Louis V Gerstner (CEO IBM 1993-2002) management style and CIOs

IBM Electronic Data Processing Machine (1952)

Image by Chemical Heritage Foundation via Flickr

“Watch the turtle. He only moves forward by sticking his neck out.”

Louis V Gerstner, Jr (1942 – ) IBM CEO 1993-2002

Sign in Louis Gerstner’s office:

THERE ARE FOUR KINDS OF PEOPLE:

THOSE WHO MAKE THINGS HAPPEN

THOSE TO WHOM THINGS HAPPEN

THOSE WHO WATCH THINGS HAPPEN

THOSE WHO DON’T EVEN KNOW THINGS ARE HAPPENING

Today’s article is the eighth in a series of articles (1st Steve Jobs, 2nd Michael Dell, 3rd Warren Buffet, 4th Bill Gates, 5th Larry Ellison, 6th Eric Schmidt, 7th CIOs and the ideal management style), analysing current and past leaders to ascertain how Chief Information Officer’s (CIOs) can learn better management by applying the management practices of leadership, practiced by these leaders.

I don’t usually read a book and write about it but I really liked Louis Gerstner’s (LG) very own style of writing and the way that he turned around IBM. In 1993, IBM was losing market share and perhaps on the verge of bankruptcy. Louis Gerstner accepted the job and walked into this situation without really knowing whether he could revive IBM to its glory days.

This series is about leadership and this is the first time I am moving away from offering my thoughts on how CIOs (and others) can apply these leadership practices within their own businesses. The main reasoning is that, I will from now on leave it to my readers to apply what they have learnt from my blog posts. I am increasingly conscious that my readership now envelops many disparate disciplines and I am grateful for that. It has always been my intention that I disseminate my knowledge to others who may benefit as well. After all, knowledge taken to the grave is knowledge lost!

For the full version, please read the book, Who says Elephants can’t dance – Inside IBM’s historic turnaround by Louis V Gerstner. I am also grateful to Harper Collins as I have used excerpts from the book itself.

PS: CIO is a generic term and other analogous titles are Head of IT, IT Director, Director of IT etc.

The Management Style

Louis Gerstner started his working in life with McKinsey & Company in 1965, joined American Express as their Head of Travel related Services Group in 1977 and accepted the CEO’s position of RJR Nabisco in 1989. Let’s see what CIOs and general management can learn from this icon of modern business and technology. (In no particular order):

1. Success in general may be built on failure:

As LG started his new job at IBM, he met with the Corporate Management Board (Top 50 executives of IBM) and told them that he had not looked for the job and took it reluctantly as he thought that the responsibility was important to the country’s competitiveness and health. He then went on to outline his expectations:

i.            Eliminate bureaucracy by decentralising wherever possible while ensuring the right balance with central strategy and common customer focus.

ii.            Benchmarking costs against those of competitors and then achieving best in class status.

iii.            Layoffs maybe necessary (Let’s not kid ourselves)

iv.            IBM management wanted to breakup IBM into smaller autonomous businesses. LG said, “Maybe that is the right thing to do, but maybe not. We certainly want decentralised, market-driven decision making. But is there not so offer comprehensive solutions, a continuum of support? Can’t we do that and also sell individual products?”

v.            About morale, he said, “I want can-do people looking for short term victories and long term excitement.” He also told the audience that it would be his priority to utilise internal talent rather than bringing in outsiders.

2. How did he want to run IBM? LG -.

  • “I manage by principle, not procedure.
  • The marketplace dictates everything we should do.
  • I’m a big believer in quality, strong competitive strategies and plans, teamwork, payoff for performance and ethical responsibility.
  • I look for people who look to solve problems and help colleagues.
  • I sack politicians’.
  • I am heavily involved in strategy; the rest is yours to implement. Just keep me informed in an informal way. Don’t hide bad information – I hate surprises. Don’t try to blow things by me. Solve problems laterally; don’t keep bringing them up the line.
  • Move fast. If we make mistakes, let them be because we are too fast rather than too slow.
  • Hierarchy means very little to me. Let’s put together in meetings the people who can help solve the problem, regardless of position. Reduce committees and meetings to a minimum. No committee decision making. Let’s have lots of candid, straightforward communications.
  • I don’t completely understand the technology. I’ll need to learn it, but don’t expect me to master it. The unit leaders must be the translators into business terms for me.“I would say a few things. First, don’t be afraid to make mistakes. That’s how you learn, so I believe a lot in trio al and error and course corrections. Often companies are unwilling to admit when they’ve made a mistake. We tend to question things more in our business.

                                              

3.        SWOT analysis: LG pointed out five ninety day priorities on joining IBM and they were:

I.            Stop the bleeding of cash as IBM is running out of money.

II.            Ensure that IBM is profitable by 1994 (LG joined IBM in April 1993).

III.            Develop and implement a customer strategy for the next two years (93,94) that indicated to the customers that IBM had returned and was there to serve them.

IV.            Complete the ‘right sizing’ of IBM.

V.            Create ‘an intermediate-term business strategy.

4.        Constant analysis: With regards to mainframe pricing, LG was convinced that the reason IBM was losing out to competitors was that IBM had the pricing strategy all wrong, so he reversed it with ‘an aggressive price reduction. In addition at a conference attended by approx 175 CIOs and after listening to them during the conference, LG laid out his expectations:

I.            IBM priorities would be redefined, starting with the customer.

II.            IBM laboratories would be allowed to do what they wanted to do and would deliver open, distributed, user based solutions.

III.            IBM would be easier to work with, would recommit to quality and re-establish its leadership position.

IV.            IBM would work for the customer and deliver the performance the customer wanted.

5.        Improve productivity: As LG moved forward with re-inventing IBM, he took the following measures to improve productivity:

  • All of IBM would stay together as one company and not converted into autonomous units.
  • IBM economic model would be altered, such as expenses as IBM were spending 42 cents to produce $1 of revenue while its competitors were spending only 32 cents..
  • Business re-engineering would be undertaken. For example processes and systems would be reviewed as internally IBM had 128 CIOs!
  • Underproductive assets would be sold to generate much needed cash.

6.        Business reputation and brand: IBM had never had a true Head of marketing and just like the processes and the 128 CIO scenario, marketing was controlled by countries and business units etc. That resulted in a totally disjointed marketing campaign. The new Head of marketing decided to consolidate all of IBM’s advertising relationships into a single ad agency. This spawned the “Solutions for a Small planet” and was followed by the coining of the term, “e-business.”

7.        Rating of employees’ performance: – In the past, I have reviewed many CEO’s management style but Eric Schmidt’s and Louis Gerstner’s style is the closest fit to Deming’s ‘Annual rate of performance’ that I have yet come across.

“This was all about pay for performance, not loyalty or tenure. It was all about differentiation: Differentiate our overall pay based on the marketplace; differentiate our increases based on individual performance and pay in the marketplace; differentiate our bonuses based on business performance and individual contributions; and differentiate our stock-option awards based on the critical skills of the individual and our risk of loss to competition.”

8.       Spotting opportunities: While looking for opportunities, LG met the Head of ISSC (IBM Subsidiary), Dennie Welsh. The opportunity that Dennie had spotted would change IBM forever. “He told me that his vision of a services company was not one that did just IBM product maintenance and strung together computer codes for customers, he envisioned a company that would literally take over and act on behalf of the customers in all aspects of information technology-from building systems to defining architectures to actually managing the computers and running them for the customers. My mind was afire. To be truly successful, we would have to do things that would shake the place to its roots. For example, the services unit would need to be able to recommend the products of Microsoft, HP, Sun and all other major IBM competitors if that, in fact, was the best solution for the customer. Of course, we would have to maintain and service these products as well.”

9.        Create and nurture ‘the correct culture.’ – Watson, Sr had created the original culture of IBM but over the years, IBM personnel had moved away from the original ethos of that culture and had started to interpret it quite differently to how it was originally intended. LG made it an imperative to change the IBM culture that was a better reflection and fit for the changing times. The original culture hinged around:

  • Excellence in everything we do. – This became an obsession with perfection. The culture that developed threatened to halt IBM due to checks, approvals and validation meant that decision making just ground to a halt.
  • Superior customer service.- This translated into “servicing IBM machines on customers’ premises”, and as a result the customer’s real needs were usually not entertained.
  • Respect for the individual. – This meant that employees expected their entitlements regardless of performance. This meant that in many instances the best people were not getting what they deserved.

10.     Develop a Clear Vision–and Stick to It. – LG “I was always amazed at how many executives thought that “vision” was the same as “strategy.” Vision statements are for the most part aspirational, and they play a role in creating commitment and excitement among an institution’s employees. Good strategies start with massive amounts of quantitative analysis –hard, difficult analysis that is blended with wisdom, insight, and risk taking.”

11.      Business/IT Strategy/principles: LG- “I am struck by how much of the culture change of the following ten years they describe”

LG outlined eight principles that were to envelop the business strategy and underpinned the new IBM culture.

1)        The marketplace is the driving force behind everything that we do.

2)       At our core, we are a technology company with an overriding commitment to quality.

3)       Our primary measures of success are customer satisfaction and shareholder value.

4)       We operate as an entrepreneurial organisation with a  minimum of bureaucracy and a never-ending focus on productivity.

5)       We never lose sight of our strategic vision.

6)       We think and act with a sense of urgency.

7)       Outstanding, dedicated people make it all happen, particularly when they work together as a team.

8)       We are sensitive to the needs of all employees and to the communities in which we operate.

12.     Be ‘shrewd’ and keep the team on its ‘toes.’ – LG – “We’re getting our butts kicked in the marketplace. People are taking our business away. So I want us to start kicking some butts-namely, of our competitors. This is not a game we’re playing. We have got to start getting out in the marketplace and hitting back hard. I can assure you, our competitors are focused maniacally on these charts, and they talk us down constantly. For example, this from Larry Ellison (CEO Oracle): “IBM? We don’t even think about those guys anymore. They’re not dead, but they’re irrelevant.”

13.     Hire ‘Action’ oriented employees. – LG was once asked, “What do you really want people to do?” He answered, “Win, execute and team.”

  • “WIN:    It was vital that all the IBMers understand that business is a competitive activity. In the new IBM there would be no place for anyone who lacked zeal for the contest.”
  • “EXECUTE:         No more studying things to death. In the new IBM, successful people would commit to getting things done – fast and effectively.”
  • “TEAM: This was a commitment to acting as one IBM, plain and simple.”

14.     Focus: LG – “History shows that truly great and successful companies go through constant and sometimes difficult self-renewal of the base business. They don’t jump into new pools where they have no sense of the depth or temperature of the water.”

15.     Quality management: LG ”But alas, too often the executive does not understand that people do what you inspect, not what you expect.”

16.     Succession planning and his reputation: LG – “When IBM’s Board of Director’s considered who would succeed me, passion was high on their list of necessary attributes. Sam Palmisano (Current IBM CEO), my successor, is an extraordinary executive – a man of many talents. However, he would never have had my recommendation, despite these many talents, if he didn’t have a deep passion for IBM, for what it stands for, for what it can be, for what it can do.”

Advertisements

Bill Gates (Chairman Microsoft) management style and CIOs

Bill Gates selling windows

Image by niallkennedy via Flickr

“There is no security in this life. There is only opportunity.”

Douglas MacArthur(1880 -1964) American General

Bill Gates (1955 – ) Microsoft Chairman and philanthropist

Today’s article is the fourth in a series of articles (1stSteve Jobs, 2nd Michael Dell, and 3rd was written on  Warren Buffet, analysing current and past leaders to ascertain how Chief Information Officer’s (CIOs) can learn better management by applying the management practices of leadership, practiced by these leaders.

Gates has led Microsoft from start-up to‘software giant’ with quite an unorthodox style of management. On Microsoft’s website, he measures Microsoft’s success as, “We’ve really achieved the ideal of what I wanted Microsoft to become.”

PS: CIO is a generic term and other analogous titles are Head of IT, IT Director, Director of IT etc.

The Management Style

What can CIOs learn from Gate’s management style? Let’s investigate while allowing you to decide.  (In no particular order and a few other sources utilised):

1. Create and nurture ‘the correct culture.’ – ‘John Battelle co-founded Wired Magazine. He says Microsoft was the pioneer of the new-agey workplace, making work as comfortable, inspiring and fun as possible so workers would spend lots of time there.

John Battelle: And as a matter of fact, at Wired we adopted that stuff. We had a chef and a masseuse, all sorts of services, because we wanted our employees to stick around. I believe Microsoft gets a lot of credit for that.

Bill Gates didn’t even finish college, but the office culture he created at Microsoft is now being taught at the country’s top business schools.’ – Courtesy of Marketplace

2. Develop a Clear Vision–and Stick to It. – From the beginning, he dreamed of developing Microsoft into a corporate giant. For CIOs this is one of the most important traits that MUST be part of the toolbox.

CIOs need to clearly identify to themselves and communicate to the environment that they work in ‘the vision’ that they have set out to achieve. They then need to have the confidence to deliver that vision.

3. Hire ‘Action’ oriented employees. – CIOs usually have exposure to many different environments and come across many employees. Some will be better than others, while some will be outstanding. Gates has always hired the smartest people who can ‘get the job done.’

Hire your friends and past colleagues, as they will have loyalty to you and you personally know whether they have what it takes to realise your ‘vision.’

4. Relax and feel at home – According to Matt Richey, ‘Microsoft has a simple way of maximizing its employees’ productivity: It allows each individual’s office to be as individualized as one desires.

That means making the office more like home. Everything from real offices (not cubicles) to windows in most offices, from free soft drinks to no dress code, from an open supply room to anything-goes work hours. Quite simply, these policies improve employee morale, and thus increase overall productivity.’

5. ‘Image’ is everything. – Gates has successfully changed his image over the years from a geek to corporate leader and philanthropist.

CIOs need to change their image from just being technology leader to leaders who understand business and can apply their strategic IT and business skills to the wider business.

6. Successful innovation and success in general may be built on failure: Yep, Gate’s has constantly had Microsoft innovating along. Currently though, as many large IT businesses employ smarter and smarter employees, time will judge who can innovate the most and bring to market technologies that have ‘stickiness.’

The question these companies have to ask themselves is that can employing ‘smarter’ employees stop the next Google , or Microsoft from raising its head?

For those who have been following my blog, I mentioned this ‘war’ state in Google Apps – The myth, hype and reality , Weather bulletin – Google Cloud and icy Microsoft downpour & Search wars – Past, Present and future – Bing, Google or new entrant?

Microsoft has proved that failure can lead to success and continues to innovate by investing in many technologies. Some will inevitably fail while others maybe huge successes. Many businesses lack of innovation is due to their fear of failures.

7. Be ‘shrewd’ and keep the team on its ‘toes.’ – Gate’s, is known for his sharp cross examination of employees who present new ideas, innovations etc.

He analyses information quite quickly and gets to the bottom of the matter at a rapid pace. Employees have criticised this approach and associated quick, sharp, snappy analysis that at times is uncomfortable (in employee’s views). These qualities of Gate’s have enabled Microsoft to dominate personal computers (PCs). CIOs need to understand employee perspectives and ‘effectively quiz’ their teams on solutions being proposed.

8. Ruthlessly protect your ‘budget.’ – According to Matt Richey, ‘Even with its billions upon billions in cash, Microsoft is as frugal as Ebenezer Scrooge. It’s a company that buys canned weenies for food, not shrimp. Until last year (1999), even Bill Gates and his second-in-command Steve Ballmer flew coach. (For scheduling reasons, the company purchased its first corporate jet.)

Bucking the trend of most large, wealthy corporations, Microsoft remains in start-up mode where tight budgets are the rule. When you sit back and think about it, this frugality is less surprising and even explain how a company can come to accumulate such great hoards of cash.’

9. ‘Stop’ the ‘mad bureaucracy’ – I have mentioned this before in a post (can’t think of which one though) and it gets reiterated again by Microsoft. As Matt said, ‘The plague of most big companies is bureaucracy and stupid rules. Thielen gives the example of an un-named high-tech company that sent a four-page memo to all of its employees on proper security badge procedure, including infinitesimal details on how and where to wear the badge.

To that, Thielen states, “Does Microsoft manage to avoid this type of inane garbage? By and large, yes.” Unlike most companies, Microsoft actually assumes its employees are smart. Rules at Microsoft are few and far between, and the ones that exist tend to make sense. Having only a few important, logical rules means that employees actually remember and follow them.

Some Sources of Information and further reading:

How to be the next Bill Gates

Former MS employee recalls Bill Gates’ management style

The 12 Simple Secrets of Microsoft Management

Fiedler Model and Level 4 leadership

Choosing technology over customers

“Only buy something that you’d be perfectly happy to hold if the market shut down for 10 years.”

Warren Buffet (1930 – ) World’s most successful investor

I recently received a blog post from Software Advice on – Why the Technology Matters – An Analysis of Consona’s Acquisition of Compiere. That blog post made me think about my recent posts over the last few months on Cloud Computing and Google Apps etc in May, June, my blog post last year on ERP and this year’s – Leveraging IT for Competitive Advantage – Myth or Reality? The ERP blog post covered the recent acquisitions that had happened within the competitive ERP arena and Leveraging IT for Competitive Advantage – Myth or Reality? attempted to address whether competitive advantage could be realised through effective use of IT.

Now, as we all know from the blog post, Warren Buffet’s (World’s most successful investor) management style and CIOs, the technology business is not considered a viable investment by him as he admits that he doesn’t understand technology and considers technology too volatile.  So, when Don Fornes wrote that he thought Consona had acquisitioned Compiere ‘because the Compiere product is built on a very modern technology stack and is designed to run in a cloud computing environment’ it made sense.

This was also confirmed by a quote by Consona’s CTO, Steve Bailey, ‘Compiere is the world’s leading open-source ERP solution and the products are brilliantly architected. They run on a fully open-source stack (e.g., Java, Linux, JBOSS, Postgres), utilize a browser-based AJAX UI based on the Google Web Toolkit, and are fully operational either on premise or on a utility cloud platform like Amazon…’

Don went on to say, ‘While Consona has acquired a number of software companies based on this model, that doesn’t seem to be the strategy behind the Compiere deal. Compiere brings only 130 customers to Consona and I doubt Compiere’s open-source business model was generating big profits. Instead of buying customers and profits, Consona seems to be thinking ahead about how they can lead the market in the next generation of technology. The acquisition is more about growing organically – selling more Compiere systems – than it is about harvesting customer support contracts.’

‘Why is this all relevant to software buyers? Because there is a big shift underway from client/server systems installed “on premise” to cloud-based or software-as-a-service systems that are hosted in a secure data center and accessed through a web browser. Moreover, the open source movement is producing underlying technology that is not only free, but increasingly really good stuff. Software vendors that don’t make the transition will wither on the vine.’

‘To highlight the significance of this model, consider that a bunch of brilliant Google engineers built some cutting edge user interface technology (Google Web Toolkit) and open sourced it. Compiere turned around and used it in their products. Google did a big part of Compiere’s engineering for free…and will continue to do so. Now that’s efficient development.’

‘Compare that to an application software company that has to pay ongoing royalties to an infrastructure software company for the privilege of developing on its outdated database or development tools. The smart engineers long since left both companies so they could work on cooler projects at more modern software companies. The mediocre engineers that remain are having a hard time developing new features on old code. Sales are declining and customers are defecting (albeit slowly because it’s hard to switch).’

‘You don’t want to be that customer that is trying to defect but fears the switching costs. You want to be the delighted customer that loves their software because it works today and will work tomorrow, regardless of what new requirements emerge.’

As we are constantly bombarded by marketers and pushed towards cloud computing models, please remember that (as Marcela Cueli said in his article),

‘For a start, cloud computing is not a technology but a model of provision and marketing IT services that meet certain characteristics. Cloud is all about computer services, not products:

* The infrastructure is shared. Multiple clients share a common technology platform and even a single application instance.

* The services are accessed on demand in units that vary by service. Units can be, for example, user, capacity, transaction or any combination thereof.

* Services are scalable. From the user’s point of view, services are flexible; there are no limits to growth.

* The pricing model is by consumption. Instead of paying the fixed costs of a service sized to handle peak usage, you pay a variable cost per unit consumption (users, transactions, capacity, etc.) that is measured in time periods that can vary, such as hour or month.

* Services can be accessed from anywhere in the world by multiple devices. The cloud model leads to basically two different kinds of clouds: private and public. The public clouds are those that offer IT services to any customer over the Internet. Private clouds offer IT services to a predefined group of customers, with access through Internet or private networks. You might have also heard about internal and external clouds. The former are a subgroup of the private clouds, and provide services within the same company or corporate group. The latter may be public or private and provide services to other companies.’

To conclude, this is exactly what I have been discussing in my blog posts over the last year or so. Don’s thoughts are increasingly reflective of the technology blogosphere as technology writers’ such as Don and I understand the repercussions of the effects of cloud computing on traditional client/server models and associated revenue streams, licensing etc.

There are many facets that I have covered over the last year or so that lead companies to be in this vulnerable position where they have to resort to acquisitions to remain contenders within their marketplace. My blog posts mentioned earlier have considered these, so apart from the above posts, I will leave you with some other posts that should help companies and their management become successful.

What is Cloud Computing? Its Pros/Cons and making it work

Lawmakers question the security of cloud computing

Can IT Management failure be caused by a deadly disease? Part I

Can IT Management failure be caused by a deadly disease? Part II

I listened, you spoke but did we communicate?

IT benchmarking

The CIOs agenda and memberships

Challenges facing CIOs at the UK’s leading companies

 

Warren Buffet’s (World’s most successful investor) management style and CIOs

Warren Buffett speaking to a group of students...

Image via Wikipedia

“You are neither right nor wrong because the crowd disagrees with you. You are right because your data and reasoning are right.”

Warren Buffet (1930 – ) World’s most successful investor

Today’s article is the third in a series of articles (First was written on Steve Job’s – Apple CIO followed by Michael Dell (CEO Dell) analysing current and past leaders to ascertain how Chief Information Officer’s (CIOs) can learn better management by applying the management practices of leadership, practiced by these leaders.

PS: CIO is a generic term and other analogous titles are Head of IT, IT Director, Director of IT etc.

The Management Style

Warren Buffet is one of the world’s richest men and a very successful investor.  For today’s blog post I have selected a truly unique individual. He works from his office that lacks a computer and surprisingly his desk is bereft of research on stocks and shares.

Before we go any further, one particular event caught my attention that captures a facet of Warren Buffet’s management style. So, I have decided to share it with everyone. According to BusinessWeek, ‘We arrive late to Paris, touching down in a freakish, near-gale-force windstorm that both thrills and alarms our pilot. In four cars, we race as fast as rush-hour Paris traffic allows from Le Bourget to Dassault Aviation Group’s magnificent 19th century chateau–familiarly known as Le Rond Point–on the Champs Elysees. EJA is the largest commercial customer of Dassault Aviation, Europe’s leading manufacturer of business jets. Serge Dassault, the company’s chairman, is hosting tonight’s gala reception and dinner in Buffett’s honor. By the time we arrive, the reception is in full swing. But Buffett takes a few steps into the foyer and hustles up a flight of stairs. It will be a good 35 minutes until he descends and joins the party.

Downstairs, the guest of honor’s whereabouts is Topic A among Dassault’s distinguished guests. It might puzzle them to learn that Buffett is on a transatlantic call to one of his employees. The matter he is discussing with Ajit Jain this evening is not urgent. But it is Buffett’s custom to speak with Jain every evening. If that means keeping 200 of France’s richest people waiting, then c’est la vie.’

What can CIOs learn from Warren Buffet’s management style? Let’s investigate while allowing you to decide.  (In no particular order and a few other sources utilised):

1. Business assessment: When looking to invest, Warren Buffet looks to satisfy ‘five’ essential criteria, equally CIOs can apply similar criteria when looking to invest their expertise towards business assessment. Buffet – ‘Never invest in a business you cannot understand.’

Warren Buffet investment criteria CIO ‘business’ assessment criteria
1 Is the company simple and understandable? Is the business model, simple and understandable?
2 Does it have a consistent operating history? Has IT consistently assisted the growth or well being of the company?
3 Does it have favourable, and predictable, long- term prospects? Is IT viewed favourably within the company and can IT predict how it can help the company’s long-term prospects?
4 Is the management competent and honest? Is the IT management team competent and aligned to the business vision?
5 Is the underlying business undervalued? Is IT undervalued? How can IT deliver ‘more’ value from existing resources?

2. Ownership: In the 2010 Berkshire Hathaway (BRKA) annual report, Buffett wrote of his holding company: “We tend to let our many subsidiaries operate on their own, without our supervising and monitoring them to any degree. Most managers use the independence we grant them magnificently, by maintaining an owner-oriented attitude.” Buffett wants Berkshire Hathway’s managers to think like owners. Their rewards are tied exclusively to the achievements of their own businesses, not those of Berkshire Hathaway – a principle to which Buffett holds very strongly. “We delegate to the point of abdication,” Buffett says in Berkshire’s Owner’s Manual. CIOs need to instil their teams with similar beliefs. Every individual within the CIOs team needs to think as if they were the ‘owner’s’ of the business, especially the CIOs main management team.

3. Risk assessment and crisis management: Buffet – ‘If there is any significant bad news, let me know early’. The team need to have confidence in the CIO, in order that ‘bad news’ events/issues/problems can be resolved prior to them mothballing to the ‘point of no return.’ ‘An investor needs to do very few things right as long as he or she avoids big mistakes.’

4. Succession: Buffet – ‘send me a letter updating your recommendations as to who should take over tomorrow if you became incapacitated tonight. Anything you send me will be confidential’. CIOs need to have succession planning in order that the business has continuity in the unfortunate event of a CIO not being able to provide management.

5. Business reputation: Buffet – ‘Look at the business you run as if it were the only asset of your family, one that must be operated for the next 50 years and can never be sold’. He adds that ‘We can afford to lose money – even a lot of money. We cannot afford to lose reputation – even a shred of reputation.’ CIOs need to understand that IT systems can enhance and taint a company’s reputation. The recent BP oil spill crisis reflects that as it had a devastating effect on BP’s reputation, wiped millions off its share price, cost billions to settle claims and control the oil spill. Additionally, the irrecoverable loss of both human and marine life, coupled with the environmental damage leaves the oil giant in shambles.

6. Quality management: ”What I must understand is why someone will continue to get out of bed in the morning once they have all the money they could want,” Buffett says. ”Do they love the business, or do they love the money?” CIOs need to have a team that enjoys working within IT and associated line of business.

7. Competitive advantage: Warren Buffett was once asked what is the most important thing he looks for when evaluating a company to invest in. Without hesitation, he replied, “Sustainable competitive advantage.” CIOs need to ask themselves how they can help the business through leveraging IT to create competitive advantage? I covered this a few months ago, in my post, Leveraging IT for Competitive Advantage – Myth or Reality? Companies with a sustainable economic advantage need honest, capable and hardworking leaders to retain their lead. Berkshire-Hathaway’s managers have one instruction: Widen the moat. That keeps the castle valuable.

8. Use numbers to season the points you serve — they’re not the main dish: (Points 8,9,10,11 courtesy of the Harvard Business Review blog) Buffett doesn’t just report on the underwriting gains of their insurance businesses and let the numbers stand for themselves; he explains the terminology, what the numbers mean, and how he and Charlie Munger, his business partner, view them. Case in point: “Our $58.5 billion of insurance “float” — money that doesn’t belong to us but that we hold and invest for our own benefit — cost us less than zero. In fact, we were paid $2.8 billion to hold our float during 2008. Charlie and I find this enjoyable.”

9. Use analogies and metaphors. A great example is Buffett’s description of how many of us felt after the economic collapse in 2008: “By year end, investors of all stripes were bloodied and confused, much as if they were small birds that had strayed into a badminton game.” And he goes on to describe the government’s response: “In poker terms, the Treasury and the Fed have gone ‘all in.’ Economic medicine that was previously meted out by the cupful has recently been dispensed by the barrel.” These metaphors do more to explain his points than paragraphs of technical jargon ever could.

10. Be honest and transparent. Buffett follows-up a recap of 2008 successes with the following revelation: “During 2008 I did some dumb things in investments. I made at least one major mistake of commission and several lesser ones that also hurt. I will tell you more about these later. Furthermore, I made some errors of omission, sucking my thumb when new facts came in that should have caused me to re-examine my thinking and promptly take action.” Instead of deflating his credibility, this kind of refreshing candidness makes the audience more trusting of whatever else he might say: after all, he’s clearly not hiding anything. ‘It is more important to say “no” to an opportunity, than to say “yes”.’

11. Use facts to put things in realistic context. After explaining how bad the economic situation was in 2008, Buffett gave a fact-based context for how to view these realities. “Amid this bad news, however, never forget that our country has faced far worse travails in the past. In the 20th Century alone, we dealt with two great wars (one of which we initially appeared to be losing); a dozen or so panics and recessions; virulent inflation that led to a 21 1/2% prime rate in 1980; and the Great Depression of the 1930s, when unemployment ranged between 15% and 25% for many years. America has had no shortage of challenges. Without fail, however, we’ve overcome them. Compare the record of this period with the dozens of centuries during which humans secured only tiny gains, if any, in how they lived. Though the path has not been smooth, our economic system has worked extraordinarily well over time.”

12. Follow your instinct: Buffet – ‘Do not follow the crowd. Ignore the market, the crowd, and its fashions.’‘It is not necessary to do extraordinary things to get extraordinary results.’

13. Research: Buffet – ‘Do not rely on outside analysis. Do your own research – and do it thoroughly.’ Do not often act on a hunch. Always have sound, well-argued, well-researched reasons for your investments.’

14. Trustworthiness and integrity: Developing characteristics such as trustworthiness and integrity, Buffett believes, is a matter of forming the right habits. “The chains of habit are too light to be noticed until they are too heavy to be broken,” he says. People who stray from these values often show up on Wall Street; they may initially even shine; but eventually they self-destruct. “That is sad, because it does not need to happen,” says Buffett. “You need integrity, intelligence and energy to succeed. Integrity is totally a matter of choice — and it is habit-forming.”

15. Buy at the right price: Purchases must be made at the right price if they are to pay off.

No less an authority, John F. Welch, CEO of General Electric Co., considers Buffett a superb judge of managerial talent. Buffett and Welch have gotten to know each other over the years as golf partners and as rivals in auto insurance and other businesses. ”Take 20 people you know quite well but Warren has just met casually,” Welch says. ”If you ask Warren his opinion about them, he’ll have each one nailed. He’s a masterful evaluator of people, and that’s the biggest job there is in running a company.”

Asked why he has not retired despite his phenomenal wealth, Buffett said the reason is that he has more fun doing what he does than anything else. “The fundamental thing is that the process should be fun,” he said. “I had just as much fun when I had $10,000 to invest as I do now. It’s crazy to do things for your resume. It’s like saving up sex for your old age. You should do what you enjoy as you go along, and work with people you admire. I look forward every day to the next day. I’m wired for this game.”

For the long haul, Warren Buffett’s way must be best. As an associate says, ‘somehow Warren has been able to keep a diverse cast of characters working harder for him than they did for themselves. I see it every day – and I still don’t know how he does it’. Having read all the above, though, you will have a good idea of the maestro’s magic methods. Use them.

Cloud based ERP. Fact or fiction?

“Don’t do what you know. Do what you don’t know about what you know.”

Mile Davis (1926 -1991) American Trumpet Player, Bandleader and Composer

Following my post on 19th May, Cloud based ERP is fast establishing itself as an increasingly dominant force within the ERP arena. Ubiquitous Internet connectivity combined with access to more bandwidth at affordable prices, both by businesses and consumers have propelled cloud based solutions as being commercially viable. Cloud based ERP solutions are also challenging existing licensing models. The larger providers such as SAP and Oracle are struggling to compete with this new model and are looking at ways to combat this new threat to their established revenue stream. Newer established entrants within the mid tier market continue to embrace cloud computing and are increasingly vying for competitive advantage.

In my view, Google Apps will increasingly challenge established players providing enterprise systems, such as Microsoft. The likes of Google Apps will also challenge established ERP players as more offerings become available. For example, Netsuite will soon be available on Google Apps and My ERP seems like a credible solution for smaller businesses and is FREE for the first two users! One of my readers, Houston Neal, recently had a roundtable discussion on the state of the manufacturing ERP software industry, including solutions popular among small and medium enterprises that provides an interesting insight into many facets of ERP software.

Cloud based ERP providers available at the moment are: Acumatica, Agresso, CDC Software, Consona, Compiere, DataXstream and virtualised SAP, DSP managed services – advisors for Cloud based Oracle E -Business suiteDynacom, Epicor, Global Shop Solutions, IFS, Intaact, IQMS, Lawson, Microsoft, MyERP, Netsuite, Oracle Cloud Computing Centre, Openbravo, Plex systems, Sage, SAP Business by Design, Salesforce and Glovia Cloud Solution, Syspro

ComputerWeekly, recently ran an interesting and complete 4 part Buyer’s Guide to ERP software that discussed quite intensely both the traditional and new, cloud based ERP models. Following are excerpts that I have used from part 1, glued together to form the following and then I will list articles that provide further in depth analysis and reading, courtesy of ComputerWeekly and others:

In Part I, Cliff Saran wrote, ‘The idea behind enterprise resource planning (ERP) is to provide the business with a single product that provides software to support the main business functions in a company. The major products such as SAP and Oracle claim to encompass the best ways to run business processes. But since they cater for large complex businesses, such systems are often too sophisticated for smaller organisations that may not have the same requirements in terms of scale and complexity of business operations.

SAP and Oracle may be great for providing enterprises with industry-standard business processes, but standardisation erodes the unique selling point in smaller businesses. George Lawrie, principal analyst at Forrester Research says, “SMEs are worried by the high maintenance fees and complex implementations associated with major ERP software.”This is why a market has grown for ERP aimed at SMEs. “Mid-market ERP tends to offer vertical specialisation,” says Lawrie.

Suppliers such as Salesforce.com have made it possible to put customer relationship management (CRM) systems in the cloud, but core enterprise resource planning (ERP) has so far remained untouched. If IT departments can make considerable savings switching from in-house systems to cloud-based software-as-a-service (SaaS), why stop at CRM? Businesses should consider using the cloud for ERP.

Andrew Vize, who as propositions director runs Computacenter’s CIO panels, says, “The efficiency of services from Google and Amazon is superb. They offer the lowest power costs and are five to 10 times cheaper than traditional small datacentres.”

It makes sense for an IT director, but the major ERP suppliers have been reluctant to move to cloud computing. SAP has been touting its Business ByDesign SaaS suite for smaller companies.

Meanwhile, Oracle offers its middleware and database products on Amazon Elastic Compute Cloud (Amazon EC2), but does not recommend putting E-Business Suite ERP software in the cloud.

Oracle states in a blog post, “Since Amazon EC2 uses a virtualisation engine that is not supported by Oracle and has not been certified with E-Business Suite, this environment is not supported for production usage of E-Business Suite. Using Amazon EC2 for hosting E-Business Suite may be suitable for non-production instances, such as demonstrations, test environments and development environments.”

In fact, it is far from clear how the major ERP suppliers will charge for cloud-based ERP. The significant ongoing revenue they receive from annual software maintenance from on-premise applications makes it harder for established ERP companies to offer considerably cheaper software licensed on a monthly subscription basis.

However, smaller software companies are making cloud ERP float.

Cloud computing company NetSuite has unveiled workflow management software, SuiteFlow, which enables users of cloud computing business suites to automate and streamline complex business processes. NetSuite says SuiteFlow allows businesses to customise workflows to support the way they need to work.

Companies can use SuiteFlow to develop and deploy new business processes. NetSuite says it can be used to support processes such as contract renewal workflows with tasks, reminders and customer notifications, sales processes that include mandatory data entry, follow-up tasks and rep notifications, and customer support processes, including inactivity reminders, escalations and service level agreement (SLA) enforcement.

Lawson Software, which has mainly focused on traditional ERP, has moved into the cloud by offering its core Enterprise Management Systems and Talent Management suite on Amazon EC2 infrastructure. The products will be included in the Lawson External Cloud Services offering, which is part of the company’s Cloud Services portfolio.

Lawson’s cloud ERP service is targeted at mid-sized companies and organisations looking for a more affordable, flexible and agile deployment option for full-function enterprise software.

“We are making it easier for our customers to license, use, keep current and even pay for Lawson full-function enterprise software. This should be great news for CFOs and CIOs who worry about lengthy and complex on-premise installations, the cost and inefficiency of their datacentres, the best way to allocate IT staff, and the complexity and difficulty of maintaining software versions and upgrades,” says Jeff Comport, senior vice-president of product management at Lawson Software.

Similarly, open source ERP provider Compiere, which is used by companies such as Specsavers, has developed a version of its product that works on Amazon Web Services in the cloud.

Some experts believe it is unlikely ERP will move wholesale into the cloud. The major ERP systems tend to be architected as large homogenous IT systems, which may not be such a good fit for delivery via the internet cloud. Licensing major ERP systems to deploy via the cloud is still immature. Instead, niche software companies are likely to build cloud-based services that do many of the functions of ERP.

“We will have much more specialist systems that do a slice of ERP,” predicts David Bradshaw, IDC research manager for software and services in Europe.’

Cloud-based ERP could be the way forward for small- and mid-sized companies. Both Oracle and SAP offer products aimed at smaller businesses such as JD Edwards from Oracle and SAP Business ByDesign. These may have a better fit with certain organisations, But implementing on-premise traditional mid-market ERP systems will be the most likely approach businesses take until cloud computing has matured.

Gartner sees an increasing availability of software-as-a-service (SaaS) ERP systems, and, unlike in large enterprises, where SaaS ERP use is limited, SaaS ERP is playing an increasingly important role in both back- and front-office applications for mid-market companies. Cost reductions in implementation and operation are one of the important drivers for SaaS ERP, and SaaS offerings avoid the need for upfront capital expenditures because they can be funded as an operational expense. However, when analysing the total cost of ownership of SaaS ERP over five years, Gartner finds that SaaS is not necessarily less expensive than on-premises ERP.

NetSuite is the largest example for a SaaS-based ERP suite. It offers a broad range of application modules, including financials and accounting, purchasing, payroll, order management, inventory control, and employee management, as well as built-in integration with its CRM and e-commerce capabilities on the same platform. Gartner has spoken to customers that expressed a high level of satisfaction with NetSuite’s offerings.

Other notable SaaS ERP players are Plex Online (previously Plexus Online) and Glovia. SAP has also announced an on-demand ERP solution called SAP Business ByDesign.

Open source has been used extensively in infrastructure components, but it has a limited impact on ERP at this point. In the past two years, however, some new open-source software ERP suppliers have emerged with a focus on leveraging open source software to reduce the total cost of ownership of business applications, and to enable customisations that would be difficult to achieve without access to source code. Although we have doubts as to whether open source software business models actually confer these advantages on open source software ERP, these early stage offerings are nonetheless promising and should be evaluated. Examples for open source software ERP suites include Compiere and Openbravo.

Although increasing in importance, none of the SaaS or open source ERP solutions met the inclusion criteria for this Magic Quadrant, because of their number of sales or product focus. Gartner’s ERP Magic Quadrant, (2010 Quadrant) criteria do not explicitly exclude SaaS or open source packages. The analyst firm is actively tracking their progress and expects their inclusion in future versions of its Magic Quadrant.’

For more:

Detailed research lists from the largest USA ERP installations

Search Manufacturing ERP

Part I Buyers Guide to ERP: Alternatives to SAP and Oracle ERP suites

Part II – Buyers Guide to ERP: the mid-tier market

Part III – Buyers Guide to ERP: Agile ERP

Part IV – A guide to ERP for small and large businesses

Putting ERP in the Cloud

How to achieve ERP success: part 1 – the A-Team

How to achieve ERP success: part 2 – the software

ERP software suppliers – Essential guide

Buyers Guide to ERP: Midlands Co-op case study

Make your ERP rollout succeed

Lawson’s New Amazon Cloud-Based ERP Supports Customization

Epicor Takes the Wraps off Cloud-based ERP Solution

Amazon.com Offers Compiere Enterprise ERP via the Cloud

ERP and Cloud Computing trends

Lawson Software Introduced Cloud-Based Services

Weather bulletin – Google Cloud and icy Microsoft downpour

Updates 13.12.11

Why not read, something different – Influential Slaves, Bigots and Size Zeros

‘It is not the strongest of the species that survives, nor the most intelligent, but the one that is most responsive to change.’

Charles Darwin

I looked at the quote above from my post a few weeks ago and was quite surprised as it quite aptly grasped my thoughts for this post (so I’ll leave it there for this week as well). Last year, I wrote a post, What is Cloud Computing? Its Pros/Cons and making it work. Before, I start, I want to clarify that the Microsoft platform (includes all its business software) is, in my eyes, legendary. The world would be completely different, if it wasn’t for Microsoft’s computing vision. I trained on Microsoft, (MS-DOS days) as Novell started to falter and Microsoft continued with its visionary flare. Keep reading and all will be revealed!

Nine months is a long time within the IT world and for the past few weeks I have been researching Cloud Computing again. Hang on, now, let me finish. This time around, I have asked myself three questions:

  1. Can I create an IT strategy, infrastructure and business systems for a small business on Google Apps?
  2. Is Microsoft future proofed with Web Apps?
  3. Cloud based ERP. Fact or fiction? (I will post this separately soon)

This week, I will attempt to answer the first two questions and follow up with an answer to the third question soon. Now, don’t forget, there is no right or wrong answer to this question, just opinions (Pre-requisite: Visioning hat required). To make this a great debate, I welcome opinions from both camps (This is a test in social media monitoring as well; let’s see if Microsoft and Google are monitoring the web). It goes without saying that I value readers’ opinions, so feel free to have a say. So…

  1. Can I create an IT strategy, infrastructure and business systems for a small business on Google Apps (Announced 9/3/10)?

‘Seek and ye shall find.’ So, I did. The answer (in my opinion) is a resounding YES. Why, well, because, the cloud allows a business to do the following:

  • Fast ubiquitous accessibility 24/7, 365 days a year (Increasingly easily available Wifi and Internet connectivity).
  • Enables quicker, cost effective IT start-up for new businesses.
  • Faster product/application development.
  • Not machine dependant (Requires only a browser).
  • Accessible on entry level machines.
  • Cost savings through lower machine, maintenance and software costs.
  • Scalability can be provided very quickly.
  • Opex vs Capex costs.
  • Less environmental impact through virtualisation of hardware/software and other areas.

AND, Google Apps allows:

  • Entire Google Apps infrastructure built towards a vision of cloud computing.
  • Access to the Premier edition that contains a comprehensive suite of apps.
  • Access to a growing number of applications including ERP, Social media etc from the Apps store, many are free for 1-3 users .
  • A flat fee licensing system (£33 per user per annum) vs Microsoft licensing that even Microsoft don’t understand!
  • Collaborative features are enabled from the start allowing, for example, multiple users to edit documents simultaneously.

In effect, Google have created the perfect platform for a small business. It provides the infrastructure and a starter IT system. Once Google Apps are combined with the available ERP and social media solution, the IT system is raring to go.

Obviously, the larger an organisation and the larger the investment in Microsoft and/or other IT systems, the harder it will find to move into the cloud. As I said, in last year’s post, there are other considerations that need to be considered as well. Google, meanwhile continues to blow its trumpet for acquiring 2 million users and counts the USA city of Los Angeles move to Google as a major feather in its cap!

2. Is Microsoft future proofed with Web Apps?

The answer (in my opinion) is NO. Why, for a number of reasons.

According to CIO.com, ‘On the Microsoft Office side, price for the full suite range from $150 to $680 depending which of its many versions you are looking for. With Office 2010, Microsoft will be offering Office Web Apps, free but not fully-featured online versions of Word, Excel, PowerPoint and OneNote.

There will be three versions of Web Apps: One for consumers supported by ads; a hosted version for businesses that pay for hosted accounts on Microsoft Online Services, which is powered by SharePoint; and a corporate in-house version for enterprises with volume licenses for Microsoft Office and a SharePoint server.

Office 2010 will launch for businesses on May 12, but Office Web Apps are not scheduled to launch until mid-June.

Microsoft also has BPOS (business productivity online suite) – now superceded by Office365, in its arsenal, a part of Microsoft Online services that includes online versions of SharePoint, Exchange, Office Communications Server and Live Meeting for $10 per user per month for all four apps.

A version for OEMs will allow Office 2010 starter edition (Word and Excel 2010 only) to be shipped with the computer.’

REASON 1

Microsoft is a giant in the software world and one of the penalties it is paying for its enormous success is that:

  1. Its products are now so diverse that only IT experts can make any sense of them. Need convincing. Ask any non IT personnel to visit any Microsoft site and ask them to explain a particular Microsoft site’s products and what they can actually do for them.
  2. Sheer confusion. As a business owner, for my Microsoft IT system, where do I start? Do I need Office 2010? (What does it have that will improve my productivity?) What version do I use? (Client installation? Which one of the three Office Web Apps, do I need? What the hell is the BPOS (business productivity online suite) – now superceded by Office365?)
  3. Microsoft Licensing and its payment model – Again, this is an open challenge to Microsoft. How many Microsoft employees can explain Microsoft licensing without referring to a price model manual? The correct answer should be at least half its workforce. Why? You cannot sell what you don’t understand (Microsoft have actually done remarkably well then!). Ah, would an employee be able to explain it all in a pub, though?
  4. Microsoft’s entire business model is built on desktop/laptop client installation and as long as it has enough businesses that utilise that legacy because they have no other option, for the short term, it faces no financial problem. In the long term though, I believe businesses will start to abandon ship. Afterall, Google and others will start to offer simple (in licensing terms, products’, versions, etc), cost effective, non business owned infrastructure. Look at what happened to WordPerfect, Novell and many others.

Let’s continue with CIO.com, ‘Google itself concedes that any overnight success in the enterprise is unrealistic, yet remains fully committed to the enterprise, citing rapid growth in Google Apps’ short three-year life span.

“Google Apps have only been in the market since 2007 and we’ve gone from zero to two million business customers,” says Rajen Sheth, Google’s senior product manager for Google Apps. “There’s so much potential here and we’re in it for the long haul.”

Where Microsoft is trying to migrate its products into a cloud environment, Google is fundamentally a cloud company, says Sheth, and has gone to great pains to build extremely large data centers designed specifically for nimble Web-based applications.

“It will be tough to build up the cloud expertise that’s been built into Google’s DNA since day one,” Sheth says.’

REASON 2

That, as they say, is the fundamental problem. Google is fundamentally a cloud company as Sheth said.  Microsoft never was and never will be. It’s just not in its ‘DNA.’

FINAL THOUGHTS

So, Microsoft should be very worried. Microsoft should not get carried away with analyst reports that paint a rosy future but start to listen to customers, such as the city of LA. The paradigm is shifting and it’s shifting fast towards the cloud. After all, the other promise of the likes of Google is not just the simplicity of the entire model but the entire spectrum of cost savings!

It’s the dawn of a new era, where even financial wizardry by Gordon Brown could not save him. Globally, change is happening. The question to ask though within IT is, ‘Who will win this war, Google or Microsoft?’ Or, is there room for a coalition?

WANT TO READ MORE?

Search wars – Past, Present and future – Bing, Google or new entrant?

Will Office 2010 Shred Google Docs?

Microsoft Office vs. Google Apps: The Business Brawl

Google Apps vs. Office Web Apps: Can Microsoft compete in the cloud?

Microsoft Web Apps Will Force Google’s Hand

Free Microsoft Office – with Ads

Microsoft Office 2010: 3 Reasons to Switch

Microsoft vs. Google: Tech Giants’ Turf War Heats Up

Google and Salesforce: composite applications for better enterprise lift

Microsoft counterattacks Google for Apps sales pitch

Office 2010 goes into the cloud

Top 10 Google App Add-Ons for Business Users

Design Your Business Model With Google Docs!

Benchmarking IT

‘It is not the strongest of the species that survives, nor the most intelligent, but the one that is most responsive to change.’ Charles Darwin

Benchmarking is the process of comparing one’s business processes and performance metrics to industry bests and/or best practices from other industries. Benchmarking involves management identifying the best firms in their industry, or any other industry where similar processes exist, and comparing the results and processes of those studied (the “targets”) to one’s own results and processes to learn how well the targets perform and, more importantly, how they do it.

I have been reading, The Real business of IT – How CIOs create and communicate value and as I was reading chapter 3, Show value for money, I thought to myself that I had the title for my next post. The chapter discusses, well, value for money and the importance of benchmarks, especially for CIOs who have just joined or are thinking of joining/moving to pastures anew.

Benchmarking an organisation’s IT is important whether conducted internally or externally. As the cost is quite high for conducting benchmarking via the established players, such as Gartner, many smaller organisations may initially decide to do it internally. Benchmarking has evolved now to the extent that even universities have started to run benchmarking courses, such as Stanford university’s IT benchmarking certificate, aimed at, yep, CIOs!

As quoted by CIO.com; ‘in today’s business environment, says Bechtel CIO Geir Ramleth, IT needs to benchmark itself against a new set of peers: successful technology companies that built their IT systems in the Internet era. Doing so is a painful exercise for the ego. “Corporate IT is trying to break the sound barrier, and the Googles and Amazons are NOT supersonic. They’re hypersonic,” says Howard Rubin.’

My research has shown that Gartner has created a niche in IT benchmarking, as Gartner currently holds one of the largest global IT Trends and Benchmark Database. Dr Howard Rubin, created this global database and is a world authority on IT benchmarking and he offers the following thoughts and advice (Courtesy of Computer Aid Inc – CAI):

‘CAI: How do organizations interested in benchmarking best determine what they should be measuring and how they should be measuring?

Howard Rubin: I think the key thing for organizations is bi-directionality. That means your approach to benchmarking must come from both the top and from the bottom. From the top, you really have to understand your technology costs- the costs of your technology goods and services- almost as if you were a manufacturing company. You have to understand the cost structure of technology, what its impact is on your margin and what the impact of your technology investment is on growth, shrinkage and market share. And you have to integrate your understanding of the cost structure and performance structure of technology directly into the company’s financials.

You also have to figure out who you want to be looking at, in terms of comparisons. Is it direct peers or is it organizations that have a business performance structure that you aspire to meet? Another point I should make about the choice of measurements from the top is that there is this thing called the balance scorecard, in which people look at their finance measures, customer related measures, profit measures and organizational measures; but these are just static measures. That means that if a company’s strategic objective is to be the number one player within a given market, or to have the most comprehensive view of the customer, the balance scorecard isn’t going to cut it.

It is directional measures, as opposed to static measures, which will tell you where you are moving versus where you would like to be and what your corresponding rate of change is. And there are basically three kinds of directional measures: positional measures, directional measures, and velocity measures. In short, you need to be benchmarking where you are, where your targets are, how fast your organization is moving and how fast the world is changing. And all of this must be done within the context of strategy.

Approaching things from the bottom, you really have to understand a lot about technologies and about the technology organization itself. That means much more than just knowing how long it takes to develop an application, or the quality of your software, or the customer service component of your technology.

It means you need to look at technology as a commodity, at the unit costs. You need to be able to understand, almost like having a technology catalogue in front of you, what all of the technology components of your business consist of. What are your volumes? What are your unit costs? What are the costs to your competitors? What other alternatives are available out on the street in the open market?

And there are some other aspects, too. If you are a CFO, for instance, you really ought to understand where technology hits your P&L, where it impacts your salaries, your expense, and your depreciation. It is very important to understand how fixed or how variable your technology costs are.

Finally, there is a kind of ethereal dimension that sits on top of all of this, one which involves how well you are using technology to innovate and change your business, as compared to your competitors.

In the end, what companies really need is a full navigational system. Something that will give them the instrumentation to get them where they want to go, as well as the external calibration to see if someone is going to get there first, second, better, cheaper, or faster.

CAI: What are some of the major challenges that most organizations encounter when they first get started with measurements and benchmarking? What are some of the most common mistakes made? Do you have any caveats for organizations that are undertaking this for the first time?

Howard Rubin: When you first get started with benchmarking, and you haven’t done it before, you are basically going to be comparing data that you have internally with external data. Consequently, people will get their internal numbers and then they will get their external numbers and try to compare the two things right away. They will be looking for insights and conclusions and hypotheses. However, after the first round of benchmarking, you should really be making an effort not to look for insights and conclusions. You should be focused on rationalization. First time starters need to understand that rationalization is part of the benchmarking process. It is not a precursor to the process.

The other issue with first timers is the availability of data. It is very important to overcome the fact that you may not have a complete set of data available internally. This is always going to be an issue. Consequently, my recommendation is to look at your benchmark program as if it were a step function program: take a small core, build out, step up, sort of ratchet, take the key questions needed to answer the first, and have the benchmarking provider map your structure. You don’t need to do everything at once. You can build things up throughout the process.

A final caveat involves management by numbers. For example, you will find many large organizations that have gone through multiple mergers and that haven’t shed any of their redundant systems or redundant technologies. Certainly they can do better. But the path upwards is not going to be visible just by looking at the numbers. There may be a whole lot of other things that have to happen first. This is especially true if you are using benchmarking for internal target setting.

My brother is a really fine physician and he always advises his students not to look at the numbers but rather, to look at the patient. That’s an important caveat in benchmarking, too. The numbers will give you calibration. They will help you understand what side of the benchmark you may be on. But the goal is not to be better or worse than the benchmark. On either side of the benchmark, you can be learning how to improve your position.

CAI: You are known, among other things, for having collected and organized data into one of the world’s largest information technology databases. Could you give us more information about this repository? For example, what kinds of metrics get tracked? How broad is the technological and geographical representation?

Howard Rubin: The Worldwide IT Trend and Benchmark Database was really formalized in 1994. It was a project, as I mentioned before, which started out within the Canadian government. They were trying at the time to develop a global view of technology utilization in business.

In its current form, the Worldwide Benchmark Database maintains data on more than 10,000 large companies, each typically over 500 million dollars in revenue. It covers companies that are based across 100 countries, so it has a really massive geographic spread. There is also a large diversity of data, everything from basic business and IT spending data, to detailed data on technology platforms, programming languages, application development productivity, application quality, size and number of personnel, compensation, practices and processes, and process maturity. You will even find customer service related data.

The database is also updated continuously. We use internet based surveys for this as well as data collection mechanisms that originate from within our own consulting engagements. Consequently, we are able to keep the data fresh, on a daily basis, and we are able to update major trend levels on a quarterly basis. What that means is that if we see a major business or political change, we can sample thousands of companies within a 24 hour period to see if there is any movement. I don’t think anyone else in the world right now has the capability to determine, within 24 hours, the effect on business decision-making and technology that a world event may have.

You originally asked me about how benchmarking has changed over time. Traditionally, benchmarking has been used to compare current data to historical data. What we are seeing now with the worldwide benchmarking database, however, is the comparing of current data with current data. That’s an important development in my opinion because data is kind of like produce: it gets rotten after a very short period of time’.

An article in CIO.co.uk, said: ‘Two decades of research by Howard Rubin, president at Rubin Systems, reveals two key concepts that can enable CIOs to see whether their IT investments are really adding up. He found that measuring IT spend against two factors – operating expense and net revenue – is a more accurate gauge of IT effectiveness than the metric of measuring solely against net revenue.

In addition, Rubin discovered that enterprises spending slightly more than their peers tend to have better business results. But after a certain point, that extra spending does no good. Rubin calls the sweet spot of extra but not exorbitant spending “optimal IT intensity.” He calculates IT intensity by comparing the IT spend to both the operating expense and net revenue, and has developed IT intensity curves that help CIOs see if they are under-investing, investing an optimal amount or over-investing.’ Another good article, I recently read was Using Benchmarking Metrics to Uncover Best Practices and is worth reading if you want to embark on benchmarking your IT.

I would like to conclude with a quote from The Real business of IT – How CIOs create and communicate value – Randy Spratt, CIO, McKesson: ‘We opened up our finances and made them transparent. In mid 2006, we delivered a one line allocation to the business. Now we deliver a complete invoice. Between transparency, benchmarking, and competitive bid efforts, we have strengthened the view that our finances are under control, we’re driving to continual improvement on a per unit cost basis, and we hold ourselves accountable for delivering to service levels. “We don’t hear, ‘Why does IT cost so much?’ now. Do we still have expense level conversations? Yes, but they’re more about how we can jointly reduce costs.”

Further resources:

NCC IT Department Accreditation

NCC Benchmark Surveys

Benchmarking IT services

CIO Infrastructure Benchmark Assessment Tool

FREE IT Infrastructure Benchmark

Get a free instant benchmark of your SAP system

IT Benchmark Blog

Metricsboard.com Blog

IT security demystified

Updated 10.12.11

IT as a profession when compared to other professions is relatively new. As such even 10-15 years ago, many ‘control measures’ used within the profession currently either did not exist or were not used by many organisations. I will use the word ‘control measures’ to describe all the standards, laws, frameworks and best practice guidelines as a collective for the purpose of this blog post. As the profession has matured, a plethora of ‘control measures’ have continued to emerge and organisations have adopted these ‘control measures’ as their IT has matured. The purpose of today’s blog post is to clarify these ‘control measures’ to aid further adoption where required. All these ‘control measures’ arrive with a caveat however. Organisations need to find an acceptable level of ‘control measures’ that ensure that the organisation is adept at dealing with security threats and any prevailing laws that affect it, locally or globally. If organisations are not careful, they could spend unnecessary amounts of time implementing different but complementary ‘control measures.’ The best is to find happy mediums that will allow the organisation to meet its business objectives without spending too much time on ‘control measures.’

This is a topic for another day but I have seen many organisations’ spend enormous amounts of time on preparing the ‘perfect’ business case consisting of 100’s of pages and not enough time on planning to ‘fit business requirements’ or actually actioning the project (too much planning, not enough action). The same is true for ‘control measures’, even with ‘control measures’ such as Sarbanes Oxley and Basel II, the banks still managed to crash the world economy (averted only by global governments leading ‘control measures’). Let’s also not forget that no system is completely 100% secure either! I will cover as much as I can today and hope that if I miss anything, my readers can engage as usual and assist in not only filling in the blanks but making it a truly interactive discussion.

According to the Symantec 2010 state of enterprise security study (Click here for 2011 study)  You Tube 2010 (Click here for You Tube 2011), 75 % of organisations are losing on average $2 million annually ($2.8 million for the largest ones).The study found that 42 percent of organisations rate security their top issue. This isn’t a surprise, considering that 75 percent of organisations experienced cyber attacks in the past 12 months. These attacks cost enterprise businesses an average of $2 million per year. Organisations reported that enterprise security is becoming more difficult due to understaffing, new IT initiatives that intensify security issues and IT compliance issues. The study is based on surveys of 2,100 enterprise CIOs, CISOs and IT managers from 27 countries in January 2010.’ Symantec’s study found that organisations are exploring approximately 19 different standards or frameworks and are using 8 of them. I am predominantly covering these 8 and a few others.

Firstly, let me quickly define the four ‘control measures’ that I will be using (Courtesy of Dictionary.com):

1. Standards:

Something considered by an authority or by general consent as a basis of comparison; an approved model.

2. Frameworks or Best practice guidelines:

I. Frameworks – A set of assumptions, concepts, values, and practices that constitute a way of viewing reality.

II. Best Practice – A technique or methodology that, through experience and research, has reliably led to a desired or optimum      result. For example, a manual documenting best practices in the industry.

My research shows that these two terms are used inter changeably, so to avoid further confusion, I will be bundling them together.

3. Law:

Any written or positive rule or collection of rules prescribed under the authority of the state or nation, as by the people in its constitution. For example, statute law.

There is a good article in this week’s Computing regarding IT security that mentions a book by Alan Calder ‘IT Governance: a manager’s guide to information security and BS7799/ISO17799.’ The book is on my ‘to read’ list now and is the selected text for Open University’s Information Security Management Course, according to the reviews.

1. Standards:

I. ISO 27001 consists of two parts. ISO/IEC 27001:2005 (formerly BS 7799-2:2002) that specifies Information Security Management  and ISO/IEC 27002:2005 (previously named ISO/IEC 17799:2005) that specifies the code of practice for Information Security Management. An important aspect to remember regarding this standard is that it replaces and incorporates the old BS 7799 standard. In my opinion, this standard should be adopted by most organisations, especially global players.

II. ISO/IEC 20000 defines the requirements for a service provider to deliver managed services. ITIL provides good practice guidelines, advice and options that can be selectively adopted and adapted. ISO/IEC 20000 is a standard in two parts. Part 1, ISO/IEC 20000-1 is the distillation of the “must do” practices of service management. Part 2, ISO/IEC 20000-2 is a code of practice giving advice. Achieving ISO/IEC 20000 is undertaken when organisations want to test and prove they have adopted ITIL advice.

III. Basel II is the second of the Basel Accords that are recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision (BIS). The purpose of Basel II, is to create an international standard that banking regulators can use when creating regulations about how much capital banks need to put aside to guard against the types of financial and operational risks banks face. Basel II holds financial institutions accountable for the economic consequences of high operational risk (e.g., the neglect of data security) and helps reap the economic rewards of lowering operational risk (e.g., the deployment of data security measures). Within its three “pillars” of thought—(1) Minimum Capital Requirements; (2) Supervisory Review; and (3) Market Discipline—Basel II addresses several key security requirements.

IV. PCI DSS – The Payment Card Industry Data Security Standard . The Payment Card Industry (PCI) data security framework was created by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International. Prior to 2004, each of the associations had a proprietary set of information security requirements which were often burdensome and repetitive for participants in multiple brand networks. The associations subsequently created a uniform set of information security requirements for all national card brands. These requirements became known as the PCI Data Security Standard (PCI DSS), governing all the payment channels: Retail, mail orders, telephone orders and e-commerce. The PCI DSS framework is divided into 12 security requirements.

V. The Standard of Good Practice for Information Security is compiled by the Information security forum with 300 member organisations globally. According to its website:

‘Included in the Standard are topics that are extremely important to many organisations including:

  • Controls aimed at complying with legal and regulatory requirements, such as Sarbanes-Oxley Act 2002, the Payment Card Industry (PCI) Data Security Standard, Basel II 1998, and the EU Directive on Data Protection.
  • Coverage of all the main security controls in other major information security-related standards, such as ISO/IEC 27002 (17799) and COBIT.
  • ‘hot topics’ in information security, such as Threat Horizon, Digital Rights Management, Eurosox and Virtualisation (e.g. reflecting the output from ISF Briefings and ‘Future Watch’ projects).’

2. Frameworks or Best practice guidelines

I. ITIL (UK) – The Information Technology Infrastructure Library (ITIL) is a set of concepts and practices for managing Information Technology (IT) services (ITSM) that includes security management. It describes the organisation of IT resources to deliver business value, documents processes, functions and roles in IT Service Management (ITSM). ITIL introduced the concept of service desks intended to provide a Single Point of Contact and a common database to meet the communication needs between the users and IT providers. The original version of ITIL was developed at the same time as, and in alignment with BS 15000, the former UK standard for IT Service Management. BS15000 was fast-tracked in 2005 to become ISO/IEC 20000, the first international standard in ITSM.

II. COBIT (USA) – The Control Objectives for Information and related Technology is a set of best practices (framework) for information technology (IT) management and is complementary to ITIL. It is an open standard published by the IT Governance Institute and the Information Systems Audit and Control Association. To read how ITIL, COBIT and ISO 17799 can be aligned, Click here. ISACA have recently made available mapping ITIL V3 to CoBit 4.1, click here for more details.

III. CIS – (The centre for Internet security) provides benchmarks for best practice standards for security configurations. When the Payment Card Industry Data Security Standard (PCI DSS) published its requirements it cited CIS Benchmarks.

3. Law (for more information, please refer to my previous blog post International and UK Law and how it relates to IT and Computers):

I. HIPAA (USA)The Health Insurance Portability and Accountability Act (HIPAA) of 1996 (enacted by US congress in 1996).  It protects health insurance coverage for workers and their families when they change or lose their jobs. The Security Rule is a key part of HIPAA. The primary objective of the Security Rule is to protect the confidentiality, integrity, and availability of EPHI when it is stored, maintained, or transmitted.

II. Sarbanes Oxley (USA)The bill was enacted as a result of major corporate accounting scandals including Enron and WorldCom. According to Mark Rasch, ‘IT security is important under SOX only to the extent that it enhances the reliability and integrity of that reporting. Because of SOX’s reliance on controls, the Committee of Sponsoring Organizations of the Treadway Commission (headed by former SEC member James Treadway) developed a series of controls for financial processes which are now known as the COSO guidelines. COSO was originally formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting. For IT auditors, the relevant guidelines are COBIT (Control Objectives for Information and Related Technologies) which is an open standard published by the IT Governance Institute and the Information Systems Audit and Control Association. (In the UK, there is the IT Infrastructure Library, published by the Office of Government Commerce in Great Britain which compliments COBIT.) These are a series of IT controls which should be in place in order to make such a SOX certification with respect to IT.’

III. Data Protection Act (UK) 1998 – Defines UK law on the processing of data on identifiable living people (extended the scope of data protection beyond automatically processed data). It was enacted to bring UK law into line with the European Directive of 1995 that required Member States to protect people’s fundamental rights and freedom, in particular their right to privacy with respect to the processing of personal data. In practice it provides a way for individuals to control information about themselves. In terms of IT security the data needs to be Secured against accidental loss, destruction or damage and against unauthorised or unlawful processing – this applies even if the business uses a third party to process personal information.

In summary, Symantec’s study found that organisations are exploring approximately 19 different standards or frameworks and are using 8 of them. This is without taking into account specific areas and industries. Any organisation’s IT security strategy should take into account these three areas of standards, Frameworks or Best practice guidelines and law and ensure that it selects appropriately from within these three areas. On going developments such as the recent health care reform bill (USA) will continue to have their own implications on IT security.

Organisations “Don’t get” social media

Social Media: Changing Business

Image by Intersection Consulting via Flickr

POST UPDATED 09.12.11

In general most organisations still don’t understand or don’t want to understand the impact, benefits and competitive advantage that social media can, in many cases, still provide. The problem lies in the half hearted way many organisations introduce social media within the organisation. Brian Glick, in his ComputerWeekly column said that (In summary) organisations in general still thought that employees, if given the option, would spend their time on social media sites instead of working are missing the important point. Organisations could reap significant benefits and it was in the interests of organisations to improve collaboration and communication with ‘customers, suppliers and partners.’ One of the reasons for not adopting social media is that social media is at the stage where email and the Internet were 15-20 years ago. I remember that at the time many organisations used to view email/Internet access in the same way. Now, email and Internet access forms the fabric of most organisations. For those organisations that just ‘don’t get’ social media, I will provide a simple three step process to ‘get you there.’

Step One – The social media policy

This does not have to be a completely new policy; this can be an addendum to the existing computer usage or Acceptable Use Policy (AUP) of an organisation. This should include acceptable/unacceptable behaviour for employees on social media such as blogging, social media sites such as LinkedIn, Facebook and Twitter etc. The secret is to embrace social media, get your employees involved and make them your ambassadors in the new world of social media. Tony Redshaw, Aviva CIO captures the essence well, “If you want people to use it, you have to tolerate them using it and not always in the way you expect.” To get you started, here are a few links:

Step two – Internal and external Social Media adoption

Harnessing the power of social media will provide you with two key benefits:

  1. Collaboration and knowledge sharing becomes easier. Organisations of all sizes have struggled for years to capture the expertise of their knowledge experts without much success. Internal Social media platforms make that process simple and employees are encouraged to create ‘expert’ content. Expertise becomes easier to access, as Aviva’s example (QUICK STATS – £350 Billion assets, £50 billion sales, 54000 staff, and currently 120 wikis with potential for 600 more) demonstrates. For example, in Aviva’s case, Tony Redshaw, Aviva CIO said, “One of our people in the Melbourne office was having a complex issue. Someone in our York (England) office saw their online post. Within 24 hours they had related their experience and suggested a way of fixing it, and…problem solved. There was no way before for the two to hook up and for that information exchange to happen.”
  2. The younger generation leaving schools and universities is social media literate. They already have social media profiles on Facebook, MySpace and Bebo etc. Organisations are finding it hard to recruit and retain youngsters where social media equivalents are not available internally and where social media access generally is restrained. The primary reason is that these younger people utilise these technologies to communicate and interact with the world at large. Embracing the younger generation through social media adoption can bring benefits that may not have been anticipated. They will utilise these platforms in innovative ways, providing competitive advantage and adding to the bottom line.

Step three – Setup and monitoring Social Media

Organisations’ spend tremendous amounts of their finances on marketing and advertising but tend to spend no money on correct setup, creating the correct social media culture and actually monitoring social media. For the past month, I have been researching an organisation that thinks that it ‘gets’ social media. The way they have decided to setup their social media, I am sure, in their opinion is correct. Let me just explain how they have setup their social media. They have a blog but only their wholesalers can access it and oh, by the way, they would have to register to read the blog articles. They have setup a social media account with one of the main social media platforms. End customers are not allowed to become members of that group, as it is aimed at the wholesalers only. Customers have been wandering the web looking for information about their products but cannot easily access information about their products or have anywhere or anyone to go to for further information; even product enhancements have been discussed by customers. An independent site talks about the chemical products in their products as naturally occurring and their website fails to display that information. Ok, so why am I telling you all this and why is it important?

Let me explain. Social media is not a tool where the success can be measured in a given time frame/short term. Relationships are developed and nurtured utilising various social media platforms over both short/long term. It is a tool that allows us to interact with each other and our customers. The need is to, ‘engage and interact.’ This particular organisation has not done that. In actual fact, it has unconsciously created all sorts of barriers stopping its very customers reaching and interacting with it. I couldn’t find any evidence of anyone utilising social media to have any conversations anywhere with its customers. Social media is not being monitored and so this organisation has no way of knowing if anyone is posting any comments (positive or negative) anywhere on social media.

For example, I did come across some negative comments that could have been countered by simply informing the customer on where to find the information. Another example covered in my blog post a few weeks ago showed that if , Toyota had monitored social media, it would have become aware much earlier that its customers were unhappy and that it could impact Toyota’s reputation. Here are a few links to get you started:

More SM Tools:

Hootsuite , Tweetdeck , Yoono , Wefollow , Listorious , Twellow , Twellowhood , Klout , Visibli , Quora, Instagr.am , Pitchengine , Addictomatic , Tubemogul , Untweeps, Twitalyzer , Topsy , Ping.fm , Friendfeed , Google Alerts , Postrank , Storify , Backtype , Big-boards/ , Getclicky , Twitterfeed , Twitter Search , Onlywire , Hashtracking , Socialmention , Seesmic.com/ , Flock , Pingdom.com/ , Hubspot , Diaspora , Monitter.com/

Top Commercial Tools for large organisations (Cost more, probably not affordable by small business or for personal use):

Top 20 Social Media monitoring vendors for business

Radian 6 , Lithium , Attensity 360 , Alterian , Spiral 16 , Buzz Logic, Cymfony , Cision , Trackur

In summary:

  • Ensure that you have appropriate policies/guidelines to help employees navigate social media.
  • Adopt social media in a way that benefits your organisation and interact with a wide audience.
  • Monitor social media and use it to interact with your customers, suppliers and partners.
  • The objective internally is to create an environment of collaboration that allows the open exchange of ideas.
  • The objective externally is to create a ‘buzz’ and awareness about your product and organisation, in addition to PR.