The struggle to determine exactly who owns a project is the heart and soul of that ongoing headache we call "IT-business alignment." Our Ann All discusses the frustrations CIOs expressed at a recent trade event in a great blog post. If Ann were to attend an event next month, odds are she'd hear the same complaints.
Nowhere does the question of ownership get stickier than in the budgeting process, where IT often is tasked with projects it doesn't really get or, even worse, is asked to defend necessary expenditures to folks who certainly don't get IT.
An excerpt from the book The Adventures of an IT Leader, from Harvard Business Publishing, details the struggles of a new CIO as he tries to correct a project prioritization process that has back-burnered a necessary security project for a couple years. The 18-page PDF is available free to IT Business Edge members here in the IT Downloads library.
We follow the conversation of our hypothetical new CIO and his infrastructure chief, where it all makes perfect sense that anonymous network activity tracked by the IDS probably should be addressed (although the CIO, from an accounting background, is not as comfortable with the nuisances of potential risk as you might hope). The CIO then goes into a meeting with his numbers guy, where he learns of "slush funds" maintained for IT projects that don't get the global green light. But the new CIO wants to push projects through normal channels. Also wants to know who would oppose such a common-sense project.
Turns out it was him, his numbers guy tells him:
"You said they should come back when they could speak English. As I recall it, the phrase you used to start the discussion of the project, right after they'd presented their case was: Hablan ingles?' It got a big laugh, and we all knew then the project was toast."
The book chapter is pretty complex in its discussion of business realities-among the new CIO's goals in getting the security project approved is hanging on to a hot-shot security analyst whom he seriously hacked off by killing the project last time through. The sensitivity of recording in email a past history of lax security spending also is addressed; lawyers look for that kind of thing while preparing class-action lawsuits.
The CIO's instinct is to simply ask for complete control of the IT budget, but then he is reminded of the "one-neck-in-the-noose" problem and the virtues of everyone having skin in the game.The alternative is a committee-based approach, facilitated by IT, that brings together business stakeholders in a consensus-building format. Three key elements to this platform are:
Additionally, IT does have complete autonomy over some budget for infrastructure-that's where the overdue security project that started all this introspection probably would find its funding.
The activities of the steering committee (a term the book chapter never uses, by the way) must be reviewed regularly to ensure they synch with the company's stated strategy, including putting some funds toward Option-Creating Investment (OCI) projects that lay the groundwork for breakthroughs. You cant just wring out predictable ROI from the same old products forever, after all.
The book uses a visual device depicting the new CIO's whiteboard as he works through the challenges that confront him. You can see his description of a healthy budget review in the image below.
All in all, it's a very engaging and informative read. Be sure to check it out.