent have at least considered it. At least 89 percent saw limited to substantial value from the use of blogs, RSS and wikis.

Meanwhile, Koplowitz says the numbers reported for rogue usage—which at Forrester's last count range from 3 percent to 8 percent—remain deceptively low.

"It could be a lot higher because unsanctioned use is, by definition,

under the radar," he says. "The best an IT manager can do is have some anecdotal evidence and then work from there."

To avoid an ad-hoc approach to Web 2.0 adoption, Koplowitz says IT departments should start by getting a better handle on what applications users have flocked to and embrace them rather than shunning them. In doing so, IT eliminates an adversarial environment, allowing IT managers to form a long-term strategy with their users that encourages testing, setting usage policies and training.

"It's becoming increasingly difficult for IT to control what tools people use in their day-to-day activities," Koplowitz says. "It's in IT's best interest to find out what's going on and offer a sanctioned alternative."

—By C.G. Lynch

a n t i - V i r u S the day may come when it will be unnecessary to build network perimeter defences with firewalls. In the meantime corporate network-security experts must find alternatives to address the shortcomings that are pushing firewalls toward extinction.

they must look for equipment that filters at the application layer and supplemental products that proxy encrypted traffic so it can be inspected, experts say.

“a next-generation firewall needs to look within traffic streams and determine whether this is the traffic that's expected,” says rob Whiteley, an analyst with Forrester research. the key to protection is peering deep into packets to decide what poses a threat and what doesn’t, not merely on what ports it uses, he says.

Firewall vendors already recognize this and have incorporated deep inspection of packets that probe to the application layer to determine the nature of traffic and look for anomalies that can signal malicious behavior, he says.

as businesses consider moving to next-generation firewalls, they should weigh certain key factors, says Greg young, an young, an yanalyst with Gartner. these include aligning their replacement

schedule with the replacement schedules for other gear that now comes as part of some firewalls in bundles called unified threat management (UtM) devices.

the devices may incorporate anti-virus, anti-spam and content filtering. If they align their firewall, IPS, Url filtering and Web anti-virus refresh times they may gain the option of merging them into fewer devices, so customers should check out what their current vendors offer. “you might not have to you might not have to ydeploy a new appliance,” young says.young says.y

Customers should consider their current firewall vendor for supplemental features, young says. young says. y their current vendors will integrate these added protections with the firewall, eliminating the work of making sure the firewall is compatible. “you certainly you certainly ydon’t want to break the firewall when you implement IPS,” young young ysays. He also recommends weighing the cost of retraining staff to administer a new firewall. It may be worthwhile sticking with the current vendor, he says.

—by tim Greene

building thenExt-GEn FIrEWall


CIOs See Value in Web 2.0

tr

en

dl

ine

tr

en

dl

ine

SS

schedule with the replacement schedules for other gear that now comes as part of some firewalls in bundles called unified

Il

lU

St

ra

tIo

n b

y U

nn

Ikr

ISH

na

n a

V

Trendlines.indd 19Trendlines.indd 19Trendlines.indd 19Trendlines.indd 19Trendlines.indd 19 12/14/2007 12:56:26 PM12/14/2007 12:56:26 PM12/14/2007 12:56:26 PM12/14/2007 12:56:26 PM

B Y S h a r d h a S u B r a m a n i a nalternate views

tr

en

dl

ine

S

P PRIRIvvACACvACvvACv y y OROR S SECECuuRIRIty?ty?[employee Privacy Vs Organizational Security]

Col. Arvind SaxenaCIO , Air Deccan

“ It is important to keep tabs on your employees, because after allyou are paying for the bandwidththat they are using."

Satish Pendse CIO, HCC

“We work with responsible individuals. the more

freedom you give your employee, the more

productivity you will get."

our population is at an all timedouble-digit growth. Acquiring and retaining skilled man-power is, however, still hard. Generation Y has a lot of opportunities and hence a wider scope to change jobs. If we have to hire them, we need to know their needs. I have a life outside work. What right do I have to interfere with the privacy of my employee? Business can’t continue without employees. Deploying a video camera to keep a check on how someone is working is a signal to the employee that you don’t trust him or her anymore. When you put too much emphasis on privacy employee retainership gets affected.

Business ethics go over and above privacy. You are not voluntarily disclosing your personal information to anyone. There is a line between personal and professional life. We are all mature individuals. People are clear in their minds as to what is right and what is wrong. We can resort to an employee engagement scenario, which is having the same screen saver across the organization, Hotmail, Yahoo, etcetera, but no job portals. Privacy is a cultural issue as well. For instance, during an emergency, government employees who belong to minority communities, have to work with one hand tied at the back.

It is a clear indication of the fact that the government doesn’t trust them and on the other hand productivity gets affected. There is a very thin line between security and infringement of privacy. However, I strongly feel that we work with responsible individuals and the more freedom you give your employee, the more productivity you will get.

i am of the opinion thata company hires you as a resource for availability and productivity. At the same time the company’s

resources are for its employees and vice versa. I feel security is a must. Privacy is when you are trying to

hide something from the company, it’s like there is something happening somewhere and you don’t want

the company to now. Privacy is privacy. But is this privacy being used for

the employee or the organization? Security should be employed in totality, otherwise there is no point. For

instance, engineers in my company working on night shifts were accessing adult sites. When I came to know what my bandwidth was being used for, I immediately

shut down Net access. Have I encroached on their privacy? No. I gave

them a separate kiosk where they could access Gmail, Hotmail, etcetera — with some limitations. At a time

when you are supposed to concentrate on the work at hand, if you resort to spending time on adult sites,

then productivity gets affected. Availability and productivity of resource are both linked. It is therefore

important to keep tabs on your employees, because after all you are paying for the bandwidth that is being

used. We are all aware that we need security but we want to keep our eyes shut to compliance. It doesn’t

work like that.


PH

ot

oS

by

Sr

IVa

tS

a S

Ha

nD

Ily

a

Trendlines.indd 20Trendlines.indd 20Trendlines.indd 20Trendlines.indd 20Trendlines.indd 20Trendlines.indd 20Trendlines.indd 20 12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM12/14/2007 12:56:29 PM

Those who are skilled at executing a strategy," Sun Tzu wrote, "bend the strategies of others without conflict." This fundamental principle helps to explain why some CIOs are more successful than

others at executing strategy. The IT department that once held a monopoly over its company's IT is gone, and with it control-based, IT-centric strategy. Changes in the business environment have rendered such strategies un-executable.

With the advent of Web 2.0 and ‘shadow IT’, CIOs know that their span of control over IT decisions is more limited. Instead, the executives, managers, staff and customers at their companies all have their own de facto strategies for exploiting IT. Faced with this challenge, CIOs are exploring their options, which include abandoning the idea of an IT strategy, sticking with the old way (but often only on paper) or forging a new generation of IT exploitation strategies. Wrapped up in this decision is the ultimate destiny of the CIO role itself.

The CIO's strategic challenge now is to capture and channel the energy of individuals' personal strategies for exploiting IT. Backed by a corporate purpose to maximize total value, innovate, constrain overall cost and mitigate risk, effective CIOs must focus on, as Tzu might say, ‘bending’ some of these personal strategies toward a better conclusion or — in the case of individuals who are pursuing goals not aligned with the company strategy — into a dead end.

Why IT Strategy Is No MoreTwo critical inflection points have directed us to where we are today. The first was the switch from dumb-terminal to client-server computing that started 20-odd years ago and went global

Let the Business Drive IT Strategy Some CIOs are better than others at executing an IT strategy. Their secret: a simple plan that helps business leaders make the right technology decisions.

Chris Potts APPlied insight

VOl/3 | ISSUE/032 2 D e c e m B e r 1 5 , 2 0 0 7 | REAL CIO WORLD

Ill

US

Tr

aT

IOn

by

MM

Sh

an

ITh

Coloumn_Let the Business Drive IT Strategy.indd 22 12/14/2007 12:52:10 PM

with the Internet. The second was the business executive's response to Y2K and the dotcom boom. Business stopped believing the IT techno-speak, suspecting that investments were being driven more by suppliers' strategies rather than their own. They took control of the IT agenda at the big-picture level and focused on two things they understand very well: cost, and business innovation.

These two inflections put IT decision-making in the hands of non-technologists at both operational and strategic levels. Yet formal strategies for IT have largely remained the province of IT departments and vendors. Few non-IT executives and managers have defined their strategies for investing in and exploiting IT. CIOs can make a choice: either let these de facto strategies be, rely on an orthodox IT strategy or take the initiative and lead a business-defined strategy for exploiting technology.

So far, CIOs' responses to this changing environment have been mixed. Some have continued with an orthodox IT strategy. Others have abandoned having a strategy for IT, which is a reasonable proposition if the company is an expert consumer of IT and can

bend the de facto strategies that its IT vendors and partners will attempt to impose.

Some CIOs have taken the third approach. They are collaborating with their executive colleagues to formulate, ratify and execute a corporate strategy for exploiting IT. This is very different from the traditional IT-centric strategy that consists of tens or hundreds of pages of technically-oriented diagrams and prose and can take months to develop. The business-defined strategy can be formulated in a few days and summarized on one page. It's easy for executives to understand, explore and remember, as well as apply to their everyday decisions.

A Strategy for the FutureThis simple strategy has three sections: the strategic promise (the business outcome the strategy will achieve), key principles (fundamental truths that apply to every IT-related decision) and core tactics (the main things the company will do to execute the strategy, given the environment in which it must succeed).

Although each corporate strategy for exploiting IT is unique to the company it belongs to, all have comparable features. Each is a bona fide corporate strategy, not that of a technology supplier.With a promise to create maximum value from exploiting IT (not just deploying IT that enables value to be created), its first principle recognizes that IT, on its own, creates no value. To have a standalone IT investment budget is therefore illogical, so a core

tactic is to integrate IT investments with the business plans that need them and proactively manage the big picture.

Such a strategy focuses primarily on the community of technology users, who, far from being shadow technologists, are the ‘new IT’. Whereas, traditional IT strategies were mainly about the IT department and its suppliers, the new strategy focuses on the people who shape, source and exploit their company's IT investments. Calling those people ‘shadow IT’ exposes a mindset that is dangerously at odds with today's reality.

What Will Happen to the Corporate CIOStrategies for exploiting IT are already becoming integral to broader business strategies, and in this new context the value of having a corporate-level CIO needs to be discovered all over again. The role will adapt and evolve, potentially into something very different and even more valuable.

I was recently with a US-based multinational company, helping it define its strategy for optimizing the portfolio of businesses it has acquired over the past few years. The promise of this strategy is to enhance bottom-line performance by better sharing common capabilities and without building a shared services monolith.

One dimension of this strategy concerns the company's processes, systems and technologies. To address this, it is adopting collaboration-based thinking to create a community of business unit CIOs who share and exploit their local technology investments for both business unit and corporate gain.

The company set out with the idea that it might need a corporate CIO, but everyone is struggling to see the value of having one. It is now exploring having a global CTO responsible for technology services and reporting to the COO. Instead of a corporate CIO it is looking to appoint a VP of investments-in-change, accountable for the total return the company gets from all the changes it invests its resources in, whether or not these changes involve technology.

Similar models are emerging elsewhere, as executives realize that their historic problems with IT investments are a symptom of fundamental problems within their culture when it comes to investing in change — problems that many CIOs do not appear motivated or qualified to resolve. For example, in the UK, two major retailers — the Alliance Boots pharmacy chain and the department store group House of Fraser — have recently axed their corporate-level CIOs. House of Fraser has split the role into two, separating ‘services’ and ‘developments’, while Alliance Boots has outsourced much of its IT delivery and decided it no longer needs a corporate-level IT function.

These are strong signals for CIOs to focus the strategic IT conversation on exploiting technology investments in the context of value-creating business change. In this way, CIOs can emerge as their company's strategic investor in change — provided that they grasp the opportunities that their technology-savvy colleagues and developments such as Web 2.0 offer. CIO

chris Potts is director of a London-based consultancy specializing in corporate

strategies for exploiting IT. Send feedback on this column to [email protected]

Chris Potts APPlied insight

some CiOs are working with business to execute a strategy to exploit it. the focus is on people who shape, source and exploit their company's it.

REAL CIO WORLD | D e c e m B e r 1 5 , 2 0 0 7 2 3VOl/3 | ISSUE/03

Coloumn_Let the Business Drive IT Strategy.indd 23 12/14/2007 12:52:10 PM

Conquering IndecisionMake better and faster decisions by changing your approach to the process.

You threw what you thought was a pebble into a pond and created ripples that have your conference rooms awash with disagreements, debates and dissension. The new strategy seemed simple

enough: transition to a common system across all operating units in order to enhance supply chain performance. The decision process to select the common system was pretty straightforward, but now everyone's lobbying for functionality and schedule change that are putting the overall initiative at risk.

Decision making in IT is pretty messy. By definition, integration and standardization are at odds with quick, customized delivery. So, the interests of the enterprise take a backseat to the more immediate need to improve business alignment and partnership. Within IT, this conflict is internalized, and conference rooms are filled with well-intentioned applications, architecture and infrastructure professionals questioning each other's motives.

In the heat of the battle, there's little that can be done other than ensure that the meetings are productive and the right decisions are made. In his 2006 Harvard Business Review article, Conquering a Culture of Indecision, business strategy expert Ram Charan identifies behaviors that help ensure decisive dialogues:

Close meetings by articulating who will do what by when and require attendees to communicate the decisions to their organizations within 24 hours.

Arrange for the right people to be involved in the discussions and promote open discussion by generating alternatives and assigning devil's advocates to say what others may be thinking.

Ensure that leadership is present to squelch dysfunctional behaviors including extortion (holding the whole group at ransom until they get their way), side tracking (going off on tangents),

Susan Cramm ExECutivE CoaCh


Ill

US

tr

at

Ion

by

pc

an

oo

p

Coloumn_Conquering Indecision.indd 24 12/14/2007 12:51:32 PM

silent lying (not expressing true opinions) and dividing (creating breaches by soliciting support outside of the meetings or having sideline discussion during the meetings).

With a little reflection and foresight, it's possible for CIOs to avoid tension and acrimony by identifying strategic initiatives that require changes in traditional approaches to decision making. IT leaders can also identify decisions that could be made better and faster with more direction from above.

Consider the ‘pebble’. From a decision-making perspective, the ‘pebble’ was actually a large rock. It required a significant shift in decision authority. Conflicts naturally arose since the operating units assumed that their authority had not changed, while those coordinating the initiative at the enterprise level assumed rights that they viewed as critical to getting their job done.

To avoid this problem, examine your strategic and operating plans with an eye toward understanding their impact on decision making thoughout the organization. Next, require that those coordinating these initiatives include redefinition of decision rights as part of the program plan. Decision authorities are best defined by identifying key resolutions that need to be made and using frameworks to ensure that all parties understand their role and that it is clear to all who the ultimate decision makers are.

At the same time, some decisions made at lower levels of the organization take too long or are just plain wrong. A classic IT example involves the selection of standards. At lower levels of the organization, ‘out of standard’ products creep in over time for reasons that are good in the micro but not in the macro.

IT leaders can take a burden off their staff and protect the longer-term interests of their enterprise by setting boundary rules. A classic example is the rule that when it comes to standards, ‘no more than two flavors of any type of hardware/software can exist at any point in time’. Boundary rules work. They encourage responsible decision making by restricting decision authority, but they also allow for well-reasoned exceptions by escalating the decision to higher levels.

There are many varieties of IT-specific boundary rules. These include those related to strategic focus (all new investments must benefit the external customer), investment levels (IT funding changes will not negatively impact company margins), business needs (success will be gauged based on end user acceptance), infrastructure (all improvements require business cases), projects (plan for six months, cancel at nine), risk (we will set controls in compliance with) and sourcing (all the best work will be done by our own employees).

It's impossible and undesirable for leaders to be involved with every decision that is made within their organizations. Yet given that leaders are accountable for the outcome of the decisions made under their watch, it is essential that decisions are made well. Sorting out decision priorities and authorities can help ensure that the right decisions get made in a way that enhances the relationships of those who need to work closely together to get the job done.

Susan Cramm ExECutivE CoaCh

Reader Q&AQ: I have been in meetings where top managers push for their way while not meeting the project’s needs. There is no senior leadership to squelch this behavior. I try to push for centralized business objectives. Is this a good idea or do I risk offending my peers?A: Identifying overarching objectives to use in evaluating the options is a good idea. However, you may find that in the heat of the meeting, there is little tolerance for rational decision making. you may want to get agreement about how decisions are made (including decision rights using racI or a similar framework) and the decision process before working through the issue at hand.

Q: You mention the withholding of true opinions as an issue in meetings. How can a leader get others to voice their real thoughts in front of the group?A: Understand that some people need time to process information before coming to a conclusion. If possible, schedule the discussion and decision-making meetings separately or distribute review material in advance. consider assigning a devil’s advocate to play the contrarian. It’s a great role to assign to those who are quiet but see things in a different light. Make it easy for people by asking questions that make it safe for them to share their views (for example, ‘What are we missing?’). Give them time to respond. Finally, institute a cultural norm that ‘silence is concurrence’ to encourage people to go on record, and ‘debate and unite’ to reinforce the importance of active debate and united action.

Q: We hold meetings via teleconference. How can we improve our decision making?A: Well-defined decision rights and processes are needed when working at a distance. agree with the team on how decisions will be made. For complex decisions, a decision facilitator can ensure the right level of fact-finding and discussion using e-mail chains and blogs before a meeting. a Web conference tool can ensure discussions are moderated and differences resolved quickly. CIO

Susan Cramm is founder and president of Valuedance, an

executive coaching firm in San Clemente, California. Send

feedback on this column to [email protected]

REAL CIO WORLD | d e c e m b e r 1 5 , 2 0 0 7 2 5Vol/3 | ISSUE/03

Coloumn_Conquering Indecision.indd 25 12/14/2007 12:51:33 PM

CIOs are always faced with pressure to

justify their IT expenditures. Now, new

research can help correlate those IT

rupees spent with business value accrued.

Vol/3 | ISSUE/032 6 d e C e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD

I.T.’s

MathNew

Cover Story.indd 26 12/14/2007 4:32:38 PM

Now IT budgets are beginning to grow again...but under intense scrutiny by management that wants proof that all those IT dollars actually redound to the bottom line. But while CIOs provide business with proof of IT’s value — and its fiscal responsibility — they may cut through any remaining fat in their budgets right into the bones that support their enterprise’s enabling technologies.

This risk, and the fear that comes with it, brings back bad memories of the days when IT was regarded as a mere cost to contain, notes Howard Rubin, president of the consultancy Rubin Systems and a research associate at MIT’s Center for Information Systems Research. That cost focus changed in the 1980s when IT became part of business strategy and the fiscal discipline imposed on IT investments was somewhat reduced. “Then, in the 1990s, companies became technology day traders — profits were rising and it was very easy [to] buy stuff,” Rubin says. “But when the bubble burst in 2000, companies said that those investments had done nothing for them, so they cleaned up their portfolios. Technology,” Rubin suggests, “is once again viewed as a cost.”

If true, that puts CIOs in a difficult position. “If IT is just a cost, you want to cut it,” notes Rubin. But that thinking forces CIOs to slash costs while at the same time responding to another demand coming from the executive suites: to innovate and thereby grow the business.

Out of the Budgetary Death Spiral

Getting that balance wrong could result in a race to the bottom, says Bob Zukis, a partner at PricewaterhouseCoopers. “It becomes a death spiral,”

he says. Cutting costs can impair the CIO’s ability to deliver technology’s benefits to the enterprise, which makes the enterprise question the value of technology, which leads to more cuts, fewer benefits and less value.

For many CIOs, the budget story has not been a happy one these last several years. The economic downturn that followed the dotcom meltdown, 9/11 and the high-profile accounting scandals that led to the Sarbanes-Oxley Act negatively affected IT budgets — a shock to IT leaders

after the go-go, profligate nineties.

by Galen Gruman

Reader ROI:

Steps toward a more collaborative enterprise

How businesses can revamp their networks to stave off stagnation

How a marketing campaign can help change-management

Cover Story | IT Value Metrics

REAL CIO WORLD | d e C e m b e r 1 5 , 2 0 0 7 2 7Vol/3 | ISSUE/03

Ima

gIn

g b

y b

InE

SH

SR

EE

DH

aR

an



It’s the CIO who needs to make the case that IT should not be regarded as a cost to be contained.“The average C-level executive doesn’t know how to evaluate if a technology investment is doing what it’s supposed to do,” says Richard Chang, CEO of the consultancy Richard Chang Associates. Thus, these executives focus solely on cost, looking for some easy metric such as tying IT spending to a percentage of revenue or benchmarking your IT spend against your industry.

But “that’s a reductio ad absurdum,” argues Bernard 'Bud' Mathaisel, CIO of IT outsourcer Achievo and former CIO of Solectron, Ford and Walt Disney. “Spending needs to be in context. If you’re in investment mode, your IT spend will be higher than for your industry as a whole,” he says.

The trick is to change the terms of the discussion. If IT is a cost, Rubin points out, it needs to be contained. If, however, IT is an investment, “you want to manage it.” The key is to make the argument convincing.

“The holy grail is to understand the inflection point of how much to invest in technology,” says Jim Noble, MD of global infrastructure solutions at Merrill Lynch.

Rubin says he has found a way to help CIOs permanently alter the nature of technology’s conversation with the business. Based on 25 years of industry benchmarking and research as an executive at the Meta Group, IBM and PwC, plus direct consulting with dozens of large enterprises, Rubin now believes he can show which spending metrics correlate to real business value and how individual companies compare to peers within specific aspects of their technology portfolios. It will allow CIOs to focus their spending assessments more deeply.

“This research will turn up the heat significantly on CIOs who can’t prove their value creation,” says PwC's Zukis, since now there is a way for them to do so. “The days of ‘trust me’ are over,” concurs David Howe, North American vice president for benchmarking at Gartner.

New Math: The Theory

Rubin’s research reveals two key concepts that can enable CIOs to see whether their IT investments

are returning real business value: Measuring IT spend against two factors —

operating expense and net revenue — is a more accurate gauge of IT effectiveness than the traditional metric of measuring solely against net revenue.

Enterprises that spend slightly more than their peers tend to have better business results. But after a certain point, that extra spending does no good. Rubin calls the sweet spot of extra but not exorbitant spending

I don’t believe in using justification models to approach management. of course, they have advantages. For instance, models help IT Departments to get an idea in terms of what cost benefits are possible.but, let me warn you that this exercise cannot be an RoI justification

method. The best mechanism that I have found and practiced is the balanced Scorecard. most of the justification becomes extremely easy using this methodology, because you cut across the entire organization.

When it comes to project justification, I’m very careful to differentiate between that which is strategic and those that are RoI-based. If you take a large implementation like ERP, SCm, or CRm, it becomes very strategic in nature. This is obviously not applicable for all companies. The moment you go to a b-tier or a c-tier company, which wants to spend Rs 2 crore on an ERP solution, this is still an RoI issue and not a strategic play.

This is where CIos have to get into justification. I offer two options — you can go the technology way and fail, or you can become a coach, and take the business champions with you and win the match.

Six years ago, the organization I worked for had multiple models and SKUs (with each SKU in multiple colors). For example, in Chennai users liked blue, while

Playing itSmart

Project justifications make sense only when you can draw a line between an RoI issue and a strategic play.

Anwer BagdadiSr. VP and CTO,

CFC India Services

2 8 d e C e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD



'optimal IT intensity.' He calculates IT intensity by comparing the IT spend to both the operating expense and net revenue, and has developed IT intensity curves that help CIOs see if they are underinvesting, investing an optimal amount or overinvesting. (Rubin compares the IT intensity number to profit to determine what the optimal amount is for a given industry. See The IT Intensity Curve)

Although Rubin’s research is based on more than two decades of work, his key conclusions have crystallized only in the last year. But he is now working with several CIOs to put his theory to the test. Intuitively, his findings make sense, they say.

“Now we can understand in an actionable way where we are underinvesting and [where we’re] perhaps overinvesting,” says Merrill Lynch’s Noble.

“We realized we needed a better comparison to be able to evaluate [IT spending] on a more holistic basis,” says John Comisky, VP of services operations at Verizon.

“The discipline of going through something like this provides a great deal of credibility with the senior management and at the board level,” notes Rob Leeming, chief administrative officer for IT infrastructure at financial services provider UBS.

These IT leaders note, however, that it will be a few years before they know how well Rubin’s theories play out in practice. And the numbers don’t provide insight on how to get the most bang for your IT buck, just that slightly higher spending correlates to better business results. “It’s not clear if [IT intensity] is a cause or an effect,” says Scott Abbey, CTO of UBS. There is, it seems, still an art to IT investment, not just math.

New Math: The Practice

Benchmarking yourself against previous investments and the investments of your peers is nothing new. But the available data was hard to use for anything

more than the highest-level comparisons. “Even then, the benchmarks were pretty worthless,” says Merrill Lynch’s Noble. And the data was insufficiently detailed to allow companies to compare specific aspects of their IT spending versus that of other companies. “There was a danger of comparing apples to oranges,” Noble says.

But Noble believes that Rubin’s two decades of benchmarking has created a database for the financial services sector that allows finer grained comparisons, a key step to understanding real trends over time and distinctions between competitors.

Rubin’s own analysis of IT spending compared to a company’s financial performance made him question the traditional measure of IT ROI, typically arrived at by dividing the IT spend into net revenue. The assumption behind that measurement was that net revenue should rise proportionally to the IT spend. Consequently, if revenue did not rise with a higher spend, the investment should be adjusted accordingly. Or more simply, the IT spend should be limited to a set percentage of net revenue. But this calculation, in Rubin’s view, ignores periods of investment and market change.

Rubin began experimenting and found that IT spending as a measure of business success correlated much better to another factor: operating expenses. He believes that comparing the IT spend to operating expenses better accounts for shifts in corporate realities: entering new markets, making previously deferred upgrades to the IT infrastructure and other capital improvements to competitiveness and efficiency, not to mention reacting to market shifts. While Rubin can’t prove that this is the reason for the better correlation to business results that he derived from comparing IT spending to operating expenses rather than net revenue, the prima facie evidence comes from calculations across hundreds of companies in more than a dozen industries. So for companies looking for a yardstick to measure normalized IT spending trends over time, Rubin says his metric does a better job, especially because it employs two factors a business can control: operating expenses and IT spending. But enterprises still need to track the IT spend against net revenue, Rubin notes, even though revenue is, ultimately, not something anyone can control. “You don’t want to spend money you don’t have, so you have to be aware of that figure,” he says.

Kolkatans preferred red. The appropriate combination of SKU and color was the real business intelligence that was required. by creating a simple tool and getting the channel partners to fill out a simple form, the IT team was able to capture the difference between stock and customer demand and then adjust these differences on a cascading basis for every subsequent delivery.

The logistics department, which otherwise never had much flexibility, was now in a position to predict what was required in the future. This also cleared the path for a bigger deployment. This is one way in which I created justification for IT by having a business champion in the form of the logistics department.

Usually, most departments are not fond of the IT guys, but when you provide them with useful tools that are simple to use, they definitely become your biggest supporters.

CIos should go beyond justification and try to implement tomorrow’s technology today. Every company asks for productivity — if they gave the IT department Rs 100 last year, they want to do the same task for Rs 95 today. The trick is to do it within budget and also create some ‘seed money’. I typically earmark 5 percent of my annual budget thus, and use these funds for experimental projects in areas like virtualization that can be used as proofs of concept.

In a previous assignment, I implemented a home-brewed Plm/service routine for our call center using seed money. our company had introduced four new models for Diwali, but two models had design flaws. by quickly analyzing customer complaints to the call center, using the Plm, we were able to pass on the same to the R&D team and the manufacturing departments. The upshot? The R&D department was able to react within just four days. Within a week they managed to fix the problem. and the company, for the first time, acknowledged that we were able to pipe direct customer feedback to the design team.

The ‘RoI’ was also good for my department — the design team then wanted a bigger implementation because they could see the benefits directly.

— as told to balaji narasimhan


PH

oT

o b

y S

RIV

aT

Sa

SH

an

DIl

ya


IT Intensity: How to Find the Sweet Spot

Further research showed Rubin that comparing IT spending to operating

expense to measure IT’s impact on business performance was not the answer to determining whether the right amount of money was being invested in IT. It turns out that calculating the relationship between the IT spend as a percentage of operating

expenses and the spend as a percentage of net revenue is what a CIO needs to do to arrive at an optimal IT investment. Rubin believes this because the triangulation that occurs when these two calculations are used can better account for the interplay between IT

investment (operational expenses) and fiscal reality (net revenue). This helps the CIO make sufficient investments when there's revenue but throttle back when it isn’t.

That triangulation led to Rubin’s IT intensity concept: there is a sweet spot for IT spending. For most enterprises, that means spending more as both a percentage of operating expenses and of net revenue than they are now doing. “The objective analysis

shows that spending wisely and applying IT intensity analysis can get you more return,” says Gartner’s Howe.

But the research does not mean the sky’s the limit. Rubin’s calculations show that technology investments hit a saturation

point after which no further business value is obtained. For example, he found no examples of any type of financial institution outperforming its peers by spending more than 14.1 percent of operating expenses on technology — essentially demonstrating that for banks there’s a ceiling for IT investments. For the subcategory of investment banks, that ceiling was 13.1 percent.

Rubin has created IT intensity charts for more than a dozen industries based on historical IT spending and their financial results. All show the same basic IT intensity curve and the sweet spot at its apex, although the curve itself differs from industry to industry. That makes sense, says Gartner’s Howe, because business models and degree of dependence on IT to deliver business functions vary across industries.

There are also variances within industries. This means that you can’t just pick the IT intensity curve for your industry and automatically align your spending to it, Howe says. “People don’t spend their dollars equally wisely,” he explains.

But the pattern holds despite these variances because the variables to factor in — labor rates, multiplicity of platforms, geographic dispersion and market volatility, for example — are still finite.

Art of IT Investing

While Rubin’s research provides a way for CIOs to calibrate their spending

to optimize the chances for business success, it doesn’t guarantee that success. That’s because, Rubin notes, the wise selection of technology initiatives (IT strategy) and good execution are always critical to gaining positive results. And that’s where the art comes in. CIOs who can do the math but flunk the art will not be able to use any extra money they pry out of their CEOs to improve business performance or create new value.Even artful CIOs will get different results from similar spending. “Companies will drive to different results based on how they answer the questions the data poses,” says Grande Bucca, MD for investment banking, research, legal and compliance technology at Merrill Lynch. “We look at our investments against our business goals, and we can change the order of them or their emphasis based on that assessment.” That metrics-


Profitability vs. Total Tech Spend as % of Net Revenue

Profitability vs. Total Tech Spend as % of Operating Expenses

TECh SpEnD AS % Of nET REvEnuE

TECh SpEnD AS % OpERATIng ExpEnSES

pR

Of

ITA

bIL

ITy

0% 2% 4% 6% 8% 10% 12%

5%

10%15%

20%

25%

30%35%40%

45%

Profitability

Linear

pR

Of

ITA

bIL

ITy

0% 2% 4% 6% 8% 10% 12% 14% 16% 18% 20%

10%

20%

30%

40%

50%

60% Profitability %

Linear Profitability

Vol/3 | ISSUE/033 0 d e C e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLD

ClOseR tO the lIneAlthough most companies track their IT spending as a percentage of net revenues (top), it turns

out that a better metric — one that correlates more strongly with business performance — is as a percentage of operating expenses (bottom). See how the indexes for profitability are closer to the line

in the bottom graph. (Shown here is data for a selection of banks.)

driven approach is key, says Accenture CIO Frank Modruson. “The top-performing companies manage by metrics,” he notes, giving them both detailed data to validate their IT decisions and early warning signals when those judgments are off.

At Verizon “we now have a more in-depth viewpoint about our spend that lets us lower the cost of maintenance and infrastructure while at the same time improving the quality of services,” says Comisky. “This lets you spend your dollars on the efforts you think are better for productivity.”

At UBS, Abbey says, “We start with a view of the desired outcomes for each of the businesses, then derive from that an overall technology strategy that we can test with benchmarks to see if we’ve got out of it what we expected.” Even if Rubin’s research improves a CIO’s ability to understand his spending’s impact on business performance, achieving efficiency should not be ignored, says Gartner’s Howe. “Finding each dollar through increased efficiency is still a

worthy cause,” he says. “You can spend those dollars for whatever has the best return, whether that’s in IT or not.”

Separate research at the BTM Institute, an industry think tank, reinforces the idea that smart technology management is essential to getting the desired ROI. Its research shows that companies that treat IT as a driver of business growth get better financial performance and “that doesn’t necessarily mean they’re spending more on technology,” says Faisal Hoque, the institute’s chairman.

Other research shows that companies that have managed the complexity of their IT by building well-conceived systems rather than throwing a lot of technology at the wall to see what sticks get higher value from their IT spend, notes PwC’s Zukis.

At the end of the day, there’s no magic formula to justify IT budgets, no wand to wave that guarantees that real business value will pop out of the technology investment hat. But good CIOs shouldn’t be looking for magic, says Rubin. They should be using their skills in the science and art of IT to manage technology as the critical investment it is.

“The CIO,” concludes Rubin, “is a fund manager who needs to get the right return on his investment for the risk assumed — and who must make sure his portfolio is managed well.” CIO

Galen Gruman is a frequent contributor to CIO. Send CIO. Send CIO

feedback on this feature to [email protected]

much of Howard Rubin’s research into IT intensity has focused on infrastructure spending. That’s mostly because that’s what companies have benchmarked over the years and it is also easy to monitor over time. but application deployments are

typically managed as projects and are not tracked, says Scott Holland, senior business adviser at the Hackett group.

“The infrastructure view is how effectively and efficiently you can provision standard technologies,” says Scott abbey, CTo of the financial services giant UbS. “applications are about how well you’re supporting a specific business with a specific technology.”

Rubin admits that much of IT’s business value comes from applications, not infrastructure. “applications have a huge ripple effect on the organization,” concurs Holland.

Compounding the difficulty is the issue of assessing the impact of project management on application deployments, as that typically involves both IT and business efforts, says one IT finance manager. “We tried balanced Scorecards, with mixed results,” he notes.

because there’s less data on how application spending contributes to business performance, CIos need to rely more on their judgment, Rubin says. but CIos should at least understand that the two will need separate spending and management strategies and perhaps even separate lieutenants. “That’s why some organizations separate their application costs from their infrastructure costs,” says bernard 'bud' mathaisel, CIo of achievo. “Still, it takes a deep understanding of causality to understand what’s going on,” he adds.

—galen gruman

When IT’s investments are calibrated against business value, what’s usually being measured is infrastructure. but what about the apps?

I.T.T. . T. T InTEnSITy

The IT Intensity Curve45%

40%

35%

30%

25%

20%

15%

10%

5%

0%1

pR

Of

ITA

bIL

ITy

1.2 1.4 1.6 1.8 2 2.2

Financial Services Insurance Health Care Retail


OptImal spendIngBy triangulating IT spending as a percentage of operating expenses and as a percentage of net

revenues, enterprises can calculate where they fall on the IT intensity curve. A position to the left of the apex shows additional IT investments should aid business performance, while a position to the right of

the apex indicates spending that is no longer aiding business performance.

The Cloudy World of

App Spending

Reader ROI:

How innovative IT can open up a rural market

How IT can bring down the cost of servicing loans shipments

The importance of mitigating risk

PassageBy Gunjan Trivedi

How do you do a face-to-face screening of seventy percent of over a billion

people? You can’t. Which is why many farmers in rural India can’t get a loan.

Until ICICI Bank found a way.

Vol/3 | ISSUE/033 2 d e c e m b e r 1 5 , 2 0 0 7 | ReaL CIO WORLD

to Rural India

Case Study.indd 32 12/14/2007 4:33:57 PM

n an average, one farmer committed suicide every 48 minutes in Andhra Pradesh, Karnataka, Madhya Pradesh and Maharashtra between

2001 and 2005, according to the government of India.

A report from the National Sample Survey Organisation (NSSO) that was discussed in Parliament, pointed to a link between these deaths and debt-traps farmers were cornered into. A major contributor to this trap? Money lenders who charge upto 60 percent a year.

But farmers have little choice. Alternative borrowing options are few and have inherent disadvantages of their own. And corporate czars — especially those in the banking sector

— aren’t helping either. They have never looked at rural India as a real business case. Rural financing has always been more of a social obligation than a business opportunity. Banking in rural areas was more or less been thrust on government-run nationalized banks, while private banks focused on more immediately-profitable urban centers.

This fact didn’t escape the NSSO survey. It showed that money lenders formed the second most at 26 percent, important source of loans to farmers.

Blaming private banks, however, is hard. They seem to have justifiable cause for ignoring farmers. It isn’t just lower business volumes that give them the rural heebie-jeebies. It is the higher credit risks associated with rural borrowers.

Now, one private bank has found a way to change that. It brought business and IT together and seems to have pulled off the impossible: it has de-risked rural banking.

BetWeen a ROCk and a Hard Place You hear so much about India’s powerhouse economy and its white hot stock market, it’s easy to forget that over 70 percent of Indians live in rural areas. It’s rough country and 60 percent support themselves with agriculture. That’s a lot of people.

And a lot of money. A conservative study which assumed that two people per village wanted a loan of Rs 40,000, noted that banks can potentially make at least Rs 4,800 crore.

These numbers aren’t new to business development managers, across verticals. For years they’ve been pitching idea after idea, aspiring to be the first to crack this market. Few ideas, however, have stuck. As Nobel-prize winning, for instance, as micro-finance is, recovery rates still remain poor in many parts of the world.

But in the last five years, private banks have begun seeing a potential overlap between social obligation and profitability. Many large players have started to figure out ways to tap the vast, unexplored business opportunities spread across India’s villages.

One untapped agri-business opportunity is commodity-based financing. The concept is simple enough: banks use a commodity, such as cereals (wheat, oats, barley), as collateral in exchange for a loan. If a farmer can’t return a loan, the bank sells the collateral.

In the meanwhile, banks store the commodities in warehouses. It’s great for farmers who kill two birds with one stone: they get a loan and they can hold back their produce — in bank-approved warehouses

— until its price increases after post-harvest gluts force prices down.

Agricultural commodities are seasonal — a painful fact for Indian farmers. The principal harvesting seasons for these commodities is either Kharif (from July to October) or Rabi (from November to April). And like all things seasonal, prices fluctuate wildly.

Earlier this year, for example, the price of chilies in Guntur (a district in Andhra Pradesh, which hosts Asia’s largest market for red chilies) dropped from Rs 7,100 a quintal to Rs 3,800 after a post-harvest glut. As the market bottomed out, it hit farmers hard — because many had shifted to growing chilies after the previous year’s high prices.

Commodity-based financing can help and isn’t a 2007 piece of epiphany. Government banks and cooperative societies have been giving farmers loans against their produce for some time. But there’s a hitch: these banks like to play it safe. Very safe. They depend on references, have plenty of checks and balances, and give out most loans on a case-by-case basis. These processes, apart from being non-scalable, also introduce corruption. As a result, many farmers take their chances with local moneylenders.

Between unscrupulous bankers and greedy money lenders, farmers had no where to run.

“ICICI Bank wanted to step in and reinvent the landscape of commodity-based financing,” recalls Pravir Vohra, group CTO, ICICI Bank.

CasHIng In On Rural India There was only one way it could be done. Create a system that could help dissociate risk from the personal credit-worthiness of a farmer and shift the risk to collateral. The

Case File

ReaL CIO WORLD | d e c e m b e r 1 5 , 2 0 0 7 3 3Vol/3 | ISSUE/03

Ill

US

tr

at

Ion

by

an

Il t

Case Study.indd 33 12/14/2007 4:33:58 PM

system would have to be able to calculate — impartially — how much ICICI Bank could loan a farmer. And if the system was going to attract the interest of farmers, it needed to look at various parameters and come to this figure quickly.

Yet, it also needed to be light enough to be accessible over the Internet so that it could be used in rural areas. It was the only way ICICI Bank could leverage the volumes rural India offered. A State Bank of India study showed that servicing Rs 40,000 loan using the traditional banking approach costs Rs 120,000 – making a brick-and-mortar presence financially untenable.

As ICICI Bank approached the challenge, they tried an approach they knew best: spreadsheets. The problem is that spreadsheets, by definition, are a non-scalable model and have inherent risks in terms of control, process-flow and aggregation. It smelled of the manual-controls style that the nationalized banks were known for. Worse, it would force ICICI Bank into the traditional, non-scalable model of opening branches.

“Our challenge was to come up with a scalable platform that does many things at the same time and mitigate the inherent risks of the earlier systems, without having to build full-scale branches at each village,” says Vohra.

They built the e-Commodity-based Financing (eCBF). The innovative application enables funding against agricultural commodities to farmers, traders, and corporates. To start with, ICICI Bank chose to include commodities that were traded on the National Commodities and Derivatives Exchange (NCDEX), the Multi Commodity Exchange (MCX) and National Multi Commodity Exchange (NMCE), with the exception of gold and silver bullion.

“Our model is radically different because a combination of automated tools is used to score credit rather than personally meeting farmers. It is really a national rollout of the same brand and product experience across the country,” says Vohra.

The system looks at various parameters including the price of a commodity, the grade of a warehouse, a borrower’s track record, etcetera, to compute ICICI Bank’s risk level and how much it can lend. It’s an impressive algorithm, given the high number of variables and bands within these variables (like how much a commodity is likely to cost across a six month period).

The eCBF marks every market and tracks every accredited warehouse. When the masters are set in the system, every accredited warehouse, its total capacity and the commodities it can store are defined and are given weights that go into the risk calculation algorithm.

The eCBF is a web-based system that can be accessed by locally appointed WMAs (warehouse management agents), who interact with farmers on ICICI Bank’s behalf. Since they operate from

remote locations, WMAs can only access eCBF on narrow-band Internet — sometimes using CDMA-based mobiles a medium.

“The application is very light. At the end of the day they have to only post an entry and the system handles everything else. If a farmer has a warehouse receipt, he or she only needs to log in the receipt number and the commodity.” says Vohra.

The rural business was launched with skeletal capabilities, and as more processes began to emerge, the bank’s IT team — in conjunction with the rural agri-business team — identified new requirements and best ways to add relevant controls. eCBF also helps ICICI Bank provide financial support to corporates in the same way it

Case File

snaPsHOt e-Commodity-based FinancingUseRs: 4,000

BORROWeRs: 2,500

PORtfOLIO: rs 1,000 crore

Vol/3 | ISSUE/033 4 d e c e m b e R 1 5 , 2 0 0 7 | ReaL CIO WORLD

tHe qUICk Way tO a LOan

Inf

og

ra

ph

IcS

by

Un

nIk

rIS

hn

an

aV

For a loan, farmers pledge their produce and stock it at ICICI-approved warehouses. This also helps them wait out the low prices characteristic of post-harvest glut.

Warehouse receipt in hand, farmers approach the closest warehouse management agent, who handles documentation for ICICI.

DepenDing on a number of variables, the eCBF system calculates how much and at what rate they can lend to a farmer. Some factors include warehouse-grade, farmer track record and commodity prices.

helps farmers. These companies have a web of contract cultivation farmers to ensure a constant supply of produce for packaged products like pre-packed wheat. ICICI Bank provides loans to these companies against the pledge of their stocks.

DynamIC maRket, Dynamic ItSeasonality, however, cuts both ways. Fluctuating prices not only affect farmers, it affects the banks: if the price of a commodity drops, so does the value of the commodity ICICI Bank is holding as collateral.

“If you’re holding a commodity for, say, 5,000 farmers, you need to re-compute your risk margins on the commodities everyday,” says Vohra.

Traditionally, says Vohra, safe-playing public sector banks retain 40 percent margin on wheat irrespective of the price margins going up and down.

“I don’t think any other bank, other than us, does such dynamic computation at present,” he says.

By providing prices online to farmers in remote locations, the system also ensures that farmers can get a better price for their produce than they have in the past. It effectively reduces farmer exploitation by intermediaries at local mandis, who withhold information from farmers to force them to sell low.

The eCBF system also has various checks and controls built-in. For example, if a warehouse issues receipts beyond the capacity stated on the system, a fraud alert is flagged. Or, if the price of a commodity drops so much that the bank is in danger of making a loss if it needs to sell collateral, the system fires an alert and the farmer is asked to deliver more produce as collateral or return some of the loan.

“We have developed a fairly complex system to support this line of business in a way that I am not aware anybody else is close to at the moment. In fact, in someway, it is a core system for rural commodity-based financing,” he says.

The application is also capable of matching profiles against other databases like defaulter lists from RBI or CIBIL (Credit Information Bureau, India).

“The application has been built as a risk-cum-credit management and margin monitoring tool with fraud-mitigation controls for real-time management and tracking of exposure, outstanding and collateral,” says Vohra.

The application, which has been in operation since March 2007 across

ICICI Bank hubs at 16 locations across the country, is slated to grow to 75 in a few months. In view of the competitive financial market, the funding facility has been made available to borrowers over the counter.

Today, about 400 WMAs use the system. About 2,500 borrowers transact on it with about 15,000 warehouse receipts. The number of borrowers is expected to jump to 10,000 by March 2008. And the system which currently deals with a portfolio of around Rs 1,000 crore, can easily reach Rs 3,000 crore by March 2008, says Vohra.

A newer version of the system is also being planed that would enable a real time updation of files as against the batch file uploading that happens today. “It is fairly a complex system, and we have about 4,000 people using it at any given point of time. I believe it has emerged as a kind of lifeline for what we are trying to do in rural India,” says Vohra. CIO

Gunjan Trivedi is assistant editor for cIO India. Send IO India. Send IO India

feedback on this feature to [email protected]

ReaL CIO WORLD | d e c e m b e R 1 5 , 2 0 0 7 3 5Vol/3 | ISSUE/03

“Our model is radically different because it uses a combination of automated tools to score credit rather than personally meeting farmers.”

— Pravir vohravohravgroup cto, IcIcI bankank

ph

ot

o b

y S

rIV

at

Sa

Sh

an

dIl

ya

once the loan is cleared, money is moved directly to a farmer’s bank account.

Trendline_Nov11.indd 19 11/16/2011 11:56:19 AM

an

The Year AheadA pictorial presentationA pictorial presentationThe Year Ahead Program has,The Year Ahead Program has, over the last four years, drawn many CIOs in the US together to discuss the challenges and many CIOs in the US together to discuss the challenges and solutions that the coming year would bring. solutions that the coming year would bring. In celebration of its second year, CIO India wanted to bring the In celebration of its second year, CIO India wanted to bring the

benefits of this meeting-of-minds to our CIOs. So, we brought together experts from the field of security, storage and infrastructure and leading Indian CIOs and took them to brainstorm in Malaysia. Our aim was to help CIOs make decisions by arming them with the best possible information – and enjoy themselves while they were at it.The Year Ahead program did all of that and then some more.


CIO | 08 The Year Ahead

Happy BirtHday CiO! : The 3 C's no CIO birthday bash can do without: a cake, a clown and a cable car ride to Genting, the Las Vegas of Asia. Great party we thought, until one CIO topped it with a Carnatic version of the happy birthday song! The clown, by the way, we found at the amusement park.

Welcome to

ot

Day one

Lauren SkryzowskiSr. Marketing Manager, Information Platform

Solutions Distribution, Information Solutions,

IBM

Jim LenoxGeneral Manager,

Asia South, VMWare

Dr. Patrick ChanDirector, IDC Asia Pacific

A. Sitaramaiah Director, Sales and

Marketing, Fluke Networks

Vol/3 | ISSUE/033 8 d e c e m b e r 1 5 , 2 0 0 7 | REAL CIO WORLDREAL CIO WORLD

What transpired: In her keynote speech, Lauren Skryzowski, pointed out how 70 percent of executive time was spent looking for data and how MDM could help.looking for data and how MDM could help.

Dr. Patrick Chan spoke about building the next generation enterprise. building the next generation enterprise.

Jim Lenox showed how virtualization showed how virtualization can change the fact that 80 percent of a can change the fact that 80 percent of a data center’s efficiency is un-utilized. data center’s efficiency is un-utilized.

A. Sitaramaiah said that an effective said that an effective way to cut cost was by optimizing network performance.

Panel Discussion: The Future is Here

The effort that went into organizing this complex event with

military precision deserves to be commended. A swimming swan looks beautiful, but only the swan that knows

how much paddling is required to keep it moving.— Col. Arvind Saksena,Col. Arvind Saksena,

cIo, Deccan aviationviation

the year ahead

Event Photo Feature.indd 38Event Photo Feature.indd 38Event Photo Feature.indd 38 12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM12/14/2007 5:39:36 PM

CIO | 08 The Year Ahead 08 The Year Ahead


momentmoment

ppririCCeless: eless: We aren't talking about the Mastercard ad. Photo by: Nikhil We aren't talking about the Mastercard ad. Photo by: Nikhil Gujar, Mafatlal Industries.

danCing witH tHe stars: We brought the stars and Awana Resort got the dancers. To add Indian masala to Malaysian moves, the dancers shook a leg to Alisha's Made in India. And we joined in. Groovy. Made in India. And we joined in. Groovy. Made in India

DAy OnE

presented By

Partners

i


Praveen Sahai,Head - Marketing &

Corporate Affairs, India & SAARC, EMC

Pradip Bhowmick,Associate Director, PwC

Manish Gupta, CIO, Fortis

storage

This conference was of such high standard that for years to come,

IT leaders will use it as a benchmark.

Networking and discussion during the breaks, generated as much debate as the conference.

— V.S. ManikkamHead - It, Henkel t, Henkel t cac

Day tWo

What transpired:

In his keynote presentation, Praveen Praveen Sahai talked about the future of intelligent iInformation infrastructure.intelligent iInformation infrastructure.

Pradip Bhowmick, showed how understanding the lifecycle of storage understanding the lifecycle of storage could beat regulatory pressures.

Subram Natarajan, said that 82 percent of companies that move data percent of companies that move data face challenges and that they could find face challenges and that they could find relief with Softek TDMF.

Arnab Biswas, talked about his experience with business services management and how this is the direction mobile commerce is taking.direction mobile commerce is taking.

Manish Gupta, spoke about getting spoke about getting the storage pulse right in healthcare.the storage pulse right in healthcare.

A CIO Panel Discussion:Storage Woes in 2008

Event Photo Feature.indd 40Event Photo Feature.indd 40Event Photo Feature.indd 40Event Photo Feature.indd 40 12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM12/14/2007 5:40:10 PM



i dream i dream OOf f CHOCOCHOCOlate: late: If you think this two-foot chocolate rabbit is If you think this two-foot chocolate rabbit is impressive you should have seen the dragon.

presented By

DAy tWO

Partners

spin it: Dining at Berputar Seri Angkasa, the revolving restaurant on top of the 300 meter KL Towers, made us giddy. We weren't sure if it was from the view, all the spinning or a sugar high from the dessert counter.

Arnab Biswas, Arnab Biswas, Arnab Biswas, Group CIO, OxigenGroup CIO, OxigenGroup CIO, Oxigen

Subram Natarajan, Subram Natarajan, Subram Natarajan, Senior Consultant-SSG Senior Consultant-SSG Senior Consultant-SSG

AsiaPacific & EBC AsiaPacific & EBC AsiaPacific & EBC Program Manager, IBMProgram Manager, IBMProgram Manager, IBM

moment

Ramesh GSr. Product Manager,

Windows Client, Microsoft India

Sivarama KrishnanExecutive Director, PwC

Teo Choo SiongSecurity & Privacy Services Product

Manager, IBM


What transpired: Ramesh G. & Vikram Jeet GhoshRamesh G. & Vikram Jeet Ghosh, on how to allow partners on your networks on how to allow partners on your networks and stay secure, as infrastructure gets and stay secure, as infrastructure gets more mobile.

Sivarama Krishnan on moving the on moving the focus of security spending on training focus of security spending on training and compliance.

Teo Choo Siong spoke about the importance and implications of security.importance and implications of security.

An Alternate View from CIO:Privacy be Damned.Security Comes FirstPrivacy be Damned.Security Comes First

A CIO Panel DiscussionSecure or Quit

security

I had the opportunity of singing Happy Birthday on

the CIO magazine’s second anniversary celebration on the first

evening and I am still very happy about it! It was great to be part of this event.

— — S. RamakrishnanS. Ramakrishnanassociate VP, taFe

Day tHree

Event Photo Feature.indd 42Event Photo Feature.indd 42Event Photo Feature.indd 42Event Photo Feature.indd 42 12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM12/14/2007 5:40:40 PM



presented By

DAy thREE

Partners

eessCCalating talating tOO new new HHeigeigHHts: ts: Ladies and gentlemen, Subbu, (Subramaniam VLadies and gentlemen, Subbu, (Subramaniam VCIO, OTIS) on the drums.

Vikram Jeet GhoshSecurity Solution

Specialist, Microsoft India

turning it up tO eleven: Show and tell, can hardly

sum up the party at Planet Hollywood. With only a day to go, CIOs loosened up — even

the bartenders joined in.

moment



Infrastructure

Arvind Chandrasekar General Manager

AMD India

Arvind Mathur Chief Architect,Global

Services, Sify

Rohit KhannaCountry Leader,

Infrastructure Solutions Global Technology, IBM

Bala Chandran Managing Director,

(India & SAARC)ADC Krone

One great take away from this program has been

the level of bonding and not mere networking. The

sense of involvement and camaraderie was worthwhile.

The highlight was Subbu’s birthday celebration.— Anwer BagdadiAnwer Bagdadi

sr. VP and cto, cFc India serviceservices

Day Four

What transpired: In his keynote address, Arvind MathurArvind Mathur, spoke about building multi-service, application-aware IP network infrastructure.application-aware IP network infrastructure.

Vikas Agarwal on how a major trend on how a major trend for infrastructure technologies of the for infrastructure technologies of the future is the convergence of mobile and future is the convergence of mobile and client computing.

G. Vinay Kiran on moving from a cost on moving from a cost center to a strategic asset.

Bala Chandran said that when it came to said that when it came to physical media, “it’s what you don’tsee that matters.”

Arvind Chandrasekar on how a lack of on how a lack of data center design can hamper business data center design can hamper business and how to get it right.

Rohit Khanna spoke about planning and spoke about planning and perspectives in infrastructure solutions.perspectives in infrastructure solutions.

Event Photo Feature.indd 44Event Photo Feature.indd 44Event Photo Feature.indd 44 12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM12/14/2007 5:41:11 PM

CirCirCCle le OOf life: f life: Just like the Eye on London but with a stunning Just like the Eye on London but with a stunning view of the Petronas Towers. Photo by: Vijay Kumar, Himalaya Drug Company

CIO CIO CIO ||| 08 The Year Ahead 08 The Year Ahead 08 The Year Ahead 08 The Year Ahead 08 The Year Ahead 08 The Year Ahead


presented By

DAy FOUR

Partners

fanfare: The Seri Melayu restaurant, which combines dinner with theatre, showcased the three cultures that make Malaysia so special: Malay, Chinese and Indian. We felt at home, especially when the Bharatanatyam piece came on.

G. Vinay KiranG. Vinay KiranG. Vinay KiranMarketing & Comm. Marketing & Comm. Marketing & Comm.

Manager, Microsoft IndiaManager, Microsoft IndiaManager, Microsoft India

Vikas AgarwalVikas AgarwalVikas AgarwalPrincipal Consultant, Principal Consultant, Principal Consultant,

PwC

moment

Be There Next YearBut read about this year— in our next issue.There it is. If you think you should have been there, take a look at our next issue, January 1, 2008. It will carry interviews from domain experts at the Year Ahead Program. It will also come with a DVD loaded with presentations and tech briefings made in Malaysia.


taketaket Off: Before we got ready to leave, we all crammed into a last photograph. And everyone got a goodie bag. Say cheese,

HomecomIng

CIO | 08 The Year Ahead

Trendline_Nov11.indd 19 11/16/2011 11:56:19 AM

A Doseof Growth

CIO: How do you plan for growth especially when the economic environment and competitive landscape is changing so rapidly?

Daljit Singh: To put things in perspective, we have been focusing on domestic markets. In the process of setting up facilities in the last six years, we have seen that there is an enormous demand for quality healthcare in

our country. The quantum of share that anybody can have in the Indian healthcare market is miniscule. It is an extremely unorganized sector. Let me give you an example. There are about 50,000 hospitals in our country; of these, over 85 percent have an average of less than 30 beds. Only about 1 percent has more than 200 beds. What it really means is that this is a very fragmented sector and this is only the private part. There is still a huge shortage of tertiary care in our country. India has the

Daljit Singh, President

Strategy & Organizational Development,

Fortis Healthcare, says that the only way the

organization can handle 80 percent

annual growth and maintain

quality is by using IT.

Among the list of booming Indian industries, healthcare is just a step ahead of IT — but that's only because it's arranged alphabetically. The sector has been growing at an incredible pace especially because of an affluent Indian middle class that will not compromise on quality. A relatively recent entrant to the domain, Fortis has already created a niche for itself in cardiac care and orthopedics, 'healing the world, one heart at a time.'

As the head of strategy in one of the country's fastest growing healthcare companies, Daljit Singh has realized that if Fortis has to lead from the front, it needs a dose or two of technology. Fortis plans to answer the country's vast requirement for quality healthcare and IT forms an important part of that strategy.

By KaniKa Goswami

View from the top is a series of interviews with CEOs and other C-level executives about the role of IT in their companies and what they expect from their CIOs.

Vol/3 | ISSUE/034 8 d e c e m B e r 1 5 , 2 0 0 7 | REAL CIO WORLD

Ph

ot

o b

y d

r l

oh

Ia

View from the Top.indd 48 12/14/2007 3:42:54 PM

View from the Top

REAL CIO WORLD | d e c e m B e r 1 5 , 2 0 0 7 4 9Vol/3 | ISSUE/03

Daljit Singh expectS i.t. to:

provide strategy and drive productivity

add value to patient experience

help standardize processes


capacity to absorb as much as already exists. Over the next five years we could double that investment and it would still be absorbed.

There is ample opportunity for growth and therefore the healthcare sector is ripe for investment. We have to find the best means to make that happen. That could mean anything in the region of $30 million to $80 million. These are the figures from two independent studies, one by Mackenzie with CII and the another by Ernst and Young with FICCI. It’s a massive figure and the government, we believe, is not in a position to invest anything more then maybe about 10 percent of this amount. So the investment has to come in through private players, or FDI, so the sector is actually looking for investment and business opportunity. Growth is something which is real, given our need for quality healthcare.

India is pretty much at the bottom of the list when it comes to statistics pertaining to the growth of healthcare maturity of a country. If you look at the evolution in healthcare, the number of beds per thousand people, if you study the number of nurses or doctors per thousand people — India is at the bottom of the list, way below the world average. We can’t even begin to compare ourselves to the developed nations.

So, there’s a lot waiting to be done. The bulk of our population, which is about 70 percent in the rural areas, does not have access to quality health care, unlike urban areas. Around 95 percent of specialists are concentrated in urban areas; the rural sector is left with only about 4 percent. That’s a major issue; we’ve got to find mechanisms of delivering care to a much broader population.

Fortis is growing at over 80 percent annually. How do you handle or plan for this kind of growth?

This doesn’t necessarily mean doubling hospitals, what it means is that our revenues are reflecting that kind of growth. Its not just new facilities, it’s a combination of new facilities and the revenue growth in our existing facilities. I think our brand has to ramp up very fast as we have about 13 hospitals and we expect to run about 35 to 40, in the country, by 2011. We would be covering B class cities, and we also need to look at this growth in terms of contract perspective. It will allow us not to invest too much in sites and construction.

How do you ensure that you do not spread your resources too thin?

It’s always a challenge if your aspirations are to grow very fast. Contracts is one way but that requires management and people. We have

some programs for developing internal capability. We do not get professionals, for all our operations — front office or sales. We need to train people to be able to cater to the requirements of patients and to the standards of the hospital.

We have a program called FIELDS (Fortis Institute of Enhanced Leadership Development), which provides internal training. We cannot get people with common standards readymade, so we are looking at creating this capability ourselves. We are working with some management institutes, like Symbiosis, and are looking at programs in finance, sales excellence, general management and managerial finance.

But this growth can both make or break an organization. Do you use IT to evaluate risk?

I recently heard something very interesting. ‘Risk is a cusp of opportunity and failure.’ Risk is inherent to any business operation. The role of management is to recognize the risk and do whatever is necessary to take it towards a field of opportunity rather than failure. Growth cannot be mindless. While we add facilities at one end and hone skills in areas like project management or integrating hospitals, we also need a very strong platform of operational excellence. We seek to do that by putting into place this operating system — a hospital management system and a capability development system for our people. This is to ensure that we have an organization which has a capability to leverage our strength at every stage.

How does Fortis use technology to scale up?

That in my mind is a big challenge from a number of perspectives. Obviously, the first part is: where do you get

View from the Top

“Our ambulances need to leave within six minutes of a call. We think that technology is a significant lever to drive common standards.”

— Daljit Singh

Vol/3 | ISSUE/035 0 d E C E m b E r 1 5 , 2 0 0 7 | REAL CIO WORLD


the funds from. Second, how do you get a good project management team to manage each facility — including doctors or paramedical staff to run the facility.

The third and the most important, you will need to have standardized processes and systems which ensure standardized delivery or care, no matter what. I think these are the areas we are focusing on. We are working very closely with some leading consultants in the field to develop our operating systems. When it comes to our patient processes, there are a few questions that beg for an answer: are we able to ensure a uniformly good experience at the end of every process? Can we ensure that every time we have an opportunity, we have a positive result? We just completed this exercise at one of our hospitals, and are in the process of extending it to all the others.

How does Fortis use IT to ensure common patient experience across all its hospitals?

When the Fortis operating system is fully rolled out it will ensure a uniformly -standard experience. It also depends on how you work and handle people. What are the work flows that you put in place to ensure that certain metrics are met? For example, ensuring that patients don't wait beyond a certain number of minutes or that they are discharged within a defined period? It is also important to ensure that our ambulances leave our hospitals within six minutes of a call.

For our IT system, we have implemented an Australian software called Trak in three of our hospitals. It is a hospital information system which integrates all clinical and administrative functions. We think that technology is a significant lever to drive standardization or productivity.

Our ability to look deep into business areas becomes enhanced and therefore

opportunities will be better fleshed out. It will assure greater transparency in our cost structure.

We need to have the latest medical equipment to be able to deliver value to our patients. For example, the MRI machine that is being used at our hospitals should be of the most modern quality. We may not need cutting-edge or innovative technology; we don’t need to be trail blazers, but we do need to be sufficiently modern and contemporary.

In this risk-reward tango, are you an early adopter of technology or do you choose tried-and-tested technology?

Well, I would say healthcare is not an area which actually dabbles too much in technology. If you were to look at us in relation to the rest of the healthcare sector, I think we must be one of the most technology-intensive hospitals in the country today. We are clearly one of the leaders. I have not seen any hospital in the country yet with our level of IT. There are other prominent players like Apollo and Wockhardt.

Regardless of all the planning, things go wrong. When is the right time to pull back or bite the bullet?

I think the right time to pull back is when you have a very strong sense that something is not going to work. It is a sense based on market information. We get all kinds of inputs from the market and from our colleagues. When you have come to that sort of view one must pull back.

What drives innovation, is it strategy or the availability of a specific technology?

I think innovation is just any activity that adds commercial value to an enterprise at minimal cost. So it could be technology, which is the means to deliver something — it is just a means. Wherever you employ technology, you

must be aware of its utility. Innovation is the ability to leverage technology, or any other process improvements. This will ultimately add value to the process, either through better patient experience or to add to revenues.

What role do you see your CIO playing in driving your growth agenda?

In my opinion, CIOs play a very critical role. They are the eyes and ears of the business. They are the ones who regulate the use of information technology and the tools available to us to utilize our best applications to remain in business.

All said and done, most people don’t have the time or knowledge to delve into the latest in technology. I think the CIO provides a strategy and drives productivity. He is the one who decides what role technology can play in improving his business functions. That is the role I see for the CIO. CIO

Kanika Goswami is special correspondent for cio india.

send feedback on this interview to [email protected]

SNAPSHOTFortis HOSPITALS: 13

EMPLOYEES: 6,000

REvENuE*: rs 132.81 crore*

HEADquARTERS: delhi

CIO: Manish Gupta

*March 31, 2007

View from the Top

REAL CIO WORLD | d E C E m b E r 1 5 , 2 0 0 7 5 1Vol/3 | ISSUE/03


CIOs don’t get rewarded for merely running an efficient network, as the enterprise grows ever larger and ever more complex. The IT leaders are expected to do a lot more. They have to mitigate risk, and manage complexity and growth, said Vijay Ramachandran,

editor-in-chief of IDG Media, as he set the context for a lively panel and round-table discussion organized by CIO India and sponsored by IBM’s Leadership Forum. The discussion, in New Delhi, elicited diverse views, drawn from the experiences of top IT

Reining Risk& Managing Growth

Today’s CIO needs to find creative

ways of mitigating risks in a globalized world fraught with

uncertainties.

5 2 d e c e M b e R 1 5 , 2 0 0 7 | CIO CUSTOM PUBLISHING

Executive Sponsor

Event Report.indd 52 12/14/2007 12:54:30 PM

leaders across the country, and brought profound thinking on the subject, if not a consensus on how best to deal with the growing risks. Maruti Udyog’s chief GM, IT and sales dispatch division Rajesh Uppal advocated the need for a strong framework of governance to cope with risks. American Express’ VP -Technology Brian Barnes threw up the concept of relative risks and pointed out the need for tradeoffs at every stage of decision-making. Some others including Director, Global Technology Services of IBM Nipun Mehrotra spoke about how risks can be shared, perhaps by strategic outsourcing partners.

The discussions evolved initially under a panel of four and then into a broader round-table. In the first round, Uppal, Barnes and Mehrotra were joined by IFFCO’s Executive Director-Mgt. Services and IT S.C. Mittal; in the second, IT-Head of BSES K.B. Singh, Tamal Chakravorty CIO of Ericsson, IT-Head of LG Daya Prakash and Country Manager of Nokia Sanjay Jhamb, joined the discussions.

The Risk FactorBarnes started with an anecdote, helping to define risks in any context. When he was 10, Barnes and a friend tore a scooter engine off its frame, and plugged it into a Go-Kart. The first time the two took a ride, it worked but not as fast as they thought. They tweaked it and it worked better, but “still not as fast as we wanted it to,” he said. Then they took the speed governor off the flywheel and “then it worked great.” Barnes said he felt pure ‘exhilaration,’ as the go-cart raced at a speed they really wanted it to. But, he pointed out, the ride became dangerous with the Go-Kart skidding out of control.

In the enterprise context, Barnes pointed out, any system is never going to be as fast as the business users want it to be. That is because any system will need to be reined in by some amount

of controls in order to ensure business continuity.Risks mean different things to different people. At the most primary level, a system’s reliability is a major risk factor, said IFFCO’s Mittal. Mehrotra said he had received some uncommon requests from IT leaders striving hard to contain risks. Since the enormous monsoon floods in Mumbai two years ago, some companies are seeking underground data centers, he said, adding that such centers are fairly common in the United States.

Also, some firms wanted backup office locations a short distance away in the same city where 40-50 people could work, Mehrotra said. This demand, he said, arose because clients realized a situation where the systems were working, and so were the backups, but the offices were not accessible.

Ramachandran then posed a tantalizing question: “Is there an acceptable level of risk?”

Uppal expressed the view that any loss of production, especially something that can be blamed on IT, is an unacceptable risk. Barnes did some hair-splitting, trying to distinguish between ‘acceptable risk’ and ‘manageable risk.’

Ramachandran then concluded the four-man discussion, and brought on four other panelists to continue the discussions on a wide range of related issues. “Does reliability and flexibility come at the cost of efficiency?” he asked the panelists.

Chakravorty said he didn’t believe Ericsson compromised efficiency in any way. “When we manage our subscribers, we do so through our partners who need flexibility,” he said. “We need to meet their governance (and) security

From top: Daya prakash, Head-It, LG Electronics, India; Sanjay Jhamb, Country

manager-BI, Nokia India; tamal Chakravorty, CIo, Ericsson India; K.B. Singh, Head-It, BSES discussed acceptable and manageable risk.


standards and so forth. However, so long as our KPAs (key process areas) are met, we are happy. Flexibility or inflexibility doesn’t impact too much on efficiency,” he added.Mittal pointed out that he has built not just flexibility but also alternatives into his systems at IFFCO, in order to meet contingencies of any kind.

Agree To DisagreeBarnes did not quite agree with the question itself, saying reliability, flexibility and efficiency are not mutually exclusive, only related. “Application is a function of flexibility, efficiency is a function of process,

and reliability is a function of design,” he said. Barnes said the need is to optimize around the three things, and that is a function of budget and costs.“We always struggle with costs. I will have to make tradeoffs, but they will be cost tradeoffs,” Barnes said. “Now that is a business decision, and here is where we technology leaders fail. We don’t talk about business decisions.” In Barnes’ opinion, IT leaders need to hand out information on all the tradeoffs by putting them in a business context, not in the technology context.

It is common for CIOs to talk about IT-business alignment, but when does business begin to align with IT?

Uppal responded first, saying business heads and IT heads at Maruti engage in an annual goal-making process in which KRAs (key result areas) are set for both departments. “Then we monitor them through a steering committee,” he added. Ericsson, Chakravorty said, constitutes IT boards that meet business heads twice a year. They set priorities and take macro-level decisions on issues such as costs and resources. One rung below the IT boards, Ericsson has several ‘councils’, for example, on ERP and security, he said.

Chakravorty also pointed to a ‘pull’ effect on the business-IT alignment from their clients. “For example, if one of our clients shows increased business and seeks an additional thousand people that is business that comes to us, requiring automatic alignment with IT,” said Chakravorty.

Mehrotra touched on an interesting point when he posed the question: can we use innovation to mitigate risk? That turned another question on its head: will innovation lead to higher risk?

“We are still looking at many things very conservatively. We need to look differently,” he said. As an example, he threw up collaboration with partners, and asked: “Why don’t we collaborate? Why don’t we experiment?”

The questions drew varied responses, and set the stage for a focused decision on how strategic outsourcing could be used to mitigate risks. Barnes said cost is the single biggest barrier he faces on any collaboration experiments with external partners. He suggested that external partners such as IBM itself are willing to travel ‘a little distance’ in sharing risks of failures but not nearly enough for him to begin experimenting.

Mehrotra said “IBM has traditionally been more risk-averse than what it should be. But in India, we have a risk-reward model,” he said, citing IBM’s revenue-sharing deal with Bharti Enterprises. “IBM is becoming less risk-averse and finding innovative solutions to risk mitigation,” he said.

Events

5 4 d e c e M b e R 1 5 , 2 0 0 7 | CIO CUSTOM PUBLISHING

CIOs increasingly are driving innovation and competitive advantage, and joining the senior leadership team. This was evident from a survey

by The Center for CIO Leadership, in collaboration with MIT Sloan Center for Information Systems Research (CISR) and Harvard Business School.

“We are at an inflexion point,” said Nipun Mehrotra, IBM’s director for Global Technology Services, India and South Asia. “The CIO’s role is rapidly transforming and there is no recognizing what it might morph into,” he added.

The survey found that 80 percent of the CIOs believe they are valued members of their companies’ senior leadership teams. Also, 69 percent believed they were part of the strategic decision-making process.Where will the ‘strategic CIO’ go from here?The study, which surveyed 175 CIOs around the world,

listed three items on top of CIOs’ agenda. First, performance improvement outside the organization and market expansion; second, developing high-potential IT staff to overcome shortage of talent; and third, extend collaboration achieved in their executive team to the lines of business in their companies.

“If the progress made by CIOs over the last year is an indicator, the prospects look bright to achieve these goals,” the study said. “That would be good news for CIOs, for business as a whole. In a global economy defined by innovative use of technology, the evolution of business is tied to the evolution of the CIO profession.”

Mehrotra said Indian CIOs, in particular, were seeking ways to mitigate risks, manage technological complexity and managing growth.

CIO Role Rapidly Transforming

NipunMehrotra, Director, Global Technology Services, India/SA, IBM


LG’s Prakash wondered what IBM would do if Bharti were to begin making a loss.

Mehrotra pointed out the importance of the investment cycle. “We need to plan six months ahead to manage

growth. If I am off the mark, I suffer; if I under-invest, Bharti suffers,” he said. Mehrotra said IBM has a three-layered governance model that manages these issues, planning for each month, quarter

and year. “I can’t think of a tighter risk-reward relationship in the Indian context,” he said in a reference to the Bharti deal.

Barnes took a different stab at the question of risk-sharing among outsourcing partners. “Strategic outsourcing is not mitigating risk, but merely shifting risk,” he said. “The partners are bigger and better able to absorb the risks,” he added, also referring to the IBM-Bharti partnership.Risk mitigation is a very ‘process-oriented’ planned exercise, Barnes said. “It comes when we start sharing it (risk), have strong governance, (and) use joint resources.” He also drew a distinction between ‘risk management’ and ‘risk mitigation.’ The former refers to how one copes with a certain situation or risk, whereas the latter is prevention, he said. He cited the example of a supplier relationship. Lining up a second supplier is mitigating risk, while it is risk management when one has to confront a situation in which the sole supplier has failed, Barnes said.Chakravorty said risk mitigation can be costly. At Ericsson, he said, most KPAs require 99.99 percent uptime. “However, we have the tools, processes and methods to do it for 99 percent of

the time,” Chakravorty said. “So the risk we assume is about 0.99 percent. We can take that risk,” he added.

The Delicate DanceFinally, Barnes pointed out the unique risks in India — not the lack of growth, but of too much growth, as the economy is in a tear. It is a ‘delicate dance’ and poses interesting dilemmas on outsourcing as well, he said. CIOs need to figure out how much to outsource and how much to keep in-house, he said. Factors such as overall growth, internal growth and high rate of attrition need to be considered, Barnes said.

Uppal said he would outsource anything that was not core to his competitive advantages. For example, he said he would always keep in-house technologies that help Maruti’s shop floor more efficient. It is important to distinguish between what is routine and what is strategic, he said. As Barnes put it, “Keep that sweet spot, which makes me better than anybody else.”

Events

CIO CUSTOM PUBLISHING | d e c e M b e R 1 5 5 5

From LEFt: S.C. mittal, Exec. Director-mgt Services & It, IFFCo; Brian t. Barnes, Vp-technology, American Express, India; rajesh Uppal, Chief Gm, It & Sales & Dispatch Division, maruti Udyog threw light on startegic outsourcing.

The unique risk in India is not the lack of growth, but of too much growth. The economy is tearing."

— Brian t. BarnesVP-Technology, American Express


ProcessTriP

ProcessTriP

By Laurianne McLaughLin

Declining sales. Cost pressure. Customers who wanted change, fast. Maritz Travel's COO tells how a group travel giant facing all of these pressures revamped its business processes, and how business and IT came together to make the effort pay off.

essbusiness and IT came together to

By Laurianne McLaugh

Feature.indd 56Feature.indd 56Feature.indd 56Feature.indd 56Feature.indd 56 12/14/2007 4:03:15 PM12/14/2007 4:03:15 PM12/14/2007 4:03:15 PM

It wasn’t pretty.“We had some serious systemic issues,” says Phillips.Post 9/11, bookings had declined in every area of the travel

industry but travel for corporate meetings and group travel — which is Maritz Travel’s specialty — had been hit especially hard. For many companies, holding meetings in far-flung locations, flying employees around the globe is a matter of choice, not a business necessity, and thus a highly controllable expense. If a company was going to spend travel money, it was going to want more, a better return on its investment. Consequently, Maritz had to find ways to innovate and grow in an environment in which its customers were acutely cost-conscious. Plus, Maritz’s customers wanted new levels of service and they wanted them now. Phillips knew Maritz had to change, and change fast.

Turning The Ship AroundIt’s no small matter to change business processes, let alone change them quickly. The challenge becomes even greater when you’re big and complex. Known as the global leader in its category, Maritz Travel represents the biggest business unit in the Rs 4,000 crore-plus privately-held Maritz. Every year it helps send hundreds of thousands of people on trips including conferences and incentive travel vacations on every continent.

Phillips, who started his professional career with a 10-year stint in IT at Citigroup Mortgage and several divisions within Maritz, began his makeover with a value-stream analysis to map the business and identify what was working and what wasn’t. “We had process issues that needed addressing,” he says. The first big one? “I had process integrity issues,” he says. “There was no link from one phase to the next. The market was shifting. Our customers wanted our cycle time improve,” he says.

Phillips first turned to a data repository initiative to tackle the disconnects in the company and to address new Sarbox-related compliance needs. This led him to a business process management (BPM) revamp beginning in July 2006.

Today, BPM isn’t just a project at Maritz; it’s an ongoing way of life, with a continuous improvement team staffed by IT and business-side execs churning out process-related changes on a monthly basis. “From selling to billing, everything we do is now touched by BPM,” Phillips says.

To date, the process revamp has helped reduce Maritz’s overhead costs by more than 10 percent. “This has allowed us to improve profitability while simultaneously increasing client-facing resources as a percent of our total expenses,” Phillips says. His keys to BPM success? For starters, ensure a tight IT and business relationship. And think big.

“I’ve observed many BPM projects that dealt with a subprocess, like recruiting candidates or billing,” he says. “We went wide. For example, we looked at how our organization delivers to clients. Then we went deep.”

If you get bogged down in subprocesses too quickly, he warns, you’ll miss your overall goals.

BPM in An erp environmenTIf Maritz’s need to change business process quickly strikes a resonant chord with you, you’re not alone. BPM has become one of the most important decisions for CIOs and their C-level peers right now, says Sharyn Leaver, VP and Research Director at Forrester Research. Now that companies have invested millions in ERP implementations, upgrades and overhauls with software vendors such as Oracle and SAP — and in many cases have built their core business processes around those products — they’ve learned that this kind of software cannot be customized easily or quickly.

But business will no longer sit still for long development cycles. Business-side execs simply demand that IT provide them with the ability to change quickly in order to respond to markets and customers that also demand speedy change and delivery.

This is not a matter of one-off fixes. “It’s not even just a question of how customizable the software can be,” Leaver says. “It’s about how flexible it can be for eternity.” That’s why more and more businesses, like Maritz, are using BPM software to put a 'wrapper' around key processes.

What kinds of business processes merit this approach that Leaver took?“Firms are using BPM to wrapper existing apps for processes that require a high degree of flexibility and really differentiate them from the competition,” Leaver says. Some examples include proposal generation, customer service, order management, claims and dispute processing, and new account opening. In other words, key processes that directly touch customers.

When Rich Phillips became COO of Maritz Travel about two and-a-half years ago, he sat down and took a hard look at the about two and-a-half years ago, he sat down and took a hard look at the big industry picture.big industry picture.

Business Process Management

Reader ROI:

How to begin a BPM initiative

Why baseline metrics are essential to success

Why big goals work for BPM

reAL Cio WorLD | d e c e M B e r 1 5 , 2 0 0 7 5 7Vol/3 | issUe/03

ill

Us

Tr

aT

ion

by

Un

nik

ris

hn

an

aV

Feature.indd 57Feature.indd 57Feature.indd 57Feature.indd 57Feature.indd 57

Companies may be able to wait for their big-package vendors to 'get' BPM within the next few years; according to Leaver, those vendors are working on it now. But to truly deliver on the flexibility promise of BPM, the big package vendors must undertake pretty massive architectural shifts, which will take years, she says. Not all processes require great flexibility. “Accounting is the perfect example where there are no points for creativity,” she says.

Or as Maritz’s Phillips puts it, “A lot of vendors dabble on the side with [BPM]. We looked at the massive package vendors but they weren’t even close to what we wanted to do.”

Maritz couldn’t wait. One of the company’s keys to success is customer loyalty. Some customers have been using Maritz for 30 years, and the company’s annual renewal rate tops 90 percent. Those loyal troops were demanding that Maritz get more nimble and how loyal they’d remain if Maritz didn’t was an open question.

it's ABout AlignMent — AgAinThe initial push to revamp business process at Maritz started with the business side, Phillips says, “but we did it in partnership with sales, operations and IT.” (Phillips emphasizes the importance of

getting sales to the table from the very beginning. Remember, he says, it’s all about the customer.)

But at the start of the BPM effort, Phillips, like so many before him, had to confront the seemingly ubiquitous and frustrating disconnect between the business and IT. “IT wasn’t siloed, but it was parallel,” he says. “We didn’t have a tight coupling between business and IT.” It wasn’t a simple vocabulary problem: the business just had stopped communicating well with IT.

To begin fixing the disconnect, Phillips “spent a lot of time telling the story of what challenges we faced and, more importantly, what opportunities we had. We really got to where we had shared forums with business leaders, process leaders and IT leaders. Along the way, we learned about the talent of the IT organization that we could capitalize on."

“We established an organization called continuous improvement,” Phillips says. “We put one of our best business leaders in charge of that, one I knew had organizational credibility and respect and had demonstrated an ability to collaborate with IT.” This group established regular meetings to discuss governance and key projects.

“Having the right person in the right place…it’s amazing how things can progress from there,” he says.

Phillips signed a deal with Lombardi Software, choosing its TeamWorks platform for the BPM

revamp. Ninety days later, his team started rolling out process changes.

After strAtegy, TACTiCSRemember: Phillips believes that thinking big is a key to successful BPM. Maritz starts with a macro process, such as selling, then tackles subphases, such as quick turnarounds on projects, contract building and dealing with outside suppliers. Phillips and his team do major releases every quarter, minor releases every month.

A major release might address an entire subphase, “say, how we link in the participant management function,” Phillips says. Martitz’s participant management staffers book the air and hotel travel, handle questions from the people attending the trip and so on. “A minor release might deal with a portion of our contract process or pricing process,” he says.

“We’re also identifying softer benefits,” Phillips says. “It used to be harder to bring in employees to use our new systems. Now it’s much more intuitive, and people have crisper access to the right information at the right time to do their jobs.

Business Process Management

Vol/3 | issUe/035 8 d e c e M B e r 1 5 , 2 0 0 7 | reAL Cio WorLD

1Think big. “it’s critical that people think about the big picture,” says Phillips. Don’t start with a narrow problem like ‘our contracts need to be written faster.’ start with

‘how do we sell?’

2Get business sponsorship. and get it at a high level. “it’s just imperative,” Phillips says. “you will run into bumps along the way.”

3Don’t forget the change factor. That’s especially true if your company has a culture that praises people for solving problems in idiosyncratic ways. “shifting to process

management as a methodology for defining how a business operates involves subtle but important business shifts,” says Phillips. “People doing things uniquely may not be better. We’re now taking fighting fires capacity and focusing on customer issues.”

4Plan to communicate and communicate the plan. stress what the process changes will mean to customers. “i really encourage business leaders to talk about how they are

going to communicate the new culture and how it’s beneficial to clients,” Phillips says.

5Focus on the end user. iT should pay more attention to customer services than the systems involved in the bPM revamp. “once we had a common purpose, a common

strategy, we had a sense of team and kinship,” Phillips says. he advises iT execs to think through the challenges and applications for the business and align the bPM effort with that.

— l.M.

Maritz Travel coo rich Philips shares keys for bPM makeovers:

5 Tips forBPM Success

Feature.indd 58 12/14/2007 4:03:16 PM

The process revamp has helped Maritz staffers not only find the right information faster, but also, spend more time on activities that add value for clients, Phillips says. “Our people needed to find the right forms, retype information into these forms, distribute these forms [via e-mail], then ensure that form updates made their way to all of the right people [internally, external partners, clients],” he says. Now the company prepopulates those forms. “We also serve up those forms to people at the right time to ensure process integrity and timely information distribution,” he adds.

A final deployment strategy that Phillips recommends is to establish what he calls 'distributed ownership teams' for a BPM revamp. That means having business people reporting up from the trenches, helping shape what needs to happen in those major and minor releases and then helping communicate the benefits of the proposed changes for customers back to the work groups.

This arrangement can be thought of as a change management best practice, eliminating some of the 'us vs. them' tension endemic to any transformation, large or small. the BPM roiHow is the process revamp paying off? According to Phillips, since the BPM effort began, Maritz has improved its customer quality indicators while reducing overhead. “Some of our cost ratios have improved between 8 and 24 percent,” he says. “That’s important since our industry is becoming increasingly cost-competitive.”

Overall, he notes, Maritz’s process is now “keyed more to where parts are in the pipeline than to people.” This helps him spot trouble more quickly. “I can see cycle time issues and reduce time to clients,” says Phillips.

meASuremenT is everythingThe BPM work at Maritz won’t be finished anytime soon; this is a project without an end date.

As for measuring and evaluating those improvements, that’s an area where Phillips advises CIOs and COOs to be careful. Phillips now says he wishes he had established key metrics and ways to capture the information earlier in the project.

“We plowed ahead lightning fast on the process side,” he says. “I should have created ways to grab crisper benchmarks.

Also on Phillips’s current to-do list, Maritz has implemented measures to improve cash flow and will look to BPM to strengthen that effort. “What we’re planning to do in BPM is to make people more aware of the major cash events within a cycle. That just saves the running around that can occur,” Phillips says. “We deal with some pretty big checks.” Ultimately, he says, Maritz wants to complete what he calls the holy grail of BPM: “We’d like to link our processes to supplier and customer processes.”

According to Forrester’s Leaver, that’s exactly what many customers are demanding — another reason BPM is rising higher on CIOs’ agendas.

Did Maritz’s customers demand process links? Not in so many words. Customers may be unhappy without realizing that their unhappiness stems from the fact that their processes don’t match up with a business partner’s processes. “What we saw was pain,” Phillips says. “As we tested the story with our clients, they were resoundingly supportive. This is a wave BPM can and must address,” he says. Cio

Send feedback on this feature to [email protected]

reAL Cio WorLD | d e c e M B e r 1 5 , 2 0 0 7 5 9Vol/3 | issUe/03

Why did Maritz Travel chose lombardi software’s TeamWorks

platform for its bPM revamp? rest assured it wasn’t the technology. according to Maritz coo rich Phillips, it was because lombardi showed a firm grasp of the business strategy issues.

The bad news for iT execs is that being a software selection pro won’t help you much with your bPM projects. a bPM effort, as Motorola cio Patty Morrison says, is not about tools, it’s about process. you can pick the most

technically sound bPM tool in the world but what really makes bPM

go, according to Morrison, is a combined effort by iT and

business to

examine process, then reshape process and culture.

Phillips agrees, saying, “it’s important to pick a provider that really understands process and transformation and has an aligned road map."

“i know the software giants will eventually figure this out, but this requires a different way of thinking,” he adds. “The phase 1 implementation is really irrelevant. it’s what you learn from phase 1 to make phase 2 and phase 3 better.”

some iT execs may wonder why they should trust a smaller vendor when addressing their company’s most critical processes but the reality, leaver says, is that saP and oracle may be a

couple of years away from being able to help you with bPM.

saP’s new hosted erP suite for mid-market customers, business byDesign, has a business process engine, she notes, but that’s a brand-new product. so, you’re not going to get feedback from peers on how it’s working so far. There’s a comforting reality right now for iT departments charged with wrapping key business process using a bPM platform, leaver notes: Virtualization can help.

Virtualization, already high on the list of most companies’ technology priorities, lets iT simplify and speed up development and testing of the bPM releases, safely.

—l.M.

How to Pick Your BPM VendorBusiness Process Management

Feature.indd 59 12/14/2007 4:03:16 PM

CRM's Integration BluesBy Galen Gruman

CRM | Software as a Service (SaaS) has gone beyond the realm of rogue deployments, and CRM software, most notably Salesforce.com, has led the way through the enterprise front door. IT pros have learned plenty about the pros and cons of on-demand CRM. Among the lingering concerns: can you make Salesforce.com and other on-demand CRM apps play nicely with your ERP and other core systems? How much work and what arrangements will this integration require? Results still vary.

Calvin Do, CIO of color equipment manufacturer EFI, knows firsthand the limits of SaaS integration to enterprise processes. For example, he's discovered that SaaS providers don't typically support single sign-on, an obvious enterprise need. And they often don't support APIs of other enterprise applications, at least not out of the box. For example, connecting Salesforce.com to Oracle and SAP applications requires buying additional connector software or creating your own connectors via Web services. The limited cross-vendor integration is why Do initially restricted his SaaS deployments of Salesforce.com and talent management application SuccessFactors to department-level applications. (He later added

On-demand applications

like Salesforce.com have many advantages, but

can they integrate easily with your

other core apps? Results still vary.

technologyessential From InceptIon to ImplementatIon — I.t. that matters

VOl/3 | ISSUE/036 0 d e c e m B e r 1 5 , 2 0 0 7 | REAL CIO WORLD

Essentisl Tec.indd 60 12/14/2007 12:52:44 PM

an enterprisewide deployment.) In the department-level applications, integration is handled at the data-exchange level and via simple API calls to trigger, for example, a data upload and the related process.

The trick: don't let on-demand CRM's advantages blind you. Enterprises must carefully consider the scope of their on-demand CRM goals and whether potential software has the integration capabilities to fit with the larger software portfolio.

"You can't simply outsource CRM. It will ultimately need to integrate into your people, processes and technology," says Isher Kaila, research director for CRM at Gartner. "Only a minority of implementations out there have gotten this [trade-off] right," he adds.

Where On-Demand WorksA primary advantage of on-demand CRM continues to be that IT needs to expend little effort to deploy, maintain or integrate the application. Typically, the vendor does most of the work at its site: maintaining the

code base, managing the servers, handling security and ensuring availability. This reduced effort also means business units don't have to wait long to get the CRM functionality in place. That's a powerful incentive for many CIOs trying to satisfy backlogs of user demands.

Still, on-demand CRM software doesn't work for everyone since it cannot be customized for complex business processes, says Gartner's Kaila. (It can be configured, of course, within the bounds set by the vendor.) Furthermore, on-demand CRM

software is typically less capable than self-hosted applications, even when both come from the same vendor, Kaila notes.

And CIOs should note that although Salesforce.com, NetSuite CRM, and SugarCRM use the CRM label, their functionality focuses on the sales-force automation capabilities such as contact management and sales tracking, a subset of CRM functions. Other applications hosted in-house tend to do the heavy lifting of transaction management.

For many CIOs,that's a good thingFor example, E-LOAN realized that its

mortgage loan transaction management system was highly efficient, tracking all the details of each customer. But the roughly 150 mortgage loan officers needed a framework for providing proactive loan status updates to customers, recalls CIO Jay Shah. So Shah deployed Salesforce.com as the online lender's 'communications system of record,' using straightforward data feeds from the transaction system to Salesforce .com to keep all customer contact records updated. No programming was required in

Salesforce.com, just configuration to pipe data updates from the loan transaction system to Salesforce.com.

Loan agents could now have a customer's current loan status available in the same application they used to get the customer's contact information and display their calendars. Also, E-LOAN could now create business rules within Salesforce.com to alert loan agents when deadlines were nearing. Even better for Shah, those rules could be written by business analysts so IT staff could work on other projects.

At emergency medicine management firm The Schumacher Group, Salesforce.com is also integrated with other software through data exchange. But in Schumacher's case, Salesforce.com is the primary source of data rather than a consumer of it, notes CIO Doug Menefee. Placement staff members use it to track physicians and other healthcare providers' contact information and availability, as well as information on candidates they're trying to recruit. The hiring and assignment data are then uploaded nightly to an SQL database that the company's Oracle PeopleSoft resource management software uses to validate contractors' licenses, insurance coverage and specialties.

As these two deployments show, integration is easiest if the SaaS application can do its job alone, then batch-update other systems with its results.

Calling All Core AppsAlthough integration solely via API is easy, this approach limits the ability to integrate SaaS applications into broader enterprise processes. And as on-demand CRM applications do interact with core systems, the integration issue will be harder to avoid, notes Chris Barbin, CEO of the SaaS consultancy Appirio. He sees CIOs now beginning to realize this: "A lot of existing Salesforce.com customers are looking to migrate off Siebel, Clarify

On-demand CRM software doesn't work for everyone since it can't be customized for complex processes. Furthermore, it is typically less capable than self-hosted applications, even when both come from the same vendor.

On-demand applications

will garner an expected

14%of crm sales

in 2007source: Gartner

ESSEntIal technology

REAL CIO WORLD | d e c e m B e r 1 5 , 2 0 0 7 6 1VOl/3 | ISSUE/03


and Vantive," Barbin says, turning from using Salesforce.com as a contact manager and sales reporting tool to using it as an extension of the core enterprise apps. "That's a big issue because now you have to integrate Salesforce.com into your financial system and your master customer data," he says.

Integration limits in an on-demand CRM app can truly hinder your options. Research firm Common Sense Advisory found this out the hard way. It licensed Salesforce.com's professional edition and later wanted to integrate it with Constant Contact, QuickBooks and MySQL. "We called customer support about the API, which, it turns out, is available only with the Enterprise or Unlimited (Salesforce.com) editions," says Don DePalma, president of the firm. And those editions cost Rs 60,000 to Rs 96,000 per user per year, compared to the roughly $700 that Common Sense had been paying. He ended up dropping Salesforce.com.

On the other hand, where SaaS applications are accessible via their own APIs, the fact that SaaS applications are unchangeable benefits IT, notes EFI's Do. It's harder to do in-house hacks that later complicate maintenance, upgrades and support. "SaaS forces you to be disciplined; you have to use the APIs to do your integration," he says.

Dan Tabori, executive VP of business operations at Prudential Locations in Hawaii, has taken advantage of the APIs in NetSuite CRM to integrate it with his real estate brokerage's financial systems and customer Web portal. "Three years ago, we realized we needed to centralize all client data, not just property data," says Tabori, whose duties include the CIO role. Tabori wanted more than a contact manager; he wanted a portal that agents could use for managing both their clients and transactions.

The firm uses Fidelity National Real Estate Solutions' DPN software for the financial transactions, and a homegrown Web portal to help clients search for homes. To make all three applications work together,

Tabori's IT staff uses NetSuite's APIs to invoke tasks within the CRM software, such as sending an e-mail survey to a customer once a transaction has occurred in DPN. He also uses the APIs to request tasks of other applications, such as registering a new client within the Web portal. For the other two applications, Prudential Locations uses a combination of Web services and JavaScripts to access particular functions.

Web Services Prove KeyMost CIOs who deploy on-demand CRM should expect to use Web services as the primary integration mechanism across applications. Web services APIs are now common in current versions of both traditional and on-demand applications. Web services based APIs provide a common framework for accessing various applications' capabilities. The use of Web services also discourages the use of custom code that requires ongoing maintenance once deployed. But not all functions are

exposed as Web services. The reliance on Web services does require a different kind of developer than many IT shops have, says Schumacher's Menefee. That's why he maintains two development staffs: one that's experienced with custom code to handle the traditional applications, and one that's experienced with Web services to handle modern applications and SaaS applications. But he mixes them up to ensure that developers can work with both types of applications.

The key to successful use of on-demand CRM is understanding the integration needs up front at the business process, technology infrastructure and application portfolio levels, says Tina Phillips, a principal at Deloitte Consulting. "Unfortunately customers still typically see it as a Band-Aid." CIO

send feedback on this feature to [email protected]

ESSEntIal technology

If you're running a successful business, you're doing a good job of customer relationship

management. It's not about the software. that's not to say that CRM doesn't matter. It just means

that, in the past decade, the technology industry has been trying to automate something that can

only be automated to a certain extent. as SaP launches its latest CRM product and Oracle tightens

its lineup with that of its subsidiary Siebel, it seems like a good time to take progress check. CRM's

evolution has been stunted by the missing link that we call the human mind.

One of the unique features of the CRM market is a backlash against research companies, who

cited failure rates of 80 percent so often that consultants and vendors started nit-picking about

the methodology behind that number. the failures weren't CRM problems, they whined, it

was the way salespeople used it. the e-mail stuff worked better than the call center stuff, they

pointed out. anecdotally, from all the case studies vendors pitch, CRM projects don't exactly

top the list.

If CRM did what it's supposed to do, it would look a lot more like a feature set of business intelligence

software. It would tell you not only what your past history with a customer was but how your

business with that customer will or will not grow over the next year. this could be why the kinds of

people that built their livelihoods around CRM a few years ago, are now focusing on master data

management, which handles not only the information about customers but about products and

other metadata. Maybe the power of social networking technologies will improve these products

and spark a CRM renaissance, but It managers can be forgiven if they are pessimistic. the tidbits

we manage to route through a CRM system are what a good salesperson would have gleaned if they

did their homework before meeting an important client. CRM is not a product. It is a discipline which

could be part of the core competency of every enterprise.

—By Shane Schick

CRM product evolution stunted

VOl/3 | ISSUE/036 2 d e c e m B e r 1 5 , 2 0 0 7 | REAL CIO WORLD


Shaping the FutureTwo new things define the foundation of innovation and agility this century: women and rich media.By Michael hugos

Pundit

InnovatIon | Blah, blah, blah… Agility, blah, blah… Listening to myself talk about innovation and agility I remind myself of politicians talking piously about family and national security. I feel myself drifting into that dead zone of boring platitudes and mind-numbing clichés.

In an attempt to avoid the dead zone and understand what makes innovation and agility possible (and why we should care), I’ve been doing some thinking lately. I’m an amateur historian so I can reel off historical facts the way other guys who are experts on sports can reel off team statistics. I’ve got a pretty good grasp on

the broad outlines of world history of the last 5,000 years or so; and there are two totally new things happening right now that have never happened before. I believe these two things are the foundations of 21st century innovation and agility.

The first new thing is global delivery of real-time feedback via rich media like streaming video and moving 3D graphics. The second new thing is full and equal participation of women in politics and business.

I know a bit about the first thing because that’s the realm of IT and that’s

what I do for a living. On the second thing, I don’t know much so I’ll confine myself to just a few remarks before moving back to discuss the first thing.

It’s not that women are any smarter than men (although they might be); it’s that they see the world from a different perspective and we need both the female perspective and the male perspective to see the world clearly; just as we need two eyes to see the world in three dimensions. It’s not that one eye is better than the other, but you can’t have true depth perception without the stereo vision that comes from two eyes — from two separate views.

Regarding the first thing — global delivery of real-time feedback via rich media — this means we as a whole planet can, for the first time see ourselves as we actually are and see the consequences of our actions as they actually happen. It means we can also test out different courses of action in simulated worlds built from real-time global data feeds.

It also means that we can learn from mistakes made in virtual worlds without suffering the consequences of making those same mistakes in the real world.

This is profound and extremely hopeful. With this we can learn a whole lot faster than ever before. And since all agility and innovation is based on learning, the faster we learn, the better we can innovate and be agile.

It’s become obvious that things are going to come to a head in our lifetime, not in our children’s lifetime or our grandchildren’s lifetime. As the saying goes, 'There’s nothing like a hanging in the morning to focus the mind.' In the coming years we’re actually going to have to figure out how to deal with global warming, what to do about

other countries wanting nuclear weapons. We’re going to need lots of innovation and agility to navigate through the next 40 years. IT provides one of the two new things that give us what we need to rise to this challenge. CIO

Michael hugos is a partner in agilinks, a software

company specializing in agile supply chains. he is former

cio of Network services and author of essentials of

supply chain Management. send feedback on this

column to [email protected]

Real-time feedback means that we can learn from our mistakes a whole lot faster. And the faster we learn, the better we can innovate and be agile.

essenTiAl technology

Vol/3 | issUe/036 4 d e c e M B e r 1 5 , 2 0 0 7 | REAL CIO WORLD

ET-Pundit.indd 64 12/14/2007 12:53:39 PM

Documents

December 15 2007