Most IT strategies start at the same point: obtaining a clear understanding of the business requirements and then assessing the strengths and weaknesses of the current IT situation against them. This is logical and well understood. However this, of course, constitutes only half of the well-established ‘SWOT’ analysis.
What is sometimes missed is the carrying out of the second half of this analysis; an assessment of the opportunities and threats resulting from the proposed strategy.
Every organisation is different and therefore the detail of every IT strategy will be unique. Nevertheless, it is possible to highlight areas of opportunity and risk that are commonly found and these can act as a starting point for this analysis. Considering these points will not only help ensure that the strategy has considered all the significant issues, but should also significantly reduce the likelihood of the strategy failing to deliver.
Opportunities
Does the strategy bring new ideas and opportunities to the organisation as a whole?
The process of developing an IT strategy tends, by its very nature, to be rather reactive, with the focus on assessing what the organisation wants and then defining (albeit possibly in innovative ways) how it will be delivered. However, as part of the process, it is also worth taking a look at potential opportunities that IT might be able to bring forward to the business rather than as a result of what the business says it wants.
Typical examples of this might include opportunities around the internet of things or developments in big data where the thinking in the IT world is frequently of the mainstream. Illustrating such examples may not be core to the IT strategy but it does serve to demonstrate IT’s engagement with the organisation as a whole and the potential IT has to deliver added value.
Does the strategy fully embrace the opportunities to improve the way IT is delivered?
It’s easy for an IT strategy to be over-focused on the new technologies and the projects that IT will be delivering for the business.
It is also important that IT takes a look at itself and assesses whether there are opportunities to improve how it operates and where service quality can be improved or costs reduced. This may include considering areas such as moving services into the cloud, making organisational or governance changes or implementing better processes. This helps to demonstrate IT’s commitment to continuous improvement and to delivering efficiencies to the organisation as a whole.
Does the strategy include an assessment of opportunities for the CIO to improve their or their department’s position?
‘What’s in it for me?’ is a question people can be awkward about asking, but it is nevertheless a valid one. There is certainly nothing wrong with a CIO considering whether the strategy could open up opportunities for them to do their job more effectively and to increase the contribution that they can make to the organisation. The sorts of topics that might fall into this category could include:
- Should the scope of the CIO’s responsibilities be broadened to formally include, for example, business change (relevant if the organisation is embarking on an aggressive change programme and this area is not covered elsewhere)?
- Should the CIO have more input into business strategy development (where the IT strategy highlights a strong interdependency between the business plans and IT)?
Given the nature of these questions it may be appropriate for any detailed discussion on them to be carried out outside of the overall IT strategy process. Nevertheless, the development of the new or updated IT strategy presents an ideal opportunity for them to be raised.
Risks
Does the strategy align to the culture of the organisation or consider how cultural barriers to its delivery can be overcome?
Cultural change is often a weak area for organisations. The IT organisation can fall into the trap of saying: ‘we just deliver the technology; it’s up to the business to work out how to use it’, but this leaves huge risk that a strategy will fail, often with IT (fairly or not) being blamed. It is therefore vital that likely cultural obstacles are highlighted as early as possible and it is made clear whether addressing them is or isn’t seen as part of IT’s job.
For example, a mobile working initiative is at least as likely to be unsuccessful because of resistance amongst staff to working that way or lingering ‘traditional’ management practices, as from technology problems. Similarly, an organisation with a ‘seat of the pants’, gut instinct, decision-making culture will struggle to derive benefit from a major investment in data analysis, however good the technical implementation.
Has the strategic vision been limited by constrained thinking?
Confirmation bias is a fascinating aspect of psychology, dealing with the inherent human tendency to seek or give preference to evidence that supports their existing beliefs. The whole scientific method has been developed to overcome this behaviour. Unfortunately, IT strategies, although they should always be logical, are rarely totally scientific.
It is therefore vital to stand back once the strategy has been drafted and attempt to take or obtain an unbiased view on what has been proposed, for example through an independent review.
If, for example, the option of moving to the cloud has been rejected, it is worth asking the question: is this really because it is not appropriate to the needs of the business, or is has the thinking been clouded by discomfort with the impact this could have on the role of the CIO and the IT department? It’s not easy, indeed it’s probably not possible, to be completely open-minded and dispassionate about these issues but, if an IT strategy is to deliver real value, it is vital to try to play devil’s advocate and to be open to challenges in this area.
Is the plan for the implementation of the strategy realistic?
IT strategy development is a creative process and, in defining all great new things that are planned, it is very easy to get carried away. It is therefore always important, before the work is completed, to really consider whether what is planned has both adequately covered all the issues and is achievable.
Strategies often propose more change that an organisation can absorb in the time planned, which inevitably leads to failure. Another vital area is security where the scale of the effort needed to address the various threats, both ongoing and related to specific initiatives, is often underestimated.
The specific issues raised in this article are of course not exhaustive and, depending on the nature of the organisation, many others may exist. However, whatever the risks and opportunities identified, an assessment of the opportunities and threats is an essential final step in the creation of an IT strategy.