'IT used to be about all things techie but things have changed, particularly over the last five years. It used to be a case that some IT groups would turn managers away claiming they were not professionals, but attitudes have now changed' remarked Colin Thompson, former deputy CEO for BCS, during his opening speech at a recent IT function conference in London.

The conference centred on examining the function of IT within an organisation and how it is aligned within the business.

According to the panel of speakers the top ten concerns for IT executives were:

  1. IT and business alignment;
  2. Attracting, developing and retaining IT professionals;
  3. Security and privacy;
  4. IT strategic planning;
  5. Project management capability;
  6. Introducing rapid business solutions;
  7. Speed and agility;
  8. True return on independent IT investment;
  9. Measuring value of IT investments;
  10. IT governance.

According to research performed by Gartner, in order to develop projects that further enable business growth it is essential to link business and IT strategies together. Improving the quality of IS servicing delivery was dependant on the particular industry you were part of.

A lack of clear goals

Companies frequently don't know their own business goals or requirements, and need to allow more room for innovation to grow, even if it's on the periphery of the organisation. One speaker described the role of organisational architecture as 'an informed advisor to the inner circle of organisations and was something that was rarely formalised but provided food for thought'.

In most organisations there is a rolling cycle of centralisation and decentralisation which the IT function should follow. If this process is too inflexible there is a tendency for the organisation to 'go polar' and move towards decentralisation.

The IT function faces enormous pressure to change and is often seen as not good value for money, and just providing a service; a point of view posited by Nicholas Carr in his now infamous book 'Does IT Matter?' In fact, IT is often shaped by business and user pressures, along with technological and environmental challenges. IT departments up and down the land are frequently asked to provide quicker and cheaper services without losing quality.

Business has to learn to understand what is possible in IT and provide more explicit direction on business approach and priorities. However, organisations have to discipline their own behaviour and encourage more cooperation with the IT department.

Business has to address complexity head on and engage in governance and management responsibility, which includes making uncomfortable choices. For example, on shared services and applications.

IT difficulties frequently faced by companies:

  • Listening to technology and be informed by globalisation dynamics;
  • IT governed as a strategic portfolio by relevant stakeholders;
  • IT led by a credible CIO;
  • Disciplined mixed sourcing strategy management;
  • Having sufficient business maturity to manage IT as a strategic resource;
  • Retaining specific key IT capability;
  • Ensuring key supplier capability;
  • Ensuring core organisational project management capability.

According to Dr Carsten Sørensen 'the future technological landscape will be shaped by businesses learning to unpack innovation using IT and by trying to classify what it's good for. IT should be a productivity booster, amplifying business strategies and improving communication and should be heavily integrated within an organisation'.

He went on to say 'Greater competition is creating greater pressures for companies to improve services. This means organisations have to really focus on delivery of their service and are forced to constantly innovate in order to stay ahead of their competitors. Many find efficiency is increased through standardising and streamlining, but this only works if they correspond to what the customer wants. However, some flexibility is required as most companies don't always have standard problems'.

One woman jokingly claimed that Amazon knew her better than her husband because of the way it had built up a profile of her based on her online shopping tendencies. Although this is an extreme example it reflects the way in which business intelligence is extremely important these days and that IT is often key to providing this to companies.

Today those who work in IT face often polarised roles; those who have a technical role and those who act more as a facilitator for business change. Between these extremes are a growing number of IT skills, mirrored by SFIA's increase in skills types from four to 77.

Traditional IT skills such as service development, security, IT infrastructure and systems development are now being joined by information management, business change, IT architecture and strategic planning.

Professionalism and the role of the CIO

The BCS Professionalism in IT Programme, which was set up approximately two years ago to help achieve a more professional approach within the industry, needs to be defined in terms of its ability to help business processes, from start to finish.

Its aim is to educate organisations that IT is integral to their business and that IT professionals need appropriate non-technical skills in order for them to better understand that relationship.

Information management is the essential core of professionalism, which in turn leads to greater emphasis on accreditation, and increases personal responsibility on the part of the practitioner.

Over recent years there has been a changing role of IT within business with 83 per cent of CEOs and board members seeing the need to drive IT forward. To do this it is essential for organisations to employ a good CIO, one with the right skills, including:

  • Professional - methodologies/ethics;
  • Business - processes, commercial;
  • Interpersonal - skills, behaviours;
  • Technical - technologies, tools;
  • Management - staff, tasks.

Surveys in the past have shown that personal skills are most valued in CIOs but these are frequently lacking. They were also found lacking in business skills, but these were deemed less important. Managerial skills were seen as having secondary importance with professionalism a close third.

CEOs need to have a good attitude to IT and include at least one IT specialist (usually the CIO) within their top team. CIOs should be able to demonstrate good IT knowledge and experience and not just be a figure head for that department.

The issue of having a CIO competency framework where CIOs could be assessed to see their strengths and weaknesses was raised at the conference. It was felt that a good CIO needed to be able to establish direction, build commitment and deliver suitable outcomes, in the same way that any manager should. They also need to be tenacious, self reliable and future focused.

Governance and compliance

Governance was defined as 'specifying the framework for decision rights and accountability in order to encourage desirable behaviour in the use of IT'. Those attending the conference agreed that there is a need for stronger IT governance within the industry.

It was felt by many that IT has never been so important but there is now less control over it than ever before. As IT migrates outside, organisations need to corral complex and rogue behaviour.

IT governance (e.g. COBIT, ITIL®, and COSO) is strongly linked in with compliance via SOX, the Patriot Act, and many other forms of legislation, but too much governance becomes a costly 'tick box' exercise. For example, the average bank will need between £15M and £25M to successfully follow through with an IT- related compliance programme.

Unfortunately, so called 'hedge-fund' companies don't understand the importance of IT and rarely consider going down the governance route due to the amount of senior management time they would have to commit to the project. This lack of commitment to governance and in turn compliance often results in disparate IT systems which are ineffective.

IT compliance in the financial services promotes shareholder and customer value and confidence and helps avoid financial scandals, such as Enron and WorldCom. Compliance also helps innovate business processes and improves the integrity and management of data flows.

It also facilitates adherence to the Financial Services Authority (FSA) initiatives which are principally based on regulation and trading. Compliance has become much more visible during the last five years, through government regulations, various institutions, including the Compliance Institute, and in universities, in the form of compliance modules. In fact the Compliance Institute is developing modules to cover the knowledge required for new and existing roles.

Key regulatory initiatives include Basel II, MiFID, 3rd EU MLD and the Sarbanes - Oxley Act. Basel II focuses on complex financial risk calculation and methodology, while 3rd EU makes sure people are who they say they are. It is because of regulations such as these that the numbers of FT compliance staff has increased massively creating a huge industry all of its own.

Package compliance solutions are increasing in number and are often confusing, while risk systems are growing and F2B compliance change is very difficult, which in turn creates the need for more specialists in these areas, even though compliance education hasn't yet been formalised. In fact, for the most part, there is no coherent process to deal with compliance strategies.

Current literature suggests that no single technology or vendor can provide an IS arch which is conducive to compliance and so a multitude of systems and technologies collectively are needed to do this.

Mapping IS to generic processes is universally supported, while ensuring relevant IS personnel are there is not. There is, therefore, greater need to analyse IT governance processes and monitor compliance processes. Compliance should be seen as an outcome and as a value driver, not as a function.

Conference 'breakout' sessions

Future technology landscape and impact

One of the breakout sessions asked 'what technologies are buzzing at the moment?' One delegate suggested there seems to be a return to the use of mainframes, particularly in banks - another participant supported this claim having recently worked on running Java on a mainframe for just this purpose. Virtual desktops are also being increasingly implemented and remote login facilities are becoming extremely popular.

It was felt that giving people email and mobile devices makes them more efficient but not necessarily more effective as they might still contact the wrong people. Unfortunately, very little in the way of controls have been implemented to this technology, in particular email technology, which can lead to structure overload.

There is also frequently a mismatch between what customers want and what organisations can afford to deliver. Customers want symmetry and easy connections which organisations often can't afford to give them. Companies, therefore, need to better mediate relationships within technology. At the moment it's easier to install email than it is to install a good workflow system.

The World Wide Web is just one standardised method for publishing on the internet. However, just putting in collaboration tools in place won’t be enough to solve the problem.

Companies often get it wrong by computerising things which don't need computers and try to encourage collaboration where it won't work. There is the need for a collaborative service that's more easily distributed within organisations and a step change that allows this easy collaboration.

Business IT alignment

The evolution of the perception of IT in business is now changing, from IT as a cost manager to a facilitator for change. There is, therefore, a need to understand what are your key information systems and strategy is and retain agility on differentiators.

Business perception of IT is changing. IT is ore about processes not so much about technologies now. It's a case of taking out the 'T' or putting the 'I' back in.

The future does see strategic business roles in IT, but unfortunately not enough SMEs and other organisations are IT-enabled enough for integration to really take off.

For example, there's a lot of resistance at the moment to e-procurement although the online tax disc service is cited as being a good example of e-government. Insurance companies wanted this kind of centralised system to help reduce fraud. Hence, the DVLA are a good example of IT aligned with the external customer.

Those who do product development are completely different to those who implement in the field. One participant remarked about one software company who don't even use their own software.

Many think that the IT industry is innovative when compared with other industries, such as the building industry. However, review systems often don't pick up all the potential hazards of IT projects, particularly the larger ones, hence their bad reputation.

Take, for example, the national ID scheme, which is seen by many as poorly costed and over ambitious. The gateway process here is not bad but it needs an intelligent buyer. In this case the cabinet office has identified a lack of competence in building up a relationship between sponsors, the IT people and the final customers, i.e. the public. In fact, an immaturity of IT investment and progress has been determined in this case during the review process.

Leading IT through people

Front and back end projects need very different skills, hence require different people to fill those jobs. Managers often don't understand that some problems are not problems to others in the same company.

Therefore, communication is vitally important within any organisation. But how can we ensure that the right conversations happen between the right people? The only way is to plan for this to happen and to lead by example, to encourage the leaders to lead well.

There needs to be more awareness of self regulation and individual responsibilities so that everyone can be more aware of how different people operate and where they are coming from. It also helps if individuals learn how to regulate how they present themselves. In fact this can take many forms; sometimes companies have 'no email Fridays' where, if people want to communicate with each other, they have to talk.

There is sometimes the need to have meetings where people talk about what they do and have done; exposing problems they've had to, in the past, and encourage people to talk about what to do to overcome such a problem if it happens again in future. A good example of this is the 'Friday tutorial' where one member of staff will present to whoever wishes to listen during the lunch break; often called 'lunch and learn'.

It's sometimes said that it takes seven times in seven ways for someone to learn something new, and take on board a new concept and this often holds true. Hence, finding different methods of communicating ideas to one another in a number of sometimes novel ways can assist understanding the other camp's perspective. The business and engineering camps need to communicate more in most organisations and need to be able to interbreed the two different states of mind and find a common ground.

Ultimately, it's up to the discretionary choice of the CIO to decide whether they can be brought together, but there has to be leadership from the top. Mid-level management play a crucial role in the implementation of any changes, but it is critical that the CEO and CIO be aligned in order for objectives to be met.

Communication between departments, therefore, has to be carefully planned and not done on an ad-hoc basis, and it is just as important for employees to feel that they can influence changes; otherwise they tend to lose interest.