Posted: January 24th, 2023


 read chapter 17 in the course text.  After reading chapter 17, In your own words, discuss some of the benefits of Application Portfolio Management (APM). 

IT STraTegy:
ISSueS and PracTIceS

Don't use plagiarized sources. Get Your Custom Essay on
Just from $13/Page
Order Essay

This page intentionally left blank

IT STraTegy:
ISSueS and PracTIceS
T h i r d E d i t i o n
James D. McKeen
Queen’s University
Heather A. Smith
Queen’s University
Boston Columbus Indianapolis New York San Francisco Upper Saddle River
Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montréal Toronto
Delhi Mexico City São Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo

Editor in Chief: Stephanie Wall
Acquisitions Editor: Nicole Sam
Program Manager Team Lead: Ashley Santora
Program Manager: Denise Vaughn
Editorial Assistant: Kaylee Rotella
Executive Marketing Manager: Anne K. Fahlgren
Project Manager Team Lead: Judy Leale
Project Manager: Thomas Benfatti
Procurement Specialist: Diane Peirano
Cover Designer: Lumina Datamantics
Full Service Project Management: Abinaya Rajendran at Integra Software Services, Pvt. Ltd.
Cover Printer: Courier/Westford
Composition: Integra Software Services, Pvt. Ltd.
Printer/Binder: Courier/Westford
Text Font: 10/12 Palatino LT Std
Credits and acknowledgments borrowed from other sources and reproduced, with permission, in this
textbook appear on appropriate page within text.
Copyright © 2015, 2012 and 2009 by Pearson Education, Inc., Upper Saddle River, New Jersey, 07458. Pearson
Prentice Hall. All rights reserved. Printed in the United States of America. This publication is protected by
Copyright and permission should be obtained from the publisher prior to any prohibited reproduction, storage
in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying,
recording, or likewise. For information regarding permission(s), write to: Rights and Permissions Department.
Library of Congress Cataloging-in-Publication Data
McKeen, James D.
IT strategy: issues and practices/James D. McKeen, Queen’s University, Heather A. Smith,
Queen’s University.—Third edition.
pages cm
ISBN 978-0-13-354424-4 (alk. paper)
ISBN 0-13-354424-9 (alk. paper)
1. Information technology—Management. I. Smith, Heather A. II. Title.
HD30.2.M3987 2015
ISBN–10: 0-13-354424-9
ISBN–13: 978-0-13-354424-4
10 9 8 7 6 5 4 3 2 1

Preface xiii
About the Authors xxi
Acknowledgments xxii
Section I Delivering Value with IT 1
Chapter 1 DeVelopIng anD DelIVerIng on The IT Value
propoSITIon 2
Peeling the Onion: Understanding IT Value 3
What Is IT Value? 3
Where Is IT Value? 4
Who Delivers IT Value? 5
When Is IT Value Realized? 5
The Three Components of the IT Value Proposition 6
Identification of Potential Value 7
Effective Conversion 8
Realizing Value 9
Five Principles for Delivering Value 10
Principle 1. Have a Clearly Defined Portfolio Value Management
Process 11
Principle 2. Aim for Chunks of Value 11
Principle 3. Adopt a Holistic Orientation to Technology Value 11
Principle 4. Aim for Joint Ownership of Technology Initiatives 12
Principle 5. Experiment More Often 12
Conclusion 12  •  References 13
Chapter 2 DeVelopIng IT STraTegy for BuSIneSS Value 15
Business and IT Strategies: Past, Present, and Future 16
Four Critical Success Factors 18
The Many Dimensions of IT Strategy 20
Toward an IT Strategy-Development Process 22
Challenges for CIOs 23
Conclusion 25  •  References 25
Chapter 3 lInkIng IT To BuSIneSS MeTrICS 27
Business Measurement: An Overview 28
Key Business Metrics for IT 30

vi Contents
Designing Business Metrics for IT 31
Advice to Managers 35
Conclusion 36  •  References 36
Chapter 4 BuIlDIng a STrong relaTIonShIp
wITh The BuSIneSS 38
The Nature of the Business–IT Relationship 39
The Foundation of a Strong Business–IT
Relationship 41
Building Block #1: Competence 42
Building Block #2: Credibility 43
Building Block #3: Interpersonal Interaction 44
Building Block #4: Trust 46
Conclusion 48  •  References 48
Appendix A The Five IT Value Profiles 50
Appendix B Guidelines for Building a Strong Business–IT
Relationship 51
Chapter 5 CoMMunICaTIng wITh BuSIneSS ManagerS 52
Communication in the Business–IT Relationship 53
What Is “Good” Communication? 54
Obstacles to Effective Communication 56
“T-Level” Communication Skills for IT Staff 58
Improving Business–IT Communication 60
Conclusion 61  •  References 61
Appendix A IT Communication Competencies 63
Chapter 6 BuIlDIng BeTTer IT leaDerS froM
The BoTToM up 64
The Changing Role of the IT Leader 65
What Makes a Good IT Leader? 67
How to Build Better IT Leaders 70
Investing in Leadership Development: Articulating the Value
Proposition 73
Conclusion 74  •  References 75
Delivering Business Value with IT at Hefty Hardware 76
Investing in TUFS 80
IT Planning at ModMeters 82

Contents vii
Section II IT governance 87
Chapter 7 CreaTIng IT ShareD SerVICeS 88
IT Shared Services: An Overview 89
IT Shared Services: Pros and Cons 92
IT Shared Services: Key Organizational Success Factors 93
Identifying Candidate Services 94
An Integrated Model of IT Shared Services 95
Recommmendations for Creating Effective IT
Shared Services 96
Conclusion 99  •  References 99
Chapter 8 a ManageMenT fraMework for
IT SourCIng 100
A Maturity Model for IT Functions 101
IT Sourcing Options: Theory Versus Practice 105
The “Real” Decision Criteria 109
Decision Criterion #1: Flexibility 109
Decision Criterion #2: Control 109
Decision Criterion #3: Knowledge Enhancement 110
Decision Criterion #4: Business Exigency 110
A Decision Framework for Sourcing IT Functions 111
Identify Your Core IT Functions 111
Create a “Function Sourcing” Profile 111
Evolve Full-Time IT Personnel 113
Encourage Exploration of the Whole Range
of Sourcing Options 114
Combine Sourcing Options Strategically 114
A Management Framework for Successful
Sourcing 115
Develop a Sourcing Strategy 115
Develop a Risk Mitigation Strategy 115
Develop a Governance Strategy 116
Understand the Cost Structures 116
Conclusion 117  •  References 117
Chapter 9 The IT BuDgeTIng proCeSS 118
Key Concepts in IT Budgeting 119
The Importance of Budgets 121
The IT Planning and Budget Process 123

viii Contents
Corporate Processes 123
IT Processes 125
Assess Actual IT Spending 126
IT Budgeting Practices That Deliver Value 127
Conclusion 128  •  References 129
Chapter 10 ManagIng IT- BaSeD rISk 130
A Holistic View of IT-Based Risk 131
Holistic Risk Management: A Portrait 134
Developing a Risk Management Framework 135
Improving Risk Management Capabilities 138
Conclusion 139  •  References 140
Appendix A A Selection of Risk Classification
Schemes 141
Chapter 11 InforMaTIon ManageMenT: The nexuS
of BuSIneSS anD IT 142
Information Management: How Does IT Fit? 143
A Framework For IM 145
Stage One: Develop an IM Policy 145
Stage Two: Articulate the Operational
Components 145
Stage Three: Establish Information Stewardship 146
Stage Four: Build Information Standards 147
Issues In IM 148
Culture and Behavior 148
Information Risk Management 149
Information Value 150
Privacy 150
Knowledge Management 151
The Knowing–Doing Gap 151
Getting Started in IM 151
Conclusion 153  •  References 154
Appendix A Elements of IM Operations 155
Building Shared Services at RR Communications 156
Enterprise Architecture at Nationstate Insurance 160
IT Investment at North American Financial 165

Contents ix
Section III IT-enabled Innovation 169
Chapter 12 InnoVaTIon wITh IT 170
The Need for Innovation: An Historical
Perspective 171
The Need for Innovation Now 171
Understanding Innovation 172
The Value of Innovation 174
Innovation Essentials: Motivation, Support,
and Direction 175
Challenges for IT leaders 177
Facilitating Innovation 179
Conclusion 180  •  References 181
Chapter 13 BIg DaTa anD SoCIal CoMpuTIng 182
The Social Media/Big Data Opportunity 183
Delivering Business Value with Big Data 185
Innovating with Big Data 189
Pulling in Two Different Directions: The Challenge
for IT Managers 190
First Steps for IT Leaders 192
Conclusion 193  •  References 194
Chapter 14 IMproVIng The CuSToMer experIenCe:
an IT perSpeCTIVe 195
Customer Experience and Business value 196
Many Dimensions of Customer Experience 197
The Role of Technology in Customer Experience 199
Customer Experience Essentials for IT 200
First Steps to Improving Customer Experience 203
Conclusion 204  •  References 204
Chapter 15 BuIlDIng BuSIneSS InTellIgenCe 206
Understanding Business Intelligence 207
The Need for Business Intelligence 208
The Challenge of Business Intelligence 209
The Role of IT in Business Intelligence 211
Improving Business Intelligence 213
Conclusion 216  •  References 216

x Contents
Chapter 16 enaBlIng CollaBoraTIon wITh IT 218
Why Collaborate? 219
Characteristics of Collaboration 222
Components of Successful Collaboration 225
The Role of IT in Collaboration 227
First Steps for Facilitating Effective Collaboration 229
Conclusion 231  •  References 232
Innovation at International Foods 234
Consumerization of Technology at IFG 239
CRM at Minitrex 243
Customer Service at Datatronics 246
Section IV IT portfolio Development and Management 251
Chapter 17 applICaTIon porTfolIo ManageMenT 252
The Applications Quagmire 253
The Benefits of a Portfolio Perspective 254
Making APM Happen 256
Capability 1: Strategy and Governance 258
Capability 2: Inventory Management 262
Capability 3: Reporting and Rationalization 263
Key Lessons Learned 264
Conclusion 265  •  References 265
Appendix A Application Information 266
Chapter 18 ManagIng IT DeManD 270
Understanding IT Demand 271
The Economics of Demand Management 273
Three Tools for Demand management 273
Key Organizational Enablers for Effective Demand
Management 274
Strategic Initiative Management 275
Application Portfolio Management 276
Enterprise Architecture 276
Business–IT Partnership 277
Governance and Transparency 279
Conclusion 281  •  References 281

Contents xi
Chapter 19 CreaTIng anD eVolVIng a TeChnology
roaDMap 283
What is a Technology Roadmap? 284
The Benefits of a Technology Roadmap 285
External Benefits (Effectiveness) 285
Internal Benefits (Efficiency) 286
Elements of the Technology Roadmap 286
Activity #1: Guiding Principles 287
Activity #2: Assess Current Technology 288
Activity #3: Analyze Gaps 289
Activity #4: Evaluate Technology
Landscape 290
Activity #5: Describe Future Technology 291
Activity #6: Outline Migration Strategy 292
Activity #7: Establish Governance 292
Practical Steps for Developing a Technology
Roadmap 294
Conclusion 295  •  References 295
Appendix A Principles to Guide a Migration
Strategy 296
Chapter 20 enhanCIng DeVelopMenT
proDuCTIVITy 297
The Problem with System Development 298
Trends in System Development 299
Obstacles to Improving System Development
Productivity 302
Improving System Development Productivity: What we
know that Works 304
Next Steps to Improving System Development
Productivity 306
Conclusion 308  •  References 308
Chapter 21 InforMaTIon DelIVery: IT’S eVolVIng role 310
Information and IT: Why Now? 311
Delivering Value Through Information 312
Effective Information Delivery 316
New Information Skills 316
New Information Roles 317
New Information Practices 317

xii Contents
New Information Strategies 318
The Future of Information Delivery 319
Conclusion 321  •  References 322
Project Management at MM 324
Working Smarter at Continental Furniture International 328
Managing Technology at Genex Fuels 333
Index 336

Today, with information technology (IT) driving constant business transformation,
overwhelming organizations with information, enabling 24/7 global operations, and
undermining traditional business models, the challenge for business leaders is not
simply to manage IT, it is to use IT to deliver business value. Whereas until fairly recently,
decisions about IT could be safely delegated to technology specialists after a business
strategy had been developed, IT is now so closely integrated with business that, as one
CIO explained to us, “We can no longer deliver business solutions in our company
without using technology so IT and business strategy must constantly interact with
each other.”
What’s New in This Third Edition?
• Six new chapters focusing on current critical issues in IT management, including
IT shared services; big data and social computing; business intelligence; manag-
ing IT demand; improving the customer experience; and enhancing development
• Two significantly revised chapters: on delivering IT functions through different
resourcing options; and innovating with IT.
• Two new mini cases based on real companies and real IT management situations:
Working Smarter at Continental Furniture and Enterprise Architecture at Nationstate
• A revised structure based on reader feedback with six chapters and two mini cases
from the second edition being moved to the Web site.
All too often, in our efforts to prepare future executives to deal effectively with
the issues of IT strategy and management, we lead them into a foreign country where
they encounter a different language, different culture, and different customs. Acronyms
(e.g., SOA, FTP/IP, SDLC, ITIL, ERP), buzzwords (e.g., asymmetric encryption, proxy
servers, agile, enterprise service bus), and the widely adopted practice of abstraction
(e.g., Is a software monitor a person, place, or thing?) present formidable “barriers to
entry” to the technologically uninitiated, but more important, they obscure the impor-
tance of teaching students how to make business decisions about a key organizational
resource. By taking a critical issues perspective, IT Strategy: Issues and Practices treats IT
as a tool to be leveraged to save and/or make money or transform an organization—not
as a study by itself.
As in the first two editions of this book, this third edition combines the experi-
ences and insights of many senior IT managers from leading-edge organizations with
thorough academic research to bring important issues in IT management to life and
demonstrate how IT strategy is put into action in contemporary businesses. This new
edition has been designed around an enhanced set of critical real-world issues in IT
management today, such as innovating with IT, working with big data and social media,

xiv Preface
enhancing customer experience, and designing for business intelligence and introduces
students to the challenges of making IT decisions that will have significant impacts on
how businesses function and deliver value to stakeholders.
IT Strategy: Issues and Practices focuses on how IT is changing and will continue to
change organizations as we now know them. However, rather than learning concepts
“free of context,” students are introduced to the complex decisions facing real organi-
zations by means of a number of mini cases. These provide an opportunity to apply
the models/theories/frameworks presented and help students integrate and assimilate
this material. By the end of the book, students will have the confidence and ability to
tackle the tough issues regarding IT management and strategy and a clear understand-
ing of their importance in delivering business value.
Key Features of This Book
• A focus on IT management issues as opposed to technology issues
• Critical IT issues explored within their organizational contexts
• Readily applicable models and frameworks for implementing IT strategies
• Mini cases to animate issues and focus classroom discussions on real-world deci-
sions, enabling problem-based learning
• Proven strategies and best practices from leading-edge organizations
• Useful and practical advice and guidelines for delivering value with IT
• Extensive teaching notes for all mini cases
A Different ApproAch to teAching it StrAtegy
The real world of IT is one of issues—critical issues—such as the following:
• How do we know if we are getting value from our IT investment?
• How can we innovate with IT?
• What specific IT functions should we seek from external providers?
• How do we build an IT leadership team that is a trusted partner with the business?
• How do we enhance IT capabilities?
• What is IT’s role in creating an intelligent business?
• How can we best take advantage of new technologies, such as big data and social
media, in our business?
• How can we manage IT risk?
However, the majority of management information systems (MIS) textbooks are orga-
nized by system category (e.g., supply chain, customer relationship management, enterprise
resource planning), by system component (e.g., hardware, software, networks), by system
function (e.g., marketing, financial, human resources), by system type (e.g.,  transactional,
decisional, strategic), or by a combination of these. Unfortunately, such an organization
does not promote an understanding of IT management in practice.
IT Strategy: Issues and Practices tackles the real-world challenges of IT manage-
ment. First, it explores a set of the most important issues facing IT managers today, and
second, it provides a series of mini cases that present these critical IT issues within the
context of real organizations. By focusing the text as well as the mini cases on today’s
critical issues, the book naturally reinforces problem-based learning.

Preface xv
IT Strategy: Issues and Practices includes thirteen mini cases—each based on a real
company presented anonymously.1 Mini cases are not simply abbreviated versions of
standard, full-length business cases. They differ in two significant ways:
1. A horizontal perspective. Unlike standard cases that develop a single issue within
an organizational setting (i.e., a “vertical” slice of organizational life), mini cases
take a “horizontal” slice through a number of coexistent issues. Rather than looking
for a solution to a specific problem, as in a standard case, students analyzing a mini
case must first identify and prioritize the issues embedded within the case. This mim-
ics real life in organizations where the challenge lies in “knowing where to start” as
opposed to “solving a predefined problem.”
2. Highly relevant information. Mini cases are densely written. Unlike standard
cases, which intermix irrelevant information, in a mini case, each sentence exists for
a reason and reflects relevant information. As a result, students must analyze each
case very carefully so as not to miss critical aspects of the situation.
Teaching with mini cases is, thus, very different than teaching with standard cases.
With mini cases, students must determine what is really going on within the organiza-
tion. What first appears as a straightforward “technology” problem may in fact be a
political problem or one of five other “technology” problems. Detective work is, there-
fore, required. The problem identification and prioritization skills needed are essential
skills for future managers to learn for the simple reason that it is not possible for organi-
zations to tackle all of their problems concurrently. Mini cases help teach these skills to
students and can balance the problem-solving skills learned in other classes. Best of all,
detective work is fun and promotes lively classroom discussion.
To assist instructors, extensive teaching notes are available for all mini cases. Developed
by the authors and based on “tried and true” in-class experience, these notes include case
summaries, identify the key issues within each case, present ancillary information about the
company/industry represented in the case, and offer guidelines for organizing the class-
room discussion. Because of the structure of these mini cases and their embedded issues, it
is common for teaching notes to exceed the length of the actual mini case!
This book is most appropriate for MIS courses where the goal is to understand how
IT delivers organizational value. These courses are frequently labeled “IT Strategy” or
“IT Management” and are offered within undergraduate as well as MBA programs. For
undergraduate juniors and seniors in business and commerce programs, this is usually
the “capstone” MIS course. For MBA students, this course may be the compulsory core
course in MIS, or it may be an elective course.
Each chapter and mini case in this book has been thoroughly tested in a variety
of undergraduate, graduate, and executive programs at Queen’s School of Business.2
1 We are unable to identify these leading-edge companies by agreements established as part of our overall
research program (described later).
2 Queen’s School of Business is one of the world’s premier business schools, with a faculty team renowned
for its business experience and academic credentials. The School has earned international recognition for
its innovative approaches to team-based and experiential learning. In addition to its highly acclaimed MBA
programs, Queen’s School of Business is also home to Canada’s most prestigious undergraduate business
program and several outstanding graduate programs. As well, the School is one of the world’s largest and
most respected providers of executive education.

xvi Preface
These materials have proven highly successful within all programs because we adapt
how the material is presented according to the level of the students. Whereas under-
graduate students “learn” about critical business issues from the book and mini cases
for the first time, graduate students are able to “relate” to these same critical issues
based on their previous business experience. As a result, graduate students are able to
introduce personal experiences into the discussion of these critical IT issues.
orgAnizAtion of thiS Book
One of the advantages of an issues-focused structure is that chapters can be approached
in any order because they do not build on one another. Chapter order is immaterial; that
is, one does not need to read the first three chapters to understand the fourth. This pro-
vides an instructor with maximum flexibility to organize a course as he or she sees fit.
Thus, within different courses/programs, the order of topics can be changed to focus on
different IT concepts.
Furthermore, because each mini case includes multiple issues, they, too, can be
used to serve different purposes. For example, the mini case “Building Shared Services
at RR Communications” can be used to focus on issues of governance, organizational
structure, and/or change management just as easily as shared services. The result is a
rich set of instructional materials that lends itself well to a variety of pedagogical appli-
cations, particularly problem-based learning, and that clearly illustrates the reality of IT
strategy in action.
The book is organized into four sections, each emphasizing a key component of
developing and delivering effective IT strategy:
• Section I: Delivering Value with IT is designed to examine the complex ways that
IT and business value are related. Over the past twenty years, researchers and prac-
titioners have come to understand that “business value” can mean many different
things when applied to IT. Chapter 1 (Developing and Delivering on the IT Value
Proposition) explores these concepts in depth. Unlike the simplistic value propo-
sitions often used when implementing IT in organizations, this chapter presents
“value” as a multilayered business construct that must be effectively managed at
several levels if technology is to achieve the benefits expected. Chapter 2 (Developing
IT Strategy for Business Value) examines the dynamic interrelationship between
business and IT strategy and looks at the processes and critical success factors
used by organizations to ensure that both are well aligned. Chapter 3 (Linking IT
to Business Metrics) discusses new ways of measuring IT’s effectiveness that pro-
mote closer business–IT alignment and help drive greater business value. Chapter
4 (Building a Strong Relationship with the Business) examines the nature of the
business–IT relationship and the characteristics of an effective relationship that
delivers real value to the enterprise. Chapter 5 (Communicating with Business
Managers) explores the business and interpersonal competencies that IT staff will
need in order to do their jobs effectively over the next five to seven years and what
companies should be doing to develop them. Finally, Chapter 6 (Building Better IT
Leaders from the Bottom Up) tackles the increasing need for improved leadership
skills in all IT staff and examines the expectations of the business for strategic and
innovative guidance from IT.

Preface xvii
In the mini cases associated with this section, the concepts of delivering
value with IT are explored in a number of different ways. We see business and
IT executives at Hefty Hardware grappling with conflicting priorities and per-
spectives and how best to work together to achieve the company’s strategy. In
“Investing in TUFS,” CIO Martin Drysdale watches as all of the work his IT depart-
ment has put into a major new system fails to deliver value. And the “IT Planning
at ModMeters” mini case follows CIO Brian Smith’s efforts to create a strategic
IT  plan that will align with business strategy, keep IT running, and not increase
IT’s budget.
• Section II: IT Governance explores key concepts in how the IT organization is
structured and managed to effectively deliver IT products and services to the orga-
nization. Chapter 7 (IT Shared Services) discusses how IT shared services should be
selected, organized, managed, and governed to achieve improved organizational
performance. Chapter 8 (A Management Framework for IT Sourcing) examines
how organizations are choosing to source and deliver different types of IT functions
and presents a framework to guide sourcing decisions. Chapter 9 (The IT Budgeting
Process) describes the “evil twin” of IT strategy, discussing how budgeting mecha-
nisms can significantly undermine effective business strategies and suggesting
practices for addressing this problem while maintaining traditional fiscal account-
ability. Chapter 10 (Managing IT-based Risk) describes how many IT organizations
have been given the responsibility of not only managing risk in their own activities
(i.e., project development, operations, and delivering business strategy) but also
of managing IT-based risk in all company activities (e.g., mobile computing, file
sharing, and online access to information and software) and the need for a holistic
framework to understand and deal with risk effectively. Chapter 11 (Information
Management: The Nexus of Business and IT) describes how new organizational
needs for more useful and integrated information are driving the development of
business-oriented functions within IT that focus specifically on information and
knowledge, as opposed to applications and data.
The mini cases in this section examine the difficulties of managing com-
plex IT issues when they intersect substantially with important business issues.
In “Building Shared Services at RR Communications,” we see an IT organiza-
tion in transition from a traditional divisional structure and governance model
to a more centralized enterprise model, and the long-term challenges experi-
enced by CIO Vince Patton in changing both business and IT practices, includ-
ing information management and delivery, to support this new approach. In
“Enterprise Architecture at Nationstate Insurance,” CIO Jane Denton endeavors
to make IT more flexible and agile, while incorporating new and emerging tech-
nologies into its strategy. In “IT Investment at North American Financial,” we
show the opportunities and challenges involved in prioritizing and resourcing
enterprisewide IT projects and monitoring that anticipated benefits are being
• Section III: IT-Enabled Innovation discusses some of the ways technology is
being used to transform organizations. Chapter 12 (Innovation with IT) examines
the nature and importance of innovation with IT and describes a typical inno-
vation life cycle. Chapter 13 (Big Data and Social Computing) discusses how IT
leaders are incorporating big data and social media concepts and technologies

xviii Preface
to successfully deliver business value in new ways. Chapter 14 (Improving the
Customer Experience: An IT Perspective) explores the IT function’s role in creating
and improving an organization’s customer experiences and the role of technology
in helping companies to understand and learn from their customers’ experiences.
Chapter 15 (Building Business Intelligence) looks at the nature of business intelli-
gence and its relationship to data, information, and knowledge and how IT can be
used to build a more intelligent organization. Chapter 16 (Enabling Collaboration
with IT) identifies the principal forms of collaboration used in organizations, the
primary business drivers involved in them, how their business value is measured,
and the roles of IT and the business in enabling collaboration.
The mini cases in this section focus on the key challenges companies face in
innovating with IT. “Innovation at International Foods” contrasts the need for pro-
cess and control in corporate IT with the strong push to innovate with technology
and the difficulties that ensue from the clash of style and culture. “Consumerization
of Technology at IFG” looks at issues such as “bring your own device” (BYOD) to
the workplace. In “CRM at Minitrex,” we see some of the internal technological and
political conflicts that result from a strategic decision to become more customercen-
tric. Finally, “Customer Service at Datatronics” explores the importance of present-
ing unified, customer-facing IT to customers.
• Section IV: IT Portfolio Development and Management looks at how the IT
function must transform itself to be able to deliver business value effectively in
the future. Chapter 17 (Application Portfolio Management) describes the ongoing
management process of categorizing, assessing, and rationalizing the IT application
portfolio. Chapter 18 (Managing IT Demand) looks at the often neglected issue of
demand management (as opposed to supply management), explores the root causes
of the demand for IT services, and identifies a number of tools and enablers to
facilitate more effective demand management. Chapter 19 (Creating and Evolving
a Technology Roadmap) examines the challenges IT managers face in implement-
ing new infrastructure, technology standards, and types of technology in their real-
world business and technical environments, which is composed of a huge variety of
hardware, software, applications, and other technologies, some of which date back
more than thirty years. Chapter 20 (Enhancing Development Productivity) explores
how system development practices are changing and how managers can create
an environment to promote improved development productivity. And Chapter 21
(Information Delivery: IT’s Evolving Role) examines the fresh challenges IT faces in
managing the exponential growth of data and digital assets; privacy and account-
ability concerns; and new demands for access to information on an anywhere, any-
time basis.
The mini cases associated with this section describe many of these themes
embedded within real organizational contexts. “Project Management at MM” mini
case shows how a top-priority, strategic project can take a wrong turn when proj-
ect management skills are ineffective. “Working Smarter at Continental Furniture”
mini case follows an initiative to improve the company’s analytics so it can reduce
its environmental impact. And in the mini case “Managing Technology at Genex
Fuels,” we see CIO Nick Devlin trying to implement enterprisewide technology for
competitive advantage in an organization that has been limping along with obscure
and outdated systems.

Preface xix
SupplementAry mAteriAlS
online instructor resource center
The following supplements are available online to adopting instructors:
• PowerPoint Lecture Notes
• Image Library (text art)
• Extensive Teaching Notes for all Mini cases
• Additional chapters including Developing IT Professionalism; IT Sourcing; Master
Data Management; Developing IT Capabilities; The Identity Management Challenge;
Social Computing; Managing Perceptions of IT; IT in the New World of Corporate
Governance Reforms; Enhancing Customer Experiences with Technology; Creating
Digital Dashboards; and Managing Electronic Communications.
• Additional mini cases, including IT Leadership at MaxTrade; Creating a Process-Driven
Organization at Ag-Credit; Information Management at Homestyle Hotels; Knowledge
Management at Acme Consulting; Desktop Provisioning at CanCredit; and Leveraging
IT Vendors at SleepSmart.
For detailed descriptions of all of the supplements just listed, please visit http://
courseSmart etextbooks online
CourseSmart is an exciting new choice for students looking to save money. As an alter-
native to purchasing the print textbook, students can purchase an electronic version of
the same content and save up to 50 percent off the suggested list price of the print text.
With a CourseSmart etextbook, students can search the text, make notes online, print
out reading assignments that incorporate lecture notes, and bookmark important pas-
sages for later review.
the geneSiS of thiS Book
Since 1990 we have been meeting quarterly with a group of senior IT managers from
a number of leading-edge organizations (e.g., Eli Lilly, BMO, Honda, HP, CIBC, IBM,
Sears, Bell Canada, MacDonalds, and Sun Life) to identify and discuss critical IT manage-
ment issues. This focus group represents a wide variety of industry sectors (e.g.,  retail,
manufacturing, pharmaceutical, banking, telecommunications, insurance, media, food
processing, government, and automotive). Originally, it was established to meet the com-
panies’ needs for well-balanced, thoughtful, yet practical information on emerging IT
management topics, about which little or no research was available. However, we soon
recognized the value of this premise for our own research in the rapidly evolving field
of IT management. As a result, it quickly became a full-scale research program in which
we were able to use the focus group as an “early warning system” to document new IT
management issues, develop case studies around them, and explore more collaborative
approaches to identifying trends, challenges, and effective practices in each topic area.3
3 This now includes best practice case studies, field research in organizations, multidisciplinary qualitative
and quantitative research projects, and participation in numerous CIO research consortia.

xx Preface
As we shared our materials with our business students, we realized that this issues-
based approach resonated strongly with them, and we began to incorporate more of our
research into the classroom. This book is the result of our many years’ work with senior
IT managers, in organizations, and with students in the classroom.
Each issue in this book has been selected collaboratively by the focus group after
debate and discussion. As facilitators, our job has been to keep the group’s focus on IT
management issues, not technology per se. In preparation for each meeting, focus group
members researched the topic within their own organization, often involving a number
of members of their senior IT management team as well as subject matter experts in
the process. To guide them, we provided a series of questions about the issue, although
members are always free to explore it as they see fit. This approach provided both struc-
ture for the ensuing discussion and flexibility for those members whose organizations
are approaching the issue in a different fashion.
The focus group then met in a full-day session, where the members discussed all
aspects of the issue. Many also shared corporate documents with the group. We facilitated
the discussion, in particular pushing the group to achieve a common understanding of
the dimensions of the issue and seeking examples, best practices, and guidelines for deal-
ing with the challenges involved. Following each session, we wrote a report based on the
discussion, incorporating relevant academic and practitioner materials where these were
available. (Because some topics are “bleeding edge,” there is often little traditional IT
research available on them.)
Each report has three parts:
1. A description of the issue and the challenges it presents for both business and IT
2. Models and concepts derived from the literature to position the issue within a con-
textual framework
3. Near-term strategies (i.e., those that can be implemented immediately) that have
proven successful within organizations for dealing with the specific issue
Each chapter in this book focuses on one of these critical IT issues. We have learned
over the years that the issues themselves vary little across industries and organizations,
even in enterprises with unique IT strategies. However, each organization tackles the
same issue somewhat differently. It is this diversity that provides the richness of insight
in these chapters. Our collaborative research approach is based on our belief that when
dealing with complex and leading-edge issues, “everyone has part of the solution.”
Every focus group, therefore, provides us an opportunity to explore a topic from a
variety of perspectives and to integrate different experiences (both successful and oth-
erwise) so that collectively, a thorough understanding of each issue can be developed
and strategies for how it can be managed most successfully can be identified.

James D. McKeen is Professor Emeritus at the Queen’s School of Business. He has been
working in the IT field for many years as a practitioner, researcher, and consultant. In
2011, he was named the “IT Educator of the Year” by ComputerWorld Canada. Jim has
taught at universities in the United Kingdom, France, Germany, and the United States.
His research is widely published in a number of leading journals and he is the coau-
thor (with Heather Smith) of five books on IT management. Their most recent book—IT
Strategy: Issues and Practices (2nd ed.)—was the best-selling business book in Canada
(Globe and Mail, April 2012).
Heather A. Smith has been named the most-published researcher on IT management
issues in two successive studies (2006, 2009). A senior research associate with Queen’s
University School of Business, she is the author of five books, the most recent being IT
Strategy: Issues and Practices (Pearson Prentice Hall, 2012). She is also a senior research
associate with the American Society for Information Management’s Advanced Practices
Council. A former senior IT manager, she is codirector of the IT Management Forum and
the CIO Brief, which facilitate interorganizational learning among senior IT executives.
In addition, she consults and collaborates with organizations worldwide.

The work contained in this book is based on numerous meetings with many senior IT
managers. We would like to acknowledge our indebtedness to the following individuals
who willingly shared their insights based on their experiences “earned the hard way”:
Michael Balenzano, Sergei Beliaev, Matthias Benfey, Nastaran Bisheban, Peter
Borden, Eduardo Cadena, Dale Castle, Marc Collins, Diane Cope, Dan Di Salvo,
Ken Dschankilic, Michael East, Nada Farah, Mark Gillard, Gary Goldsmith, Ian
Graham, Keiko Gutierrez, Maureen Hall, Bruce Harding, Theresa Harrington,
Tom Hopson, Heather Hutchison, Jim Irich, Zeeshan Khan, Joanne Lafreniere,
Konstantine Liris, Lisa MacKay, Mark O’Gorman, Amin Panjwani, Troy Pariag,
Brian Patton, Marius Podaru, Helen Restivo, Pat Sadler, A. F. Salam, Ashish
Saxena, Joanne Scher, Stewart Scott, Andy Secord, Marie Shafi, Helen Shih, Trudy
Sykes, Bruce Thompson, Raju Uppalapati, Len Van Greuning, Laurie Schatzberg,
Ted Vincent, and Bond Wetherbe.
We would also like to recognize the contribution of Queen’s School of Business
to this work. The school has facilitated and supported our vision of better integrat-
ing academic research and practice and has helped make our collaborative approach
to the study of IT management and strategy an effective model for interorganizational
James D. McKeen
Kingston, Ontario
Heather A. Smith
School of Business
June 2014

S e c t i o n i
Delivering Value with IT
Chapter 1 Developing and Delivering on the IT Value Proposition
Chapter 2 Developing IT Strategy for Business Value
Chapter 3 Linking IT to Business Metrics
Chapter 4 Building a Strong Relationship with the Business
Chapter 5 Communicating with Business Managers
Chapter 6 Building Better IT Leaders from the Bottom Up
Mini Cases
■  Delivering Business Value with IT at Hefty Hardware
■  Investing in TUFS
■  IT Planning at ModMeters

C h a p t e r
1 Developing and Delivering on the it Value Proposition1
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen.
“Developing and Delivering on the IT Value Proposition.” Communications of the Association for Information
Systems 11 (April 2003): 438–50. Reproduced by permission of the Association for Information Systems.
It’s déjà vu all over again. For at least twenty years, business leaders have been trying to figure out exactly how and where IT can be of value in their organizations. And IT managers have been trying to learn how to deliver this value. When IT was
used mainly as a productivity improvement tool in small areas of a business, this was
a relatively straightforward process. Value was measured by reduced head counts—
usually in clerical areas—and/or the ability to process more transactions per person.
However, as systems grew in scope and complexity, unfortunately so did the risks. Very
few companies escaped this period without making at least a few disastrous invest-
ments in systems that didn’t work or didn’t deliver the bottom-line benefits executives
thought they would. Naturally, fingers were pointed at IT.
With the advent of the strategic use of IT in business, it became even more difficult
to isolate and deliver on the IT value proposition. It was often hard to tell if an invest-
ment had paid off. Who could say how many competitors had been deterred or how
many customers had been attracted by a particular IT initiative? Many companies can
tell horror stories of how they have been left with a substantial investment in new forms
of technology with little to show for it. Although over the years there have been many
improvements in where and how IT investments are made and good controls have been
established to limit time and cost overruns, we are still not able to accurately articulate
and deliver on a value proposition for IT when it comes to anything other than simple
productivity improvements or cost savings.
Problems in delivering IT value can lie with how a value proposition is conceived
or in what is done to actually implement an idea—that is, selecting the right project and
doing the project right (Cooper et al. 2000; McKeen and Smith 2003; Peslak 2012). In
addition, although most firms attempt to calculate the expected payback of an IT invest-
ment before making it, few actually follow up to ensure that value has been achieved or
to question what needs to be done to make sure that value will be delivered.

Chapter 1 • Developing and Delivering on the IT Value Proposition 3
This chapter first looks at the nature of IT value and “peels the onion” into its
different layers. Then it examines the three components of delivering IT value: value
identification, conversion, and value realization. Finally, it identifies five general
principles for ensuring IT value will be achieved.
Peeling the OniOn: Understanding it ValUe
Thirty years ago the IT value proposition was seen as a simple equation: Deliver the
right technology to the organization, and financial benefits will follow (Cronk and
Fitzgerald 1999; Marchand et al. 2000). In the early days of IT, when computers were
most often used as direct substitutes for people, this equation was understandable,
even if it rarely worked this simply. It was easy to compute a bottom-line benefit where
“technology” dollars replaced “salary” dollars.
Problems with this simplistic view quickly arose when technology came to be
used as a productivity support tool and as a strategic tool. Under these conditions,
managers had to decide if an IT investment was worth making if it saved people time,
helped them make better decisions, or improved service. Thus, other factors, such as
how well technology was used by people or how IT and business processes worked
together, became important considerations in how much value was realized from an IT
investment. These issues have long confounded our understanding of the IT value prop-
osition, leading to a plethora of opinions (many negative) about how and where technol-
ogy has actually contributed to business value. Stephen Roach (1989) made headlines
with his macroeconomic analysis showing that IT had had absolutely no impact on pro-
ductivity in the services sector. More recently, research shows that companies still have a
mixed record in linking IT to organizational performance, user satisfaction, productivity,
customer experience, and agility (Peslak 2012).
These perceptions, plus ever-increasing IT expenditures, have meant business
managers are taking a closer look at how and where IT delivers value to an organization
(Ginzberg 2001; Luftman and Zadeh 2011). As they do this, they are beginning to change
their understanding of the IT value proposition. Although, unfortunately, “silver bullet
thinking” (i.e., plug in technology and deliver bottom-line impact) still predomi-
nates, IT value is increasingly seen as a multilayered concept, far more complex than
it first appeared. This suggests that before an IT value proposition can be identified
and delivered, it is essential that managers first “peel the onion” and understand more
about the nature of IT value itself (see Figure 1.1).
What is it Value?
Value is defined as the worth or desirability of a thing (Cronk and Fitzgerald 1999). It is
a subjective assessment. Although many believe this is not so, the value of IT depends
very much on how a business and its individual managers choose to view it. Different
companies and even different executives will define it quite differently. Strategic posi-
tioning, increased productivity, improved decision making, cost savings, or improved
service are all ways value could be defined. Today most businesses define value broadly
and loosely, not simply as a financial concept (Chakravarty et al. 2013). Ideally, it is tied
to the organization’s business model because adding value with IT should enable a firm
to do its business better. In the focus group (see the Preface), one company sees value

4 Section I • Delivering Value with IT
resulting from all parts of the organization having the same processes; another defines
value by return on investment (ROI); still another measures it by a composite of key
performance indicators. In short, there is no single agreed-on measure of IT value. As a
result, misunderstandings about the definition of value either between IT and the busi-
ness or among business managers themselves can lead to feelings that value has not
been delivered. Therefore, a prerequisite of any IT value proposition is that everyone
involved in an IT initiative agree on what value they are trying to deliver and how they
will recognize it.
Where is it Value?
Value may also vary according to where one looks for it (Davern and Kauffman 2000;
Oliveira and Martins 2011). For example, value to an enterprise may not be perceived as
value in a work group or by an individual. In fact, delivering value at one level in an orga-
nization may actually conflict with optimizing value at another level. Decisions about
IT value are often made to optimize firm or business process value, even if they cause
difficulties for business units or individuals. As one manager explained, “At the senior
levels, our bottom-line drivers of value are cost savings, cash flow, customer satisfaction,
and revenue. These are not always visible at the lower levels of the organization.” Failure
to consider value implications at all levels can lead to a value proposition that is coun-
terproductive and may not deliver the value that is anticipated. Many executives take a
hard line with these value conflicts. However, it is far more desirable to aim for a value
What Value will be
Where will Value be
Who will
Deliver Value?
When will Value
be Delivered?
How will Value
be Delivered?
FigUre 1.1 IT Value Is a Many-Layered Concept

Chapter 1 • Developing and Delivering on the IT Value Proposition 5
that is not a win–lose proposition but is a win–win at all levels. This can leverage overall
value many times over (Chan 2000; Grant and Royle 2011).
Who delivers it Value?
Increasingly, managers are realizing that it is the interaction of people, information, and
technology that delivers value, not IT alone.2 Studies have confirmed that strong IT
practices alone do not deliver superior performance. It is only the combination of these
IT practices with an organization’s skills at managing information and people’s behav-
iors and beliefs that leads to real value (Birdsall 2011; Ginzberg 2001; Marchand et al.
2000). In the past, IT has borne most of the responsibility for delivering IT value. Today,
however, business managers exhibit a growing willingness to share responsibility with
IT to ensure value is realized from the organization’s investments in technology. Most
companies now expect to have an executive sponsor for any IT initiative and some busi-
ness participation in the development team. However, many IT projects still do not
have the degree of support or commitment from the business that IT managers feel is
necessary to deliver fully on a value proposition (Peslak 2012).
When is it Value realized?
Value also has a time dimension. It has long been known that the benefits of technol-
ogy take time to be realized (Chan 2000; Segars and Chatterjee 2010). People must be
trained, organizations and processes must adapt to new ways of working, information
must be compiled, and customers must realize what new products and services are
being offered. Companies are often unprepared for the time it takes an investment to
pay off. Typically, full payback can take between three and five years and can have at
least two spikes as a business adapts to the deployment of technology. Figure 1.2 shows
this “W” effect, named for the way the chart looks, for a single IT project.
Initially, companies spend a considerable amount in deploying a new technology.
During this twelve-to-sixteen-month period, no benefits occur. Following implementa-
tion, some value is realized as companies achieve initial efficiencies. This period lasts
for about six months. However, as use increases, complexities also grow. Information
overload can occur and costs increase. At this stage, many can lose faith in the initia-
tive. This is a dangerous period. The final set of benefits can occur only by making the
business simpler and applying technology, information, and people more effectively. If
a business can manage to do this, it can achieve sustainable, long-term value from its IT
investment (Segars and Chatterjee 2010). If it can’t, value from technology can be offset
by increased complexity.
Time also changes perceptions of value. Many IT managers can tell stories of
how an initiative is vilified as having little or no value when first implemented, only
to have people say they couldn’t imagine running the business without it a few years
later. Similarly, most managers can identify projects where time has led to a clearer
2 These interactions in a structured form are known as processes. Processes are often the focus of much orga-
nizational effort in the belief that streamlining and reengineering them will deliver value. In fact, research
shows that without attention to information and people, very little value is delivered (Segars and Chatterjee
2010). In addition, attention to processes in organizations often ignores the informal processes that contribute
to value.

6 Section I • Delivering Value with IT
understanding of the potential value of a project. Unfortunately, in cases where antici-
pated value declines or disappears, projects don’t always get killed (Cooper et al. 2000).
Clarifying and agreeing on these different layers of IT value is the first step involved
in developing and delivering on the IT value proposition. All too often, this work is for-
gotten or given short shrift in the organization’s haste to answer this question: How will
IT value be delivered? (See next section.) As a result, misunderstandings arise and tech-
nology projects do not fulfill their expected promises. It will be next to impossible to do a
good job developing and delivering IT value unless and until the concepts involved in IT
value are clearly understood and agreed on by both business and IT managers.
the three COmPOnents OF the it ValUe PrOPOsitiOn
Developing and delivering an IT value proposition involves addressing three compo-
nents. First, potential opportunities for adding value must be identified. Second, these
opportunities must be converted into effective applications of technology. Finally, value
12–16 Months
Get the House
in Order
Harvest Low-
Hanging Fruit
Make the
Make Business
16–22 Months 22–38 Months 3–5 Years
FigUre 1.2 The ‘W’ Effect in Delivering IT Value (Segars & Chatterjee, 2010)
Best Practices in Understanding IT Value
• Link IT value directly to your business model.
• Recognize value is subjective, and manage perceptions accordingly.
• Aim for a value “win–win” across processes, work units, and individuals.
• Seek business commitment to all IT projects.
• Manage value over time.

Chapter 1 • Developing and Delivering on the IT Value Proposition 7
must be realized by the organization. Together, these components comprise the funda-
mentals of any value proposition (see Figure 1.3).
identification of Potential Value
Identifying opportunities for making IT investments has typically been a fairly
informal activity in most organizations. Very few companies have a well-organized
means of doing research into new technologies or strategizing about where these tech-
nologies can be used (McKeen and Smith 2010). More companies have mechanisms
for identifying opportunities within business units. Sometimes a senior IT manager
will be designated as a “relationship manager” for a particular unit with responsi-
bility for working with business management to identify opportunities where IT
could add value (Agarwal and Sambamurthy 2002; Peslak 2012). Many other com-
panies, however, still leave it up to business managers to identify where they want
to use IT. There is growing evidence that relegating the IT organization to a passive
role in developing systems according to business instructions is unlikely to lead to
high IT value. Research shows that involving IT in business planning can have a direct
and positive influence on the development of successful business strategies using IT
(Ginzberg 2001; Marchand et al. 2000). This suggests that organizations should estab-
lish joint business–IT mechanisms to identify and evaluate both business and technical
opportunities where IT can add value.
Once opportunities have been identified, companies must then make decisions
about where they want to focus their dollars to achieve optimal value. Selecting the
right projects for an organization always involves balancing three fundamental factors:
cash, timing, and risk (Luehrman 1997). In principle, every company wants to under-
take only high-return projects. In reality, project selection is based on many different
factors. For example, pet or political projects or those mandated by the government or
competitors are often part of a company’s IT portfolio (Carte et al. 2001). Disagreement
at senior levels about which projects to undertake can arise because of a lack of a coher-
ent and consistent mechanism for assessing project value. All organizations need some
formal mechanism for prioritizing projects. Without one, it is very likely that project
selection will become highly politicized and, hence, ineffective at delivering value.
There are a variety of means to do this, ranging from using strictly bottom-line metrics,
to comparing balanced scorecards, to adopting a formal value-assessment methodology.
However, although these methods help to weed out higher cost–lower return projects,
they do not constitute a foolproof means of selecting the right projects for an organiza-
tion. Using strict financial selection criteria, for example, can exclude potentially high-
value strategic projects that have less well-defined returns, longer payback periods,
and more risk (Cooper et al. 2000; DeSouza 2011). Similarly, it can be difficult getting
Identification Conversion Realization
FigUre 1.3 The Three Components of the IT Value Proposition

8 Section I • Delivering Value with IT
important infrastructure initiatives funded even though these may be fundamental to
improving organizational capabilities (Byrd 2001).
Therefore, organizations are increasingly taking a portfolio approach to project
selection. This approach allocates resources and funding to different types of projects,
enabling each type of opportunity to be evaluated according to different criteria (McKeen
and Smith 2003; Smith and McKeen 2010). One company has identified three different
classes of IT—infrastructure, common systems, and business unit applications—and
funds them in different proportions. In other companies, funding for strategic initia-
tives is allocated in stages so their potential value can be reassessed as more information
about them becomes known. Almost all companies have found it necessary to justify
infrastructure initiatives differently than more business-oriented projects. In fact, some
remove these types of projects from the selection process altogether and fund them with
a “tax” on all other development (McKeen and Smith 2003). Other companies allocate a
fixed percentage of their IT budgets to a technology renewal fund.
Organizations have come a long way in formalizing where and how they choose to
invest their IT dollars. Nevertheless, there is still considerable room for judgment based
on solid business and technical knowledge. It is, therefore, essential that all executives
involved have the ability to think strategically and systematically as well as financially
about project identification and selection.
effective Conversion
“Conversion” from idea/opportunity to reality has been what IT organizations have
been all about since their inception. A huge amount of effort has gone into this central
component of the IT value proposition. As a result, many IT organizations have become
very good at developing and delivering projects on time and on budget. Excellent
project management, effective execution, and reliable operations are a critical part of
IT value. However, they are not, in and of themselves, sufficient to convert a good idea
into value or to deliver value to an organization.
Today managers and researchers are both recognizing that more is involved in
effective conversion than good IT practices. Organizations can set themselves up for
failure by not providing adequate and qualified resources. Many companies start more
projects than they can effectively deliver with the resources they have available. Not
having enough time or resources to do the job means that people are spread too thin
and end up taking shortcuts that are potentially damaging to value (Cooper et al. 2000).
Resource limitations on the business side of a project team can be as damaging to con-
version as a lack of technical resources. “[Value is about] far more than just sophisticated
managerial visions. . . . Training and other efforts . . . to obtain value from IT investments
Best Practices in Identifying Potential Value
• Joint business–IT structures to recognize and evaluate opportunities
• A means of comparing value across projects
• A portfolio approach to project selection
• A funding mechanism for infrastructure

Chapter 1 • Developing and Delivering on the IT Value Proposition 9
are often hamstrung by insufficient resources” (Chircu and Kauffman 2000). Inadequate
business resources can lead to poor communication and ineffective problem solving on
a project (Ginzberg 2001). Companies are beginning to recognize that the number and
quality of the staff assigned to an IT project can make a difference to its eventual out-
come. They are insisting that the organization’s best IT and businesspeople be assigned
to critical projects.
Other significant barriers to conversion that are becoming more apparent now
that IT has improved its own internal practices include the following:
• Organizational barriers. The effective implementation of IT frequently requires
the extensive redesign of current business processes (Chircu and Kauffman 2000).
However, organizations are often reluctant to make the difficult complementary
business changes and investments that are required (Carte et al. 2001). “When
new IT is implemented, everyone expects to see costs come down,” explained one
manager. “However, most projects involve both business and IT deliverables. We,
therefore, need to take a multifunctional approach to driving business value.” In
recognition of this fact, some companies are beginning to put formal change man-
agement programs in place to help businesses prepare for the changes involved
with IT projects and to adapt and simplify as they learn how to take advantage of
new technology.
• Knowledge barriers. Most often new technology and processes require employ-
ees to work differently, learn new skills, and have new understanding of how and
where information, people, and technologies fit together (Chircu and Kauffman
2000; Perez-Lopez and Alegre 2012). Although training has long been part of new
IT implementations, more recently businesses are recognizing that delivering value
from technology requires a broader and more coordinated learning effort (Smith
and McKeen 2002). Lasting value comes from people and technology working
together as a system rather than as discrete entities. Research confirms that high-
performing organizations not only have strong IT practices but also have people
who have good information management practices and who are able to effectively
use the information they receive (Beath et al. 2012; Marchand et al. 2000).
realizing Value
The final component of the IT value proposition has been the most frequently ignored.
This is the work involved in actually realizing value after technology has been imple-
mented. Value realization is a proactive and long-term process for any major initiative.
All too often, after an intense implementation period, a development team is disbanded
to work on other projects, and the business areas affected by new technology are left to
Best Practices in Conversion
• Availability of adequate and qualified IT and business resources
• Training in business goals and processes
• Multifunctional change management
• Emphasis on higher-level learning and knowledge management

10 Section I • Delivering Value with IT
sink or swim. As a result, a project’s benefits can be imperfectly realized. Technology
must be used extensively if it is to deliver value. Poorly designed technology can lead
to high levels of frustration, resistance to change, and low levels of use (Chircu and
Kauffman 2000; Sun et al., 2012).
Resistance to change can have its root cause in an assumption or an action that
doesn’t make sense in the everyday work people do. Sometimes this means challeng-
ing workers’ understanding of work expectations or information flows. At other times
it means doing better analysis of where and how a new process is causing bottlenecks,
overwork, or overload. As one manager put it, “If value is not being delivered, we
need to understand the root causes and do something about it.” His company takes
the unusual position that it is important to keep a team working on a project until the
expected benefits have been realized. This approach is ideal but can also be very costly
and, therefore, must be carefully managed. Some companies try to short-circuit the
value management process by simply taking anticipated cost savings out of a business
unit’s budget once technology has been implemented, thereby forcing it to do more
with less whether or not the technology has been as beneficial as anticipated. However,
most often organizations do little or no follow-up to determine whether or not benefits
have been achieved.
Measurement is a key component of value realization (Thorp 1999). After imple-
mentation, it is essential that all stakeholders systematically compare outcomes against
expected value and take appropriate actions to achieve benefits. In addition to monitor-
ing metrics, a thorough and ongoing assessment of value and information flows must
also be undertaken at all levels of analysis: individual, team, work unit, and enterprise.
Efforts must be taken to understand and improve aspects of process, information, and
technology that are acting as barriers to achieving value.
A significant problem with not paying attention to value recognition is that areas
of unexpected value or opportunity are also ignored. This is unfortunate because it is
only after technology has been installed that many businesspeople can see how it could
be leveraged in other parts of their work. Realizing value should, therefore, also include
provisions to evaluate new opportunities arising through serendipity.
FiVe PrinCiPles FOr deliVering ValUe
In addition to clearly understanding what value means in a particular organization and
ensuring that the three components of the IT value proposition are addressed by every
project, five principles have been identified that are central to developing and deliver-
ing value in every organization.
Best Practices in Realizing Value
• Plan a value-realization phase for all IT projects.
• Measure outcomes against expected results.
• Look for and eliminate root causes of problems.
• Assess value realization at all levels in the organization.
• Have provisions for acting on new opportunities to leverage value.

Chapter 1 • Developing and Delivering on the IT Value Proposition 11
Principle 1. have a Clearly defined Portfolio
Value management Process
Every organization should have a common process for managing the overall value
being delivered to the organization from its IT portfolio. This would begin as a means of
identifying and prioritizing IT opportunities by potential value relative to each other. It
would also include mechanisms to optimize enterprise value (e.g., through tactical, stra-
tegic, and infrastructure projects) according to a rubric of how the organization wants
to allocate its resources.
A portfolio value management process should continue to track projects as they
are being developed. It should ensure not only that projects are meeting schedule and
budget milestones but also that other elements of conversion effectiveness are being
addressed (e.g., business process redesign, training, change management, informa-
tion management, and usability). A key barrier to achieving value can be an organiza-
tion’s unwillingness to revisit the decisions made about its portfolio (Carte et al. 2001).
Yet this is critically important for strategic and infrastructure initiatives in particular.
Companies may have to approve investments in these types of projects based on imper-
fect information in an uncertain environment. As they develop, improved information
can lead to better decision making about an investment. In some cases this might lead to
a decision to kill a project; in others, to speed it up or to reshape it as a value proposition
becomes clearer.
Finally, a portfolio value management process should include an ongoing means
of ensuring that value is realized from an investment. Management must monitor
expected outcomes at appropriate times following implementation and hold someone
in the organization accountable for delivering benefits (Smith and McKeen 2010).
Principle 2. aim for Chunks of Value
Much value can be frittered away by dissipating IT investments on too many projects
(Cho et al. 2013; Marchand et al. 2000). Focusing on a few key areas and designing a set
of complementary projects that will really make a difference is one way companies are
trying to address this concern. Many companies are undertaking larger and larger tech-
nology initiatives that will have a significant transformational and/or strategic impact
on the organization. However, unlike earlier efforts, which often took years to complete
and ended up having questionable value, these initiatives are aiming to deliver major
value through a series of small, focused projects that, linked together, will result in both
immediate short-term impact and long-term strategic value. For example, one company
has about three hundred to four hundred projects underway linked to one of a dozen
major initiatives.
Principle 3. adopt a holistic Orientation to technology Value
Because value comes from the effective interaction of people, information, and tech-
nology, it is critical that organizations aim to optimize their ability to manage and use
them together (Marchand et al. 2000). Adopting a systemic approach to value, where
technology is not viewed in isolation and interactions and impacts are anticipated and
planned, has been demonstrated to contribute to perceived business value (Ginzberg
2001). Managers should aim to incorporate technology as an integral part of an overall

12 Section I • Delivering Value with IT
program of business change rather than dealing with people and information manage-
ment as afterthoughts to technology (Beath et al. 2012). One company has done this by
taking a single business objective (e.g., “increase market penetration by 15 percent over
five years”) and designing a program around it that includes a number of bundled tech-
nology projects.
Principle 4. aim for Joint Ownership of technology initiatives
This principle covers a lot of territory. It includes the necessity for strong executive
sponsorship of all IT projects. “Without an executive sponsor for a project, we simply
won’t start it,” explained one manager. It also emphasizes that all people involved in
a project must feel they are responsible for the results. Said another manager, “These
days it is very hard to isolate the impact of technology, therefore there must be a ‘we’
mentality.” This perspective is reinforced by research that has found that the quality of
the IT–business relationship is central to the delivery of IT value. Mutual trust, visible
business support for IT and its staff, and IT staff who consider themselves to be part of
a business problem-solving team all make a significant difference in how much value
technology is perceived to deliver (Ginzberg 2001).
Principle 5. experiment more Often
The growing complexity of technology, the range of options available, and the
uncertainty of the business environment have each made it considerably more difficult
to determine where and how technology investments can most effectively be made.
Executives naturally object to the risks involved in investing heavily in possible business
scenarios or technical gambles that may or may not realize value. As a result, many
companies are looking for ways to firm up their understanding of the value proposition
for a particular opportunity without incurring too much risk. Undertaking pilot studies
is one way of doing this (DeSouza 2011). Such experiments can prove the value of an
idea, uncover new opportunities, and identify more about what will be needed to make
an idea successful. They provide senior managers with a greater number of options
in managing a project and an overall technology portfolio. They also enable poten-
tial value to be reassessed and investments in a particular project to be reevaluated
and rebalanced against other opportunities more frequently. In short, experimentation
enables technology investments to be made in chunks and makes “go/no go” decisions
at key milestones much easier to make.
This chapter has explored the concepts
and activities involved in developing and
delivering IT value to an organization. In
their efforts to use technology to deliver
business value, IT managers should keep
clearly in mind the maxim “Value is in the
eye of the beholder.” Because there is no
single agreed-on notion of business value, it
is important to make sure that both business
and IT managers are working to a common
goal. This could be traditional cost reduction,
process efficiencies, new business capabili-
ties, improved communication, or a host of
other objectives. Although each organization

Chapter 1 • Developing and Delivering on the IT Value Proposition 13
or business unit approaches value differ-
ently, increasingly this goal includes much
more than the simple delivery of technology
to a business unit. Today technology is being
used as a catalyst to drive many different
types of organizational transformation and
strategy. Therefore, IT value can no longer
be viewed in isolation from other parts of
the business, namely people and informa-
tion. Thus, it is no longer adequate to focus
simply on the development and delivery of
IT projects in order to deliver value. Today
delivering IT value means managing the
entire process from conception to cash.
Agarwal, R., and V. Sambamurthy. “Organizing
the IT Function for Business Innovation
Leadership.” Society for Information
Management Advanced Practices Council
Report, Chicago, September 2002.
Beath, C., I. Becerra-Fernandez, J. Ross, and J.
Short. “Finding Value in the Information
Explosion.” MIT Sloan Management Review 53,
no. 4 (2012): 18–20.
Birdsall, W. “Human Capabilities and
Information and Communication Technology:
The Communicative Connection.” Ethics and
Information Technology 13, no. 2 (2011): 93–106.
Byrd, T. A. “Information Technology, Core
Com petencies, and Sustained Competitive
Advantage.” Information Resources Management
Journal 14, no. 2 (April–June 2001): 27–36.
Carte, T., D. Ghosh, and R. Zmud. “The Influence
of IT Budgeting Practices on the Return
Derived from IT Investments.” CMISS White
Paper, November 2001.
Chakravarty, A., R. Grewal, and V. Sambamurthy.
“Information Technology Competencies,
Organizational Agility, and Firm Performance:
Enabling and Facilitating Roles.” Information
Systems Research 24, no. 4 (2013): 976–97, 1162–63,
Chan, Y. “IT Value: The Great Divide Between
Qualitative and Quantitative and Individual
and Organizational Measures.” Journal of
Management Information Systems 16, no. 4
(Spring 2000): 225–61.
Cho, W., M. Shaw, and H. Kwan. “The Effect
of Synergy Enhancement on Information
Technology Portfolio Selection.” Information
Technology and Management 14, no. 2 (2013):
Chircu, A., and R. J. Kauffman. “Limits to Value in
Electronic Commerce-Related IT Investments.”
Journal of Management Information Systems 17,
no. 2 (Fall 2000): 59–80.
Cooper, R., S. Edgett, and E. Kleinschmidt. “New
Problems, New Solutions: Making Portfolio
Management More Effective.” Research
Technology Management 43, no. 2 (March/April
2000): 18–33.
Cronk, M., and E. Fitzgerald. “Understanding ‘IS
Business Value’: Derivation of Dimensions.”
Logistics Information Management 12, no. 1–2
(1999): 40–49.
Davern, M., and R. Kauffman. “Discovering
Potential and Realizing Value from
Information Technology Investments.” Journal
of Management Information Systems 16, no. 4
(Spring 2000): 121–43.
DeSouza, K. Intrapreneurship: Managing Ideas
in Your Organization. Toronto: University of
Toronto Press, 2011.
Ginzberg, M. “Achieving Business Value Through
Information Technology: The Nature of High
Business Value IT Organizations.” Society for
Information Management Advanced Practices
Council Report, Chicago, November 2001.
Grant, G. L., and M. T. Royle. “Information
Technology and Its Role in Creating Sustainable
Competitive Advantage.” Journal of International
Management Studies 6, no. 1 (2011): 1–7.
Luehrman, T. A. “What’s It Worth? A General
Manager’s Guide to Valuation.” Harvard
Business Review (May–June 1997): 131–41.
Luftman, J., and H. S. Zadeh. “Key Information
Technology and Management Issues 2010–
2011: An International Study.” Journal of
Information Technology 26, no. 3 (2011): 193–204.

14 Section I • Delivering Value with IT
Marchand, D., W. Kettinger, and J. Rollins.
“Information Orientation: People, Technology
and the Bottom Line.” Sloan Management
Review (Summer 2000): 69–80.
McKeen, J. D., and H. A. Smith. Making IT
Happen. Chichester, England: John Wiley &
Sons, 2003.
McKeen, J. D., and H. A. Smith. “Application
Portfolio Management.” Communications for the
Association of Information Systems 26, Article 9
(March 2010), 157–70.
Oliveira, T., and M. F. Martins. “Literature Review
of Information Technology Adoption Models
at Firm Level.” Electronic Journal of Information
Systems Evaluation 14, no.1 (2011): 110–21.
Perez-Lopez, S., and J. Alegre. “Information
Technology Competency, Knowledge Processes
and Firm Performance.” Industrial Management
and Data Systems 112, no. 4 (2012): 644–62.
Peslak, A. R. “An Analysis of Critical Information
Technology Issues Facing Organizations.”
Industrial Management and Data Systems 112, no.
5 (2012): 808–27.
Roach, S. “The Case of the Missing Technology
Payback.” Presentation at the Tenth
International Conference on Information
Systems, Boston, December 1989.
Segars, A. H., and D. Chatterjee. “Diets That Don’t
Work: Where Enterprise Resource Planning
Goes Wrong.” Wall Street Journal, August 23,
Smith, H., and J. McKeen. “Instilling a Knowledge
Sharing Culture.” Presentation at the KM
Forum, Queen’s School of Business, Kingston,
Ontario, Canada, 2002.
Smith, H., and J. McKeen. “Investment Spend
Optimization at BMO Financial Group.” MISQ
Executive 9, no. 2 (June 2010): 65–81.
Sun, Y., Y. Fang, K. Lim, and D. Straub. “User
Satisfaction with Information Technology
Service Delivery: A Social Capital Perspective.”
Information Systems Research 23, no. 4 (2012):
Thorp, J. “Computing the Payoff from IT.” Journal of
Business Strategy 20, no. 3 (May/June 1999): 35–39.

C h a p t e r
2 Developing IT Strategy for Business Value1
1 This chapter is based on the authors’ previously published article, Smith, H. A., J. D. McKeen, and S. Singh.
“Developing IT Strategy for Business Value.” Journal of Information Technology Management XVIII, no. 1 (June
2007): 49–58. Reproduced by permission of the Association of Management.
Suddenly, it seems, executives are “getting” the strategic potential of IT. Instead of being relegated to the back rooms of the enterprise, IT is now being invited to the boardrooms and is being expected to play a leading role in delivering top-
line value and business transformation (Korsten 2011; Luftman and Zadeh 2011; Peslak
2012). Thus, it can no longer be assumed that business strategy will naturally drive IT
strategy, as has traditionally been the case. Instead, different approaches to strategy
development are now possible and sometimes desirable. For example, the capabilities
of new technologies could shape the strategic direction of a firm (e.g., mobile, social
media, big data). IT could enable new competencies that would then make new busi-
ness strategies possible (e.g., location-based advertising). New options for governance
using IT could also change how a company works with other firms (think Wal-Mart
or Netflix). Today new technologies coevolve with new business strategies and new
behaviors and structures (see Figure 2.1). However, whichever way it is developed, if
IT is to deliver business value, IT strategy must always be closely linked with sound
business strategy.
Ideally, therefore, business and IT strategies should complement and support each
other relative to the business environment. Strategy development should be a two-way
process between the business and IT. Yet unfortunately, poor alignment between them
remains a perennial problem (Frohman 1982; Luftman and Zadeh 2011; McKeen and
Smith 1996; Rivard et al. 2004). Research has already identified many organizational
challenges to effective strategic alignment. For example, if their strategy-development
processes are not compatible (e.g., if they take place at different times or involve differ-
ent levels of the business), it is unlikely that the business and IT will be working toward
the same goals at the same time (Frohman 1982). Aligning with individual business
units can lead to initiatives that suboptimize the effectiveness of corporate strategies
(McKeen and Smith 1996). Strategy implementation must also be carefully aligned to

16 Section I • Delivering Value with IT
ensure the integration of business and IT efforts (Smith and McKeen 2010). Finally, com-
panies often try to address too many priorities, leading to an inadequate focus on key
strategic goals (Weiss and Thorogood 2011).
However, strategic alignment is only one problem facing IT managers when they
develop IT strategy. With IT becoming so much more central to the development and
delivery of business strategy, much more attention is now being paid to strategy devel-
opment than in the past. What businesses want to accomplish with their IT and how IT
shapes its own delivery strategy are increasingly vital to the success of an enterprise.
This chapter explores how organizations are working to improve IT strategy develop-
ment and its relationship with business strategy. It looks first at how our understanding
of business and IT strategies has changed over time and at the forces that will drive
even further changes in the future. Then it discusses some critical success factors for IT
strategy development about which there is general consensus. Next it looks at the dif-
ferent dimensions of the strategic use of IT that IT management must address. Finally,
it examines how some organizations are beginning to evolve a more formal IT strategy-
development process and some of the challenges they are facing in doing so.
Business and iT sTraTegies: PasT, PresenT, and FuTure
At the highest level, a strategy is an approach to doing business (Gebauer 1997).
Traditionally, a competitive business strategy has involved performing different activi-
ties from competitors or performing similar activities in different ways (Porter 1996).
Ideally, these activities were difficult or expensive for others to copy and, therefore,
resulted in a long-term competitive advantage (Gebauer 1997). They enabled firms to
charge a premium for their products and services.
Until recently, the job of an IT function was to understand the business’s strategy
and figure out a plan to support it. However, all too often IT’s strategic contribution
was inhibited by IT managers’ limited understanding of business strategy and by busi-
ness managers’ poor understanding of IT’s potential. Therefore, most formal IT plans
were focused on the more tactical and tangible line of business needs or opportunities
New Behaviors & S
New Strate
Figure 2.1 Business and IT Strategies Co-evolve to Create New Capabilities

Chapter 2 • Developing IT Strategy for Business Value 17
for operational integration rather than on supporting enterprise strategy (Burgelman
and Doz 2001). And projects were selected largely on their abilities to affect the short-
term bottom line rather than on delivering top-line business value. “In the past IT had
to be a strategic incubator because businesspeople simply didn’t recognize the potential
of technology,” said a member of the focus group.
As a result, instead of looking for ways to be different, in the past much business
strategy became a relentless race to compete on efficiencies with IT as the primary means
of doing so (Hitt et al. 1998; Porter 1996). In many industries, companies’ improved
information-processing capabilities have been used to drive down transaction costs to
near zero, threatening traditional value propositions and shaving profit margins. This
is leading to considerable disruption as business models (i.e., the way companies add
value) are under attack by new, technology-enabled approaches to delivering products
and services (e.g., the music industry, bookselling). Therefore:
Strategists [have to] honestly face the many weaknesses inherent in [the]
industrial-age ways of doing things. They [must] redesign, build upon and reconfig-
ure their components to radically transform the value proposition. (Tapscott 1996)
Such new business strategies are inconceivable without the use of IT. Other factors,
also facilitated by IT, are further influencing the relationship between the business
and IT strategy. Increasingly, globalization is altering the economic playing field. As
countries and companies become more deeply interrelated, instability is amplified.
Instead of being generals plotting out a structured campaign, business leaders are now
more likely to be participating in guerilla warfare (Eisenhardt 2002; Friedman 2005).
Flexibility, speed, and innovation are, therefore, becoming the watchwords of competi-
tion and must be incorporated into any business or IT strategy–development process.
These conditions have dramatically elevated the business’s attention to the
value of IT strategy (Korsten 2011; Weiss and Thorogood 2011). As a result, business
executives recognize that it was a mistake to consider technology projects to be solely
the responsibility of IT. There is, thus, a much greater understanding that business
executives have to take leadership in making technology investments in ways that will
shape and/or complement business strategy. There is also recognition at the top of most
organizations that problems with IT strategy implementation are largely the fault of
leaders who “failed to realize that adopting … systems posed a business—not just a
technological—challenge” and didn’t take responsibility for the organizational and
process changes that would deliver business value (Ross and Beath 2002).
Changing value models and the development of integrated, cross-functional
systems have elevated the importance of both a corporate strategy and a technology
strategy that crosses traditional lines of business. Many participants remarked that their
executive teams at last understand the potential of IT to affect the top line. “IT recently
added some new distribution channels, and our business has just exploded,” stated
one manager. Others are finding that there is a much greater emphasis on IT’s ability to
grow revenues, and this is being reflected in how IT budgets are allocated and projects
prioritized. “Our executives have finally recognized that business strategy is not only
enabled by IT, but that it can provide new business opportunities as well,” said another
manager. This is reflected in the changing position of the CIO in many organizations
over the past decade. “Today our CIO sits on the executive team and takes part in all

18 Section I • Delivering Value with IT
business strategy discussions because IT has credibility,” said a group member. “Our
executives now want to work closely with IT and understand the implications of tech-
nology decisions,” said another. “It’s not the same as it was even five years ago.” Now
CIOs are valued for their insight into business opportunities, their perspective across
the entire organization, and their ability to take the long view (Korsten 2011).
However, this does not mean that organizations have become good at developing
strategy or at effectively integrating business and IT strategies. “There are many incon-
sistencies and problems with strategy development,” said a participant. Organizations
have to develop new strategy-making capabilities to cope in the future competitive
environment. This will mean changing their current top–down method of developing
and implementing strategy. If there’s one thing leading academics agree on, it’s that
future strategy development will have to become a more dynamic and continuous pro-
cess (Casadesus and Ricart 2011; Eisenhardt 2002; Kanter 2002; Prahalad and Krishnan
2002; Quinn 2002; Weill et al. 2002). Instead of business strategy being a well-crafted
plan of action for the next three to five years, from which IT can devise an appropri-
ate and supportive technology strategy, business strategy must become more and more
evolutionary and interactive with IT. IT strategy development must, therefore, become
more dynamic itself and focused on developing strategic capabilities that will support a
variety of changing business objectives. In the future, managers will not align business
strategy and IT at particular points in time but will participate in an organic process
that will address the need to continually evolve IT and business plans in concert with
each other (Casadesus and Ricart 2011).
Four CriTiCal suCCess FaCTors
Each focus group member had a different approach to developing IT strategy, but there
was general agreement that four factors had to be in place for strategy development to
be effective.
1. Revisit your business model. The worlds of business and IT have traditionally
been isolated from each other, leading to misaligned and sometimes conflicting
strategies. Although there is now a greater willingness among business manag-
ers to understand the implications of technology in their world, it is still IT that
must translate their ideas and concepts into business language. “IT must absolutely
understand and focus on the business,” said a participant.
Similarly, it is essential that all managers thoroughly understand how their
business as a whole works. Although this sounds like a truism, almost any IT man-
ager can tell “war stories” of business managers who have very different visions
of what they think their enterprise should look like. Business models and strate-
gies are often confused with each other (Osterwalder and Pigneur 2010). A business
model explains how the different pieces of a business fit together. It ensures that
everyone in an organization is focused on the kind of value a company wants to
create. Only when the business model is clear can strategies be developed to articu-
late how a company will deliver that value in a unique way that others cannot easily
duplicate (Osterwalder and Pigneur 2010).
2. Have strategic themes. IT strategy used to be about individual projects. Now
it is about carefully crafted programs that focus on developing specific business

Chapter 2 • Developing IT Strategy for Business Value 19
capabilities. Each program consists of many smaller, interrelated business and IT
initiatives cutting across several functional areas. These are designed to be adapted,
reconfigured, accelerated, or canceled as the strategic program evolves. Themes
give both business and IT leaders a broad yet focused topic of interest that chal-
lenges them to move beyond current operations (Kanter 2002). For example, one
retail company decided it wanted to be “a great place to work.” A bank selected
mobile banking as a critical differentiator. Both firms used a theme to engage the
imaginations of their employees and mobilize a variety of ideas and actions around
a broad strategic direction. By grouping IT and business programs around a few
key themes, managers find it easier to track and direct important strategic threads
in an organization’s development and to visualize the synergies and interdepen-
dencies involved across a variety of projects spread out across the organization and
over time.
3. Get the right people involved. One of the most important distinguishing factors
between companies that get high business value from their IT investment and those
that don’t is that senior managers in high-performing companies take a leadership
role in IT decision making. Abdication of this responsibility is a recipe for disas-
ter (Ross and Beath 2002). “In the past it was very hard to get the right people
involved,” said a focus group member. “Now it’s easier.” Another noted, “You don’t
send a minion to an IT strategy meeting anymore; it’s just not done.” In this type of
organization, the CIO typically meets regularly with the president and senior busi-
ness leaders to discuss both business and IT strategies.
Getting the right people involved also means getting business managers
and other key stakeholders involved in strategy as well. To do this, many com-
panies have established “relationship manager” positions in IT to work with and
learn about the business and bring opportunities for using technology to the table.
Research shows that the best strategies often stem from grassroots innovations, and
it is, therefore, critical that organizations take steps to ensure that good ideas are
nurtured and not filtered out by different layers of management (DeSouza 2011).
“We have two levels of strategy development in our organization,” said a focus
group participant. “Our relationship managers work with functional managers and
our CIO with our business unit presidents on the IT steering committee.” This com-
pany also looks for cross-functional synergies and strategic dependencies by hold-
ing regular meetings of IT account managers and between account managers and
infrastructure managers.
4. Work in partnership with the business. Successful strategy demands a true
partnership between IT and the business, not just use of the term. Strategy decisions
are best made with input from both business and IT executives (Ross and Beath
2002). The focus group agreed. “Our partnerships are key to our success,” stated
a manager. “It’s not the same as it was a few years ago. People now work very
closely together.” Partnership is not just a matter of “involving” business lead-
ers in IT strategy or vice versa or “aligning” business and IT strategies. Effective
strategizing is about continuous and dynamic synchronization of capabilities
(Smith and McKeen 2010). “Our IT programs need synchronizing with business
strategy—not only at a high level, but right down to the individual projects and
the business changes that are necessary to implement them properly,” explained
another participant.

20 Section I • Delivering Value with IT
The Many diMensions oF iT sTraTegy
One of the many challenges of developing effective IT strategy is the fact that
technology can be used in so many different ways. The opportunities are practically
limitless. Unfortunately, the available resources are not. Thus, a key element of IT
strategy is determining how best to allocate the IT budget. This issue is complicated
by the fact that most businesses today require significant IT services just to operate.
Utility and basic support costs eat up between 30 and 70 percent of the focus group
members’ budgets. That’s just the cost of “keeping the lights on”—running existing
applications, fixing problems, and dealing with mandatory changes (e.g., new legisla-
tion). IT strategy, therefore, has two components: how to do more with less (i.e., driving
down fixed costs) and how to allocate the remaining budget toward those projects that
will support and further the organization’s business strategy.
With occasional exceptions, CIOs and their teams are mostly left alone to deter-
mine the most cost-effective way of providing the IT utility. This has led to a variety of
IT-led initiatives to save money, including outsourcing, shared services, use of software-
as-a-service (SaaS), global sourcing, and partnerships. However, it is the way that IT
spends the rest of its budget that has captured the attention of business strategists. “It
used to be that every line of business had an IT budget and that we would work with
each one to determine the most effective way to spend it,” said a manager. “Now there
is much more recognition that the big opportunities are at the enterprise level and cut
across lines of business.”
Focus group members explained that implementing a strategic program in IT will
usually involve five types of initiatives. Determining what the balance among them will
be is a significant component of how IT strategy delivers business value. Too much or
too little emphasis on one type of project can mean a failure to derive maximum value
from a particular strategic business theme:
1. Business improvement. These projects are probably the easiest to agree on because
they stress relatively low-risk investments with a tangible short-to-medium-term
payback. These are often reengineering initiatives to help organizations streamline
their processes and save substantial amounts of money by eliminating unnecessary
or duplicate activities or empowering customers/suppliers to self-manage transac-
tions with a company. Easy to justify with a business case, these types of projects
have traditionally formed the bulk of IT’s discretionary spending. “Cost-reduction
projects have and always will be important to our company,” stated one member.
“However, it is important to balance what we do in this area with other types of
equally important projects that have often been given short shrift.”
2. Business enabling. These projects extend or transform how a company does
business. As a result, they are more focused on the top-line or revenue-growing
aspects of an enterprise. For example, a data warehouse could enable different
parts of a company to “mine” transaction information to improve customer ser-
vice, assist target marketing, better understand buying patterns, or identify new
business opportunities. Adding a new mobile channel could make it easier for
customers to buy more or attract new customers. A customer information file
could make it more enjoyable for a customer to do business with a company
(e.g., only one address change) and also facilitate new ways of doing business.

Chapter 2 • Developing IT Strategy for Business Value 21
Often the return on these types of projects is less clear, and as a result it has been
harder to get them on the IT priority list. Yet many of these initiatives represent
the foundations on which future business strategy will be built. For example, one
CIO described the creation of a customer information file as “a key enabler for
many different business units. . . . It has helped us build bench strength and move
to a new level of service that other companies cannot match” (Smith 2003).
3. Business opportunities. These are small-scale, experimental initiatives designed
to test the viability of new concepts or technologies. In the past these types of proj-
ects have not received funding by traditional methods because of their high-risk
nature. Often it has been left up to the CIO to scrounge money for such “skunk-
works.” There is a growing recognition of the potential value of strategic innovation
projects in helping companies to learn about and prepare for the future. In some
companies the CEO and CFO have freed up seed money to finance a number of
these initiatives. However, although there is considerably more acceptance for such
projects, there is still significant organizational resistance to financing projects for
which the end results are unpredictable (Quinn 2002; Weiss and Thorogood 2011).
In fact, it typically requires discipline to support and encourage innovation exper-
iments, which, by definition, will have a high number of false starts and wrong
moves (DeSouza 2011). The group agreed that the key to benefiting from them is to
design them for learning, incorporate feedback from a variety of sources, and make
quick corrections of direction.
4. Opportunity leverage. A neglected but important type of IT project is one that oper-
ationalizes, scales up, or leverages successful strategic experiments or prototypes.
“We are having a great deal of success taking advantage of what we have learned
earlier,” said one manager. Coming up with a new strategic or technological idea
needs a different set of skills than is required to take full advantage of it in the mar-
ketplace (Charitou and Markides 2003; DeSouza 2011). Some companies actually use
their ability to leverage others’ ideas to their strategic advantage. “We can’t compete
in coming up with new ideas,” said the manager of a medium-sized company, “but
we can copy other peoples’ ideas and do them better.”
5. Infrastructure. This final type of IT initiative is one that often falls between the
cracks when business and IT strategies are developed. However, it is clear that
the hardware, software, middleware, communications, and data available will
affect an organization’s capacity to build new capabilities and respond to change.
Studies have found that most companies feel their legacy infrastructure can be
an impediment to what they want to do (Peslak 2012; Prahalad and Krishnan
2002). Research also shows that leading companies have a framework for making
targeted investments in their IT infrastructure that will further their overall strate-
gic direction (Weill et al. 2002). Unfortunately, investing in infrastructure is rarely
seen as strategic. As a result, many companies struggle with how to justify and
appropriately fund it.
Although each type of project delivers a different type of business value, typi-
cally IT strategy has stressed only those initiatives with strong business cases. Others
are shelved or must struggle for a very small piece of the pie. However, there was a
general recognition in the group that this approach to investment leads to an IT strategy

22 Section I • Delivering Value with IT
with a heavy emphasis on the bottom line. As a result, all participating companies
were looking at new ways to build a strategy-development process that reflects a more
appropriate balance of all dimensions of IT strategy.
Toward an iT sTraTegy-develoPMenT ProCess
Strategy is still very much an art, not a science, explained the focus group. And it is likely
to remain so, according to strategy experts. Strategy will never again be a coherent,
long-term plan with predictable outcomes—if it ever was. “Leaders can’t predict which
combinations [of strategic elements] will succeed [and] they can’t drive their organiza-
tions towards predetermined positions” (Quinn 2002). This situation only exacerbates
the problem that has long faced IT strategists—that is, it is difficult to build systems,
information, and infrastructure when a business’s direction is continually changing. Yet
this degree of flexibility is exactly what businesses are demanding (Chakravarty et al.
2013; Luftman and Zadeh 2011; Korsten 2011). Traditional IT planning and budgeting
mechanisms done once a year simply don’t work in today’s fast-paced business envi-
ronment. “We always seem to lag behind the business, no matter how hard we try,” said
a manager.
Clearly, organizations need to be developing strategy differently. How to do this
is not always apparent, but several companies are trying ways to more dynamically
link IT strategy with that of the business. Although no one company in the focus group
claimed to have the answer, they did identify several practices that are moving them
closer to this goal:
• “Rolling” planning and budget cycles. All participants agreed that IT plans and
budgets need attention more frequently than once a year. One company has cre-
ated an eighteen-month rolling plan that is reviewed and updated quarterly with the
business to maintain currency.
• An enterprise architecture. This is an integrated blueprint for the development
of the enterprise—both the business and IT. “Our enterprise architecture includes
business processes, applications, infrastructure, and data,” said a member. “Our
EA function has to approve all business and IT projects and is helpful in identify-
ing duplicate solutions.” In some companies this architecture is IT initiated and
business validated; in others it is a joint initiative. However, participants warned
that an architecture has the potential to be a corporate bottleneck if it becomes too
• Different funding “buckets.” Balancing short-term returns with the company’s
longer-term interests is a continual challenge. As noted earlier, all five types of
IT projects are necessary for an effective IT strategy (i.e., business improvement,
business enabling, business opportunities, opportunity leverage, and infrastruc-
ture). In order to ensure that each different type of IT is appropriately funded,
many companies are allocating predetermined percentages of their IT budget to
different types of projects (Smith and McKeen 2010). This helps keep continual
pressure on IT to reduce its “utility costs” to free up more resources for other
types of projects. “Since we implemented this method of budgeting, we’ve gone
from spending 70 percent of our revenues on mandatory and support projects to
spending 70  percent on discretionary and strategic ones,” said a manager. This

Chapter 2 • Developing IT Strategy for Business Value 23
is also an effective way to ensure that IT infrastructure is continually enhanced.
Leading companies build their infrastructures not through a few large investments
but gradually through incremental, modular investments that build IT capabilities
(Weill et al. 2002).
• Relationship managers. There is no substitute for a deep and rich understand-
ing of the business. This is why many companies have appointed IT relationship
managers to work closely with key lines of business. These managers help business
leaders to observe their environments systematically and identify new opportunities
for which IT could be effective. Furthermore, together relationship managers can
identify synergies and interdependencies among lines of business. One organization
holds both intra- and interfunctional strategy sessions on a regular basis with busi-
ness managers to understand future needs, develop programs, and design specific
roadmaps for reaching business goals. “Our relationship managers have been a sig-
nificant factor in synchronizing IT and business strategies,” said its manager.
• A prioritization rubric. “We don’t do prioritization well,” said one participant.
IT managers have long complained that it is extremely difficult to justify certain
types of initiatives using the traditional business case method of prioritization.
This has led to an overrepresentation of business improvement projects in the IT
portfolio and has inhibited more strategic investments in general capabilities and
business opportunities. This problem is leading some companies to adopt multiple
approaches to justifying IT projects (Chakravarty et al. 2013; Ross and Beath 2002).
For example, business-enabling projects must be sponsored at a cross-functional
level on the basis of the capabilities they will provide the enterprise as a whole.
Senior management must then take responsibility to ensure that these capabili-
ties are fully leveraged over time. Infrastructure priorities are often left up to IT to
determine once a budget is set. One IT department does this by holding strategy
sessions with its relationship and utility managers to align infrastructure spending
with the organization’s strategic needs. Unfortunately, no one has yet figured out a
way to prioritize business opportunity experiments. At present this is typically left
to the “enthusiasms and intuitions” of the sponsoring managers, either in IT or in
the business (DeSouza 2011). “Overall,” said a manager, “we need to do a better job
of thinking through the key performance indicators we’d like to use for each type
of project.”
Although it is unlikely that strategy development will ever become a completely
formalized process, there is a clear need to add more structure to how it is done. A
greater understanding of how strategy is developed will ensure that all stakeholders
are involved and a broader range of IT investments are considered. The outcomes of
strategy will always be uncertain, but the process of identifying new opportunities and
how they should be funded must become more systematic if a business is going to real-
ize optimum value from its IT resources.
Challenges For Cios
As often happens in organizations, recognition of a need precedes the ability to put it
into place. IT leaders are now making significant strides in articulating IT strategy and
linking it more effectively with business strategy. Business leaders are also more open

24 Section I • Delivering Value with IT
to a more integrated process. Nevertheless, some important organizational barriers that
inhibit strategy development still remain.
A supportive governance structure is frequently lacking. “Now that so many
s trategies are enterprisewide, we need a better way to manage them,” explained one
manager. Often there are no formal structures to identify and manage interdepen-
dencies between business functions and processes. “It used to be that everything
was aligned around organizational boundaries, but strategy is now more complex
since we’re working on programs with broader organizational scope,” said another.
Similarly, current managerial control systems and incentives are often designed
to reward thinking that is aligned to a line of business, not to the greater organiza-
tional good. Enterprisewide funding models are also lacking. “Everything we do
now requires negotiation for funding between the lines of business who control the
resources,” a third stated. Even within IT, the group suggested it is not always clear
who in the organization is responsible for taking IT strategies and turning them into
detailed IT plans.
Traditional planning and budgetary practices are a further challenge. This is an
often-neglected element of IT strategy. “Our business and IT strategies are not always
done in parallel or even around the same time,” said a participant. As a result, it is not
easy to stay aligned or to integrate the two sets of plans. Another commented, “Our
business plans change constantly. It is, therefore, common for IT strategies to grow far-
ther and farther apart over time.” Similarly, an annual budgeting process tends to lock
an organization into fixed expenditures that may not be practical in a rapidly changing
environment. IT organizations, therefore, need both a longer-term view of their resourc-
ing practices and the opportunity to make changes to it more frequently. Even though
rolling budgets are becoming more acceptable, they are by no means common in either
IT or the business world today.
Both business and IT leaders need to develop better skills in strategizing. “We’ve
gotten really good at implementing projects,” said an IT manager. “Strategy and inno-
vation are our least developed capabilities.” IT is pushing the business toward better
articulation of its goals. “Right now, in many areas of our business, strategy is not well
thought through,” said another manager. “IT is having to play the devil’s advocate and
get them to think beyond generalities such as ‘We are going to grow the business by 20
percent this year.’” With more attention to the process, it is almost certain to get better,
but managers’ rudimentary skills in this area limit the quality of strategy development.
Over and over, the group stressed that IT strategy is mainly about getting the
balance right between conflicting strategic imperatives. “It’s always a balancing act
Barriers to Effective IT Strategy Development
• Lack of a governance structure for enterprisewide projects
• Inadequate enterprisewide funding models
• Poorly integrated processes for developing IT and business strategies
• Traditional budget cycles
• Unbalanced strategic and tactical initiatives
• Weak strategizing skills

Chapter 2 • Developing IT Strategy for Business Value 25
Effective strategy development is becoming
vital for organizations. As the impact of IT
has grown in companies, IT strategy is finally
getting the attention it deserves in business.
Nevertheless, most organizations are still at
the earliest stages of learning how to develop
an effective IT strategy and synchronize it
with an overall business strategy. Getting
the balance right between the many differ-
ent ways IT can be used to affect a business
is a constant challenge for leaders and one on
which they do not always agree. Although
there is, as yet, no well-developed IT strat-
egy–development process, there appears to
be general agreement on certain critical suc-
cess factors and the key elements involved.
Over time, these will likely be refined and bet-
ter integrated with overall business strategy
development. Those who learn to do this well
without locking the enterprise into inflexible
technical solutions are likely to win big in our
rapidly evolving business environment.
Burgelman, R., and Y. Doz. “The Power of
Strategic Integration.” MIT Sloan Management
Review 42, no. 3 (Spring 2001): 28–38.
Casadesus-Masanell, R., and J. Ricart. “How to
Design a Winning Business Model.” Harvard
Business Review 89, nos. 1–2 (January–February
2011): 100–107.
Chakravarty, A., R. Grewal, and V. Sambamurthy.
“Information Technology Competencies,
Organizational Agility, and Firm Performance:
Enabling and Facilitating Roles.” Information
Systems Research 24, no. 4 (December 2013): 976–97.
Charitou, C., and C. Markides. “Responses to
Disruptive Strategic Innovation.” MIT Sloan
Management Review (Winter 2003): 55–63.
DeSouza, K. Intrapreneurship: Managing Ideas
in Your Organization. Toronto: University of
Toronto Press, 2011.
Eisenhardt, K. “Has Strategy Changed?” MIT
Sloan Management Review 43, no. 2 (Winter
2002): 88–91.
Friedman, T. The World is Flat: A Brief History of the
Twenty-First Century. New York: Farrar, Strauss
and Giroux, 2005.
Frohman, A. “Technology as a Competitive
Weapon.” Harvard Business Review (January–
February 1982): 80–94.
Gebauer, J. “Virtual Organizations from an
Economic Perspective.” Communications of the
ACM 40 (September 1997): 91–103.
Hitt, M., B. Keats, and S. DeMarire. “Navigating
in the New Competitive Landscape: Building
Strategic Flexibility.” Academy of Management
Executive 12, no. 4 (1998): 22–42.
Kanter, R. “Strategy as Improvisational Theater.” MIT
Sloan Management Review (Winter 2002): 76–81.
between our tactical and operational commitments and the work that builds our long-
term capabilities,” said a participant. Deciding how to make the trade-offs between
the different types of IT work is the essence of effective strategy. Unfortunately, few
businesses do this very well (Burgelman and Doz 2001; Luftman and Zadeh 2011).
According to the focus group, traditional business thinking tends to favor short-term
profitability, while IT leaders tend to take a longer-term view. Making sure some types
of IT work (e.g., infrastructure, new business opportunities) are not underfunded while
others (e.g., utility, business improvement) are not overfunded is a continual challenge
for all IT and business leaders.

26 Section I • Delivering Value with IT
Korsten, P. “The Essential CIO.” IBM Institute
for Business Value. Somers, NY: IBM Global
Business Services, 2011.
Luftman, J., and H. S. Zadeh. “Key Information
Technology and Management Issues 2010–
2011: An International Study.” Journal of
Information Technology 26, no. 3 (2011): 193–204.
McKeen, J., and H. Smith. Management Challenges
in IS: Successful Strategies and Appropriate Action.
Chichester, England: John Wiley & Sons, 1996.
Osterwalder, A., and Y. Pigneur. Business Model
Generation. Hoboken, NJ: John Wiley & Sons, 2010.
Peslak, A. R. “An Analysis of Critical Information
Technology Issues Facing Organizations.”
Industrial Management and Data Systems 112, no.
5 (2012): 808–27.
Porter, M. “What Is Strategy?” Harvard Business
Review (November–December 1996): 61–78.
Prahalad, C., and M. Krishnan. “The Dynamic
Synchronization of Strategy and Information
Technology.” MIT Sloan Management Review
(Summer 2002): 24–33.
Quinn, J. “Strategy, Science, and Management.” MIT
Sloan Management Review (Summer 2002): 96.
Rivard, S., B. Aubert, M. Patry, G. Pare,
and H. Smith. Information Technology and
Organizational Transformation: Solving the
Management Puzzle. New York: Butterworth
Heinemann, 2004.
Ross, J., and C. Beath. “Beyond the Business Case:
New Approaches to IT Investment.” MIT Sloan
Management Review (Winter 2002): 51–59.
Smith, H. A. “The Best of the Best: Part II.” CIO
Canada, October 1 (2003).
Smith, H., and J. McKeen. “Investment Spend
Optimization at BMO Financial Group.” MISQ
Executive 9, no. 2 (June 2010): 65–81.
Tapscott, D. The Digital Economy: Promise and Peril
in the Age of Networked Intelligence. New York:
McGraw-Hill, 1996.
Weill, P., M. Subramani, and M. Broadbent.
“Building IT Infrastructure for Strategic Agility.”
MIT Sloan Management Review (Fall 2002): 57–65.
Weiss, J., and A. Thorogood. “Information
Technology (IT)/Business Alignment as
a Strategic Weapon: A Diagnostic Tool.”
Engineering Management Journal 23, no. 2 (June
2011): 30–41.

C h a p t e r
3 Linking IT to Business Metrics1
1 This chapter is based on the authors’ previously published article, Smith, H. A., J. D. McKeen, and C. Street.
“Linking IT to Business Metrics.” Journal of Information Science and Technology 1, no. 1 (2004): 13–26. Reproduced
by permission of the Information Institute.
From the first time IT started making a significant dent in corporate balance sheets, the holy grail of academics, consultants, and business and IT managers has been to show that what a company spends on IT has a direct impact on its
performance. Early efforts to do this, such as those trying to link various measures
of IT input (e.g., budget dollars, number of PCs, number of projects) with various
measures of business performance (e.g., profit, productivity, stock value) all failed to
show any relationship at all (Marchand et al. 2000). Since then, everyone has prop-
erly concluded that the relationship between what is done in IT and what happens in
the business is considerably more complex than these studies first supposed. In fact,
many researchers would suggest that the relationship is so filtered through a variety
of “conversion effects” (Cronk and Fitzgerald 1999) as to be practically impossible to
demonstrate. Most IT managers would agree. They have long argued that technology
is not the major stumbling block to achieving business performance; it is the business
itself—the processes, the managers, the culture, and the skills—that makes the differ-
ence. Therefore, it is simply not realistic to expect to see a clear correlation between
IT and business performance at any level. When technology is successful, it is a team
effort, and the contributions of the IT and business components of an initiative cannot
and should not be separated.
Nevertheless, IT expenditures must be justified. Thus, most companies have
concentrated on determining the “business value” that specific IT projects deliver. By
focusing on a goal that matters to business (e.g., better information, faster transaction
processing, reduced staff), then breaking this goal down into smaller projects that IT
can affect directly, they have tried to “peel the onion” and show specifically how IT
delivers value in a piecemeal fashion. Thus, a series of surrogate measures are usually
used to demonstrate IT’s impact in an organization. (See Chapter 1 for more details.)
More recently, companies are taking another look at business performance met-
rics and IT. They believe it is time to “put the onion back together” and focus on what

28 Section I • Delivering Value with IT
really matters to the enterprise. This perspective argues that employees who truly
understand what their business is trying to achieve can sense the right ways to per-
sonally improve performance that will show up at a business unit and organizational
level. “People who understand the business and are informed will be proactive and …
have a disposition to create business value every day in many small and not-so-small
ways” (Marchand et al. 2000). Although the connection may not be obvious, they say,
it is there nevertheless and can be demonstrated in tangible ways. The key to linking
what IT does to business performance is, therefore, to create an environment within
which everyone thoroughly understands what measures are important to the business
and is held accountable for them. This point of view does not suggest that all the work
done to date to learn how IT delivers value to an organization (e.g., business cases,
productivity measures) has been unnecessary, only that it is incomplete. Without close
attention to business metrics in addition, it is easy for IT initiatives and staff to lose their
focus and become less effective.
This chapter looks at how these controversial yet compelling ideas are being
pursued in organizations to better understand how companies are attempting to link
IT work and firm performance through business metrics. The first section describes
how business metrics themselves are evolving and looks at how new management
philosophies are changing how these measures are communicated and applied. Next
it discusses the types of metrics that are important for a well-rounded program of
business measurement and how IT can influence them. Then it presents three differ-
ent ways companies are specifically linking their IT departments with business met-
rics and the benefits and challenges they have experienced in doing this. This section
concludes with some general principles for establishing a business measurement pro-
gram in IT. Finally, it offers some advice to managers about how to succeed with such
a program in IT.
Business MeasureMent: an Overview
Almost everyone agrees that the primary goal of a business is to make money for its
shareholders (Goldratt and Cox 1984; Haspeslagh et al. 2001; Kaplan and Norton 1996).
Unfortunately, in large businesses this objective frequently gets lost in the midst of
people’s day-to-day activities because profit cannot be measured directly at the level
at which most employees in a company work (Haspeslagh et al. 2001). This “missing
link” between work and business performance leads companies to look for ways to
bridge this gap. They believe that if a firm’s strategies for achieving its goal can be tied
much more closely to everyday processes and decision making, frontline employees
will be better able to create business value. Proponents of this value-based manage-
ment (VBM) approach have demonstrated that an explicit, firmwide commitment to
shareholder value, clear communication about how value is created or destroyed, and
incentive systems that are linked to key business measures will increase the odds of a
positive increase in share price (Haspeslagh et al. 2001).
Measurement counts. What a company measures and the way it measures
influence both the mindsets of managers and the way people behave. The best
measures are tied to business performance and are linked to the strategies and
business capabilities of the company. (Marchand et al. 2000)

Chapter 3 • Linking IT to Business Metrics 29
Although companies ascribe to this notion in theory, they do not always act
in ways that are consistent with this belief. All too often, therefore, because they
lack clarity about the links between business performance and their own work,
individuals and even business units have to take leaps of faith in what they do
(Marchand et al. 2000).
Nowhere has this been more of a problem than in IT. As has been noted often,
IT investments have not always delivered the benefits expected (Bensaou and Earl
1998; Holland and Sharke 2001; Peslak 2012). “Efforts to measure the link between
IT investment and business performance from an economics perspective have…
failed to establish a consistent causal linkage with sustained business profitability”
(Marchand et al. 2000). Value-based management suggests that if IT staff do not
understand the business, they cannot sense how and where to change it effectively
with technology. Many IT and business managers have implicitly known this for
some time. VBM simply gives them a better framework for implementing their
beliefs more systematically.
One of the most significant efforts to integrate an organization’s mission and
strategy with a measurement system has been Kaplan and Norton’s (1996) balanced
scorecard. They explain that competing in the information age is much less about
managing physical, tangible assets and much more about the ability of a company to
mobilize its intangible assets, such as customer relationships, innovation, employee
skills, and information technology. Thus, they suggest that not only should business
measures look at how well a company has done in the past (i.e., financial performance),
but they also need to look at metrics related to customers, internal business processes,
and learning and growth that position the firm to achieve future performance. Although
it is difficult putting a reliable monetary value on these items, Kaplan and Norton sug-
gest that such nonfinancial measures are critical success factors for superior financial
performance in the future. Research shows that this is, in fact, the case. Companies that
use a balanced scorecard tend to have a better return on investment (ROI) than those
that rely on traditional financial measures alone (Alexander 2000).
Today many companies use some sort of scorecard or “dashboard” to track a vari-
ety of different metrics of organizational health. However, IT traditionally has not paid
much attention to business results, focusing instead on its own internal measures of
performance (e.g., IT operations efficiency, projects delivered on time). This has per-
petuated the serious disconnect between the business and IT that often manifests itself
in perceptions of poor alignment between the two groups, inadequate payoffs from IT
investments, poor relationships, and finger-pointing (Holland and Sharke 2001; Peslak
2012; Potter 2013). All too often IT initiatives are conceived with little reference to major
business results, relying instead on lower-level business value surrogates that are not
always related to these measures. IT organizations are getting much better at this bot-
tom-up approach to IT investment (Smith and McKeen 2010), but undelivered IT value
remains a serious concern in many organizations. One survey of CFOs found that only
49 percent felt that their ROI expectations for technology had been met (Holland and
Sharke 2001). “Despite considerable effort, no practical model has been developed to
measure whether a company’s IT investments will definitely contribute to sustainable
competitive advantage” (Marchand et al. 2000). Clearly, in spite of significant efforts
over many years, traditional IT measurement programs have been inadequate at

30 Section I • Delivering Value with IT
assessing business value. Many IT organizations believe, therefore, that it is time for
a different approach to delivering IT value, one that holds IT accountable to the same
measures and goals as the rest of the business.
Key Business Metrics fOr it
No one seriously argues that IT has no impact on an organization’s overall financial
performance anymore. There may be disagreement about whether it has a positive or
a negative impact, but technology is too pervasive and significant an expense in most
firms for it not to have some influence on the corporate bottom line. However, as has
been argued earlier, we now recognize that neither technology nor business alone is
responsible for IT’s financial impact. It is instead a joint responsibility of IT and the busi-
ness. This suggests that they need to be held accountable together for its impact. Some
companies have accepted this principle for individual IT projects (i.e., holding business
and IT managers jointly responsible for achieving their anticipated benefits), yet few
have extended it to an enterprise level. VBM suggests that this lack of attention to enter-
prise performance by IT is one reason it has been so hard to fully deliver business value
for technology investments. Holding IT accountable for a firm’s performance according
to key financial metrics is, therefore, an important step toward improving its contribu-
tion to the corporate bottom line.
However, although financial results are clearly an important part of any mea-
surement of a business’s success today, they are not enough. Effective business metrics
programs should also include nonfinancial measures, such as customer and employee
satisfaction. As already noted, because such nonfinancial measures are predictive of
future performance, they offer an organization the opportunity to make changes that
will ultimately affect their financial success.
Kaplan and Norton (1996) state “the importance of customer satisfaction probably
cannot be overemphasized.” Companies that do not understand their customers’ needs
will likely lose customers and profitability. Research shows that merely adequate satis-
faction is insufficient to lead to customer loyalty and ultimately profit. Only firms where
customers are completely or extremely satisfied can achieve this result (Heskett  et al.
1994). As a result, many companies now undertake systematic customer satisfaction
surveys. However, in IT it is rare to find external customer satisfaction as one of the
metrics on which IT is evaluated. While IT’s “customers” are usually considered to be
internal, these days technology makes a significant difference in how external custom-
ers experience a firm and whether or not they want to do business with it. Systems that
are not reliable or available when needed, cannot provide customers with the informa-
tion they need, or cannot give customers the flexibility they require are all too common.
And with the advent of online business, systems and apps are being designed to inter-
face directly with external customers. It is, therefore, appropriate to include external
customer satisfaction as a business metric for IT.
Another important nonfinancial business measure is employee satisfaction. This
is a “leading indicator” of customer satisfaction. That is, employee satisfaction in one
year is strongly linked to customer satisfaction and profitability in the next (Koys
2001). Employees’ positive attitudes toward their company and their jobs lead to posi-
tive behaviors toward customers and, therefore, to improved financial performance

Chapter 3 • Linking IT to Business Metrics 31
(Rucci et al. 1998; Ulrich et al. 1991). IT managers have always watched their own
employee satisfaction rate intently because of its close links to employee turnover.
However, they often miss the link between IT employee satisfaction and customer
satisfaction—both internal customer satisfaction, which leads to improved general
employee satisfaction, and external customer satisfaction. Thus, only a few companies
hold IT managers accountable for general employee satisfaction.
Both customer and employee satisfaction should be part of a business metrics
program for IT. With its ever-growing influence in organizations, technology is just
as likely to affect external customer and general employee satisfaction as many other
areas of a business. This suggests that IT has three different levels of measurement and
1. Enterprise measures. These tie the work of IT directly to the performance of the
organization (e.g., external customer satisfaction, corporate financial performance).
2. Functional measures. These assess the internal work of the IT organization as a
whole (e.g., IT employee satisfaction, internal customer satisfaction, operational
performance, development productivity).
3. Project measures. These assess the performance of a particular project team in
delivering specific value to the organization (e.g., business case benefits, delivery
on time).
Functional and project measures are usually well addressed by IT measurement
programs today. It is the enterprise level that is usually missing.
Designing Business Metrics fOr it
The firms that hold IT accountable for enterprise business metrics believe this approach
fosters a common sense of purpose, enables everyone to make better decisions, and
helps IT staff understand the implications of their work for the success of the organi-
zation (Haspeslagh et al. 2001; Marchand et al. 2000; Potter 2013; Roberts 2013). The
implementation of business metrics programs varies widely among companies, but
three approaches taken to linking IT with business metrics are distinguishable.
1. Balanced scorecard. This approach uses a classic balanced scorecard with mea-
sures in all four scorecard dimensions (see the “Sample Balanced Scorecard Business
Metrics” feature). Each metric is selected to measure progress against the entire
enterprise’s business plan. These are then broken down into business unit plans
and appropriate submetrics identified. Individual scorecards are then developed
with metrics that will link into their business unit scorecards. With this approach,
IT is treated as a separate business unit and has its own scorecard linked to the
business plan. “Our management finally realized that we need to have everyone
thinking in the same way,” explained one manager. “With enterprise systems, we
can’t have people working in silos anymore.” The scorecards are very visible in the
organization with company and business unit scorecards and those of senior execu-
tives posted on the company’s intranet. “People are extremely interested in seeing
how we’re doing. Scorecards have provided a common framework for our entire
company.” They also provide clarity for employees about their roles in how they
affect key business metrics.

32 Section I • Delivering Value with IT
Although scorecards have meant that there is better understanding of the
business’s drivers and plans at senior management levels, considerable resistance
to them is still found at the lower levels in IT. “While developers see how they can
affect our customers, they don’t see how they can affect shareholder value, profit,
or revenue, and they don’t want to be held accountable for these things,” stated
the same manager. She noted that implementing an effective scorecard program
relies on three things: good data to provide better metrics, simplicity of metrics,
and enforcement. “Now if someone’s scorecard is not complete, they cannot get a
bonus. This is a huge incentive to follow the program.”
2. Modified scorecard. A somewhat different approach to a scorecard is taken by
one company in the focus group. This firm has selected five key measures (see the
“Modified Scorecard Business Metrics” feature) that are closely linked to the com-
pany’s overall vision statement. Results are communicated to all staff on a quarterly
basis in a short performance report. This includes a clear explanation of each mea-
sure, quarterly progress, a comparison with the previous year’s quarterly results,
and a “stretch” goal for the organization to achieve. The benefit of this approach is
that it orients all employees in the company to the same mission and values. With
everyone using the same metrics, alignment is much clearer all the way through the
firm, according to the focus group manager.
In IT these key enterprise metrics are complemented by an additional set
of business measures established by the business units. Each line of business
identifies one or two key business unit metrics on which they and their IT team
Sample Balanced Scorecard Business Metrics
• Shareholder value (financial)
• Expense management (financial)
• Customer/client focus (customer)
• Loyalty (customer)
• Customercentric organization (customer)
• Effectiveness and efficiency of business operations (operations)
• Risk management (operations)
• Contribution to firmwide priorities and business initiatives (growth)
Modified Scorecard Business Metrics
• Customer loyalty index. Percentage of customers who said they were very satisfied with
the company and would recommend it to others.
• Associate loyalty index. Employees’ perception of the company as a great place to work.
• Revenue growth. This year’s total revenues as a percentage of last year’s total revenues.
• Operating margin. Operating income earned before interest and taxes for every dollar of
• Return on capital employed. Earnings before interest and tax divided by the capital used
to generate the earnings.

Chapter 3 • Linking IT to Business Metrics 33
will be measured. Functional groups within IT are evaluated according to the
same metrics as their business partners as well as on company and internal IT
team performance. For example, the credit group in IT might be evaluated on
the number of new credit accounts the company acquires. Shared IT services
(e.g.,  infrastructure) are evaluated according to an average of all of the IT func-
tional groups’ metrics.
The importance the company places on these metrics is reflected in the
firm’s generous bonus program (i.e., bonuses can reach up to 230 percent of an
individual’s salary) in which all IT staff participate. Bonuses are separate from
an individual’s salary, which is linked to personal performance. The percentage
influence of each set of business measures (i.e., enterprise, business unit, and
individual/team) varies according to the level of the individual in the firm.
However, all staff have at least 25 percent of their bonus linked to enterprise
performance metrics. No bonuses are paid to anyone if the firm does not reach its
earnings-per-share target (which is driven by the five enterprise measures out-
lined in the “Modified Scorecard Business Metrics” feature). This incentive sys-
tem makes it clear that everyone’s job is connected to business results and helps
ensure that attention is focused on the things that are important to the company.
As a result, interest is much stronger among IT staff about how the business is
doing. “Everyone now speaks the same language,” said the manager. “Project
alignment is much easier.”
3. Strategic imperatives. A somewhat different approach is taken by a third focus
group company. Here the executive team annually evaluates the key environmen-
tal factors affecting the company, then identifies a number of strategic imperatives
for the firm (e.g., achieve industry-leading e-business capability, achieve 10–15
percent growth in earnings per share). These can vary according to the needs of
the firm in any particular year. Each area of the business is then asked to identify
initiatives that will affect these imperatives and to determine how they will be
measured (e.g., retaining customers of a recent acquisition, increased net sales, a
new product). In the same way, IT is asked to identify the key projects and mea-
sures that will help the business to achieve these imperatives. Each part of the
company, including IT, then integrates these measures into its variable pay pro-
gram (VPP).
The company’s VPP links a percentage of an individual’s pay to business
results and overall business unit performance. This percentage could vary from a
small portion of one’s salary for a new employee to a considerable proportion for
senior management. Within IT, the weight that different measures are accorded in
the VPP portion of their pay is determined by a measurement team and approved
by the CIO and the president. Figure 3.1 illustrates the different percentages allo-
cated to IT’s variable pay component for a typical year. Metrics can change from
year to year depending on where management wants to focus everyone’s attention.
“Performance tends to improve if you measure it,” explained the manager. “Over
the years, we have ratcheted up our targets in different areas. Once a certain level
of performance is achieved, we may change the measure or change the emphasis on
this measure.”

34 Section I • Delivering Value with IT
An important difference from the scorecard approach is the identification of key
IT projects. “These are not all IT projects, but a small number that are closely aligned
with the strategic business imperatives,” stated the manager. “Having the success of
these projects associated with their variable pay drives everyone’s behavior. People
tend to jump in and help if there’s a problem with one of them.” The goal in this process
is for everyone to understand the VPP measures and to make them visible within IT.
Targets and results are posted quarterly, and small groups of employees meet to discuss
ideas about how they can influence business and IT goals. “Some amazing ideas have
come out of these meetings,” said the manager. “Everyone knows what’s important,
and these measures get attention. People use these metrics to make choices all the time
in their work.”
Each of these business measurement programs has been implemented somewhat
differently, but they all share several key features that could be considered principles of
a good business metrics program for IT:
1. Focus on overall business performance. These programs all focus employees on
both financial and nonfinancial enterprise performance and have an explicit expecta-
tion that everyone in the organization can influence these results in some way.
2. Understanding is a critical success factor. If people are going to be held
accountable for certain business results, it is important that they understand
them. Similarly, if the organization is worried about certain results, this must be
communicated as well. Holding regular staff meetings where people can ask ques-
tions and discuss results is effective, as is providing results on a quarterly basis.
Understanding is  the goal. “If you can ask … a person programming code and
they can tell you three to four of their objectives and how those tie into the compa-
ny’s performance and what the measures of achieving those objectives are, you’ve
got it” (Alexander 2000).
3. Simplicity. Successful companies tend to keep their measures very simple and
easy to use (Haspeslagh et al. 2001). In each approach already outlined, a limited
number of measures are used. This makes it very easy for employees to calculate
Business Results
Report Card Goals
Application Delivery
Key Projects
IT Performance
IT Variable Pay
figure 3.1 Percentage Weightings Assigned to IT Variable Pay Components for a Particular Year

Chapter 3 • Linking IT to Business Metrics 35
their bonuses (or variable pay) based on the metrics provided, which further
strengthens the linkage between company performance and individual effort.
4. Visibility. In each of the programs already discussed, metrics were made widely
available to all staff on a quarterly basis. In one case they are posted on the com-
pany’s intranet; in another they are distributed in a printed report; in a third they
are posted in public areas of the office. Visibility encourages employee buy-in and
accountability and stimulates discussion about how to do better or what is working
5. Links to incentive systems. Successful companies tend to include a much
larger number of employees in bonus programs than unsuccessful ones
(Haspeslagh et al. 2001). Extending incentive schemes to all IT staff, not just
management, is important to a measurement program’s effectiveness. The
most effective programs appear to distinguish between fair compensation for
individual work and competencies and a reward for successfully achieving
corporate objectives.
aDvice tO Managers
The focus group had some final advice for other IT managers who are thinking of
implementing a business metrics program:
• Results will take time. It takes time to change attitudes and behavior in IT, but it
is worth making the effort. Positive results may take from six months to a year to
appear. “We had some initial pushback from our staff at the beginning,” said one
manager, “but now the metrics program has become ingrained in our attitudes and
behaviors.” Another manager noted, “We had a few bumps during our first year,
but everyone, especially our executives, is getting better at the program now [that]
we’re in our third year. It really gets our staff engaged with the business.” If there
has been no dramatic difference within three years, management should recognize
that it is either using the wrong measures or hasn’t got employee buy-in to the pro-
gram (Alexander 2000).
• Have common goals. Having everyone measured on the same business goals
helps build a strong team at all levels in the organization. It makes it easier to set
priorities as a group and collaborate and share resources, as needed.
• Follow up on problem areas. Companies must be prepared to take action about
poor results and involve staff in their plans. In particular, if companies are going to
ask customers and employees what they think, they must be prepared to act on the
results. All metrics must be taken seriously and acted on if they are to be used to
drive behavior and lead to continuous improvement.
• Be careful what you measure. Measuring something makes people pay attention
to it, particularly if it is linked to compensation. Metrics must, therefore, be selected
with care because they will be a major driver of behavior. For example, if incen-
tives are solely based on financial results, it is probable that some people may be so
driven that they will trample on the needs and interests of others. Similarly, if only
costs are measured, the needs of customers could be ignored. Conversely, if a metric
indicates a problem area, organizations can expect to see a lot of ingenuity and sup-
port devoted to addressing it.

36 Section I • Delivering Value with IT
• Don’t use measurement as a method of control. A business metrics program
should be designed to foster an environment in which people look beyond their
own jobs and become proactive about the needs of the organization (Marchand
et al. 2000). It should aim to communicate strategy and help align individual and
organizational initiatives (Kaplan and Norton 1996). All managers should clearly
understand that a program of this type should not be used for controlling behavior,
but rather as a motivational tool.
Getting the most value out of IT has been a
serious concern of business for many years.
In spite of considerable effort, measurement
initiatives in IT that use surrogates of busi-
ness value or focus on improving internal
IT behavior have not been fully successful in
delivering results. Expecting IT to participate
in achieving specific enterprise objectives—
the same goals as the rest of the organiza-
tion—has been shown to deliver significant
benefits. Not only are there demonstrable
financial returns, but there is also consider-
able long-term value in aligning everyone’s
behavior with the same goals; people become
more supportive of each other and more
sensitive to the greater corporate good, and
decisions are easier to make. A good business
metrics program, therefore, appears to be a
powerful component of effective measure-
ment in IT. IT employees may initially resist
accountability for business results, but the
experiences of the focus group demonstrate
that their objections are usually short lived. If
a business measurement program is carefully
designed, properly linked to an incentive pro-
gram, widely implemented, and effectively
monitored by management, it is highly likely
that business performance will become an
integral part of the mind-set of all IT staff and
ultimately pay off in a wide variety of ways.
Alexander, S. “Business Metrics.” Computerworld
34, no. 24 (2000): 64.
Bensaou, M., and M. Earl. “The Right Mind-Set for
Managing Information Technology.” Harvard
Business Review 76, no. 5 (September–October
1998): 110–28.
Cronk, M., and E. Fitzgerald. “Understanding ‘IS
Business Value’: Derivation of Dimensions.”
Logistics Information Management 12, no. 1–2
(1999): 40–49.
Goldratt, E., and J. Cox. The Goal: Excellence in
Manufacturing. Croton-on-Hudson, NY: North
River Press, 1984.
Haspeslagh, P., T. Noda, and F. Boulos. “Managing
for Value: It’s Not Just About the Numbers.”
Harvard Business Review (July–August 2001):
Heskett, J., T. Jones, G. Loveman, E. Sasser, and L.
Schlesinger. “Putting the Service Profit Chain
to Work.” Harvard Business Review (March–
April 1994): 164–74.
Holland, W., and G. Sharke. “Is Your IT System
VESTed?” Strategic Finance 83, no. 6 (December
2001): 34–37.
Kaplan, R., and D. Norton. The Balanced
Scorecard. Boston: Harvard Business School
Press, 1996.
Koys, D. “The Effects of Employee Satisfaction,
Organizational Citizenship Behavior, and
Turnover on Organizational Effectiveness: A
Unit-Level, Longitudinal Study.” Personnel
Psychology 54, no. 1 (Spring 2001): 101–14.
Marchand, D., W. Kettinger, and J. Rollins.
“Information Orientation: People, Technology

Chapter 3 • Linking IT to Business Metrics 37
and the Bottom Line.” Sloan Management
Review (Summer 2000): 69–89.
Peslak, A. R. “An Analysis of Critical Information
Technology Issues Facing Organizations.”
Industrial Management and Data Systems 112, no.
5 (2012): 808–27.
Potter, K. “Business Key Metrics Data: Accelerate
the IT Value Journey.” Gartner Group, ID:
G00256958, October 16, 2013.
Roberts, J. P. “Define Strategic IT Metrics as
Part of Your IT Strategy.” Gartner Group, ID:
G0025861, November 5, 2013.
Rucci, A., S. Kirn, and R. Quinn. “The Employee-
Customer-Profit Chain at Sears.” Harvard
Business Review 76 (January/February 1998):
Smith, H., and J. McKeen. “Investment Spend
Optimization at BMO Financial Group.” MISQ
Executive 9, no. 2 (June 2010): 65–81.
Ulrich, D., R. Halbrook, D. Meder, M. Stuchlik,
and S. Thorpe. “Employee and Customer
Attachment: Synergies for Competitive
Advantage.” Human Resource Planning 14
(1991): 89–103.

C h a p t e r
4 Building a Strong Relationship with the Business1
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen. “Building
a Strong Relationship with the Business.” Communications of the Association for Information Systems 26, Article
19 (April 2010): 429–40. Reproduced by permission of the Association for Information Systems.
There is no doubt that a strong business–IT relationship is now critical to the success of an organization’s successful and effective use of IT (Bassellier and Benbasat 2004; Kitzis and Gomolski 2006). With the rapid evolution of IT in busi-
ness, simply “keeping the lights on” and delivering systems on time and on budget are
not enough. Today, IT’s ability to deliver value is closely linked with the nature of its
relationship with a large number of business stakeholders. Recognizing this, many IT
functions have tried to become “partners” with the business at the most senior strategic
levels, but with limited success (Gordon and Gordon 2002). It has become clear from
these initiatives that business–IT interactions are more complex and highly resistant
to change than first assumed and that building a strong relationship with business is a
major challenge for most IT leaders.
We know that the nature and quality of the business–IT relationship are affected
by many factors such as the subfunction of IT involved (e.g., operations, application
development), the business unit involved, the management levels involved, changing
expectations, and general perceptions of IT (McKeen and Smith 2008). However,
research suggests that IT managers are still somewhat naïve about how relationships
work in business and that interpersonal interaction and clear communication are often
missing between the groups. We have also learned that perceptions of the value IT
delivers are correlated with how well IT is perceived to understand and identify with
the business (Anonymous 2002; Gold 2006; Tallon et al. 2000).
Nevertheless, we still know very little about the elements that contribute to a
“strong relationship” between IT and business, nor even about how to characterize
such a relationship (Day 2007). This chapter first looks at the nature of the business–IT
relationship and how an effective relationship could be characterized. Then it examines
in turn each of the four foundational elements of a strong, positive relationship, making
suggestions for how IT managers could strengthen them.

Chapter 4 • Building a Strong Relationship with the Business 39
The NaTure of The BusiNess–iT relaTioNship
“The IT-business relationship is a set of beliefs that one party holds about the other and
how these beliefs are formed from the interactions of . . . individuals as they engage in
tasks associated with an IT service” (Day 2007). The business–IT relationship in orga-
nizations tends to span the full range of relationship possibilities. Some members of
the focus group felt they had generally healthy and positive relationships, and others
labeled them negative or ineffective. Overall, “there’s still a general perception that IT is
slow, expensive, and gets in the way,” said one manager. Even the focus group member
with the most positive business–IT relationship admitted it was “not easy,” and one set
of researchers has described it as typically “arduous” (Pawlowski and Robey 2004).
Although “you can’t have a one-sided relationship,” as one focus group manager
remarked, agreement is almost universal that IT needs to change if it is to improve.
Literally dozens of articles have been written about what IT should be doing to make it
better. For example, IT should better understand the fundamentals of business and aim
to satisfy the “right” customers (Kitzis and Gomolski 2006); act as a knowledge broker
(Pawlowski and Robey 2004); get involved in the business and be skilled marketers
(Schindler 2007); manage expectations (Ross 2006); convince the business that it under-
stands its goals and concerns and communicate in business language (Bassellier and
Benbasat 2004); and demonstrate its competencies (Day 2007). In short, “IT has to keep
proving itself” to the business to demonstrate its value (Kaarst-Brown 2005). Thus, prac-
titioners and researchers both consistently stress that cultivating a strong business–IT
relationship is “a continuous effort” (a focus group member); “ongoing” (Luftman and
Brier 1999); a “core IT skill” (Feeny and Willcocks 1998); and “ emergent” (Day 2007).
On the business side of the relationship, two features stand out. First, business
managers are often disengaged from IT work, according to both the focus group and
researchers (Ross and Weill 2002). For example, in some cases in the focus group, IT
staff have taken on business roles in projects in order to get them done. Second, it is
clear that what business wants from this relationship is continually changing. “The
business–IT relationship is cyclical,” explained one manager. “The business goes back
and forth about whether it wants IT to be an order taker or an innovator. Every time the
business changes what it wants, the relationship goes sour.”
So what do we know about the business–IT relationship in organizations? First, we
know it is a multifaceted interaction of people and processes. It is unfortunately true that
the existence of positive relationships between individual business and IT professionals
does not necessarily mean that interactions will be positive on a particular develop-
ment project, with the IT help desk, with an individual business unit, or between IT
and the business as a whole (McKeen and Smith 2008). Because relationships manifest
themselves in so many ways—formal and informal, tacit and explicit, procedural and
cultural—we must recognize that their complexity means that they don’t lend them-
selves to simplistic solutions (Day 2007; Guillemette et al. 2008; Ross 2006).
Second, we know difficult, complex relationships often exhibit lack of clarity
around expectations and accountabilities and difficulty communicating (Galford and
Drapeau 2003; Pawlowski and Robey 2004). This, in turn, leads to lack of trust. In the
business–IT relationship, “complexity often arises when expectations differ in vari-
ous parts of an organization, leaving a CIO with the difficult task of reconciling them
and elucidating exactly what the IT function’s mission and strategic role should be”

40 Section I • Delivering Value with IT
(Guillemette et al. 2008). Several focus group members complained that different parts
of their business expected different things from IT. “In some parts of our business, they
want IT to be an order-taker; in others, they want us to be thought leaders and innova-
tors,” stated one manager. Another noted, “We live in an age of unmet expectations.
There’s never enough resources to do everything the business wants us to do.”
Third, assumptions by the business about IT tend to cluster into patterns. One
researcher has identified five sets of assumptions: (1) IT is a necessary evil, (2) IT is a
support, not a partner, (3) IT rules, (4) business can do IT better, and (5) business and IT
are equal partners. Business leaders who espouse one of these sets will tend to have sim-
ilar ideas about who should control IT’s direction, how central IT is to business strategy,
the value of IT skills and knowledge, how to justify IT investments, and who benefits
from IT (Kaarst-Brown 2005). Building on this idea, another study has also shown that
business–IT relationships tend to vary along similar patterns. Different organizations
tend to adopt one of five IT value profiles and expect IT to behave in accordance with
the profile selected (see Appendix A). Problems arise when the assumptions and value
profiles espoused by IT conflict with those of the organization or a specific part of the
organization. As a result, many “disconnects” are often present in the relationship. For
example, although IT organizations often seek to be a business partner, their participa-
tion in this way is not always welcomed by the business (Pawlowski and Robey 2004).
Focus group members defined a strong business–IT relationship in ways that
recognize each of these factors. To them, it should include the following:
• Clearly defined expectations, governance models, and accountabilities.
• Trust between the two groups.
• Articulation and incorporation of corporate and client values and priorities in all
IT work.
• A blurred line between business and IT (i.e., no “us vs. them”).
• IT dedicated to business success.
• IT serving as a trusted advisor to the business.
• Mutual recognition of IT value.
In short, a strong business–IT relationship is one where realistic, mutual
expectations are clearly articulated and communicated through individual and
procedural interactions and where both groups recognize that all facets of this
relationship are important to the successful delivery of IT value.
Characteristics of the Business–IT Relationship
• IT has to keep proving itself.
• The business is often disengaged from IT work.
• Business expectations of IT change continually.
• The relationship is affected by the interaction of many people and processes at multiple
• Clarity is often lacking around expectations and accountabilities.
• Business assumptions of IT tend to cluster.
• There are many “disconnects” between the two groups.

Chapter 4 • Building a Strong Relationship with the Business 41
The fouNdaTioN of a sTroNg BusiNess–iT relaTioNship
Strong relationships do not simply happen. They are built over time and, if they are to
deliver value for the organization, they must be built to endure (Day 2007). The focus
group told several stories of how the business–IT relationship in their organization had
deteriorated when a business or IT leader changed or when a project wasn’t delivered
on time. Because it can so easily become dysfunctional, constant attention and nurturing
are needed at all levels, said the focus group. However, building a strong relationship
is not easy to do. Although there is no shortage of prescriptions, the sustained nature
of problems in this relationship suggests that some underlying root causes need to be
addressed (Appendix B provides one organization’s view of what is needed in this
We have suggested previously that four components must be in place in order
to deliver real business value with IT: competence, credibility, interpersonal inter-
action, and trust. The focus group reviewed these components and agreed that they
also form the foundation of a successful and effective business–IT relationship. The
focus group saw that developing, sustaining, and growing a strong business–IT rela-
tionship in each of these areas is closely intertwined with IT’s ability to deliver value
with technology. Therefore, a consistent and structured initiative to strengthen the
business–IT relationship in these dimensions will also lead to an improved ability to
deliver value successfully (see Figure 4.1). In the remainder of this chapter, we look
at these four components in turn, discussing in detail how each acts as an important
building block of a strong business–IT relationship and suggesting how each could
be strengthened.
Interpersonal Interaction
figure 4.1 Strong Relationships are Built on a Strong Foundation

42 Section I • Delivering Value with IT
Building Block #1: Competence
Although a competent IT organization that consistently delivers cost-efficient and reli-
able services is the bare minimum for an IT function, businesses today expect a great
deal more of both their IT organizations and their IT professionals. Although many
IT organizations have adopted an internal service model in order to “operate IT like a
business” and have demonstrated that they can provide services as effectively as exter-
nal service providers, these competencies fall short of what business now expects of IT
(Kitzis and Gomolski 2006). Over the last decade, researchers and practitioners have
identified a number of new competencies that are now required—to a greater or lesser
extent—from all IT professionals.
First and foremost, IT staff need business knowledge. This goes beyond basic know-
ledge of a single business unit to include the “big picture” of the whole organization.
IT personnel need to understand the business context in which their technologies are
deployed, including organizational goals and objectives, capabilities, critical success
factors, environment, and constraints. At all levels, they need to be able to “think about
and understand the development of the business as [any other business] member would
and participate in making [it] successful in the same way” (Bassellier and Benbasat
2004). Furthermore, they need to be able to apply their business understanding to help
the organization visualize the ways in which “IT can contribute to organizational per-
formance and look for synergies between IT and business activities” (Bassellier and
Benbasat 2004). In this regard, an important competence an IT department and its staff
can bring to an organization is cross-domain and cross-functional business knowledge
(Kitzis and Gomolski 2006; Wailgum 2008a).
Developing business knowledge does not mean that IT staff should become busi-
nesspeople but that they should be able to demonstrate they understand the business’s
goals, concerns, language, and processes and are working to help achieve them (Feeny
and Willcocks 1998). One focus group organization surveyed its senior managers about
IT and found that these managers felt IT staff had a poor understanding of the business;
as a result, they didn’t trust IT’s ideas.
Other key competencies that IT must cultivate include the following:
• Expertise. This includes having up-to-date knowledge, being able to support a
technical recommendation, applying expertise to a particular business situation,
and offering wise advice on risks, options, and trade-offs, as well as the ability
to bring useful new ideas and external information (e.g., about new technolo-
gies or what the competition is doing with technology) to the business (Joni 2004;
Pawlowski and Robey 2004).
• Financial Awareness. Awareness of how IT delivers value and the ability to act in
accordance with this value is a rare and prized skill (Mahoney and Gerrard 2007).
All the focus group members felt pressure to continually demonstrate the business
value of IT and recognized a strong need to make all IT staff more aware of such
concepts as ROI, total cost of ownership, and how IT affects the bottom line and/or
business strategy.
• Execution. It is not enough to understand the business and develop a vision;
IT must also operationalize them. Since much of the business–IT relationship is
dynamic—that is, continually being re-created—every IT action speaks about its
competence. It is well known that the inability to deliver an individual project on

Chapter 4 • Building a Strong Relationship with the Business 43
time and within budget will undermine the business’s view of IT’s overall compe-
tence. However, it is also the case that the actions of IT operations, the help desk,
and other IT subfunctions will also be held up to similar scrutiny. As one focus
group manager stated, “Poor delivery of any type can break a relationship.”
In short, if the IT function is not seen to be competent at executing basic IT services
or able to communicate in business terms, it will simply not be given an opportunity to
participate in higher-order business activities, such as planning and strategy develop-
ment (Gerrard 2006).
sTreNgTheNiNg CompeTeNCe
• Find ways to develop business knowledge in all IT staff. Focus group members
use “lunch and learn” sessions, job shadowing, and short-term assignments in
the business to accomplish this, but they recognize that more needs to be done to
develop this competence.
• Link IT’s success criteria to business metrics. This not only lifts IT’s perspective
to larger business concerns, but it also introduces all IT staff to the key financial and
other measures that drive the rest of the organization.
• Make business value an explicit criteria in all IT decisions. Asking why the busi-
ness should care about a particular IT decision, and how it will affect the business
in both the long and short terms, changes the focus of IT professionals in a subtle
but very effective way, enabling them to communicate even technical decisions in
business terms.
• Ensure effective execution in all IT activities. This ensures that IT sends a consis-
tent message of competence to all parts and levels of the organization.
Building Block #2: Credibility
Credibility is the belief that others can be counted on to do what they say they will
do. It is built in many ways. Keeping agreements and acting with integrity, honesty,
and openness are essential behaviors, whereas lack of timely and substantive responses
and failure to observe deadlines can undermine it (Feeny et al. 1992; Greenberg et al.
2007). Focus group managers concurred that credibility is very important to the busi-
ness–IT relationship. Although in earlier days, credibility was largely about the ability
to deliver systems on time and budget, now earning and maintaining credibility with
the business has become more complex. Today’s IT projects often involve many more
elements (e.g., multiple platforms, risk management, adherence to laws and standards)
and stakeholders than in the past, and the methods and tools of delivery are constantly
changing. Furthermore, research shows that it is often the “little things” that can be
most significant in undermining credibility and that people often make decisions based
on IT’s attention or inattention to such details (Buchanan 2005). One study concluded
that “each and every IT service incident and event must be considered for its long-term
influence” (Day 2007).
IT staff often assume that because they are competent they will be credible, but this
is an invalid assumption. Thus, for example, a survey of CIOs found that they wished
their developers “didn’t appear so clueless to the rest of the organization” (Wailgum
2008b). It is essential, therefore, that competence be demonstrated for others to feel

44 Section I • Delivering Value with IT
someone is credible (Ross 2006). This is especially important in relationships where
there is little face-to-face interaction. In these cases in particular, work must be visible
and communication constant in order to demonstrate credibility (Hurley 2006).
sTreNgTheNiNg CrediBiliTy
• Communicate frequently and explicitly. Make progress and accomplishments
visible in clear and nontechnical ways. Focus group members found that when
difficult decisions are planned together and clearly articulated in advance, much
less tension develops in the relationship.
• Pay attention to the “little things.” Wherever possible, take steps to provide
prompt feedback and responses to queries and to ensure consistently high- quality
service encounters.
• Utilize external cues to credibility. Examples include awards, endorsements from
third parties, and the experience and background of IT staff. These specifics can be
very useful when starting a new relationship with the business.
• Assess all business touch points. All focus group members stressed the need to
really listen to what the business says about its expectations and the problems it
feels exist in the relationship. Just the effort alone sends a strong and positive mes-
sage about the importance of this relationship, said a manager. However, he also
stressed that undertaking such a review creates expectations that changes will be
made, so regular reports back to the business about what is being done to improve
things are especially important.
Building Block #3: interpersonal interaction
The business–IT relationship is shaped by the development of mutual understand-
ing, interests, and expectations, which are formed and shaped during a wide variety
of interpersonal interactions (Gold 2006). Business–IT interactions must be developed
and nurtured at many different levels in the business–IT relationship, said focus group
managers, and although CEO–CIO interactions can set the tone for the relationship, the
connections at multiple touch points contribute to its overall quality (Flint 2004; Prewitt
2005). The following are the four significant dimensions of interpersonal interaction:
• Professionalism. This is the unarticulated set of working behaviors, attitudes,
and expectations that serves as the glue that keeps teams of diverse individuals
working together toward the same goal. These behaviors are not only carefully
watched by the business, they are also just as important within IT, said the focus
group. Members noted that difficult internal IT relationships can lead to problems
delivering effective IT services. Five sets of attitudes and behaviors contribute to
developing IT professionalism: (1) comportment (i.e., appearance and manners on
the job), (2) preparation (i.e., displaying competence and good organization), (3)
communication skill (i.e., both clarity and etiquette), (4) judgment (i.e.,  the abil-
ity to make right choices for the organization), and (5) attitude (i.e.,  caring about
doing a job well and about doing the right thing for the company) (McKeen and
Smith 2008).
• Nontechnical communication. Over and over, research has found that the inabil-
ity to communicate clearly with the business in its own terms can undermine the

Chapter 4 • Building a Strong Relationship with the Business 45
business–IT relationship (Bassellier and Benbasat 2004; Kitzis and Gomolski 2006).
Today, because IT staff work across many organizational boundaries, they must
also be effective at translating and interpreting needs, not only from business to
technology and vice versa, but also between business units, in order to enable
members of different communities to understand each other (Wailgum 2008a).
Increasingly, as IT programs and services are delivered collaboratively by external
partners and to external partners, clarity in communication is becoming mission
• Social skills. The social dimension of the business–IT relationship is often
ignored by both sides, leading to misunderstandings and lack of trust (Day 2007).
Social bonds help diverse groups build trust and develop a common language,
both of which are essential to a strong relationship. Socialization also helps build
mutual understanding, enabling all parties to get comfortable with one another
and uncovering hidden assumptions, which may become obstacles to success
(Kaarst-Brown 2005). Socialization also develops empathy and facilitates problem
solving (Feeny and Willcocks 1998).
Unfortunately, many IT organizations are structured in ways that create barri-
ers between business and IT. For example, the use of “relationship managers” to act as
interfaces between IT and the business is a mixed blessing. Although individually, these
managers may be skilled and viewed positively by the business, focus group members
noted that their position often leads them to act as gatekeepers to the business. One
manager mentioned being hauled on the carpet to explain his lunch with a business
manager (a personal friend), which hadn’t been approved by the relationship manager!
“We need a broad range of social interactions with the business,” said another manager.
“We use account managers, but we also encourage interactions through such things
as lunches and social events.” Ongoing, face-to-face interaction is the ideal, but with
today’s virtual teams and global organizations, other forms of social interaction, such
as networking and collaboration tools, are being introduced to help bridge gaps in this
area. Social bonds can be created in a virtual environment, but these take longer and are
harder to develop although they are, if anything, more important than in a more tradi-
tional workplace (Greenberg et al. 2007).
• Management of politics and conflict. The business–IT relationship can be
turbulent, and IT personnel are not noted for their skills in dealing with the
conflicts and challenges involved. Furthermore, conflict and politics tend to
be exacerbated by the types of projects most commonly undertaken by IT—that
is, those that cross internal and external organizational boundaries (Weiss and
Hughes 2005). As a result, IT functions and personnel need ways to effectively
address conflict and use it to deliver creative solutions. All too often, conflict is
avoided or treated as a “hot potato” to be tossed up the management hierarchy
(Weiss and Hughes 2005). Straight talk and the development of a healthy give-
and-take attitude are fundamental to dealing with conflict at its source. Experts
also recommend the development of transparent processes for managing
disagreements and frank discussions of the trade-offs involved in dealing with
problems (Pascale et al. 1997). These not only help stop damaging escalation
and growing uncertainty but also help to model conflict-resolution skills for the
staff involved.

46 Section I • Delivering Value with IT
As well, failure to understand the role of politics in a particular organization
makes IT personnel less effective in their business interactions because they cannot craft
“win–win” solutions. Thus, all IT staff need to understand something about politics and
how they can affect their work. At more senior levels, it is imperative that IT profes-
sionals learn how to act “wisely and shrewdly in a political environment” (Kitzis and
Gomolski 2006). Since politics are part of every business relationship and cannot be
avoided, IT personnel must learn how to work with them, said focus group members,
even if they are trying to avoid them as much as possible.
sTreNgTheNiNg iNTerpersoNal iNTeraCTioNs
• Expect professionalism. IT managers must not only articulate professional values
and behaviors, they must also live them and measure and reward them in their
• Promote a wide variety of social interactions at all levels. Whether face-to-face
or virtual, sharing information about each other ’s background and interests is
an important way to bolster working relationships at all levels. Therefore, even
where formal relationship managers are in place, IT leaders should encourage all
IT staff to connect informally with their business colleagues. “Social interaction
facilitates quick problem ownership and resolution and helps to develop a com-
mon language,” said a focus group participant. Although the need for socializa-
tion increases as one moves up the organizational hierarchy, even at the lowest
levels staff should be expected to spend about 10 percent of their time in this type
of interaction (Kitzis and Gomolski 2006).
• Develop “soft skills” in IT staff. Although the need for interpersonal skills in IT
has never been greater, many companies still give their development short shrift,
preferring instead to stress technical competencies. In developing interpersonal
skills, formal training should be only one component. It is even more important
that IT managers take time to develop such skills in their staff through mentor-
ing and coaching. Many focus group members have implemented “soft” skills
development initiatives informally, but they have also admitted that the pressure
to be instantly productive often detracts from both business and IT participation
in them.
Building Block #4: Trust
Effective interpersonal interactions, a belief that the job at hand will get done and get
done right, and demonstrated business and technical competence are all required to
facilitate trust that IT can be a successful partner with the business. But even if these
are in place, proactive measures are still needed to actually build trust between the two
groups. In many firms, an underlying sense of distrust of IT as a whole remains:
IT’s processes are notoriously convoluted and bureaucratic, leaving the business
unsure of how to accomplish their business strategies with IT. From strategy
alignment to prioritization to budgeting and resourcing to delivering value to
managing costs, it must be clear that what IT is doing is for the benefit of the
enterprise, not itself. (McKeen and Smith 2008)

Chapter 4 • Building a Strong Relationship with the Business 47
The most important way to build trust at this level is through effective gover-
nance. The story of how one CIO managed to transform the business–IT relationship at
Farm Credit Canada illustrates its importance:
[At FCC, when Paul MacDonald became CIO], IT was considered a necessary
evil. Business people were afraid of it and wished it would just go away. . . .
[Transforming this relationship] was a very difficult and complex job—especially
for cross-functional processes. Clear responsibilities and accountabilities had to be
defined. . . . “It’s all about clarity of roles and responsibilities,” MacDonald said.
The new IT governance model was validated and refined through sessions with
key business stakeholders. “These sessions were important to demonstrate that we
weren’t just shuffling the boxes around in IT,” [MacDonald] said. . . . MacDonald
also made sure that the new model actually worked the way it was supposed to.
“There were cases where it didn’t . . . and with these, we made changes in our pro-
cesses.” He attributes his willingness to make changes where needed to his ability
to make the new model actually function the way it was supposed to. . . .
“Today, at FCC user satisfaction is very high and IT is seen as being indis-
pensable. . . . [MacDonald] stressed that it is important to review and refine the
new governance model continually.” “There were some things that just didn’t
work,” he said. “We are still constantly learning.” (Smith and McKeen 2008)
Effective governance should be designed to build common business goals and
establish a good decision-making process (Gerrard 2006). Mature processes in IT and
transparency about costs develop trust (Levinson and Pastore 2005; Overby 2005).
A  focus group manager stated succinctly, “[M]ore transparency equals fewer sur-
prises and you get transparency through governance.” Aspects of governance that
have enhanced trust in focus group organizations include integrated planning, defined
accountabilities, a clear picture of mandates and authorities, and clarity around how
work gets done.
Another focus group manager explained the importance of governance in this way:
In the past, we couldn’t break the trust barrier. Now, [with an effective governance
structure] we are more proactive and are fighting fewer fires. Our processes ensure proper
escalation and a new focus on value. In short, governance captures the value of a good
relationship and good fences make good neighbours.
Trust is essential for both superior performance and for developing the collabora-
tive relationships that lead to success (Greenberg et al. 2007). It is developed through
consistency, clear communication, willingness to tackle challenges, and owning up to
and learning from mistakes (Upton and Staats 2008). Both inconsistent messages to
stakeholders and inconsistent processes and standards can seriously undermine trust
(Galford and Drapeau 2003).
Nevertheless, it must be stressed that there is no optimal form of governance
(Gordon and Gordon 2002). The key is to develop a model of IT governance that
addresses the business’s expectations of its IT function. Thus, an IT organization can best
build trust if it clearly understands the organization’s priorities for IT and designs its
governance model to match (Guillemette et al. 2008).

48 Section I • Delivering Value with IT
sTreNgTheNiNg TrusT
• Design governance for clarity and transparency. IT leaders should assess how the
business views IT processes—from the help desk on up. It is important to recognize
that all processes play a very visible role in how IT is viewed in the organization
and that clear, effective, and fair processes are needed to break the “trust barrier”
between business and IT at all levels.
• Mandate the relationship. Although it may seem counterintuitive, companies
have had success from strictly enforcing relationship basics such as formal roles and
responsibilities, joint scorecards, and the use of common metrics. Such structural
measures can ensure that common expectations, language, and goals are developed
and met.
• Design IT for business expectations. Clearly understanding the primary value the
business wants IT to deliver can help IT understand how to focus its process and
governance models (see Appendix A).
There is clearly no panacea for a strong busi-
ness–IT relationship. Yet, the correlation
between a good relationship and the ability
to deliver value with IT makes it impera-
tive that leaders do all they can to develop
effective interpersonal and interfunctional
business–IT relations. It is unfortunately still
incumbent on IT leadership to take on the
bulk of this task, if only because it will make
IT organizations more effective. Business–IT
relationships are complex, with interactions
of many types, at many levels, and between
both individuals and across functional and
organizational entities. This chapter has not
only identified and explored what a strong
business–IT relationship should look like in
its many dimensions but also has described
the four major components needed to build
it: competence, credibility, interpersonal
skills, and trust. Unfortunately, business–IT
relationships still leave a lot to be desired in
most organizations. Recognizing that what it
takes to build a strong business–IT partner-
ship is also closely related to what is needed
to deliver IT value may help to focus more
attention on these mission-critical activities.
Anonymous. “Senior IT People Excluded from
IT Decision-Making.” Career Development
International 7, no. 6/7 (2002).
Bassellier, G., and I. Benbasat. “Business
Competence of Information Technology
Professionals: Conceptual Development and
Influence on IT-Business Partnerships.” MIS
Quarterly 28, no. 4 (December 2004).
Buchanan, L. “Sweat the Small Stuff.” Harvard Business
Review (April 2005).
small-stuff/ar/1 (accessed March 10, 2011).
Day, J. “Strangers on the Train: The Relationship
of the IT Department with the Rest of the
Business.” Information Technology and People 20,
no. 1 (2007).
Feeny, D., B. Edwards, and K. Simpson.
“Understanding the CEO/CIO Relationship.”
MIS Quarterly 16, no. 4 (1992).
Feeny, D., and L. Willcocks. “Core IS Capabilities
for Exploiting Information Technology.”
Sloan Management Review 39, no. 3 (Spring

Chapter 4 • Building a Strong Relationship with the Business 49
Flint, D. “Senior Executives Don’t Always Realize
the True Value of IT.” Gartner Inc., ID Number:
COM-22-5499, June 21, 2004.
Galford, R., and A. Drapeau. “The Enemies of
Trust.” Harvard Business Review #R0302G
(February 2003).
Gerrard, M. “Three Critical Success Factors in the
Business/IT Relationship.” Gartner Inc., ID
Number: G00143352, October 18, 2006.
Gold, R. “Perception Is Reality: Why Subjective
Measures Matter and How to Maximize Their
Impact.” Harvard Business School Publishing
Balanced Scorecard Report (July–August 2006).
Gordon, S., and J. Gordon. “Organizational
Options for Resolving the Tension Between
IT Departments and Business Units in the
Delivery of IT services.” Information Technology
and People 15, no. 4 (2002).
Greenberg, P., R. Greenberg, and Y. Antonucci.
“Creating and Sustaining Trust in Virtual
Teams.” Business Horizons 50 (2007).
Guillemette, M., G. Paré, and H. Smith. “What’s
Your IT Value Profile?” Cahier du GReSI #08-04.
Montréal, Canada: HEC Montréal, November
Hurley, R. “The Decision to Trust.” Harvard
Business Review #R0609B (September 2006).
Joni, S. “The Geography of Trust.” Harvard
Business Review #R0403F (March 2004).
Kaarst-Brown, M. “Understanding an
Organization’s View of the CIO: The Role
of Assumptions About IT.” MIS Quarterly
Executive 4, no. 2 (June 2005).
Kitzis, E., and B. Gomolski. “IT Leaders Must
Think Like Business Leaders.” Gartner Inc., ID
Number: G00143430, October 26, 2006.
Levinson, M., and R. Pastore. “Transparency
Helps Align IT with Business.” CIO Magazine
(June 1, 2005).
Luftman, J., and T. Brier. “Achieving and
Sustaining Business–IT Alignment.” California
Management Review 41, no. 1 (Fall 1999).
Mahoney, J., and M. Gerrard. “IT Value
Performance Tools Link to Business–IT
Alignment.” Gartner Inc., ID Number:
G00152551, November 2, 2007.
McKeen, J., and H. Smith. IT Strategy in Action.
Upper Saddle River, NJ: Pearson-Prentice Hall,
Overby, S. “Turning IT Doubters into True
Believers: Executive Summary.” CIO Research
Reports (June 1, 2005).
Pascale, R., M. Millemann, and L. Gioja.
“Changing the Way We Change.” Harvard
Business Review (November–December 2007).
Pawlowski, S., and D. Robey. “Bridging User
Organizations: Knowledge Brokering
and the Work of Information Technology
Professionals.” MIS Quarterly 28, no. 4 (2004).
Prewitt, E. “The Communication Gap.” CIO
Magazine (June 1, 2005).
Ross, J. “Trust Makes the Team Go ‘Round.’”
Harvard Management Update 11, no. 6 (June
2006): 3–6.
Ross, J., and P. Weill. “Six IT Decisions Your IT
People Shouldn’t Make.” Harvard Business
Review #R0211F (November 2002).
Schindler, E. “What IT Can Learn from the
Marketing Department.” CIO Web 2.0 Advisor,
September 21, 2007.
keting_department (accessed March 10, 2011).
Smith, H., and J. McKeen. “Creating a Process-
Centric Organization at FCC: SOA from the
Top Down.” MIS Quarterly Executive 7, no. 2
(June 2008): 71–84.
Tallon, P., K. Kramer, and V. Gurbaxani.
“Executives’ Perceptions of the Business Value
of Information Technology: A Process-Oriented
Approach.” Journal of Management Information
Systems 16, no. 4 (Spring 2000).
Upton, D., and B. Staats. “Radically Simple IT.”
Harvard Business Review R0803 (March 2008).
Wailgum, T. “Why Business Analysts Are So
Important for IT and CIOs.” CIO Magazine
(April 16, 2008a).
Wailgum, T. “Eight Reasons Why CIOs Think
Their Application Developers Are Clueless.”
CIO Magazine (September 3, 2008b).
Weiss, J., and J. Hughes. “Want collaboration?
Accept—and Actively Manage—Conflict.”
Harvard Business Review #R0503F (March 2005).

50 Section I • Delivering Value with IT
Appendix A
The Five IT Value Profiles
Each of the following profiles is a unique way for IT to contribute to an organization.
One is not “better” than the other, nor is one profile more or less mature than any other.
Each represents a different, consistent way of organizing IT to deliver value. Each is
different in five ways: main activities, dominant skills and knowledge, the business–IT
relationship, governance and decision-making, and accountabilities.
Profile A: Project Coordinator
This type of IT function coordinates IT activities between the business and outsourc-
ers. Therefore, the primary value it delivers is organizational flexibility through the
IT outsourcing strategy it establishes and through promoting informed IT decision
making in the business units. The Project Coordinator function works with the busi-
ness units, helping them formalize their requirements, and then finds an outsourcer
to develop and implement what is needed. The Project Coordinator also manages
the relationships between vendors and business units, not only with the organiza-
tion’s current activities but also in planning for the future by developing strategic
Profile B: Systems Provider
The primary mission of the Systems Provider is to provide the organization with qual-
ity information systems at the lowest possible cost. Strategically, the Systems Provider
uses the organization’s business plans to set IT’s goals, prepare budgets, and determine
the resources needed to implement the organization’s strategy for the required systems
development projects.
Profile C: Architecture Builder
The primary mission of this type of IT function is to link the firm’s various business
units by integrating computerized systems, data, and technological platforms. The
Architecture Builder seeks to design a flexible architecture and infrastructure that will
meet the company’s needs. The architecture builder typically receives broad strategic
direction from the organization and designs an architecture and infrastructure with
which the organization can implement its strategy.
Profile D: Partner
The main objective of the Partner IT function is to create IT-enabled business capabili-
ties to support current business strategies. IT and the business collaborate to achieve a
two-way strategic alignment that is developed iteratively and reciprocally over time.
The Partner is a catalyst for change in business processes and seeks to improve organi-
zational efficiency. As guardian of the organization’s business processes, the Partner’s
mission therefore extends far beyond its technological tools.

Chapter 4 • Building a Strong Relationship with the Business 51
Profile E: Technological Leader
The Technological Leader tries above all to use innovation to transform the organiza-
tion’s strategy. IT’s main objective is therefore to identify opportunities, find innovative
organizational applications for technology that will enable the organization to secure a
significant competitive advantage, and then implement such applications.
Source: Guillemette et al. 2008.
Appendix B
Guidelines for Building a Strong Business–IT Relationship
The following was provided by a focus group member and is an excerpt from a com-
pany memo on improving the business–IT relationship.
Now more than ever, we must truly understand the business transformation
agenda. This will require us to potentially interact differently than in the past or in a
mode beyond what our executives may be looking for. We must
• Stop acting as and being viewed as order takers once IT projects have been
• Develop an understanding of business improvement ideas before they become ini-
tiatives or projects.
• Be prepared to offer alternative perspectives on business solutions.
• Be part of the strategic equation and have “feet on the street.”
• Engage early before ideas and issues turn into projects.
• Continue to shape the solution during pre-concept and concept phases.
To develop a relationship with the business units where we are viewed as a trusted
advisor and as adding value, we need to truly be part of their decision-making process
and team. We must ask ourselves the following questions:
• Are we considered a member of the business’s senior leadership team?
• Are we consulted before decisions are made or just asked to execute what has
already been decided?
• Are we involved in shaping the content of the strategic agenda not just its schedule?
Creating a consistent forum for one-on-one strategic interaction should allow us
to rise above the normal churn of issues, projects, or other regularly scheduled meet-
ings and be positioned to truly start understanding where our help is needed. Potential
short-term next steps include the following:
• Get invited to each business unit’s leadership team meetings.
• Schedule a monthly one to one strategy meeting with no set agenda.

C h a p t e r
5 Communicating with Business Managers1
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen. “How
to Talk so Business Will Listen . . . and Listen so Business Can Talk.” Communications of the Association for
Information Systems 27, Article 13 (August 2010): 207–16. Reproduced by permission of the Association for
Information Systems.
At an IT governance meeting, attended by all our business executives,
our IT architect was asked to discuss IT security and what steps
needed to be taken to improve it. The architect proceeded to bombard
the executives with extremely low-level details—an oversaturation of
information, which they did not understand—and he lost their attention
in very short order. What he did not do was deliver information in a
positive manner geared to his audience. As a result, there was diminished
business interest and understanding about this topic and a slowed-down
budget for needed upgrades, which also affected other projects.
—(Senior IT manager in a global retail organization)
As this true story illustrates, the ability to communicate with the business in busi-ness terms does not appear to be a current IT strength. This is a serious problem for IT managers because as IT and business grow more entwined, IT staff are
going to need to be increasingly organization savvy and possess greater business and
interpersonal competencies (Basselier and Benbasat 2004; Karlsen et al.; 2008; Mingay
2005). Yet, despite consistent complaints from both business and IT leaders about how
IT staff lack business and communication skills, it seems that many IT departments still
hire largely for technical competencies and have little budget available for “soft skills”
development (Cukier 2007). Problems communicating with business continue to play a
significant part in today’s poor perceptions of IT in organizations and inhibit what IT is
able to do for the organization (McKeen and Smith 2009). IT managers often bemoan the
fact that IT-based initiatives—for example, to implement new technologies or establish

Chapter 5 • Communicating with Business Managers 53
a standard infrastructure—which they believe could have significant benefits for their
organizations are not funded. Many of the reasons for this lie in IT’s inability to explain
the value of such investments in terms the business will understand.
In short, one of the most important skills all IT staff need to develop today is how
to communicate effectively with business. “Effective communication between IT . . . and
its stakeholders has never been so important . . . so complex or so difficult to get right.”
(Mingay 2005). Over and over, research has shown that if IT and business cannot speak
the same language, focus on the same issues, and communicate constructively, they
cannot build a trusting relationship (Karlsen et al. 2008). And business is consistently
more negative than IT about IT’s abilities in communicating effectively. In fact, even
while IT collaboration is improving, business’s assessment of IT’s communication skills
is declining (Willcoxson and Chatham 2004).
Much attention has been paid to organizational alignment between IT and
business (e.g., governance, structure), while very little has been paid to the nature
and impact of the social dimension of alignment, a big element of which involves
communication (Reich and Benbasat 2000). This chapter explores the business and
interpersonal competencies that IT staff will need in order to do their jobs effectively
over the next five to seven years and what companies should be doing to help develop
them. It begins by characterizing the state of communication in the business–IT rela-
tionship and why “good communication” is becoming increasingly important. Then,
it explores what is meant by “good communication” in this relationship and looks at
some of the inhibitors of effective communication between these groups. Finally, it dis-
cusses the key communication skills that need to be developed by IT staff and makes
recommendations for how organizations can improve or develop communication in the
business–IT relationship.
CommuniCation in the Business–it Relationship
“Poor communication is a constant source of irritation, confusion, and animosity,”
said one focus group manager. Another agreed: “So many of our IT staff don’t under-
stand organizational dynamics. They say and do things that would be completely
inappropriate anywhere else in our company.” There is general agreement between
practitioners and researchers that poor business–IT communication is the source
of poor relationships and alignment between these groups (Bittler 2008; Reich and
Benbasat 2000). One study noted:
Many IT people have “turned off” their business peers with too much techni-
cal jargon. This is one reason why the number of IT people that are “allowed” to
speak with business people has been deliberately limited in many organizations.
(Bittler 2008)
Communication is both an enabler and an inhibitor of a good business–IT
relationship. On one hand, poor communication tends to be persistent and of lasting
concern to practitioners (Coughlan et al. 2005). Often, IT personnel are perceived to
live in an “ivory tower,” disengaged from the needs of the business (Burton et al.
2008). Typically, these problems are described as a communication or a cultural “gap”

54 Section I • Delivering Value with IT
between the two groups and are considered a major cause of systems development fail-
ures (Coughlan et al. 2005; Reich and Benbasat 2000). “We struggle with communica-
tion gaps and challenges,” said a manager. “There’s a lot of IT arrogance we need to
deal with.” Another commented, “IT doesn’t listen and doesn’t talk the talk.”
On the other hand, there is broad recognition that good communication is essential
for many reasons. First, it is fundamental to building a strong, positive business–IT rela-
tionship. “When business people believe IT people ‘get it,’ the relationships are always
improved” (Bittler 2008). Second, it helps set sensible expectations of IT and helps IT to
manage how it is perceived in business (Day 2007). Third, it is an essential element of
building trust and partnership, which in turn help drive the delivery of business value
(McKeen and Smith 2012). Fourth, it is essential to conveying the business value of IT
(Hunter 2007). And finally, it is critical to understanding the priorities and pressures of
the business. Focus group managers spoke of the need for staff who would listen and look
for new opportunities to deliver business value. In short, good communication is widely
seen as being critical for IT to deliver successful projects, effective performance, and value
( Karlsen et al. 2008; Reich and Benbasat 2000; Willcoxson and Chatham 2004).
As a result, improving communication is increasingly recommended as a top pri-
ority for IT managers (Burton et al. 2008; Mingay 2005). Several managers stated that
they are working on building communication into their annual goals and into their
expectations of staff. What is missing, however, is a better understanding of the nature
of good business–IT communication and some of the obstacles IT managers face in
improving it (Coughlan et al. 2005). Thus, poor communication continues to be the
norm in most organizations (Pawlowski and Robey 2004).
What is “Good” CommuniCation?
Unfortunately, there is no magic formula for defining and teaching “good” communica-
tion since it is a complex concept that has many dimensions. There are, however, some
principles that are recognized as important elements of effective communication which
can be used as guidelines for those who wish to assess their communication performance.
• Principle 1: The effectiveness of communication is measured by its outcomes.
Communication is successful when it achieves the outcomes we desire (Gilberg 2006).
However, all too often we measure communication by our intentions rather than its out-
comes. The problem with that is this: “Communication is in the ear of the beholder,”
and even the most direct, clear, understandable, and consistent message can there-
fore get distorted through such filters as politics, culture, and personal points of
view. As messages get passed along to others, they get further distorted, much like
in the children’s game of “Telephone.” One study showed that although 97 percent of
managers believed their own communication was clear, only 25 percent of the same
people believed that the communication they received from their direct superior was
clear and effective (Martin 2006). Another study showed that IT managers feel their
communication is more effective than business managers feel it is (Willcoxson and
Chatham 2004).
• Principle 2: Communication is social behavior. Communication not only trans-
mits ideas but also negotiates relationships. Thus, how you say what you mean is

Chapter 5 • Communicating with Business Managers 55
just as important as what you say (Tannen 1995). This is an especially important
principle for IT staff to learn because, as teams become increasingly diverse and
virtual, many of the traditional nonverbal signals that we instinctively rely on to
provide meaning are lost. A host of factors act as a social subtext to our commu-
nication: tone of voice, rate of speed, degree of loudness, and pacing and pausing.
These are all culturally learned signals that affect how we evaluate each other as
people (Tannen 1995). Gender and culture are key social filters that all of us use.
For example, the degree of directness and indirectness in communication has often
been a source of significant misunderstandings. Women learn to be more indirect
when telling others what to do so as not to be perceived as “bossy”; men are indi-
rect when admitting to fault or weakness. In short, there is no one “right” way to
speak, but speakers and listeners need to become more aware of the power of dif-
ferent linguistic styles, and managers must learn to use and take advantage of these
styles in different communication situations (Tannen 1995).
• Principle 3: Shared knowledge improves communication. It is all too well known
that many IT people don’t “speak the language of the business.” As one manager
stated, “Many IT staff think they’ve ‘communicated’ by explaining a technology need
or a technology decision, instead of ensuring that everyone understands the business
implications of what’s involved.” Studies show that the more IT staff learns about
the business, the better communication becomes (Reich and Benbasat 2000). This is
true not only because IT people understand business better but also because shared
knowledge leads to increased frequency of communication and greater mutual under-
standing, both of which lead to more success in implementation, which in turn leads
to more communication and improved relationships (Reich and Benbasat 2000). Thus,
the creation of shared knowledge can be the beginning of a “virtuous circle” of con-
tinuously improving communication (see Figure 5.1).
• Principle 4: Mature organizations have better communication. Although commu-
nication is a social process, it is also embedded within and fundamental to organiza-
tional processes (Coughlan et al. 2005). Organizational maturity plays a significant
part in the effectiveness of business–IT communication because strong practices
support and reinforce good interpersonal communication. “You can’t be a part-
ner unless you’re a mature IT organization,” explained one manager. The research
supports this contention, showing that high-performing IT functions have a strong
foundation of communication (Peppard and Ward 1999; Reich and Benbasat 2000).
Thus, successful IT organizations embed appropriate communication in their pro-
cesses and consider this to be a significant component of IT’s work (Mingay 2005).
This work is even more important in times of organization transformation. “We are
quite good about communicating operationally,” said a manager, “but we need to
improve when talking with our business executives about strategy.” Another com-
mented, “we need better skills to move up the ‘run, change, innovate’ curve, and
we need the organizational maturity to do this.” The focus group identified some
of the areas where improved maturity could help communication: developing busi-
ness cases; assessing risk; integrating with the “big picture”; and communicating
across business silos. In short, although communication is often seen as an individ-
ual competency, it should be viewed and managed as an IT functional competency
at all levels.

56 Section I • Delivering Value with IT
oBstaCles to effeCtive CommuniCation
Why is it so difficult to achieve effective business–IT communication? The principles
haven’t changed much over time, but they have often not been applied, or they have
been forgotten or ignored as busy IT managers focus on tight timelines and major
deliverables (Mingay 2005). However, in addition to these considerations, some other
obstacles to effective communication can hinder or prevent communication from
occurring. These include the following:
• The changing nature of IT work. There is no question that IT work has become
more complex over time. Increasingly, IT staff are intermediaries between third-party
contract staff, global staff, or external stakeholders and vendors as well as tradi-
tional business users. When multiple cultures, different political contexts, diverse
time zones, and virtual relationships are added into the mix, communication simply
becomes more multifaceted and challenging. Furthermore, organizations are expect-
ing IT to do more for them. Transformation, innovation, or simply bigger and more
visible projects all require more communication than the norm and therefore more
management attention (Mingay 2005). “We must take a broader view of communi-
cation,” stated an IT manager. “And we need conversations at many levels.” Thus,
although IT may have adopted communication solutions that meet the needs of the
past, these are inadequate for present and future needs.
Shared Knowledge
Mutual Understanding
and “Common Sense”
fiGuRe 5.1 Shared Knowledge Leads to Improved Communication

Chapter 5 • Communicating with Business Managers 57
• Hiring practices. “IT organizations can no longer support smart, super-talented,
but socially disruptive people who cannot work well with a team or with the
business,” said one manager. The group concurred that IT skills are changing to
become more consultative and collaborative. Yet, frequently their organizations still
hire for technology skills, rather than the “softer” skills, such as communication,
which are essential for success these days. One study found that there is seri-
ous misalignment in hiring between “the skills needed for a job (which heavily
emphasize communication and general business skills . . . ) [and] the job require-
ments that are . . . advertised (which tend to emphasize formal technical training)”
(Cukier 2007).
• IT and business organization structures. A few years ago, many IT functions
attempted to deal with their communication problems by creating relationship
managers. These were skilled IT individuals whose job was to bridge the busi-
ness and IT organizations and thus act as a communication conduit between the
two groups. Unfortunately, relationship managers have become a mixed blessing
at best and an obstacle at worst, restricting contact between the two groups and
thereby limiting the development of shared knowledge and mutual understand-
ing. “Relationship managers appear to do more to exacerbate rather than amelio-
rate,” found one study (Coughlan et al. 2005). A focus group manager agreed, “You
can’t partner if your only contact is through a relationship manager.” Furthermore,
business silos can make communication about enterprise issues extremely chal-
lenging for IT staff, who can be expected to play a “knowledge broker” role, not
only between IT and business but also between business units (Pawlowski and
Robey 2004).
• Nature and frequency of communication. It’s a bit of a chicken-and-egg situa-
tion: More frequent contact with business leads to improved communication, but
IT’s communication is often so full of jargon, technocentric, and inappropriate that
many organizations have sought ways to limit the amount and nature of commu-
nication between the two groups. One study found that about one-third of IT staff
simply did not speak to the business at all (Basselier and Benbasat 2004). However,
some of the focus group stated that, even when they are not restricted, IT staff often
have trouble getting business to take the time to sit with them. Researchers have
pointed out that it is the sharing of tacit and unstructured knowledge, which takes
place in low-risk and informal settings, that contributes most to effective communi-
cation and mutual understanding (Basselier and Benbasat 2004; Dunne 2002; Kitzis
and Gomolski 2006). Limiting one’s focus to formal interactions (e.g., through IT
governance processes) has been shown to be the least effective way of communicat-
ing successfully (Dunne 2002).
• Attitude. Finally, IT’s attitude can be a huge obstacle to good communication. It
was surprising to hear this complaint from so many in the focus group. “Our IT
staff think their work is about IT. They don’t understand that we’re here to deliver
business value with technology,” one manager stated. One manager described IT
staff as “crotchety”; another as “obtuse”; and several stated IT staff are “defen-
sive.” It is not surprising that if this is the case, a negative attitude on the part of an
IT worker toward his or her work, business, or employer ends up being reflected
in communication and how it is perceived (McKeen and Smith 2012). In turn, this
can color how the communication is received (Anonymous 2005; Martin  2006).

58 Section I • Delivering Value with IT
Unfortunately as well, many IT staff are motivated by the desire to be right rather
than the desire to communicate effectively (Gilberg 2006). “We definitely need a
‘we’ attitude in IT,” said a manager, “not an ‘us–them’ attitude.”
Overcoming these obstacles will require a combination of management attention
to all dimensions of business–IT communication and the development of critical com-
munication skills in IT staff. The next two sections of this chapter address these issues.
“t-level” CommuniCation skills foR it staff
Although IT workers’ communication skills need upgrading, there is no one-size-fits-all
strategy for doing this (Kalin 2006). Nor do lists of communication competencies move
us much further forward in clarifying exactly what IT workers are doing wrong and what
needs to change in their communication style (see Appendix A for a sample list). It has
been suggested that as business becomes more complex, it really needs more T-shaped
professionals who are not only deep problem solvers in their home discipline but also
capable of interacting with and understanding others from a wide range of disciplines and
functional areas (Ding 2008). People possessing these skills are able to shape their knowl-
edge to fit problems and apply synergistic thinking (Leonard-Barton 1995). Unfortunately,
most IT organizations encourage I-shaped skills—that is, deep functional expertise. As a
result, the individual is driven ever deeper into his or her specialized set of skills (Leonard-
Barton 1995).
Developing T-shaped IT staff addresses the concern some in the focus group
expressed that emphasizing the development of “soft skills” could come at the expense
of the excellent technology skills still needed by the organization. “You don’t want
your staff becoming disconnected from their technological capabilities,” said one.
“Connecting the dots” between the group’s comments and the research on communica-
tion shows that four communication skills form the horizontal bar of the “T” for IT pro-
fessionals (the vertical one being the professionals’ technology skills and knowledge):
1. Translation. IT staff typically fail miserably at translating IT issues and con-
cerns into business impacts—as illustrated by the story at the beginning of this
chapter. Eliminating jargon is the first step. “Too often our IT population speaks
in nano-words and gigabits, instead of using the English language,” said a man-
ager. However, translation requires more than this because it requires the ability to
understand how IT initiatives will affect the business or deliver value to it. To com-
municate effectively about IT’s value, IT managers “must translate IT’s operational
performance into business performance . . . and drive home the message that all IT
initiatives are business initiatives” (Hunter 2007). It is not often recognized that IT
staff are effectively knowledge brokers and that translation is a critical part of their
work (Pawlowski and Robey 2004). As a result, bridging and translation skills are
still rare in IT, agreed the focus group.
The work involved in translation can be characterized as a four-step process
where IT staff move from the world of technology into the world of business to dis-
cuss problems in terms of business impact and possible business solutions and then
back into IT to translate these solutions into technological reality (see Figure 5.2). “In
the end,” said a manager, “we must be able to translate what the business knows
and wants into actionable IT proposals.”

Chapter 5 • Communicating with Business Managers 59
2. Tailoring. IT staff also need to adapt their communication to the needs of their
audience. This involves two skills. First, IT workers need to know their audience—
understanding their needs, their agendas, and their politics—so that they communicate
in ways the business needs and wants to hear (Burton et al. 2008). Second, all IT per-
sonnel need to know how to choose communication methods appropriately. For
example, bad news is best delivered in face-to-face meetings, not in reports or e-mails
(as some in the focus group reported); and presentations to executives are not the
place to expound on one’s technology expertise (Martin 2006).
3. Transparency. Transparency is a cornerstone of trust in the business–IT relation-
ship (Smith and McKeen 2007), and IT managers should not assume that success
speaks for itself. The business needs to see what is being done in IT and what it costs.
In fact, it has been suggested that transparency is the key to changing the business’s
perception of IT’s value (Levinson and Pastore 2005). At an individual level, one
member of the focus group defined transparency as communication that is “honest,
accurate, ethical, and respectful.” “We need honesty and openness,” stated another.
Transparency also means involving the right people in making decisions and recog-
nizing that the goal is to get the communication process flowing both ways (Burton
et al. 2008; Dunne 2002). Other ways to promote transparent communication include
checking assumptions, clarifying goals, stating intentions up front, and asking for
feedback on understanding (Dunne 2002; Gilberg 2006).
4. Thinking, talking, and listening. An important communication skill that is
increasingly valued by business is the ability to “think outside the box” and to
challenge the status quo, albeit diplomatically and responsibly. Focus group man-
agers suggested that IT staff need to think “horizontally” across the enterprise in
order to do what is best for the business. Communicating innovative ideas effec-
tively involves “getting inside the head of the business,” they explained. In the
future, the ideal IT manager will “think and talk like a business person with a
strong background in technology” (Kitzis and Gomolski 2006). Thinking, how-
ever, does not mean simply blurting out ideas; it means understanding how and
where to speak and how to listen to others. Learning to listen can be a challenge
Impact of
IT Solutions
fiGuRe 5.2 Communicating with Business Involves Translation

60 Section I • Delivering Value with IT
for IT staff who tend to be impatient with politics and the process of coming to a
solution that everyone can live with (Dunne 2002). Similarly, IT staff can underesti-
mate the importance of listening to nonverbal communication or the “noise” of the
context in which communication takes place (Anonymous 2005; Coughlan et al.
2005). In short, this skill involves more than simply “talking and waiting to talk”
but also incorporates a more sophisticated and nuanced awareness of the process of
communication, recognizing that how one reaches a decision is as important to the
success of communication as the actual decision itself.
impRovinG Business–it CommuniCation
The focus group managers were the first to admit that much more needs to be done in
their own organizations to improve communication between IT and the business at all
levels. However, they were also implementing a number of practices that they believed
would promote the development of good communication skills among their staff and
also as an IT function. Their recommendations included the following:
• Make the importance of effective communication visible. It is well accepted that if
you want people to pay attention to something, you need to measure and incentiv-
ize for it. Several managers felt that good communication skills should be expected
of every IT staff member. “These are now baseline expectations for us,” said one.
A  key way to get staff to pay attention is to incorporate communication skills into
performance appraisals. One company makes it clear that specialized “niche” skills
are more likely to be outsourced and that those who understand and can work with
the business are more likely to have a long-term career in its organization.
• Work with HR to develop new skills expectations and roles. Several firms are
incorporating specific communication competencies into staff role descriptions.
One is even trying to create jobs that have titles which reflect the types of com-
petencies needed, such as “senior business consultant,” “technology relationship
manager,” and “business technology specialist.” Another is trying to make it easier
for IT staff to transfer laterally into the business for a period of time.
• Develop communication skills both formally and informally. To support these new
expectations, some firms offer formal training in communication skills in areas such
as making presentations, communication styles, and negotiations. Incorporating com-
munication skills into personal development plans is one way some managers tailor
formal skills development for personal needs. However, the effectiveness of formal
training is “mixed,” said many managers, and some firms don’t offer it at all, or only
as part of management development. More informal approaches include mentoring,
lunch-and-learn sessions, and self-assessment tools.
• Increase the nature and frequency of communication. Although not an ini-
tiative of any of the focus groups, the research is clear that creating a “virtuous
communication cycle” starts with creating shared knowledge between the two
groups all levels. There are few “quick fixes” to the communication problem, but
the importance of regular communication between IT and business at all levels
cannot be overemphasized (Reich and Benbasat 2000). Wherever possible, prior-
ity should be given to informal communication and social interaction as these are
the best ways to build up shared language and understanding (Burton et al.; 2008;

Chapter 5 • Communicating with Business Managers 61
Dunne 2002). These types of interactions are particularly important when face-to-
face communication is irregular or impossible (Greenberg et al. 2007). Recognizing
this, one company that makes extensive use of global, virtual teams encourages
socialization, and even virtual parties, through its social networking technologies.
• Spend more time on communication. Most important, IT leaders at all levels need to
spend more time on communication—not only in what and how they communicate
personally but, rather, in learning how their staff and organizations communicate.
They need to seek out and remove obstacles to communication, coach their staff,
become sensitized to their organization’s communication processes (both formal
and informal), and do whatever it takes to develop a shared understanding and
language with the business. Although the initial investment of time may be high, it
is certain to pay off in terms of an improved relationship with business and greater
perceptions of IT value.
“What we have here is a failure to commu-
nicate” is a famous (and sarcastic) movie
quote that is nevertheless an extraordinarily
accurate description of the business–IT rela-
tionship. Although many words and docu-
ments may flow between the two groups,
it is fair to say that often little true commu-
nication is occurring. This has resulted in
misunderstandings, dysfunctional behavior,
and, above all, a failure to deliver value to
the organization. This chapter has examined
the difficult and complex challenges facing
IT leaders as they attempt to improve their
function’s communication with the business.
It demonstrated that good communication
has both social and organizational dimen-
sions, both of which need to be appropri-
ately managed. It also showed that there is
a “virtuous circle” of communication, which
is associated with improved IT performance
and perceptions of IT value. In short, good
communication is important to the success-
ful implementation of IT in business, and
developing it is therefore worth more time
and attention than most managers currently
pay to it. This chapter has focused on the IT
side of the communication equation—since
it is usually held to be the culprit in the
sometimes nasty war of words that ranges
back and forth between the two groups.
There is much that can be done within IT to
improve communication skills—without los-
ing technology capabilities—but it neverthe-
less behooves business managers to explore
ways in which they can assist IT in doing
this. Most important, they can make the time
and effort to ensure that IT staff are well edu-
cated in how their business works. If they do,
business leaders just might find that many of
IT’s “communication problems” disappear.
Anonymous. “The Tone of Communication.” CIO
Magazine (July 8, 2005).
Basselier, G., and I. Benbasat. “Business Competence
of Information Technology Professionals:
Conceptual Development and Influence on
IT–Business Partnerships.” MIS Quarterly 28, no.
4 (December 2004).
Bittler, R. “Align Enterprise Architecture to the Top
2008 CIO Priorities.” Gartner Inc., ID Number:
G00159369, September 2, 2008.

62 Section I • Delivering Value with IT
Burton, B., D. Weiss, and P. Allega. “Q&A:
Architects Must Advocate, Evangelize and
Educate.” Gartner Inc., ID Number: G00155902,
March 11, 2008.
Coughlan, J., M. Lycett, and R. Macredie.
“Understanding the Business–IT Relationship.”
International Journal of Information Management
24, no. 4 (2005).
Cukier, W. “Diversity—The Competitive Edge:
Implications for the ICT Labour Market.”
Information and Communications Technology
Council, Ottawa, Canada, March 2007.
Day, J. “Strangers on the Train: The Relationship
of the IT Department with the Rest of the
Business.” Information Technology & People 20,
no. 1 (2007).
Ding, David. “T-Shaped Professionals, T-Shaped
Skills, Hybrid Managers.” Coevolving
Innovations in Business Organizations and
Information Technologies, September 6, 2008.
Dunne, D. “Q&A with the Wharton School’s
Richard Shell: Communication.” CIO Magazine
(March 1, 2002).
Gilberg, D. “A CIO’s Guide to Communication
Basics.” CIO Magazine (June 14, 2006).
Greenberg, P., R. Greenberg, and Y. Antonucci.
“Creating and Sustaining Trust in Virtual
Teams.” Business Horizons 50 (2007).
Hunter, R. “Executive Summary: Business
Performance Is the Value of IT.” Gartner Inc.,
ID Number: G00148820, April 1, 2007.
Information and Communications Technology
Council (ICTC). ICT Competency Profiles:
A Framework for Developing Tomorrow’s ICT
Workforce. Ottawa, Canada: ICTC. www.ictc-, 2009.
Leonard-Barton, D. Wellsprings of Knowledge:
Building and Sustaining the Sources of Innovation.
Boston: Harvard Business School Press, 1995.
Kalin, S. “Tools and Tactics for Communicating
IT’s Value to the Business.” CIO Magazine
(August 1, 2006).
Karlsen, J., K. Graee, and M. Massaoud. “Building
Trust in Project-Stakeholder Relationships.”
Baltic Journal of Management 3, no. 1 (2008).
Kitzis, E., and B. Gomolski. “IT Leaders Must
Think Like Business Leaders.” Gartner Inc., ID
Number: G00143430, October 26, 2006.
Levinson, M., and R. Pastore. “Transparency
Helps Align IT with the Business.” CIO
Magazine (June 1, 2005).
Martin, C. “Check What Was Heard, Not What
Was Said.” CIO Magazine (December 28, 2006).
McKeen, J., and H. Smith. IT Strategy in Action.
Upper Saddle River, NJ: Pearson-Prentice Hall,
McKeen, J., and H. Smith. IT Strategy: Issues and
Practices. Upper Saddle River, NJ: Pearson-
Prentice Hall, 2012.
Mingay, S. “Effective Communication Between IT
Leaders and Stakeholders Must Be Structured
and Contextual.” Gartner Inc., ID Number:
G00130023, 2005.
Pawlowski, S., and D. Robey. “Bridging User
Organizations: Knowledge Brokering
and the Work of Information Technology
Professionals.” MIS Quarterly 28, no. 4
(December 2004).
Peppard, J., and J. Ward. “Mind the Gap: Diagnosing
the Relationship Between the IT Organization
and the Rest of the Business.” Journal of Strategic
Information Systems 8, no. 2 (1999).
Reich, B., and I. Benbasat. “Factors That Influence
the Social Dimension of Alignment Between
Business and Information Technology
Objectives.” MIS Quarterly 24, no. 1 (March 2000).
Smith, H., and McKeen, J. “Managing Perceptions
of IS.” Communications of the Association for
Information Systems 20, Article 47 (November
2007): 760–73.
Tannen, D. “The Power of Talk: Who Gets
Heard and Why.” Harvard Business Review
(September–October 1995).
Willcoxson, L., and R. Chatham. “Progress in
the IT/Business Relationship: A Longitudinal
Assessment.” Journal of Information Technology
19, no. 1 (March 2004).



Chapter 5 • Communicating with Business Managers 63
Appendix A
IT Communication Competencies
Level 1
Listens and clearly presents information
• Listens/pays attention actively and objectively (Persons with hearing impairments may lip-read.)
• Presents information and facts in a logical manner, using appropriate phrasing and vocabulary
• Shares information willingly and on a timely basis
• Communicates with others honestly, respectfully, and sensitively
• Recognizes and uses nonverbal communications
Level 2
Fosters two-way communication
• Recalls others’ main points and takes them into account in own communication
• Checks own understanding of others’ communication (e.g., paraphrases, asks questions)
• Elicits comments or feedback on what has been said
• Maintains continuous, open, and consistent communication with others, considering nonverbal
messaging as required
Level 3
Adapts communication
• Tailors communication (e.g., content, style, and medium) to diverse audiences
• Reads cues from diverse listeners to assess when and how to change planned communication
approach to effectively deliver message
• Communicates equally effectively with all organizational levels and sells ideas and concepts
• Understands others’ complex or underlying needs, motivations, emotions, or concerns and
communicates effectively despite the sensitivity of the situation
Level 4
Communicates complex messages
• Communicates complex issues clearly and credibly with widely varied audiences
• Handles difficult on-the-spot questions (e.g., from senior executives, public officials, interest
groups, or the media)
• Reads nonverbal communications signs and adapts materials and approach as required
• Overcomes resistance and secures support for ideas or initiatives through high-impact
Level 5
Communicates strategically
• Scans the environment for key information and messages to form the development of com-
munication strategies
• Communicates strategically to achieve specific objectives (e.g., considers optimal “messaging”
and timing of communication)
• Uses varied communication vehicles and opportunities to promote dialogue and develop shared
understanding and consensus
Reproduced by permission of the Information and Communications Technology Council (ICTC) of Canada


C h a p t e r
6 Building Better IT Leaders from the Bottom Up1
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen. “Building
Better IT Leaders: From the Bottom Up.” Communications of the Association for Information Systems 16, article 38
(December 2005): 785–96. Reproduced by permission of the Association for Information Systems.
For IT to assume full partnership with the business, it will have to take
a leadership role on many vital organizational issues. . . . This leadership
role is not the exclusive prerogative of senior executives—it is the duty
of all IT employees. Effective leadership has enormous benefits. To realize
these benefits, leadership qualities should be explicitly recognized,
reinforced, and rewarded at all levels of the IT organization. This only
happens when a concerted effort is made to introduce leadership activities
into the very fabric of the IT organization. Leadership is everyone’s job.
(McKeen and Smith 2003)
This quote, taken from a book we published several years ago, remains as true today as it was then. But a lot has happened in the interim. Chiefly, in the chaotic business conditions of late, IT leadership development got sidetracked. The
dot-com boom and bust soured many companies on the top-line potential of IT and
refocused most CIOs on developing strong processes to ensure that IT’s bottom line
was kept under control (Roberts and Mingay 2004). But the wheel has turned yet again,
and there is now renewed emphasis on how IT can help the organization achieve com-
petitive differentiation and top-line growth (Korsten 2011).
The many new challenges facing IT organizations today—achieving busi-
ness growth goals, enterprise transformation, coping with technical and relationship
complexity, facilitating innovation and knowledge development, and managing an
increasingly mobile and virtual workforce—call for strong IT leadership. Unfortunately,
few IT leadership teams are well equipped for the job (Kaminsky 2012; Mingay et al.

Chapter 6 • Building Better IT Leaders from the Bottom Up 65
2004). Traditional hierarchical structures with command-and-control leadership are not
only ineffective, but they also can actually become a barrier to the development of a
high-performance IT department (Avolio and Kahai 2003). New communications tech-
nologies are enabling new ways of leading and empowering even the most junior staff
in new ways. These factors are all bringing senior IT managers around to a new appre-
ciation of the need to build strong IT leaders at all levels of their organization.
This chapter looks first at the increasing importance of leadership in IT and how it
is  changing over time. Next, it examines the qualities that make a good IT leader. Then it
looks at how companies are trying to develop better IT leaders at all levels in their organiza-
tions. Finally, it outlines the value proposition for investing in IT leadership development.
The Changing Role of The iT leadeR
The death of the traditional hierarchical organizational structure and top-down com-
mand-and-control leader has been predicted for more than two decades (Bennis and
Nanus 1985), but it’s dying a slow and painful death. Although much lip service is paid
to the need for everyone in IT to be a leader, the fact remains that the traditional style of
leadership is still very much in evidence, especially in large IT organizations.
There appear to be at least three reasons for this. First, until now, there has been
very little pressure to change. As one manager pointed out, “We’ve been focusing on
centralizing our IT organization in the last few years, and centralized decision making
is inconsistent with the philosophy of ‘Everybody leads.’” Those IT managers strug-
gling with the complexities engendered by nonstandard equipment, nonintegrated
systems, and multiple databases full of overlapping but inconsistent data can be for-
given if this philosophy suggests the “Wild West” days of IT, when everyone did their
own thing.
Second, the organizations within which IT operates are largely hierarchical as
well. Their managers have grown up with traditional structures and chains of com-
mand. They are comfortable with them and are uncomfortable when they see parts of
their organization (e.g., IT) behaving and being treated differently by their CEO (Feld
and Stoddard 2004). Senior management may, therefore, pressure IT to conform to the
ways of the rest of the firm. This situation has recently become exacerbated by new
compliance regulations (e.g., Sarbanes–Oxley, privacy legislation) that require hierar-
chical accountability and severely limit flexibility. Third, many senior executives—even
within IT—find it difficult to relinquish control to more junior staff because they know
they still have accountability for their results. Keeping a hands-on approach to leader-
ship, they believe, is the only way to ensure work gets done right.
However, in spite of the remarkable tenacity of the hierarchical organization,
there are signs that traditional leadership modes in IT are now in retreat, and there is
a growing recognition that IT organizations must do a better job of inculcating leader-
ship behaviors in all their staff (Bell and Gerrard 2004; Kaminsky 2012). There are some
very practical reasons all IT staff are now expected to act as leaders, regardless of their
official job titles:
• Top-line focus. CEOs are looking for top-line growth from their organizations
(Korsten 2011). New technologies and applications largely drive the enterprise
differentiation and transformation efforts that will deliver this growth. Strong IT

66 Section I • Delivering Value with IT
leadership teams are needed to take on this role in different parts of the organi-
zation and at different levels. They can do this effectively only by sharing clear
goals and direction, understanding business strategy, and having the requisite
“soft” skills to influence business leaders (Roberts and Mingay 2004; Weiss and
Adams 2011).
• Credibility. No IT leadership initiatives within business will be accepted unless
IT  is consistently able to deliver results. This aspect of leadership is often called
“management” and is considered somewhat less important than transformational
aspects of leadership, but IT’s credentials in the latter rest solidly on the former
(Bouley 2006; Mingay et al. 2004). No business organization will accept IT  leadership
in other areas unless it has demonstrated the skills and competencies to consistently
deliver on what it says it will do. Furthermore, distinguishing between leadership
and management leads to a dysfunctional IT organization. “Managers who don’t
lead are boring [and] dispiriting, [whereas] leaders who don’t manage are distant
[and] disconnected” (Mintzberg 2004). We have too often forgotten that top-level
leaders are developed over time from among the rank and file, and that is where
they learn how to lead.
• Impact. There is no question that individuals within IT have more opportuni-
ties to affect an organization, both positively and negatively, than others at similar
levels in the business. The focus group felt that this fact alone makes it extremely
important that IT staff have much stronger organizational perspectives, decision-
making skills, entrepreneurialism, and risk-assessment capabilities at lower levels.
Today, because even small decisions in IT can have a major impact on an organiza-
tion, it is essential that a CIO be confident that his or her most junior staff have the
judgment and skills to take appropriate actions.
• Flexibility. Increasingly, IT staff and organizations are expected to be responsive
to rapidly changing business needs and help the enterprise compete in a highly
competitive environment. This situation requires IT staff to have not only the tech-
nical skills required to address a variety of needs, but also the ability to act in the
best interests of the organization wherever opportunities arise. “We are no longer
order takers in IT,” stated one manager. “All our staff are expected to do the right
things for our firm, even when it means saying ‘no’ to senior business manage-
ment.” Similarly, doing the right things involves being proactive. These actions take
significant amounts of organizational know-how to pull off—leadership skills that
rank-and-file IT staff are not noted for at present.
• Complexity. The responsibilities of IT have grown increasingly complex over
the past two decades (Smith and McKeen 2012). Not only is IT expected to be a
high- performance organization, it is also expected to offer change and innovation
leadership, interact with other organizations to deliver low-cost services, chart a
path through ever-growing new technology offerings, and offer content leadership.
The complexity of the tasks, relationships, knowledge, and integration now needed
in IT means that leadership cannot rest in the hands of one person or even a team.
Instead, new ways of instilling needed skills and competencies into all IT staff must
be found.
• New technology. Smartphones, collaboration tools, instant messaging, and
social media are all changing how leaders work—especially in IT. Increasingly,
staff are virtual or mobile and their interactions with their managers are mediated

Chapter 6 • Building Better IT Leaders from the Bottom Up 67
by technology. At the same time, IT staff have much greater access more quickly
to the same information as their managers. New technologies change how infor-
mation is acquired and disseminated, how communication takes place, and how
people are influenced and decisions made. Traditional forms of control are, thus,
increasingly ineffective (Avolio and Kahai 2003).
All of these factors are driving the need to push leadership skills and compe-
tencies further down in the IT organization. Traditional hierarchies will likely remain
in place to define authority and accountability, and leadership is likely to become
increasingly situational—to be exercised as required by tasks and conditions (Bell and
Gerrard 2004; Kaminsky 2012). With the demands on IT projected to be ever greater in
the next decade, the need for more professional and sophisticated IT leadership is also
greater than ever before (Korsten 2011). In fact, many believe that IT leadership will
determine “which [IT] organizations disappear into the back office of utility services
and which ones build companywide credibility and drive business growth and ability”
(Mingay et al. 2004).
WhaT Makes a good iT leadeR?
In many ways the qualities that make a good IT leader resemble those that make any
other good leader. These can be divided into two general categories:
1. Personal mastery. These qualities embody the collection of behaviors that deter-
mine how an individual approaches different work and personal situations. They
include a variety of “soft” skills, such as self-knowledge, awareness of individual
approaches to work, and other personality traits. Most IT organizations include
some form of personal mastery assessment and development as part of their man-
agement training programs. Understanding how one relates to others, how they
respond to you, and how to adapt personal behaviors appropriately to different sit-
uations is a fundamental part of good leadership. One company’s internal leader-
ship document states, “Leaders must exercise self-awareness, monitor their impact
on others, be receptive to feedback, and adjust to that feedback.” “The higher up
you get in IT, the greater the need for soft skills,” claimed one member. Another
noted the positive impact of this type of skills development: “It’s quite evident
who has been on our management development program by their behaviors.” An
increasingly important component of this quality for IT staff is personal integrity—
that is, the willingness to do what you say you are going to do—both within IT and
with external parties such as users and vendors.
2. Leadership skill mastery. These qualities include the general leadership skills
expected of all leaders in organizations today, such as motivation, team building,
collaboration, communication, risk assessment, problem solving, coaching,
and mentoring. These are skills that can be both taught and modeled by current
leaders and are a necessary, but not sufficient, component of good IT leadership
(Bouley 2006).
However, good IT leaders are required to have a further set of skills that could
be collectively called “strategic vision” if they are going to provide the direction and
deliver the impact that organizations are expecting from IT. Because this is a “soft skill,”

68 Section I • Delivering Value with IT
there is no firm definition of this quality, but several components that help to develop
this quality at all levels in IT can be identified, including the following:
• Business understanding. It should go without saying that for an IT leader to have
strategic vision, he or she should have a solid understanding of the organization’s
current operations and future direction. This is well accepted in IT today, although
few IT organizations have formal programs to develop this understanding. Most
IT staff are expected to pick it up as they go along, mostly at the functional busi-
ness process level. This may be adequate at junior levels, but being able to apply
strategic vision to a task also involves a much broader understanding of the larger
competitive environment, financial management, and marketing. “Our customers
are now our end users. With our systems now reaching customers and reaching out
horizontally in the organization and beyond, IT staff all need a broader and deeper
appreciation of business than ever before,” said one manager.
• Organizational understanding. A key expectation of strategic vision in IT is enter-
prise transformation (Korsten 2011; Mingay et al. 2004). This involves more than
just generating insights into how technology and processes can be utilized to cre-
ate new products and services or help the organization work more effectively; it
also involves the effective execution of the changes involved. IT professionals have
long known that technology must work in combination with people and processes
to be effective. This is why they are now expected to be experts in change man-
agement (Kaminsky 2012). But being able to drive transformation forward involves
a number of additional skills, such as political savvy (to overcome resistance and
negative influences), organizational problem solving (to address conflicting stake-
holder interests), effective use of governance structures (to ensure proper support
for change), and governance design (to work with partners and service providers)
(Bell and Gerrard 2004; Kim and Maugorgne 2003; Raskino et al. 2013). Because IT
people come from a technical background and their thinking is more analytical, they
typically do not have strong skills in this area and need to acquire them.
• Creating a supportive working environment. Most IT work is done in teams.
Increasingly, these teams are virtual and include businesspeople, staff from ven-
dor companies, and members from different cultures. Motivating and inspiring
one’s colleagues to do their best, dealing with relationship problems and conflicts,
and making decisions that are consistent with the overall goals of the organiza-
tion and a particular initiative are the job of every IT staff member. Since much
leadership in a matrixed organization such as IT is situational, an IT professional
could be a leader one day and a follower the next. Thus, that person must know
how to create a work environment that is characterized by trust, empowerment,
and accountability. This involves clear communication of objectives, setting the
rules of engagement, developing strong relationships (sometimes virtually), and
providing support to manage risks and resolve issues (Bell and Gerrard 2004;
Kaminsky 2012; Light 2013).
• Effective use of resources. A good IT leader knows how to concentrate scarce
resources in places where they will have the biggest payoff for the organization.
This means not only making use of processes and tools to stretch out limited staff
but also understanding where resources should not be used (i.e., saying “no”).
In the longer term, using resources wisely may mean using job assignments and

Chapter 6 • Building Better IT Leaders from the Bottom Up 69
budgets to enhance people’s capabilities, identifying and developing emergent
leaders, and using reward and recognition programs to motivate and encour-
age staff (Anonymous 2004). Unfortunately, IT staff have often been spread too
thinly, underappreciated, and not given time for training. Good IT leaders value
their people, run interference for them when necessary, and work to build “bench
strength” in their teams and organizations.
• Flexibility of approach. A good IT leader knows where and how to exercise
leadership. “Skill mastery must be complemented with the ability to know when
and where particular behaviors/skills are required and . . . how they should be
deployed” (McKeen and Smith 2003). Even though this is true in all parts of the
organization, leadership in IT can be a rapidly shifting target for two reasons. First,
IT staff are well-educated, well-informed professionals whose opinions are valu-
able. “Good IT leaders know when to encourage debate and also when to close it
down,” said a manager. Second, the business’s rapid shifts of priority, the changing
competitive and technical environment, and the highly politicized nature of much
IT work mean that leaders must constantly adjust their style to suit a dynamic
topography of issues and priorities. “There is a well-documented continuum of
leadership styles. . . . The most appropriate style depends on the enterprise style and
the business and strategic contexts” (Roberts and Mingay 2004).
• Ability to gain business attention. A large component of IT leadership is
focused not on the internal IT organization but outward toward all parts of the
business. One of the biggest challenges for today’s IT leaders is the fact that the
focus of their work is more on business value than on technology (Korsten 2011).
The ability to motivate business executives, often in more senior positions, lead
business transformation, and gain and maintain executive attention is central to
establishing and maintaining IT credibility in an organization (Kaminsky 2012;
McDonald and Bace 2004). A good IT leader knows how to position his or her
contribution in tangible, business terms; how to interact with business lead-
ers; and how to guide and educate them about the realities of IT use. “Bringing
value to the business is a very important trend in IT leadership,” stated one
IT leaders will need more or fewer of these qualities, depending on the scope and
type of their work. Obviously, IT staff responsible for sourcing will need a different mix
of these skills than will those with an internal IT focus or those with a business focus.
Leadership Styles Vary According to the Degree
of Involvement of Team Members
• Commanding. “Do what I tell you.”
• Pacesetting. “Do as I do now.”
• Visionary. “Come with me.”
• Affiliate. “People come first.”
• Coaching. “Try this.”
• Democratic. “What do you think?”
(after Roberts and Mingay 2004)

70 Section I • Delivering Value with IT
They will also be more important the higher one moves in the management hierarchy.
Nevertheless, these are skills that IT organizations should endeavor to grow in all their
staff from the most junior levels. Since these skills take time and practice to develop
and are in increasing demand, senior IT managers should put concrete plans in place to
ensure that they will be present when needed.
hoW To Build BeTTeR iT leadeRs
Everyone agrees that fostering leadership skills throughout all levels of IT is important
to IT’s future effectiveness (Bell and Gerrard 2004; Kaminsky 2012; Mingay et al. 2004;
Mintzberg 2004). However, the reality is that leadership development is very hit and
miss in most IT organizations. Many formal leadership courses have been cut or scaled
back substantially because of cost-control initiatives. When offered, most IT leadership
programs limit attendance to managers. Few organizations have articulated a com-
prehensive program of leadership development that includes other initiatives besides
Leadership development in IT is not as simple as sending a few handpicked indi-
viduals on a training course. In fact, formal training may be one of the least effective
(and most expensive) aspects of building better IT leaders (Kesner 2003). Any compre-
hensive leadership development program has three layers (see Figure 6.1). The first,
most important, and probably the most difficult one is an environment within which
leaders at all levels can flourish. It is often suggested that leaders, like cream, will natu-
rally rise to the top regardless of the conditions in which they work. The reality is that
more and better leaders are created when organizations have a supportive process for
developing them that is widely understood. What’s needed is “a culture that nurtures
talented managers, rather than one that leaves them to struggle through a Darwinian
survival game” (Griffin 2003). There is general agreement on what constitutes this type
of culture:
A Supportive
and Practices
figuRe 6.1 Effective Leadership Development Involves More then Training

Chapter 6 • Building Better IT Leaders from the Bottom Up 71
• Well-articulated and instantiated values. Values guide how staff should behave
even when their managers aren’t around. They provide a basis for sound decision
making (IBM 2012; Stewart 2004). “If you’re going to push leadership down in the
organization, you have to push values down as well,” stated one manager. Others
noted that senior IT leadership should primarily be about forming and modeling
values, not managing tasks. Values are especially important now that staff are more
mobile and virtual (Cascio and Shurygailo 2003; IBM 2012). A strong value system
is crucial to bringing together and motivating a large, diverse workforce and help-
ing staff act in ways that support the company’s brand and values. Unfortunately,
although many organizations have values, they are often out of date or not mod-
eled by management (Stewart 2004).
• A climate of trust. Trust that management means what it says about values and
leadership development must be established early in any program. Trust is estab-
lished by setting expectations and delivering results that meet or exceed those
expectations. By sending clear messages to staff and exhibiting positive attitudes
about staff behavior, senior IT managers will help people feel they can begin to
take some risks and initiatives in their work (Cascio and Shurygailo 2003). If
people feel their culture is based on fair processes and that they can draw lessons
from both good and bad results, they will start to respond with the type of high
performance and leadership behaviors that are expected (Kim and Maugorgne
2003). Conversely, senior managers must take steps to weed out counterpro-
ductive behaviors, such as poor collaboration, that will undermine this climate
(Roberts and Mingay 2004).
• Empowerment. Empowerment thrives in a climate of trust, but leaders need to
deliberately encourage it as well. In IT one of the most important ways to do this
is to create mechanisms to support staff’s making difficult decisions. One company
recognized this by explicitly making “We’ll support you in doing the right things”
a central element in revamping its leadership promise. To make it real and visible,
the company established a clear process for junior staff to resolve potential con-
flicts with users about disagreements on what is “the right thing.” Furthermore,
they have established committees to help manage the risks involved in IT work,
get at the root cause of recurring issues, and protect the promises made to business
partners. Such processes, in conjunction with values and trust, create a manage-
ment system that empowers people and frees them to make appropriate decisions
(Stewart 2004). By staying connected with staff as teachers, coaches, champions,
and mentors, more senior leaders help more junior staff to take “intelligent risks”
and sponsor initiative (Light 2013; Taurel 2000).
• Clear and frequent communication. As with other types of change, one cannot
communicate too much about the need to create an environment to foster leader-
ship. “In spite of all we know about communication, it’s still one of our biggest
leadership gaps,” said a participant. Open, two-way communication is the hall-
mark of modern leadership. Leaders and followers are gradually learning how
to effectively use the electronic nervous system that now runs through all orga-
nizations (Avolio and Kahai 2003). Use of information technology and multiple
channels is now the norm, and redundancy is advisable because of the increased
opportunities for miscommunication in the virtual world. Senior executives
are using IT to communicate interactively with their most junior staff (Stewart

72 Section I • Delivering Value with IT
2004). One company has established an “Ask Phil” e-mail whereby any member
of IT can direct questions to the CIO. Leadership is about developing relation-
ships with people. It engages them and helps direct them to a particular goal.
Learning to leverage all conduits of communication to build and sustain an array
of relationships is, therefore, central to becoming an effective IT leader (Avolio
and Kahai 2003).
• Accountability. Acceptance of accountability is a key component of leadership.
A climate where accountabilities are clear is an important aspect of a leadership
development culture (Bell and Gerrard 2004). Natural leaders often first come to
senior management’s attention because they consistently deliver on what they
promise. The concept of accountability is also being extended to include expecta-
tions that IT staff will assist the business in achieving its growth goals and that IT
will not create technical impediments to implementing business strategies (Mingay
et al. 2004). Unfortunately, IT accountability is frequently absent, and this has nega-
tively affected the perceptions of IT leadership in the rest of the organization (Feld
and Stoddard 2004). No member of IT should be allowed to abdicate responsibility
for delivering results. However, focus group members stressed that in order to cre-
ate a culture of accountability, IT leaders must also provide the processes, tools, and
support to produce successful results.
The second layer of a leadership development program involves building
leadership activities into IT’s processes and daily work. Well-designed and documented
processes for such activities as planning, budgeting, conflict resolution, service delivery,
and financial reviews and approvals clearly articulate the individual elements that con-
tribute to leadership in particular situations. They make it easier for more junior staff to
carry out these activities and to learn what is expected of them (Bell and Gerrard 2004).
They also establish boundaries within which staff can exercise judgment and take risks.
Human resources management practices are a key component of fostering
leadership at this level as well. Many companies have begun to document the compe-
tencies that they expect staff to exhibit in each job category and level. These typically
include leadership as well as technical skills. “It gets harder to do this the higher up
the management hierarchy one goes,” stated one manager. “At the more senior levels,
leadership skills are much more individualized and are more difficult to capture, but
we’re working on it.” Specific training and development strategies work well for each
job stream at more junior levels. With more senior positions, development plans should
be created for each individual.
Job assignments are one of the most important ways to develop leadership exper-
tise. In fact, some experts suggest that 80 percent of the levers management has at its
disposal in this area are related to how a company uses assignments and job postings to
influence an individual’s experience (Kesner 2003). Job rotations, stretch assignments,
and on-the-job coaching and mentoring are all effective ways to build leadership skills.
Occasionally, this may entail taking risks and not always appointing the most qualified
person for a particular job (Roberts and Mingay 2004). Sometimes, this should involve
moving a person out of IT into the business for an assignment. All organizations should
have processes in place to identify emergent leaders and take proactive steps to design
individualized strategies of coaching and assignments that will fit their unique person-
alities (Griffin 2003). Succession planning should be a significant part of this process as

Chapter 6 • Building Better IT Leaders from the Bottom Up 73
well. Recruiting leaders from outside is sometimes necessary, but this is a far more risky
and expensive way to address succession than growing leaders from within (Roberts
and Mingay 2004).
Finally, at the core of any leadership development program is formal training.
Commitment to formal leadership training in organizations has been patchy at best.
Training can be internally developed or externally purchased. The fastest-growing seg-
ment of executive education is customized programs for a particular organization that
are specifically tied to business drivers and values (Kesner 2003). In-house programs
are best for instilling vision, purpose, values, and priorities. External training is best
used for introducing new knowledge, practices, and thinking to leadership.
Because of the time and expense involved, leadership training should be used
strategically rather than comprehensively. Often IT resources can be so stretched that
finding time for development is the biggest challenge. One company reasserted the
importance of training by promising its staff that it would spend its entire annual train-
ing budget for the first time! This organization sees training as one tool for helping
individuals make their best contributions and achieving success; interestingly, it has
found that making it easier to find appropriate courses through the creation of a formal
curriculum and streamlining the registration and payment processes has led to a sig-
nificant uptake in employees’ taking advantage of development opportunities.
invesTing in leadeRship developMenT: aRTiCulaTing
The value pRoposiTion
Although leadership development is widely espoused, many organizations have
reduced their budgets in recent years, and that has hit formal training programs hard.
One manager remarked that his staff knew senior management was serious about
development when it maintained training budgets while trimming in other areas.
However, as mentioned earlier, training is only one facet of a good leadership develop-
ment program, and doing it right will take executive time and consistent attention, in
addition to the costs involved in establishing and following through on necessary com-
munications, procedures, and planning. It is essential to articulate the value proposition
for this initiative.
Experts suggest that several elements of value can be achieved by implementing
a leadership development program. Using a rubric established by Smith and McKeen
(see Chapter 1), these elements include the following:
• What is the value? Because different companies and managers have different
perceptions of value, it is critical that the value that is to be achieved by a lead-
ership development program be clearly described and agreed on. Some of the
value elements that organizations could achieve with leadership development
include improved current and future leadership capabilities and bench strength
(preventing expensive and risky hires from outside), improved innovation and
alignment with business strategy, improved teamwork (both internally and cross-
functionally), improved collaboration and knowledge sharing, greater clarity of
purpose and appropriate decision making, reduced risk, and a higher- performing
IT organization. When these value objectives are understood, it is possible to
develop metrics to determine whether or not the program is successful. Having

74 Section I • Delivering Value with IT
a focus and metrics for a leadership program will ensure that management pays
attention to it and that it doesn’t get shunted into a corner with the “soft and fuzzy
stuff” (Kesner 2003).
• Who will deliver the value? Because leadership development is partially HR’s
responsibility and partially IT’s, clarifying which parts of the program should be
delivered by which group is important. Similarly, much of the coaching, mentor-
ing, and experiential components will be fulfilled by different managers within
IT. It is, therefore, important for senior management to clarify roles and responsi-
bilities for leadership development and ensure they are implemented consistently
across the organization. Ideally, senior IT management will retain responsibil-
ity for the outer layer of the leadership program—that is, creating a supportive
working environment. At one company the senior IT team created several pack-
aged presentations for middle managers to help them articulate their “leadership
• When will value be realized? Leadership development should have both long-
and short-term benefits. Effective training programs should result in visible
behavior changes, as already noted. The initial impacts of a comprehensive leader-
ship initiative should be visible in-house within a year and to business units and
vendors within eighteen to twenty-four months (McDonald and Bace 2004). Again,
metrics are an essential part of leadership programs because they demonstrate
their success and effectiveness. Although there is no causal link between leadership
development and improved business results, there should be clear and desirable
results achieved (Kesner 2003). Using a “balanced scorecard” approach to track
the different types of impacts over time is recommended. This methodology can be
used to demonstrate value to IT managers, who may be skeptical, and to HR and
senior management. It can also be used to make modifications to the program in
areas where it is not working well.
• How will value be delivered? This is the question that everyone wants to ask first
and that should only be addressed after the other questions have been answered.
Once it is clear what IT wants to accomplish with leadership development, it will be
much easier to design an effective program to deliver it.
Leadership development in IT is something
that everyone agrees is increasingly important
to helping companies achieve their business
goals. However, all too often it is a hit-and-
miss exercise, depending on management
whim and budget availability. It is now clear
that senior IT leaders must make leadership
development a priority if IT is going to con-
tribute to business strategy and help deliver
services in an increasingly competitive envi-
ronment. To do this, leadership develop-
ment in IT must start with the most junior
IT staff. An effective program involves more
than just training. It must include the cre-
ation of a supportive work environment and
the development of processes that deliver on
management’s promises. However, no lead-
ership program should be implemented in a

Chapter 6 • Building Better IT Leaders from the Bottom Up 75
vacuum. There should be a clearly articulated
proposition outlining its value to the organi-
zation and a set of metrics to monitor its effec-
tiveness. Like technology itself, leadership
development will be effective only if manage-
ment takes a comprehensive approach that
integrates culture, behavior, processes, and
training to deliver real business value.
Anonymous. “A Guide for Leaders.” Presentation
to the IT Management Forum, November 2004.
Avolio, B., and S. Kahai. “Adding the ‘E’ to
Leadership: How It May Impact Your
Leadership.” Organizational Dynamics 31, no. 4
(January 2003): 325–38.
Bell, M., and M. Gerrard. “Organizational Chart
Is Falling into Irrelevance.” Gartner Inc., ID
Number: QA-22-2873, July 6, 2004.
Bennis, W. G., and B. Nanus. Leaders: The Strategies
for Taking Charge. New York: Harper and Row,
Bouley, J. “Leading versus Managing.” PM
Network 20, no. 2 (2006).
Cascio, W., and S. Shurygailo. “E-leadership and
Virtual Teams.” Organizational Dynamics 31, no.
4 (January 2003): 362–76.
Feld, C., and D. Stoddard. “Getting IT Right.”
Harvard Business Review 82, no. 2 (2004): 72–79.
Griffin, N. “Personalize Your Management
Development.” Harvard Business Review 81, no.
3 (March 2003).
IBM. “CEO Survey 2011: Leading through
Connections Executive Summary.” Somers,
NY: IBM Global Business Services, GBE03486-
USEN-00 (May 2012).
Kaminsky, J. “Impact of Non-Technical Leadership
Practices on IT Project Success.” Journal of
Leadership Studies 6, no. 1 (May 2012).
Kesner, I. “Leadership Development: Perk or
Priority?” Harvard Business Review 81, no. 3
(May 2003).
Kim, W., and R. Maugorgne. “Tipping Point
Leadership.” Harvard Business Review 81, no. 4
(April 2003).
Korsten, P. “The Essential CIO.” IBM Institute
for Business Value. Somers, NY: IBM Global
Business Services, 2011.
Light, M. “To Discern Potential Mastery,
Assess Project Management Leadership and
Planning Expertise.” Gartner Inc., ID Number:
G00258389, November 8, 2013.
McDonald, M., and J. Bace. “Keys to IT
Leadership: Credibility, Respect, and
Consistency.” Gartner Inc., ID Number:
TU-22-8013, June 28, 2004.
McKeen, J., and H. Smith. Making IT Happen:
Critical Issues in IT Management. Chichester,
England: John Wiley & Sons, 2003.
Mingay, S., J. Mahoney, M. P. McDonald, and M.
Bell. “Redefining the Rules of IT Leadership.”
Gartner Inc., ID Number: AV-22-9013, July 1,
Mintzberg, H. “Enough Leadership.” Harvard
Business Review 82, no. 11 (November 2004).
Raskino, M., D. Aron, P. Mecham, and J. Beck.
“CEOs and CIOs must Co-Design the C-Suite
for Digital Leadership.” Gartner Inc., ID
Number: G00258536, November 22, 2013.
Roberts, J., and S. Mingay. “Building a More
Effective IT Leadership Team.” Gartner Inc., ID
Number: TU-22-5915, June 28, 2004.
Smith, H. A., and J. D. McKeen. “IT in 2015,”
Presentation to Center for Information Systems
Research (CISR), Massachusetts Institute of
Technology, April 2012.
Stewart, T. “Leading Change When Business Is
Good: An Interview with Samuel J. Palmisano.”
Harvard Business Review 82, no. 12 (December
2004): 8.
Taurel, S. “On Leadership.” Corporate document,
Eli Lilly and Co., 2000.
Weiss, J., and S. Adams. “Aspiring and Changing
Roles of Technology Leadership: An
Exploratory Study.” Engineering Management
Journal 23, no. 3 (September 2011).

Mini Case
Delivering Business Value with
IT at Hefty Hardware2
“IT is a pain in the neck,” groused Cheryl O’Shea, VP of retail marketing, as she
slipped into a seat at the table in the Hefty Hardware executive dining room, next to
her colleagues. “It’s all technical mumbo-jumbo when they talk to you and I still don’t
know if they have any idea about what we’re trying to accomplish with our Savvy Store
program. I keep explaining that we have to improve the customer experience and that
we need IT’s help to do this, but they keep talking about infrastructure and bandwidth
and technical architecture, which is all their internal stuff and doesn’t relate to what
we’re trying to do at all! They have so many processes and reviews that I’m not sure
we’ll ever get this project off the ground unless we go outside the company.”
“You’ve got that right,” agreed Glen Vogel, the COO. “I really like my IT account
manager, Jenny Henderson. She sits in on all our strategy meetings and seems to really
understand our business, but that’s about as far as it goes. By the time we get a project
going, my staff are all complaining that the IT people don’t even know some of our
basic business functions, like how our warehouses operate. It takes so long to deliver
any sort of technology to the field, and when it doesn’t work the way we want it to, they
just shrug and tell us to add it to the list for the next release! Are we really getting value
for all of the millions that we pour into IT?”
“Well, I don’t think it’s as bad as you both seem to believe,” added Michelle
Wright, the CFO. “My EA sings the praises of the help desk and the new ERP system
we put in last year. We can now close the books at month-end in 24 hours. Before that,
it took days. And I’ve seen the benchmarking reports on our computer operations. We
are in the top quartile for reliability and cost-effectiveness for all our hardware and
systems. I don’t think we could get IT any cheaper outside the company.”
“You are talking ‘apples and oranges’ here,” said Glen. “On one hand, you’re
saying that we’re getting good, cheap, reliable computer operations and value for the
money we’re spending here. On the other hand, we don’t feel IT is contributing to
creating new business value for Hefty. They’re really two different things.”
“Yes, they are,” agreed Cheryl. “I’d even agree with you that they do a pretty
good job of keeping our systems functioning and preventing viruses and things. At
least we’ve never lost any data like some of our competitors. But I don’t see how they’re
contributing to executing our business strategy. And surely in this day and age with
increased competition, new technologies coming out all over the place, and so many
changes in our economy, we should be able to get them to help us be more flexible, not
less, and deliver new products and services to our customers quickly!”
2 Smith, H. A., and J. D. McKeen. “Delivering Business Value with IT at Hefty Hardware.” #1-L10-1-001,
Queen’s School of Business, May 2010. Reproduced by permission of Queen’s University, School of Business,
Kingston, Ontario, Canada.

Delivering Business Value with IT at Hefty Hardware 77
The conversation moved on then, but Glen was thoughtful as he walked back to
his office after lunch. Truthfully, he only ever thought about IT when it affected him and
his area. Like his other colleagues, he found most of his communication with the depart-
ment, Jenny excepted, to be unintelligible, so he delegated it to his subordinates, unless
it absolutely couldn’t be avoided. But Cheryl was right. IT was becoming increasingly
important to how the company did its business. Although Hefty’s success was built on
its excellent supply chain logistics and the assortment of products in its stores, IT played
a huge role in this. And to implement Hefty’s new Savvy Store strategy, IT would be
critical for ensuring that the products were there when a customer wanted them and
that every store associate had the proper information to answer customers’ questions.
In Europe, he knew from his travels, IT was front and center in most cutting-
edge retail stores. It provided extensive self-service to improve checkout; multichannel
access to information inside stores to enable customers to browse an extended product
base and better support sales associates assisting customers; and multimedia to engage
customers with extended product knowledge. Part of Hefty’s new Savvy Store business
strategy was to copy some of these initiatives, hoping to become the first retailer in
North America to completely integrate multimedia and digital information into each of
its 1,000 stores. They’d spent months at the executive committee meetings working out
this new strategic thrust—using information and multimedia to improve the customer
experience in a variety of ways and to make it consistent in each of their stores. Now,
they had to figure out exactly how to execute it, and IT was a key player. The question
in Glen’s mind now was how could the business and IT work together to deliver on this
vision, when IT was essentially operating in its own technical world, which bore very
little relationship to the world of business?
Entering his office, with its panoramic view of the downtown core, Glen had an
idea. “Hefty’s stores operate in a different world than we do at our head office. Wouldn’t
it be great to take some of our best IT folks out on the road so they could see what it’s
really like in the field? What seems like a good idea here at corporate doesn’t always
work out there, and we need to balance our corporate needs with those of our store
operations.” He remembered going to one of Hefty’s smaller stores in Moose River and
seeing how its managers had circumvented the company’s stringent security protocols
by writing their passwords on Post-it notes stuck to the store’s only computer terminal.
So, on his next trip to the field he decided he would take Jenny, along with Cheryl
and the Marketing IT Relationship Manager, Paul Gutierez, and maybe even invite the
CIO, Farzad Mohammed, and a couple of the IT architects. “It would be good for them
to see what’s actually happening in the stores,” he reasoned. “Maybe once they do, it
will help them understand what we’re trying to accomplish.”
A few days later, Glen’s e-mailed invitation had Farzad in a quandary. “He wants
to take me and some of my top people—including you—on the road two weeks from
now,” he complained to his chief architect, Sergei Grozny. “Maybe I could spare Jenny
to go, since she’s Glen’s main contact, but we’re up to our wazoos in alligators trying to
put together our strategic IT architecture so we can support their Savvy Stores initiative
and half a dozen more ‘top priority’ projects. We’re supposed to present our IT strategy
to the steering committee in three weeks!”
“And I need Paul to work with the architecture team over the next couple of
weeks to review our plans and then to work with the master data team to help them
outline their information strategy,” said Sergei. “If we don’t have the infrastructure and

78 Section I • Delivering Value with IT
integrated information in place there aren’t going to be any ‘Savvy Stores’! You can’t
send Paul and my core architects off on some boondoggle for a whole week! They’ve all
seen a Hefty store. It’s not like they’re going to see anything different.”
“You’re right,” agreed Farzad. “Glen’s just going to have to understand that I can’t
send five of our top people into the field right now. Maybe in six months after we’ve
finished this planning and budget cycle. We’ve got too much work to do now. I’ll send
Jenny and maybe that new intern, Joyce Li, who we’re thinking of hiring. She could use
some exposure to the business, and she’s not working on anything critical. I’ll e-mail
Jenny and get her to set it up with Glen. She’s so great with these business guys. I don’t
know how she does it, but she seems to really get them onside.”
Three hours later, Jenny Henderson arrived back from a refreshing noontime
workout to find Farzad’s request in her priority in-box. “Oh #*!#*@!” she swore. She
had a more finely nuanced understanding of the politics involved in this situation, and
she was standing on a land mine for sure. Her business contacts had all known about
the invitation, and she knew it was more than a simple request. However, Farzad, hav-
ing been with the company for only eighteen months, might not recognize the olive
branch that it represented, nor the problems that it would cause if he turned down the
trip or if he sent a very junior staff member in his place. “I have to speak with him about
this before I do anything,” she concluded, reaching for her jacket.
But just as she swiveled around to go see Farzad, Paul Gutierez appeared in her
doorway, looking furious. “Got a moment?” he asked and, not waiting for her answer,
plunked himself down in her visitor’s chair. Jenny could almost see the steam coming
out of his ears, and his face was beet red. Paul was a great colleague, so mentally put-
ting the “pause” button on her own problems, Jenny replied, “Sure, what’s up?”
“Well, I just got back from the new technology meeting between marketing and
our R&D guys, and it was just terrible!” he moaned. I’ve been trying to get Cheryl and
her group to consider doing some experimentation with cell phone promotions—you
know, using that new Japanese bar coding system. There are a million things you can
do with mobile these days. So, she asked me to set up a demonstration of the technol-
ogy and to have the R&D guys explain what it might do. At first, everyone was really
excited. They’d read about these things in magazines and wanted to know more. But
our guys kept droning on about 3G and 4G technology and different types of connec-
tivity and security and how the data move around and how we have to model and
architect everything so it all fits together. They had the business guys so confused we
never actually got talking about how the technology might be used for marketing and
whether it was a good business idea. After about half an hour, everyone just tuned out.
I tried to bring it back to the applications we could develop if we just invested a little
in the mobile connectivity infrastructure, but by then we were dead in the water. They
wouldn’t fund the project because they couldn’t see why customers would want to use
mobile in our stores when we had perfectly good cash registers and in-store kiosks!”
“I despair!” he said dramatically. “And you know what’s going to happen don’t
you? In a year or so, when everyone else has got mobile apps, they’re going to want
us to do something for them yesterday, and we’re going to have to throw some sort of
stopgap technology in place to deal with it, and everyone’s going to be complaining
that IT isn’t helping the business with what it needs!”
Jenny was sympathetic. “Been there, done that, and got the T-shirt,” she laughed
wryly. “These tech guys are so brilliant, but they can’t ever seem to connect what they

Delivering Business Value with IT at Hefty Hardware 79
know to what the business thinks it needs. Sometimes, they’re too farsighted and need
to just paint the next couple of steps of what could be done, not the ‘flying around in
jetpacks vision.’ And sometimes I think they truly don’t understand why the business
can’t see how these bits and bytes they’re talking about translate into something that it
can use to make money.” She looked at her watch, and Paul got the hint. He stood up.
“Thanks for letting me vent,” he said. “You’re a good listener.”
“I hope Farzad is,” she thought grimly as she headed down the hall. “Or he’s
going to be out of here by Thanksgiving.” It was a sad truth that CIOs seemed to turn
over every two years or so at Hefty. It was almost predictable. A new CEO would come
in, and the next thing you knew the CIO would be history. Or the user satisfaction rate
would plummet, or there would be a major application crash, or the executives would
complain about how much IT cost, or there would be an expensive new system failure.
Whatever it was, IT would always get blamed, and the CIO would be gone. “We have
some world-class people in IT,” she thought, “but everywhere we go in the business, we
get a bad rap. And it’s not always our fault.”
She remembered the recent CIM project to produce a single customer database for
all of Hefty’s divisions: hardware, clothing, sporting goods, and credit. It had seemed
to be a straightforward project with lots of ROI, but the infighting between the client
divisions had dragged the project (and the costs) out. No one could agree about whose
version of the truth they should use, and the divisions had assigned their most junior
people to it and insisted on numerous exceptions, workarounds, and enhancements, all
of which had rendered the original business case useless. On top of that, the company
had undergone a major restructuring in the middle of it, and a lot of the major play-
ers had changed. “It would be a lot easier for us in IT if the business would get its act
together about what it wants from IT,” she thought. But just as quickly, she recognized
that this was probably an unrealistic goal. A more practical one would be to find ways
for business and IT to work collaboratively at all levels. “We each hold pieces of the
future picture of the business,” she mused. “We need to figure out a better way to put
them together than simply trying to force them to fit.”
Knocking on Farzad’s door, she peeked into the window beside it. He seemed
lost in thought but smiled when he saw her. “Jenny!” he exclaimed. “I was just think-
ing about you and the e-mail I sent you. Have you done anything about it yet?” When
she shook her head, he gave a sigh of relief. “I was just rethinking my decision about
this trip, and I’d like your advice.” Jenny gave her own mental sigh and stepped into
the office. “I think we have a problem with the business and we need to fix it—fast,”
she said. “I’ve got some ideas, and what to do about the trip is just part of them. Can
we talk?” Farzad nodded encouragingly and invited her to sit down. “I agree with you,
and I’d like to hear what you have to say. We need to do things differently around here,
and I think with your help we can. What did you have in mind?”
Discussion Questions
1. Overall, how effective is the partnership between IT and the business at Hefty
Hardware? Identify the shortcomings of both IT and the business.
2. Create a plan for how IT and the business can work collaboratively to deliver the
Savvy Store program successfully.

Mini Case
Investing in TUFS3
“Why do I keep this around?” Martin Drysdale wondered. “It infuriates me every time
I see all that satisfaction over something that is now the bane of my existence.”
He looked gloomily at the offending photo, which showed the project team hap-
pily “clinking” pop cans and coffee cups in a toast: “Here’s to TUFS!” The Technical
Underwriting Financial System (TUFS) was the largest single investment in IT ever
made by Northern Insurance, and it was going to transform Northern by streamlining
the underwriting processes and providing strategic e-business capabilities. The TUFS
team had brought the project in on time and on budget, so the party was a thank-you
for all of the team’s dedicated, hard work. But it was two years ago when the camera
captured the happy moment for posterity, and Martin, CIO for Northern, had celebrated
with the rest.
“Yeah, right,” Martin grimaced as he turned from the photo to the e-mail message
on his computer screen, summoning him to a meeting with his boss that morning to
discuss TUFS. The system had turned into a nightmare in its first few months of opera-
tion. Now his job was on the line. What was supposed to have brought efficiency to
the underwriting process and new opportunities for top-line growth had become a
major corporate money pit. TUFS was still eating up the vast majority of Northern’s IT
budget and resources to fix the underwriting errors that kept appearing, and resistance
to the system had grown from sniping and grumbling into calls for Martin’s head. “No
wonder we’re not saving any money, though, with senior underwriting managers still
insisting on receiving some of their old reports, even though TUFS lets them look up the
same information online anytime they want,” Martin fumed. The meeting with the CFO
was to discuss TUFS and the company’s “very significant investment in this system.”
Feeling like a condemned prisoner on his way to the gallows, Martin grabbed his suit
jacket, straightened his tie, and headed up to the seventh-floor executive suite.
An hour later Martin was feeling very well grilled as he was confronted with a
long list of the problems with TUFS. The CFO, Melissa Freeman, had done her home-
work. Before her was a binder full of TUFS documentation, stretching back almost three
years from when the project had been first identified. “According to my calculations,
Northern has spent almost $4 million on this system, if you include all of the resources
dedicated to fixing the problems identified after implementation,” she noted. “And I
have yet to see any cost savings in the underwriting department. Why?”
“It’s true that there have been some unanticipated changes to the system that have
cost us, but the underwriters have never bought into the system,” Martin conceded.
“They insist on following their old procedures and then using the system at the last pos-
sible moment as a double-check. What can we do if they won’t use the system the way
it was designed?”
3 Smith, H. A., and J. D. McKeen. “Investing in TUFS.” #9-L05-1-003, Queen’s School of Business, February
2005. Reproduced by permission of Queen’s University, School of Business, Kingston, Ontario, Canada.

Investing in TUFS 81
“Could there possibly be a reason why they don’t like the system?” Freeman asked.
“It seems to me from looking at these change reports that the system hasn’t been meet-
ing our basic underwriting needs.”
Martin acknowledged that there had been some problems. “But my guys are tech-
nicians, not underwriters. They didn’t get much participation from the underwriters
in the first place. The underwriting department wouldn’t take the time to bring my
people up to speed on what they needed and why. As well, we were facing a very tight
deadline, which meant that we had to defer some of the functionality we had origi-
nally intended to include. That was senior management’s decision, and everyone was
informed about it when it was made.” He added that they were now asking for a TUFS
training program and a help desk to handle questions that underwriters might face
while using the system!
“A help desk and training program weren’t in our original plan,” Martin reminded
Freeman. “These extras are eating away at the system’s benefits.” According to the busi-
ness case prepared by the users, TUFS was supposed to pay for itself over its first two
years of operations from savings realized from the underwriting process. The system’s
problems certainly accounted for some of the extra costs, but the users hadn’t made any
of the process changes that would help those savings be realized. “They think we can
just plug in the system and cost savings will appear like magic. And other parts of the
system are going to take time to deliver benefits.”
The “other parts” he was referring to were the e-business capabilities that TUFS
provided. “If you will recall, this system was approved in the days when we had to have
e-business or we were going to be dinosaurs. In retrospect, we could have cut back on
this functionality more easily and left some of the underwriting functionality in, but
who knew?”
“Well, as you know, our financial resources are very limited at present.” Freeman
leaned forward. “I’ve been asked to make some recommendations to the executive com-
mittee about whether or not we should put more money into this system. TUFS has
been our number-one priority for two years now, and quite a few people are saying that
enough is enough—that we need to make some major changes around here.”
Martin took a deep breath, waiting for the ax to fall. Freeman continued, “What I
need to know now from you is this: What went wrong with our TUFS investment, and
what can we do to prevent these problems in the future? What do we need to do to real-
ize the benefits that were projected for TUFS? How can we measure these benefits? And
how can we best decide how to apportion our IT budget between TUFS and these other
As he slowly exhaled and felt his pulse resume, Martin nodded. “I’ve got some
ideas. Can I get them to you in writing by the end of the week?”
Discussion Questions
1. What went wrong with the TUFS investment, and what can be done to prevent
these problems in the future?
2. What does Northern need to do to realize the benefits that were projected for TUFS?
3. How can Northern measure these benefits?

Mini Case
IT Planning at ModMeters4
Brian Smith, CIO of ModMeters, groaned inwardly as he listened to CEO John Johnson
wrapping up his remarks. “So our executive team thinks there are real business oppor-
tunities for us in developing these two new strategic thrusts. But before I go to the
board for final approval next month, I need to know that our IT, marketing, and sales
plans will support us all the way,” Johnson concluded.
Brian mentally calculated the impact these new initiatives would have on his orga-
nization. He had heard rumors from his boss, the COO, that something big was coming
down. He had even been asked his opinion about whether these strategies were techni-
cally doable, theoretically. But both at once? Resources—people, time, and money—were
tight, as usual. ModMeters was making a reasonable profit, but the CFO, Stan Abrams,
had always kept the lid screwed down tightly on IT spending. Brian had to fight for
every dime. How he was going to find the wherewithal to support not one but two new
strategic initiatives, he didn’t know.
The other VPs at this strategy presentation were smiling. Taking ModMeters
global from a North American operation seemed to be a logical next step for the com-
pany. Its products, metering components of all types, were highly specialized and in
great demand from such diverse customers as utility companies, manufacturers, and
a host of other industries. Originally founded as Modern Meters, the firm had grown
steadily as demand for its metering expertise and components had grown over the past
century or so. Today ModMeters was the largest producer of metering components in
the world with a full range of both mechanical and, now, digital products. Expanding
into meter assembly with plants in Asia and Eastern Europe was a good plan, thought
Brian, but he wasn’t exactly sure how he was going to get the infrastructure in place
to support it. “Many of these countries simply don’t have the telecommunications and
equipment we are going to need, and the training and new systems we have to put in
place are going to be substantial,” he said.
But it was the second strategic thrust that was going to give him nightmares, he
predicted. How on earth did they expect him to put direct-to-customer sales in place
so they could sell “green” electric meters to individual users? His attention was jerked
back to the present by a flashy new logo on an easel that the CEO had just unveiled.
“In keeping with our updated strategy, may I present our new name—MM!”
Johnson announced portentously.
“Oh, this is just great,” thought Brian. “Now I have to go into every single applica-
tion and every single document this company produces and change our name!”
Because of its age and scientific orientation, ModMeters (as he still preferred to
call it) had been in the IT business a long time. Starting back in the early 1960s, the
4 Smith, H. A., and J. D. McKeen. “IT Planning at ModMeters.” #1-L05-1-008, Queen’s School of Business,
September 2005. Reproduced by permission of Queen’s University, School of Business, Kingston, Ontario,

IT Planning at ModMeters 83
company had gradually automated almost every aspect of its business from finance
and accounting to supply chain management. About the only thing it didn’t have was
a fancy Web site for consumers, although even that was about to change. ModMeters
currently had systems reflecting just about every era of computers from punch cards
to PCs. Unfortunately, the company never seemed to have the resources to invest in
reengineering its existing systems. It just layered more systems on top of the others.
A diagram of all the interactions among systems looked like a plate of spaghetti. There
was no way they were going to be able to support two new strategic thrusts with their
current budget levels, he thought as he applauded the new design along with the others.
“Next week’s IT budget meeting is going to be a doozy!”
Sure enough, the following week found them all, except for the CEO, back in the
same meeting room, ready to do battle. Holding his fire, Brian waited until all the VPs
had presented their essential IT initiatives. In addition to what needed to be done to
support the new business strategies, each division had a full laundry list of essentials
for maintaining the current business of the firm. Even Abrams had gotten into the act
this year because of new legislation that gave the firm’s outside auditors immense
scope to peer into the inner workings of every financial and governance process the
organization had.
After listening carefully to each speaker in turn, Brian stood up. “As many of you
know, we have always been cautious about how we spend our IT budget. We have been
given a budget that is equal to 2 percent of revenues, which seriously limits what we in
IT have been able to do for the company. Every year we spend a lot of time paring our
project list down to bare bones, and every year we make do with a patchwork of infra-
structure investments. We are now at the point where 80 percent of our budget in IT is
fixed. Here’s how we spend our money.” Brian clicked on a PowerPoint presentation
showing a multicolored pie chart.
“This large chunk in blue is just about half our budget,” he stated. “This is simply
the cost of keeping the lights on—running our systems and replacing a bare minimum
of equipment. The red chunk is about 30 percent of the pie. This is the stuff we have to
do—fixing errors, dealing with changes mandated by government and our own indus-
try, and providing essential services like the help desk. How we divide up the remain-
der of the pie is what this meeting is all about.”
Brian clicked to a second slide showing a second pie chart. “As you know, we
have typically divided up the remaining IT budget proportionately, according to who
has the biggest overall operating budget. This large pink chunk is you, Fred.” Brian
gestured at Fred Tompkins, head of manufacturing and the most powerful executive in
the room. It was his division that made the firm’s profit. The pink chunk easily took up
more than half of the pie. Tompkins smiled. Brian went on, pointing out the slice that
each part of the firm had been allotted in the previous year. “Finally, we come to Harriet
and Brenda,” he said with a smile. Harriet Simpson and Brenda Barnes were the VPs of
human resources and marketing, respectively. Their tiny slivers were barely visible—
just a few percent of the total budget.
“This approach to divvying up our IT budget may have served us well over the
years”—Brian didn’t think it had, but he wasn’t going to fight past battles—“however,
we all heard what John said last week, and this approach to budgeting doesn’t give
us any room to develop our new strategies or cover our new infrastructure or staffing
needs. Although we might get a little more money to obtain some new applications

84 Section I • Delivering Value with IT
and buy some more computers”—Abrams nodded slightly—“it won’t get us where we
need to go in the future.”
A third graph went up on the screen, showing the next five years. “If we don’t
do something now to address our IT challenges, within five years our entire IT budget
will be eaten up by just operations and maintenance. In the past we have paid mini-
mal attention to our infrastructure or our information and technology architecture or
to reengineering our existing systems and processes.” A diagram of the “spaghetti”
flashed on. “This is what you’re asking me to manage in a cost-effective manner. It isn’t
pretty. We need a better plan for making our systems more robust and flexible. If we
are going to be moving in new directions with this firm, the foundation just isn’t there.
Stan, you should be worried that we won’t be able to give our auditors what they ask for.
But you should also be worried about our risk exposure if one of these systems fails and
about how we are going to integrate two new business ventures into this mess.”
Tompkins looked up from his papers. It was clear he wasn’t pleased with where
this presentation was headed. “Well, I, for one, need everything I’ve asked for on my
list,” he stated flatly. “You can’t expect me to be the cash cow of the organization and
not enable me to make the money we need to invest elsewhere.”
Brian was conciliatory. “I’m not saying that you don’t, Fred. I’m just saying that
we’ve been given a new strategic direction from the top and that some things are going
to have to change to enable IT to support the whole enterprise better. For example, until
now, we have always prioritized divisional IT projects on the basis of ROI. How should
we prioritize these new strategic initiatives? Furthermore, these new ventures will
require a lot of additional infrastructure, so we need to figure out a way to afford this.
And right now our systems don’t ‘talk’ to the ones running in other divisions because
they don’t use the same terminology. But in the future, if we’re going to have systems
that won’t cost increasing amounts of our budget, we are going to have to simplify and
integrate them better.”
Tompkins clearly hadn’t considered the enterprise’s needs at all. He scowled but
said nothing. Brian continued, “We are being asked to do some new things in the com-
pany. Obviously, John hopes there’s going to be a payback, but it may take a while. New
strategies don’t always bear fruit right away.” Now looking at Abrams, he said point-
edly, “There’s more to IT value than short-term profit. Part of our business strategy is
to make new markets for our company. That requires investment, not only in equipment
and product but also in the underlying processes and information we need to manage
and monitor that investment.”
Harriet Simpson spoke for the first time. “It’s like when we hire someone new in
R&D. We hire for quality because we want their ideas and innovation, not just a warm
body. I think we need to better understand how we are going to translate our five key
corporate objectives into IT projects. Yes, we need to make a profit, but Stan needs to
satisfy regulators and Brenda’s going to be on the hot seat when we start marketing to
individuals. And we haven’t even spoken about Ted’s needs.” As the VP of R&D, Ted
Kwok was tasked with keeping one or more steps ahead of the competition. New types
of products and customer needs would mean expansion in his area as well.
Abrams cleared his throat. “All of you are right. As I see it, we are going to have
to keep the cash flowing from Fred’s area while we expand. But Brian’s got a point.
We may be being penny wise and pound foolish if we don’t think things through more

IT Planning at ModMeters 85
carefully. We’ve put a lot of effort into developing this new strategy, and there will be
some extra money for IT but not enough to do that plus everything all of you want. We
need to retrench and regroup and move forward at the same time.”
There was silence in the room. Abrams had an annoying way of stating the
obvious without really helping to move the ball forward. Brian spoke again. “The way
I see it, we have to understand two things before we can really make a new budget.
First, we need to figure out how each of the IT projects we’ve got on the table contri-
butes to one of our key corporate objectives. Second, we need to figure out a way to
determine the value of each to ModMeters so that we can prioritize it. Then I need to
incorporate a reasonable amount of IT regeneration so that we can continue to do new
projects at all.”
Everyone was nodding now. Brian breathed a small sigh of relief. That was step
one accomplished. But step two was going to be harder. “We have a month to get back
to the board with our assurances that the IT plan can incorporate the new strategies
and what we’re going to need in terms of extra funds to do this. As I said earlier, this
is not just a matter of throwing money at the problem. What we need is a process for IT
planning and budgeting that will serve us well over the next few years. This process
will need to accomplish a number of things: It will need to take an enterprise perspective
on IT. We’re all in these new strategies together. It will have to incorporate all types of
IT initiatives—our new strategies, the needs of Fred and others for the new IT to oper-
ate and improve our existing business, Stan’s new auditing needs, and our operations
and maintenance needs. In addition, we must find some way of allocating some of the
budget to fixing the mess we have in IT right now. It must provide a better way to con-
nect new IT work with our corporate objectives. It must help us prioritize projects with
different types of value. Finally, it must ensure we have the business and IT resources in
place to deliver that value.”
Looking at each of his colleagues in turn, he asked, “Now how are we going to
do this?”
Discussion Question
1. Develop an IT planning process for ModMeters to accomplish the demands as set
out above.

This page intentionally left blank

S e c t i o n i i
IT Governance
Chapter 7 Creating IT Shared Services
Chapter 8 A Management Framework for IT Sourcing
Chapter 9 The IT Budgeting Process
Chapter 10 Managing IT-Based Risk
Chapter 11 Information Management: The Nexus of Business and IT
Mini Cases
■ Building Shared Services at RR Communications
■ Enterprise Architecture at Nationstate Insurance
■ IT Investment at North American Financial

C h a p t e r
7 creating it Shared Services1
1 This chapter is based on the authors’ previously published article, McKeen, J. D., and H. A. Smith. “Creating
IT Shared Services.” Communications of the Association for Information Systems 29, Article 34 (October 2011):
645–656. Reproduced by permission of the Association for Information Systems.
A “shared service” is the “provision of a service by one part of an organization where that service had previously been found in more than one part of the organization. Thus the funding and resourcing of the service is shared and the
providing department effectively becomes an internal service provider” (Wikipedia
2014). The key idea is “sharing” within an organization. It suggests centralization of
resources, uniformity of service, consistent processes for service provisioning, econo-
mies of scale, reduced headcount, and enhanced professionalism. As such it has definite
appeal for IT organizations, and creating them has been identified as one of the effective
habits of successful CIOs (Andriole 2007).
For the business, an IT shared service is also appealing but for a different set of
reasons. Although the promise of reducing costs, time, and complexity through reuse
and the ability to leverage IT skills and knowledge are attractive, they rank a distant
second to the ability to free up resources by transferring responsibility for a noncore
activity to another organizational body. Not surprisingly, the successful creation of a
shared service is by necessity an exercise in goal alignment (between the business and
IT) coupled with a strategy for goal attainment.
A shared services organization constitutes an alternate business model. Therefore,
the decision to adopt a shared services model entails a number of critical questions for
management, such as What are the key attributes of a good candidate for a shared ser-
vice? How should a shared service be organized, managed, and governed? What is the
relationship between shared services and the parent organization? What can be learned
from experience with a shared services model? What theoretical and practical insight is
offered by published studies of shared services?
This chapter explores these questions. It begins with a review of the published
literature to provide some definitional clarity concerning the shared services model

Chapter 7 • Creating IT Shared Services 89
and to differentiate shared services from other closely related models. The remainder of
the chapter focuses on the key management issues surrounding the IT shared services
model, including the pros and cons, key organizational factors, and identifying candi-
date shared services. It concludes with an integrated shared services conceptual model
and recommendations for moving toward successful shared services in IT.
IT Shared ServIceS: an OvervIew
As already noted, the key high-level concepts of a shared service are that a single group
within the organization manages the service, the service is offered to any organizational
unit in need of the service, and the shared service is a single-source provider. Accenture
(2005) similarly defines shared services as “the consolidation of support functions (such
as human resources, finance, information technology, and procurement) from several
departments into a standalone organizational entity whose only mission is to provide
services as efficiently and effectively as possible”. While these definitions work in
general, they also raise a number of questions. For instance, how does a shared ser-
vice differ from any other organizational unit that provides service to the organization
(e.g., IT or HR)? How does a shared services organization relate to the parent organiza-
tion? Does a shared service alter customer relationship in significant ways? How is a
shared service governed?
Bergeron (2003) offers additional clarity by defining a shared service as a:
collaborative strategy in which a subset of existing business functions are
concentrated into a new, semi-autonomous business unit that has a manage-
ment structure designed to promote efficiency, value generation, cost savings,
and improved service for the internal customers of the parent corporation, like
a business competing in the open market.
This definition answers some of the earlier mentioned questions. For instance,
it interprets shared services as a “collaborative strategy” that differentiates it from an
organizational structure/design exercise. For example, deciding that all customer sup-
port functions should report to the COO does not make customer support a shared
Bergeron further specifies that the shared service should be a “semiautonomous”
business unit with its own management structure, which suggests a different and
more “arms-length” relationship with the parent organization—one that allows suf-
ficient management discretion to enable the shared services organization to attain its
goals. These goals also differ within this definition with respect to their breadth and
scope. Value generation, as a goal, takes the shared services organization well beyond
efficiency and cost considerations; the goal of a shared services organization is to
“improve the bottom line of the parent corporation, not to create a more efficient, inter-
nally streamlined shared business unit per se” (Bergeron 2003, p. 5).
Bergeron’s definition also differentiates a shared service with respect to its
customer orientation. In a shared services model, internal customers are treated as if
they were external customers to be won or lost. With this orientation, the shared service
competes aggressively for business, places customer satisfaction as a top priority,

90 Section II • IT Governance
actively manages customer relationships, collaborates effectively on new business ini-
tiatives, markets its services internally, and communicates its performance to the busi-
ness on the basis of quality, price, and time. This is not the lackadaisical approach to
customer service that is typical of organizations that treat their business partners as a
captive audience.
Treating internal customers like external customers is a laudable goal but, accord-
ing to one focus group member, a shared services organization can theoretically go well
beyond this. She explained that significant advantages accrue exclusively to an internal
provider. For instance, a shared services organization has existing relationships with
its internal customers with whom they enjoy unfettered access. Furthermore, they
share goals, strategies, and culture. They have common knowledge and are motivated
by the same reward systems. Their loyalty is to the same organization and they share
financial goals.
External providers, in contrast, lack these advantages but have the benefit of others.
Most have credibility beyond internal providers simply because they are competitive in
the marketplace. They may also have economies of scale and advanced technology that
can be amortized over a broad client base. Moreover, they may have superior skills
and knowledge. Her argument was that an effective shared services organization, to
the extent that it develops enhanced customer relationships and a competitive mar-
ket orientation while both facilitating and benefiting from internal customer access,
could at least theoretically realize the “best of both worlds”. More than just the conver-
gence and streamlining of an organization’s functions to ensure that they deliver to the
organization the services required of them as effectively and efficiently as possible, the
true shared services organization generates value for the parent organization as if (and
possibly) competing in the open market.
Shared services are related to, but should not be confused with, more traditional
models of delivering IT services (McKeen and Smith 2007). Carefully delineating each
of the following points further aids our understanding of shared services.
• A shared service is most easily differentiated from a decentralized service delivery
model. In the decentralized model, services are provided in various organizational
units and managed locally. It is common in highly diversified organizations to
find that each business unit has its own IT organization so that the provision of IT
services can be tailored to the unique differences existing within each of the strategic
business units.
• In contrast, a centralized model for IT services brings all resources under a single
management structure, adopting virtualization and standardization strategies to
increase utilization of key resources and to lower operational costs. There are two
primary differences between a centralized model and the shared services model.
First, shared services have a customer-centric mind-set (users of the service are
viewed as customers, and the shared service is dedicated to providing high- quality,
cost-effective, and timely service) and second, shared services are run as an inde-
pendent business with their own budget and bottom-line accountability. The focus
group concluded that a shared service is always centralized but a centralized ser-
vice is not necessarily a shared service; that is, centralization is a “necessary but
insufficient” condition for a shared service.

Chapter 7 • Creating IT Shared Services 91
• The shared services model also differs from outsourcing where an external third
party is paid to provide a service that was previously internal to the buying orga-
nization. While a shared services model is often viewed as a stepping-stone to out-
sourcing, the focus group suggested that the decision to create a shared service
should not be a de facto decision to outsource. The relationship between outsourcing
and shared services is further explored later.
• A shared services model also differs from a joint venture where two or more organi-
zations create a separate, jointly owned, legal, and commercial entity that provides
profit to its shareholders/owners. This delivery mechanism is used frequently in
various industries such as banking and finance as well as oil and petroleum. As
with the outsourcing model, the service is provided by an external agency that
owns the profits derived from the provision of the service.
After a lengthy discussion, the focus group reached a consensual understanding
of a shared services organization. The members suggested that a true shared service
must adhere to the following four principles:
1. Shared services involves more than just centralization or consolidation of simi-
lar activities in one location (although this was recognized as an essential part as
already noted);
2. Shared services must embrace a customer orientation (i.e., as already mentioned, a
shared service cannot behave as a monopolistic provider);
3. Sufficient management discretion and autonomy must exist within the shared ser-
vices organization to allow freedom to generate the necessary efficiencies to create
value for the parent organization; and,
4. Shared services must be run like a business in order to deliver services to internal
customers with costs, quality, and timeliness that are competitive with that of exter-
nal providers.
On this last point, one member of the focus group argued that a shared services
provider will never satisfy internal customers unless and until the shared services orga-
nization is allowed to offer services to external customers. In his organization, despite
spending a considerable amount of money on external consultants to prove that their
IT shared services was competitive with that of external providers, the business “just
didn’t buy it.” There seems to be a general unease among business executives about
whether or not they are getting real value from their IT investments and this carries
over to shared services.
The other major concern for the focus group was the interpretation of “value” as
created by the shared services organization. Some members felt that “value” was the
demonstration that the shared services unit could provide cost savings to their par-
ent organization. Other members felt that cost savings would be insufficient to justify
the creation of a shared services organization, arguing that simply centralizing services
would produce similar savings. They felt that a shared services organization should
be expected to generate additional value beyond efficiency—offering enhanced quality
and/or differentiated services—such that value could be realized in terms of revenue
generation. While no resolution emerged, it is clear that the broader interpretation of
value aligns better with the group’s accepted definition of shared services.

92 Section II • IT Governance
IT Shared ServIceS: PrOS and cOnS
A shared services model for IT has the potential to deliver significant benefits to the
organization (Bergeron 2003). From the parent organization’s perspective, shared
services promise to:
• Reduce costs (due to consolidated operations) and improve service (due to the
customer-centric focus)
• Reduce distractions from core competency activities (due to transfer of noncore
activities to the shared services organization)
• Potentially create an externally focused profit center (should the shared services
decide to offer services beyond the parent organization).
From the perspective of the shared business unit, the shared services model
• Increased efficiencies (due to standardization and uniformity of services)
• Decreased personnel requirements (due to consolidated operations)
• Improved economies of scale (due to the concentration of purchasing, HR, and
other specialized functions).
The focus group generally agreed with this list of possible benefits and suggested
additional items including:
• Professionalism (due to the adoption of a customer-centric approach in dealing with
• Uniformity of service (due to consistent service provisioning across the enterprise)
• Personnel development (due to focused hiring, training, and skills/knowledge
development, all targeted toward service management)
• Control (due to single-sourced service management).
However, there is also a case to be made against shared services (Bergeron 2003).
The focus group highlighted the following limitations as being the most relevant for IT
shared services:
• Becoming a disruption to the service flow
• Moving work to a central location thereby creating wasteful handoffs, rework, and/
or duplication
• Instilling an “us” versus “them” mentality within the provider–consumer relationship
• Lengthening the time it takes to deliver a service.
The focus group also added the following:
• Additional costs associated with management bureaucracy and overhead
• Loss of control experienced by independent business units
• An increased communications burden
• Extraordinary one-time costs at start-up that are reflected within the service
Thus, while the list of benefits of shared services is long and impressive, the
downside risk is equally imposing. The focus group also warned that the list of benefits
represents “promised” benefits and that realizing actual benefits is a different matter!

Chapter 7 • Creating IT Shared Services 93
To gain a different perspective of the trade-offs between these pros and cons,
members of the focus group were asked to share their actual experiences with IT shared
services, highlighting failures as well as successes. Subsequent analysis revealed the
following patterns of failure (from greatest to least):
• Promised headcount reduction doesn’t materialize
• Customer-centric orientation gives way to indifferent service
• Excessive bureaucratization of the service
• Reduced headcount achieved but service levels deteriorate
• Cost efficiencies are realized through “one size fits all” service offerings
The following patterns of success were identified (from greatest to least):
• Service improves producing quality, time, and cost advantages
• Service quality and time/cost savings are realized
• Service quality improves but without noticeable savings
• Headcounts are reduced but service levels remain unchanged
The track record of the focus group was equivocal; no organization was celebrating
the highest level of success and none was publicly admitting to outright failure.
Explaining these differences in outcomes was the next challenge.
IT Shared ServIceS: Key OrganIzaTIOnal SucceSS FacTOrS
Interpreting the success of an organizational initiative depends on understanding the
goals and objectives of those promoting the initiative. To gain some insight into this
aspect of shared services, the focus group was asked what they felt was motivating the
current interest in shared services and whether it was being driven primarily from the
business or from IT. This allowed us not only to examine the driving factors behind
a shared services model but also to highlight any differences between the business
and IT perspectives. In the ensuing discussion, a significant gap emerged between
the views of the business and the IT organizations with respect to a shared services
model— specifically what problems it solved, the benefits it produced, and the unique
challenges the adoption of a shared services model presents.
The majority of members felt that the push for shared services was coming from
IT and that their IT organizations were sufficiently interested in actively promoting a
shared services model. In contrast, two members of the focus group declared that the
push within their organizations was definitely coming from the business. One was a
large organization whose goal was to become a “globally integrated enterprise” built on
shared business services. IT was no exception. Specialized IT services, located globally
anywhere that would yield advantage, were offered to all business units within the
organization as a shared service. The other organization was undergoing an enterprise-
wide initiative to outsource noncore activities and IT had come under the microscope.
Here, the focus group member stated that “our management clearly views shared
services as a prerequisite for outsourcing.”
For organizations where the push for shared services originates within IT, the
motivation was clearly cost savings and/or control. According to one manager, “shared
services are seen as one way to reduce IT cost and/or complexity and drive IT reuse.
This is being driven today out of the IT organization but we understand that our

94 Section II • IT Governance
business partners need to be onboard for anything beyond the simplest of IT shared
services”. Another manager stated that the interest was primarily being driven by her
IT organization to achieve the following three key goals:
• To create reusable business functions to enable cost reduction
• To drive agility by means of a set of well-defined horizontal services
• To ultimately create a rationalized and simplified application portfolio.
When asked what problems a shared services model might solve, the focus group
cited the following:
• Inconsistent integration patterns that lead to steadily increasing costs for solution
maintenance and enhancement
• Building redundant applications using overly specific models because of the lack of
a roadmap for sharing functionality
• Lack of integration, which hampers reusability and economies of scale
• Increasing and perhaps unnecessary IT complexity.
The significant gap between how the IT organization approaches shared services
as compared to the business is most apparent in the articulation of goals, objectives, and
the ultimate justification of a shared services model. This becomes increasingly signifi-
cant when coupled with the fact that the majority of shared services initiatives are being
driven by IT.
In organizations where the driving force for shared services resides within the
IT organization, the focus is commonly on that part of a shared service model that
addresses IT problems; for example, reducing redundancy, encouraging integration,
and rationalizing the application portfolio. Solving these problems, however, only
addresses business problems tangentially through reduced costs and streamlined pro-
cesses and fails outright to attain the goals of customer centricity and enhanced service
to the business. The differences between the business vision for shared services and the
IT vision, unless aligned, is a recipe for disaster. Based on input from the focus group,
we build a conceptual model that bridges this gap by integrating the technical aspects
of an IT shared service with the business aspects. But, before we do this, it is necessary
to first discuss the key factors that constitute the basis for decision making regarding IT
shared services.
IdenTIFyIng candIdaTe ServIceS
An analysis of the existing shared services within the focus group revealed very little in
terms of discernible patterns. Some of the shared services were business-oriented services
(e.g., payment processing or procurement) while others were IT-oriented (e.g., print
management or network services). Some were comprehensive (e.g., application develop-
ment, disaster recovery) while others were narrowly focused (e.g., credit authorization).
Some of the services were deemed “core” while others were “noncore.” Other than enter-
prisewide need, no obvious logical structure emerged from our analysis as a potential
decision guideline for nominating shared services.
In general, the focus group felt that the selection criteria of candidate services for
the shared services model were best understood by contrasting shared services with
outsourcing. They argued that any service being considered for outsourcing could also

Chapter 7 • Creating IT Shared Services 95
be a candidate for a shared service subject to three key differences: knowledge reten-
tion, control of resources, and value generation. That is, organizations appear to opt for
a shared service in preference to outsourcing in order to retain critical knowledge and
skills internally, to exercise greater control over these resources, or to capture additional
value from the specific service rather than allowing it to accrue to the outsourcing party.
The conclusion reached by the focus group was that the processes structured as shared
services appear to offer a significant level of either present or future intrinsic value to
the parent organization, which makes the organization reluctant to relinquish them to a
third party. Services without incremental intrinsic value beyond cost savings are simply
an InTegraTed MOdel OF IT Shared ServIceS
One member of the focus group presented his organization’s model of a shared service
(Figure 7.1). In contrast to the Lacity and Fox (2008) framework, this conceptual model
highlights the functional attributes of the business service, the management framework
required to monitor and deliver the service, and the common technical infrastructure ser-
vices that support it. It suggests that IT shared services is best viewed as inter connected
layers of services; that is, business services are built on top of operational processes
and common IT infrastructure, each of which deliver “services” but of a different sort.
For example, a common business function (e.g., e-forms) is leveraged by multiple busi-
ness entities, supported by commonly managed business delivery processes and SLAs,
Business Services
Common Business
Service Delivery
Common Supporting
IT Infrastructure
Monitoring &
Network Mgmt
Server Mgmt Desktop Mgmt
Storage Mgmt
SLA Mgmt
Usage Mgmt
Security Mgmt
Business Unit Business Unit Business Unit
FIgure 7.1 IT Shared Service Conceptual Model

96 Section II • IT Governance
and runs on common, highly standardized IT infrastructure. This model highlights
how successful IT shared services depend on the effective coordination of each of these
service layers. Although service delivery processes, such as relationship management
and SLA management, are critical for the business, infrastructure processes, such as
server and network management, are equally critical for the IT organization. The model
also suggests that focusing on a single layer while neglecting key processes existing
within other layers is likely to be unsuccessful and lead to the eventual failure of the
shared service. In organizations where the shared service is being driven by the IT orga-
nization with the goal of reuse, for example, the focus group suggested that the real
danger is that attention will be predominantly focused on technical components while
neglecting the managerial components (e.g., building effective customer relationships).
recOMMendaTIOnS FOr creaTIng eFFecTIve
IT Shared ServIceS
Based on their experiences, focus group members agreed on four strategies that
they believed would contribute to the successful creation of an IT shared services
1. Create a transparent process for goal alignment. The group pointed out the
importance of establishing a transparent process for articulating common goals. For
IT managers, the key attraction of a shared service is typically cost savings and/or
reduced complexity. Being able to reduce costs by means of mobilizing reuseable
assets standardizing platforms and virtualizing services, and eliminating redun-
dant systems while providing a uniform and consistent level of service is appeal-
ing. For business managers, however, the promise of cost savings comes second to
the desire for enhanced customer service through improved quality, faster response
and delivery, greater financial transparency, and/or improved relationships with
IT. Without goal clarity, transparency, and alignment, the shared services organiza-
tion will champion one set of goals over another, creating animosity between the
parent organization and the shared services provider. One manager described the
experience in her firm as follows:
The centralization of the service was soon viewed by the business as a stand-
in-line-and-wait for a one-size-fits-all solution . . . the fact that the business was
unable to do an end-run on this delivery process was seen as unresponsive to
the urgent and unforeseen demands placed on the business . . . the elimination of
business priorities . . . no one on the business side wanted to hear about reduced
costs of service.
The focus group suggested that the creation of a shared service need not
degrade into a situation of conflicting goals. There is nothing to suggest that
improved service and cost reduction cannot be tackled simultaneously. In fact, the
centralization process alone should produce sufficient economy of resources to
enable enhanced quality of service. The difficulty is typically built in at the outset of
the shared service by failing to articulate a set of explicit goals that have acceptance
by both the business and IT. Without mutual acceptance and alignment, the shared
service can be doomed at inception.

Chapter 7 • Creating IT Shared Services 97
2. Develop a comprehensive investment model. Establishing a shared services
organization is not a trivial task. In a majority of the cases, the existence of multiple
distributed services across the enterprise (perhaps globally) presents formidable
barriers to consolidation and coordination. Time differences, cultural differences,
and geographical distances all complicate the process. For global enterprises, legal
differences also come into play in building an effective shared services organiza-
tion. The focus group suggested that the larger the organization, the more onerous
the task and the longer it takes. But shared services are not just large organiza-
tion phenomena. As a practical rule, Bergeron (2003) suggests, the “shared services
model is a viable option when the savings from reduction in staffing are greater
than the added overhead of creating a management structure to run the shared
business unit.”
Administrative overhead is a significant component of the overall invest-
ment in shared services. In addition, there are other substantial one-time costs
associated with centralizing operations. These include the relocation of people,
consolidation of technology, establishing support roles/activities, developing
capabilities/skills, and building communication networks to support centralized
operations. Most organizations currently have chargeback mechanisms in place
for IT services but, according to the members of the focus group, these are often
inadequate for a shared service. For well-defined services (like printing, desktops,
or e-forms), the costs are easily identified and associated with the service levels
provided. With more complex services (e.g., payroll management, disaster recov-
ery and planning, records management), however, costing of the actual service
requires more sophisticated algorithms to apportion costs2 for services provided.
A key component is the ability to establish baselines for existing services. Without
these, it is problematic to assess the incremental contribution of a shared service
after its implementation.
A shared service investment model needs to account for significant ongoing
costs in addition to the start-up costs mentioned earlier. Realistic implementation
times range from “at least a year in simple domestic business scenarios involving
one or two company locations to five years or more for a major international orga-
nization with dozens of locations” (Bergeron 2003). Furthermore, cultural change
can present a more formidable challenge than amassing resources (Lacity and Fox
2008). A shared business unit is first and foremost about building relationships
between the parent organization and the service unit. Building effective relation-
ships takes time (Smith and McKeen 2010).
The bottom line is that the investment model for the establishment of a shared
service requires sophistication, understanding, and a commitment from the busi-
ness as well as IT to make it work. Depending on the size of the undertaking, even
reaching a breakeven point can be protracted. However, to the extent that the
investment model is comprehensive and has the backing of senior management,
it can withstand the ongoing challenges faced by any significant organizational
2 Difficulty arises with apportioning actual costs on a service level basis. For instance, actual costs vary over
time with usage but business managers prefer to be billed on the basis of standardized rates/costs for specific

98 Section II • IT Governance
3. Redraft the relationship with the business. The establishment of a shared ser-
vice necessitates a different type of relationship between the business and the
service provider. For instance, with a distributed service, business management
has the  ability to impose priorities to reflect the demands of the business. These
localized priorities, however, rarely survive the transition to a centralized service
mechanism. As a result, the business typically experiences feelings of loss of con-
trol with the creation of a shared service. The old adage “centralize for control,
decentralize for service” applies. Even worse is the potential to develop an “us
versus them” mentality, where the business feels a tangible disconnect between the
urgent demands of their business and the unresponsiveness of the shared services
provider. The risk of this occurring is greatly enhanced in situations lacking goal
A customer service orientation must therefore be instilled within the shared ser-
vices organization to guarantee that satisfaction of the client remains the key goal. The
need for an effective service orientation, particularly during the early stages of the
development, is to counter the risk of the shared service being perceived as a “distant,
unresponsive, and overly bureaucratic” provider. Furthermore, this orientation
must be conveyed to the parent organization. This involves strengthening internal
IT capabilities; changing the mind-set of IT personnel; training and motivation;
and commitment from all levels of management (Fonstad and Subramani 2009).
To accomplish this, the shared service must build “internal sales and marketing”
competencies, which require resources focused on communi cating with current and
prospective customers (Bergeron 2003).
4. Make people an integral part of the process. Lacity and Fox (2008) argue that
successful shared services result from effective management of four interrelated
change programs: business process redesign (i.e., what business processes the
shared services organization will perform); sourcing redesign (i.e., who performs
the business processes); organizational redesign (i.e., where business processes will
be performed); and technology enablement (i.e., technologies used to implement
and coordinate the work). The focus group agreed with the need to manage each
of these programs effectively but was particularly enamored with the notion that
each of these programs was appropriately viewed as a “change” process. Their
experience suggested that the difference between success and failure of an IT
shared services initiative was frequently the result of the effectiveness of the change
process itself.
The creation of a shared services organization requires significant transforma-
tion within the IT organization and directly impacts IT staff. As with outsourcing,
dislocations are inevitable. As decentralized staff become centralized, reductions
are expected, reporting relationships change, new skills are required, existing
skills become redundant, and the overall relationship with the business becomes
much more immediate and business-like with the focus on the bottom line. None
of this happens automatically. Communications and marketing strategies take on
new importance. Customer service is no longer a “take it or leave it” phenom-
enon. Training is essential. New metrics and key performance indicators become
necessary. Service level agreements must be articulated and managed. Together,
this represents enormous change for IT. Bergeron (2003) suggests, “The  pace of

Chapter 7 • Creating IT Shared Services 99
cultural change, not the availability of resources or technology, generally gates
the limitation.”
The focus group did not provide specific suggestions for organizations to fol-
low but stressed a realization of the enormity and significance of the organizational
change that accompanied the adoption of a shared services model and a call to
make the “people part” of a shared services implementation the top priority. In
short, a customer service orientation is built over time and through the conscious
and deliberate attention of all employees. It thus needs to be planned as thoroughly
as any other major organizational transformation initiative.
In recent years, the interest in adopting a shared
services model for IT has grown substantially.
This interest has been driven by the desire
of business for a more customer-centric
and responsive IT organization and by IT
organizations pursuing centralization and
standardization strategies. When success-
ful, an IT shared services model can satisfy
both goals but key challenges arise during
the development and implementation of
the shared service. By bringing together a
number of senior IT managers with experi-
ence in building shared service organizations,
this chapter has clarified what a shared ser-
vice is and what it is not, identified different
forms of success and failure, articulated an
integrated conceptual model, and provided a
number of suggestions to improve the chances
of successful implementation. For those
charged with developing IT shared services
as well as those investi gating this emerging
organizational form, this chapter provides
insight and under standing for achieving
successful shared services and ultimately
the goal of improving overall organizational
Accenture. “Driving High Performance in
Government: Maximizing the Value of Public-
Sector Shared Services.”
c o m / S i t e C o l l e c t i o n D o c u m e n t s / P D F /
Public_Sector_Shared_Services , 2005.
Andriole, S. “The 7 Habits of Highly Effective
Technology Leaders.” Communications of the
ACM 50, no. 3 (March 2007): 67–72.
Bergeron, Brian. Essentials of Shared Services.
Hoboken, NJ: John Wiley & Sons Inc., 2003.
Fonstad, N., and M. Subramani. “Building
Enterprise Alignment: A Case Study.” MIS
Quarterly Executive 8, no. 1 (March 2009): 31–41.
Lacity, M., and J. Fox. “Creating Global Shared
Services: Lessons from Reuters.” MIS Quarterly
Executive 7, no. 1 (March 2008): 17–32.
McKeen, J. D., and H. A. Smith. “Delivering
IT Functions: A Decision Framework.”
Communications of the Association of Information
Systems 19, Article 35 (June 2007): 725–39.
Smith, H. A. and J. D. McKeen. “Building a
Strong Relationship with the Business.”
Communications of the Association of Information
Systems 26, Article 19 (April 2010): 429–40.
Shared_services, May 2014.

C h a p t e r
8 A Management Framework for IT Sourcing1
1 This chapter is based on the authors’ previously published article, McKeen, J. D., and H. A. Smith.
“Delivering IT Functions: A Decision Framework.” Communications of the Association for Information Systems 19,
no. 35 (June 2007): 725–39. Reproduced by permission of the Association for Information Systems.
Every five years starting in 1995, the focus group has taken stock of the responsibilities for which IT is held accountable (Smith and McKeen 2006; Smith and McKeen 2012). To no one’s surprise, the list of IT responsibilities has grown
dramatically. To the standard list of “operations management,” “systems development,”
and “network management” have now been added responsibilities such as business
transformation, regulatory compliance, enterprise and security architecture manage-
ment, information and content management, mobile and social computing, business
intelligence and analytics, risk management, innovation, demand management, and
business continuity management (Smith and McKeen 2012). Never before has IT man-
agement been challenged to assume such diversity of responsibility and to deliver on
so many different fronts. As a result, IT managers have begun to critically examine how
they source and deliver their various services to the organization.
In the past, organizations met additional demands for IT functionality by simply
adding more staff. Today, increasing permanent IT staff is less viable than in the past
and this has led IT organizations to explore other options. Fortunately, several sourcing
alternatives are at hand for delivering IT functionality. Software can be purchased or
rented from the cloud, customized systems can be developed by third parties, whole
business processes can be outsourced, technical expertise can be contracted, data center
facilities can be managed, networking solutions (e.g., data, voice) are obtainable, data
storage is available on demand, and companies will manage your desktop environment
as well as all of your support/maintenance functions. Faced with this smorgasbord of
sourcing options, organizations are experimenting as never before. As with other forms
of experimentation, however, there have been failures as well as successes, and most
decisions have been made on a “one-off” basis. What is still lacking is a unified decision
framework to guide IT managers through this maze of sourcing options.

Chapter 8 • A Management Framework for IT Sourcing 101
This chapter explores how organizations are choosing to source and deliver IT
“functions.” The first section defines what we mean by an IT function and proposes a
maturity model for IT functions. Following this, we take a conceptual look at IT sourc-
ing options, and then we analyze actual company experiences with four different IT
sourcing options—(1) in-house, (2) insource, (3) outsource,2 and (4) partnership—in
order to contrast theory with practice. The penultimate section of the chapter presents a
framework for guiding sourcing decisions stemming from the shared experiences and
insights of the managers in the focus group. The final section presents strategies for the
effective management of IT sourcing.
A MAturity Model for it functions
Smith and McKeen (2012) list the overall responsibilities for which IT is held account-
able. IT functions, in contrast, represent the specific activities that are delivered by IT
in the fulfillment of its responsibilities. For instance, IT is held responsible for deliver-
ing process automation, which it may satisfy by providing the following IT functions to
the organization: project management, architecture planning, business analysis, system
development, quality assurance and testing, and infrastructure support. Although an IT
department provides myriad functions to its parent organization, a compendium of the
key roles was created by amalgamating the lists provided by the members of the focus
group (see Table 8.1).3 This is meant to be representative, not comprehensive, to demon-
strate how IT functions can form the basis of a sourcing decision framework.
Participants pointed out that not all IT functions are at the same stage of devel-
opment and maturity, a fact that has ramifications for how these functions could be
sourced. And although some functions are well defined, common to most companies,
and commodity-like, others are unique, nonstandardized, and not easily shared. There
was general agreement, however, that a maturity model for IT functions has five stages:
(1) unique, (2) common, (3) standardized, (4) commoditized, and (5) utility.
1. Unique. A unique IT function is one that provides strategic (perhaps even
proprietary) advantage and benefit. These IT functions seek to differentiate the
organization in the marketplace. They are commonly, but not necessarily, deliv-
ered by internal IT staff due to the strategic aspect of the function being provided.
Alternately, the function may be provided either by “boutique” firms that create
special-purpose applications or by firms with in-depth industry experience that
cannot be matched by internal IT staff (or even the internal business managers).
Examples of unique IT functions might be business analysis, application integration,
or knowledge-enabling business processes. Such functions depend on familiarity
with the organization’s internal systems combined with an in-depth knowledge of
the business.
2. Common. This type of IT function caters to common (i.e., universal) organiza-
tional needs. Such a function has little ability to differentiate the business, but it
2 We use the term “outsource” inclusively to reflect specific options such as “off-shoring” and “near-shoring.”
3 We actually prefer the term service to function but we chose the term function to avoid confusion with the
usage of service as in service-oriented architecture (SOA).

102 Section II • IT Governance
Table 8.1 list of IT Functions
IT Function Description
Business analysis Liaison between IT and the business to align IT planning, match
technology to business needs, and forecast future business
Systems analysis Elicits business requirements, designs process flow, outlines
document management, and creates design specifications for
Strategy and planning Project prioritization, budgeting, financial planning/
accountability, strategy development, policy development,
and portfolio analysis
Data management Transactional data (e.g., invoicing, shipping), customer data
(e.g., customer relationship management [CRM]), records
management, knowledge management, and business
Project management Managing the resources (e.g., money, people, time, and
equipment) necessary to bring a project to fruition in compliance
with requirements
Architecture Establishing the interaction of all system components (e.g.,
hardware, software, and networking), enterprise compliance with
specifications and standards
Application development Designing, writing, documenting, and unit testing required
code to enact specific functionality in compliance with a design
Quality assurance and
Testing all components of an application prior to production to
ensure it is functioning correctly and meets regulatory and audit
Networking Managing all networking components (e.g., hubs and routers)
to handle all forms of organizational communication (e.g., data,
voice, and streaming video)
Operating systems and
Operating systems for all hardware platforms and other devices
(e.g., handhelds), upgrades, maintenance, and enhancements
Application support Provides enhancements, updates, and maintenance for
application systems plus help and assistance for application users
Data center operations Manages all operations of the production data center and
data storage environment, including backup, DRP, security and
access, and availability
Application software Manages all major applications (e.g., purchased or developed)
to ensure viability of functionality and upgradability with a
special emphasis on legacy systems
Hardware Data servers, power supplies, desktops, laptops, Blackberries,
telephones, and special equipment (e.g., POS, badge readers,
and RFID tags)

Chapter 8 • A Management Framework for IT Sourcing 103
provides a necessary, perhaps critical, component (e.g., financial systems and
HR). Providers capitalize on commonality of function and are motivated to pro-
vide functions (e.g., customer relationship management [CRM], quality assurance,
and content management) to maximize market applicability. Most print operations
are now common functions, for instance. Although they differ from firm to firm,
they are required by most firms but are not considered to provide any competitive
3. Standardized. Standardized IT functions not only provide common tasks/ activities
but also adhere to a set of standards developed and governed by external agen-
cies. Although multiple, perhaps competing, standards may exist, the attributes of
such functions are well articulated, and as a result these functions enjoy wide appli-
cability due to their standardization. Providers of such functionality (e.g., billing/
payment functions, check processing, forms management, facilities management,
and disaster recovery planning) seek opportunities beyond common functions by
promoting (i.e., developing, proposing, and/or adopting) standards to enhance the
interoperability of their functional offerings.
4. Commoditized. These functions are considered commodities similar to oil
and gas. Once attributes are stipulated, functions are interchangeable and
indistinguishable (i.e., any barrel of oil will suffice). Furthermore, there may be
many providers of the function. A good example is application service providers
(ASPs) who deliver standard applications developed by third-party vendors to
client firms without customization. Other commodity functions include network
services, server farms, storage capacity, backup services, and universal power
supply (UPS). What really distinguishes a commodity is the realization that the
“risks imposed by its absence outweigh the burdens of maintaining its availability”
(Marquis 2006).
5. Utility. A utility function is a commodity (such as electricity) delivered by a cen-
tralized and consolidated source.4 This source typically consists of an amalgam of
suppliers operating within an integrated network capable of generating sufficient
resource to fulfill continuous on-demand requests. Private utilities operate in com-
petition with other providers, whereas public utilities tend to be single providers
overseen by regulatory agencies that govern supply, pricing, and size. Examples of
utilities include Internet service providers (ISPs) as well as other telecommunica-
tion services (e.g., bandwidth on demand, and cloud services).
These stages represent an evolutionary progression (or maturation) in IT func-
tionality. The logic is straightforward: successful, unique functions are copied by other
organizations and soon become common; commonality among IT functions paves
the way for standardization; standardized functions are easily and effectively trans-
acted as commodities; and finally, commoditized functions can be provided by utilities
should an attractive business model exist. The group interpreted this progression as an
ongoing process—that is, individual functions would be expected to advance through
4 This concept has generated a significant amount of interest (Hagel and Brown 2001; Rappa 2004; Ross and
Westerman 2004). Carr (2005), for example, speculates that not only is the utility computing model inevitable,
but it will also dramatically change the nature of the whole computing industry in a fashion similar to electri-
cal generation of the previous century.

104 Section II • IT Governance
the sequence of stages as they matured. Furthermore, the continual discovery of new
and unique IT functions, which are required by organizations to differentiate them-
selves and create strategic advantage in the marketplace, would guarantee the continu-
ation of the whole evolutionary progression as depicted in Figure 8.1.
Using this maturity model, we then classified the IT functions listed in Table 8.1
according to their attained maturity stage. The results are represented in Figure 8.2.
The differences among various IT functions are quite remarkable. Hardware (including
servers and storage) was considered to reside at the commodity end of the maturity
model due to its degree of standardization and interoperability, whereas business
analysis remains a relatively unique IT function that differs considerably from organi-
zation to organization. Application software is more varied; some application softwares
are commodity-like, whereas other applications are highly unique to individual firms.
The remaining IT functions vary similarly with respect to the maturity of their develop-
ment and adoption industrywide.
The impetus for this discussion of function maturity was an implicit assumption
that mature functions would be likely candidates for external sourcing, and unique
functions would be likely candidates for internal sourcing. For instance, functions such
as hardware, networks, common applications, and data center operations would be
natural candidates for external provisioning, and IT planning, business and systems
analysis, project management, and application development would be more likely pro-
vided by internal IT staff. The group agreed that these were indeed general trends. What
proved to be somewhat of a surprise, though, was the degree that this generalization
did not appear to hold as members of the focus group repeatedly shared examples of
their specific sourcing activities that ran counter to this generalization; for example,
they insourced commoditized functions and outsourced unique functions. We will
return to this point later.
figure 8.1 Maturity Model for IT Function Delivery

Chapter 8 • A Management Framework for IT Sourcing 105
it sourcing options: theory Versus prActice
Building on classifications developed by Lacity and Willcocks (2000), we considered
four different sourcing options for IT functions:
1. In-house. Permanent IT staff provide the IT function.
2. Insource. IT personnel are brought into the organization to supplement the
existing permanent IT staff to provide the IT function.
3. Outsource. IT functions are provided by an external organization using its own
staff and resources.
4. Partnership. A partnership is formed with another organization to provide IT
functions. The partnership could take the form of a joint venture or involve the cre-
ation of a separate company.
Figure 8.3 depicts the group’s assessment of what the relationship between
specific IT functions and sourcing options should be by superimposing the four IT sourc-
ing options on the maturity grid. From this model it is clear that in-house staff should be
assigned tasks that are in the unique–common maturity stages. Asking in-house staff to
provide commodity-like functions would not be leveraging their unique knowledge of
the business; because of their versatility, they can provide any IT function. As a result,
their area of application was seen as being on the left of Figure 8.3 from top to bottom.
Insourcing is basically a strategy of leveraging the in-house IT staff on a temporary basis.
As such, contract staff should normally be assigned to work with permanent IT staff on
a subset of the full range of tasks provided internally. Partnerships tend to exist in the
lower part of Figure 8.3 because the truly unique tasks of business/systems analysis,
Business Analysis
Systems Analysis
Strategy & Planning
Data Management
Project Management
Application Development
Quality Assurance and Testing
Operating System and Services
Application Support
Data Center Operations
Application Software
Unique Common
Maturity Stage
Standardized Commoditized Utility
figure 8.2 IT Functions Ranked by Maturity Stage

106 Section II • IT Governance
planning, data management, and project management tend to be limited to a single
organization and its strategy. Instead, partnerships were envisioned to focus on func-
tions such as hardware, applications, software, and networking. Such partnerships
could form regardless of maturity stage, which explains the left-to-right positioning
of this IT sourcing option in Figure 8.3 Finally, outsourcing should comprise a subset of
partnerships much the same as insourcing comprises a subset of in-house functions. The
reason is due to differences in governance; outsourcing arrangements are well articu-
lated and governed by service-level agreements (SLAs), and partnerships are typically
governed by memoranda of understanding (MOU). If an organization is interested in a
more flexible, innovative, and open-ended initiative, it would be better advised to seek
a joint venture with another firm. Hence, partnerships were seen to have broader poten-
tial as a sourcing option for IT functions.
Figure 8.3 represents the focus group’s “generally accepted wisdom” regarding IT
function sourcing. Unfortunately, due to the extent of the overlap of functions provided
by the different sourcing options, Figure 8.3 provides limited guidance for managers
tasked with choosing sourcing options for specific IT functions. In order to gain more
insight into decision behavior in practice, the group was asked to share recent examples
of IT functions they were currently delivering by each of the four sourcing options. In
addition, they were asked to describe the justification criteria that their firm used in
making these decisions as well as the benefits they felt they had realized.5 These exam-
ples were analyzed and the results used to create Table 8.2.
5 With few exceptions (e.g., Bandula and Hirschheim 2009), relatively little research has focused on under-
standing the reasons for (and justification of) IT sourcing decisions within organizational settings.
Business Analysis
Systems Analysis
Strategy & Planning
Data Management
Project Management
Application Development
Quality Assurance and Testing
Operating System and Services
Application Support
Data Center Operations
Application Software
Unique Common
Maturity Stage
Standardized Commoditized Utility
figure 8.3 Delivery Options for IT Functions

Chapter 8 • A Management Framework for IT Sourcing 107
Table 8.2 examples of Usage of the Four Delivery Options
Option examples Justification Realized benefits
In-house • Strategic system
• Legacy system support
• New system
• Help desk/desktop
• Information/document
• Application support
• Intranet development
• Technology support
• Business systems
• Project management
• Security services
(change control)
• Business intelligence
and reporting
• Need to have
complete control
over the intellectual
• Need it now
• Work is strategic
• Skunkworks
• Internal
consulting to the
• High-speed delivery
• Leverage internal
business and system
• Ownership of
intellectual property
• Security of data
• Protection and
preservation of critical
• Focus on core systems
that are considered
key assets
Insource • Portal development
• Specialized system
(e.g., POS, CRM)
• Data warehouse
• Database development
• Intranet development
• Corporate systems
• Contract staff to
provide key skills
• Both local contractors
and offshore company
on retainer
• Need to have
control over project
• Exposing
intellectual property
not an issue
• Recurring program
delivery such as ERP
and CRM
• Highly flexible
(e.g., personnel,
engagement, and
• Best of multiple
vendors used
• No need to expand
internal IT staff
• Staff easily meshed
with existing teams
• Semipermanent
personnel if desired
• Quick access to
specific skill sets
• Manage people as
opposed to contracts
• Evens out staffing
“hills and valleys”

108 Section II • IT Governance
Option examples Justification Realized benefits
Outsource • Infrastructure for new
• Business processes
(e.g., billing, payroll)
• Operations
• Help desk
• Field service support
• Network management
• Technology infrastruc-
ture (servers, storage,
• Web site development
and hosting
• Technology rollout
• New stand-alone
project delivery
• The work is not
“point of
• Company does
not have the
• Deliverable is well
understood, and
SLAs are articulated
to the satisfaction of
both parties.
• The outsourcer is
“world class.”
• Speed to market for
specific products/
• Acquire instant
expertise as vendors
are experts (often
world class)
• Business risk
transferred to
• Outsourcer provides
more “levers” for
value creation
(e.g., size, scope)
• Lower cost than
Partnership • Common service
(e.g., statement
processing and
payment services)
• Emergency backup and
• Shared infrastructure
• Special application
development (e.g.,
critical knowledge
• Realize alignment
on a benefit-sharing
• Enable collaborating
partners to compete
with others outside
the partnership
• Future business
growth and/or
opportunities that
arose from the
• Benefits not limited
to a specific prod-
uct or system
• Decreased learning
time and shared
learning costs with
Perhaps the most surprising result based on the examples in column 2 of Table 8.2
is the lack of evidence of a relationship between IT functions and sourcing options. Such
a relationship, were it to exist, would provide a natural basis for a decision framework.
However, not only does it not exist, but there is also considerable evidence to the contrary
(i.e., the observation that identical IT functions are being delivered by all four sourcing
options). As a case in point, various types of systems development as well as applica-
tion support/maintenance functions are provided by all four sourcing options. Earlier we
noted the generally accepted wisdom did not appear to hold up that commodity func-
tions are ready candidates for outsourcing, whereas unique functions are not. The data in
Table 8.2 further corroborate this observation. Given this, one wonders what the operative
criteria for choosing sourcing options are if not the type (or maturity) of the IT function.
Table 8.2 Continued

Chapter 8 • A Management Framework for IT Sourcing 109
the “reAl” decision criteriA
To explore this issue, participants were asked to review a recent business case and to
share the actual criteria that were used to select the specific IT sourcing option. Column 3
in Table 8.2 illustrates the justifications used for each of the four sourcing options. This
paints a much clearer picture of the decision criteria being used by IT managers when
selecting sourcing options.6
decision criterion #1: flexibility
As a decision criterion, flexibility has two dimensions: response time (i.e., how quickly
IT functionality can be delivered) and capability (i.e., the range of IT functionality).
In-house staff rate high on both dimensions. Insourcing, as a complement to permanent
IT staff, is also a highly flexible sourcing option. Although outsourcing can theoretically
provide just about anything, as a sourcing option it exhibits less flexibility because of
the need to locate an outsourcer who can provide the specific function, negotiate a con-
tract, and monitor progress. Finally, partnerships enjoy considerable flexibility regard-
ing capability but much less in terms of response time.7 Within a partnership, the goal is
to create value for the members of the partnership beyond what can be created by any
single organization. How this value is created is up to the partnership, and as long as
the parties agree, virtually anything is possible.
decision criterion #2: control
This decision criterion also has two dimensions: delivery (i.e., ensuring that the deliv-
ered IT function complies with requirements) and security (i.e., protecting intellectual
assets). Because they rank high on both dimensions of control, in-house and insourcing
options are favored in cases where the work is proprietary, strategic, “below the radar”
(i.e., skunkworks), or needed immediately (see Table 8.2). Outsourcing is the preferred
delivery option when the function is not considered “a point of differentiation” and the
deliverable is well understood and easily governed by means of a service-level agree-
ment. Partnerships are designed to be self-controlling by the membership, and as pre-
viously observed, the functions provided by partnerships tend to be more open ended
than those provided by other options.
In Table 8.2, column 4 presents the benefits of each sourcing option. For the most
part, this list is closely aligned with the list of justifications found in column 3. As such, it
reinforces the existence of flexibility and control as key decision criteria. But in addition,
a third key factor appears: knowledge enablement. Mentioned only tangentially within
the list of justifications (e.g., “competence,” “internal consulting,” and “world class”),
it is much more evident within the list of realized benefits (e.g., “leveraging internal
business and system knowledge,” “preservation of critical knowledge,” “quick access
to specific skill sets,” “decreased learning time,” and “sharing the learning costs with
7 Response time within a partnership depends on two interdependent conditions holding: (1) a partnership
must already exist, and (2) all partners must be committed to the same delivery timeline.
6 This analysis excludes other factors such a political, institutional, or environmental which can sometimes
override normal organizational factors in IT sourcing decisions (Mola and Carugati 2012).

110 Section II • IT Governance
partners”). Marquis (2006) argues that “what is not easily replicable, and thus is poten-
tially strategic, is an organization’s intelligence and capability. By combining skills and
resources in unique and enduring ways to grow core competencies, firms may succeed
in establishing competitive advantage.”
decision criterion #3: Knowledge enhancement
Behind many sourcing decisions is the need to either capture knowledge or retain it.
One firm cited the example of developing a new business product. It “normally” would
have been outsourced, but it was intentionally developed by in-house staff augmented
by key contract personnel. The reason was to transfer knowledge of this new busi-
ness product to internal IT personnel as well as to business personnel (who were also
unfamiliar with this type of business offering). At another firm, the decision was made
to insource key expertise “not to do the work, but to train internal staff how to do the
work.” The manager stated, “It would have been more logical and far cheaper to out-
source the whole project.” In another firm the support function for a key application
was repatriated because the firm felt that it was losing an important learning oppor-
tunity that would keep staff abreast of developments in the market and develop new
knowledge concerning a key line of business with growth potential. Furthermore, it is
not just knowledge development that is the critical factor; knowledge retention is equally
important. Whether implicitly or explicitly, knowledge enhancement appears to play a
key role in most sourcing decisions.
decision criterion #4: Business exigency
Unforeseen business opportunities arise periodically, and firms with the ability to
respond do so. Because of the urgency and importance of these business opportuni-
ties, they are not governed by the standard planning/budgeting processes and, indeed,
most do not appear on the annual IT plan. Instead, a decision is made to seize the
opportunity, and normal decision criteria are jettisoned in order to be responsive to
the business. In these cases, whichever sourcing option can produce results fastest is
selected. The sourcing option could be any of the four but is less likely to be a partner-
ship unless the urgent request can be accommodated within the structure of an existing
arrangement. Seen in a resource-planning context, business exigency demands consti-
tute the “peaks” or “spikes.” As one manager stated, “We have peaks and valleys, and
we outsource the peaks.”
The discussion also revealed the existence of two distinct sets of decision criteria:
“normal” versus “actual.” Manager after manager explained their decisions with the
following preface: “Normally we would make the decision this way, but in this case we
actually made the decision differently.” When the participants referred to the normal set,
they primarily cited issues of flexibility, control, and knowledge enablement. But when
they described the actual decision criteria used to select the sourcing option, a fourth
factor emerged: “business exigency.”
It is difficult to ascertain the full effect of this last decision criterion. Certainly busi-
ness exigency is a dominant factor. In an urgent situation, the fastest sourcing option
will take precedence. However, it is likely that the other three decision criteria play a
significant role in the majority of sourcing decisions regarding IT functionality. We are
left to conclude that business exigency plays a more dramatic but less frequent role.

Chapter 8 • A Management Framework for IT Sourcing 111
A decision frAMeworK for sourcing it functions
Finally, the focus group was asked to outline a set of strategies for deciding how to
source and deliver IT functions based on their collective experience and insights. The
following step-by-step framework emerged.
identify your core it functions
The identification of core functions is the first and most critical step in creating a deci-
sion framework for selecting sourcing options. One manager captured this as follows:
The days of IT being good at all things have long gone. . . . Today you have to pick
your spots. . . . You have to decide where you need to excel to achieve competitive
differentiation. . . . Being OK at most things is a recipe for failure sooner or later.
It was argued that the IT organization should approach the exercise of identifying
its core functions by taking a page from the business handbook—that is, decide where
competitive advantage lies, buttress it with the best resources, and divest all ancillary
activities. In the case of IT, “divestiture” translates into seeking external sourcing of
functions because the responsibility and accountability for all IT functions will always
remain with the IT organization.
Asked what constitutes a core function, the group suggested that it would depend
entirely on where and how the IT organization decides it can leverage the business
most effectively. Interestingly, what was considered core varied dramatically across the
sample of organizations represented, spreading across the entire spectrum of IT func-
tions, including legacy system enhancement, business process design, enterprise system
implementation, project management, and even data center operations. The only
conclusion that resonated with the entire group was that “it matters more that the  IT
organization has identified core functions than what those functions actually are.”
The articulation of core functions has major implications. First, the selection of core
functions lays the cornerstone for the decision framework for sourcing options. That is
because, ideally, in-house functions reflect the organization’s set of core functions. The
assignment of permanent IT personnel to core IT functions, by default, assigns noncore
activities to the remaining three IT sourcing options (as we will see in the next strategy).
Second, the selection of core functions directly impacts the careers of IT personnel. For
example, one manager explained that at her organization “project management, busi-
ness process design, and relationship management are key skills, and we encourage
development in these areas.” The implications for IT staff currently fulfilling “noncore”
roles can be threatening as these areas are key targets for external sourcing.
create a “function sourcing” profile
One participant introduced the concept of a “function sourcing” profile—a device that
had been deployed successfully within his organization. It is reproduced in Table 8.3
and modified to accommodate the list of IT functions found in Table 8.1. This sample
profile demonstrates (1) current core functions, (2) future core functions (additions and
deletions), and (3) preferred sourcing options for each IT function. What is most impor-
tant is that this profile is built on an internal assessment of core IT functions. Research

112 Section II • IT Governance
(Bullen et al. 2007) has shown that core functions tend to change over time suggesting
that this analysis be conducted perhaps every few years. The justification provided by
this particular organization for its specific sourcing profile follows:
• Project management, business analysis, and architecture (both system and enter-
prise) are primarily provided in-house but may be augmented with insourced
resources as required. In-house sourcing is preferred for these functions for two
reasons: First, project management and business analysis are recognized strengths
within the organization, and second, this gives the organization more control over
project direction.
• Because it is not recognized as a core function, development is primarily outsourced
or insourced depending on the scope of the project.
• Quality assurance (QA) and testing are largely insourced as these are recognized as
highly specialized skills, although not core functions. As a result, an entire division
of IT is dedicated to these activities. Resources within this group are primarily con-
tractors from a variety of vendors.
Table 8.3 Sample Function Delivery Profile
Core Function? IT Function In-house Insource Outsource Partnership
Yes Business analysis ✓
Systems analysis ✓
In Future Strategy and planning ✓ ✓
In Future Data management ✓
Yes Project management ✓ ✓
Yes Architecture ✓ ✓
✓ ✓ ✓
QA and testing ✓
Now but not in
Networking ✓ ✓
Operating systems
and services

Yes Application support ✓
Data center

✓ ✓
Hardware ✓

Chapter 8 • A Management Framework for IT Sourcing 113
• Application support is a designated core function. Given the depth of business
process knowledge needed as well as the in-depth knowledge of key applications
required, this function is staffed entirely by internal IT personnel.
• Networking is currently provided by in-house staff augmented by insourced
staff but is in transition. A recently formed partnership will eventually make
this a noncore activity, and networking will eventually be provided entirely by
the partner. This sourcing option allows cost sharing and accommodates future
growth. The partnership does not provide competitive advantage; it just makes
good business sense.
• The strategy and planning function as well as data management have been
designated as future core functions. The firm is insourcing expertise from a top
strategy consultancy to transition this skill to internal IT personnel. This explicitly
recognizes the emerging importance of IT to the firm. Similarly, data management
needs to become a key competitive strength in order to shorten product develop-
ment cycles and time to market.
The sample profile depicted in Table 8.3 does not represent a “preferred” or even
“typical” IT sourcing strategy. Instead, it simply demonstrates how the four sourcing
options combine to satisfy the IT needs of a specific organization. Other organizations
with a different mix of core functions (or even with the same mix) might well demon-
strate a very different profile.
evolve full-time it personnel
Because of the alignment between core IT functions and in-house delivery, it is
evident that sourcing decisions should be based on leveraging an organization’s full-
time IT personnel. In fact, the focus group argued that this factor should be used
to determine the majority of sourcing decisions. It is based on the realization that
permanent IT personnel collectively represent a major investment by the organiza-
tion and that this investment needs to be maximized (or at least optimized). This
reinforces the previous discussion of “knowledge enhancement” as one of the key
decision criteria in the selection of IT sourcing mechanisms. One manager said the
We choose a sourcing option based on how it can build strength in one of our designated
core competency areas. This may involve insourcing, outsourcing, a partnership, or any
combination of these [but] … we have never outsourced a core competency.
The sample profile in Table 8.3 suggests how the three external sourcing options
(i.e., insourcing, outsourcing, and partnerships) can be used to supplement permanent
IT personnel. Furthermore, the group suggested that a precedence for ordering should
exist among the sourcing options. Specifically, in-house and insourcing considerations
should be resolved before outsourcing and partnerships are explored. The criteria to be
used to decide between outsourcing and partnerships as sourcing options should be
flexibility, control, and business exigency (given that knowledge enablement is used to
decide between in-house and insourcing). Insourcing, in particular, can be used stra-
tegically to bring in expertise to backfill knowledge gaps in core IT functions, address
business exigency needs, and take on new (or shed old) core functions. Furthermore,

114 Section II • IT Governance
insourcing represents variable costing, so there is usually maximal flexibility, which
helps to smooth out resource “peaks and valleys.”
The other method suggested to evolve internal IT staff, beyond supplement-
ing them with the three external sourcing options, is to hire strategically.8 In other
words, the range of IT sourcing options permits “strategic” hiring as opposed to
“replacement” hiring. In the past, IT organizations felt the need to “cover all the
bases” with their hiring, and as individuals departed the organization, replacements
were sought. Today, however, there is no such impetus. In fact, attrition in noncore
areas is considered advantageous as it permits hiring in designated strategic areas.
This approach extends to permanent staff as well—that is, existing staff are strongly
encouraged to develop their skills and expertise in alignment with designated core
IT functions.
encourage exploration of the whole range of sourcing options
Based on our sample of companies, it can be concluded that we are in the learning phase
of IT function sourcing. Some firms are clearly taking advantage of this opportunity and
exercising their options in many different, often creative, ways. Others, perhaps more
reticent, are sampling less broadly—choosing to stay within their “comfort zone”—
and sourcing IT functions predominantly with in-house resources. Most, however, are
somewhere in the middle—that is, actively exploring different types of sourcing options
mostly for the first time. In all cases, exploration appears to be taking place without any
strategy or guidelines; hence, decisions are taken one at a time. As a result, learning
has been piecemeal—a phenomenon that may partially explain the lack of established
trends in Table 8.2.
combine sourcing options strategically
One of the key reasons for focusing on IT functions as opposed to another unit of
analysis (e.g., projects, applications, or services) became clear by way of an exam-
ple described by a manager. Satisfying her firm’s data storage needs could involve
using the provider ’s equipment, facilities, and staff. Or it could be the organization’s
hardware and staff in the provider ’s facilities, or basically any combination of the
above. In each of these situations, the organization could justifiably claim that it had
“outsourced” its data storage. Such a claim would be highly ambiguous. As a result,
decisions need to be focused on the sourcing of specific IT functions—that is, a micro-
versus a macroview.
Adopting a microview makes it possible to entertain the use of combinations of
sourcing options for the provision of IT functions. Participants pointed out that mul-
tiple sourcing options are often used within a single project. In fact, they suggested
that selecting a single sourcing option for a project in its entirety is fast becoming
8 Although organizations continuously search for top IT talent, there appears to be a general aversion to
increasing permanent staff among the focus group’s companies. The consensus in the focus group was that
this hiring aversion is fueling the growth of sourcing options such as insourcing, outsourcing, and partner-
ships, but the group was reluctant to use this factor to explain IT sourcing behavior. Instead, they claimed
that the real driver was the existence of many alternative sourcing options, which have demonstrated the
capability of providing superior results.

Chapter 8 • A Management Framework for IT Sourcing 115
nonstandard practice. The reality is that multiple providers are necessary to meet
today’s demands, particularly those of the business-exigency variety. This need for an
amalgam of sourcing options is easily understood with functions such as application
development. Here requirements and design may be done in-house, coding may be
outsourced to a third party, testing and quality assurance may be done by insourced
experts, and implementation and rollout might be in partnership. Combining separate
sourcing options strategically can result in realizable benefits such as speed to market
and quality of product or service. Speed to market results from parallel, synchronized
development, and quality results from engaging sourcing options based on demon-
strated expertise and best practice.
A MAnAgeMent frAMeworK for successful sourcing
As sourcing takes on a more central part of IT and organizational strategy, we are
learning more about what it takes to manage sourcing successfully. Furthermore, these
emergent management practices have a reciprocal impact on sourcing decisions. The
focus group identified a number of key factors essential to effective management of
sourcing options: develop a sourcing strategy, develop a risk mitigation strategy,
develop a governance strategy, and understand the cost structures.
develop a sourcing strategy
Whether a company uses sourcing strategically or not, every organization should have
an overall sourcing strategy. Using a decision framework (such as that presented in
this chapter), organizations need to determine what to source, where to source, and to
whom to source. There are many different ways of determining what to source but, in
practice, numerous approaches to “right-sourcing” are possible. What is right for one
organization is not necessarily right for another. The point is that organizations must go
through the exercise of determining for themselves what’s core and what’s not and this
will pave the way for an effective sourcing strategy.
develop a risk Mitigation strategy
“War stories” abound. Every firm can cite examples of activities that had to be
resourced to a different vendor, tasks that needed to be reinsourced, or contracts that
were renegotiated because of problems. The fact is sourcing introduces new levels of
risk to the organization. Loss of control, security and privacy problems, poor-quality
work, hidden costs, lack of standards, unmet expectations, and bad publicity are just
some of the problems that have been experienced. When moving into new forms of
sourcing, it is important to incorporate risk management and mitigation into every
aspect of sourcing.
• Detailed planning is essential. Precise definitions of roles, responsibilities, and expec-
tations must be developed. Specialists in outsourcing are now available to provide
advice on how to select a vendor and plan the work involved. The specialists can
assist—but not replace—the IT sourcing team in understanding how to assess and
engage a vendor. This is especially important when considering offshore sourcing
because of the additional complexities involved.

116 Section II • IT Governance
• Monitoring and an audit trail must be incorporated into the contract to both encour-
age self-correction and ensure all parties live up to their commitments.
• All potential risks should be rated as to both the likelihood of occurrence and their
impact if they do occur. Appropriate steps should be explicitly taken to reduce and/
or manage these risks.
• An exit strategy must be devised. “Any well-designed sourcing strategy must retain
alternatives to pull activities back in-house,” explained one manager.
• Finally, exercise caution when moving into new avenues of sourcing. The hype
in the popular press, often originating from vendors, greatly inflates the benefits
that can be achieved while minimizing the risks. It is recommended that managers
experiment with a “simple, substantial pilot” before committing the company to a
significant new outsourcing initiative.
develop a governance strategy
“With any sourcing option, governance must be super-good,” said a manager. Most IT
organizations now recognize the importance of relationship management at all levels
(i.e., the frontline, middle, and senior management) in delivering value. Nevertheless,
it cannot be underestimated. “Layers of governance are critical to successful sourc-
ing relationships,” said one manager. Others also suggested retaining strong internal
project management and ensuring that vendors also have these skills. “You can’t out-
source the relationship with the customer,” they agreed. Governance problems are exac-
erbated when offshore sourcing is undertaken because of the difficulties of managing
relationships at a distance. This is one reason the larger offshore vendors are setting up
local development centers. At minimum, an offshore outsourcer should name an inter-
nal manager who will act as the organization’s champion and be responsible for quality
assurance. Ideally, an outsourcing relationship should be structured to ensure shared
risk so both parties are incented to make it work.
understand the cost structures
One of the most important elements of successful sourcing is a complete understand-
ing of the cost structures involved. Previously, vendors have profited from their abil-
ity to squeeze value from outsourced activities because they had a better and more
detailed appreciation of their costs. Furthermore, they were able to apply disciplines
and service-level agreements to their work, which IT organizations were often prohib-
ited from doing. Today this is changing. Companies are applying the same standards
to their own work, enabling them to make more appropriate comparisons between the
costs of doing an activity internally (i.e., in-house or insource) and outsourcing it. They
also have a better understanding of the true costs of outsourcing, including relationship
management and contract management, which have frequently been underestimated in
the past. “We need to thoroughly understand our economic model,” said one manager.
“Vendors have the advantage of knowing best practices and economies of scale, but
they are at a disadvantage from a profit and knowledge point of view. If we can’t com-
pete in-house, we should outsource.” Ongoing cost comparisons are effective as they
motivate both parties to do their best and most cost-effective work.

Chapter 8 • A Management Framework for IT Sourcing 117
Despite a steadily growing industry of third-
party providers, IT organizations to date
have ventured rather cautiously into this new
area of IT sourcing. This chapter attempts to
explain why this is so by examining the deci-
sion behavior and practices of a number of
leading-edge organizations. From this analy-
sis, four key decision criteria were identi-
fied: (1) flexibility, (2) control, (3) knowledge
enhancement, and (4) business exigency.
Today IT managers have an incredible range
of available options in terms of how they
choose to source and deliver IT functions.
Clearly, the mistake is not to investigate the
full range of these options. What has been
lacking is greater direction and guidance in
selecting IT sourcing options. The concept of
a maturity model for IT functions was intro-
duced as was a function-sourcing profile to
map sourcing options onto core and noncore
IT functions. These elements form the basis of
a decision framework to guide the selection of
sourcing options. Based on this framework,
organizations can develop more strategic,
nuanced, and methodological approaches to
IT function sourcing and management.
Bandula, J., and R. Hirschheim. “Changes in
IT Sourcing Arrangements: An Interpretive
Field study of Technical and Institutional
Influences.” Strategic Outsourcing: An
International Journal 2, no. 2 (2009): 84–122.
Bullen, C., T. Abraham, K. Gallagher, K. Kaiser,
and J. Simon. “Changing IT Skills: The Impact
of Sourcing Strategies on In-House Capability
Requirements.” Journal of Electronic Commerce
in Organizations 5, no. 2 (April–June 2007):
24–37, 39–46.
Carr, N. G. “The End of Corporate Computing.”
MIT Sloan Management Review 46, no. 3 (Spring
2005): 67–73.
Hagel, J., and J. S. Brown. “Your Next IT Strategy.”
Harvard Business Review 79, no. 9 (October
2001): 105–13.
Lacity, M., and L. Willcocks. “An Empirical
Investigation of Information Technology
Sourcing Practices: Lessons from Experience.”
MIS Quarterly 22, no. 3 (2000): 363–408.
Marquis, H. A. “Finishing Off IT.” MIT Sloan
Management Review 47, no. 4 (Summer 2006):
Mola, L., and A. Carugati. “Escaping ‘Localisms’
in IT sourcing: Tracing Changes in Institutional
Logics in an Italian Firm.” European Journal of
Information Systems 21, no. 4 (July 2012): 388–403.
Rappa, M. A. “The Utility Business Model and the
Future of Computing Services.” IBM Systems
Journal 43, no. 1 (2004): 32–42.
Ross, J. W., and G. Westerman. “Preparing for
Utility Computing: The Role of IT Architecture
and Relationship Management.” MIT Sloan
Management Review 43, no. 1 (2004): 5–19.
Smith, H. A., and J. D. McKeen. “IT in 2015.”
Presentation to Center for Information Systems
Research (CISR), Massachusetts Institute of
Technology, April 2012.
Smith, H. A., and J. D. McKeen. “IT in 2010: The
Next Frontier.” MIS Quarterly Executive 5, no. 3
(September 2006): 125–36.

C h a p t e r
9 The IT Budgeting Process
Don’t ever try to contact an IT manager in September because you won’t get very far. September is budget month for most companies, and that means that most managers are hunkered down over a spreadsheet or in all-day meetings
trying to “make the numbers work.” “Budgeting is a very negative process at our firm,”
one IT manager told us. “And it takes way too long.” Asking many IT managers about
budgeting elicits much caustic comment. Apparently, significant difficulties with IT
budgeting lead to widespread disenchantment among IT leaders who feel much of the
work involved is both artificial and overly time consuming.
Others agree. While there has been little research done on IT budgeting per se
(Hu and Quan 2006; Kobelsky et al. 2006), there appears to be broad, general consensus
that the budgeting processes of many corporations are broken and need to be fixed
(Buytendijk 2004; Hope and Fraser 2003; Jensen 2001). There are many problems. First,
budgeting takes too long and consumes too much managerial time. One study found
that budgeting is a protracted process taking at least four months and consuming
about 30 percent of management’s time (Hope and Fraser 2003). Second, most budget-
ing processes are no longer effective or efficient. They have become disconnected from
business objectives, slow, and expensive (Buytendijk 2004). Third, rigid adherence to
these annual plans has been found to stifle innovation and discourage frontline staff
from taking responsibility for performance (Hope and Fraser 2003; Norton 2006). And
fourth, although many researchers have studied how organizations choose among stra-
tegic investment opportunities, studies show that the budgeting process frequently
undercuts management’s strategic intentions, causing significant frustration among
managers at all levels (Norton 2006; Steele and Albright 2004).
Finally, the annual planning cycle can cast spending plans “in concrete” at a
time when the business needs to be flexible and agile. This is particularly true in IT.
“Over time . . . IT budgeting processes become institutionalized. As a result, IT invest-
ments become less about creating competitive advantages for firms [and] more about
following organizational routine and creating legitimacy for management as well as
organizations” (Hu and Quan 2006). Now that senior business leaders recognize the

Chapter 9 • The IT Budgeting Process 119
strategic importance of IT and IT has become many firms’ largest capital expenditure
(Koch 2006), a hard look at how IT budgets are created is clearly merited.
This chapter first looks at key concepts in IT budgeting to establish what they
mean for IT managers and how they can differ among IT organizations. Then it explores
why budgets are an important part of the management process. Next the chapter
examines the elements of the IT budget cycle. Finally, it identifies some recommended
practices for improving IT budgeting.
Key ConCepts in it Budgeting
Before looking at how budgeting is actually practiced in IT organizations, it is important
to understand what a budget is and why an effective IT budgeting process is so impor-
tant, both within IT and for the enterprise as a whole. Current organizational budgeting
practices emerged in the 1920s as a tool for managing costs and cash flows. Present-
day annual fixed plans and budgets were established in the 1970s to drive performance
improvements (Hope and Fraser 2003). Since then, most organizations have adhered
rigidly to the ideals of this process, in spite of much evidence of their negative influence
on innovation and flexibility (Hope and Fraser 2003). These problems are clearly illus-
trated by the impact this larger corporate fiscal management process has on IT budget-
ing and the problems IT managers experience in trying to make their budget processes
work effectively. The concepts and practices of the corporate fiscal world bear little
similarity to how IT actually works. As a result, there are clear discontinuities between
these two worlds.
These gaps are especially apparent in the differences between the fiscal view of
IT and the functional one. Fiscal IT budgets (i.e., those prepared for the CFO) are bro-
ken down into two major categories: capital expenditures and operating expenses, although
what expenditures go into each is highly variable across firms. In accounting, capital
budgets are utilized to spread large expenses (e.g., buying a building) over several
years, and operating expenses cover the annual cost of running the business. The dis-
tinction between these two concepts gets very fuzzy, however, when it comes to IT.
Generally speaking, all IT organizations want to capitalize as much of their spend-
ing as possible because it makes their annual costs look smaller. However, CIOs are
limited by both organizational and tax policies when deciding on the types of IT expen-
ditures they can capitalize. It is the CFO who, through corporate financial strategy,
establishes what may be capitalized, and this, in turn, determines what IT can capitalize
in its fiscal budget and what it must consider as an operating expense. As a result, some
firms capitalize project development, infrastructure, consulting fees, and full-time staff,
whereas others capitalize only major technology purchases.
How capital budgets are determined and the degree to which they are scrutinized
also vary widely. Some firms allocate and prioritize IT capital expenses out of a cor-
porate “pot”; others manage IT capital separately. Typically, capital expenses appear
to be more carefully scrutinized than operating expenses, but not always. It is surpris-
ing to learn how different types of expenses are handled by different firms and the
wide degree of latitude allowed for IT costs under generally accepted accounting prin-
ciples. In fact, there are few generally accepted accounting principles when it comes
to IT spending (Koch 2006). As a result, researchers should use caution in relying on
measures of the amount of capital spent on IT in firms or industries.

120 Section II • IT Governance
It is within this rather fuzzy fiscal context that the structure and purpose of
functional IT budgets (i.e., those used by IT managers as spending plans) must be under-
stood because these accounting concepts do not usually correspond exactly with how
IT managers view IT work and how they plan and budget for it. In contrast to how
fiscal IT budgets are designed, IT managers plan their spending using two somewhat
different categories: operations costs and strategic investments:
• Operations costs. This category consists of what it costs to “keep the lights on” in IT.
These are the expenses involved in running IT like a utility. Operations involves the
cost of maintenance, computing and peripheral functions (e.g., storage, network), and
support, regardless of how it is delivered (i.e., in-house or outsourced). This category
can, therefore, include both operating and capital costs. Between 50 and 90 percent of
a firm’s IT budget (average 76 percent) is spent in this area, so the spending involved
is significant (Gruman 2006). In most firms there is continual pressure on the CIO to
reduce operations costs year after year (Smith and McKeen 2006).
• Strategic investment. The balance of the IT budget consists of the “new”
spending—that is, spending on initiatives and technology designed to deliver new
business value and achieve the enterprise’s strategic objectives. Because of the
interactive nature of IT and business strategy, this part of the IT budget can include
a number of different types of spending, such as business improvement initiatives
to streamline processes and cut costs, business-enabling initiatives to extend or
transform how a company does business, business opportunity projects to test the
viability of new concepts or technologies and scale them up, and sometimes infra-
structure (Smith et al. 2007). Because spending in this area can include many dif-
ferent kinds of expenses (e.g., full-time and contract staff, software and hardware),
some parts of the strategic investment budget may be considered capital expenses,
whereas others are classified as operating expenses.
Another fuzzy fiscal budgeting concept is cost allocation—the process of allocating
the cost of the services IT provides to others’ budgets. The cost of IT can be viewed as
a corporate expense, a business unit expense, or a combination of both, and the way in
which IT costs are allocated can have a significant impact on what is spent for IT. For
example, a majority of companies allocate their operating expenses to their business
units’ operating budgets—usually using a formula based on factors such as the size and
previous year’s spending of the business unit. Similarly, strategic expenses are typically
allocated on the basis of which business unit will benefit from the investment. In today’s
IT environment, these approaches are not always effective for a number of reasons.
Many strategic IT investments involve the participation of more than one busi-
ness unit, but budgeting systems still tend to be designed around the structure of the
organization (Norton 2006). This leads to considerable artificiality in allocating devel-
opment resources to projects, which in turn can lead to dysfunctional behavior, such as
lobbying, games, nonsupportive cross-functional work, and the inability to successfully
implement strategy (Buytendijk 2004; Norton 2006). “We don’t fund corporate projects
very well,” admitted one manager whose company allocates all costs to individual
business units.
Allocations can also lead to operational inefficiencies. “The different allocation
models tend to lead to ‘gaming’ between our business units,” said another participant.
“Our business unit managers have no control over their percentage of operating costs,”

Chapter 9 • The IT Budgeting Process 121
explained a third. “This is very frustrating for them and tends to be a real problem
for some of our smaller units.” Because of these allocations, some business units may
not be willing to share in the cost of new hardware, software, or processes that would
lead to reduced enterprise costs in the longer term. This is one of the primary reasons
so many IT organizations end up supporting several different applications all doing
the same thing. Furthermore, sometimes, when senior managers get disgruntled with
their IT expenses, this method of allocating operations costs can lead to their cutting
their IT operational spending in ways that have little to do with running a cost-effective
IT organization. For example, one company cut back on its budget for hardware and
software upgrades, which meant that a significant percentage of IT staff then had to be
redeployed to testing, modifying, and maintaining new systems so they would run on
the old machines. Although IT managers have done some work educating their CEOs
and CFOs about what constitutes effective cost cutting (e.g., appropriate outsourcing,
adjusting service levels), the fact remains that most business executives still do not
understand or appreciate the factors that contribute to the overall cost of IT. As a result,
allocations can lead to a great deal of angst for IT managers at budget time as they try
to justify each expense while business managers try to “nickel and dime” each expense
category (Koch 2006).
As a result of all this fuzziness, modern IT budgeting practices do little to give
business leaders confidence that IT spending is both effective and efficient (Gruman
2006). And the challenges IT managers face in making IT spending fit into contempo-
rary corporate budgeting practices are significant.
the importanCe of Budgets
Ideally, budgets are a key component of corporate performance management. “If done
well, a budget is the operational translation of an enterprise’s strategy into costs and
planned revenue” (Buytendijk 2004). Budgets are also a subset of good governance pro-
cesses in that they enable management to understand and communicate what is being
spent and where. Ideally, therefore, a budget is more than a math exercise; it is “a blue-
print for fiscally sound IT and business success” (Overby 2004). Effective IT budgeting
is important for many reasons, but two of the most important are as follows:
1. Fiscal discipline. As overall IT spending has been rising, senior business leaders
have been paying much closer attention to what IT costs and how its budgets are
spent. In many organizations a great deal of skepticism remains that IT budgets are
used wisely, so reducing spending, or at least the operations portion of the bud-
get, is now considered a key way for a CIO to build trust with the executive team
(Gruman 2006). Demonstrating an understanding and appreciation of the realities
of business finance has become a significant part of IT leadership (Goldberg 2004),
and the ability to create and monitor a budget is, therefore, “table stakes” for a CIO
(Overby 2004).
It is clear that senior executives are using the budgeting process to enforce
tougher rules on how IT dollars are spent. Some organizations have centralized
IT budgeting in an effort to better understand what is being spent; others are
making the link between reducing operations spending and increasing invest-
ment in IT a reason for introducing new operations disciplines (e.g., limiting

122 Section II • IT Governance
maintenance, establishing appropriate support levels). Still others have established
tighter requirements for business cases and monitoring returns on investment.
Organizations also use their IT budgets to manage and limit demand. “Our IT bud-
get is capped by our CEO,” stated one manager. “And it’s always less than the
demand.” Using budgets in this way, although likely effective for the enterprise,
can cause problems for CIOs in that they must in turn enforce spending disciplines
on business unit leaders.
Finally, budgets and performance against budgets are a key way of holding
IT management accountable for what it spends, both internally to the leader-
ship of the organization and externally to shareholders and regulatory bodies.
Improperly used, budgets can distort reality and encourage inappropriate
behavior (Hope and Fraser 2003; Jensen 2001). However, when used responsi-
bly they can be “a basis for clear understanding between organizational levels
and can help executives maintain control over divisions and the business”
(Hope and Fraser 2003). Research is beginning to show a positive relationship
between good IT budgeting practices (i.e., using IT budgets to manage demand,
make investment decisions, and govern IT) and overall company performance
(Kobelsky et al. 2006; Overby 2004).
2. Strategy implementation. Budgets are also the means to implement IT
strategy, linking the long-term goals of the organization and short-term goal
execution through the allocation of resources to activities. Unfortunately,
research shows that the majority of organizations do not link their strategies to
their budgets, which is why so many have difficulty making strategic changes
(Norton 2006). This is particularly true in IT. As one manager complained, “No
one knows what we’re doing in the future. Therefore, our goals change regu-
larly and at random.” Another noted, “The lines of business pay little attention
to IT resources when they’re establishing their strategic plans. They just expect
IT to make it happen.”
Budgets can affect IT strategy implementation in a number of ways.
First, where IT dollars are spent determines the impact IT can have on corporate
performance. Clearly, if 80 percent of IT expenditures are going to operations and
maintenance, IT can have less strategic impact than if this percentage is lower.
Second, how discretionary IT dollars are spent is important. For example, some
companies decide to invest in infrastructure, and others do not; some will choose
to “bet the company” on a single large IT initiative, and others will choose more
focused projects. In short, the outcome of how a company chooses among invest-
ment opportunities is reflected in its budgets (Steele and Albright 2004).
Third, the budgeting process itself reflects and reinforces the ability of stra-
tegic decision making to have an impact. Norton (2006) states that because bud-
get processes are inherently biased toward the short term, operational needs will
systematically preempt strategic ones. In IT the common practice of routinely
allocating a fixed percentage of the IT strategic budget to individual business
units makes it almost impossible to easily reallocate resources to higher-priority
projects at the enterprise level or in other business units. In addition, siloed bud-
geting processes make it difficult to manage the cross-business costs of strategic
IT decisions.

Chapter 9 • The IT Budgeting Process 123
Overall, budgets are a critical element of most managerial decisions and processes
and are used to accomplish a number of different purposes in IT: compliance, fiscal
accountability, cost reduction, business unit and enterprise strategy implementation,
internal customer service, delivering business value, and operational excellence, to
name just a few. This, in a nutshell, is the reason IT budgeting is such a complex and
challenging process.
the it planning and Budget proCess
Given that IT budgets are used in so many different ways and serve so many stake-
holders, it is no wonder that the whole process of IT budgeting is “painful,” “artificial,”
and in need of some serious improvement. Figure 9.1 illustrates a generic and simplified
IT planning and budgeting process. This section outlines the steps involved in putting
together an IT budget utilizing some of the key concepts presented earlier.
Corporate processes
The following three activities set the corporate context within which IT plans and
budgets are created.
1. Establish corporate fiscal policy. This process is usually so far removed from the
annual budget cycle that IT leaders may not even be aware of its influence or the
wide number of options in the choices that are made (particularly around capital-
ization). Corporate fiscal policies are not created with IT spending in mind but, as
already noted, can significantly impact how a fiscal IT budget is created and the
Corporate Processes
Set Fiscal IT Budget
Set Functional IT Budget
Corporate Fiscal
Establish IT
Capital Budget
Establish IT
Operations Budget
Remaining $
Set BU & IT
Assess Actual
IT Spending
Financial Statements
IT Operations
Allocations to
Bu Budgets
Performance Against Budget
Establish IT
Operations Budget
Allocate Strategic
IT Investments
Set IT Spending
figure 9.1 A Generic IT Planning and Budgeting Process

124 Section II • IT Governance
levels of scrutiny under which certain kinds of expenses are placed. A more direct
way that corporate fiscal policies affect IT is in company expectations around the
return on investment for IT projects. Most companies now have an explicit expected
return rate for all new projects that is closely monitored.
2. Establish strategic goals. Conversely, IT budgeting is directly and continuously
affected by many corporate strategic goals. The process of establishing IT and
business unit strategies occurs within the context of these overall goals. In some
organizations there is tight integration between enterprise, business unit, and IT
strategic planning; in others these elements are more loosely coupled, informal,
and iterative. However, what is truly rare is a provision for enterprise funding
for enterprise IT initiatives. Thus, corporate strategic goals are typically broken
down into business unit budgets. As one manager explained, “First our execu-
tives decide our profits and then the business units decide how to achieve them
and then IT develops a plan with the business unit . . . . We still don’t do many cor-
porate projects.”
3. Set IT spending levels. Establishing how much to spend on IT is the area that has
been most closely studied by researchers. This is a complex process, influenced by
many external and internal factors. Externally, firms look to others in their industry
to determine the level of their spending (Hu and Quan 2006). In particular, compa-
nies frequently use benchmarks with similar firms to identify a percentage of rev-
enue to spend on IT (Koch 2006). Unfortunately, this approach can be dangerous for
a number of reasons. First, it can be a strong driver in inhibiting competitive advan-
tage and leading to greater similarities among firms in an industry (Hu and Quan
2006). Second, this metric tells management nothing about how well its money is
being spent (Koch 2006). Third, it does not address IT’s ability to use IT strategically
(Kobelsky et al. 2006).
A second and increasingly strong external driver of IT spending is the regulatory
environment within which a firm operates. Legislation, standards, and professional
practices all affect what IT can and cannot do and how its work is done (Smith and
McKeen 2006). These, in turn, affect how much is spent on IT and where it is spent
(Hu and Quan 2006). Other external factors that have been shown to affect how much
money is spent on IT include the following:
• Number of competitors. More concentration in an industry reduces the amount
• Uncertainty. More uncertainty in a business’s external environment leads to
larger IT budgets.
• Diversification of products and services. Firms competing in more markets will
tend to spend more on IT (Kobelsky et al. 2006).
Internal factors affecting the size of the IT budget include the following:
• Affordability. A firm’s overall performance and cash flow will influence how much
discretion it has to spend on IT.
• Growth. Growing firms tend to invest more in IT than mature firms.
• Previous year’s spending. Firm spending on IT is unlikely to deviate significantly
year to year (Hu and Quan 2006; Kobelsky et al. 2006).

Chapter 9 • The IT Budgeting Process 125
it processes
These are multilevel and complex and frequently occur in parallel with each other.
• Set functional IT budget. This budget documents spending as it relates to how
IT organizations work—that is, what is to be spent on IT operations and how much
is available to be spent on strategic investments. As already noted, the operations
budget is relatively fixed and contains the lion’s share of the dollars. In spite of this,
IT managers must go through a number of machinations annually to justify this
expenditure. Most IT organizations are still seen as cost centers, so obtaining budget
approvals is often a delicate, ongoing exercise of relationship building and educa-
tion to prevent inappropriate cost cutting (Koch 2006). Once the overall IT operations
budget has been established, the challenge of allocating it to the individual business
units remains, which, given the complexity of today’s shared technical environ-
ment, is often a fixed or negotiated percentage of the total. Business units can resent
these allocations over which they have no control, and at best, they are viewed as a
“necessary evil.” In organizations where the IT operations budget is centralized, IT
managers have greater opportunity to reduce expenses year by year by introducing
standards, streamlining hardware and software, and sharing services. However, in
many companies, operations budgets are decentralized into the business units and
aggregated up into the overall IT budget. This approach makes it considerably more
difficult for IT managers to implement effective cost-reduction measures. However,
even in those firms that are highly effective and efficient, the relentless pressure from
executives to do more with less makes this part of the annual budgeting process a
highly stressful activity.
Allocating the funds remaining to strategic investments is a completely sep-
arate process in which potential new IT projects are prioritized and their costs
justified. Companies have many different ways of doing this, and most appear
to be in a transition phase between methods of prioritization. Traditionally, IT
organizations have been designed to parallel the organization structure, and new
development funds have been allocated to business units on the basis of some
rule of thumb. For example, each business unit might be allotted a certain num-
ber of IT staff and dollars to spend on new development (based on percentage
of overall revenue) that would remain relatively stable over time. More recently,
however, with greater integration of technology, systems, and data, there has
been recognition of the cross-business costs of new development and of the need
for more enterprise spending to address these. Increasingly, therefore, organi-
zations are moving to prioritize some or all new development at the enterprise
level, thereby removing fixed allocations of new development resources from the
business units.
However it is determined, the strategic portion of the functional IT budget
also involves staffing the initiatives. This introduces yet another level of complex-
ity in that, even if the dollars are available, appropriate IT resources must also be
available to be assigned to particular projects to address the organization’s cost-
cutting requirements. Thus, undertaking a new project involves not only cost jus-
tification and prioritization but also requires the availability of the right mix of
skills and types of staff. Although some firms use fixed percentages of full-time,

126 Section II • IT Governance
contract, and offshore staff in their projects, most use a mix of employees and con-
tract staff in their development projects in order to keep overhead costs low. As
a result, creating new IT development budgets often involves a complementary
exercise in staff planning.
• Set the fiscal IT budget. A second, parallel stream of IT budgeting involves
establishing the fiscal IT budget, which the CFO uses to implement the com-
pany’s fiscal strategy and provide financial reports to shareholders and regula-
tory and tax authorities. This is seen largely by IT managers as a “translation”
exercise where the functional IT budget is reconstituted into the operating and
capital spending buckets. Nevertheless, it represents an additional “hoop”
through which IT managers must jump before their budgets can be approved.
In some companies capital funding is difficult to obtain and must be justified
against an additional set of financial criteria. Some organizations require IT
capital expenditures be prioritized against all other corporate capital expenses
(e.g., buildings, trucks), which can be a very challenging exercise. In other firms
CFOs are more concerned about increasing operating expenses. In either case
this is an area where many IT managers set themselves up for failure by fail-
ing to “speak the language of finance” (Girard 2004). Because most IT managers
think of their work in terms of operations and strategic investments, they fail to
understand some of the larger drivers of fiscal strategy such as investor value
and earnings per share. To get more “traction” for their budgets, it is, therefore,
important for IT leaders to better translate what IT can do for the company into
monetary terms (Girard 2004). To this end, many companies have begun working
more closely with their internal finance staff and are seeing greater acceptance of
their budgets as a result.
assess actual it spending
At the other end of the budgeting process is the need to assess actual IT spending and
performance. A new focus on financial accountability has meant that results are more
rigorously tracked than in the past. In many companies finance staff now monitor
business cases for all new IT projects, thus relieving IT of having to prove the busi-
ness returns on what is delivered. Often the challenge of finding the right resources
for a project or unexpected delays means that the entire available development bud-
get may not be spent within a given fiscal year. “We typically tend to spend about 85
percent of our available development budget because of delays or resourcing prob-
lems,” said one manager. Hitting budget targets exactly in the strategic investment
budget is, therefore, a challenge, and current IT budgeting practices typically do not
allow for much flexibility. On the one hand, such practices can create a “use it or lose
it” mentality; if money is not spent in the fiscal year, it will disappear. “This leads
to some creative accruals and aggressive forecasting,” said the focus group. On the
other hand, IT managers who want to ensure there is enough money for key expen-
ditures create “placeholders” (i.e., approximations of what they think a project will
cost) and “coffee cans” (i.e., unofficial slush funds) in their budgets. The artificial tim-
ing of the budget process, combined with the difficulties of planning and estimation
and reporting complexity, all mean that accurate reporting of what is spent can get

Chapter 9 • The IT Budgeting Process 127
it Budgeting praCtiCes that deliver value
Although there is general agreement that current budgeting practices are flawed,
there are still no widely accepted alternatives. Within IT itself, companies seem to
be experimenting with ways to tweak budgeting to make it both easier and more
effective. The following five practices have proven to be useful in this regard:
1. Appoint an IT finance specialist. Many companies now have a finance expert
working in IT or on staff with the CFO working with IT. “Getting help with
finance has really made the job of budgeting easier,” said one manager. “Having
a good partnership with finance helps us to leverage their expertise,” said another.
Financial specialists can help IT managers to understand their costs and drivers
in new ways. Within operations, they can assist with cost and value analysis of
services and infrastructure (Gruman 2006) and also manage the “translation” pro-
cess between the functional IT budget and the fiscal IT budget. “Finance helps us
to understand depreciation and gives us a deeper understanding of our cost com-
ponents,” a focus group member noted. Finance specialists are also being used to
build and monitor business cases for new projects, often acting as brokers between
IT and the business units. “They’ve really helped us to better articulate business
value. Now they’re in charge of ensuring that the business gets the benefits they
say they will, not IT.” The improving relationship between finance and IT is making
it easier to gain acceptance of IT budgets. “Having dedicated IT finance people is
great since this is not what IT managers want to do,” said a participant.
2. Use budgeting tools and methodologies. About one-half of the members of the focus
group felt they had effective budgeting tools for such things as asset tracking, rolling
up and breaking down budgets into different levels of granularity, and reporting.
“We have a good, integrated suite of tools,” said a manager, “and they really help.”
Because budgets serve so many different stakeholders, tools and methodologies can
help “slice and dice” the numbers many ways, dynamically enabling changes in one
area to be reflected in all other areas. Those who did not have good or well-integrated
tools found that there were gaps in their budgeting processes that were hard to fill.
“Our poor tools lead to disconnects all over the place,” claimed an IT manager. Good
links to the IT planning process are also needed. Ideally, tools should tie budgets
directly to corporate strategic planning, resource strategies, and performance met-
rics, enabling a further translation among the company’s accounting categories and
hierarchy and its strategic themes and targets (Norton 2006).
3. Separate operations from innovation. Most IT managers mentally separate
operations from innovation, but in practical terms maintenance and support are
often mixed up with new project development. This happens especially when IT
organizations are aligned with and funded by the business units. Once IT funds
and resources are allotted to a particular business unit, rather than to a strate-
gic deliverable, it is very difficult to reduce these allocations. Agreement appears
to be growing that operations (including maintenance) must be financially sep-
arated from new development in order to ensure that the costs of the first are
fully scrutinized and kept under control while focus is kept on increasing the pro-
portion of resources devoted to new project development (Dragoon 2005; Girard
2004; Gruman 2006; Norton 2006). Repeatedly, focus group managers told sto-
ries of how their current budget processes discourage accuracy. “There are many

128 Section II • IT Governance
disincentives built into our budgeting processes to keep operational costs down,”
said one manager. Separating operations from innovation in budgets provides a
level of visibility in IT spending that has traditionally been absent and that helps
business unit leaders better understand the true costs of delivering both new sys-
tems and ongoing services.
4. Adopt enterprise funding models. It is still rare to find organizations that pro-
vide corporate funding for enterprisewide strategic IT initiatives, yet there is broad
recognition that this is needed (Norton 2006). The conflict between the need for truly
integrated initiatives and traditional siloed budgets frequently stymies innovation,
frustrates behavior designed for the common good, and discourages accountabil-
ity for results (Hope and Fraser 2003; Norton 2006; Steele and Albright 2004). It is,
therefore, expected that more organizations will adopt enterprise funding models
for at least some IT initiatives over the next few years. Similarly, decentralized bud-
geting for core IT services is declining due to the cost-saving opportunities avail-
able from sharing these. Since costs will likely continue to be charged back to the
differing business units, the current best practice is for IT operation budgets to be
developed at an enterprise level.
5. Adopt rolling budget cycles. IT plans and budgets need attention more frequently
than once a year. Although not used by many companies, an eighteen-month rolling
plan that is reviewed and updated quarterly appears to be a more effective way of
budgeting, especially for new project development (Hope and Fraser 2003; Smith
et al. 2007). “It is very difficult to plan new projects a year in advance,” said one
manager. “Often we are asked for our ‘best estimates’ in our budgets. The problem
is that, once they’re in the budget, they are then viewed as reality.” The artificial
timing of budgets and the difficulty of estimating the costs of new projects are key
sources of frustration for IT managers. Rolling budget cycles, when combined with
integrated budgeting tools, should better address this problem while still providing
the financial snapshots needed by the enterprise on an annual basis.
Although IT budget processes have been
largely ignored by researchers, they are a
critical linchpin between many different
organizational stakeholders: finance and
IT, business units and IT, corporate strategy
and IT, and different internal IT groups. Not
surprisingly, therefore, IT budgeting is much
more complex and difficult to navigate than
it appears. This chapter has outlined some
of the challenges faced by IT managers try-
ing to juggle the realities of dealing with
both IT operations and strategic investments
while meeting the differing needs of their
budget stakeholders. Surprisingly, very few
guidelines are available for IT managers in
this area. Each organization appears to have
quite different corporate financial policies,
which, in turn, drive different IT budget-
ing practices. Nevertheless, IT managers do
face many common challenges in budget-
ing. Although other IT practices have ben-
efited from focused management attention
in recent years (e.g., prioritization, opera-
tions rationalization), budgeting has not as
yet been targeted in this way. However, as
business and IT leaders begin to recognize
the key role that budgets play in implement-
ing strategy and controlling costs, it is hoped
they will make a serious effort to address the
budgeting issues faced by IT.

Chapter 9 • The IT Budgeting Process 129
Buytendijk, F. “New Way to Budget Enhances
Corporate Performance Measurement.” Gartner
Inc., ID Number: 423484, January 28, 2004.
Dragoon, A. “Journey to the IT Promised Land.”
CIO Magazine, April 1, 2005.
Girard, K. “What CIOs Need to Know about
Money.” CIO Magazine, Special Money Issue,
September 22, 2004.
Goldberg, M. “The Final Frontier for CIOs.” CIO
Magazine, Special Money Issue, September 22,
Gruman, G. “Trimming for Dollars.” CIO
Magazine, July 1, 2006.
Hope, J., and R. Fraser. “Who Needs Budgets?”
Harvard Business Review 81, no. 2 (February
2003): 2–8.
Hu, Q., and J. Quan. “The Institutionalization
of IT Budgeting: Empirical Evidence from
the Financial Sector.” Information Resources
Management Journal 19, no. 1 (January–March
2006): 84–97.
Jensen, M. “Corporate Budgeting Is Broken—
Let’s Fix It.” Harvard Business Review 79, no. 11
(November 2001): 95–101.
Kobelsky, K., V. Richardson, R. Smith, and R.
Zmud. “Determinants and Consequences of
Firm Information Technology Budgets.” Draft
paper provided by the authors, May 2006.
Koch, C. “The Metrics Trap … and How to Avoid
It.” CIO Magazine, April 1, 2006.
Norton, D. “Linking Strategy and Planning
to Budgets.” Balanced Scorecard Report.
Cambridge, MA: Harvard Business School
Publishing, May–June 2006.
Overby, S. “Tips from the Budget Masters.” CIO
Magazine, Special Money Issue, September 22,
Smith, H. A., and J. D. McKeen. “IT in 2010.” MIS
Quarterly Executive 5, no. 3 (September 2006):
Smith, H. A., J. D. McKeen, and S. Singh.
“Developing IT Strategy for Business Value.”
Journal of Information Technology Management
XVIII, no. 1 (June 2007): 49–58.
Steele, R., and C. Albright. “Games Managers
Play at Budget Time.” MIT Sloan Management
Review 45, no. 3 (Spring 2004): 81–84.

C h a p t e r
10 Managing IT-Based Risk1
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen. “A Holistic
Approach to Managing IT-Based Risk.” Communications of the Association for Information Systems 25, no. 41
(December 2009): 519–30. Reproduced by permission of the Association for Information Systems.
Not so long ago, IT-based risk was a fairly low-key activity focused on whether IT could deliver projects successfully and keep its applications up and run-ning (McKeen and Smith 2003). But with the opening up of the organization’s
boundaries to external partners and service providers, external electronic communica-
tions, and online services, managing IT-based risk has morphed into a “bet the com-
pany” proposition. Not only is the scope of the job bigger, but also the stakes are much
higher. As companies have become more dependent on IT for everything they do, the
costs of service disruption have escalated exponentially. Now, when a system goes
down, the company effectively stops working and customers cannot be served. And
criminals routinely seek ways to wreak havoc with company data, applications, and
Web sites. New regulations to protect privacy and increase accountability have also
made executives much more sensitive to the consequences of inadequate IT security
practices—either internally or from service providers. In addition, the risk of losing or
compromising company information has risen steeply. No longer are a company’s files
locked down and accessible only by company staff. Today, company information can be
exposed to the public in literally hundreds of ways. Our increasing mobility, the porta-
bility of storage devices, and the growing sophistication of cyber threats are just a few
of the more noteworthy means.
Therefore, the job of managing IT-based risk has become much broader and more
complex, and it is now widely recognized as an integral part of any technology-based
work—no matter how minor. As a result, many IT organizations have been given the
responsibility of not only managing risk in their own activities (i.e., project develop-
ment, operations, and delivering business strategy) but also of managing IT-based risk
in all company activities (e.g., mobile computing, file sharing, and online access to infor-
mation and software). Whereas in the past companies have sought to achieve security

Chapter 10 • Managing IT-Based Risk 131
through physical or technological means (e.g., locked rooms, virus scanners), under-
standing is now growing that managing IT-based risk must be a strategic and holistic
activity that is not just the responsibility of a small group of IT specialists but also part
of the mind-set that extends from partners and suppliers to employees and customers.
This chapter explores how organizations are addressing and coping with increas-
ing IT-based risk. It first looks at the challenges facing IT managers in the arena of risk
management and proposes a holistic view of risk. Next it examines some of the charac-
teristics and components needed to develop an effective risk management framework
and presents a generic framework for integrating the growing number of elements
involved in it. Finally, it describes some successful practices organizations could use for
improving their risk management capabilities.
A Holistic View of it-BAsed Risk
With the explosion in the past decade of new IT-based risks, it is increasingly recog-
nized that risk means more than simply “the possibility of a loss or exposure to loss”
(Mogul 2004) or even a hazard, uncertainty, or opportunity (McKeen and Smith 2003).
Today, risk is a multilayered concept that implies much more is at stake.
“IT risk has changed. IT risk incidents harm constituencies within and outside
companies. They damage corporate reputations and expose weaknesses in com-
panies’ management teams. Most importantly, IT risk dampens an organization’s
ability to compete.” (Hunter and Westerman 2007)
As a result, companies are now focused on “enterprise risk management” as a
more comprehensive and integrated approach to dealing with risk (Slywotzky and
Drzik 2005). Although, not every risk affecting an enterprise will be an IT-based risk,
the fact remains that an increasing number of the risks affecting the enterprise have an
IT-based component. For example, one firm’s IT risk management policy notes that the
goal of risk management is to ensure that technology failures or data integrity do not
compromise the company’s strategic objectives, the company’s reputation and stake-
holders, or its success and reputation.
But, in spite of the increasing number and complexity of IT-based threats facing
organizations and evidence that links risk management with IT project success (Didraga
2013), it remains difficult to get senior executives to devote their attention (and commit
the necessary resources) to effectively manage these risks. A recent global survey noted,
“while the security community recognizes that information security is part of effective
business management, managing information security risk is still overwhelmingly seen as
an IT responsibility worldwide” (Berinato 2007). Another study of several organizations
found that none had a good view of all key risks and 75 percent had major gaps in their
approach to IT-based risk management (Coles and Moulton 2003). In short, while IT has
become increasingly central to business success, many enterprises have not yet adjusted
their processes to incorporate IT-based risk management (Hunter and Westerman 2007).
Knowing what’s at stake, risk management is perennially in the top ten priorities
for CIOs (Hunter et al. 2005) and efforts are being made to put effective capabilities
and processes in place in IT organizations. However, only 5 percent of firms are at a
high level of maturity in this area, and most (80 percent) are still in the initial stages

132 Section II • IT Governance
of this work (Proctor 2007). Addressing risk in a more professional, accountable, and
transparent fashion is an evolution from traditional IT security work. At a Gartner
symposium the following was pointed out:
“[T]raditionally, [IT] security has been reactive, ad hoc, and technically-focused. . . .
The shift to risk management requires an acceptance that you can’t protect yourself
from everything, so you need to measure risk and make good decisions about
how far you go in protecting the organization.” (Proctor 2007)
Companies in the group largely reflected this transitional state. “Information
security is a primary focus of our risk management strategy,” said one manager. “It’s
very, very visible but our business has yet to commit to addressing risk issues.” Another
stated, “We have a risk management group focused on IT risk, but lots of other groups
focus on it too. . . . As a result, there are many different and overlapping views, and we
are missing integration of these views.” “We are constantly trying to identify gaps in
our risk management practices and to close them,” said a third.
There is, however, no hesitation about identifying the sources of risk. Every com-
pany in the group had its own checklist of risk items, and experts have developed
several different frameworks and categorizations that aim to be comprehensive (see
Appendix A for some of these). What everyone agrees on is that any approach to deal-
ing with IT-based risk must be holistic—even though it is an “onerous” job to package
it as a whole. “Every category of risk has a different vocabulary,” explained one focus
group manager. “Financial, pandemic, software, information security, disaster recovery
planning, governance and legal—each view makes sense, but pulling them together is
very hard.” Risk is often managed in silos in organizations, resulting in uncoordinated
approaches to its management and to decision-making incorporating risk. This is why
many organizations, including several in the focus group, are attempting to integrate
the wide variety of issues involved into one holistic enterprise risk management strat-
egy that uses a common language to communicate.
The connection among all of the different risk perspectives is the enterprise. Any
IT problem that occurs—whether with an application, a network, a new system, a ven-
dor, or a hacker (to name just a few)—has the increasing potential to put the enterprise
at risk. Thus, a holistic view of IT-based risk must put the enterprise front and center in
any framework or policy. A risk to the enterprise includes anything (either internal or
external) that affects its brand, reputation, competitiveness, financial value, or end state
(i.e., its overall effectiveness, efficiency, and success).
Figure 10.1 offers an integrated, holistic view of risk from an enterprise perspec-
tive. A wide variety of both internal and external IT-based risks can affect the enterprise.
Externally, risks can come from the following:
• Third parties, such as partners, software vendors, service providers, suppliers, or
• Hazards, such as disasters, pandemics, geopolitical upheavals, or environmental
• Legal and regulatory issues, such as failure to adhere to the laws and regula-
tions affecting the company, including privacy, financial reporting, environmental
reporting, and e-discovery

Chapter 10 • Managing IT-Based Risk 133
Internally, some risks are well known, such as those traditionally associated with
IT operations (availability, accessibility) and systems development (not meeting sched-
ules or budgets, or delivering value). Others are newer and, although they must be
managed from within the organization, they may include both internal and external
components. These include the following:
• Information risks, such as those affecting privacy, quality, accuracy, and protection
• People risks, such as those caused by mistakes or lack of adherence to security
• Process risks, such as problems caused by poorly designed business processes or by
failure to adapt business processes to IT-based changes
• Cultural risks, such as risk aversion and lack of risk awareness
• Controls, such as ineffective or inadequate controls to prevent or mitigate risk
• Governance, such as ineffective or inadequate structure, roles, or accountabilities to
make appropriate risk-based decisions
Finally, there is the risk of criminal interference, either from inside or outside
the organization. Unlike other types of risk, which are typically inadvertent, crimi-
nal actions are deliberate attacks on the enterprise, its information, or sometimes its
employees or customers. Such threats are certainly not new. Everyone is familiar with
viruses and hackers. What is new, however, is that many more groups and individu-
als are targeting organizations and people. These include other national governments,
organized crime, industrial spies, and terrorists. “These people are not trying to bring
systems down, like in the past,” explained a group member. “They are trying to get
External Risk
Hazards Third
Internal Risk
People Processes Culture
Operations Information
E Controls
figuRe 10.1 A Holistic View of IT-Based Risk

134 Section II • IT Governance
Holistic Risk MAnAgeMent: A PoRtRAit
Tackling risk in a holistic fashion is challenging, and building an effective framework
for its management is challenging. It is interesting to note that there is much more agree-
ment from the focus group and other researchers about what effective risk management
looks like than how to do it. With this in mind, we outline some of the characteristics and
components of an effective, holistic risk management program:
1. Focus on what’s important. “Risks are inevitable,” admitted a manager. “The first
question we must ask is ‘What are we trying to protect?’” said another. “There’s
no perfect package, and some residual risk must always be taken.” A third added
“Risks are inevitable, but it’s how they’re managed—our response, contingency
plans, team readiness, and adaptability—that makes the difference.” In short, risk is
uncertainty that matters, something that can hurt or delay an enterprise from reach-
ing its objectives (Hillson 2008). Although many managers recognize that it’s time
to take a more strategic view of risk, “[W]e still don’t have our hands around what’s
important and what we should be monitoring and protecting” (Berinato 2007).
Risk management is therefore not about anticipating all risks but about attempting
to reduce significant risks to a manageable level and knowing how to assess and
respond to it (Slywotzky and Drzik 2005). Yet, more than protecting the enterprise,
risk management should also enable IT to take more risk in the safest possible way
(Caldwell and Mogul 2006). Thus, the focus of effective risk management should
not be about saying “no” to a risk, but how to say “yes,” thereby building a more
agile enterprise (Caldwell and Mogul 2006).
2. Expect changes over time. Few companies have a good grasp of risk management
because IT is a discipline that is evolving rapidly (Proctor 2007). As a result, it
would be a mistake to codify risk practices and standards too rapidly, according to
the focus group. Efforts to do this have typically resulted in “paperwork without
context,” said one manager. Within a particular risk category, risk management
actions should be “continuous, iterative, and structured,” group members agreed.
In recognition of this reality, most participant organizations have a mandatory risk
assessment at key stages in the system development process to capture the risk
picture involved with a particular project at several points in time and many have
regular, ongoing reviews of required operational controls on an annual or bian-
nual basis to do the same thing. In addition, when incidents occur, there should
always be a process for evaluating what happened, assessing its impact, and deter-
mining if controls or other management processes need to be adapted (Coles and
Moulton 2003). Finally, organizations should also be continually attempting to sim-
plify and streamline controls wherever possible to minimize their burden. This is a
process that is often missed, admitted one manager.
However, despite the fact that each of these steps is useful, it is also essential
to stand back from these initiatives and see how the holistic risk image is
developing. It is this more strategic and holistic view that is often missing in orga-
nizations and that firms often fail to communicate to their staff. One of the greatest
risks to organizations comes from employees themselves, not necessarily through
their intentional actions, but because they don’t recognize the risks involved in
their actions (Berinato 2007). Therefore, many believe it is time to recognize that
risk cannot be managed solely through controls, procedures, and technology but

Chapter 10 • Managing IT-Based Risk 135
that all employees must understand the concepts and goals of risk management
because the enterprise will always need to rely on their judgment to some extent
(Symantec Corporation 2007). In the same vein, many managers frequently do
not comprehend the size and nature of the risks involved and thus resource their
management inappropriately (Coles and Moulton 2003). As a result they tend to
delegate many aspects of risk management to lower levels in the organization,
thus preventing the development of any longer-term, overall vision (Proctor 2008;
Witty 2008).
3. View risk from multiple levels and perspectives. Instead of dealing with security
“incidents” in a one-at-a-time manner, it is important to do root cause analysis in
order to understand risks in a more multifaceted way. To date, risk management
has tended to focus largely on the operational and tactical levels and not viewed
in a strategic way. One manager explained, “We need to assess risk trends and
develop strategies for dealing with them. Tactics for dealing with future threats will
then be more effective and easier to put in place.” Another noted, “We must aim for
redundancy of protection—that is, multiple layers, to ensure that if one layer fails,
others will catch any problems.”
Furthermore, risk, security, and compliance are often intermixed in people’s
minds. Each of these is a valid and unique lens through which to view risk and
should not be seen as being the same. For example, one expert noted that 70 percent
of a typical “security” budget is spent on compliance matters, not on protecting
and defending the organization (Society for Information Management 2008), and
this imbalance means that overall spending in many firms is skewed. One firm
uses the “prudent man” rule to deal with risk, which recommends a diversity of
approaches—being proactive, prevention, due diligence, credibility, and promoting
awareness—to ensure that it is adequately covered and that all stakeholders are
properly protected. Monitoring and adapting to new international standards and
laws, completing overall health checks, and analysis of potential risks are other
new dimensions of risk that should be incorporated into a firm’s overall approach
to risk management.
deVeloPing A Risk MAnAgeMent fRAMewoRk
With a holistic picture in mind, organizations can begin to develop a framework for fill-
ing in the details. The objective of a risk management framework (RMF) is to create a
common understanding of risk, to ensure the right risks are being addressed at the right
levels, and to involve the right people in making risk decisions. An RMF also serves to
guide the development of risk policies and integrate appropriate risk standards and
processes into existing practices (e.g., the SDLC). No company in the focus group had
yet developed a comprehensive framework for addressing IT-based risk, although
many had significant pieces in place or in development. In this section, we attempt to
piece these together to sketch out what an RMF might contain.
An RMF should serve as a high-level overview of how risk is to be managed in an
enterprise and can also act as a structure for reporting on risk at various levels of detail.
Currently, many companies have created risk management policies and require all staff
to read and sign them. Unfortunately, such policies are typically so long and complex as

136 Section II • IT Governance
to be overwhelming and ineffective. “Our security policy alone is two hundred pages.
How enforceable is it?” complained a manger. Another noted that the language in his
company’s policy was highly technical. As a result, user noncompliance in following
the recommended best practices was considerable. Furthermore, a plethora of commit-
tees, review boards, councils, and control centers are often designed to deal with one or
more aspects of risk management, but they actually contribute to the general complex-
ity of managing IT-based risk in an organization.
It should not be surprising that this situation exists, given the rapidity with which
technologies, interfaces, external relationships, and dependencies have developed
within the past decade. Organizations have struggled to simply keep up with the waves
of legislation, regulation, globalization, standards, and transformation that seem to
continually threaten to engulf them. An RMF is thus a starting point for providing an
integrated, top-down view of risk, defining it, identifying those responsible for making
key decisions about it, and mapping which policies and standards apply to each area.
Fortunately, current technology makes it easy to offer multiple views and multiple lev-
els of this information, enabling different groups or individuals to understand their
responsibilities and specific policies in detail and see links to specific tools, practices,
and templates, while facilitating different types of reporting to different stakeholders
at different levels. By mapping existing groups, policies, and guidelines into an RMF,
it is easier to see where gaps exist and where complexities in processes should be
A basic RMF includes the following:
• Risk category. The general area of enterprise risk involved (e.g., criminal, opera-
tions, third party).
• Policies and standards. These state, at a high level, the general principles for
guiding risk decisions, and they identify any formal corporate, industry, national,
or international standards that should apply to each risk category.2 For example,
one company’s policy regarding people states the following, in part:
Protecting the integrity and security of client and corporate information is
the responsibility of every employee. Timely and effective reporting of actual
and suspected privacy incidents is a key component of meeting this respon-
sibility. Management relies on the collective experience and judgment of its
Another company policy regarding culture states, “We need to embed a risk man-
agement focus and awareness into all processes, functions, jobs, and individuals.”
• Risk type. Each type of risk associated with each category (e.g., loss of
information, failure to comply with specific laws, inability to work due to system
outages) needs to be identified. Each type should have a generic name and defi-
nition, ideally linked to a business impact. Identifying all risk types will take
2 Some international standards include Committee of Sponsoring Organizations (COSO) of the Treadway
Commission,; SAI Global,; and the Office of Government Commerce’s
Management of Risk (M_o_r) (

Chapter 10 • Managing IT-Based Risk 137
time and probably require much iteration as “there are an incredible variety of
specific risks” (Mogul 2004). However, developing lists and definitions is a good
first step (Baccarini et  al. 2004; Hillson 2008; McKeen and Smith 2003) and is
already a common practice among the focus group companies, at least for certain
categories of risk.
• Risk ownership. Each type of risk should have an owner, either in IT or in the busi-
ness. As well, there will likely be several stakeholders who will be affected by risk-
based decisions. For example, the principal business sponsor could be the owner
of risk decisions associated with the development or purchase of a new IT system,
but IT operations and architecture as well as the project manager will clearly be
key stakeholders. In addition to specialized IT functions, such as IT security, audit
and privacy functions in the business will likely be involved in many IT risk-based
decisions. Owners and stakeholders should have clear responsibilities and account-
abilities. In the focus group, some major risk types were owned by committees,
such as an enterprise risk committee, or the internal audit, social responsibility and
risk governance committee, or the project risk review council on which stakeholder
groups were represented.
• Risk mitigation. As an RMF is developed, each type of risk should be associ-
ated with controls, practices, and tools for addressing it effectively. These fall into
one of two categories: compulsory and optional. Group members stressed that
overemphasis on mitigation can lead to organizational paralysis or hyper-risk
sensitivity. Instead participants stressed the role of judgment in right sizing miti-
gation activities wherever possible. “Our technology development framework
does not tell you what you have to do, but it does give you things to consider
in each phase,” said one manager. “We look first at the overall enterprise risk
presented by a project,” said another, “and develop controls based on our evalu-
ation of the level and types of risk involved.” The goal, everyone agreed, is to
provide a means by which risks can be managed consistently, effectively, and
• Risk reporting and monitoring. This was a rather controversial topic in the focus
group. Although everyone agreed it is important to make risk and its management
more visible in the organization, tracking and reporting on risk have a tendency to
make management highly risk averse. One manager said:
We spent a year trying to quantify risks and developing a roll-up report, but we threw
it away because audit didn’t understand it and saw only one big risk. This led to endless
discussion and no confidence that IT was handling risk well. Now we use a very simple
reporting framework presenting risk as high, medium, or low. This is language we all
There are definitely pressures to improve risk measurement (Proctor 2007), but
clearly care must be taken in how these metrics are reported. For example, one company
3 “Risk Management Guide for Information Technology Systems” (
sp800-30 ), the National Institute of Standards and Technology’s Special Publication 800-30, provides
guidance on specific risk mitigation strategies.

138 Section II • IT Governance
uses a variety of self-assessments to ensure that risks have been properly identified and
appropriate controls put in place. However, as risk management procedures become
better understood and more codified, risk reporting can also become more formalized.
This is particularly the case at present with operational process controls and fundamen-
tal IT security, such as virus or intrusion detection.
However, risk monitoring is an ongoing process because levels and types of
risk are changing continually. Thus, an RMF should be a dynamic document as new
types of risk are identified, business impacts are better understood, and mitigation
practices evolve. “We need to continually monitor all categories of risk and ask our
executives if the levels of risk are still the same,” said a focus group member. It
is clear that failure to understand how risks are changing is a significant risk in
itself (Proctor 2007). It is therefore especially important to have a process in place
to analyze what happens when an unforeseen risk occurs. Unless efforts are made
to understand the root causes of  a  problem, it is unlikely that effective mitigation
practices can be put in place.
iMPRoVing Risk MAnAgeMent cAPABilities
Risk management in most areas does not yet have well-documented best practices or
standards in place. However, the focus group identified several actions that could lead
to the development of effective risk management capabilities:
• Look beyond technical risk. One of the biggest inhibitors of effective risk manage-
ment is too tight a focus on technical risk, rather than on business risk (Coles and
Moulton 2003). A traditional security approach, for example, tends to focus only on
technical threats or specific systems or platforms.
• Develop a common language of risk. A clearer understanding of business risk
requires all stakeholders—IT, audit, privacy, legal, business managers—to speak
the same language and use comparable metrics—at least at the highest levels of
analysis where the different types of risk need to be integrated.
• Simplify the presentation. Having a common approach to discussing or
describing risk is very effective, said several focus group members. While the
work that is behind a simple presentation may be complex, presenting too
much complexity can be counterproductive. The most effective approaches are
simple: a narrative, a dashboard, a “stoplight” report, or another graphic style
of report.
• Right size. Risk management should be appropriate for the level of risk involved.
More effective practices allow for the adaptation of controls while ensuring that the
decisions made are visible and the rationale is communicated.
• Standardize the technology base. This is one of the most effective ways to reduce
risk, according to the research, but it is also one of the most expensive (Hunter
et al. 2005).
• Rehearse. Many firms now have an emergency response team in place to rapidly
deal with key hazards. However, it is less common that this team actually rehearses
its disaster recovery, business continuity, or other types of risk mitigation plans.

Chapter 10 • Managing IT-Based Risk 139
One manager noted that live rehearsals are essential to reveal gaps in plans and
unexpected risk factors.
• Clarify roles and responsibilities. With so many groups in the organization
now involved in managing risk in some way, it is critical that roles and responsi-
bilities be documented and communicated. Ideally, this should be in the context
of an RMF. However, even if an RMF is not in place, efforts should be made to
document which groups in the organization are responsible for which types of
enterprise risk.
• Automate where appropriate. As risk management practices become stan-
dardized and streamlined, automated controls begin to make sense. Some
tools can be very effective, noted the focus group, provided they are applied
in ways that facilitate risk management, rather than becoming an obstacle to
• Educate and communicate. Each organization has its own culture, and
most need to work with staff, business managers, and executives to make
them more aware of risks and the need to invest in appropriate manage-
ment. However, some organizations, like one insurance company in the
focus group, are so risk-phobic that they need education to enable them to
take on more risk. Such companies could benefit from better understanding
their “risk portfolio” of projects (Day 2007). Such an approach can often help
encourage companies to undertake more risky innovation initiatives with
more confidence.
Organizations are more sensitized to risk
than ever before. The economy, regulatory,
and legal environment; business complex-
ity; the increasing openness of business rela-
tionships; and rapidly changing technology
have all combined to drive managers to seek
a more comprehensive understanding of risk
and its management. Whereas in the past,
risk was managed in isolated pockets by
such functions as IT security, internal audit,
and legal, today recognition is growing that
these arenas intersect and affect each other.
And IT risk is clearly involved in many types
of business risk these days. Criminal activ-
ity, legal responsibilities, privacy, innova-
tion, and operational productivity, to name
just a few, all have IT risk implications. As a
result, organizations need a new approach to
risk—one that is more holistic in nature and
that provides an integrative framework for
understanding risk and making decisions
associated with it. Accomplishing this is no
simple task, so developing such a framework
will likely be an ongoing activity, as experts
in IT and others begin to grapple with how to
approach such a complex and multidimen-
sional activity. This chapter has therefore not
tried to present a definitive approach to risk
management. There is general agreement
that organizations are not ready for this.
Instead, it has tried to sketch an impression
of how to approach risk management and
what an effective risk management program
might look like. IT managers and others have
been left to fill in the details and complete
the portrait in their own organizations.

140 Section II • IT Governance
Baccarini, D., G. Salm, and P. Love. “Management
of Risks in Information Technology Projects.”
Industrial Management + Data Systems 104,
no. 3–4 (2004): 286–95.
Berinato, S. “The Fifth Annual Global State
of Information Security.” CIO Magazine,
August 28, 2007.
Caldwell, F., and R. Mogul. “Risk Management
and Business Performance Are Compatible.”
Gartner Inc., ID Number: G00140802,
October 18, 2006.
Coles, R., and R. Moulton. “Operationalizing IT
Risk Management.” Computers and Security 22,
no. 6 (2003): 487–92.
Day, G. “Is It Real? Can We Win? Is It Worth
Doing? Managing Risk and Reward in an
Innovation Portfolio.” Harvard Business Review,
December 2007.
Didraga, O. “The Role and the Effects of
Risk Management in IT Projects Success.”
Informatica Economica 17, no. 1 (2013): 86–98.
Hillson, D. “Danger Ahead.” PM Network,
March 2008.
Hunter, R., and G. Westerman. IT Risk: Turning
Business Threats into Competitive Advantage.
Boston: Harvard Business School Press, 2007.
Hunter, R., G. Westerman, and D. Aron. “IT Risk
Management: A Little Bit More Is a Whole
Lot Better.” Gartner EXPCIO Signature Report,
February 2005.
McKeen, J., and H. Smith. Making IT Happen:
Critical Issues in IT Management. Chichester,
England: John Wiley & Sons, 2003.
Mogul, R. “Gartner’s Simple Enterprise Risk
Management Framework.” Gartner Inc., ID
Number: G00125380, December 10, 2004.
Proctor, P. IT “Risk Management for the
Inexperienced: A CIO’s Travel Guide to
IT ‘Securistan.’” Presentation to Gartner
Symposium ITxpo 2007 Emerging Trends, San
Francisco, CA, April 22–26, 2007.
Proctor, P. “Key Issues for the Risk and Security
Roles, 2008.” Gartner Inc., ID Number:
G00155764, March 27, 2008.
Rasmussen, M. “Identifying and Selecting the
Right Risk Consultant.” Forrester Research
Teleconference, July 12, 2007.
Slywotzky, A., and J. Drzik. “Countering the
Biggest Risk of All.” Harvard Business Review,
April 2005.
Society for Information Management. “Executive
IT security.” Private presentation to the SIM
Advanced Practices Council, May 2008.
Symantec Corporation. “Trends for July–December
2006.” Symantec Internet Security Threat Report
XI (March 2007).
Witty, R. “Findings: IT Disaster Recovery Can
Upsell Business Continuity Management.”
Gartner Inc., ID Number: G00155402,
February 19, 2008.

Chapter 10 • Managing IT-Based Risk 141
Appendix A
A Selection of Risk Classification Schemes
MCKeen and SMith (2003)
• Financial risk
• Technology risk
• Security
• Information and people
• Business process
• Management
• External
• Risk of success
BaCCaRini, SalM, and love (2004)
• Commercial risk
• Economic circumstances
• Human behavior
• Political circumstances
• Technology and technical issues
• Management activities and controls
• Individual activities
JoRdan and SilCoCKS (2005)
• Project risk
• IT services
• Information assets
• IT service providers and vendors
• Applications
• Infrastructure
• Strategic
• Emergent
RaSMuSSen (2007)
• Information security risk
• Policy and compliance
• Information asset management
• Business continuity and disaster
• Incident and threat management
• Physical and environment
• Systems development and operations
CoMBined FoCuS GRoup CateGoRieS
• Project
• Operations
• Strategic
• Enterprise
• Disaster recovery
• Information
• External
• Reputation
• Competitive
• Compliance and regulatory
• Forensic
• Opportunity
• Ethical
• Physical
• Business continuity
• Business process

C h a p t e r
11 Information Management: The Nexus of Business and IT1
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen.
“Information Management: The Nexus of Business and IT.” Communications of the Association for Information
Systems 19, no. 3 (January 2007): 34–46. Reproduced by permission of the Association for Information Systems.
More than ever before, we are living in an information age. Yet until very recently, information and its sibling, knowledge, were given very little atten-tion in IT organizations. Data ruled. And information proliferated quietly in
various corners of the business—file cabinets, PCs, databases, microfiche, e-mail, and
libraries. Then along came the Internet and social media, and the business began to
understand the power and the potential of information. For the past few years, busi-
nesses have been clamoring for IT to deliver more and better information to them (IBM
2012; Smith and McKeen 2005c). As a result, information delivery has become an impor-
tant part of IT’s job.
Now that businesses recognize the value of improved information, IT is facing
huge challenges delivering it:
Not only does effective information delivery require IT to implement new
technologies, it also means that IT must develop new internal nontechnical and
analytic capabilities. Information delivery makes IT work much more visible in
the organization. Developing standard data models, integrating information
into work processes, and forcing (encouraging) business managers to put the
customer/employee/supplier first in their decision making involves IT practi-
tioners in organizational and political conflicts that most would likely prefer to
avoid. Unfortunately, the days of hiding in the “glass house” are now completely
over and IT managers are front and center of an information revolution that will
completely transform how organizations operate. (Smith and McKeen 2005a)
This points out a truth that is only just beginning to sink into the organization’s
collective consciousness. That is, although information delivery may be the responsibility

Chapter 11 • Information Management: The Nexus of Business and IT 143
of IT, information management (IM) requires a true partnership between IT and the busi-
ness. IT is involved with almost every aspect of IM, but information is the heart and soul
of the business, and its management cannot be delegated or abdicated to IT. Thus, IM
represents the true nexus of the business and IT. Because of this, IM has all the hall-
marks of an emerging discipline—the offspring of a committed, long-term relationship
between the business and IT. It requires new skills and competencies, new frames of
reference, and new processes. As is often the case, IT workers are further advanced in
their understanding of this new discipline, but many business leaders are also recogniz-
ing their responsibilities in this field. In some organizations, notably government, IM is
now a separate organizational entity, distinct from IT.
This chapter explores the nature and dimensions of IM and its implications for IT,
looking at IM from the enterprise point of view. Information delivery can be viewed
from a purely IT perspective, whereas information management addresses the busi-
ness and IT issues and challenges in managing information effectively. The first section
examines the scope and nature of IM and how it is being conceptualized in organiza-
tions. The next presents a framework for the comprehensive management of informa-
tion. Then the key issues currently facing organizations in implementing an effective IM
program are addressed. Finally, the chapter presents some recommendations for getting
started in IM.
InformatIon management: How Does It fIt?
Information management is an idea whose time has come for a number of reasons. One
focus group member explained it in this way:
In today’s business environment, it is a given that we must know who our customer is
and ensure our organization’s information enables us to make the right business decisions.
As well, emerging regulations are starting to shape the IM requirements of all companies.
These include privacy and security safeguards on customer information, long-term storage
of historical records, and stronger auditability. We are now being held legally accountable
for our information.
Thus, IM has three distinct but related drivers: (1) compliance, (2) operational
effectiveness and efficiency, and (3) strategy.
Information, as we are now recognizing, is a key organizational resource, along
with human and financial capital. Captured and used in the right way, many believe
information is a different form of capital, known as structural capital (Stewart 1999).
However, unlike human and financial capital, information is not finite. It cannot be
used up, nor can it walk out the door. Furthermore, information capabilities—that is,
the ability to capture, organize, use, and maintain information—have been shown to
contribute to IT effectiveness, individual effectiveness, and overall business perfor-
mance (Kettinger and Marchand 2005; Marchand et al. 2000; Perez-Lopez and Alegre
2012). Therefore, many companies now believe that creating useful structural capital is
a strategic priority (IBM 2012; Kettinger and Marchand 2005).
Unlike information technology, which provides the technology, tools, and
processes with which to capture, store, and manipulate data, or knowledge management

144 Section II • IT Governance
(KM), which focuses on how best to leverage the know-how and intangible experience
of the organization’s human capital, IM provides the mechanisms for managing enter-
prise information itself. IM represents the “meat” in the data–information–knowledge
continuum and provides a foundation that can be used by both IT and KM to create
business value (see Figure 11.1).
As noted earlier, organizations today are beset with demands for more and better
information and more controls over it. IM is the means to get above the fray and clarify
how the enterprise will manage information as an integrated resource. In theory, it
covers all forms of information needed and produced by the business, both structured
and unstructured, including the following:
• Customer information
• Financial information
• Operational information
• Product information
• HR information
• Documents
• E-mail and instant messages
• Customer feedback
• Images and multimedia materials
• Business intelligence
• Relationship information (e.g., suppliers, partners)
• Information about physical objects (i.e., the internet of things)
• Externally generated information (e.g., government records, weather information)
• Geolocation information
In practice, some of these forms will be more thoroughly managed than others,
depending on the organization involved.
The “IM function” is also responsible for the complete information life cycle:
acquisition or creation, organization, navigation, access, security, administration,
storage, and retention. Because IM falls into the gray area between the business and
IT and is not yet a separate organizational entity, many organizations are finding
it is essential to develop an enterprisewide framework that clarifies the policies,
principles, roles, responsibilities and accountabilities, and practices for IM in both
Knowledge Management
Information Technology
Information Management
fIgure 11.1 IM is Fundamental to Organizational Success—Both IT Effectiveness and Individual

Chapter 11 • Information Management: The Nexus of Business and IT 145
a framework for Im
Because much information use crosses traditional functional boundaries, organiza-
tions must take an enterprise perspective on IM for it to be effective. A framework for
implementing IM involves several stages that move from general principles to specific
applications. Although these are presented as distinct activities, in practice they will
likely evolve iteratively as the organization and its management learn by doing. For
example, one company developed and implemented its privacy policy first then recog-
nized the need for an information security policy. As this was being implemented, it cre-
ated a more generic IM policy that incorporated the other two in its principles.
stage one: Develop an Im Policy
A policy outlines the terms of reference for making decisions about information. It pro-
vides the basis for corporate directives and for developing the processes, standards,
and guidelines needed to manage information assets well throughout the enterprise.
Because information is a corporate asset, an IM policy needs to be established at a very
senior management level and approved by the board of directors. This policy should
provide guidance for more detailed directives on accountabilities, quality, security, pri-
vacy, risk tolerances, and prioritization of effort.
Because of the number of business functions affected by information, a draft policy
should be developed by a multidisciplinary team. At minimum, IT, the privacy office,
legal, HR, corporate audit, and key lines of business should be involved. “We had lots
of support for this from our audit people,” said one manager. “They recognize that an
IM policy will help improve the traceability of information and its transformations, and
this makes their jobs easier.” Another recommended reviewing the draft policy with
many executives and ensuring that all business partners are identified. “Ideally, the
policy should also link to existing IM processes such as security classifications,” stated
another. “It’s less threatening if people are familiar with what it implies, and this also
helps identify gaps in practices that need to be addressed.”
stage two: articulate the operational Components
The operational components describe what needs to be in place in order to put the
corporate IM policy into practice across the organization (see Figure 11.2). In turn, each
component will have several “elements.” These could vary according to what different
organizations deem important. For example, the strategy component at one company
has six elements: (1) interacting with the external environment, (2) strategic planning,
(3) information life cycle, (4) general planning, (5) program integration, and (6) per-
formance monitoring (for a description of the elements identified by this firm, see
Appendix A). Together, the operational components act as a context to describe current
IM practices in the organization and reference existing best practices in each area. “This
is a living document, and you should expect it to be continually refined,” noted a focus
group member.
The IM framework’s operational components and individual elements act as a dis-
cussion document to position IM in the business and to illustrate its breadth and scope.
“There’s a danger of IM being perceived as a ‘technology thing,’” stated a manager.

146 Section II • IT Governance
Although it is often IT groups that spearhead the IM effort, they recognize that it
shouldn’t necessarily be located in IT permanently. “Ideally, we need a corporate infor-
mation office that cuts across lines of business and corporate groups, just like IT,” said
another manager.
stage three: establish Information stewardship
Many roles and responsibilities associated with IM need to be clearly articulated. These
are especially important to clarify because of the boundary-spanning nature of informa-
tion. Both political and practical issues arise when certain questions are asked: Who is
responsible for the quality of our customer data? Whose version of name and address
do we use? Who must sign off on the accuracy of our financial information? Ideally,
most organizations would like to have a single version of each of their key informa-
tion subjects (e.g., customer, product, employees) that all lines of business and systems
would use. This would enable proper protections and controls to be put in place. And
this is clearly a long-term IM goal for most. However, legacy environments, politics,
and tight budgets mean that the reality is somewhat less perfect with duplicate versions
of the same information and several variants being used by parts of the business.
Information stewards are businesspeople. They should be responsible for deter-
mining the meaning of information “chunks” (e.g., customer name and address) and
their business rules and contextual use. They should be responsible for the accuracy,
timeliness, consistency, validity, completeness, and redundancy of information. Stewards
also determine who may access information according to privacy and security policies
and provide guidance for the retention and deletion of information in accordance with
regulatory and legal requirements. In addition, stewards make the information’s charac-
teristics available to a broad audience through the organization’s metadata.
Stewardship, like IM, is an evolving role that few understand fully. Ideally, there
should be one steward for each key information subject, but this is nowhere near the
reality in most organizations. One organization has established a working group for each
of its major subjects, with representatives from all affected stakeholder groups as well
as IT. The working groups’ goals are to reduce duplicate records, correct information,
Culture and Behaviors
Technology &
fIgure 11.2 Operational Components of an IM Framework

Chapter 11 • Information Management: The Nexus of Business and IT 147
simplify processes, and close “back doors.” In the longer term, these groups hope to
develop standard definitions and a formal stewardship process and ultimately use
these to retool IT’s data infrastructure.
“We are struggling with this concept,” admitted a manager. “This is not a simple
task, and no one in our business wants to take accountability as yet.” Stewardship also
takes time, and many business units are not yet prepared to allocate resources to it. “At
present, we are hitching our wagons to other projects and hoping to make some prog-
ress in this way,” said another manager. “Every area is taking some steps, but they’re
all at different levels of maturity. This can be frustrating because progress is so slow.”
All agreed that the role of information steward needs to be better defined and incor-
porated into organizational and HR models. New performance metrics also need to be
established to monitor progress against these goals in ways that link IM activities to key
business objectives.
stage four: Build Information standards
Standards help ensure that quality, accuracy, and control goals can be met. When all
parts of an organization follow the same standards, it is relatively easy to simplify
the processes and technology that use a piece of information, said the focus group.
Conversely, different information standards used by different business groups will
inhibit effective IM. Setting information standards can be challenging, and it’s even
harder to actually implement them, participants noted. The latter is partly due to the
large number of legacy applications in most organizations and also because it is dif-
ficult to get funding for this work.
Not all information needs to be standardized, however—only that which is used
by more than one business unit. When information is used more broadly, a standard
needs to be established. A metadata repository is useful for this. This repository stores
information definitions; standards for use and change; and provides cross-references
for all models, processes, and programs using a particular piece of information. A meta-
data repository can be jointly used by the business, when beginning a new project, and
IT, when developing or modifying applications. It can be invaluable to both groups
(and the enterprise) in helping them to understand how their work will affect others,
thus preventing potential problems.
Typically, cross-functional working groups composed of business and IT staff
establish standards. “Metadata is really where the rubber meets the road,” said one
manager. “It can be a very powerful tool to prevent the duplication of data in the orga-
nization.” However, it is a huge undertaking and takes time to show value. “You need
strong IT executive support for this,” he said. “It is not something that those outside
of IT initially understand.” The focus group recommended starting with what exists
currently (e.g., a data warehouse), then growing from there. One firm initially estab-
lished a procedure that any changes to production systems had to update the metadata
repository first. “We weren’t prepared for the demand this created,” stated the manager
involved. “It’s much better to incorporate this step in front-end analysis than at the end
of development.”
Finally, education and awareness play an essential role at this stage. “We always
underestimate the importance of awareness,” said a participant. “We must make sure
that no project starts in the organization that doesn’t use standards. The only way to

148 Section II • IT Governance
do this is to keep this issue continually in front of our business executives.” The other
group members agreed. “Standards are the cornerstone of IM,” said one. “If they are
followed, they will ensure we don’t add further layers of complexity and new steps.”
Issues In Im
As with anything new, those involved with IM in their organizations face a host of
challenges and opportunities as they try to implement more effective processes and
practices around information. Some of these can be mixed blessings in that they are
both drivers of IM and complications (e.g., legislation). Others are simply new ways
of looking at information and new perspectives on the way organizations work. Still
others are genuinely new problems that must be addressed. When combined with the
fact that IM “belongs” exclusively to neither IT nor the business, these add up to a
huge organizational headache, especially for IT. “Sometimes the businesspeople are not
ready for the disciplines associated with IM,” said one manager. “If they’re not ready,
we move on to an area that is.” Another said, “Sometimes it’s more trouble than it’s
worth to involve the business, and we just do the work ourselves.”
Culture and Behavior
In the longer term, however, the focus group agreed that IM is something that all parts
of the organization will have to better understand and participate in. One of the most
comprehensive challenges is changing the culture and behavior surrounding informa-
tion. Marchand et al. (2000) suggest that six interdependent beliefs and behaviors are
needed by all staff to support a positive “information orientation.” These have been
strongly correlated to organizational performance when they are present with strong IT
and IM practices:
1. Integrity. Integrity “defines both the boundaries beyond which people in an
organization should not go in using information and the ‘space’ in which people
can trust their colleagues to do with information what they would do themselves”
(Marchand et al. 2000). Where integrity exists, people will have confidence that
information will not be used inappropriately.
2. Formality. Formality is the ability to trust formal sources of information
(as  opposed to informal ones). Formality enables an organization to provide
accurate and consistent information about the business and establish formal pro-
cesses and information flows that can be used to improve performance and provide
services to customers.
Standards require . . .
• A unique name and definition
• Data elements, examples, and character length (e.g., name prefix)
• Relationship rules
• Implementation requirements
• Spacing and order

Chapter 11 • Information Management: The Nexus of Business and IT 149
3. Control. Once formal information is trusted, it can be used to develop integrated
performance criteria and measures for all levels of the company. In time, these will
enable monitoring and performance improvement at the individual and work unit
levels and can be linked to compensation and rewards.
4. Transparency. Transparency describes a level of trust among members of an
organization that enables them to speak about errors or failures “in an open and
constructive manner without fear of unfair repercussions” (Marchand et al. 2000).
Transparency is necessary to identify and respond effectively to problems and for
learning to take place.
5. Sharing. At this level, both sensitive and nonsensitive information is freely
shared among individuals and across functional boundaries. Information
exchanges are both initiated by employees and formally promoted through pro-
grams and forums.2
6. Proactiveness. Ultimately, every member of an organization should be proac-
tive about acquiring new information about business conditions and testing new
Information risk management
The increasing breadth and scope of IT, combined with greater use of outsourcing and
mobility, has made information more vulnerable to both internal and external fraud
and has raised the level of risk associated with it. Management must, therefore, take
proactive measures to determine an appropriate risk/return trade-off for information
security. Costs are associated with information security mechanisms, and the business
must be educated about them. In some cases these mechanisms are “table stakes”—that
is, they must be taken if the company wants to “be in the game.” Other risks in informa-
tion security include internal and external interdependencies, implications for corpo-
rate governance, and impact on the value proposition. Risk exposures can also change
over time and with outsourcing, mobile applications, and cloud computing.
The focus group agreed that security is essential in the new world of IM. Today
most organizations have basic information protection, such as virus scanners, firewalls,
and virtual private networks. Many are also working on the next level of security, which
includes real-time response, intrusion detection and monitoring, and vulnerability analy-
sis. Soon, however, information security will need to include role-based identity and access
management. An effective information-security strategy includes several components:
• An information protection center, which classifies data, analyzes vulnerabilities, and
issues alerts
• Risk management
• Identity management, including access management, digital rights management,
and encryption technology
• Education and awareness
• Establishment of priorities, standards, and resource requirements
• Compliance reviews and audits
2 Privacy laws in many countries inhibit the sharing of personal information for any purpose other than that
for which it was collected. Customer information can, therefore, be shared only with consent.

150 Section II • IT Governance
Many of the decisions involved must be made by the lines of business, not IT, as
only the business can determine access rules for content and the other controls that will
facilitate identity and access management.
Information Value
At present, the economics of information have not yet been established in most organi-
zations. It is, therefore, often hard to make the case for IM investments not only because
the benefits are difficult to quantify but also because of the large number of variables
involved. A value proposition for IM should address its strategic, tactical, and opera-
tional value and how it will lower risk and develop new capabilities. Furthermore, an
effort should be made to quantify the value of the organization’s existing information
assets and to recognize their importance to its products and services.
Determining “value” is a highly subjective assessment. Thus, different compa-
nies and even different executives will define it differently. Most businesses define
value broadly and loosely, not simply as a financial concept (Ginzberg 2001). However,
because there is no single, agreed-on measure of information value, misunderstandings
about its definition can easily arise (Beath et al. 2012). Therefore, it is essential that
everyone involved in IM activities agree on what value they are trying to deliver and
how they will recognize it. Furthermore, value has a time dimension. It takes time for
an IM investment to pay off and become apparent. This also must be recognized by all
Concern for the privacy of personal information has been raised to new levels, thanks to
legislation being enacted around the world. All companies need enterprisewide privacy
policies that address the highest privacy standards required in their working environ-
ments. For example, if they operate globally, policies and practices should satisfy all
legislation worldwide. Privacy clearly should be both part of any long-term IM initia-
tives, and also what an organization is doing currently. As such, it is both an IM issue
and an initiative in its own right. Both existing processes and staff behavior will be
affected by privacy considerations. “Privacy is about respect for personal information
and fair and ethical information practices. Training should start with all new employees
and then be extended to all employees,” said a manager. Many countries now require
organizations to have a chief privacy officer. If so, this person should be a key stake-
holder in ensuring that the organization’s IM practices for data quality and accuracy,
retention, information stewardship, and security are also in keeping with all privacy
standards and legislation.
As with other IM initiatives, it is important that senior management under-
stand and support the changes needed to improve privacy practices over time. “Good
practices take time to surface,” said a manager. “It takes time and resources to ensure
all our frontline staff and our information collection and management processes are
compliant.” Accountabilities should be clearly defined as well. Ideally, IM policy and
stewards set the standards in this area with privacy specialists and operational staff
(in both IT and the business) responsible for implementing them. With the increase
in outsourcing, particularly to offshore companies, all contracts and subcontracting

Chapter 11 • Information Management: The Nexus of Business and IT 151
arrangements must be reviewed for compliance in this area. “Our company is still liable
for privacy breaches if they occur in one of our vendor firms,” noted a group member.
knowledge management
Although many organizations have been soured on knowledge management (KM)
because of its “soft and fuzzy” nature (Smith and McKeen 2004), the fact remains that
IM provides a solid foundation that will enable the organization to do more with what
it knows (see Figure 11.1). Even firms that do not have a separate KM function recog-
nize that better IM will help them build valuable structural capital. There are many
levels at which IM can be improved. At the most elementary, data warehouses can
be built and the information in them can be analyzed for trends and patterns. One
company is working on identifying its “single points of knowledge” (i.e., those staff
members who have specialized knowledge in an important area) and capturing this
knowledge in a formal way (e.g., in business processes or metadata). Many firms are
making customer information management a priority so they can use this information
to both serve their customers better and to learn more about them.3 This clearly cannot
be done unless information is integrated across processes and accessible in a usable
format (Beath et al. 2012; Smith and McKeen 2005b). Finally, information can be aggre-
gated and synthesized to create new and useful knowledge. For example, Wal-Mart
takes transaction-level information from its sales process and aggregates and analyzes
it to make it useful both to the sales process and to other areas of the business. It iden-
tifies trends and opportunities based on this analysis and enables information to be
viewed in different ways, leading to new insights.
the knowing–Doing gap
Most organizations assume that better information will lead to better decisions and
actions, but research shows that this is not always (or even often) the case. All too often
companies do not utilize the information they have. One problem is that we really
understand very little about how organizations and groups actually use information in
their work (Beath et al. 2012; Pfeffer and Sutton 2000). Some organizations do not make
clear links between desired actions and the acquisition and packaging of specific infor-
mation. Although this may seem like common sense, the focus group agreed that the
complex connections between decisions and actions are not always well understood.
Effective technology, strong IM practices, and appropriate behaviors and values are all
necessary to ensure the information–action connection is made (Smith et al. 2006).
gettIng starteD In Im
Although IM is not IT, the fact remains that IT is still largely driving IM in most orga-
nizations. Whether this will be the case in the longer term remains to be seen. Most
members would like to see the situation reversed, with the business driving the effort to
3 Customer information is particularly sensitive and may be analyzed only with a customer’s consent in many
countries. The need to monitor consents adds a further layer of complexity to this already challenging activity.

152 Section II • IT Governance
establish appropriate IM policies, procedures, stewardship, and standards and IT sup-
porting IM with software, data custodianship, security and access controls, information
applications and administration, and integrated systems. In the shorter term, however,
IT is working hard to get IM the attention it deserves in the business.
Focus group participants had several recommendations for others wishing to get
started in IM:
• Start with what you have. “Doing IM is like trying to solve world hunger,” said one
manager. “It just gets bigger and bigger the longer you look at it.” Even just listing all
of the information types and locations in the organization can be a daunting task, and
the job will probably never be fully complete. The group, therefore, recommended
doing an inventory of what practices, processes, standards, groups, and repositories
already exist in the organization and trying to grow IM from there. It is most impor-
tant to get the key information needed to achieve business objectives under control
first. For many companies, this may be customer information; for others, it may be
product or financial information. “It’s really important to prioritize in IM,” said a
manager. “We need to focus on the right information that’s going to have the biggest
return.” It may help to try to quantify the value of company information in some
way. Despite the fact that there is no accepted accounting method for doing so as yet,
some firms are adapting the value assessment methodologies used for other assets.
“When you really look at the value of information, it’s worth a staggering amount
of money. This really gets senior management attention and support,” noted a focus
group member.
A top-down approach is ideal, yet it may not always be practical. “It took
us over a year to get an information policy in place,” said a participant. “In the
meantime, there are significant savings that can be realized by taking a bottom-up
approach and cleaning up some of the worst problems.” Harnessing existing com-
pliance efforts around privacy, security, and the other types of regulation is also
effective. At minimum, these will affect information architecture, access to data,
document retention, and data administration for financial and personal informa-
tion (Smith and McKeen 2006). “We can take either an opportunity or a fear mindset
toward regulation,” said a manager. Companies that see compliance from a purely
tactical perspective will likely not see the value of increased controls. If, however,
they see regulation as a chance to streamline and revamp business processes and
the information they use, their compliance investments will likely pay off. Those
interested in IM can also take advantage of the dramatically elevated attention lev-
els of the board and executives to compliance matters.
• Ensure cross-functional coordination among all stakeholders. Business involve-
ment in IT initiatives is always desirable, and it is impossible to do IM without it.
“No IM effort should go ahead without fully identifying all areas that are affected,”
stated one manager. Typically, legal, audit, and the privacy office will have a keen
interest in this area. Equally typical, many of the business units affected will not
be interested in it. For operational groups, IM is often seen as bureaucratic over-
head and extra cost, which is why education and communication about IM are
essential. “You have to allow time for these groups to get on board with this con-
cept and come around to the necessity of taking the time to do IM right,” said a

Chapter 11 • Information Management: The Nexus of Business and IT 153
participant. He noted that this effort has to be repeated at each level of the orga-
nization. “Senior management may be supportive, but members of the working
groups may not really understand what we’re trying to accomplish.”
• Get the incentives right. Even with IM “socialization” (i.e., education and com-
munication), politics is likely to become a major hurdle to the success of any IM
efforts. Both giving up control and taking accountability for key pieces of infor-
mation can be hard for many business managers. Therefore, it is important to
ensure incentives are in place that will motivate collaboration. Metrics are an
important way to make progress (or the lack of it) highly visible in the organiza-
tion. One firm developed a team scorecard for its customer information working
group that reported two key measures to executives: the percentage of remain-
ing duplicate records and the percentage of “perfect” customer records. Each of
these was broken down into a number of leading indicators that helped focus
the group’s behavior on the overall effort rather than on individual territories.
Another firm linked its process and information simplification efforts to bud-
gets. The savings generated from eliminating duplicate or redundant information
(and its associated storage and processing) were returned to the business units
involved to be reinvested as they saw fit. This proved to be a huge motivator of
enterprise-oriented behavior.
• Establish and model sound information values. Because frontline workers, who
make many decisions about information and procedures, ultimately cannot cover
all eventualities, all staff need to understand the fundamental reasons for key com-
pany information policies and directives. Corporate values around information
guide how staff should behave even when their managers aren’t around. And they
provide a basis for sound decision making about information (IBM 2012; Stewart
2004). Others have noted that senior IT leadership should primarily be about
forming and modeling values, not managing tasks, and this is especially true for
IM, said the focus group. Values are particularly important, they noted, now that
staff are more mobile and virtual and, thus, more empowered. If such values are
effectively articulated and modeled by leaders, they will drive the development of
the appropriate culture and behaviors around information.
Information management is gaining increas-
ing attention in both IT and the business.
Driven by compliance and privacy legisla-
tion, the increasing vulnerability of corpo-
rate information, and the desire for greater
integration of systems, IM is beginning
to look like an emerging discipline in its
own right. However, the challenges facing
organizations in implementing effective
IM practices are many and daunting. Not
least is the need to try to conceptualize the
scope and complexity of work to be done.
Tackling IM is likely to be a long-term task.
IT managers have a huge communications
job ahead in trying to educate business lead-
ers about their responsibilities in informa-
tion stewardship, developing sound IM
practices, and inculcating the culture and
behaviors needed to achieve the desired
results. Developing a plan for tackling the

154 Section II • IT Governance
large and ever-increasing amount of infor-
mation involved is only the first step. The
more difficult effort will be involving every
member of the organization—from the board
to frontline workers—in seeing that it is
carried out effectively. Although IT can lead
this effort initially and provide substantial
support for IM, ultimately its success or fail-
ure will be due to how well the business does
its part.
Beath, C., I. Bercerra-Fernandez, J. Ross, and
J. Short. “Finding Value in the Information
Explosion.” MIT Sloan Management Review 53,
no. 4 (Summer 2012).
Ginzberg, M. “Achieving Business Value Through
Information Technology: The Nature of High
Business Value IT Organizations.” Report
commissioned by the Society for Information
Management Advanced Practices Council,
November 2001.
IBM. CEO Survey 2011: Leading through Connections
Executive Summary. Somers, NY: IBM Global
Business Services, May 2012, GBE03486-USEN-00.
Kettinger, W., and D. Marchand. “Driving Value
from IT: Investigating Senior Executives’
Perspectives.” Report commissioned by
the Society for Information Management,
Advanced Practices Council, May 2005.
Marchand, D., W. Kettinger, and J. Rollins.
“Information Orientation: People, Technology
and the Bottom Line.” MIT Sloan Management
Review 4, no. 41 (Summer 2000): 69–80.
Perez-Lopez, S., and J. Alegre. “Information
Technology Competency, Knowledge Processes
and Firm Performance.” Industrial Management
and Data Systems 112, no. 4 (2012): 644–62.
Pfeffer, J., and R. Sutton. The Knowing-Doing Gap.
Boston: Harvard Business School Press, 2000.
Smith, H. A., and J. D. McKeen. “Marketing KM to
the Business.” Communications of the Association
for Information Systems 14, article 23 (November
2004): 513–25.
Smith, H. A., and J. D. McKeen. “Information
Delivery: IT’s Evolving Role.” Communications
of the Association for Information Systems 15,
no. 11 (February 2005a): 197–210.
Smith, H. A., and J. D. McKeen. “A Framework
for KM Evaluation.” Communications of the
Association for Information Systems 16, no. 9
(May 2005b): 233–46.
Smith, H. A., and J. D. McKeen. “Customer
Knowledge Management: Adding Value
for Our Customers.” Communications of the
Association for Information Systems 16, no. 36
(November 2005c): 744–55.
Smith, H. A., and J. D. McKeen. “IT in the New
World of Corporate Governance Reforms.”
Communications of the Association for Information
Systems 17, no. 32 (May 2006): 714–27.
Smith, H. A., J. D. McKeen, and S. Singh. “Making
Knowledge Work: Five Principles for Action-
Oriented Knowledge Management.” Knowledge
Management Research and Practice 4, no. 2 (2006):
Stewart, T. Intellectual Capital: The New Wealth of
Organizations. New York: Doubleday, 1999.
Stewart, T. “Leading Change When Business Is
Good: An Interview with Samuel J. Palmisano.”
Harvard Business Review 82, no. 12 (December

Chapter 11 • Information Management: The Nexus of Business and IT 155
Appendix A
Elements of IM Operations
A. StRAtegy
• External environment
• Strategic planning
• Information life cycle
• Planning
• Program integration
• Performance monitoring
B. PeoPle
• Roles and responsibilities
• Training and support
• Subject-matter experts
• Relationship management
• Project management
• Change management
• Risk management
• Business continuity
• Information life cycle:
• Collect, create, and capture
• Use and dissemination
• Maintenance, protection, and
• Retention and disposition
D. teChnology AnD ARChiteCtuRe
• IM tools
• Technology integration
• Information life cycle: organization
• Data standards
e. CultuRe AnD BehAvioRS
• Leadership
• IM awareness
• Incentives
• IM competencies
• Communities of interest
F. goveRnAnCe
• Principles, policies, and standards
• Compliance
• IM program evaluation
• Quality of information
• Security of information
• Privacy of information

Mini CAse
Building Shared Services at RR
Vince Patton had been waiting years for this day. He pulled the papers together in front of
him and scanned the small conference room. “You’re fired,” he said to the four divisional
CIOs sitting at the table. They looked nervously at him, grinning weakly. Vince wasn’t
known to make practical jokes, but this had been a pretty good meeting, at least relative to
some they’d had over the past five years. “You’re kidding,” said Matt Dawes, one of the
more outspoken members of the divisional CIO team. “Nope,” said Vince. “I’ve got the
boss’s OK on this. We don’t need any of you anymore. I’m creating one enterprise IT orga-
nization, and there’s no room for any of you. The HR people are waiting outside.” With
that, he picked up his papers and headed to the door, leaving the four of them in shock.
“That felt good,” he admitted as he strode back to his office. A big man, not
known to tolerate fools gladly (or corporate politics), he was not a cruel one. But those
guys had been thorns in his side ever since he had taken the new executive VP of IT job
at the faltering RR Communications five years ago. The company’s stock had been in
the dumpster, and with the dramatically increased competition in the telecommunica-
tions industry as a result of deregulation, his friends and family had all thought he was
nuts. But Ross Roman, RR’s eccentric but brilliant founder, had made him an offer he
couldn’t refuse. “We need you to transform IT so that we can introduce new products
more quickly,” he’d said. “You’ll have my full backing for whatever you want to do.”
Typically for an entrepreneur, Roman had sketched the vision swiftly, leaving some-
one else to actually implement it. “We’ve got to have a more flexible and responsive IT
organization. Every time I want to do something, they tell me ‘the systems won’t allow
it.’ I’m tired of having customers complaining about getting multiple bills for each of our
products. It’s not acceptable that RR can’t create one simple little bill for each customer.”
Roman punctuated his remarks by stabbing with his finger at a file full of letters to the
president, which he insisted on reading personally each week. “You’ve got a reputation
as a ‘can do’ kind of guy; I checked. Don’t bother me with details; just get the job done.”
Vince knew he was a good, proactive IT leader, but he hadn’t been prepared
for the mess he inherited—or the politics. There was no central IT, just separate divi-
sional units for the four key lines of business—Internet, mobile, landline, and cable TV
service—each doing its own thing. Every business unit had bought its own hardware
and software, so introducing the common systems that would be needed to accomplish
Roman’s vision would be hugely difficult—that is, assuming they wanted them, which
they didn’t. There were multiple sales systems, databases, and customer service centers,
all of which led to customer and business frustration. The company was in trouble not
only with its customers but also with the telecommunications regulators and with its
4 Smith, H. A., and J. D. McKeen. “Shared Services at RR Communications.” #1-L07-1-002, Queen’s School of
Business, September 2007. Reproduced by permission of Queen’s University, School of Business, Kingston,
Ontario, Canada.

Building Shared Services at RR Communications 157
software vendors, who each wanted information about the company’s activities, which
they were legally entitled to have but which the company couldn’t provide.
Where should he start to untangle this mess? Clearly, it wasn’t going to be possible to
provide bundled billing, responsiveness, unified customer care, and rapid time to market
all at once, let alone keep up with the new products and services that were flooding into the
telecommunications arena. And he hadn’t exactly been welcomed with open arms by the
divisional CIOs (DIOs), who were suspicious of him in the extreme. “Getting IT to operate as
a single enterprise unit, regardless of the product involved, is going to be tough,” he admit-
ted to himself. “This corporate culture is not going to take easily to centralized direction.”
And so it was. The DIOs had fought him tooth and nail, resisting any form of integra-
tion of their systems. So had the business unit leaders, themselves presidents, who were
rewarded on the basis of the performance of their divisions and, therefore, didn’t give a hoot
about “the enterprise” or about anything other than their quarterly results. To them, central-
ized IT meant increased bureaucracy and much less freedom to pick up the phone and call
their buddy Matt or Larry or Helen, or Dave and get that person to drop everything to deal
with their latest money-making initiative. The fact that it cost the enterprise more and more
every time they did this didn’t concern them—they didn’t care that costs racked up: testing
to make sure changes didn’t affect anything else that was operational; creation of duplicate
data and files, which often perpetuated bad data; and loss of integrated information with
which to run the enterprise. And the fact that the company needed an army of “data cleans-
ers” to prepare the reports needed for the government to meet its regulatory and Sarbanes–
Oxley requirements wasn’t their concern. Everyone believed his or her needs were unique.
Unfortunately, although he had Roman’s backing in theory, in practice Vince’s posi-
tion was a bit unusual because he himself didn’t have an enterprise IT organization as
yet and the DIOs’ first allegiance was clearly to their division presidents, despite having
a “dotted line” reporting relationship to Vince. The result was that he had to choose his
battles very, very carefully in order to lay the foundation for the future. First up was rede-
signing the company’s internal computer infrastructure to use one set of standard tech-
nologies. Simplification and standardization involved a radical reduction of the number
of suppliers and centralized procurement. The politics were fierce and painful with the
various suppliers the company was using, simultaneously courting the DIOs and busi-
ness unit leaders while trying to sell Vince on the merits of their brand of technology for
the whole company. Matt Dawes had done everything he could to undermine this vision,
making sure that the users caused the maximum fuss right up to Roman’s office.
Finally, they’d had a showdown with Roman. “As far as I’m concerned, moving to
standardized hardware and software is nondiscussable,” Vince stated bluntly. “We can’t even
begin to tackle the issues facing this company without it. And furthermore, we are in seri-
ous noncompliance with our software licensing agreements. We can’t even tell how many
users we have!” This was a potentially serious legal issue that had to be dealt with. “I prom-
ised our suppliers that we would get this problem under control within eighteen months,
and they’ve agreed to give us time to improve. We won’t have this opportunity again.”
Roman nodded, effectively shutting down the argument. “I don’t really understand
how more standardization is going to improve our business flexibility,” he’d growled,
“but if you say so, let’s do it!” From that point on, Vince had moved steadily to consoli-
date his position, centralizing the purchasing budget; creating an enterprise architecture;
establishing a standardized desktop and infrastructure; and putting tools, metrics, and
policies in place to manage them and ensure the plan was respected by the divisions.

158 Section II • IT Governance
Dawes and Larry Hughes, another DIO, had tried to sabotage him on this matter yet
again by adopting another manufacturer’s customer relationship management (CRM)
system (and yet another database), hoping that it could be up and running before Vince
noticed. But Vince had moved swiftly to pull the plug on that one by refusing the project
access to company hardware and giving the divisional structure yet another black mark.
That episode had highlighted the need for a steering committee, one with teeth to
make sure that no other rogue projects got implemented with “back door funding.” But
the company’s entrepreneurial culture wasn’t ready for it, so again foundational work
had to be done. “I’d have had a riot on my hands if I’d tried to do this in my first few
years here,” Vince reflected as he walked back to his office, stopping to chat with some of
the other executives on his way. Vince now knew everyone and was widely respected at
this level because he understood their concerns and interests. Mainly, these were finan-
cial—delivering more IT for less cost. But as Vince moved around the organization, he
stressed that IT decisions were first and foremost business decisions. He spoke to his col-
leagues in business terms. “The company wants one consistent brand for its organization
so it can cross-sell services. So why do we need different customer service organizations
or back-end systems?” he would ask them. One by one he had brought the “C”-level
executives around to at least thinking about the need for an enterprise IT organization.
Vince had also taken advantage of his weekly meetings with Roman to demonstrate
the critical linkage between IT and Roman’s vision for the enterprise. Vince’s motto was
“IT must be very visible in this organization.” When he felt the political climate was
right, he called all the “Cs” to a meeting. With Roman in the room for psychological
support, he made his pitch. “We need to make all major IT decisions together as a busi-
ness,” he said. “If we met monthly, we could determine what projects we need to launch
in order to support the business and then allocate resources and budgets accordingly.”
Phil Cooper, president of Internet Services, spoke up. “But what about our specific
projects? Won’t they get lost when they’re all mixed up with everyone else’s? How do
we get funding for what we need to do?”
Vince had a ready answer. “With a steering committee, we will do what’s best for
the organization as a whole, not for one division at the expense of the others. The first
thing we’re going to do is undertake a visioning exercise for what you all want our busi-
ness to look like in three years, and then we’ll build the systems and IT infrastructure to
support that vision.”
Talking the language of business had been the right approach because no one
wanted to get bogged down in techno-jargon. And this meeting had effectively turned
the tide from a divisional focus to an enterprise one—at least as far as establishing a steer-
ing committee went. Slowly, Vince had built up his enterprise IT organization, putting
those senior IT managers reporting to him into each of the business divisions. “Your job
is to participate in all business decisions, not just IT ones,” he stated. “There is nothing
that happens in this company that doesn’t affect IT.” He and his staff had also “walked
the talk” over the past two years, working with the business to identify opportunities for
short-term improvements that really mattered a lot to the divisions. These types of quick
wins demonstrated that he and his organization really cared about the business and
made IT’s value much more visible. He also stressed accountability. “Centralized units
are always seen to be overhead by the business,” he explained to his staff. “That’s why
we must be accountable for everything we spend and our costs must be transparent.
We also need to give the business some choices in what they spend. Although I won’t

Building Shared Services at RR Communications 159
compromise on legal, safety, or health issues, we need to let them know where they can
save money if they want. For example, even though they can’t choose not to back up
their files, they can choose the amount of time it will take them to recover them.”
But the problem of the DIOs had remained. Used to being kings of their own king-
doms, everything they did appeared to be in direct opposition to Vince’s vision. And it
was apparent that Roman was preaching “one company” but IT itself was not unified.
Things had come to a head last year when Vince had started looking at outsourcing.
Again the DIOs had resisted, seeing the move as one designed to take yet more power
away from them. Vince had offered Helen a position as sourcing director, but she’d
turned it down, seeing it as a demotion rather than a lateral move. The more the DIOs
stonewalled Vince, the more determined he became to deal with them once and for all.
“They’re undermining my credibility with the business and with our suppliers,” Vince
had complained to himself. “There’s still so much more to do, and this divisional struc-
ture isn’t working for us.” That’s when he’d realized he had to act or RR wouldn’t be
able to move ahead on its next project: a single customer service center shared by the
four divisions instead of the multiple divisional and regional ones they had now.
So Vince had called a meeting, ostensibly to sort out what would be outsourced
and what wouldn’t. Then he’d dropped the bombshell. “They’ll get a good package,”
he reassured himself. “And they’ll be happier somewhere else than always fighting
with me.” The new IT organizational charts, creating a central IT function, had been
drawn up, and the memo appointing his management team had been signed. Vince
sighed. That had been a piece of cake compared to what he was going to be facing now.
Was he ready for the next round in the “IT wars”? He was going to have to go head to
head with the business, and it wouldn’t be pretty. Roman had supported him in getting
the IT house in order, but would he be there for the next step?
Vince looked gloomily at the reports the DIOs had prepared for their final meeting.
They documented a complete data mess—even within the divisions. The next goal was
to implement the single customer service center for all divisions, so a customer could
call one place and get service for all RR products. This would be a major step forward in
enabling the company to implement new products and services. If he could pull it off,
all of the company’s support systems would, for the first time, talk to each other and
share data. “We can’t have shared services without common data, and we can’t have
good business intelligence either,” he muttered. Everything he needed to do next relied
on this, but the business had seen it differently when he’d last tried to broach the subject
with them. “These are our data, and these are our customers,” they’d said. “Don’t mess
with them.” And he hadn’t . . . . but that was then. Now it was essential to get their infor-
mation in order. But what would he have to do to convince them and to make it happen?
Discussion Questions
1. List the advantages of a single customer service center for RR Communications.
2. Devise an implementation strategy that would guarantee the support of the
divisional presidents for the shared customer service center.
3. Is it possible to achieve an enterprise vision with a decentralized IT function?
4. What business and IT problems can be caused by lack of common information and
an enterprise IM strategy?
5. What governance mechanisms need to be put in place to ensure common customer
data and a shared customer service center? What metrics might be useful?

Mini CAse
Enterprise Architecture
at Nationstate Insurance5
Jane Denton looked around at her assembled senior IT leadership team waiting to hear
what she was going to say. Most were leaning forward eagerly, though some appeared
more cautious. They were a good team, she knew, and she wanted to lead them well.
A seasoned CIO, with a whole career behind her in IT, Jane was the newly appointed
global CIO of Nationstate Insurance. This would be her last job before retirement in
three years and she wanted to find a way to make a lasting difference in this company.
Nationstate was an excellent company—Jane had done her homework. It was one of
the largest in the United States, with a worldwide presence in personal and commercial
insurance, and had recently been voted one of Forbes’ “Best Big Companies.” It had
good systems, good user–IT relationships, and good people. But the company aspired
to be great and Jane wanted to help them by taking IT to the next level. She knew that
the world was changing—largely as a result of technology—and she knew that IT and
its traditional approach to systems development was also going to have to change.
“Our IT function needs to become more cutting edge in adopting emerging technolo-
gies,” she had told the CEO shortly after she was hired, “and we need to become more
flexible and agile in our approach to development work.” Now she had this time and
this team to accomplish her goals.
However, it was much easier said than done. Like almost every large organiza-
tion, Nationstate had a hodgepodge of different systems, data, and processes—most
serving just one of its six business units (BUs). Nationstate’s decentralized structure
had served it well in the past by enabling individual BUs to respond quickly to chang-
ing market needs but a couple of years before Jane’s arrival, recognizing the need for
some enterprise thinking, the CEO had created a federated structure with some central-
ized functions, including parts of IT. So some of IT was now centralized and shared by
all the BUs (e.g., operations) and reported directly to Jane, while the rest (e.g., system
development) was decentralized. Each BU had its own CIO and IT staff who reported
jointly to the BU’s president and to Jane.
This potentially unwieldy structure was made more palatable by the fact that the
business unit CIOs had great business knowledge and were well trusted by their presi-
dents. In fact, it was central IT that was often seen as the roadblock by the BUs. She had
never led an IT organization like it, she reflected, and in her first few months, she had
made a considerable effort to understand the strengths and weaknesses of this model
and how responsibilities had been divided between centralized enterprise services
and the decentralized IT groups (each quite large themselves) in the business units.
5 Smith, H. A., and J. D. McKeen. “Enterprise Architecture at Nationstate Insurance.” #1-L11-1-001, Queen’s
School of Business, September 2007. Reproduced by permission of Queen’s University, School of Business,
Kingston, Ontario, Canada.

Enterprise Architecture at Nationstate Insurance 161
Now she thought she had a good enough handle on these that she could begin work
with her senior leadership team (the BU CIOs) to develop a plan to transform IT into
the kind of technology function Nationstate would need in the years to come.
“I know you are both enthusiastic and apprehensive about transformation,”
she said. “We have a great organization and no one wants to lose that. We need to be
responsive to our business needs but we also need to incorporate new development
techniques into our work, do a better job with emerging technologies, and begin to
rationalize our application and technology portfolios. We have duplicate systems, data
and software all over the place. Our CEO and the BU Presidents want to see us use our
technology resources more efficiently, but more than that, they want our leadership in
using technology effectively for the organization as a whole. We can’t do this if we’re all
working in separate silos.”
Heads began nodding around the room as she continued. “At present, every busi-
ness unit has its own IT architecture and architects and each of you believe you are mak-
ing the ‘right’ technology decisions but you are all doing it differently.” The head nodding
stopped and a mood of wariness took over. “No one in our organization has the big pic-
ture of what we have and where we need to go. We have to learn what makes sense for
us to do at an enterprise level and what’s best left in the business units. Architecting our
technology, information, business and applications properly is the key to doing it right.”
“What exactly are you proposing?” asked Owen Merton, CIO of the Casualty
Division. “I think you’re right that we need an enterprise architecture, but I don’t want
to lose the good work we’ve done at the BU level.”
“Well, I really want to centralize all architecture,” said Jane. “I think that’s what
works best in other organizations and that’s going to be the most effective way to make
it work here. BUT . . .” she added, “I’d like to speak with each of you individually and
with your senior architects before I do. I’m open to your ideas as long as they address
the needs that I’ve just outlined.”
Over the next two weeks, Jane listened carefully to what the divisional CIOs had
to say. They all agreed with Merton that the relationships with the BUs were extremely
important and centralizing architecture had to be done carefully. All of them had heard
horror stories about the “architecture police” in other companies—hard-line techies
who set standards and created blueprints and insisted on them being followed in spite
of the difficulties their policies caused for the business.
“Architecture can’t live in an ivory tower,” explained Vic Toregas, CIO of Claims.
“It has to be rooted in the reality of our business and it can’t be seen to slow things
down.” Jane agreed. “We must make sure that our architecture function is designed and
managed to ensure rapid delivery to the business.”
On the other hand, Nick Vargo, CIO of Group Health, was concerned that without
a strong enforcement mechanism, standards wouldn’t be followed. “What’s the point of
having standards if we don’t enforce them?” he asked.
Jane’s head whirled. It wasn’t going to be easy to strike the right balance
between developing a good, sustainable process that would provide a blueprint for
where the company needed to go and enable the company to build the common capa-
bilities it would need for the future, while delivering solutions quickly and flexibly
for the BUs. “What we don’t need is a ‘Winchester Mystery House’,” she reflected,
recalling the famous local house whose owners kept adding to it over many years
with no overall plan.

162 Section II • IT Governance
She became more worried when she began to speak with the BU architects, with
an eye to appointing one of them as her chief enterprise architect. They seemed to be
technically competent but were not what she would call “relationship people” or busi-
ness strategists. The job, as she envisioned it, would combine strong leadership skills,
a good understanding of the business, and excellent communication skills to translate
why the business should care about architecture, with strong technical skills. Her day
became a bit brighter when she began her final interview with Seamus O’Malley, the
senior architecture manager of the commercial BU.
As they spoke, Jane was impressed with his vision and pragmatism, as well as his
strong communication skills. By the end of the hour she knew she had found her new
chief enterprise architect. “I’d like you to take this new job,” she told him. “I think you
are the right person to ensure we have the standards, tools and practices in place to
develop a common architecture for Nationstate.” Seamus thought for a moment before
replying. It was a great offer but he had his doubts that Jane’s plan would work and this
situation had to be carefully handled.
“Thank you for your faith in me,” he began diplomatically, “but I would like to
suggest a slight modification to your plan. You see, I’ve been an architect in central-
ized organizations and there has always been an ‘us versus them’ mentality between
the architecture group and both the rest of IT and the business units.” Jane recalled
the horror stories of the “architecture police.” “So what I’d like to propose is a com-
promise. I would become Chief Enterprise Architect but I would also remain Senior
Architecture for Commercial and involve the other BU Senior Architects in creating a
strong enterprise architecture that works for us all. That way, no one will see me as just
‘the enterprise guy’ and whatever standards we set and decisions we make centrally
will affect me in Commercial, just like they’ll affect all the other BUs. When the other
business units see that I’m willing to eat my own dog food, I think they’ll be more ready
to accept the standards and changes we’ll be introducing.”
While not sure the compromise would work, Jane agreed to try it for a year and
Seamus set out to build a centralized architecture function from scratch. With the
authority given to him by Jane, all of the BU senior architects now had a dual reporting
relationship—to their CIO and to him as the chief architect.
At their first weekly meeting with the BU senior architects, Seamus outlined
his role and agenda. “As you know, each of us has been individually responsible for
developing an effective IT architecture for our business units but we haven’t done any
coordination between them. That is no longer good enough for our business needs and
I, with your help, have been given the job of establishing an enterprise architecture that
will create an enterprise technology blueprint for Nationstate, which we will all have to
follow in the business units. I want to work collaboratively with you so that we come
up with a plan and processes that will work for each of us in the business units, as well
as for the enterprise as a whole. We will need to build our enterprise architecture slowly
but steadily so that people will trust us, and that means having good governance, good
processes and a collaborative approach to this work,” he stated. “Our first priority is
building strong relationships with both Jane and the other CIOs and our BU Presidents.
Enterprise Architecture sits in the middle between these groups, so good relationships
are essential.” “However,” he continued. “We are going to need a way to establish and
enforce standards—enterprise ones, not the ones you have now—and this is going to be
difficult to explain.”

Enterprise Architecture at Nationstate Insurance 163
“I’ll say,” remarked Sarah Jensen, the senior architecture manager from Personal
Insurance. “What do we say when the business asks why they can’t do something that’s
important to them because our ‘standards’ won’t let them?”
“That’s a good question Sarah,” said Seamus. “And it gets right to the heart of
why architecture is important. We need to present architecture in ways that are easy for
the business to understand, without scaring or threatening them. For example, we need
an application reduction strategy designed to eliminate duplication, reduce complexity
and save money. The business already understands the pain of having to jump from
system to system and knows that owning two cars is more expensive than one. If we
explain it to them in this way, they will understand the advantages of having a single
system and a single workflow.”
“But isn’t good architecture about more than cost savings?” asked Michael Lee,
senior architecture manager from Claims. “We need to develop a foundation of com-
mon information, tools and processes so that we’re not reinventing the wheel going into
the future. And someone needs to decide what new technologies we’re going to need
and where we’re going to use them. There are so many new applications and devices
coming out every day now, we’re going to be in a real mess if we don’t do this properly.”
“You’re exactly right,” said Seamus. “These things do have to be managed for
the good of the enterprise—both to make it more effective and more efficient. But it’s
how we manage them that’s important. If we put lots of bureaucracy in place and don’t
add value, no one is going to support us and they’ll find ways to undermine what we
are trying to do. We can’t take a ‘field of dreams’ approach to architecture. We need to
attach our work to real business value and real projects. Once our leaders understand
this, we’ll get their support.”
“So here’s our challenge,” Seamus told his assembled team a few minutes later.
“We need to design an Enterprise Architecture function that does all these things. It’s
got to be a process that comes up with the standards and guidelines that each of you
can live with and support in the BUs. And, as you know, I myself will have to live with
them in Commercial as well.”
“Here’s what I believe we need to accomplish as soon as possible,” he stated,
flashing a PowerPoint slide on the screen:
1. An enterprise governance process to set architecture strategy, policies and stan-
dards for technology, applications, and information that reflects the federated struc-
ture in the organization.
2. A means of monitoring that all new projects comply with the agreed-upon archi-
tecture while ensuring that this process doesn’t present an obstacle to getting IT
projects completed quickly.
3. A process for allowing “variances” to the current standards, if necessary, and a way
to manage them back to the agreed-on standards.
4. A means of identifying important new IT capabilities and services that should be
shared by the enterprise.
5. A means of evaluating emerging new technologies and setting standards for them.
6. Identifying roles and responsibilities for the enterprise architecture function and
the LOB architecture functions.
7. Developing a means of incorporating feedback and continuous improvement into
our work.

164 Section II • IT Governance
“I want to blend and weave our work into the architecture teams we already have
in the business units as much as possible,” Seamus concluded. “This will keep us close
to business needs and enable us to get enterprise value from the teams we have in place.
And I don’t want to add any more process than we need to at an enterprise level. For
example, if the Claims group needs a new technology, their architecture group could do
the preliminary evaluation and make recommendations for what we should do. But we
need to ensure that the resulting decision is a good one for the entire enterprise.”
“I’ve got to report back to Jane in a month, so I’d like you to think about what
might and might not work for your division and for us as an enterprise. I’ve scheduled
a couple of working sessions for us over the next two weeks so we can hash this out.
We have an exciting opportunity to take IT to the next level at Nationstate if we do this
right, so let’s not mess this up.”
Discussion Questions
1. List and describe all of the potential benefits (and costs) that Nationstate would
realize from the establishment of an enterprisewide architecture as envisioned by
Jane Denton?
2. Build a business case for Seamus O’Malley to present to the senior management
team at Nationstate in order to get their buy-in. In addition to benefits and costs, the
business case must answer the “what’s in it for me” question that the BU 3presidents
all have.
3. Seamus O’Malley is rightfully worried about governance (i.e., making sure that the
enterprise architectural standards are adopted by all BUs). Both he and Jane are
wary of forced compliance because such measures lead to “architecture police.”
What governance procedures could they put in place that would win “hearts and
minds”; that is, BU architects would comply with the enterprise architecture stan-
dards because they believe in them—not because they are forced to comply with them?

Mini CAse
IT Investment at North American
Caroline Weese checked her makeup and then glanced at her watch for the tenth time.
Almost 10:45. Showtime. As North American Financial’s (NAF) first female CIO, she
knew she had to be better than good when she met with the company’s senior execu-
tives for the first time to justify her IT budget. They had shown their faith in her three
months ago by giving her this position, when NAF’s long-serving senior vice president
of IT had had to retire early due to ill health. But women were just beginning to crack
the “glass ceiling” at the bank, and she knew there was a lot more riding on this presen-
tation than just this budget.
That said, the budget situation wasn’t great. As she well knew from her earlier
experience in more subordinate roles, the CIO had the unenviable task of justifying the
company’s $500 M budget to a group of executives who only saw the expense of IT, not
its value. This was especially frustrating because NAF’s IT management was excellent,
when looked at by any standard. NAF’s IT group consisted of almost 7,000 profession-
als who followed all the recommended standards such as CMM, CMMI, ISO9001, and
ITIL to ensure that its IT processes were efficient, cost effective, and on par with, if not
higher than, industry standards. It had been certified at a minimum Level 3 CMMI and
was an industry leader in delivering projects on time, on budget, and in scope. But in
the past few years, NAF executives had implemented rigorous cost containment mea-
sures for IT, leaving the CIO to struggle to be all things to all people.
“They want innovation, they need reliability and stability, and we’re required by
law to meet ever-more stringent government regulations, but they’re still nickel-and-
diming us!” Caroline thought indignantly. She envied the bank’s business units that
could clearly show profit-and-loss statements, and their ability to make strategic deci-
sions about what to do with the excess capital they often had. In her world, business
strategies changed regularly and, thus, IT’s goals had to as well. But strategies were not
linked to budgets, which were typically set six to nine months in advance. As a result,
IT was always struggling to keep up and find the resources to be flexible.
She squared her shoulders, took a deep breath, pasted a smile on her face, and
pushed open the door to the executive conference room to face her colleagues and her
future. The room was full of “suits”—a few females here and there, but mostly tough,
middle-age males who expected answers and action. Following a few pleasantries
about how she was adjusting to her new role, they got down to business. “The thing
we’re most concerned about, Caroline,” said Bill Harris, NAF’s CEO, “is we simply
don’t see where we’re getting value from our IT investments. There’s no proof in the
bottom line.” The CFO added, “Every year we approve hundreds of millions of dollars
6 Smith, H. A., and J. D. McKeen. “IT Investment at North American Financial.” #1-L09-1-001, Queen’s School
of Business, October 2009. Reproduced by permission of Queen’s University, School of Business, Kingston,
Ontario, Canada.

166 Section II • IT Governance
for IT projects, which are supposedly based on sound cost–benefit analyses, but the
benefits never materialize.” Heads around the room began nodding.
Caroline’s mind was whirling. What did they really want from her? Pulling her
thoughts together quickly, she responded. “If you’re looking for IT to tell you which
projects will deliver the most business value, or if you want me to monitor the busi-
ness units after the projects they asked for are implemented to see if they are delivering
value, you’re asking me to do something that’s well beyond IT’s scope of expertise.
We’re not the experts in your business case, and it shouldn’t be up to us to monitor
how you use the technology we give you. I’ll take full responsibility for the quality of
our work, its timely delivery, and its cost, but we really have to work together to ensure
we’re investing in the right projects and delivering benefits.”
“What do you recommend then?” asked Sam Patel, head of Retail Banking.
“I  think we need an IT Investment Committee that I would co-lead jointly with you,
Matt,” Caroline said while looking pointedly at the CFO. “We need a strong partnership
to explore what can be done and who should be responsible for doing it. Finance is the
only place where all the money comes together in this organization. Although I have
to pull together an IT budget every year, it’s really contingent on what each business
unit wants to spend. We don’t really have an enterprise IT budgeting process that looks
across our business silos to see if what we’re spending is good for NAF as a whole.”
Matt Harper looked thoughtful. “You could be on to something here, Caroline. Let’s see
if we can figure this out together.”
The rest of the meeting passed in a blur, and before Caroline knew it, she and Matt
were trying to identify who they should assign to help them look at their IT investment
challenges. These were significant. First, there was inconsistent alignment of the total
IT development budget with enterprise strategies. “We have enterprise strategies but
no way of linking them to enterprise spending,” Caroline pointed out. IT budgets were
allocated according to the size of the business unit. Smaller lines of business had smaller
IT budgets than larger ones. “For some small business units like ours, government man-
datory projects eat up our entire IT budget,” complained Cathy Benson, senior vice
president of Business Banking Product Management. This made it extremely difficult
to allocate IT resources strategically—say, for example, to grow a smaller business unit
into a larger one.
Second, project approvals were made by business units without addressing cross-
unit synergies. Looking at the projects IT had underway revealed that the company had
eighteen separate projects in different parts of the business to comply with anti–money
laundering regulations. “We’ve got to be reinventing the wheel with some of these,”
complained Ian Ha, senior director of NAF’s Risk and Compliance department.
Third, although business cases were required for all major projects, their formats
were inconsistent, and the data provided to justify the costs lacked rigor. “There seems
to be a lot of gaming going on here,” observed Michael Cranston, director of Financial
Strategy. “A lot of these numbers don’t make sense. How come we’ve never asked the
business sponsors of these projects to take ownership for the business benefits they
claim when they ask for the money in the first place?”
Fourth, once a project was approved, everyone focused on on-time, on-budget
delivery. No one ever asked whether a project was still necessary or was still on track to
deliver the benefits anticipated. “Do we ever stop projects once they’ve started or review
the business case ‘in-flight’?” mused Matt. Finally, no one appeared to be accountable

IT Investment at North American Financial 167
for delivering these benefits once an IT project was developed and implemented; rather,
everyone just heaved a great sigh of relief and moved on to the next project.
Because the total IT budget for new development work was allocated by business
unit, the result was a prioritization process that worked reasonably well at the business
unit level but not for NAF as a whole. Enterprise executives created enterprise strate-
gies, but they didn’t get involved in implementing them in the business units, which
left the business unit heads to prioritize initiatives within their own silo. In prioriti-
zation meetings, leaders would argue passionately for their own particular cause and
focusing on their own needs, not on NAF’s overall strategies. “We really need to align
this process with our enterprise priorities,” said Caroline. Matt agreed. “There’s got to
be a process to bring all our investment decisions for new projects together so we can
compare them across business units and adjust our resourcing accordingly.”
Looking deeper into these matters revealed that there was more to IT spending
than simply prioritizing projects, however. Almost 60 percent of the bank’s IT budget
was spent not on strategic new development projects but on maintaining existing
systems, interfaces, and data. And another 20 percent was work that had to be done
to meet the demands of government legislation or the bank’s regulators. “How is
this possible?” asked Sam. “No wonder we’re not getting much ‘bang for our buck’!”
Caroline exclaimed. “Every time we develop or acquire a new system without getting
rid of something else, we add to our ‘application clutter.’ When we continually add new
systems while holding IT budgets and head counts relatively flat, more and more of our
resources have to be devoted to supporting these systems.” New systems meant new
interfaces between and among existing systems, additional data and dependencies, and
increasing risk that something could go wrong. “We’ve tried to get the business units
interested in sponsoring an initiative to reduce duplication and simplify our applica-
tions portfolio, but they’re not interested in what they call ‘IT housekeeping.’ They
don’t see how dealing with this will help them in the long run. I guess we haven’t
explained it to them very well.”
Brenda Liu, senior director of IT Infrastructure, added, “We also have to keep our
IT environment up to date. Vendors are continually making upgrades to software, and
there are also license fees to consider. And, as you know, we have to build in extra
reliability and redundancy for our critical systems and data, as well as privacy protec-
tion for our banking customers. It’s an expensive process.” “I get all this,” said Benson,
“but why can’t you explain it to us properly? How can you just expect us to accept
that 80 percent of your budget is a ‘black box’ that doesn’t need justification? Although
every dime you spend may be critical to this company, the fact remains that IT’s lack of
transparency is damaging its internal credibility with the business.”
Round and round the issues they went. Over the next two months, Caroline, Matt,
and their team hammered away at them. Eventually, they came up with a set of five
principles on which their new IT investment process would be based:
1. Alignment of the IT development portfolio with enterprise strategies
2. Rigor and common standards around IT planning and business casing
3. Accountability in both business and IT for delivering value
4. Transparency at all levels and stages of development
5. Collaboration and cross-group synergies in all IT work

168 Section II • IT Governance
In their team update to the bank’s executive committee, Caroline and Matt wrote,
“Our vision is for a holistic view of our IT spending that will allow us to direct our
resources where they will have the greatest impact. We propose to increase rigor and
discipline in business casing and benefits tracking so NAF can invest with confidence
in IT. The result will be strategic partnerships between IT and business units based on
trust, leading us to surprise and delight our customers and employees and amaze our
With the executive committee’s blessing, the IT Investment Office was created
to design and implement a detailed investment optimization process that could be
implemented throughout the bank in time for the next budget cycle. Cathy Benson was
named its new director, reporting to Matt. Speaking to her staff after the announcement,
Caroline stated, “I really believe that getting this work out of IT and into the business
will be critical for this process. We need to make the decision-making process clearer
and more collaborative. This will help us learn how to jointly make better decisions for
the enterprise.”
With the hand-off from IT officially in place, Cathy and Matt knew they had to
move quickly. “We’ve got three months before the next budget cycle begins,” said Matt.
“You’ve got to make it real by then. I’ll back you all the way, but you’re going to have
to find some way to deal with the business unit heads. They’re not going to like having
their autonomy for decision making taken away from them. And you have to remember
they need some flexibility to do work that’s important to them.” Cathy nodded. She
had already heard some of the negative rumors about the process and knew she was
going to have to be tough if it was going to be successful and not torpedoed during its
Calling her project team together for its first meeting, she summarized their
challenge. “We have to design and implement three interrelated practices: a thorough
and rigorous method of project categorization and prioritization, comprehensive and
holistic governance of IT spending and benefits delivery at all levels, and an annual
IT planning process that provides transparency and accountability for all types of IT
spending and which creates an integrated and strategically aligned development
portfolio. Then we have to roll it out across the organization. And the change manage-
ment is going to be massive. Now, who has any ideas about what to do next?”
Discussion Questions
Cathy Benson, the director of the newly created IT Investment Office, is tasked with the
“design and implementation of a detailed investment optimization process to be imple-
mented throughout the bank in time for the next budget cycle.” She has three months
to do this and it must be in accordance with the five established principles to guide the
bank’s IT investment process. Your task is to design and implement the following:
1. A thorough and rigorous method of project categorization and prioritization.
2. A comprehensive and holistic governance of IT spending and benefits delivery at all
3. An annual IT planning process that provides transparency and accountability for all
types of IT spending and that creates an integrated and strategically aligned devel-
opment portfolio.

S e c t i o n i i i
IT-Enabled Innovation
Chapter 12 Innovation with IT
Chapter 13 Big Data and Social Computing
Chapter 14 Improving the Customer Experience: An IT Perspective
Chapter 15 Building Business Intelligence
Chapter 16 Enabling Collaboration with IT
Mini Cases
■ Innovation at International Foods
■ Consumerization of Technology at IFG
■ CRM at Minitrex
■ Customer Service at Datatronics

C h a p t e r
12 innovation with it1
It is well known that innovation with IT enables new business models (e.g., Amazon, iTunes), new products and services (e.g., tablets, mobile banking), new or improved processes (e.g., ERP, supply chain), and cost savings (e.g., self-service, offshore
sourcing). Yet, such innovation is still very much a hit-or-miss proposition. For as
many successful innovations as there are with technology, there are an equal or greater
number of failures. Furthermore, although it is possible to do many innovative things
with technology, it is much more difficult to find the ones that will deliver real and sus-
tainable value to an organization.
IT organizations have always been expected to improve what is currently being
done but it is much more difficult to undertake something that is different from what has
traditionally been done. When innovating with technology, not only must the market
be ready for the innovation (i.e., timing), but also network effects and complementary
products and services must be available for it to succeed (e.g., one telephone is not
very  useful; mobile banking failed before the introduction of smart phones). Finally,
many innovations fail because an organization’s culture cannot sustain or exploit
them (e.g., Kodak with digital imaging). In short, successful innovation is still a bit of
a mystery and many IT leaders are trying to explore how best to operationalize it to
deliver real business value.
This chapter explores innovation—an organization’s need to reinvent its products
and services and occasionally itself—with a focus on IT-enabled innovation. We begin
by examining why innovation is critical, and how/why IT is driving most innova-
tion today. Following this, we examine various types of innovation. Then we present a
typical innovation life cycle and examine some of the challenges encountered by orga-
nizations when attempting to achieve innovation. In the final section of this chapter, we
offer advice for managing IT-enabled innovation.
1 This chapter is based on the authors’ previously published article, McKeen, J. D., and H. A. Smith. “Strategic
Experimentation with IT.” Communications of the Association for Information Systems 19, article 8 (January 2007):
132–41. Reproduced by permission of the Association for Information Systems.

Chapter 12 • Innovation with IT 171
The Need for INNovaTIoN: aN hIsTorIcal PersPecTIve
It is well-established that the need to innovate is necessary for long-term organiza-
tional survival (Christensen and Raynor 2003; Hamel and Välikangas 2003). According
to Christensen (1997), there are two types of innovation: sustaining and disruptive.
Sustaining innovation improves an existing product or enhances an existing service for
an existing customer. In contrast, disruptive innovation targets noncustomers and deliv-
ers a product or service that fundamentally differs from the current product portfolio.
Sustaining innovation leaves organizations in their comfort zone of established mar-
kets, known customers, and realizable business models. Disruptive technologies enjoy
none of these benefits. To be successful for the initiating organization, the disruptive
innovation must meet two basic requirements: it must create value as perceived by cus-
tomers, and it must enact mechanisms to appropriate or capture a fair share of this
new value (Henderson et al. 2003). For other organizations and particularly dominant
players, disruptive innovation can be devastating. Christensen (1997) refers to this as
“the innovator’s dilemma.” For an excellent discussion of disruptive technologies and a
review of six leading theories of innovation, see Denning (2005).
Innovation comes about through organizational change, and here, too, we see
two dominant forms: continuous change versus punctuated equilibrium. Brown and
Eisenhardt (1997) describe continuous change as “frequent, relentless, and perhaps
endemic to the firm,” whereas the punctuated equilibrium model of change “assumes
that long periods of small, incremental change are interrupted by brief periods of
discontinuous, radical change.” In this latter case, change is primarily seen as “rare,
risky, and episodic.” Although it is tempting to equate sustaining innovation with
continuous change and disruptive innovation with punctuated equilibrium, it is
not so simple. In fact, Brown and Eisenhardt (1997) cite examples of firms that have
successfully reinvented themselves through continuous change as opposed to abrupt,
punctuated change. These authors suggest “in firms undergoing continuous change,
innovation is intimately related to broader organization change.”
The Need for INNovaTIoN Now
Today, there is an increased sense of urgency about innovation with technology. “Our
business partners now ‘get’ the importance of IT,” said one manager. “But they’re
looking for IT to tell them what’s possible.” Another added, “They’re telling us ‘We
don’t know what we don’t know’ and they expect IT to make new things possible.”
What this means is that IT leaders are being challenged by business leaders to spear-
head innovation in their organizations. This is a new mandate for IT.
Different industries are feeling different levels of pressure about innovation.
At  level one, experienced by virtually every industry, new forms of technology are
driving up the expectations of both business and consumers for more mobility, more
usability, more customer-friendliness, and more cost-effectiveness. “There’s a market-
place shift happening towards the customer,” said a manager. “We are moving from
being product and process-centric to being customer-centric.” This shift is driving
more horizontal views in the organization and demand for end-to-end processing, as
opposed to the deeply vertical, siloed perspectives of the past.

172 Section III • IT-Enabled Innovation
Within level two industries, there is a belief that IT can be a strategic differentia-
tor for an organization and that technology is a fundamental component of business
strategy. “Our business sees technology as the key to new growth,” said a manager.
Unfortunately, this pressure plus the greater availability of technology in the cloud is
leading some in the business world to “take technology decisions into their own hands”
and “do an end-run” on the IT department thinking that they don’t need IT. In response,
IT is feeling new pressure to get ahead of business needs and demonstrate its innova-
tive capabilities.
Level three industries experience a deep sense of unease that the fundamental
assumptions upon which their business is based are changing. “We can no longer be com-
placent,” said a manager. In these industries, there is growing uncertainty and fear that an
upstart company could steal away huge chunks of business value by using technology to
provide their products or services more cheaply or effectively. At this level, innovation is
about survival and making sure that an organization is able to quickly adapt to new busi-
ness models and withstand strategic challenges. Companies in these industries have seen
that threats today can come from non-traditional competitors and they recognize that
innovation with technology is the only way to ensure they will continue to stay viable.
UNdersTaNdINg INNovaTIoN
Innovation with technology is a complex concept. One participant defined it as, “Fresh
ideas that create value.” It can include a variety of new things that are created by or
enabled with technology, such as new markets, new products, new demand, new pro-
cesses, new capabilities, and new practices. “It’s all about value,” he stressed. “I, like
many others, am guilty of sometimes getting distracted by shiny, new gadgets rather
than focusing on the value that innovation brings.” Typically, innovation is not the
invention of something completely new, but its use in a new way, bringing something
new to an industry for the first time, or combining it with another service to provide
new value. In short, innovation in an organization lies at the intersection of the answer
to three significant questions that create the strategic environment within which inno-
vation with technology can deliver value (see Figure 12.1):
• What is viable in the marketplace?
• What is desirable to the business?
• What is possible with technology?
Ideally, innovation also refers to the process whereby a company creates new
things that deliver value. There is no generally accepted methodology for innovation
but we  have learned that effective, successful innovation has at least five stages. The
first stage is ideation—generating innovative ideas. There are many ways of doing this—
ranging from focused executive meetings to the modern online version of the sugges-
tion box. This stage must address two questions: How do we get people to share their
ideas? How do we respond to their ideas? In most cases, there are lots of ideas out there.
In fact, managers noted that attempts to stimulate innovation in their organizations led
to them being initially deluged with new ideas. However, lacking the ability to screen
and prioritize or act on them, the ideas soon dried up. Research shows that the biggest
reason why people do not share their ideas is that past experience has shown them that
management doesn’t respond to or act on them (DeSouza 2011).

Chapter 12 • Innovation with IT 173
Thus, the second stage is advocacy. Good ideas need a sponsor who firms up prom-
ising innovative suggestions, seeks funding for them, and acts as a mentor to take them
to the next level. One company has an advocacy process that seeks advocates from
a business unit other than the one where an idea is generated, thereby encouraging
broader organizational support for good ideas.
Stage three is proof of concept. This can consist of laboratory testing over a period of
a few weeks to explore the viability of key technologies or ideas that are central to the
success of an innovation. This part of the process is very agile and adaptive and highly
dependent on business–IT collaboration. Teams are kept small and focused.
A successful proof of concept can lead to a fuller trial or pilot in stage four where
the innovation is exposed to the market in a limited and measured way. A market
segment is defined, and certain customers (who may be employees) are offered the
chance to experiment with the new product or service. Measurements are taken to
understand results, which may include marketing/branding issues, financial price
points, and operational impacts. Typical pilots take about four to twelve weeks, but
may be extended.
The fifth and final stage is transition or “go to market,” where the innovation enters
into the mainstream IT production process to ensure the idea is “industrial strength.”
Many shortcuts, which served well enough for the pilot, must now be engineered to
meet production standards. For example, in one proof of concept, a financial organi-
zation developed a mobile application without privacy or security protections. These
were then added in at this final stage.
Unlike other types of IT projects, the goals of innovation projects can be fuzzy.
Focus group participants stressed that innovation projects should not have to meet the
same ROI or defined benefits as other IT projects. “Enforcing traditional stage gate cri-
teria too early in our innovation process killed off a lot of good ideas,” said one man-
ager whose company has now changed this practice. Furthermore, the full value of
some innovations may not be immediately apparent. “We are innovating to develop a
platform for direct customer interaction,” said a manager, “but we are not telling our
sales staff this right now.” The results of this process can be both “‘big I’ innovation
that refers to substantial and significant changes and ‘little i’ innovation that refers to
smaller ongoing improvements,” explained one participant.
What Is
Possible with
What Is Desirable
to the Business
What Is Viable
in the
fIgUre 12.1 The Organization’s Strategic Environment for Innovation with Technology

174 Section III • IT-Enabled Innovation
A major difference between innovation projects and more traditional IT proj-
ects is that failure at any stage is anticipated for many ideas and should be expected.
Participants stressed that the learning gained from unsuccessful ideas is an asset that
is valuable. “We need to document our failures so that we can learn from them in the
future,” said one. “Innovation is not a binary process,” said another. “We need to recog-
nize that we can leverage many elements in different ways over time to build successful
innovations.” Thus, feedback from all participants and at all stages of innovation is an
especially crucial component of the innovation process (see Figure 12.2).
The valUe of INNovaTIoN
Increased business value is the goal of innovation, but sometimes it is not always
clear what that value is. Many innovations do not deliver results in terms of ROI or
other measureable metrics. “You can’t use traditional metrics, like revenue generation,
when it comes to innovation,” said a manager. “Value can’t always be quantified,” said
another. Yet, it is important to understand where and how value is delivered by innova-
tion or this effort will soon lose out to more measurable initiatives that have a clearer
short-term value.
Communication of value is therefore essential to ensuring innovation is sus-
tainable in the organization over the long term. From this perspective, value has two
1. Is it desirable? “Our business users and customers can’t always articulate a
clear value proposition,” said a manager “but they can tell you if they want it
and like it.” Therefore, customer testimonials and social media comments can be
Proof of
Vendors, Employees,
First Users
The Strategic Environment
fIgUre 12.2 The Technology Innovation Process

Chapter 12 • Innovation with IT 175
good mechanisms for companies to tell if they are on the right track with innova-
tion and user perceptions of value should be carefully monitored. “Even a simple
change can go viral if users perceive its value,” said a manager. “And customers
also know when the value is not there,” added another.
2. Does it build our innovative capabilities? Innovations in many industries rapidly
become table stakes. “The real value of innovation is the ability to innovate continu-
ously and consistently,” said a manager. The capability to rapidly scan the environ-
ment, incorporate new ideas and technologies into an evolving business strategy,
make the associated organizational and technological adaptations, and execute
quickly, is the real prize. “Innovation isn’t a one-time project, but the ability to
deliver over and over again,” said a manager.
INNovaTIoN esseNTIals: MoTIvaTIoN, sUPPorT, aNd dIrecTIoN
Three conditions are necessary for innovation to be successful: (1) motivation, (2) sup-
port, and (3) direction. As one manager stated, “Without motivation, little will happen;
without support, little can happen; and without direction, anything can happen.” The
focus group’s recommendations to others seeking to improve their innovation practices
include the following:
1. Motivate: Establish rewards for innovation. Although many individuals are
naturally drawn to innovation, the demands of everyday work often drive this
interest and inclination into remission. Furthermore, innovation is risky, and not
all people are willing to jeopardize their reputations. As a result, innovation does
not flourish without intervention. According to focus group members, the way
to create an innovation-enabled organization is twofold: provide incentives and
rewards to support innovation and risk taking, and make it everyone’s job. Good
ideas are good ideas, and experience shows that they are as apt to originate at the
customer interface as they are within the laboratory or the executive ranks.
Taking this a step further, one company has made innovation a compo-
nent of everyone’s annual performance assessment. This organization offers
specific types of formal rewards for different types of innovation that range from
patentable ideas to emerging business opportunities. Not all rewards need be
formal though. One firm uses a system of frequent informal rewards (e.g., books,
tickets, cards, recognition days, and executive citations) to recognize innovative
ideas and encourage and reward innovation with IT. Another company discovered
that the best reward for IT personnel is simply the opportunity to work and play
with new technology! In this company, enterprising IT personnel win the right to
experiment with new technology without the need for champions or sponsors.
According to the manager involved, this activity is funded by “skunkworks” and
“beg and grovel.”
2. Support: Create infrastructure to sustain innovation. Offering rewards for
innovation sends employees the signal that innovation is encouraged and will be
recognized and valued. This provides the motivation for individuals to experiment,
but organizations need to provide support for such experimentation if they want it
to happen. Over time, the combination of recognition and support builds a culture
of innovation.

176 Section III • IT-Enabled Innovation
Many firms believe it is also necessary to build some infrastructure around IT
innovation. One company, for instance, created the position of “chief scientist” and
provided that office with a budget and resources. This was the organization’s “way
to signal to everyone that the lifeblood of the organization is discovery . . . not just
innovation,” said the manager involved. At this company, “innovation is a given”
and expected in all parts of the business. “Discovery,” however, conveys a sense of
urgency as well as the notion that the company needs to continually reinvent itself
to survive in the marketplace.
Many companies have formal centers (or laboratories) to support innovation.
Depending on the firm, the roles of these centers vary from “new product
introduction” to “new technology introduction” to “business venturing” to
“incubation centers.” Where IT is considered a key business driver, they usually
focus almost exclusively on strategic IT innovation. The critical aspect of their
creation is the provision of support and infrastructure to enable idea review and
experimentation. Most centers are formally entrenched within the organization with
ongoing funding, permanent staffing, and well-developed procedures and pro-
cesses to encourage, guide, and support innovation. According to one manager, the
key element is “to link sponsorship to innovation,” reflecting the fact that “good
ideas don’t make it on their own.”
Companies in the group reached consensus on the mandate for innova-
tion centers, but they disagreed about their governance. Two distinct strategies
• Insulate. This strategy creates innovation centers as places where “all lines of
business can come together to address common problems.” According to pro-
ponents, the key benefit of this approach is the ability to foster synergies across
the business in the belief that innovation is best “nurtured away from the main-
stream business.”
• Incubate. Those following this strategy place their innovation centers within
specific lines of business (LOBs). Proponents suggested that forcing innovation
to be housed within a single LOB focuses innovation on “real” problems and
opportunities with committed local ownership.
The innovation infrastructure that was common to virtually all organi-
zations in the group was the maintenance of an intranet for launching ideas.
These sites are considered to be effective for soliciting, vetting, and sharing ideas
and/or opportunities. According to one manager, an intranet’s chief value is
that “anyone can input and everyone gets access” to build on ideas. In firms
with innovation centers, intranets are effective “feeder” systems. In organiza-
tions lacking the formal support of an innovation center, ideas identified on
the intranet require a sponsor to marshal support to turn them into realizable
products and/or services.
A common form of financial support is the establishment of internal venture
funds. In about half of the participating organizations, funding mechanisms had
been set up to support IT innovation. Typically, such funds are made available on a
competitive basis with an oversight committee in place to award resources and to
monitor progress and completion.

Chapter 12 • Innovation with IT 177
3. Direct: Manage innovation strategically. One manager pointed out that
“experimentation never fails as long as there has been learning.” Strictly speak-
ing, the focus group agreed but felt that “any such learning would have to be
strategically important for the organization” for it to be considered successful.
According to the group, learning for the sake of learning was “an activity enjoyed
by academics”—much to our chagrin! They suggested that providing motivation
and support for individuals to experiment freely would be a recipe for disaster.
Organizations must provide direction for these activities. Strategic IT innova-
tion does not occur by happenstance. Some participant suggestions for direct-
ing IT innovation in order to ensure that it was strategically relevant include the
a. Link innovation to customer value. A simple yet effective way to accomplish
this is to focus on emerging pain points. At one company, all new ideas had
to articulate the specific customer pain point (CPP) that would be addressed.
This requirement, in and of itself, produced results. As the manager involved
related, “The identification and surfacing of CPPs stimulated considerable and
sometimes heated discussion. Many people were surprised to learn of CPPs,
and many potential solutions emerged. It was a case of ‘if only I had known.’”
Unfortunately, failure to articulate business value to the customer is a common
b. Link experimentation to core business processes. The opposite approach
focuses IT experimentation internally on core business functions. One
participant, whose organization is “currently reluctant to experiment in the
market,” focuses all its experiments on core business activities. “Our belief
is that innovation is strategic only if it produces significant efficiencies
for internal operations in a way that can be captured on the bottom line,”
she said.
c. Use venture funds to guide strategic initiatives. Although establishing
venture funding for innovation is a form of support (as already noted), the
governance of such funds can be instrumental in achieving strategic alignment.
Venture funds are typically given for initiatives that do the following:
• Make greater use of innovation resources
• Focus on new business models
• Explore new/disruptive technologies
• Focus on penetrating new markets
• Leverage cross-organizational capabilities
• Streamline decision making
• Focus on opportunities that can be scaled.
challeNges for IT leaders
Although all of the managers in the focus group felt strongly that innovation is essential
both to the future of their organizations and IT, they expressed a number of caveats and
concerns about how innovation and an innovation process would be implemented in
their organizations. These fell into four major themes:

178 Section III • IT-Enabled Innovation
1. Strike the correct balance. IT managers are acutely aware that they have the
responsibility to ensure that their organization’s data and systems are kept safe,
secure, and private. Furthermore, many of the so-called “bureaucratic IT processes”
were put in place for good reason, such as to ensure quality, interoperability, and
cost-efficacy. “We don’t want to go back to the days when cowboys ran IT,” said one
manager. “There’s a risk to throwing out all our rules for the sake of rapid innova-
tion.” In fact, in many highly regulated industries, such as finance and health care,
laws and risk-aversion prohibit much innovation. “We need to balance urgency and
quality, and not forget architecture and integration,” said another manager. “These
‘innovations’ can turn into a legacy nightmare very quickly.” Nevertheless, they
recognize that there is a need to reconcile these competing priorities and rethink IT
processes to facilitate innovation, although at present, there is no accepted way of
doing this.
2. Create a sustainable process. One focus group company was on its third
innovation process. During the first one, they had lots of input from employees
but a lack of interest from executives in taking action on their ideas. The second
process, designed to rectify this problem, gave funding to the CIO to implement
innovative ideas, but executives flooded the pipeline with ideas to get the “free”
IT funding. Now, in its third iteration, the process is focused on innovation in busi-
ness intelligence and how this will improve the way work gets done. “Whatever
process is put in place, it must be collaborative and include a process for flesh-
ing out ideas,” said the manager involved. “There are too many half-baked ideas
out there.” In addition, there must be recognition from executives that innovation
requires risk. Thus, the innovation process must enable rapid proof of concept and
trial development, and link into traditional development procedures during the
transition stage.
3. Provide adequate resources. IT staff often become too busy “fixing messes” and
doing other types of IT work to undertake innovation. In fact, many companies
have had to address this resource gap by carving out specific resources or time peri-
ods dedicated for innovation. This is not ideal and most managers would rather
see innovation integrated into everyone’s job. Similarly, many executives are simply
“too busy” to focus on work with such a vague return. As a result, “there is no real
alignment in either IT or our organization about how to undertake and resource
innovation,” said a manager. Thus, many IT functions are waiting for senior man-
agement to say “go” before implementing a serious innovation process.
4. Reassess IT processes and practices. The IT function needs to be characterized
by disciplined thinking, rapid action, agile development, and supported by new
technologies that facilitate this. We need to transition from “IT control” to “IT coor-
dination,” explained a manager. “Our structures need to be changed to enable us
to get us 80% of the way in a project and then to pivot and change direction, if
necessary,” said another. A third noted that IT and organizational rewards need to
be restructured to motivate more innovation. Finally, existing structures and gov-
ernance mechanisms need to be changed to accommodate innovative practices. For
example, as already noted, traditional stage gates are not appropriate for early-
stage innovation projects. As well, roles such as relationship manager, which serve
as gatekeepers into the business, may prevent the learning and collaboration that is
needed to promote innovation.

Chapter 12 • Innovation with IT 179
In spite of these challenges and reservations, the focus group agreed that IT’s goal
should be to develop an organization with the capability to change and adapt in order
to deliver value with technology. Focus group organizations were trying a variety of
practices to facilitate innovation. From these, a number of guiding principles for effec-
tive innovation may be inferred:
• Focus on achievable targets. Innovation should be manageable and targeted but, at
the same time, built so they can scale up easily. According to one manager, “It is far
easier to ramp up a proven venture than to plan, build, and deliver a winner.” At one
company an innovation involved a “proof of concept” for a new technology involv-
ing six sites. Management then rapidly decided to expand the innovation to three
hundred sites! This action literally ended experimentation, and the task immediately
became large-scale implementation.
• Don’t rush to market. Positive results from an experiment should be viewed as
justification for further experimentation, not as a “license to launch.” At one com-
pany, a decision to go to market based on very favorable pilot results quickly ran
into difficulty. The customers involved in the initial innovation turned out to be
unrepresentative of the overall customer base, and the uptake in the market plum-
meted as the rollout broadened its base.
• Be careful with “cool” technology. Because innovation deals with technology, it is
sometimes easy to be misled by cool technology. The buying public may not under-
stand what the technology does (e.g., it’s a browser pen), may have no need for the
things that the technology does (e.g., it tracks unvisited sites), and/or may not find
the technology appealing (e.g., it’s a mouse with arms and hands). On the other
hand, this same technology may become the item that every teenager on the planet
must have!
• Learn by design. The goal of innovation is to learn. The group provided several
examples of innovation attempts where nothing was learned. In these cases insuf-
ficient controls were designed into the process to enable the organization to ascer-
tain after the fact what had actually happened. Was failure due to product features
and/or functioning? A lack of effective marketing? The price point? Thus, the first
step with innovation should be to identify the critical questions that need to be
answered, then to design these into the process.
• Link innovation to business strategy. It has already been noted, but bears repeat-
ing, that valuable innovation is closely linked to an organization’s strategy and
long-term vision. This must be the first level of screening for all new ideas. A close
second is business sponsorship to ensure that the idea will be funded and protected
during its early stages of development.
• Incubate innovation. Until innovation is fully incorporated into daily work, it is
important to provide a safe time/place/manner to promote it. Focus group compa-
nies were doing this in different ways. Some have appointed an innovation team;
others host focused innovation meetings; still others use innovation labs and “safe”
environments. Each of these enables rapid idea generation and screening and places
a spotlight on innovation outside of normal practices.
• Collaborate with vendors. “It’s important for IT to get out of its bubble and
expand its boundaries,” said one manager. The focus group agreed that IT must

180 Section III • IT-Enabled Innovation
now proactively move out of its comfort zone to enable innovation and innova-
tive processes. Working with vendors who can bring a broader perspective into the
organization was the most common way of doing this. In some cases, organizations
are inviting vendors to present to both IT and the business community in planned
“innovation summits,” where new possibilities can be brainstormed and screened
for potential value in a very short period of time.
• Integrate business and IT. This is table stakes for effective innovation. “IT must be
plugged into the business, able to speak business language, and articulate poten-
tial benefits,” said a manager. One good way of doing this is for IT to participate
in regular “huddles” with the business to better understand their pain points and
what their interests and challenges are.
• Send clear messages. If an organization really wants innovation, it must send
clear messages about its importance from the top down. This means that leaders
must promote it, resource it, reward it, and most important of all, agree to take on
the risks involved. Failure is a given in innovation, but unless management explic-
itly acknowledges and accepts this, it is unlikely that an organization’s culture will
change to become innovative.
• Manage the process. Innovation will not just happen without attention. It requires
active and intentional management to design and monitor a process and determine
what works and what doesn’t in a particular organizational culture. Innovation ini-
tiatives can sometimes have unforeseen side effects, such as demotivation of nonin-
novation staff, disappointment and cynicism when management doesn’t respond
to ideas, resistance to poorly communicated changes, and confusion over the pro-
cess itself. In addition, existing budgets, structures, processes, and governance can
work against innovation, unless there is proper attention to these factors.
• Promote learning agility. Because innovation is still not a factory-like process and
is continuing to evolve, IT leaders must cultivate capabilities that promote innova-
tion, rather than specific skills. Chief among these, said the focus group, is learn-
ing agility or the ability to be flexible to learn new things and new ways of doing
things. Whether it’s business language, agile development, a new techno logy, or
working with new partners, the best IT staff will be able to take on new challenges,
learn, and thrive.
Organizations are just beginning to grasp the
scope of the new world of continuous change
that is being ushered in by technology, and
to grapple with how it will affect their tradi-
tional processes of implementing technology
for value. This new world is faster paced, with
change taking place in smaller, more frequent
increments that create and enable flexibility
for the organization. Today, we are just at the
cusp of this transition, which will result in a
transformation of how both organizations
and IT functions operate. Although business
as usual can continue for the short term, IT
leaders are well aware that their current struc-
tures and processes must adapt rapidly to this
new world of change. “Innovation” is thus
merely the vanguard of what is to come; but
addressing it thoughtfully and intentionally
is the best way to ensure that an organization
is prepared for the future.

Chapter 12 • Innovation with IT 181
Brown, S. L., and K. M. Eisenhardt. “The Art of
Con tinuous Change: Linking Complexity
Theory and Time-Paced Evolution in
Relentlessly Shifting Organizations.”
Administrative Science Quarterly 42, no. 1
(March 1997): 1–34.
Christensen, C. The Innovator’s Dilemma: When
New Technologies Cause Great Firms to Fail.
Boston: Harvard Business School Press, 1997.
Christensen, C., and M. Raynor. The Innovator’s
Solution: Creating and Sustaining Successful
Growth. Boston: Harvard Business School Press,
Denning, S. “Why the Best and Brightest App-
roaches Don’t Solve the Innovation Dilemma.”
Strategy & Leadership 33, no. 1 (2005): 4–11.
DeSouza, Kevin. Intrapreneurship. Toronto,
Canada: University of Toronto Press, 2011.
Hamel, G., and L. Välikangas. “The Quest for
Resilience.” Harvard Business Review (September
Henderson, J. C., N. Kulatilaka, N. Venkatraman,
and J. Freedman. “Riding the Wave of Emerging
Technologies: Opportunities and Challenges
for the CIO.” Working paper, Boston University,
School of Management, 2003.

C h a p t e r
13 Big Data and Social Computing
It’s a time of significant change for organizations and for IT. Tools for implementing social business (i.e., social media) are being rapidly adopted by the population as a whole and, at a slower pace, by businesses (Kiron et al. 2013; Maoz et al.
2013). At the same time, tools associated with huge amounts of data they gener-
ate are facilitating new ways of understanding business through insights, analytics,
and predictions (Davenport et al. 2012). These tools enable organizations to engage
customers, suppliers, partners, and potential customers in real time and in a multitude
of different ways. And they make it possible to incorporate a wide variety of data into
organizational processes, enable decision making, and offer new products, services,
and delivery channels.
It’s a substantial extension of the trend to move computing to new parts and levels
of the organization and beyond traditional corporate boundaries. Whereas big data and
social media have been seen as separate organizational challenges in the past, these
two fields are now converging in numerous ways, depending on the industry and a
company’s needs. Social media is becoming the organization’s front line data collection
point, while big data tools use it to drive information and analytics insights that in turn
will guide business strategy development. And this is just the beginning. Underlying
all of these initiatives are more improved data, whether from customers, applications,
or myriad external data sources. In turn, organizations must focus these data on real
business problems to gain real business insights, drive real business actions, and deliver
real business value (see Figure 13.1).
The challenges for organizations are huge. And IT is at the center of it all,
architecting the new platforms, selecting the tools, enabling them, participating in con-
tent analysis and design, integrating results with more traditional data and processes,
and most importantly, working with the business to innovate, redesign and reimagine
all aspects of corporate work. Today, organizations of all types are feeling increasing
pressure to take action in these areas but most are still in the earliest stages of maturity,
typically experimenting with the data generated from social media (Beath et al. 2012).
This chapter explores how IT leaders are trying to conceptualize the integra-
tion of big data and social media concepts to deliver value. It begins by discussing the

Chapter 13 • Big Data and Social Computing 183
opportunities presented by these technologies and what value organizations could
expect from them. Next, it examines the different components that must be addressed
in order to deliver value successfully. Then, it looks at some longer-term opportunities
for deriving value through innovation with big data. Finally, it examines some of the
challenges IT leaders face as they try to adapt their work to the significant changes these
tools require and presents some actions for IT managers to consider when beginning to
implement big data and social media tools and applications.
The Social Media/Big daTa opporTuniTy
Today’s organizations process over 1,000 times more data than they did a decade
ago and the volume of data is growing by 30–50 percent annually (Beath et al. 2012).
Social media is the largest component of online data and therefore a major source
of data for organizations. In 2013, Facebook had 1.15 billion users with Twitter and
LinkedIn following close behind (Maoz et al. 2013). Although over 77 percent of
Fortune 500 companies are now using social media to build relationships with their
brands, there is still a significant gap between social media usage and how compa-
nies are using the data generated by these tools (Fitzgerald et al. 2014). This under-
scores the fact that social media data are not valuable in and of themselves, but must
be analyzed and presented in ways that derive insights into key business questions.
Thus, a major question companies should be asking before embarking on any social
media initiative is, how can we use insights from the data we collect to improve our inter-
actions with customers, suppliers or employees? (LaValle et al. 2011). “There’s a wide
gamut of opportunities out there,” one manager noted. “The quick wins are probably
internal with customer and product information. However, companies must keep an
open mind and look at everything because sometimes, relevant data can come from
unlikely places” (see box).
The External
Big Data
Activities EngagementSocial
Media Data
Internal Data
Other External Data
& Decision-
making Information
& Analytics
• Customers
• Partners
• Suppliers
• Potential
Figure 13.1 The Relationship Between Big Data and Social Media

184 Section III • IT-Enabled Innovation
In the past, disparate, siloed internal data in systems made data consolidation
challenging because massive data “plumbing” was required before analysis could
begin and data definitions had to be created before data could be stored or consoli-
dated. Today, big data management technologies enable all types of data from multiple
sources to be available in one place in native form, thereby providing greatly increased
flexibility of analysis. More granular data then allow for finer classifications and seg-
mentations to be made so that a business can tailor information or services for a single
person or situation, if necessary (Davenport et al. 2012).
A large part of the value of the current business value of social media comes from
the people, processes, and technologies that turn the data they generate into insights
that drive business decisions and actions (McKeen and Smith 2012). Appropriately
applied, companies can then use these data to
• Respond more quickly to the market by making faster decisions.
• Make patterns more evident, such as problems with a new product.
• Facilitate innovation in products and services, based on customer and other types
of feedback.
• Improve reputation and brand awareness.
The value delivered through social media and other forms of big data manage-
ment increases as tools and methods become more mature and integrated across the
entire value chain (Davenport et al. 2012). While early analytics were based on historic,
siloed internal data and rudimentary techniques, more mature approaches use fre-
quently refreshed internal and external data and more complex analytical techniques
that enable rapid decisions based on robust insights.
And this is just the beginning. Emerging approaches will be based on a deep
understanding of real-time data sets from a variety of internal and external sources
(Davenport 2013). They will enable real-time decisions supported by multilayered
insights from multiple business functions. Companies are just now beginning to com-
bine improved sensing capabilities of physical things (i.e., the Internet of things) with
other internal and external data sets (Davenport 2013; Laney and White 2014; Smith and
Some Types of Social Media Data
• Wikis
• Blogs
• Videos
• 3D user interface/visualization
• Presence awareness
• Instant messaging, Twitter
• Social networking communities (e.g., Facebook, LinkedIn)
• Reputation systems
• Collective intelligence systems
• Authoring
• RSS feeds
• Podcasts
• Gamified data

Chapter 13 • Big Data and Social Computing 185
Konsynski 2007). Future business opportunities will incorporate real-time information
in a variety of new ways, such as:
• Sensing—detecting the current state of a given entity, such as the location of a plane,
the speed of a car, or the mood of an individual.
• Mass Visibility—the combination of real-time sensing of multiple entities contex-
tualized by their relationships. It can be used to identify such issues as traffic route
congestion or how gas prices vary across the country.
• Experimentation—the integration of real-time sensing with the ability to
generate and gather reliable data quickly. It can be used to monitor the impact
of such things as new Web site layouts or to undertake rapid analytics on new
• Coordination—combining the current state of other entities with the ability to
adjust behavior based on fast-cycle feedback, for example, locating people and
coordinating their behavior in real time.
To date, most CIOs and business leaders still haven’t identified the value proposi-
tions associated with these new types of data or fully understood their organizational
implications (McAfee and Brynjolfsson 2012). They are still trying to determine how
and where to effectively use social media data.
delivering BuSineSS value wiTh Big daTa
Delivering business value with the big data derived from social media and other data
sources requires developing new organizational capabilities in a variety of areas,
especially in data and information management. And although it is a truism today
that organizational change requires improved governance, sponsorship, processes,
and controls, in addition to new skills and technology, these are all essential compo-
nents of delivering on the opportunities presented by social media and ultimately, big
data (Beath et al. 2012; LaValle et al. 2011). This section explores the key components of
developing an organizational capability that can deliver business value from big data
and adapt to the rapidly evolving world it represents (see Figure 13.2).
One of the most important questions for companies to ask with respect to social media
is, who’s responsible for social media in your organization? Some companies see marketing
or corporate communications as having primary responsibility for this function; oth-
ers have created an internal social marketing organization, or a committee. Delivering
social media today is still fragmented in most organizations, said the IT managers in
the group. However, they agreed that because social media also represents an infor-
mation asset, ultimately it is IT’s responsibility because, once inside the organization,
social media data become part of the organization’s data repository—or big data.
Therefore, with the huge amounts of data flooding into organizations, someone needs
to be making decisions about it if it is to deliver business value (Ross 2012).
There are a number of issues that IT leaders need to consider when addressing
social media/big data governance, such as the control, legal, security, access, staffing,
and logistical implications of its management (Laney and White 2014). As just one

186 Section III • IT-Enabled Innovation
example, governance will need to determine which data can be exposed to the public,
and this decision in turn will affect all other aspects of governance. In addition, com-
panies need to understand their tolerances for risk and experimentation and develop
appropriate governance mechanisms to determine whether the risks involved in any
social media/big data initiative are appropriate for their organization.
a Business Strategy for data
Increasingly, companies are demanding more and better information to meet their
needs (Redman 2013). To obtain it however, companies must first recognize that new
big data/social media technologies have the capacity to significantly redefine busi-
ness models and they will therefore need a business strategy for how to manage what
is done with them (Fitzgerald et al. 2014). “These could be dis-intermediating tech-
nologies,” said one manager. “We’re at a critical juncture as companies are beginning
to build strong relationships with their customers.” Although many executives fear
learning what their customers are saying about their company and their products and
services, taking this step can be a strategic differentiator for an organization. Similarly,
improved insights gleaned from other types of data can also radically transform how
a business operates (Davenport 2013). Companies should start strategizing by asking
relevant business questions that address key value levers, such as what are the biggest
drivers of our profits? Or, how can we increase customer loyalty? Then, indicators can be
developed and key data collected. For example, one focus group firm is developing a
consolidated view of its customers using structured and unstructured data from both
internal and external sources because it felt that knowing more about its customers
would help it target products and services more effectively to them.
Data can also be used to drive the development of strategy after it has been collected.
However, this can only occur if useful information is developed that is used by the orga-
nization (Marchand et al. 2000; Marchand and Peppard 2013). Although social media is a
marketing tool, it is also extremely important for a business to have the capability to use
the data that are generated from it to inform decision making and strategy development
Strategy for
Media and
Big Data
New Skills
and Tools
Data and
Figure 13.2 Components of a New Organizational Capability for Big Data

Chapter 13 • Big Data and Social Computing 187
over time. Companies should therefore ask, do we have information that is easy to use? and
is it useful? This means working with IT to embed insights into business processes and
make them more understandable and actionable through a variety of methods such as
dashboards, visualization, trend analysis and simulations, and traditional reports, and
then validating their usefulness with the business (LaValle et al. 2011).
Better data capabilities
Data have four dimensions (Marchand et al. 2000):
• Unstructured, such as that gained through social media.
• Structured, such as that found in databases.
• Internal data, information, and knowledge that are found within an organization.
• External sources of data or information from outside the company, such as customer
comments, external databases, or sensor data.
Improving big data capabilities involves collecting more data from different data
sources to gain a more complete view of customers, supply chains, or other strategic
situations. Determining what data to collect and how to get it is an organization’s first
challenge. Here, the goal is to transition from siloed data, supporting siloed processes
and decisions acting on a partial awareness, to integrated data (both internal and
from  social media) that will provide a 360° understanding of an entity or a situation
(Austin et al. 2006; Davenport et al. 2012).
A second challenge is how best to organize data and capture context and meaning
in order to get to the most useful insights. Although big data tools increase the vol-
ume and velocity of data available and reduce the costs involved, companies must still
decide how to dissect it to turn data into insights (Beath et al. 2012). “Simply making
data available is no guarantee of value. Organizations need data context, centers of
excellence, and governance to manage it properly,” said one manager.
Furthermore, most companies still have much room for improvement in structu-
ring their data and analytics capabilities, said the focus group. For example, it is still
often unclear where in the organization these activities are best performed. In some
firms, IT has this responsibility; in others it is an enterprise service or divided among
the business units. Such pockets of data capability in different places can detract from
what an organization is able to do with data.
Research shows there are three levels of analytics maturity in organizations (Kiron
and Shockley 2011; LaValle et al. 2011):
1. Aspirational. At this level, analytics are siloed and largely based on structured
data and the use of spreadsheets. Typically, these support targeted activities such as
finance and supply chain management.
2. Experienced. More mature companies also use visualization, advanced modeling,
and data integration to support more holistic strategy development and marketing
and operations activities.
3. Transformational. At this level, firms use a broad portfolio of tools to analyze
integrated structured and unstructured data to support day-to-day strategy and
operations in a planned and coordinated fashion.
Most companies today are between the first two levels, but the field is moving rap-
idly (Kiron and Shockley 2011). Much of what is “emerging” today will be mainstream

188 Section III • IT-Enabled Innovation
in a very few years, so it’s important for companies to be ready for this by ensuring
they learn how to think about data, develop more discipline about collecting data,
experiment with analytics models, and change corporate culture to enable some risk as
business models evolve.
new Skills and Tools
Although tools are a necessary component of building new data capabilities in an orga-
nization, improving skills is largely an organizational challenge (Austin et al. 2006;
Kiron and Shockley 2011). Internally, IT’s data skills are often separated into three dif-
ferent organizational groups that have operated as silos, the focus group explained.
Operations have been responsible for speed of delivery, back-up and recovery, 24×7
support, uptime, security and compliance, and process. Decision support has been
responsible for number crunching, visualization, metrics, ad hoc requirements, sand-
boxes, and subject matter expertise. And knowledge and content management has
been responsible for tagging, taxonomy, search, incentives, work routines, and knowl-
edge. Today, these three skill sets are converging and ensuring they intersect appropri-
ately is essential to leveraging an organization’s existing tools.
However, companies will likely also need to hire and develop IT people who can
create value with data and existing IT skills will have to change as well (LaValle et al.
2011). Initially, technical skills will be needed to architect, select, and implement the
most appropriate new technologies. Following this phase, data sources need to be
identified, collected, and prepared before analytics and other types of information
delivery activities can be developed. In this step, it is critical to have people with a
combination of business, analytics, and data skills, who are not isolated from the busi-
ness. Although hiring more data scientists is part of the solution, “the bigger problem is
that we lack the managers and analysts who can ensure that big data can be effectively
consumed and used by organizations,” said one manager. “These people need a very
broad skill set, ranging from communication to business knowledge to technical and
data knowledge.”
The effective use of social media data and analytics to deliver value also requires
a tighter integration of business unit and IT functions (Maoz et al. 2013). Business units
will also need specialized staff who work closely with IT to develop applications and
learn, tightly cycling through the iterative development and implementation of new
products as services, as insights are gained. These specialized business unit staff should
have considerable technical and analytic skills but should not be viewed as a “shadow
IT group,” but rather a new type of business professional who delivers important data
and ideas to business and IT leaders. Therefore, increasingly there will be a growing
gradation in staff skills between business and IT with the people in the middle skilled in
both technology and business, said the focus group.
Overall, companies should have three specific sets of competencies for dealing
with big data (Laney and White 2014; McAfee and Brynjolfsson 2012):
1. Information management expertise. This includes data governance, good data
management practices, and the ability to deliver the right data to the right people.
2. Business analytic expertise. This is the analytic talent, tools, and technology
needed to deliver insights from data.

Chapter 13 • Big Data and Social Computing 189
3. An analytic-oriented culture. This is a broad organizational belief that data and
analytics are a strategic asset. It includes analytics champions, a mandate, and us of
insights for both strategic and tactical decisions.
innovaTing wiTh Big daTa
In addition to these fundamental components of delivering business value with data,
leaders are also looking for IT to help them innovate with data (Fitzgerald et al. 2014;
Kruschwitz 2011). We are just beginning to recognize that there are data external to the
organization, in addition to social media data, that can be used to generate new and
entirely different sources of value for companies (Piccoli and Pigni 2012). In strategiz-
ing about how to take full advantage of the internal and social media data they already
have, business and IT should also be exploring how best to leverage these external data
sets. This process begins by asking five questions:
1. Do we know what data people have socialized around our business and our
2. Do we have an inventory of the data streams in our ecosystem and those sur-
rounding us?
3. Have we thought about the data streams we produce? Could they be valuable
outside our organization?
4. How many of our organizational systems could be architected easily to provide
data in real time?
5. Are we keeping an eye on the changing value of our digital assets?
The answers to these questions can then be used to develop new strategic oppor-
tunities for organizations with external data (Piccoli and Pigni 2012). These include the
1. Data generation. Many firms generate data that can be used by others to create new
products or services. For example, TripIt taps into a variety of travel data streams, such
as reservations made with airlines, hotel and car rental agencies, and integrates confir-
mations into a master itinerary for a traveler or a group of travelers. The company is
seeking to be the home base for all of a consumer’s travel information.
2. Aggregation. Here, a firm identifies and harvests a variety of data streams, which
are then repurposed and made available to potential users, thereby creating a data
platform. For example, Socrata is a platform for government agencies and provides
access to public, real-time data in a one-stop shop.
3. Service. Here, a firm uses data to create new services for consumers or to improve
service quality. For example, Mycityway is a real-time app designed to help users
navigate an urban environment. Integrating over 100 real-time feeds, it helps one
find a type of restaurant, a wireless hotspot, buy tickets, connect with other users,
or check live traffic feeds.
4. Efficiency. A firm can also use data streams to optimize internal operations, such as
waste reduction. For example, Trafikanten in Norway uses real-time feeds to locate
buses and optimize traffic lights, as well as inform customers when their bus will
arrive. It has generated 15 percent more bus efficiency as a result, while providing a
new customer service.

190 Section III • IT-Enabled Innovation
5. Analytics. Companies are using a variety of data to develop superior insight or
knowledge. For example, Mint brings a person’s financial accounts together from a
variety of sources and automatically categorizes transactions, and helps set budgets
and develop savings goals.
Once in place, companies can leverage several of these approaches at the same time or
shift between them as their understanding matures.
pulling in Two diFFerenT direcTionS:
The challenge For iT ManagerS
As is so often the case with new technologies, IT managers feel torn between their
everyday reality and the glamorous and dynamic vision of the future as painted by
the proponents of big data and social computing (Spanbauer 2006). Focus group
participants were concerned about how demands for new information and ways of
working would mesh with their ongoing responsibilities of managing an efficient
and effective IT organization. “Social computing is a challenge in our locked down
environment,” said one. Another noted, “Our information security principles conflict
with it. There are some things we don’t want hitting the 6 o’clock news.” Similarly,
big data use requires opening up established and structured organizational processes
to a wide variety of data sources, collaborating more extensively with business and
enabling flexible and transient applications and information (Davenport 2013; Smith
and McKeen 2007).
“We’re being pulled in two directions by these trends. We need to change,” said
one manager, “but we also need to protect our corporate assets. We really need to
develop policies for how to do these things properly.” They saw their biggest challenge
for social computing and accessing external data streams as security and protecting the
reliability of the infrastructure they have built up. “If the security issue was addressed,
we’d see some of these things as much more acceptable,” said another manager. With
big data, the challenges involve rethinking how data management is done, speeding
up IT analysis work, and redesigning business processes to be more data-driven, rather
than process-driven. Table 13.1 summarizes the vision of social computing and big data
and contrasts it with the challenges it poses to IT management.
Some of their other challenges include the following:
• Short business horizons. As has often been the case in the past, business leaders
have a much shorter time horizon in their thinking than IT and are often not pre-
pared to anticipate or explore new technologies and their implications that might be
important in the future. Then, when the technology hits public awareness, they want
it yesterday! “We have no active support for social computing or big data,” said one
manager. “It’s very hard for the business to see its value as yet.” Yet, in some cases,
business users see IT as holding them back because of security and regulatory consid-
erations. “We need to work together with the business to identify the risks associated
with these new ways of working and protect our operational processes,” said another.
“And we need to make sure the decision-makers understand what’s involved in
becoming more open and information-oriented.”
• Resources. Social computing is touted as an effective collaboration and innova-
tion tool but using it for this purpose requires support and facilitation. “Our staff

Chapter 13 • Big Data and Social Computing 191
is maxed out at present,” said a manager. “If we go down this road, we need to
commit resources to doing it properly.” Similarly there must be business support
for incorporating new ways to utilize big data. This involves more than just adding
a few data scientists but, as noted earlier, requires top-down attention to think-
ing about, using, and making decisions with data. Even in those companies that
are actively promoting these changes, getting the right resources in both business
and IT is a challenge. “And when we’re stressed, we revert to our old behaviors,”
explained a participant.
• Changing the culture. IT managers recognize that organizational behavior must
change if the value of these tools is to be realized. However, changing embed-
ded cultural practices is often extremely difficult. Even where there is a strong
emphasis on making information and people more accessible, champions are
needed to make sure “we don’t slip back into our comfortable ways of behaving,”
Table 13.1 The Challenges of big Data and Social Computing from an IT
Manager’s Perspective
The Vision The IT Manager’s Challenge
Blurred process and organizational
Firewalls and structured processes
Collaboration and sharing both
internally and externally
Intellectual property and privacy protection;
formalized external engagement
Situational applications Maintaining transactional applications and
operational integrity
Mass participation and accessibility Authentication and authorization
Data orientation Process orientation
Transient information (i.e., systems of
Creating a permanent record (i.e., systems
of record)
Support for social behavior Support for business behavior
Innovation and creativity Efficient use of resources
Viral Secure
Dynamic Backup
Situational roles Regulatory accountabilities
Date governance and etiquette Project governance and policy
Collective intelligence; bottom up
innovation; empowerment with data
Top down business strategy
Emergent value Defined business value based on a business case
Data discovery and exploration Managed data environments
Anywhere, anytime connectivity Controlled communication
Ad hoc applications and inquiries Scalable applications

192 Section III • IT-Enabled Innovation
agreed the focus group. For example, some organizations have tried experi-
ments with more social ways of working with and sharing information but have
found that while the adoption rate is initially high, the drop off in participation
is equally steep. This is consistent with the challenges KM managers faced in the
past, which effectively killed this function in most organizations. The question
for many (and which remains unanswered) is whether these tools will be able to
drive the behavioral and cultural changes needed to make the technology effective
(Spanbauer 2006; Smith and McKeen 2007).
FirST STepS For iT leaderS
Established mental models, business models, and systems can be serious inhibitors to
the new ways of working implied by social media and big data. Discontinuous change
requires thinking about needs differently and envisioning what is possible. As Henry
Ford once said, “If I had asked people what they wanted, they could have said ‘faster
horses’.” At that time, few would have imagined the automobile and its industry and
infrastructure as it is today. Getting the mindset and model right involves much change,
such as obtaining data from multiple sources, making sense of huge amounts of data,
developing complex analytics algorithms, and dealing with cultural objections to
standardized data. IT leaders should begin the change process by asking themselves a
number of questions including the following:
• How can we attract, grow, and retain employees with the skills we will need?
• What data do we need and what is the optimal way to collect and manage the mas-
sive amounts of structured and unstructured data involved?
• How can we best support varied and dynamic business needs for information more
The focus group believed it is not necessary to spend large amounts of money to
demonstrate the value of these new approaches. “Expensive analytics projects are not
required to get started with big data,” said one manager. “Companies should start small
and focus on proving value at each step.” He noted that it is possible to begin inex-
pensively with open systems, which are scalable and require no licenses. “While you
wouldn’t want to run an entire enterprise this way, you can start small and then add
variables and improve your models,” he said.
Big data technologies can coexist with existing data warehouses and so can be
introduced slowly, replacing specific storage and computing scenarios over time. “Start
with the basics to build competencies, reduce processing, and take care of the mundane,
and then grow,” recommended one manager. As a company gets some quick wins, it
will be more willing to develop pilot use cases for enterprise value realization. “As you
move up the maturity curve, you will be able to figure out value optimization with big
data,” he added.
There are still many immediate big data and social media issues that need to
be considered. These include immature technologies, legal and regulatory consider-
ations, ownership of data quality, expectation management, establishing an effective
organization structure, and optimal utilization of specialized resources. Privacy and
data quality are also critical issues that must be properly managed if these initiatives

Chapter 13 • Big Data and Social Computing 193
are going to succeed. The IT managers groups collectively had the following recom-
mendations for IT leaders:
1. Focus. Identify specific problems and then use data and/or social media to
solve them. “If we just look at generic opportunities, the scope can be overwhelm-
ing,” said one manager. Leaders should look for the biggest play they can get,
either on the top or bottom line. “Start tactically and use success stories to illus-
trate how social media/big data can fit into your organizational strategy,” they
2. Develop business-savvy IT staff and encourage development practices such
as shadowing and colocation. Tap into your own expertise, promote business–IT
rotation programs, and hire power users into IT. Colocating business intelligence
delivery groups from IT in the business units and developing a business-led
governance structure for data and social media prioritization projects are best
practices. These steps will enable IT to focus on foundational components such
as, standards, metadata, and data models, while business can focus on delivering
3. Become a “data factory” with supportive methodologies and practices and
an optimized ecosystem of advanced and traditional data technologies. Work to
improve data quality, usability, and integration. Clarify responsibilities for data
and manage the conflicts between security, privacy, and compliance requirements
and information delivery. Finally, CIOs should consider reorganizing to facilitate
the convergence of operational with decision support data, and unstructured with
structured data.
4. Listening and engaging. Ensure your company is listening to its customers and
others to find out their concerns and interests. Build deliverables that will engage
customers with the company and provide superior customer service. Identify
“killer apps” and highlight their value and relevance to customers.
5. Consider hiring a graphic designer. This will support IT in developing intuitive
and easy interface designs and efforts to move to mobile devices.
6. Support actions that improve use. Communicate the link between use and value
to keep teams focused on usefulness and ease of use in social media/big data
Today, many organizations are thinking
about how to use social technologies and new
forms of data to change the products and ser-
vices we use daily. Over the next few years,
they will create new information platforms
on which ideas that we never dreamed of
will surface. Social media and the data they
generate are still immature as are other new
types of data and companies should therefore
adopt them in an evolutionary fashion rather
than in a “big bang.” However, they cannot
be ignored because they are going to be a part
of every business. The question is, how big?
The key to success is learning how to manage
and think about data in an evolutionary way.
If companies don’t begin, they won’t know
what they can leverage and risk being disin-
termediated by those that are willing to try.

194 Section III • IT-Enabled Innovation
Austin, T., D. Cearley, J. Mann, G. Phifer, D.
Sholler, K. Harris, T. Bell, R. Knox, M. Cain,
and M. Silver. “Predicts 2007: Big Changes
Ahead in the High Performance Workplace.”
Gartner Research Inc., ID Number: G00144476,
December 5, 2006.
Beath, C., I. Bercerra-Fernandez, J. Ross, and
J. Short. “Finding Value in the Information
Explosion.” MIT Sloan Management Review 53,
no. 4 (Summer 2012): 18–20.
Davenport, T. “Analytics 3.0.” Harvard Business
Review, Reprint No. R1312C (December 2013).
Davenport, T., P. Barth, and R. Bean. “How Big
Data is Different.” MIT Sloan Management
Review 54, no. 1 (Fall 2012): 43–46.
Fitzgerald, M., N. Kruschwitz, D. Bonnet, and M.
Welch. “Embracing Digital Technology: A New
Strategic Imperative.” MIT Sloan Management
Review 55, no. 2 (Winter 2014): 1–12.
Kiron, D., and R. Shockley. “Creating Business
Value with Analytics.” MIT Sloan Management
Review 53, no. 1, Reprint No. 53112 (Fall 2011).
Kiron, D., D. Palmer, A. N. Phillips, and R.
Berkman. “The Executive’s Role in Social
Business.” MIT Sloan Management Review 54,
no. 4 (Summer 2013): 83–89.
Kruschwitz, N. “The Second Annual New Intelligent
Enterprise Survey.” MIT Sloan Management
Review 54, no. 4 (Summer 2011): 87–89.
Laney, D., and A. White. “Agenda Overview
for Information Innovation and Governance
2014.” Gartner Research Inc., ID Number:
G0025982, January 10, 2014.
LaValle, S., E. Lesser, R. Shockley, M. Hopkins,
and N. Kruschwitz. “Big Data, Analytics and
the Path from Insights for Value.” MIT Sloan
Management Review 52, no. 2, Reprint No. 52205
(Winter 2011).
Maoz, M., J. Davies, J. Sussin, and O. Huang.
“Predicts 2014: Customer Support and the
Engaged Enterprise.” Gartner Research Inc., ID
Number: G00257816, November 15, 2013.
Marchand, D., W. Kettinger, and J. Rollins.
“Information Orientation: People, Technology
and the Bottom Line.” MIT Sloan Management
Review (Summer 2000).
Marchand, D., and A. Peppard. “Why IT Fumbles
Analytics.” Harvard Business Review 91, nos. 1,
2 (January/February 2013): 104–12.
McAfee, A., and E. Brynjolfsson. “Big Data: The
Management Revolution.” Harvard Business
Review 90, no. 10 (October 2012): 61–68.
McKeen, J., and H. Smith. IT Strategy: Issues and
Practices, 2nd ed. Upper Saddle River, NJ:
Pearson, 2012.
Piccoli, G., and F. Pigni. “Harvesting External Data:
The Potential of Digital Data Systems.” SIM
Advanced Practices Report, August 5, 2012.
Redman, T. “Data’s Credibility Problem.” Harvard
Business Review 91, no. 12 (December 2013):
Ross, J. “Do You Need a Data Dictator?” MIT
Sloan Management Review, Reprint No. 54123
(August 2012).
Smith, H., and B. Konsynski. “Grid Computing.”
MIT-Sloan Management Review 46, no. 1 (2004).
Smith, H., and J. McKeen. “Social Networks:
KM’s ‘Killer App?’” Communications of the
Association of Information Systems, 19, no. 27
(2007): 611–21.
Spanbauer, S. “Knowledge Management 2.0.” CIO
20, no. 5 (December 1, 2006).

C h a p t e r
14 Improving the Customer Experience: An IT Perspective
It used to be so simple. Customers “experienced” a company through its products or services. Brand managers handled the products and customer service handled any problems with services. Products were bought in only one or two ways and
services were developed accordingly. Thus, a store was the sole channel for retail
products, while the agent was the sole channel for insurance products and so on.
Today, of course, we live in a very different world of multichannel access, thanks
to a plethora of new Web-based computing devices. Now, we can find products
and services anywhere in the world, undertake transactions 24 × 7 from almost
anywhere with our mobile devices, and compare and contrast our perceptions, feel-
ings, and quality of interactions with others through new forms of social media.
As a result, an increasing number of businesses are looking to differentiate them-
selves not just on products or services but also on a superior customer experience
(Thompson 2011).
However, recognizing the need and delivering an outstanding customer
experience are two different matters. While all organizations give their customers an
“experience”—either positive or negative—few as yet have committed the time and
resources to analyze, manage, and improve it on an ongoing and holistic basis (Davies
and Thompson 2009). So where does IT fit into this mix? As with so much else, infor-
mation technology is essential to the solution but not the whole answer. There are
many stakeholders, technologies, and even strategies involved and no one “silver
bullet” (Thompson 2011). And yet “it is clear now that technology will be playing an
increasingly important role in delivering positive customer experiences and, when
implemented poorly, can destroy them” (Thompson 2011). A key challenge is delivering
a consistent experience across all channels, but technology is also important for improv-
ing both front office and online knowledge management, and listening and respond-
ing to customers after interactions are completed. As well, in order to address these
matters, there is considerable foundational work that needs to be undertaken by IT,
such as integrating all information about a customer, analyzing the different processes

196 Section III • IT-Enabled Innovation
involved in dealing with customers, and even coming up with a clear definition of what
the customer experience is1 (Thompson and Herschel 2009).
This chapter explores the IT function’s role in creating and improving an organi-
zation’s customer experiences. It first examines the nature of “customer experience”—
both its business value and its many dimensions. Then it describes the role technology
plays in creating experiences for customers and helping companies understand their
customers’ experiences. Finally, it looks at the foundational elements an IT organization
must put in place in order to be able to support and deliver enterprise–customer expe-
rience initiatives and describes some of the advice our focus group managers had for
others trying to improve their customers’ experience with IT.
Customer experienCe and Business value
Improving their customers’ experience was the top strategic priority for many members
of the focus group and an extremely high priority for all the others. One global study of
CEOs found that 88 percent of all CEOs selected “getting closer to the customer” as the
most important dimension of realizing their business strategy over the next five years.
It noted that
Customers encountering new products, services and experiences . . . are growing
less loyal to their brands . . . Reputations can be built and burned by opinions
shared online, “texted” or “tweeted” by friends, bloggers and advocacy groups.
CEOs told us they need to re-ignite customer interest and loyalty or risk losing
ground to competitors. (Korsten 2011)
There are many good business reasons for this strong interest in creating a posi-
tive customer experience. First and foremost, studies show that a consistent and excel-
lent customer experience positively impacts an organization’s bottom line. One found
that strong returns on investment of up to 50 percent are related to initiatives designed
to improve customer experience (Dardan et al. 2007). Profit and growth are primarily
stimulated by customer loyalty, which in turn is stimulated by customer satisfaction,
which is driven by positive customer experiences with an organization and its brands
and services (Thompson and Herschel 2009).
Conversely, today’s customers are more willing to complain, switch brands, and
tell others about it (Thompson and Davies 2011). “In our competitive world, customer
acquisition is expensive, so we want to retain them once we get them,” said a focus
group manager. For example, 59 percent of customers will stop doing business with
a brand after just one bad experience in just one channel (Gagnon et al. 2005). On the
other hand, 82 percent of consumers will recommend a brand to friends and family if
they have a satisfying experience with it (Kioa and Zapf 2002).
Second, customer experience can also be a strong company differentiator—both
positive and negative—thereby directly affecting sales. For example, Apple’s consistent
ability to delight its customers and make their experience with its products enjoyable
1 Voice of the Customer, Customer Relationship Management, Master Data Management, Customer Experience
Management and multichannel distribution are all interrelated aspects of this concept.

Chapter 14 • Improving the Customer Experience: An IT Perspective 197
illustrates that how a product or service is provided is as important as what is provided
(Meyer and Schwager 2007). In fact, an excellent customer experience is one of the most
sustainable forms of business differentiation (Thompson 2011). In contrast, poor quality
experiences can humiliate an organization and damage its credibility and stock prices,
and lead to customer determination to do business elsewhere (Meyer and Schwager 2007).
Efforts to improve customers’ experience can also result in a number of other
less well-known benefits to an organization, such as improved customer data qual-
ity, reduced operations and service costs, more effective brand launches, and better
segmentation and marketing (Sarner and Davies 2011). While customer experience
projects typically look at customer-facing applications, there are other less obvious
impacts on customers from back-end processes, such as billing and logistics (Thompson
and Davies 2011). One focus group manager found that her company’s invoicing prac-
tices not only had the largest impact on customer experience but also a very strong
potential to dissatisfy. Poor customer service at the end of the sales cycle in particular
can have a strong negative impact on customer experience as anyone who has been
trapped in “voice mail hell” or stuck on hold can attest (Alcock and Millard 2007). And
good customer service that enables customers to solve their problems with a minimum
amount of time and interaction can both save the company money and dramatically
improve customer satisfaction (Hopkins 2010; Jacobs 2011).
In short, today’s customers have growing expectations of the organizations
they deal with. They don’t want to waste time; want better options; and want their
relationship with an organization to be recognized and respected (Hopkins 2010). The
gap between their expectations and their experience spells the difference between an
organization’s ability to delight them or to repel them and will directly affect a firm’s
competitive advantage. Unfortunately, this gap is only too apparent in most modern
organizations. While 8 percent of customers described their experiences with organiza-
tions as superior, 80 percent of companies believe that they provide superior service
(Meyer and Schwager 2007). Focus group members agreed that their companies had
not focused on creating a good customer experience in the past. “We are gradually
changing our behaviour to ask what we can do to become more customer-centric,”
said one manager. “We are recognizing that while our vision for the type of customer
relationships we want is strong, we need to do a much better job in delivering on projects
that will build them,” said another.
many dimensions of Customer experienCe
“Customer experience” is a multidimensional concept that is often misunderstood or
poorly defined by organizations (Thompson and Herschel 2009). For example, many
organizations do not distinguish between surveys that measure satisfaction with a
particular experience or at a point in time and customer experience, which is a more
comprehensive, holistic, and continuous accumulation of a variety of experiences with
all aspects of an organization (Meyer and Schwager 2007). As a focus group manager
explained, “We are beginning to recognize that we must understand all our customers’
needs and experiences across many dimensions such as price, personal interaction, pro-
motions, products, processes, and place.”
Customer experience is thus not just customer service or customer relationship
management, although these are key components of it. Nor is it derived from a single

198 Section III • IT-Enabled Innovation
interaction or channel. It also varies according to the type of customer involved because
experiences are both rational and emotional (Davies and Thompson 2009). Altogether, it
encompasses customer touch points from every part of an organization, across multiple
channels and departments, and the full sales cycle from marketing to order processing
to billing to post-sales service.
As well, it incorporates both positive and negative experiences. One focus group
company assesses its touch points along two dimensions: their potential to delight or
dissatisfy, and the size of the impact if they succeed or fail. “All our departments must
recognize that they have a role to play in creating a positive (or negative) customer
experience,” said a manager. “We need to better understand customer perceptions of
our entire organization,” said another “and to recognize that different customers may
have different experiences.” Customer experience is also influenced by whether or not
a company is perceived to be actively working to address its problems (Markey et al.
2009). In short, customer experience is an enterprise challenge that reaches across all
parts of an organization, touch points, and channels (Dougherty and Murthy 2009).
Some additional dimensions customer experiences include the following:
• Consistency and reliability. Customer experience is shaped by expectations and
these, in turn, are positively influenced by products and services that deliver consis-
tently across channels, over time, and as promised (Thompson 2011).
• Knowledge and data. The ability of an organization to assist, support, and edu-
cate its customers is based on how well knowledge about products, services, and
customer preferences, is either built into its customer-facing applications or made
available to its staff (Jacobs 2011). In addition, organizations need to know about
their customers’ experiences in order to better understand and act to improve them
(Dougherty and Murthy 2009).
• Timeliness. Clearly, the best time to positively influence a customer’s experience
is while the customer is interacting with the organization. The longer it takes to
accomplish an interaction, the less likely a customer will be satisfied. This is partic-
ularly true if an experience is mediated by technology. Members cited studies that
showed that 65 percent of customers abandon online shopping carts if frustrated
(Kioa and Zapf 2002). They also stated that their firms lose millions of dollars if
their Web sites are down even for a few minutes.
• Innovation. Since it is now a strategic differentiator for organizations, innovation
is an increasingly important dimension of the customer experience. While many
think first about innovative usability, some suggest there are whole new layers of
customer experience that can be improved through the innovative use of technol-
ogy (Korsten 2011; Martin 2011). For example, one company that manufactured
medical scanning equipment used IT to create a personalized environment with
pictures and sound, which helped reduce anxiety in patients—something that had
never previously been thought of as a role for technology (Verganti 2011).
Finally, the focus group managers and researchers both stressed that it is impor-
tant for companies to hear what their customers are saying about their experiences and
to take action to improve problems. “We are now undertaking a wide variety of feedback
initiatives,” said a manager, “because we need a more nuanced understanding of how cus-
tomers are experiencing our company.” Unfortunately, too many organizations fear what
data will reveal about their organizations and don’t stress this dimension (Meyer and

Chapter 14 • Improving the Customer Experience: An IT Perspective 199
Schwager 2007). Getting real-time customer feedback is especially important so that prob-
lems can be quickly identified. In today’s connected world, rapid action to correct problems
is the best way to deal with specific issues that arise. “We are implementing technology to
get near real time feedback so we can take corrective actions at once,” said one manager.
Figure 14.1 combines all these dimensions into one holistic view of customer
the role of teChnology in Customer experienCe
Organizations today rely on technology for nearly every facet of customer interaction,
making IT a significant component of the customer experience (Violino 2005). Studies
show that companies are investing considerably in technologies that will affect cus-
tomer experiences. Ninety-one percent have automated some aspects of the customer
experience and 61 percent say that they are investing in IT in order to improve it (Violino
2005). And there are literally hundreds of vendors selling many different technologies to
“help” (Davies et al. 2011). A focus group manager described the scope of IT’s influence
in her organization as follows: “Technology and IT play a big role in a variety of cus-
tomer experiences. We’re using in-store kiosks for self-service; providing better informa-
tion for our staff; better analysing our customer data; improving our website; training
our staff better; simplifying our returns process, integrating products and services across
all our lines of business and offering the same consumer campaigns across all channels.”
There are several broad categories of technology that are typically thought of
in relation to customer experience management. These include technologies that are
customer-facing such as, customer relationship management (CRM), interactive voice
Feedback &
figure 14.1 A Customer’s Experience Has Many Dimensions

200 Section III • IT-Enabled Innovation
recognition (IVR), and online and mobile self-service applications. However, as we have
noted, there are many other customer touch points in organizations where IT is used,
such as billing, complaints and dispute resolution, and incorporating technology into
innovative products and services that will also affect the customer experience. Finally,
there are the underpinning technologies, such as master data management, knowledge
management, infrastructure management, and metrics and analytics that will in the
longer term make a huge difference in how a customer experiences an organization.
However, the use of technology by no means guarantees a positive customer
experience. All too often technology is substituted for people in an effort to slash costs,
resulting in a less satisfying or negative experience, rather than using it to create more
meaningful and positive experiences (Davies et al. 2011; Verganti 2011). Members of the
focus group agreed with this assessment. “We’ve used IT for cost reduction, seeing our
customer services as a factory model,” said a manager. Bad technology unfortunately
leads to a bad or mediocre customer experience. For example, one study found that
some companies hide behind their Web sites so that customers have no way to commu-
nicate with a human being (Weill 2008).
Effective architecture underpins a consistent and holistic approach to addressing
an organization’s customer experience needs. “We have typically proceeded to imple-
ment customer-oriented technology without the end architecture in mind and this has
been a mistake,” said a manager. “As a result, we’ve made assumptions in key decisions
based on superficial analysis.” Architecture is essential for delivering a consistent, cross-
channel customer experience and for ensuring that all touch points are well integrated,
explained another manager.
There is broad agreement that the most positive (and cost-effective) customer
experiences come from the right combination of investment in a combination of technol-
ogy, improved processes, and knowledgeable and empowered employees (Davies and
Thompson 2009; Jacobs 2011; Verganti 2011). Ideally, the channel used to interact with a
company should be the choice of the customer. Customers will then self-select an appro-
priate channel depending on the nature of the transaction, customer perceptions, time of
day, and concerns about privacy and security (Alcock and Millard 2007). Thus, an effec-
tive use of technology doesn’t degrade one channel (e.g., the telephone) in order to pro-
mote another (e.g., a Web site). Often this approach is not deemed to be cost-effective.
However, although enforced self-service can result in substantial cost savings for an orga-
nization, it can also translate into no service and become a brand destroyer (Alcock and
Millard 2007). In contrast, where technology is adopted taking direct customer input into
consideration, experiences tend to be viewed more positively (Sarner and Davies 2011).
Customer experienCe essentials for it
There is no shortage of advice about what IT needs to do in order to facilitate a positive
customer experience. However, the group agreed that there are five essential capabili-
ties that IT needs to develop, which will serve as foundational elements for whatever
customer initiatives a company decides to focus on:
1. Visioning. The ability to creatively envision how to create a more positive expe-
rience for customers came up over and over in the group. “We need to stop see-
ing IT as a back office function,” said one manager, “and develop better skills

Chapter 14 • Improving the Customer Experience: An IT Perspective 201
in researching emerging technologies and doing experiments.” Another added,
“We need to work more closely with the business and ask the right questions
so we can do creative problem solving.” Research stresses that innovation is
critical to delighting customers and that organizations can boost their capacity
for innovation by making more of an effort to understand them (Martin 2011).
As  Apple’s success has shown, “we must stop thinking that copying others will
yield uniquely attractive results” (Martin 2011). Instead, IT needs to envision
what technology can make possible and broaden its horizons about what can be
done to make services more meaningful (Verganti 2011). Many of these will only
be discovered through experimentation and trying out new ideas in the field,
said the focus group. Still others will come from “thinking like a customer” and
leveraging current capabilities. From these dreams, business and IT then need to
develop the strategies and capabilities that will deliver differentiated interactions
with customers (Feig 2007).
2. Customer Focus. Group members concurred that improving customers’ experi-
ence involves their companies and IT functions becoming more customercentric
and that doing this properly will involve redefining large parts of business pro-
cesses and systems. “The first thing we are doing is identifying specific touch points
where customers come into contact with our organization and analyzing their jour-
neys through the processes involved,” said one manager. Many experts in the field
also stress the need to analyze actual customer experience, rather than the generic
experience (Alcock and Millard 2007). In order to become more customer-focused,
IT staff must understand and internalize the customers’ point of view. Finding ways
to make the customer experience real for IT staff will build customer empathy and
improve IT’s ability to design appropriate technology. This can be done by sharing
customer stories and letters, and engaging front line staff to share their experiences
with customers. In addition, having selected IT staff meet with customers has been
shown to have a demonstrable impact on the quality of a design from a user’s point
of view and to be a significant source of inspiration for innovation (Grant 2011;
Heller 2011).
3. Designing for utilization. Because most IT projects now have an impact on cus-
tomer experience, designing for a positive experience has become a key IT capa-
bility (Shih 2012; Thompson and Davies 2011). There are several components to
effective design from a user point of view. First, it must be useful. Second it must
be useable. Third, it must be used. The real test of a good design is therefore not its
features but its utility (Alcock and Millard 2007). One focus group manager cited
a study that showed that 65 percent of customers abandon online shopping carts
due to usability barriers at a potential loss of $25 billion (Kioa and Zapf 2002). “We
should not be rewarding [IT] for ‘bloatware,’” said one researcher, “but for stuff
that people use and are happy to use and are willing to pay to use. . . . It’s customer
use that really matters now” (Hopkins 2010).
Other important elements of customer-centered design include the ability of
a customer to personalize how he/she interacts with a company through offering
different channels and combinations of human and technical interaction (Alcock
and Millard 2007). For example, it’s not good design to force customers to use a
Web site or IVR when they have complex needs or prefer to speak with a human
being. Properly designed technology will encourage customer use but incorporate

202 Section III • IT-Enabled Innovation
options for them. Similarly, business processes should also be designed to prevent
customers being handed off or made to wait (Feig 2007). The goal of good customer
experience design is to make it easy for people to interact with a company and to
minimize frustration across all touch points (Hopkins 2010). Finally, focus group
managers emphasized that an outstanding customer experience extends to the
design of the full range of customer interactions. “We should be designing an end-
to-end experience that addresses both upstream and downstream needs, as well as
purchases,” said one.
4. Data management. The delivery of complete, current, and accurate data is central
to the ability to provide high-quality customer service with technology (Feig 2007;
Jacobs 2011). This is one reason why many of the focus group’s companies are
undertaking master data management initiatives2 (Davies et al. 2011). Good infor-
mation is not only important for customer service representatives who interact with
customers, but it is also essential for the managers and executives who are working
to understand how best to address customer needs (Davies et al. 2011). Focus group
members pointed out that data should enable mangers to understand the customer
experience from a variety of perspectives across an organization, help resolve prob-
lems at first contact (a well-known satisfier), and identify problems that should be
However, going forward, even more data and better data classification
systems will be needed in order to personalize company services and offerings
to its customers (Davenport et al. 2011). “We want to create personalized,
memorable experiences,” said one focus group manager “and that means
having good data for customers and about them so that we can measure and
fine tune the customer experience.” The growing availability of social, mobile,
and location data is creating new data sets that can be mined to better serve
and delight customers. However, since this is a huge field, it is also important
to be  selective about the data that will be used to meet corporate strategies
(Hopkins 2010).
5. Delivery. Execution is where it all comes together. Well-designed customer
experiences can easily fall apart if they are not executed well and this is too often
the case, according to the focus group. The number one order of business, they
said, is to deliver existing products and services reliably and consistently across
channels and products. Several focus group members acknowledged that their
companies had different customer service experiences for different products or
different locations. They also spoke about having multiple customer experience
initiatives in different business units, which didn’t integrate or weren’t consistent.
“Ideally, the customer experience should be seamless across all channels,” said a
manager. Others underlined the importance of having both good technology and
knowledgeable and caring staff, who are themselves supported and empowered
by good technology. The key to effective execution of a customer experience there-
fore is to deliver technology that enables the right balance of human “touch” and
technical convenience for a particular customer in a particular situation (Alcock
and Millard 2007).
2 For a more complete discussion of this topic see “Master Data Management” at Pearson’s Web site.

Chapter 14 • Improving the Customer Experience: An IT Perspective 203
first steps to improving Customer experienCe
“Improving customer experience is a journey, not a project,” said a focus group manager.
Addressing it will take multiple small improvements that together add up to create an
overall positive impact (Thompson 2011). However, members of the focus group had
some advice and recommendations for those beginning this journey.
First, it’s important to take a holistic approach to it and doing this requires central
management. “We want to have ‘one company and one customer,’” said a manager. “In
the past, each business unit had their own unique approaches to improving customer
experiences. Now, we want to make it part of everything we do, so we’ve created an EVP
of Customer Experience.” Another company has also created a senior vice president
position to address all dimensions of customer experience. “This is giving us a single,
shared view of the customer across the entire value chain,” said the manager. Studies
show that 75 percent of companies still have fragmented customer processes that are
disconnected or disorganized. Appointing a single senior executive with responsibility
to improve customer experience thus provides the executive sponsorship that many
enterprisewide initiatives often lack (Thompson 2011).
Second, companies need to think clearly about the kind of value they want to
create with their customer experience strategy (Hopkins 2010). Unfortunately, this
critical discussion is often ignored as companies leap directly to what technology can
do for them. However, if value is not addressed, it is doubtful that IT will be able to
deliver what is expected (see Chapter 1). Thus, a company should first ask, “What
kind of world am I trying to create?” before determining what technology they need to
deliver it (Hopkins 2010). Focus group managers agreed strongly. “In the past, we’ve
traded off customer ease of use for cost containment and we’ve lost customers,” said
one. “We’ve realized that acquiring new customers is expensive and retaining them
is important.” Another cited research showing that having a clear customer relation-
ship management strategy and value proposition is a strong contributor to profitable
growth (Korsten 2011).
Third, it follows that an integrated business and IT strategy is needed to develop a
roadmap for improving the customer experience and to design the initiatives that will
operationalize it. A manager explained, “We believe that establishing a cross-functional
team, mapping key journeys from a customer point of view, and assessing gaps in our
corporate capabilities are critical to developing an effective strategy to improve cus-
tomer experience.” Another stated: “We have decided to have one view of the customer
and one common set of business rules. This is giving us common ground for cohesive
business-IT strategy development because we are all hearing the same message.”
Fourth, IT needs to identify and develop new capabilities to deal with custom-
ers, not just business users. “We need people who keep the big picture in mind and
who can connect the dots,” said a manager. Another added, “we need people with a
blend of business and IT skills—who can think like a customer, communicate in busi-
ness language, and ask ‘so what?’ questions.” Skills with designing experiments, learn-
ing about new and emerging technologies, usability design and testing, and working
with customers are all currently in short supply. “We must meet our customers on their
own turf,” said a manager. “While not all IT people can speak with customers, we must
be able to collaborate with our business colleagues and particularly with front line staff
to test new ideas.” One company is doing this by creating and engaging its various

204 Section III • IT-Enabled Innovation
customer “communities” to learn about how to improve its customer experiences with
different demographic groups.
Finally, the focus group stressed that IT must keep working away at the basics—
common data, integration across applications and channels, and reliability. “We need
to develop a single source of truth,” said a manager. “This is the best way to ensure
that we all have the same understanding and are working towards the same ends.”
Customers want and value simplicity and common data and integration ensures that
interactions are easy and convenient (Hopkins 2010). And these three basics are essen-
tial to delivering a consistent experience that will develop a positive perception of a
company and its products, which in turn will lead to customer satisfaction, loyalty, and
ultimately profitability (Thompson and Herschel 2009).
Until relatively recently, customers’ expe-
rience with a company was simply a by-
product of whatever business strategy an
organization selected. Outsourcing, IVR,
online “self-service,” and complex processes
apparently designed to confound the cus-
tomer and save the company money were
the order of the day. Consequently, when a
company did appear to care about its cus-
tomers’ experience, it was a breath of fresh
air. Apple’s huge success is based largely on
its “obsess[ion] about [customers’] experi-
ence and being dedicated to creating unique
improvements to delight them . . . cobbled
together in the most magical ways with the
[customer] rather than the scientist at the
center of the picture” (Martin 2011).
Today, customer experience is recog-
nized by most organizations as being essential
to their current and future success and, as a
result, it has become a top priority for most
executives. IT plays an integral part in almost
all customer experience initiatives and this fact
is putting new pressures on the IT function to
become more customercentric and think dif-
ferently about how technology is delivered
to the organization. As the members of this
focus group made clear, everything a com-
pany does—and especially its technology—
must now be designed with the customer in
mind. This is a significant shift of mind-set
for IT staff in particular, but it is an essential
one if technology is going to be able to deliver
on its potential to delight and differentiate.
For companies, the stakes are high: change
to meet rising customer expectations or lose
out against the competition and risk losing
customer loyalty and corporate reputation.
Alcock, T., and N. Millard. “Self-service—But Is It
Good to Talk?” BT Technology Journal 25, nos. 3
& 4 (July/October 2007): 313–20.
Dardan, S., R. Kumar, and A. Stylianou. “The
Impact of Customer-related IT Investments
on Customer Satisfaction and Shareholder
Returns.” The Journal of Computer Information
Systems 47, no. 2 (Winter 2007): 100.
Davenport, T., L. Mule, and J. Lucker. “Know
What Your Customers Want Before They Do.”

Chapter 14 • Improving the Customer Experience: An IT Perspective 205
Harvard Business Review 89, no. 12 (December
2011): 84–89.
Davies, J., J. Jacobs, and M. Maoz. “Balance
Customer Experience with Customer Service
Productivity in Customer Service Automation
Initiatives.” Gartner Inc., ID Number:
G00216492, September 2011.
Davies, J., and E. Thompson. “Manage the Customer
Experience to Improve Business Performance.”
Gartner Inc., ID Number: G00169030, June 30,
Dougherty, D., and A. Murthy. “What Service
Customers Really Want.” Harvard Business
Review 87, no. 9, Reprint No. 00178012 (2009).
Feig, N. “BPM: Beyond Workflow—Banks Are
Using Business Process Management to
Improve the Customer Experience.” Bank
Systems and Technology 44, no. 7 (July 2007).
Gagnon, J., H. Kleinberger, and G. Morrison.
The Customer-Centric Store: Delivering the Total
Experience. IBM Institute for Business Value (2005).
pdf/g510-4027-the-customer-centric-store .
Grant, A. “How Customers Can Rally Your Troops.”
Harvard Business Review 89, no. 6 (June 2011).
Heller, M. “The Customer Will See You Now;
CIOs and Their Teams Must Spend More
Quality Time With End Customers.” CIO 24,
no. 7 (February 1, 2011).
Hopkins, M. “Value Creation, Experiments and
Why IT Does Matter.” MIT Sloan Management
Review 51, no. 3 (Spring 2010).
Jacobs, J. “Case Study: Exploiting Agent Knowledge
to Enhance Customer Experience.” Gartner Inc.,
ID Number: G00213917, July 6, 2011.
Kioa, K., and M. Zapf. ISM/Forrester Research Report on
e-Business. October 2002.
Korsten, P. “The Essential CIO.” IBM Institute
for Business Value. Somers, NY: IBM Global
Business Services, 2011.
Markey, R., F. Reichheld, and A. Dullweber.
“Closing the Customer Feedback Loop.” Harvard
Business Review 87, no. 12 (December 2009).
Martin, R. “Canada, Like Steve Jobs, Should
Zero in on Innovation.” The Globe and Mail,
November 21, 2011.
Meyer, C., and A. Schwager. “Understanding
Customer Experience.” Harvard Business Review,
85, no. 2 (February 2007).
Sarner, A., and J. Davies. “Balance Customer
Experience with Marketing Productivity in
Marketing Automation Initiatives.” Gartner
Inc., ID Number: G00216115, September 2, 2011.
Shih, G. In Silicon Valley Designers Emerge as Rock
Stars. April 16, 2012.
Thompson, E. “Key Issues for Customer
Experience Management 2011.” Gartner Inc., ID
Number: G00213321, June 8, 2011.
Thompson, E., and J. Davies. “Ranking
Technology Projects by Improved Customer
Experience.” Gartner Inc., ID Number:
G00227323, November 9, 2011.
Thompson, E., and G. Herschel. “The Definition of
Customer Experience Management.” Gartner
Inc., ID Number: G00169354, August 7, 2009.
Verganti, R. “Designing Breakthrough Products.”
Harvard Business Review 89, no. 10 (October
Violino, B. “Focus on Customer Experience.”
Information Week, no. 1054 (September 5, 2005).
Weill, N. “Five Things I’ve Learned; Actors Know
a Thing or Two about Serving the Customer.”
CIO 21, no. 9 (February 15, 2008).

C h a p t e r
15 Building Business Intelligence
It goes without saying that every business wants to be intelligent in its strategies and actions and every business manager wants to make intelligent decisions. The question is therefore, how does a business or a manager become “more intelligent”?
Clearly, smart people, with lots of graduate degrees, good instincts, talents, and a little
bit of luck are going to be well on their way as individuals and their decisions should
benefit the organization, but is there a way to make everyone more intelligent? Are
there practices, methods, techniques, or processes that could raise the level of decision-
making performance of the whole organization such that it becomes more than the sum
of its parts?
While in principle IT has long been considered a key way to achieve business
intelligence (BI)—remember group support systems, decision support systems,
expert systems or knowledge management systems—in practice, few companies have
significant business intelligence capability in their IT organizations, nor do they
have plans to develop one (Bitterer 2010; Davenport 2007). Many reasons for this
exist including a lack of data standards and definitions, inadequate processing and
analytic power, poor data governance, and low priority among business executives.
Today, however, the situation is beginning to change. First, the business world has
become more complex and competitive and managers are looking for better ways to
understand their changing marketplace. Second, the Internet and the enhanced con-
nectivity it enables through Web sites, mobile computing, and social networking, is
generating huge amounts of data that have the potential to inform the organization
about its products, services and customers, and identify new and lucrative business
opportunities. Third, technology is finally catching up with the need. Data storage
has become cheaper; new analytic tools are available; and extra processing power is
available as needed through the cloud. Thus, many IT organizations are concluding
that it is time to look more seriously at business intelligence and how IT can effec-
tively enable it.
This chapter explores how IT can help make business intelligence a reality. It first
examines the nature of business intelligence, where it fits with other internal and exter-
nal forms of data, information and knowledge, and how it is evolving in organizations.

Chapter 15 • Building Business Intelligence 207
Next, it explores the demand for BI in organizations, what is driving it, and the value
organizations are seeking from it. Some of the obstacles to effective BI are then described,
as well as the role of IT in delivering BI. Finally, it concludes with ways managers can
improve BI in their organizations.
Understanding BUsiness intelligence
The first challenge when writing about BI is clarifying what is meant by this term. For
some, it appears to be another level in the data–information–knowledge–intelligence con-
tinuum, whereby data are collected, organized, connected with other data, analyzed, and
presented in a format that can be used to make decisions (Chowdhury 2011). For others,
it is characterized by the use of analytics to make better decisions, optimize a distinctive
capability or external relationship, or to provide customers with a new or augmented
product or service (Davenport 2013; Davenport and Harris 2007). Still others see BI as
different from analytics, focusing on integrating data from multiple internal and external
sources to provide historical, current, and predictive views of business operations (Shen
2011). Finally, BI has been portrayed as a set of information manipulation practices, such
as query, mining, reporting, and interactivity that is linked to but separate from informa-
tion management practices (including master data management, information architec-
ture, data quality, data administration, and data integration) (Bitterer 2010).
The members of the focus group did not spend time discussing an exact def-
inition of BI. Instead, they saw the term as referring to “an evolving ecosystem
around our data vision” or “an electronic nervous system.” They viewed BI as an
organizational capability that could be used to bring the right data, information, knowl-
edge, and intelligence to bear on a business problem, opportunity, or decision. This
capability builds on a strong foundation of good quality internal data, effective infor-
mation management practices, and a comprehensive and holistic knowledge of the
business and marries these to a variety of new and older types of internal and external
data and new practices for understanding, manipulating, and presenting data. Focus
group members stressed that it is the combination of data, practices, and knowledge
that creates good BI.
Their organizations all recognize that the nature of the data they use is changing
and becoming more complex. While traditionally their BI functions have focused on
historical reporting, BI is now morphing to enable more real time and predictive views
of business operations. The consensus of the group could be summarized as follows:
Our BI activities should help us develop the capability to
• Anticipate the future instead of reacting to the past;
• Empower employees’ memory, insight, and reach and give them the authority to decide
and act;
• Sense what is happening in the organization’s environment through gathering and
using both internal and external structured and unstructured information;
• Connect internal and external functions and resources across geographies to accom-
plish desired business outcomes;
• Question the status quo and create new opportunities;
• Focus on only the most relevant information to support timely decisions/actions
closer to the point of impact and consequence.

208 Section III • IT-Enabled Innovation
The focus group concluded that effective BI initiatives start with a cultural “infor-
mation orientation” that percolates through all organizational activities to develop
mechanisms to support processes and decisions with information; capabilities to dis-
cover new patterns, associations, and relationships among data; a flexible technical
infrastructure that incorporates new types of data and their governance into work for
added value; tools to exploit data more effectively; and the knowledge and skills to do
so at all levels of the organization. Figure 15.1 illustrates the many components of this
BI ecosystem.
the need for BUsiness intelligence
The need for good intelligence about a business, its customers, and its operations is not
new. In the 1990s, many companies jumped on the knowledge management bandwagon
seeking to build a knowledge-creating company and to use knowledge for strategic
advantage (Davenport and Prusak 1998; Hatten and Rosenthal 2001; Stewart 1997).
Similarly, the need for improved information to support decision making is something
that has been revisited about every six or seven years over the past three decades, using
slightly different names, such as decision support systems, executive support sys-
tems, online analytical processing (OLAP), and competitive analytics (Davenport 2013;
Davenport and Harris 2007).
What is new is the recognition within IT, if not the rest of the organization, that BI
is a top priority for new IT development (Davenport and Harris 2007; Hostmann et al.
2009). For CIOs, there are two major reasons for this new interest:
• Reports
• Dashboards
• Data mining
• Information-
enhanced processes

• Queries
• Graphics and
• Real-time analysis
• Historical, current,
and predictive analysis
• Information-
enhanced products and
• IM strategy and
• Enterprise information-
• Metadata
• Data management
• Data integration
• Data quality
• Data administration
• Transaction data
• Internal structured
• Internal unstructured
• External structured
• Master data
• External unstructured
• Real time data
figUre 15.1 The BI Ecosystem

Chapter 15 • Building Business Intelligence 209
1. The explosion of data. It is well documented that both the amount and type
of data are increasing exponentially and this is creating both headaches and
opportunities for the IT function (Hopkins et al. 2010; Shen 2011). Combined with
lower storage costs and increased processing power, companies are now able to
capture, store, and analyze a much wider variety of data than in the past. Chief
among these are a wide variety of unstructured data such as e-mails, reports,
presentations, voice mail, photographs, videos, instant messages, blogs, tweets,
and Facebook postings (Mann 2010; Robb 2004). Estimates show that about
85  percent of data are now unstructured and this amount is doubling every year
(Mann 2010). Furthermore, it is coming from a much broader range of devices
and channels, such as mobile phones, social media apps, and tablets. And the
focus group is already anticipating the need to be able to capture and exploit
information from the physical value chain through RFID tags and other devices.
IT managers in the group feel it is important for them to be able use IT tools and
skills to capture, manage, and exploit these new forms of information for their
2. Changing information needs. The focus group also felt strong pressure from
the business side of the organization to do a better job of delivering just-in-time
information. “Our executives are screaming for data,” said one. “But we really
don’t know what they need in order to run the business.” Increasingly, informa-
tion needs to be presented in different and more holistic views, rather than in
traditional reports. For example, the shift toward enterprise thinking is driving
the demand for enterprise information. Executives want the “big picture” on
their products and customers. “We need to have a 360° view of our customer,”
said one manager. There is also a need to be able to explore data differently—
to uncover new patterns and trends and to do different kinds of analysis on it
(Chowdhury 2011). “Our business is pressing to have data served differently,”
said a manager, noting the proliferation of “data marts” in his organization, each
with a different subset of the same data. Furthermore, the enormous amounts
of data available are simply too difficult to comprehend without better analysis
and presentation. Without this, technological support managers’ ability to use
data effectively for decision making and innovation is impaired (Hemp 2009;
Shen 2011).
Finally, there is a growing recognition among business executives that organiza-
tions that are “sophisticated exploiters of data and analytics” are three times more likely
to be top performers than others (Hopkins et al. 2010). While not mentioned expressly
by the focus group, research is consistently showing that more effective use of infor-
mation affects both company performance and customer satisfaction ( Davenport and
Harris 2007; Marchand et al. 2001).
the challenge of BUsiness intelligence
Although there was little disagreement about what effective BI looks like and its value,
the focus group and researchers also recognize that this vision is extremely difficult to
attain. “Few executives receive the information they say they could use,” one study
noted (McGee 2004). Another found that while 9/10 companies say BI is strategic to

210 Section III • IT-Enabled Innovation
them, virtually none (2 percent) have a BI strategy (Bitterer 2010). A third compared
how well companies believe they are doing with BI (4.5/10) with how well experts feel
they are doing (2.2/10) (Hopkins et al. 2010).
Focus group members cited a number of obstacles they face in helping their com-
panies improve BI. These include the following:
• Perspective. One of the biggest challenges said the group is changing organiza-
tional mind-sets and culture regarding data. “We’ve never looked at data this way
and so we don’t know what we want to be,” said a manager. “Our managers still
stress intuition, not facts and their focus is local, not enterprise,” said another. A third
manager cited disagreements between business units seeking to better understand
the company’s customers. “Instead of working together to come up with a com-
mon definition of ‘customer,’ they are all fighting about who ‘owns’ the customer,”
he said. BI experts concur that business perspectives need to change. “There is a
huge  chasm between leveraging information as an enterprise asset and predicting
future outcomes through deep data analysis . . . and reviewing reports and making
reactive decisions” (Mohanty 2011).
• Lack of business knowledge. Group members stressed the need to truly under-
stand business data and the context in which it is generated. “We need to get at
the real questions and develop the right questions,” said one manager. Another
explained “we are struggling to understand the real meaning of pieces of data. For
example, we have many different meanings of the term ‘in-stock’ in our business,
so we need to figure out what this means before we can provide good information
on whether or not items are in-stock.” Both business and IT leaders tend to lack
knowledge and skills about how best to use BI to improve the business (Hopkins
et al. 2010). “We don’t know what we don’t know and it’s difficult to be perceptive
about BI without a full range of knowledge,” said a manager.
• Lack of sponsorship and accountability. In spite of the demand for better infor-
mation, businesses have been slow to invest in BI. “It’s still not a priority at senior
levels,” a manager explained. Without funding and sponsorship, IT is finding it
difficult to develop effective data governance mechanisms. “BI is a significant cost
and it’s an uphill battle to sell a structured approach,” explained a group member.
“We have no executive accountable for BI and no common governance or data defi-
nitions so data can’t be reconciled. This leads to everyone doing their own thing.”
“We have the ‘wild west’ out there!’,” said another.
• Silo thinking. Traditional silo thinking has been exacerbated by the lack of gover-
nance and enterprise perspective and has resulted in fragmentation and duplication
of data. “We have spreadsheets everywhere!” said one manager. “Everyone’s going
for local optimization.” Group members explained that many business partners are
frustrated with the inflexibility of standard data warehouses. As a result, they build
their own “data marts” containing the information they alone need and these have
limited utility and availability across business functions. “Control versus flexibility
with data is an ongoing issue,” said one member.
• Lack of BI skills. BI sits squarely between the IT function and business
and requires both business and technical skills, a combination that is hard to
find. Focus group members explained that a BI skillset requires competencies
in data management, analytics, BI tools, statistics, thought leadership, and

Chapter 15 • Building Business Intelligence 211
interpretation of data. This is consistent with studies that have shown that
companies lack analytics and interpretive skills to use BI strategically or com-
petitively (Hopkins  et al. 2010). “We need to revalidate our interpretations to
understand which data are best and we need a model for interpreting patterns
and trends that is consistent across the business,” said a manager. “We must feel
comfortable with our models and interpretations and then integrate context.”
the role of it in BUsiness intelligence
As with so much else in IT in recent years (e.g., e-business, social media, and strategic
applications), the focus group stressed that successful BI requires active business
involvement at all levels. The experts have surprisingly little to say about IT responsi-
bilities for BI; many simply assume that the right technology with the right data will be
there for the business to work with. Ideally, there is broad consensus that IT provides
the “heavy lifting” of BI work, while the business provides the knowledge of what is
needed and ability to manipulate and interpret data to provide intelligence (Hostmann
et al. 2009). However, the reality in many companies is that “the business has abdicated
thought leadership on BI to IT,” a manager stated. Typically, in the focus group, IT is
taking the initiative on BI just to get it started. “We are working on building the founda-
tions for BI,” said one manager.
There is a clear gap between the disciplined approaches IT feels are needed to
“bring it all together for the common good” and the “get it done now” demands for
particular information made by business leaders (Meehan and Roberts 2010). Thus,
while IT staff try to view the BI picture holistically, with strategies, architectures, models,
data definitions, taxonomies, and governance, the business partnerships, vision, and
interpretive skills also needed are often lacking (Mohanty 2011). In business, “data is
[still] too often seen as a technology issue, rather than a business asset” (Mann 2010).
BI cannot be implemented on any scale without technology and IT organizations
are still coming to terms with the scope and complexity of the issues involved in creat-
ing common data, managing it effectively, and delivering it to multiple functions and
layers in the organization. It is impossible to cover these topics in depth here, so this
section simply provides a high-level overview of the major IT activities that contribute
to successful BI. All too often, these are either not visible to others in the organization or
the effort involved in accomplishing them is not well understood.
The focus group identified four sets of IT activities that together form the founda-
tion of IT’s role in BI:
1. BI strategy and planning. Although focus group members understood the gen-
eral vision for BI, most didn’t have a clear strategy or roadmap for how to achieve
it in their organizations. A BI strategy is broader and more business focused than
an information strategy and architecture. Since its stakeholders are almost every-
one in the organization, BI plans and strategies need to be inclusive at the high
level, recognizing the widely diverse types of BI and their value, and incorporat-
ing governance to focus resources on enterprise priorities. Both IT and business
need to be part of this process because BI must integrate both with other business
strategies and with the technology and information architectures used by IT to
guide its work (Bitterer 2010). Focus group members believed that at this point

212 Section III • IT-Enabled Innovation
in its evolution, BI strategy and planning is more likely to be an exploratory and
iterative process that helps focus the organization in this area, rather than a formal
process that is prescriptive in nature.
2. Data acquisition and management. There is still much to be done in simply
understanding and improving the data that already exist in most organizations,
said the focus group. Duplicate data, multiple data marts, and inflexible data ware-
houses that cannot incorporate new forms of data, are the norm for many. “Much
useful data lies in spreadsheets that are all over our organization,” said a man-
ager. “People don’t trust our data warehouse,” said another. The “holy grail” of IT
is to have a single authoritative source for all data. Thus, most have master data
management and data definition initiatives to work on their core structured data.
Beyond this, focus group members are streamlining their applications to reduce
duplicate data stores and revisiting their data warehouse strategy and technolo-
gies to make them more useful. Data architectures are being developed to minimize
redundancy and incorporate new types of data. And increasingly, external data—
both structured and unstructured—will need to be part of data architectures and
plans, as will real-time data. Focus group managers recognized that they will not be
able to control all data but they felt strongly that core company data need to be bet-
ter managed. “Our goal is to have a governed space that is managed tightly,” said
a manager, “and a user-defined space that allows the business to play with data in
any way they want.”
3. Information management. This involves improving the value that can be obtained
from data by developing a framework within which information can be developed
from it. It includes information architecture, data integration, aggregation, context
(metadata), quality, governance, security, and privacy activities. Building trust in
information is a key driver of this work (Bitterer 2010). “If we are going to make busi-
ness decisions based on information, we need to trust that it’s accurate,” explained a
manager. Usefulness is also essential and better understanding of business needs is
necessary before this can be developed. Information is typically provided in reports,
dashboards, and subject area infomarts. Unfortunately, much information in organi-
zations is not used and there is still no clear understanding of what makes it useful
(Davenport and Snabe 2011). As we have noted elsewhere, high quality informa-
tion management must be a collaborative effort between business and IT, incorpo-
rating attention to information behaviors (e.g., sharing), risks, value, and roles and
accountabilities (e.g., data stewardship) (see Chapter 11).
4. Intelligence delivery. IT has long been responsible for the basics of information
delivery, that is, reports and dashboards, and for providing the data warehouses
against which queries can be run and historical analysis done. More recently, the
knowledge management movement sought to enhance organizational processes
and services with useful knowledge that would make them easier to perform, pro-
vide decision support, or add value (Smith et al. 2006). However, most organiza-
tions have not yet been able to take the next step to use information strategically
or do real-time or predictive analysis (Bitterer 2010; Chowdhury 2011). New tools
are therefore needed to help them model, interpret, and present information so it
can be used to solve business problems and make business decisions (i.e., to create
intelligence). Intelligence delivery cannot be done in a structured way, agreed the
focus group, because the business environment is simply too dynamic. This is the

Chapter 15 • Building Business Intelligence 213
core of the challenge of BI, they believe, because while IT can provide the data, the
tools to manipulate it, and the mechanisms to present it effectively, they are still
not asking the right questions or doing the right analysis to understand how intel-
ligence can best be delivered and to whom (Davenport and Snabe 2011; Hostmann
et al. 2009). Until this happens, intelligence delivery will likely be plagued by the
“knowing–doing” gap, in which clear links are not made between information and
desired actions (Pfeffer and Sutton 2000).
improving BUsiness intelligence
Although there are pockets of BI excellence in many organizations and some companies
that are actually competing on it, for most, improving BI remains an iterative, evolution-
ary process rather than a straight line journey (Bitterer 2010; Davenport and Harris 2007).
Unfortunately, a company’s information maturity may not equate to a strong BI capability
(Finneran and Russell 2011). Although the first is foundational, culture, perspective, skills,
and decision processes all need to be addressed to be able to use information intelligently
for business decisions and competitive advantage (Mohanty 2011). Although there are no
textbook answers about how to improve BI, the focus group and research are beginning
to discover practices that can help move companies in the right direction:
1. Learn from the past. If the failure of knowledge management has taught us
anything, it is that it is not easy to influence how people use information for decision
making or to change what they do:
One of the main reasons that knowledge management efforts are often
divorced from day to day activities is that the [people] who design and build
the systems for collecting, storing and retrieving knowledge have limited,
often inaccurate views of how people actually use knowledge in their jobs.
(Pfeffer and Sutton 2000)
All too often, incorrect assumptions are made about what information is
wanted or needed in a given activity (McGee 2004). Therefore, learning about how
people utilize knowledge for action and then using this as the basis for improv-
ing an organization’s intelligence is critically important for successful BI. The key
to delivering useful knowledge for action is developing the links between a direct
action in a specific setting and the information that can drive or facilitate it (Dixon
2000). The most effective way to do this is to build linkages backward from a specific
desired action in a core capability toward the acquisition and packaging of targeted
intelligence for a specific group in ways that it finds useful. Though this may seem
like common sense, “it is interesting how uncommon, common sense is in its imple-
mentation” (Pfeffer and Sutton 1999).
2. Have a strategy for continuous improvement. Organizations need a strategy for
making sure that intelligence continues to be useful and used. Companies are typi-
cally littered with databases that no one uses because they are out of date or not
complete. Successful BI initiatives consistently anticipate the need to maintain and
improve the quality and type of information provided as their users learn more
about what is possible, useful, and practical to do (Smith et al. 2006). For example,
as one organization learned what information people would like to know about

214 Section III • IT-Enabled Innovation
others in the organization, it made an increasing number of connections to new
sources of information (e.g., availability, skills). Ultimately, this BI application has
now become a key tool in the globalization of the firm’s work. Ideally therefore,
BI should evolve as methods of gaining insights improve (Ball 2010). As a focus
group manager noted, “you must stay flexible and be willing to change the tool to
fit working with people.”
3. Focus. “Implementing BI can be like trying to boil the ocean,” said one manager.
“It’s impossible.” Clear focus on targeted pain points where BI can make a differ-
ence is therefore essential, agreed the focus group. Successful initiatives take “a
relentless focus on a very limited set of burning business questions to guide users
to BI-enabled decisions with maximum impact” (Roberts and Meehan 2010). Within
this targeted area, it’s best to bring multiple points of view to bear on the issue
at hand. For example, Proctor and Gamble did a large statistical survey to under-
stand its customers’ needs but also sent employees out to live with families to learn
about them first hand and in context (Kanter 2011). By focusing on a goal, it is also
easier to target the specific data that are needed and how these might be changing
over time (Ball 2010). Finally, focus helps to bring executive attention to bear on
the value being delivered by BI, which can result in improved sponsorship and
resources (Hemp 2009).
4. Cross-functional governance. It should not be surprising to learn that cross-
functional governance is needed for BI initiatives, which tend to have broad
organizational scopes. Most members of the focus group mentioned developing
effective governance processes as being central to BI success. What is important to
note is that such processes are required at several different levels and also need to
be integrated with one another. For example, data governance is needed to develop
data definitions and come to a “single version of the truth” for core company
data. Strong governance is also needed for information management practices,
such as determining acceptable levels of risk, privacy and security, how to deal
with regulatory matters, and determining what is core and noncore data. Finally,
BI governance is needed to focus BI and develop a plan for its evolution. With the
increasing use of external sources of data in BI processes, decisions also need to
be made about whether or not to trust a source and how use of this data could
have strategic implications for an organization (e.g., if it is no longer produced or if
the company producing it decides to charge for it).
5. Acquire new IT and analytics skills. More than any other aspect of IT work, BI
requires the integration of technology and business knowledge to be successful,
said the focus group. “We will need a collaborative BI team in IT at all times,”
one manager stated, “because we need to understand business data deeply.”
Furthermore, if IT is to lead and facilitate BI, at least initially, as many believe,
IT staff will need the skills to bridge the gap between traditional business and
technical areas of expertise (Hostmann et al. 2009; Schlegel 2010). And while good
BI requires the right people asking the right questions, it also needs the right
information and tools to do the job successfully (Gassman et al. 2010). Other skills
that will need to be acquired under the “BI umbrella” whether in the business
or within IT, include improved analytics skills to test hypotheses, predict future
trends, and discover new patterns in data; improved visualization and simulation
skills to present information effectively; and the ability to utilize these insights

Chapter 15 • Building Business Intelligence 215
in decisions, new products, services, and strategies. People with these capabili-
ties are hard to find and BI skills will need to be developed internally as well as
acquired if BI is to be used proactively rather than reactively.
6. Take process views. Both decision making and innovation can be viewed as pro-
cesses that connect the organization horizontally (Ball 2010; Roberts and Meehan
2010). Ideally, the more BI can be embedded in processes, the more likely it is to
be effective (Shen 2011). As already noted, such processes are complex blends of
insight, information, and behavior that a BI team is more likely to get wrong before
it gets right (Kanter 2011). The key to success is to focus on a process that really
matters to the business and to design the analytic capabilities needed to enhance
it. Agile development processes are ideal because these let a BI capability evolve
as new insights emerge (Ball 2010). Some aspects of a process that could benefit
from BI include reducing event-to-decision latency, automating common analysis
tasks, ensuring consistent analysis, and capturing and reusing expert knowledge
(Davenport and Snabe 2011; Mohanty 2011).
7. Move from the inside out. BI is likely to be more successful if it grows organically
rather than as a one-time comprehensive initiative (Mohanty 2011). Many focus
group organizations are already doing BI in smaller ways at a business unit level
and are looking for ways to incorporate enterprise and external data to make what
they are doing more useful. This is an effective strategy, given most organizations’
lack of sophistication in this area (Hopkins et al. 2010). Managers need to recognize
that BI is still maturing and take an experimental approach to its use in business,
while at the same time working on the foundational data and information that will
be needed to make it successful (Gassman et al. 2010; Mann 2010).
8. Tell stories to articulate value. The value of BI is still unclear, said the focus group
and it is hard to document it with quantitative benefits. “The best way to capture
the value of BI is through stories told by the business,” said one manager. This con-
clusion is very much in keeping with the conclusions of knowledge management
experts (e.g., Denning 2005; Nonaka and Takeuchi 2011), who believe that the com-
plex benefits of higher order knowledge are best articulated qualitatively rather
than quantitatively.
9. Watch out for implementation. Too often, managers become dependent on the
explicit aspects of BI and forget their context, leading them to invalid conclusions and
inappropriate decisions (Nonaka and Takeuchi 2011). There are many ways that BI
can be implemented badly. For example, one manager found that “there’s a fine line
between customer loyalty and stalking the customer” in her BI work. Immaturity
about BI can also lead to bias and “group think” rather than better decision making
(Gassman et al. 2010). Novel situations can be dismissed as insignificant and hard-
ened preferences get in the way of good decisions (Kanter 2011). Training in how to
use intelligence appropriately is therefore essential. For example, some European
banks used analytics to identify their most profitable customers and then discarded
their least profitable ones. Scandal ensued and governments had to pass legislation
to force the banks to accept clients who receive disability and other social support
payments (Davenport and Harris 2007). In short, access to intelligence is simply
not enough; managers need “practical wisdom” to make prudent judgments. This
can be summarized as, “know why; know how; and know what should be done”
(Nonaka and Takeuchi 2011).

216 Section III • IT-Enabled Innovation
BI is not a new idea but it is one to which
organizations keep returning on a regu-
lar basis. This time, the technologies, the
data, and the perspective have changed
and become broader and more complex,
while at the same time enabling an infinite
number of new possibilities for supporting
organizations with analysis and intelligence.
This chapter has clarified some of the
similarities and differences between the cur-
rent pressures for BI and those of the past
and outlined a holistic view of BI that incor-
porates both the IT foundations of data and
information management and the uses to
which these can be put to derive value for
the organization. It is clear that organiza-
tions will need to do a better job at all three
levels if BI is going to realize its promise.
While there is much theoretical value to
be gained from BI, the fact remains that
there are many complex organizational and
behavioral challenges to be addressed before
it can be realized. IT has the opportunity to
take a leadership role in BI but its ability to
do so is limited by how much it understands
about the business and its ability to integrate
technical and business knowledge to deliver
intelligence. Its success in the future will
depend on how well it can develop these
new capabilities.
Ball, M. “Five Simple Steps to Better Decisions: Your
Business Processes Can Lead You to Targeted
Variables for Improvement.” Information
Management 20, no. 5 (September 1, 2010).
Bitterer, A. “The BI(G) Discrepancy: Theory and
Practice of Business Intelligence.” Gartner Inc.,
ID Number: G00176038, August 2, 2010.
Chowdhury, S. “A Soft Computing Environment
for Data Mining.” The Business Review,
Cambridge 18, no. 1 (Summer 2011).
Davenport, T. “Analytics 3.0.” Harvard Business
Review 91, no. 12 (December 2013).
Davenport, T., and J. Harris. Competing on
Analytics: The New Science of Winning. Boston,
MA: Harvard Business School Publishing, 2007.
Davenport, T., and L. Prusak. Working Knowledge:
How Organizations Manage What They Know.
New York: Boston, Harvard Business School
Press, 1998.
Davenport, T., and J. Snabe. “How Fast and
Flexible Do You Want Your Information,
Really?” MIT Sloan Management Review 52, no.
3 (Spring 2011).
Denning, S. The Leader’s Guide to Storytelling:
Mastering the Art and Discipline of Business
Narrative. San Francisco: Jossey-Bass, 2005.
Dixon, N. Common Knowledge. Boston, MA:
Harvard Business School Press, 2000.
Finneran, T., and B. Russell. “Balanced Business
Intelligence: Each Level of BI is a Stepping
Stone that Adds Capability to Meet Growing
User Needs.” Information Management 21, no. 1
(January 1, 2011).
Gassman, B., R. Sallam, A. Bitterer, J. Hagerty, and
N. Chandler. “Predicts 2011: New Relationships
will Change BI and Analytics.” Gartner Inc., ID
Number: G00209225, November 25, 2010.
Hatten, K., and S. Rosenthal. Reaching for the
Knowledge Edge. New York: Amacom, 2001.
Hemp, P. “Death by Information Overload.” Harvard
Business Review 87, no. 9 (September 2009).
Hopkins, M., S. LaValle, F. Balboni, R. Shockley,
and N. Kruschwitz. “Ten Insights: What Survey
Reveals about Competing on Information and
Ten Data Points: Information and Analytics at
Work.” MIT Sloan Management Review 52, no. 1
(Fall 2010).
Hostmann, B., N. Rayner, and G. Herschel.
“Gartner’s Business Intelligence, Analytics
and Performance Management Framework.”
Gartner Inc., ID Number: G00166512, October
19, 2009.

Chapter 15 • Building Business Intelligence 217
Kanter, R. “Zoom In, Zoom Out.” Harvard Business
Review 89, no. 3 (March 2011).
Mann, J. “Highlights for the Business Intelligence
and Information Management Track at Gartner
European Symposium/ITxpo 2010.” Gartner
Inc., ID Number: G00209468, December 6, 2010.
Marchand, D., W. Kettinger, and J. Rollins. Making
the Invisible Visible. Chichester, England: John
Wiley & Sons, 2001.
McGee, K. “Give Me that Real-Time Information.”
Harvard Business Review 82, no. 4 (April 2004).
Meehan, P., and J. Roberts. “Executive Summary:
Business Intelligence and Decision Impact.”
Gartner Inc., ID Number: G00200706, May 1, 2010.
Mohanty, S. “Having Analytics May Not Be Enough:
Organizations Need to Improve Business
Intelligence and Decision-Making through
Guided, Predictive Analytics.” Information
Management 21, no. 1 (January 1, 2011).
Nonaka, I., and H. Takeuchi. “The Wise Leader.”
Harvard Business Review 89, no. 5 (May 2011).
Pfeffer, J., and R. Sutton. “Knowing ‘What’ to
Do Is Not Enough: Turning Knowledge into
Action.” California Management Review 42, no. 1
(Fall 1999).
Pfeffer, J., and R. Sutton. The Knowing-Doing Gap.
Boston, MA: Harvard Business School Press, 2000.
Robb, D. “Getting the Bigger Picture: Dealing with
Unstructured Data.” Datatmation (September 13,
Roberts, J., and P. Meehan. “From Business
Intelligence to Intelligent Business,” Gartner Inc.,
ID Number: G00208713, November 11, 2010.
Schlegel, K. “Prepare for Customer-Facing
Business Intelligence.” Gartner Inc., ID
Number: G0020630, October 15, 2010.
Shen, G. “Unplugged: The Disconnect of Intelligence
and Analytics.” Information Management 21, no. 1
(January 1, 2011).
Smith, H. A., J. D. McKeen, and S. Singh.
“Making Knowledge Work: Five Principles for
Action-Oriented Knowledge Management.”
Knowledge Management Research and Practice 4,
no. 2 (2006).
Stewart, T. Intellectual Capital: The New Wealth of
Organizations. New York: Doubleday, 1997.

C h a p t e r
16 Enabling Collaboration with IT1
Our increasing connectedness is driving new ways of working together to deliver business value. Globalizing organizations, outsourcing, mobile work, innova-tion, interorganizational teams, innovation, and reaching out to suppliers and
customers are driving today’s need to improve collaboration within firms. And, of
course, IT is at the center of these trends. A study on what makes widely dispersed
virtual teams effective found that, contrary to expectations, technology was a significant
factor in facilitating their success (Majchrzak et al. 2004). However, literally hundreds of
software packages are being promoted for improving collaboration. These technologies,
such as virtual worlds, Web 2.0 applications, social networking, content management,
and new ways of communicating (e.g., blogs, wikis, instant messages, tweets) appear
almost daily and are being adopted and adapted rapidly in the wider society. They are
challenging many of the traditional conventions of how work is done and the role of IT
functions themselves.
As the menu of available technologies widens, becomes virtually free, and employees
clamor to use them anywhere, anyplace, and anytime, IT managers are asking many
questions including the following:
• What is the business value of these technologies?
• What is the best way to assess them and make decisions about their use?
• How can these technologies best be managed and adapted for organizational
Furthermore, as new technologies appear, businesses are experimenting with dif-
ferent types of collaboration, such as those already listed, and IT functions are often
expected to make collaboration happen through the implementation of technology,
even though technologies are only one piece of any collaboration initiative. Certainly,
1 This chapter is based on the authors’ previously published article, Smith, H. A., and J. D. McKeen. “Enabling
Collaboration with IT.” Communications of the Association for Information Systems 28, no. 16 (March 2011): 243–54.
Reproduced by permission of the Association for Information Systems.

Chapter 16 • Enabling Collaboration with IT 219
IT functions provide the “heavy lifting,” such as connectivity and information integrity,
without which most collaboration efforts would not be effective, and a well-designed
IT architecture is a key enabler of collaboration (Johansen 2007). And, at the most basic
level, IT also protects the privacy and security of information and users. But how new
applications are implemented is often as important as the technology itself in deliver-
ing business value. As one IT manager stated, “We sometimes jump directly to the tool
without thinking through the strategy and tactics involved.” As a result, IT managers
can sometimes feel that the deployment of collaboration is less than optimal.
This chapter explores IT’s role in enabling collaboration in organizations, and at
the same time what IT’s role should not be (i.e., what responsibilities and accountabi-
lities should properly be the function of the business). It accomplishes this by iden-
tifying the principal forms of collaboration used and the primary business drivers
involved in them, how business value is measured, and the roles of IT and the business
in enabling collaboration. The chapter first looks at some of the reasons why collabora-
tion is becoming so important in organizations and the business value it enables. Next it
examines some of the different characteristics of collaboration in various organizations.
Focus then switches to the key components of a collaboration program, how these
influence its effectiveness, and IT’s role in promoting collaboration. The chapter con-
cludes with a series of recommendations for IT managers to use as a guide for how they
can best facilitate collaboration in their organizations.
Why Collaborate?
There is no doubt that information and communications technologies are enabling
different ways of working—within organizations and between them. Who could
imagine life without texting? Without Google? Without cell phones? These technolo-
gies and others have changed forever how we interact with others both personally and
professionally, how we share information, and where work gets done. Thus, it should
be no surprise that there’s strong interest in collaboration among business practitioners
and academics alike. A simple Internet search on this topic yields literally thousands of
articles. And it is no secret that what we are seeing now is just the tip of the technology
iceberg. Whether we do or do not yet actually use the next generation of collabora-
tion or social networking technologies in our work, everyone has heard about them,
including instant messaging, Twitter, Facebook, webcams, and others, and no one is a
stranger to speculation about how these technologies are going to change the face of
organizations yet again.
Almost any business or IT journal these days contains speculative “think pieces” or
case studies about how essential it will be to collaborate (in various ways) in the future
and how failing to do this will result in the organization becoming a dinosaur (Amabile
and Khaire 2008; Lynch 2007; Romano et al. 2007). And it is certainly without question
that hundreds of new technologies—including hardware, software, applications, and
services—are currently being promoted to businesses as enabling collaboration and all
of the benefits it will bring. Yet business and IT managers are struggling to cut through
the hype to get at the real value collaboration will bring. They have seen this before in
both the “Internet bubble” and the knowledge management fad and know from bitter
experience with previous generations of groupware, knowledge management, and

220 Section III • IT-Enabled Innovation
collaboration investments that achieving positive results is not as easy as plugging in a
piece of technology (Iandoli 2009a). Many have a long history of deploying collabora-
tion technology and seeing it gather dust (McAfee 2006).
It is therefore no surprise that the focus group reported a great deal of conflicting
feelings in their organizations about collaboration, from wildly enthusiastic to highly
skeptical. One company has invested substantial amounts of time and money in
collaboration technologies and in adapting its organizational culture and behaviors
accordingly and believes that they have become more productive, effective, and
successful as a result. On the other hand, another manager reported his company’s
senior executives were grumbling that no one has yet given them a real business
need for collaboration. Some members reported that there’s a lack of business push
for collaboration in their organization, and others stated that their business units were
“coming around in some areas because they feel they need to be where their customers
are.” Most agreed that virtual interaction is becoming increasingly commonplace and
that the percentage of time employees work virtually (and therefore need collaboration
technology) is increasing (Drakos et al. 2009; Romano et al. 2007). One study found
that spending on collaborative software represents one-fifth of most organizations’
technology budgets, but business leaders are still uncertain if these investments are
improving either collaboration or the quality of work (Cross et al. 2005). This sentiment
was reflected by most of the focus group participants. “We’re still experimenting with
collaboration,” explained one. “We don’t have a business project, but we’re developing
a collaboration strategy.”
Because collaboration is evolving so rapidly, it’s difficult to definitively articu-
late the business drivers and benefits involved. However, there appear to be five main
categories of potential business value:
1. Top-line value. A great deal has been written about the importance of collabora-
tion in improving and/or increasing creativity and innovation in organizations.
One study found that collaboration technologies play a critical role in improving
knowledge creating and sharing practices and in developing new processes, prod-
ucts, and services (Fink 2007). Another noted that “great ideas can come from
anywhere and IT has dramatically reduced the cost of accessing them” (Pisano
and Verganti 2008). The expectation is that collaboration both across an organi-
zation and with customers, suppliers, and other third parties, will strengthen
an organization’s ability to identify new business opportunities and formulate
creative solutions (Fink 2007). The goal is “real time, rich, location independent col-
laboration” by creative teams that can rapidly process and assimilate knowledge
from many different sources and apply it in practical ways (Gordon et al. 2008).
This type of value is especially important in highly dynamic and competitive
industries where the generation of a large number of new, good ideas is critical
to competitive advantage. Within the focus group, most organizations were just
beginning to recognize how technology, collaboration, and innovation could be
harnessed to change their business models, products, and services. “We’re begin-
ning to see our executives more open to these concepts and how changing how
we work together and with our customers can make a difference,” said one. One
firm has included collaboration and innovation in its performance review criteria.

Chapter 16 • Enabling Collaboration with IT 221
Nevertheless, these appear to be the exceptions, and focus group managers mainly
commented that their business leaders were not yet really thinking about how
technology could help them in this area.
2. Cost savings. In a number of focus group companies, collaboration is seen as hav-
ing real cost savings potential in such ways as reducing travel costs through virtual
meetings, improving communications, and enabling remote access to documents.
Participants noted that collaborative technology facilitates the work of global and
virtual teams by compressing work flow, reducing development costs, increasing
communication, minimizing misunderstandings, improving coordination between
groups, and enabling linkages with vendors, suppliers, and customers that speed
up the supply chain and other work processes.
3. Effectiveness. There is wide recognition that collaboration technology, used
properly, can make group work more effective. This is particularly true for virtual
teams. For example, one focus group company uses social networking techno-
logies (behind its firewall) to enable team members from around the world to
learn about each other, have fun events, and understand each others’ customs and
culture. “This has been really useful for us in building strong global teams,” said
the manager involved. Collaboration technology, particularly unified communica-
tions, is especially useful in integrating remote and mobile workers seamlessly into
team or project activities. It enables them to “touch down” in an office and plug
into the applications and information they need, wherever they are in the world.
Increasingly, too, for many professionals, whose work consists of participation in
a number of ad hoc projects, collaboration technology enables them to more effec-
tively juggle a variety of commitments. One firm uses it extensively for its multi-
disciplinary projects, such as pandemic planning. Finally, online education is a big
application of this technology, allowing employees to participate from a variety of
locations, have virtual and real-time discussions, and incorporate learning into the
demands of their workday.
4. Accessibility of people. A key feature of collaboration and its associated tech-
nology is that it provides a company with access to a much broader range of
skills, capabilities, resources, and services than have been traditionally available.
Collaboration technology significantly expands the number of potential partners
and expertise available to a company (Pisano and Verganti 2008), and in recent
years different types of interorganizational alliances—from supply chain integra-
tion to design coordination to innovative partnerships—have become common-
place (Attaran 2007). However, it is the ability to access internal expertise that is
currently of most interest to the focus group companies. Only one firm had suc-
cessfully implemented a comprehensive enterprise directory, including phone
book, expertise location anywhere in the organization, reporting structures, and
connection with social networking information. Yet even this firm recognized how
difficult building such a capability can be. “Over the years, it has been a huge stum-
bling block for us,” one focus group member said. Other members were envious.
“We’re trying to build this facility,” said one, “because right now it’s really hard
for us to find people in our organization.” Ideally, this type of accessibility also
enables the development of communities of interest within the organization—
either work focused or built around personal interests. In our virtual, networked

222 Section III • IT-Enabled Innovation
world that is rapidly losing the “human touch” and is characterized by “ephem-
eral relationships,” these communities can help build staff morale and create a
sense of belonging (Tebbutt 2009; Thomas and Bostrom 2008).
5. Accessibility of information. One of the biggest benefits of collaboration and its
associated technology is that it makes information much more accessible than in the
past. Information repositories, such as the intranet, enable the management and shar-
ing of digital content on an as needed basis (Chin et al. 2008). Other technologies,
such as wikis, support the creation of new content and its publication. These tools
enable information and knowledge sharing across time and space in ways that were
unheard of a mere decade ago (Fink 2007). Many focus group members believe that
portal and content management applications will be the biggest value of collabora-
tion. But they also feel it will take a lot of work to get there. “Our intranet is just a
garbage scow of information,” sighed one manager. “The same document can exist
in literally hundreds of places.” Another noted, “While our corporate level content is
well managed, it gets messier and messier the lower down in the organization you
go. We need much more information management and filtering to make our Intranet
really useful.” Finally, although everyone agrees that collaboration will only be suc-
cessful if more information is made more widely available, there is still a great deal
of fear that “someone will do something bad with it,” which explains why in many
organizations the default position is not to share.
6. Flexibility. The world is becoming increasingly volatile, uncertain, complex, and
ambiguous and this is creating a highly dynamic business environment for many
companies (Johansen 2007). Flatter, more networked, and collaborative structures
create the right work and leadership environment, facilitating fluid workforces and
speedy decision making and providing transparency of information and capabili-
ties while retaining clarity around the organization’s beliefs, values, and responsi-
bilities (Reeves et al. 2008). A networked organization, with situational leadership,
less structure, and the ability to create new capabilities through its networks, will
be much more able to cope with these challenges. Flexibility will involve space,
technology, and protocols for working in networks and will exist at the intersec-
tion of real estate, HR, and IT (Johansen 2007). Flexibility underlies many of the
reasons why focus group members are interested in collaboration. Although most
are still seeing this as a need within a more traditional, hierar chical organizational
structure, some recognize that their structure and governance practices will have to
change substantially.
CharaCteristiCs of Collaboration
Although there is much talk about the benefits of collaboration and the need for more
of it in organizations, clarity is significantly lacking about what collaboration actu-
ally is. As one focus group member put it, “If you asked a hundred people to describe
collaboration, you would get a hundred different answers. There’s a huge disparity in
understanding about this topic.” There is also significant confusion about collaboration,
which is a human activity, and collaboration technology, which is the hardware, soft-
ware, and applications that enable the work of collaboration (Camarinha-Matos et al.
2009). Finally, the group noted that collaboration is often used interchangeably with
such terms as networking, social networking, and cooperation. It is therefore important

Chapter 16 • Enabling Collaboration with IT 223
to be clear about the range and scope of collaboration in organizations these days,
including who is involved in collaboration, what type of work is being done, and where
it is being done, since these have a direct bearing on how the IT function can best sup-
port collaboration with technology (see Figure 16.1).
• Who is collaborating? At its simplest, collaboration describes work that is done
jointly with others (Wikipedia 2011). In modern organizations, this covers a lot of
territory. Sometimes, collaboration can be as basic as two people working together
to achieve a goal, but it also refers to a wide spectrum of different types of collab-
orative participants. In organizations, there can be collaboration within teams (both
formal and ad hoc), between business units, and within communities of interest.
Collaboration can also occur beyond a firm’s boundaries, including between an
organization and its customers, between one or more organizations (as in a supply
chain or an innovative partnership), and, as we are beginning to see, with the world
at large (also known as “mass collaboration”). As organizations have become more
comfortable with collaborative work, they are extending it in new ways and to more
and more types of participants. Most focus group organizations still focus on internal
collaboration, yet there was general agreement that the trend is toward opening up
collaboration beyond organizational boundaries. At present, most organizations are
fairly “locked down” but have practices in place to enable key suppliers and trusted
third parties to access internal company data and to work collaboratively with inter-
nal participants.
• What are they collaborating on? Collaboration can take many forms. The
early wins in organizations, according to the focus group, were simple transac-
tions. These included e-mails, conferencing, extranets with partners, and basic
Who Is
What Are They
Where Are
How Are They
Content Creation
& Management
Internal Teams
of Interest
and others
Routine Activities
Ad hoc,
Dynamic, Real-time
figure 16.1 The Range and Scope of Collaboration

224 Section III • IT-Enabled Innovation
workflow. Next came collaboration around routine activities, such as access to
information and its reuse, ease of information creation and publishing; coordina-
tion of experts to solve common problems and to reduce the work involved in
mundane tasks, such as coordination and planning (Cross et al. 2005; Edmonston
2008; Fedorowicz et al. 2008). Most organizations in the focus group have substan-
tial initiatives in this area, although they believe there’s more work to be done,
especially in such matters as improving content management and creating enter-
prise directories. A third type of collaboration is more unstructured in nature and
includes the development of communities for various purposes, creating collabor-
ative work environments where innovation can occur, and collaboration for issue
and information management. Most focus group members had only just begun
to understand how best to leverage this type of collaboration, and their efforts in
this area are still mainly experimental. However, one firm has created a new tech-
nology adoption environment, where any technology innovation can be shared
and where others can use and provide feedback about its utility and effectiveness.
The most challenging form of collaboration is probably best epitomized at pres-
ent by the online gaming community. Here, various participants work together in
real time to achieve structured goals under rapidly changing conditions. Dynamic
collaboration is characterized by speed of decision making with incomplete infor-
mation, the ability to modify decisions in response to changing conditions, trial
and error, the continual need to address and deal with risk, hyper-transparency of
information, and situational leadership (Reeves et al. 2008). None of the organiza-
tions in the focus group had achieved this type of collaboration, but all recognized
that this is increasingly the way members of the younger generation expect to
work and also felt that as business challenges become more complex, organiza-
tions will have to find better ways of collaborating in this way.
• Where are they collaborating? Increasingly, collaboration needs to take place on
an anywhere, anytime basis. Inside organizations, members noted the need for
more meeting spaces and meeting rooms as well as “touch down” areas where
contractors and outside staff can temporarily set up office. Almost all focus group
organizations already support virtual and mobile work, at least to some extent.
Several members of the focus group also routinely utilize international or global
teams where collaboration takes place across time zones, national boundaries,
cultures, and language groups. Some were also beginning to experiment with
different forms of collaboration with individuals and enterprises beyond their
organizational boundaries, which requires dealing with different organizational
cultures, practices, processes, systems, and data.
• How are they collaborating? Collaborative technology comprises the tools that
are used to facilitate the work of collaboration. These fall into four main categories:
electronic communication (such as e-mail, instant messaging, blogs), electronic con-
ferencing (e.g., video conferencing, meeting software), electronic management (e.g.,
file sharing, activity assignment, task management), and electronic content creation
and management (e.g., publishing tools, enterprise directories). However, newer
collaborative technologies, such as social networking applications, tend to fall into
multiple categories depending on how they are used (e.g., for communication or
information creation). As a result, the boundaries between the categories are blur-
ring with the rapid evolution of this technology.

Chapter 16 • Enabling Collaboration with IT 225
Components of suCCessful Collaboration
Understanding what collaboration and its potential benefits are is important to achieving
an awareness of how collaboration can be effectively used in an organization, but the
high failure of collaboration projects suggests that successful collaboration requires
mastering how to implement and manage it (Schuh et al. 2008). The key challenges
for managers (both business and IT) are to create a supportive working environment
and motivational conditions and to develop the skills and organizational arrangements
within which collaboration can flourish (Fedorwicz et al. 2008; Thomas et al. 2007). Four
components of collaboration must work together to ensure successful collaboration of
any type (MacCormack and Forbath 2008):
1. People. Collaborative work requires different skills than more traditional
forms of work. In particular, strong communication skills are essential. This
is especially true the more work is mediated through technology, virtual, and
across organizational and cultural boundaries (Romano et al. 2007). Cultural
differences around social expectations, the need for more openness, flexibi-
lity, and interdependence in work assignments; the need to develop trust in an
“opaque” environment (i.e.,  one that lacks many traditional social cues); and
differences in organizational practices all add up to a requirement for managers
to rethink how people will work together in this new world of work (Evans and
Wolf 2005; Fiore et al. 2008). Inexperienced teams, lack of management attention,
and different expectations of partners are some of the major reasons why collab-
oration initiatives can fail (Schuh et al. 2008). Thus, when implementing collabo-
ration, managers should be aware that it is not “business as usual” and should
pay more attention to the social and behavioral changes that will be necessary
(Edmonston 2008; Thomas and Bostrom 2008). One focus group manager noted,
“You cannot overemphasize the importance of culture. It will make or break
you.” Finally, as the complexity of the tasks involving coordination increases,
so does the need for management attention to coordination (Schuh et al. 2008).
In short, creating the working environment within which collaboration occurs
becomes the primary role of the manager, rather than monitoring individual
productivity or performance. Signs that these efforts have been successful are
engaged, satisfied, and committed staff who fully participate in collaborative
processes (Nohria et al. 2008). Conversely, managers who cultivate a fear of
failure or who do not protect their staff from what is often a larger, hostile cor-
porate environment, are likely to see collaborative initiatives fail (Amabile and
Khaire 2008).
2. Program. Collaboration needs to be part of a coherent program to create and
capture value, not a series of stand-alone efforts (Schuh et al. 2008). It is highly
unlikely that collaboration initiatives will achieve an organization’s goals unless
they are managed holistically (MacCormack and Forbath 2008). Furthermore, it
is essential that managers understand the strategic trade-offs involved in col-
laboration and make conscious decisions about how to structure and govern it.
This is especially true when external partners are involved (Pisano and Verganti
2008). Most important, organizations need to understand comprehensively how
to use their knowledge and information assets. Focus group members stressed
that well-organized, searchable information is the foundation for any type of

226 Section III • IT-Enabled Innovation
collaboration, and this resource requires a significant investment to develop and
maintain. As  a result, many companies are working primarily on content man-
agement strategies. In addition, high-level decisions need to be made about how
to develop new collaboration capabilities, determine what types of collaboration
the organization seeks to engage in, what policies are needed, and how to create
an environment where the desired collaboration can thrive. Two key principles
of any collaboration program are emergence (i.e., the recognition that we don’t
always know who will make the greatest contribution to a problem in advance)
and planned serendipity (i.e., designing a working environment where underex-
plored relationships between people, data, and applications can become visible)
(Majchrzak 2009).
3. Processes. Within a strategic and holistic approach to collaboration, it is impor-
tant to develop processes that support or help manage this type of work. Since
collaboration is a moving target in the modern enterprise, managers need ways
to rapidly learn what is working and what isn’t and to make changes as the work
unfolds (Edmonston 2008). Managers also need a process to take advantage of suc-
cessful innovations and a way of recognizing failures and killing them off quickly
(Amabile and Khaire 2008). Effective processes are also required to support
collaborative teams and partnerships, to help them know what they know and
coordinate their thinking (Johansen 2007). Specific processes that the focus group
identified as being supportive of collaboration include administrative practices that
recognize the convergence of many different types of communication (the manage-
ment of which is often separated), content management processes, the  ability to
identify a “single source of truth” (i.e., the official documents pertaining to any
topic), and the creation of parameters to help staff understand how and under
what conditions they can collaborate. Conversely, a siloed focus and an emphasis
on process efficiency above all else will likely stifle collaboration (Kleinbaum and
Tushman 2008).
4. Platforms. These are the tools, technologies, and standards that enable people
to share data and to work together seamlessly from a variety of locations. The
advent of cheap connectivity has been the driving force behind many new ways
of collaborating in recent years, yet efforts to promote collaboration have focused
largely on connectivity with little recognition of the other factors that make it
effective (Cross et al. 2005). Technology is a key resource in enabling collaboration,
but it must be designed to achieve the organization’s goals and fit with its culture
and practices. As with the other components of collaboration, the objective of a
platform is to create an environment within which collaboration can take place,
rather than the traditional systems approach of hardwiring specific information
and work processes (Iandoli 2009b). An effective technology platform should sup-
port plug-and-play communications, provide access to information, and enable
the transformation of information into knowledge. It should also provide tools
for the rapid creation of communities, teams, and networks; be based on open
standards; and be flexible and adaptive (Camarinha-Matos et al. 2009; Iandoli
2009b). However, most focus group organizations are nowhere near creating such
a platform. Most are still questioning whether they should invest in collaborative
technologies rather than look for ways to coherently manage a set of business tools
for collaborative work (Drakos et al. 2009).

Chapter 16 • Enabling Collaboration with IT 227
the role of it in Collaboration
Clearly, the IT function alone cannot make collaboration happen, even if it provides
robust collaboration technology. The business plays a critical role in determining its
strategy and creating processes and a working environment that make it possible to
collaborate for business value. That said, there is still no answer to where an organi-
zation’s collaboration strategy “belongs.” In most, IT still owns it and, as a result, the
whole field of collaboration is an opportunity for IT managers to demonstrate real busi-
ness leadership (Lynch 2007; Mann 2008). CIOs can work with business executives to
identify and orchestrate collaborative capabilities, coordinate enterprise services, and
educate leaders about opportunities and possibilities.
In addition, IT leaders have some very specific technology responsibilities that
must be put in place to enable collaborative work to occur. At present, four major
technology areas must be addressed iteratively and concurrently. These are merely the
fundamentals, however. Because this field is evolving rapidly, IT leaders must be pre-
pared to continually reassess all aspects of collaboration technology, its governance,
and policies and to rebalance these as necessary (Smith et al. 2007).
1. Communication. A significant and growing area of collaborative technology is
enabling a wide spectrum of communications options, from voice mail to video
and everything in between. “Users increasingly see communications and collabo-
ration not as separate activities but as a smooth continuum of modalities where
the difference between talking on the phone and posting on a wiki becomes a
matter of choice and preference” (Mann and Elliot 2007). As such unified commu-
nications become a technological reality, IT leaders will need to develop an archi-
tecture that supports them as a single technology spectrum rather than as separate
components. Gartner Group predicts that phone directories, e-mail, voicemail,
instant messaging, presence awareness, computer telephony, and conferencing
technologies will increasingly converge over the next five years, leading to serious
organizational challenges in how these services are managed (Mann and Elliot
2007). However, other types of communication and collaboration software, such
as voice, call centers, mobile, team workspaces, and social software will not be
part of this convergence and will have to be appropriately managed as they too
evolve. Ultimately, communications technology will be embedded in all busi-
ness applications and will need to be ubiquitous, reliable, secure, and integrated
(Andriole 2006).
2. Information access and management. Developing an improved informa-
tion processing capability, including accurate and visible information, manipul-
ability, exchangeability, and ease of information transfer is a primary goal for all
IT functions in supporting collaboration. One focus group member explained his
mandate as follows: “We want to make it easy for anyone to share information via
the intranet, to support collaboration with information, and to link people to docu-
ments and vice versa.” To accomplish this goal, it is important for organizations to
reduce the number of databases and data management platforms they maintain
and to develop the intranet into a robust information-sharing platform. Typically,
organizations also need a document management system with proper versioning
and access controls, although these systems are notoriously difficult to integrate
with other information management tools. “We’re finding it really hard to upload

228 Section III • IT-Enabled Innovation
and share documents,” said one manager. “It’s a big headache for us.” Content
management, particularly at the business unit and team levels, is also challeng-
ing as the use of many separate tools tends to replicate information in a relatively
unmanaged fashion. At present in most companies, attention needs to be paid to
integrating fragmented information resources, improving information visibility,
filtering and navigation, and establishing principles for information access (Cain
2008; Thomas et al. 2007).
Several focus group companies commented that the perception is still
widespread in their organizations that if information is made more widely avail-
able “bad things will happen.” “We instinctively don’t want to share,” said one
manager. Managing the tension between the need for information availability to
facilitate collaboration and protecting the organization from the associated risks is
an area where IT managers should be working proactively to ensure they deliver
the optimal value (Gordon et al. 2008; Smith et al. 2007).
3. Security and risk. It is a primary responsibility of the IT function to protect
the integrity of its systems and data. This is becoming increasingly more chal-
lenging as both internal and external organizational boundaries break down and
new forms of collaboration are introduced (Smith et al. 2007). IT managers rec-
ognize that removing the traditional layers of separation between departments
and enterprises makes the organization more vulnerable and their job more dif-
ficult. Therefore, IT departments can often be viewed as obstacles to collaboration
(Gordon et al. 2008). There is no easy answer to this dilemma. Companies need
safe and secure communications, but it is no longer possible to use “stovepipe”
security to ensure this. Instead, IT functions must improve security architectures
and infrastructures and continually assess the balance between the openness
required by collaboration and the risks involved. Focus group members noted
that security must become more granular and principles based. “We are begin-
ning to develop a policy for how we as a company use social networking tools,”
said one manager. “The broader the team, the greater the risks involved.” Another
added, “We need better authentication tools, and we must be clearer about the
types of information that can be shared.” Others noted that security must be com-
mensurate with the risks involved. “We must use the most appropriate tools for
the particular task at hand.” Finally, they pointed out that this task is about to get
much more difficult as companies begin to open themselves up to collaboration
with their end customers. “This is a huge challenge that we have not yet faced up
to,” said one.
4. Technology integration. The more IT can achieve integration of data, applica-
tions, hardware, and software, the easier it will be to provide the information
and tools needed to facilitate collaboration. Thus, focus group members recom-
mended the massive simplification and rationalization of applications, databases,
and software as a precursor to any significant collaboration initiative. The drive to
collaboration is also behind the increasing interest in industry-neutral and global
IT standards of all types (Chituc et al. 2009). “Technology should be a facilitator
of collaboration, not an obstacle,” said one manager. “Our users want to plug and
play in this area, and we can only achieve this through standardization.” Some
organizations in the focus group provide “canned” collaboration tools, such as
blogs, personal Web sites, team sites, and wikis that allow the rapid formation of

Chapter 16 • Enabling Collaboration with IT 229
ad hoc teams and ease of social networking. These can then be tailored to particu-
lar needs requiring just enough information so they can be effectively managed
and decommissioned in the longer term.
In addition, centralized and integrated structures within IT for developing
enterprisewide communications and collaboration capabilities can facilitate synergistic
interactions between these tools and create useful cross-technology opportunities that
might not previously have been obvious (Sanders 2007). Focus group organizations
varied widely in this area. Some assigned IT a leading role in delivering collabora-
tion technology, and others are implementing it on a more piecemeal basis. All agreed,
however, that without centralized support for this technology, it is unlikely to deliver
enterprise-level value.
These four collaborative technology building blocks are the most critical
elements to which IT should pay attention at present. However, new technologies
are already on the horizon, and these will require continual assessment from IT man-
agers as to their usefulness and how they can be integrated into the existing orga-
nizational infrastructure and collaboration architecture. Some of these technologies
include dynamic modeling tools, simulation engines, visualization tools, data reduc-
tion and summarization applications, and intelligence gathering tools. In short, IT
managers are going to have to remain aware in this very rapidly changing market
and be willing to adapt quickly to changing conditions. Paying attention to these four
fundamental building blocks now will enable them to do this more easily and effec-
tively in the future.
first steps for faCilitating effeCtive Collaboration
Given the multifaceted nature of collaboration and its many potential but as yet
unproven benefits, IT managers could understandably adopt a wait-and see approach.
In fact, this is what many members of the focus group are doing: talking about strategy
and planning small pilots to test the waters. However, amid all the confusion, they also
had some practical ideas for ways that organizations could begin to approach this com-
plex and dynamic new way of working and using technology.
1. Develop a coherent vision. Effective collaboration requires a multidisciplinary
approach and a shared business–IT vision (Lynch 2007). It is essential that such
a vision begin with understanding the organization’s values, legal require-
ments, and core intellectual property. From this, a strategic perspective can be
developed about what the business wants to accomplish with collaboration and
what types of technology would best support it. Focus group members sug-
gested that developing a vision for collaboration must be carefully approached
because “the judgment line is shifting rapidly” and our static paradigms of work
are rapidly becoming much more dynamic. These factors will change business
models and strategies and affect how companies will need to manage the com-
plex business environment of the near future. Ideally, a vision for collaboration
should include a unified strategy and business models, tools, and experiments
to help the organization gain further insights. The vision’s ultimate goal should
be to nurture an internal working environment (and in the longer term a broader
business ecosystem) that will enable productive collaboration to emerge. At this

230 Section III • IT-Enabled Innovation
early stage, both business and IT leaders should play a key role in articulating a
collaboration vision and connecting it to the right people who can make it happen.
2. Plan for adaptation. If there’s one aspect of collaboration about which everyone
agrees, it’s that collaboration is evolving and complex and will require significant
and ongoing management attention (Schuh et al. 2008). Organizations, and particu-
larly IT functions, therefore need to develop the “flexing skills” needed to cope with
the rapid development of collaboration and its associated technologies (Iandoli
2009b). Focus group members noted that their organizations are already becom-
ing flatter and more complex as collaboration and networks emerge. “Business is
speeding up, and we will need new skills for coping and adapting rapidly,” said
one. It is therefore essential that organizations develop processes for learning what
is working with collaboration and what isn’t and mechanisms for sharing these les-
sons. Above all, the management of collaboration needs to be multidisciplinary and
responsive to change.
3. Start with specific fundamentals. Facilitating effective collaboration will take
time—both to build a strategy and to get the technology fundamentals in place.
Many organizations have specific “pain points” that could be worthwhile places
to start putting energy into collaboration. In the focus group, these were clearly
around information management and access. “Our Intranet is unmanaged and not
relevant,” complained one manager. Another noted that it was very hard find-
ing people in his organization. “We’d love to have a ‘blue pages’ to enable us to
start internal social networking,” he said, referring to one firm’s internal company
directory. In addition, several participants noted that their office space doesn’t
support collaboration. “We need to have many more collaborative workspaces,”
one participant noted. A simple assessment of these gaps and some management
attention to them could lead to a great improvement in how people are able to
4. Establish principles of behavior. As already noted, much of the governance of col-
laboration is based on principles, rather than rules. The most basic principle is trans-
parency, not only of information but also of behavior (Majchrzak 2009). Some focus
group companies have already established a code of conduct to govern electronic
communication and collaboration, and others are working on one. A big fear is that
providing improved communication will enable employees and customers to post
negative comments about the organization. One important way of allaying these
fears is to eliminate online anonymity. “Anonymity results in bad behavior,” said
one manager. “With a clear online identity, negativity is quickly found out and is
usually self-policed by others in the community.” Another noted, “In a business
environment where all posts are traceable, abuse is unlikely.” As  social network-
ing takes hold in our culture, and organizations explore ways they can use it to
connect with their customers, they are realizing that establishing rules of etiquette
for how to do this is important. “We have a hard and fast rule that if you are using
social networking to do business, you must state your company affiliation,” said a
Cultural and behavioral practices are changing as a result of collabora-
tion, and agreement is widespread that these will require serious management
attention. For example, as staff become empowered to innovate and make real-
time decisions, organizations will need to foster increased psychological safety

Chapter 16 • Enabling Collaboration with IT 231
so people don’t fear being penalized if they make a mistake (Edmonston 2008).
Similarly, work will need to be done to align work management and human
resources practices, as well as incentives, if collaboration is to really make a dif-
ference (Cross et al. 2005). Finally, as connectivity becomes more pervasive and
global, companies will have to develop policies and practices that enable staff to
achieve an effective work–life balance. For example, one global firm has devel-
oped a small scheduling application to determine the least invasive time to have
a meeting across different time zones. Tools can also be used to assist staff with
controlling their accessibility and protecting their privacy (Mann 2008).
5. Gradually move beyond the firewall. None of the focus group companies was
comfortable as yet extending collaboration beyond their firewalls, unless in very
tightly controlled circumstances (e.g., with vendors or third-party service pro-
viders). Major concerns about risk, privacy, and corporate liability remain. These
issues need to be discussed and managed so that the power of collaboration can be
realized. For example, one firm’s privacy officer is now involved in determining
what information can and cannot be shared. Some initial external target groups
will include retirees, clients, and business partners. “We are gradually working
through our concerns because of the unbelievable power of these tools,” one
manager said.
Collaboration is a complex concept with
uncertain benefits and requires major
organizational change. The drive to adopt
collaboration is being accelerated by the
possibilities enabled by information techno-
logy, which support real-time, global com-
munication and anytime, anywhere access
to information. In addition, companies
are feeling considerable pressure to adopt
collaboration technology because of their
increasingly widespread use among indi-
viduals, many of whom are becoming
their employees. There is no question that
collaboration will play a major role in how
we work and live in the future. However,
as we move into this new era, companies
are taking their time to determine how
best to take advantage of what collabora-
tive technology has to offer. This chapter
has identified the major ways companies
might want to collaborate and the benefits
that are anticipated from each. It has also
explored some of the major characteristics
and components of collaboration in order
to clarify concepts and to distinguish
between the work of collaboration, which is
a human activity, and collaboration technol-
ogy, which facilitates it. It has shown that
effective collaboration will not result from
simply implementing more collaboration
software. Instead, it will require a proactive
and holistic strategy that integrates business
goals and technology potential. At present,
all aspects of collaboration and collabora-
tion technology are in their infancy, so it is
understandable that many companies are
proceeding cautiously into this new world.
Nevertheless, the speed with which both
technology and practice are moving sug-
gests strongly that it is time for managers
to put some collaborative fundamentals in
place. Furthermore, IT managers have an
opportunity to provide business leader-
ship around collaboration if they can clearly
articulate its business potential and benefits,
rather than focusing on the technology itself.

232 Section III • IT-Enabled Innovation
Amabile, T., and M. Khaire. “Creativity and the
Role of the Leader.” Harvard Business Review
86, no. 10 (October 2008).
Andriole, S. “The Collaborate/Integrate Business
Technology Strategy.” Communications of the
ACM 49, no. 5 (May 2006).
Attaran, M. “Collaborative Computing: A
New Management Strategy for Increasing
Productivity and Building a Better Business.”
Business Strategy Series 8, no. 6 (2007): 387–93.
Cain, M. “Key Issues for Unified Communications
and Collaboration, 2008.” Gartner Inc., ID
Number: G0015672, April 10, 2008.
Camarinha-Matos, L., H. Afsarmanesh, N. Galeano,
and A. Molina. “Collaborative Networked
Organizations—Concepts and Practice in
Manufacturing Enterprises.” Computers and
Industrial Engineering 57, no. 1 (2009): 46–60.
Chin, K., D. Gootzit, and J. Mann. “Key Issues
for Portals, Content Management and
Collaboration Best Practices Projects.” Gartner
Inc., ID Number: G00155820, April 24, 2008.
Chituc, C., A. Azevedo, and C. Toscano. “A Frame-
work Proposal for Seamless Interoperability
in a Collaborative Networked Environment.”
Computers in Industry 60, no. 5 (June 2009): 317–38.
Cross, R., J. Liedtka, and L. Weiss. “A Practical
Guide to Social Networks.” Harvard Business
Review 83, no. 3 (March 2005).
Drakos, N., C. Rozwell, M. Cain, and J. Mann. “Key
Issues for Social Software and Collaboration
Initiatives, 2009.” Gartner Inc., ID Number:
G00164866, January 30, 2009.
Edmonston, A. “The Competitive Imperative of
Learning.” Harvard Business Review 86, nos. 7/8
(July–August 2008).
Evans, P., and B. Wolf. “Collaboration Rules.”
Harvard Business Review 83, nos. 7/8 (July–August
Fedorowicz, J., I. Laso-Ballesteros, and A.
Padill-Melendez. “Creativity, Innovation
and e-Collaboration.” International Journal of
e- Collaboration 4, no. 4 (2008): 1–10.
Fink, L. “Coordination, Learning and Innovation:
The Organizational Roles of e-Collaboration
and Their Impacts.” International Journal of
e-Collaboration 3, no. 3 (2007).
Fiore, S., R. McDaniel, and F. Jentsch. “Narrative-
Based Collaboration Systems for Distributed
Teams: Nine Research Questions for
Information Managers.” Information Systems
Management 26, no. 1 (Winter 2009): 28.
Gordon, S., M. Tarafdar, R. Cook, R. Maksimoski,
and B. Rogowitz. “Improving the Front End
of Innovation with Information Technology.”
Research-Technology Management 51, no. 3
(May/June 2008): 50–58.
Iandoli, L. “JITCAR Special Issue—IT
Collaboration in Organizations.” Journal of
Information Technology Case and Application
Research 11, no. 1 (2009a).
Iandoli, L. “Leveraging the Power of Collective
Intelligence Through IT-Enabled Global
Collaboration.” Journal of Global Information
Technology Management 12, no. 3 (2009b).
Johansen, B. Get There Early: Sensing the Future to
Compete in the Present. San Francisco: Berrett-
Koehler, 2007.
Kleinbaum, A., and M. Tushman. “Managing
Corporate Social Networks.” Harvard Business
Review 86, no. 7–8 (July–August 2008).
Lynch, C. “Five Things Wikipedia’s Founder Has
Learned About Online Collaboration.” CIO
Magazine, June 28, 2007.
(accessed March 9, 2011).
MacCormack, A., and T. Forbath. “Learning the
Fine Art of Global Collaboration.” Harvard
Business Review 86, no. 1 (January 2008).
Majchrzak, A. “Social Networking and
Collaboration.” Presentation to the Society for
Information Management’s Advanced Practices
Council, Atlanta, Georgia, January 21–22, 2009.
Majchrzak, A., A. Malhotra, J. Stamps, and J. Lipnack.
“Can Absence Make a Team Grow Stronger?”
Harvard Business Review 82, no. 5 (May 2004):
Mann, J. “Q&A: Answers to Practical Questions
about Collaboration Tools.” Gartner Inc., ID
Number: G00154888, February 1, 2008.
Mann, J., and B. Elliot. “The New Market for
Unified Communications and Collaboration.”
Gartner Inc., ID Number: G00153236,
November 23, 2007.
McAfee, A. “Enterprise 2.0: The Dawn of Emergent
Collaboration.” MIT Sloan Management Review
47, no. 3 (Spring 2006): 20–28.

Chapter 16 • Enabling Collaboration with IT 233
Nohria, N., B. Groysberg, and L. Lee. “Employee
Motivation: A Powerful New Model.” Harvard
Business Review 86, nos. 7/8 (July–August 2008).
Pisano, G., and R. Verganti. “Which Kind of
Collaboration Is Right for You?” Harvard
Business Review 86, no. 12 (December 2008).
Reeves, B., T. Malone, and T. O’Driscoll.
“Leadership’s Online Labs.” Harvard Business
Review 86, no. 5 (May 2008).
Romano, N., J. Pick, and N. Roxtocki. “Editorial
Introduction to the Special Issue on
Collaboration Issues in Cross-Organizational
and Cross-Border IS/IT.” Journal of Information
Technology Theory and Application 8, no. 4
Sanders, N. “An Empirical Study of the Impact
of e-Business Technologies on Organizational
Collaboration and Performance.” Information
Systems and Operations Management 25, no. 6
(2007): 1332–47.
Schuh, G., A. Sauer, and S. Doering. “Managing
Complexity in Industrial Collaborations.”
International Journal of Production Research 46,
no. 9 (May 2008): 2485–98.
Smith, G., K. Watson, W. Baker, and J. Pokorski.
“A  Critical Balance: Collaboration and Security
in the IT-Enabled Supply Chain.” International
Journal of Production Research 45, no. 11 (June 2007).
Tebbutt, D. “The Business Value of Collaboration
Software.” CIO Magazine, February 17, 2009.
Value_of_Collaboration_Software (accessed
March 9, 2011).
Thomas, D., and R. Bostrom. “Building Trust and
Cooperation Through Technology Adaptation
in Virtual Teams: Empirical Field Evidence.”
Information Systems Management 25, no. 1
(2008): 45–56.
Thomas, D., R. Bostrom, and M. Gouge.
“Making Knowledge Work in Virtual Teams.”
Communications of the ACM 50, no. 11 (November
Wikipedia. “Collaboration.”
wiki/Collaboration (accessed March 9, 2011).

Mini Case
Innovation at International Foods2
Josh Novak gazed up at the gleaming glass-and-chrome skyscraper as he stepped out
of the cab. “Wow!” he thought to himself. “I’ve hit the big time now.” The International
Foods Group (IFG) Tower was a Chicago landmark as well as part of the company’s
logo, which appeared on the packages of almost every type of food one could imagine—
breakfast cereals, soft drinks, frozen pizza, cheese, and snack foods, to name just a
few. Walking into the tower’s marble lobby, Josh could see displays of the company’s
packaging from its earliest days, when its dairy products were delivered by horse and
wagon, right up to the modern global entity it had become.
After signing in with security, Josh was whisked away to the 37th floor by an
efficient  attendant who walked him down a long hall of cubicles to a corner office
overlooking Lake Michigan. On the way, Josh passed display photos of the company’s
founder, old Jonas Wilton looking patriarchal, and several of the family scions, who
had grown the company into a major national brand before the IPO in the 1980s had
made IFG a public company. Josh, having “Googled” the company’s history last night in
response to this summons, knew that IFG was now the largest purveyor of food products
the world had ever known. While many decried the globalization of the food business,
IFG kept right on growing, gobbling up dozens of companies each year—some because
IFG wanted to stomp on its competition and others because it wanted their good ideas.
Josh’s own small company, Glow-Foods, a relative newcomer in the business, was
fortunately one of the latter, but Josh was a little puzzled about this command per-
formance. After all, he himself wasn’t anyone important. The owners of the company
all received multiple millions and were sticking around—as per contract—during the
transition. The next level, including Josh’s boss, had mostly jumped ship as soon as the
“merger” was announced. “This isn’t my thing,” drawled Nate Greenly over beer one
night at the local pub. “Corporate America isn’t going to let us stay as we are, no mat-
ter what they say. Get out while you can,” he advised. But Josh, with a freshly minted
MBA in his pocket, thought differently. And so here he was, walking into the CIO’s
office hundreds of miles away from the cramped loft in Toronto where Glow-Foods was
As the office door swung open, two people dressed in “power suits” turned to
meet him. “Uh oh, I’m not in Kansas anymore,” thought Josh as he mentally reviewed
his outfit of neatly pressed khakis and golf shirt, which was a big step up from his
usual attire of jeans and a T-shirt. A tall man with silver hair stepped forward with his
hand held out. “You must be Josh,” he boomed. “Welcome. I’m John Ahern, and this is
my associate, Tonya James, manager of IT marketing. Thanks for coming today. Please,
have a seat.” Josh complied, slinging his backpack over the corner of the leather chair
2 Smith, H. A., and J. D. McKeen. “Innovation at International Foods.” #1-L09-1-002, Queen’s School of
Business, December 2009. Reproduced by permission of Queen’s University, School of Business, Kingston,

Innovation at International Foods 235
while taking in the rich furnishings of the office and the panoramic view. After a bit of
chitchat about the weather and the prospects of their respective baseball teams, John
pulled out a black leather folder.
“Well, we won’t keep you in suspense anymore, Josh. As you know, when we took
over Glow-Foods we decided to completely align our processes, including IT. It doesn’t
make any economic sense to run separate data centers and applications, so we already
have a team in place to transfer all your hardware and software to our centralized cor-
porate systems over the next month. We’ll be replacing your Macs with PCs, and every-
one will get training on our ERP system. We’re going to keep a small team to deal with
the specifically Canadian issues, but other than that we see no need for an IT function
in Toronto any more.” Josh nodded glumly, thinking about his friends who would be
losing their jobs and all the fun they’d had during those all-nighters brainstorming new
ways to help Glow-Foods products go “viral.” Nate was right, he thought glumly. They
don’t really get us at all.
“That said,” John continued. “We are very impressed with the work you and your
team have done in using social networking, mashups, and multimedia to support your
marketing strategy. Your ability to reach the under-thirty demographic with technology
is impressive.” He turned to Tonya, who added. “Here at IFG, we have traditionally
marketed our products to women with children. We have a functional Web site—a place
where customers can find out about our products and where to buy them. More recently,
we’ve added their nutritional content, some recipes, and a place where customers can
contact us directly with questions, but it’s really unidirectional and pretty dry.”
Josh nodded in agreement with this assessment. The difference in the two compa-
nies’ approaches was night and day. Although not everything they had tried at Glow-
Foods had worked, enough of it had succeeded that demand for the company’s products
had skyrocketed. Young adults and teens had responded en masse to the opportunity
to post pictures of themselves drinking their Green Tea Shakes in unusual places on the
Glow-Foods Web site and to send a coupon for their favorite Glow-Foods product to
a friend. Serialized company mini-dramas popped up on YouTube and viewers were
asked to go online to help shape what happened to the characters—all of them using
Glow-Foods products extensively. Contests, mass collaboration in package design, and
a huge network of young part-time sales reps linked through Facebook all contributed
to making the brand hip and exciting—and drove sales through the roof.
John adjusted his French cuffs. “We want to tap into the youth and young adult
market with IT, and we think you’re the one who can help us do this. We’re going to
give you a team and whatever resources you need right here in Chicago. With our
global reach and much larger budgets, you could do great things for our company.”
John went on to outline a job offer to Josh that sent tingles down his spine. “I really
have hit the big time,” he thought as he signed the documents making him a team man-
ager at IFG at a salary that was almost double what he was earning now. “I can’t wait
to get started.”
Six weeks later he was being walked down the same hall by Tonya, now his
immediate boss, and into her office, a smaller version of his with a window looking
onto another high-rise. “What’s next?” he asked. “I’ve booked a meeting room for
you to meet your new team at ten-thirty,” Tonya explained. “But before that, I want to
go over a few things with you first. As the manager of IT Marketing, I am personally
thrilled that we’re going to be experimenting with new technologies and, as your coach

236 Section III • IT-Enabled Innovation
and mentor at IFG, I’m going to make it my job to see that you have the resources and
support that you need. However, you may find that not everyone else at this company
will be as encouraging. We’re going to have some serious obstacles to overcome, both
within IT and with the larger company. It will be my responsibility to help you deal
with them over the next few months as you put your ideas together. But you need to
know that IFG may have different expectations of you than Glow-Foods. And you may
find you will get a better reception to your ideas if you look a bit more professional.”
Josh winced and nodded. He’d already ramped up the wardrobe for his first day with
a sports jacket, but clearly he needed to do more. “Finally, I’d like you to come up here
every Friday afternoon at four o’clock to go over your progress and your plans. My
schedule is usually fully booked, but if you have any questions you can always send me
an e-mail. I’m pretty good at getting back to people within twenty-four hours. Now let’s
go meet your new team. I think you’ll be happy with them.”
An hour later Josh and his new team were busy taking notes as Tonya outlined
their mandate. “You have a dual role here,” she explained. “First, I want you to work
with Ben here to develop some exciting new ideas for online marketing. We’re looking
for whatever creative ideas you have.” Ben Nokony was the team’s marketing liaison.
Any ideas would be vetted through him, and all proposals to the individual product
teams would be arranged by him. “Second, I need you to keep your eyes open and your
ears to the ground for any innovative technologies you think might work here at IFG.
These are our future, and you’re our vanguard.” Josh glanced around at his team, an
eclectic group. They seemed eager and enthusiastic, and he knew they were talented,
having had a say in choosing them. With the exception of Ben, all were new to IFG,
experienced in using a variety of new media, and under thirty years old. They were
going to do great things together, he could see.
The next couple of weeks were taken up with orientation. Ben introduced each
of the major product divisions to the team, and everybody had come back from each
meeting full of new possibilities. Tonya had also arranged for the team to meet with
the chief technology officer, Rick Visser, who was in charge of architecture, privacy and
security, risk management, and the technology roadmap. Rick had been pleasant but
cool. “Please remember that we have a process for incorporating new technology into
our architecture,” he explained as he handed over a thick manual of procedures. “In a
company our size we can’t operate without formal processes. Anything else would be
chaos.” The team had returned from that meeting full of gloom that their ideas would
all be shot down before they were even tried. Finally, they had met with the IT finance
officer. “I’m your liaison with corporate finance,” Sheema Singh stated. “You need to
work with me to develop your business cases. Nothing gets funded unless it has a busi-
ness case and is approved through our office.”
Finally, having dragged some chairs into Josh’s eighteenth-floor and marginally
larger cubicle and desk, the team got down to work. “This is ridiculous,” fumed Mandy
Sawh, shuffling her papers on her lap. “I can’t believe you need to book a conference
room two weeks in advance around here. Who knows when you need to get together?”
“Okay, team, let’s settle down and take a look at what you’ve got,” said Josh. One by
one, they outlined their preliminary ideas—some workable and some not—and together
they identified three strong possibilities for their first initiatives and two new technolo-
gies they wanted to explore. “Great work, team,” said Josh. “We’re on our way.”

Innovation at International Foods 237
The problems began to surface slowly. First, it was a polite email from Rick Visser
reminding them that access to instant messaging and Facebook required prior approval
from his group. “They want to know why we need it,” groused Veejay Mitra. “They
don’t seem to understand that this is how people work these days.” Then Ben got a bit
snippy about talking directly to the product teams. “You’re supposed to go through
me,” he told Josh’s team. “I’m the contact person, and I am supposed to be present at all
meetings.” “But these weren’t ‘meetings,’” Candis Chung objected. “We just wanted to
bounce some ideas around with them.” Next, it was a request from Sheema to outline
their proposed work, with costs and benefits, for the next fiscal year—beginning six
months from now. “Can’t we just make up a bunch of numbers?” asked Tom Webster.
“We don’t know how this stuff is going to play out. It could be great and we’ll need lots
of resources to scale up, or it could bomb and we won’t need anything.” Everywhere
the team went, they seemed to run into issues with the larger corporate environment.
Tonya was helpful when Josh complained about it at their Friday afternoon meetings,
smoothing things over with Rick, helping Josh to navigate corporate procedures, and
even dropping by to tell the team they were doing a great job.
Nevertheless, Josh could sense his own and everyone else’s frustration as they pre-
pared for their first big project review presentation. “They want us to be innovative, but
they keep putting us in a straight-jacket with their ‘procedures’ and their ‘proper way to
go about things,’” he sighed to himself. Thank goodness, the presentation was coming
together nicely. Although it was only to the more junior executives and, of course, John
and Rick, he had high hopes for the vision his team was developing to get IFG out and
interacting with its customers.
“And in conclusion, we believe that we can use technology to help IFG reach its
customers in three new ways,” Josh summarized after all of his team members had
presented their ideas. “First, we want the company to connect directly with customers
about new product development ideas through an interactive Web site with real-time
response from internal staff. Second, we want to reach out to different communities
and gain insights into their needs and interests, which in turn will guide our future
marketing plans. And third, we want to implement these and other ideas on the ‘cloud,’
which will enable us to scale up or down rapidly as we need to while linking with com-
pany databases. Any questions?”
There was a moment of stunned silence, and then the barrage began. “What’s
the business value of these initiatives?” asked Sheema. “I can’t take them upstairs to
our finance committee meeting without a clear commitment on what the benefits are
going to be.” Ben looked nonplussed. “We don’t really know,” he said. “We’ve never
really done this before, but we like the ideas.” “I’m concerned that we don’t bite off
more than we can chew,” said John thoughtfully. “What if these customers don’t like the
company or its products and say bad things about us? Do we have any procedures for
handling these types of situations?” “There’s definitely a serious risk to our reputation
here,” said Rick, “but I’m more concerned about this ‘cloud’ thing. We haven’t even got
cloud in our architecture yet, and this plan could make company intellectual property
available to everyone in cyberspace!” Sheema spoke again. “I hate to mention this, but
didn’t we do something like this community project about ten years ago? We called it
knowledge management, and it flopped. No one knew what to do with it or how to
handle the information it generated.” On and on they went, picking holes in every part
of every idea as the team slumped lower in their seats.

238 Section III • IT-Enabled Innovation
Finally, Tonya stood up. “I’d like to thank you all for raising some legitimate and
important concerns,” she said. “And I’d like to thank Josh and his team for some fine
work and some excellent ideas. Marketing was looking for creativity, and we have
delivered on that part of our mandate. But now we have a more important job. And that
is innovation. Innovation is about more than good ideas; it’s about delivering the best
ones to the marketplace. We’re in a new world of technology, and IT can’t be the ones
to be saying ‘no’ all the time to the business. Yes, we need to protect ourselves, and we
don’t want to throw money at every half-baked idea, but we’ve got to find a way to be
open to new ideas at the same time. We know there’s value in these new ideas—we saw
it work at Glow-Foods. That’s why Josh is here. He has a proven track record. We just
have to find a way to identify it without taking too much risk.”
The room sat in stunned silence as Tonya looked from one to the other. At last,
John cleared his throat. “You’re right, Tonya. We want creativity and innovation, and
we need a better way to get it than we have now. I think what we need is a process
for creativity and innovation that will help us overcome some of the roadblocks we
put in place.” As Josh mentally rolled his eyes at the thought of yet another process,
Tonya replied. “I think you’re partially right, John. Processes do have their place, but
we also need some space to play with new ideas before we cast them in concrete. What
I’d like to do over the next two weeks is speak with Josh and his team and each of
you and  then develop a plan as to how we can, as an IT department, better support
innovation at IFG.”
Discussion Questions
1. In discussion with Josh, Tonya foreshadows “some serious obstacles to overcome.”
Describe these obstacles in detail.
2. How can Josh win support for his team’s three-point plan to use technology to help
IFG reach its customers?

Mini Case
Consumerization of Technology
at IFG3
“There’s good news and bad news,” Josh Novak reported to the assembled IT man-
agement team at their monthly status meeting. “The good news is that our social
media traffic is up 3000% in the past two years. Our new interactive website, Facebook
presence, and our U-Tube and couponing promotions have been highly successful in
driving awareness of our ‘Nature’s Glow’ brand and are very popular with our target
demographic—the under-30s. Unfortunately, the bad news is that our competitors at
GPL are eating our lunch with the new mobile apps they’ve developed.”
Everyone frowned at the mention of Grocers’ Products Limited, their fiercest com-
petitor, which had the largest chain of integrated food and retail stores in the country
and whose Premier Choice products were showcased on their shelves, making it
increasingly harder for IFG to get prime space for their top brands.
“Our web and social media presence has helped us to begin to develop a relation-
ship with our customers,” Josh continued, “but our Marketing folks are very worried
that we’re going to be falling behind, isn’t that so Tonya?”
Tonya James, manager of IT Marketing, nodded her head. As the IT person work-
ing directly with marketing, it had been under her watch that IFG had transformed its
dowdy online presence into something that was hip and trendy. Together, she and Josh,
now manager of IT Innovation, had begun experimenting with new media, creating an
innovation process that took a large number of new technologies and ideas for products
and services and created a protected “sand box” that enabled trial implementations for
employees only. Feedback and experience at this level then helped Josh and his busi-
ness colleagues select the best ones for development in full “heavy-duty” production
mode for the public, complete with privacy and security protection and following all
architectural standards. Only then would the chief technology officer, Rick Visser, who
was charged with protecting company data and systems, allow new technologies to be
fully integrated into IFG’s internal technical environment.
Mark Szabo, the newly appointed head of IFG’s Business Intelligence (BI) team
reported next. “As you all know, our executives are all screaming for more and more
information to help them but it’s not going to be easy. What we have here at IFG is a
data mess and it’s only going to get worse from what I can see.” The picture wasn’t
pretty he warned. IFG had thousands of traditional systems all of which produced data
and reports. The problem was that each used somewhat different definitions of impor-
tant company concepts, like “in stock.”
3 Smith, H. A., and J. D. McKeen. “Consumerization of Technology at IFG.” #1-L11-1-002, Queen’s School of
Business, December 2009. Reproduced by permission of Queen’s University, School of Business, Kingston,

240 Section III • IT-Enabled Innovation
“If our goal is to improve the stocks of our products on the shelves, we’ll have to
go back to rewrite many of these systems. Some of them believe that a product is ‘in
stock’ when it’s on the shelves; others when it’s in our back room waiting to be put on
the shelves; still others when we have received the order from the supplier or when it’s
arrived at our regional distribution centers.” He went on to describe similar problems
with varying understandings of such core company data as “customer,” “supplier,”
“employee,” and others. “It’s hard to tell our executives how ‘sales’ are going when we
don’t have a single definition of what ‘sales’ are!” he said with frustration. “Right now,
I’ve got two people working full time on spreadsheets trying to reconcile data to answer
the questions we continually get from the 37th floor,” he concluded referring to the
executive suite. “We can’t tell them we don’t have the information but we need a better
way to get it, that’s for sure.”
The meeting droned on with the CIO, John Ahern, calling on all his managers one
at a time. As far as most of them were concerned, it was “business as usual” in IT. Josh
didn’t say anything else in the meeting but he cornered Mark as it broke up. “Have you
got time for a coffee? I think we need to talk.”
“Sure, what’s up?,” Mark asked as they headed toward the company cafeteria.
“I liked what you had to say in the meeting about BI,” said Josh. “You seem to be
one of the few managers here who understands that what we do in IT is going to have
to change dramatically over the next few years. And that a lot of our work is going to
focus on information—getting it; analyzing it; and delivering it in packages that people
can use for their work. I believe that there’s a data tsunami rapidly heading our way
and we haven’t got a clue how to deal with it.”
Mark grimaced as he filled his cup with what the cafeteria called “coffee.” “I know,
I know,” he agreed. “I’ve only been in BI a couple of months but all those articles and
books out there about competing on analytics and analyzing unstructured data, like
emails and tweets and blogs, are making my head spin. If we can’t agree on what a
‘customer’ is, how are we ever going to manage the rest?”
Josh made a sympathetic face. “You’ve got that right, but I’m afraid it’s even worse
than you think.” Over the next thirty minutes he described what he was seeing out in the
field as he looked for innovative new technologies and applications that could help IFG.
“You think we have problems with our existing systems, but there are guys out
there in our business units buying full-scale applications from the cloud with company
credit cards!” He went on to tell Mark about the pressure he was getting from the sales
guys to buy everyone iPads so they could write up orders on the road. “We’ve already
been forced by our C-team to buy them and the board iPads and so far, we’ve kept them
locked down tightly, but that’s going to change very soon.”
Users were also creating local “data marts,” which included copies of core com-
pany data as well as external data feeds, and then building complex spreadsheets with
information derived from these.
“Our business units don’t use the centralized company reports anymore,” he
stated. “They create their own. We’ve got the ‘wild west’ out there!”
Mark looked shocked. “What about our company data warehouse? Isn’t that what
they’re supposed to use?” He had spent a few years building the warehouse a while
back and the team had put a lot of thought into making it the best they could.
Josh was aware of this but ploughed on. He and Mark needed to be on the same
page about this if these issues were ever going to be resolved. “The world has changed,”

Consumerization of Technology at IFG 241
he said gently. “Our business guys are online all the time now; software vendors are
targeting them directly and because of the low costs involved they can afford to make an
end run around IT; there are literally thousands of free data sets out there; and computing
power and storage cost aren’t an issue any more with the cloud. Our data warehouse is
seen as a dinosaur. It’s inflexible because we insist on reviewing all the data that goes in
there for quality and provenance and it takes forever (i.e., 30 seconds) to get a response.”
Mark looked down at the table and sighed. “So what you’re saying is that all my
work in BI is too little, too late?”
Josh thought for a moment before replying. “That’s not exactly what I’ve been
saying, Mark. What I meant to point out is that we in IT are caught in the middle between
two opposing trends. The first is the trend to analytics and business intelligence that
you’re working on. That’s important. The execs want to get at more information to run
the company and it has to be based on good, trustworthy data. There are whole busi-
nesses out there that are winning because they’ve found a way to do this.
But the other, opposite trend is what I’m seeing. And it’s important too. Everyone
working in our business is also a consumer of technology and when the devices and
applications they can use in their personal lives are more powerful and flexible than those
in their business lives, they naturally want to work around the clunky technology we
provide them with and use their own. And, since we’re now trying to build relationships
with our customers, we are going to have to start thinking and working like they do.”
“In some ways, this is just like the ‘old days’ in IT,” Mark smiled. “I’m a lot older
than you and I remember when those new-fangled PCs came in and everyone in IT was
worrying about how we were going to handle people working on their own comput-
ers at home. And then when the web first hit business, we had people running around
saying ‘the sky is falling’ and developing their own personal and localized websites. We
don’t handle new stuff well around here, do we?”
Josh grinned. He was notoriously frustrated with the IT “powers that be” that
always wanted to lock everything down and wrap it in layers of privacy and security
before allowing it out there. “Well, let’s just say that we’ve got some way to go before
I  believe we can be as innovative as I’d like us to be. We’ve got to be aware of these
trends and how they’re going to hit us. Or our business model could change and we’ll
be out in the cold. Where are all the book stores, video stores and music stores these
days? What happened to those companies?”
“You’re right of course,” said Mark “but we have to get more people involved
in figuring out what we need to do here. This is a HUGE issue and we can’t ‘boil the
ocean’! Somehow we need to get our arms around the most important things to do so
we can make some sort of progress. Otherwise, we’re spinning our wheels and the situ-
ation’s just going to grow more and more out of control.”
“I’ll tell you what,” said Josh. “Let me speak with Tonya. She’s terrific at stick-
handling these situations. I’ll get back to you with a plan.” And with that, they began to
talk about the upcoming company softball game as they cleared the table and headed
back to their respective cubicles.
Josh laid the situation out for Tonya at the first opportunity he could find in her
busy schedule. “So you see,” he concluded. “We need the discipline and rigor of BI and
all of the good things we in IT can do for our executives and employees if we get them
better and more trustworthy information. But we also need to keep moving ahead in the
mobile and social space for consumers without putting handcuffs on us. And we need to

242 Section III • IT-Enabled Innovation
recognize that the business is likely already doing their own thing on the cloud without IT
and using their own personal devices, because it’s so cheap and easy to do and we don’t
help them! If we don’t somehow figure out how all this stuff fits together—especially the
data—we’ll never be able to use what we know either operationally or strategically.”
“You’ve done a good job articulating the challenges we’re facing,” Tonya said.
“I know that the Marketing people are putting lots of pressure on me to help them with
better information and tools. In my experience, when business is in turmoil they want
everything right away and they’ll do whatever it takes to get it now. What would you
say our biggest need is right now?”
Josh fiddled with his pen for a moment. He had hoped Tonya would tell him.
“Well . . .,” he said slowly. “We need to be seen to be doing more in this space. It’s okay to
work on the big systems and core data. In fact, that’s our main job. But we also need to
help the business help itself. With my tiny innovation team, I can’t possibly deal with all
of the ideas and technologies that are out there. And the business guys are seeing many
more opportunities than I can deal with. It’s really hard to tell what’s going to work
and what isn’t until they play with things. I can provide some of this in my ‘innovation
sandbox’ but I don’t think that’s going to be enough. And . . .,” he said as another idea
popped into his head, “we don’t have the right people to do some of this work. We need
information analysts, mobile developers, visualization specialists and lots of business
people to work with us and teach us about the business. I don’t have all the answers
here but we can’t stick our heads in the sand and let the world change around us. Are
we going to be reactionary or visionary?”
Tonya smiled. “There’s never a dull moment around here is there? You’ve got an
important point of view here but I think Rick Visser does too. Just in IT alone, we’ve got
a number of groups that need to have some input on this, in addition to my area. We
have to get ahead of this ‘tsunami’ of yours and be proactive in a way we’ve never been
before. This doesn’t mean that we throw all our tried and true practices out the window
but it also means that we should do some things differently around here and that means
John has to be involved. We need a plan to manage all these new trends and he’s in the
best position to help us because there are going to be a lot of cultural, organizational
and structural changes involved, not just for IT but for the whole business. But we can’t
dump this in his lap. We need to do our homework first. I’ll talk with him and tell him
what we’re doing and try to identify the stakeholders involved. Can you come up with
some key issues and preliminary recommendations about what you think we should be
doing and how we should do it? Sit down with Mark and get his ideas too. Then we’ll
see if we can get everyone in a room together to ‘talk turkey’ and hammer out a more
proactive IT strategy for handling this mess.”
Discussion Questions
1. Describe the problem at IFG as succinctly as you can. Use this description to iden-
tify the main stakeholders.
2. IFG can’t afford the resources to identify, define, cleanse, and validate all of its data.
On the other hand, building yet another data mart to address a specific problem
worsens the data situation. Propose a solution that will enable IFG to leverage a key
business problem/opportunity using their BI tools that does not aggravate their
existing data predicament.

Mini Case
CRM at Minitrex4
Georges Degas, Director of Sales at Minitrex, looked at his salesman with concern and
sympathy as the man described another sales call where he had been made to look
unprofessional! It was bad enough that he didn’t know that the company he’d just
phoned was already a Minitrex customer, but being told that he was the third caller this
week from Minitrex was horrible. “I’d be better off with a Rolodex and handwritten
notes than this system,” he grumbled.
To keep track of customer information, salespeople use the Customer Contacts
system, the brainchild of Degas’s boss, Jon Bettman, VP of marketing. Bettman’s posi-
tion was created eighteen months ago in an effort to centralize sales and marketing
activities at Minitrex. The sales and marketing team is responsible for promoting
and selling an array of products to its customers. There are two distinct product
lines, each developed by a separate division (insurance and financing) that also pro-
vides after-sale customer service. The idea behind having a department dedicated
to sales and marketing was to create opportunities for cross-selling and up-selling
that didn’t exist when salespeople were tied to just one of the company’s product
The insurance division, led by Harold Blumfen, VP of insurance, is a major
profit maker for Minitrex. Blumfen’s group is divided into industry-specific teams
whose goals are to develop deep industry knowledge and design short-term insurance
products to meet clients’ needs. Irascible and brilliant, Blumfen believes that comput-
ers are good for billing and other accounting functions but cannot replace people for
customer knowledge and support. His division uses a credit administration system
(developed more than twenty years ago) to track customer billings and payments and
a general management system to keep track of which products a customer has bought
and what services the customer is entitled to. Both are fundamentally back-end systems.
The industry teams keep front-end customer knowledge in their own documentation
and in their heads.
The mission of the financing division is to provide business sectors with financ-
ing services that are competitive with those of the big banks. As with the insurance
division, its products and customer service are designed and delivered through its
own industry-specific teams. However, unlike Blumfen, the VP of financing, Mariella
Hopkins, is an IT enthusiast. Hopkins joined Minitrex about four years ago after a suc-
cessful banking career. Her mandate, which she has undertaken with alacrity, was to
“combine big banking services with small company flexibility.” To do this, her division
funded the development of a management business center application, which acts as
an online customer self-service system. Customers can obtain statements and financing
4 Smith, H. A., and J. D. McKeen. “CRM at Minitrex.” #9-L05-1-002, Queen’s School of Business, January 2005.
Reproduced by permission of Queen’s University, School of Business, Kingston, Ontario.

244 Section III • IT-Enabled Innovation
online and often can get credit approved instantly. Customer-service representatives
use the same basic system, with additional functionality, to track customer transactions
and to provide customer support as needed.
“The company is always promising better systems, ‘thought Degas,’ but when it
comes down to it, no one can agree on what to do. Being customercentric seems to
depend on whose view of the customer is being used. Meanwhile, salespeople can’t do
their jobs properly. Just imagine what our customers think!”
Bettman has been trying to get the company to see the importance of having
timely, accurate, and integrated customer information without much success. To
give his sales force a better way to keep track of sales prospects, he developed his
Customer Contacts system, which schedules sales calls on a periodic basis and
provides mechanisms for generating and tracking new leads; it also forms the basis
on which the marketing department pays the salespeople’s commissions. Real-time
information on sales by product, salesperson, and region gives Bettman and his team
excellent feedback on how well their centralized marketing strategies are perform-
ing. For purposes of invoicing and servicing the accounts, the Customer Contacts
system also feeds data into the insurance and financing divisions’ systems after sales
are made.
“I’ll see what I can do about this,” Degas had promised his frustrated salesman,
knowing that it would take a miracle to improve the situation. “I’ll speak with the direc-
tor of IT today and get back to you.”
Degas put in a call to Denny Khan, Minitrex’s long-suffering director of IT. Khan,
who reported to the CFO, was outranked by Bettman, Blumfen, and Hopkins. To his
surprise, Khan answered the phone right away. “I was just leaving for lunch,” he
explained. “What can I do for you?”
As soon as Degas began to explain what had happened that morning, Khan cut
him off. “I know, I know. But the VPs would say, ‘Our systems work fine for our needs,
so why change them? We have a lot more urgent IT needs to spend our money on.’
Blumfen doesn’t want to spend a nickel on IT and doesn’t want to have to work with
Hopkins. Hopkins is open to collaboration, but she doesn’t want to compromise her
existing system, which is working well. And Bettman can’t do anything without their
cooperation. Furthermore, none of them will assign dedicated business staff to help us
put together a business case and requirements. Their line is ‘We don’t have the budgets
for this. Of course, we’ll answer IT’s questions, but it’s their job to give us the systems
we need.’”
“I see the same attitude in our business activities,” agreed Degas. “Our sales force
often doesn’t know what services the business teams are providing to the customers.
I don’t see how management can expect to make informed decisions when they’re not
sharing basic information. Isn’t there some way we could at least get common customer
data—even if we use the data in different ways? And surely, with each unit identifying,
prioritizing, and paying for IT opportunities, the duplication of support services must
cost an arm and a leg.”
“Sure,” Khan agreed, “but each unit developed its own terminology and special-
ized data items over time, so these only work for their systems. Sharing is impossible
unless everyone agrees on what information everyone needs about our customers.
I’d like to see something done about this, but when I take it to the IT prioritization

CRM at Minitrex 245
committee, it always seems to get bumped off the list. To the best of my knowledge,
there has never been an effective business case to improve CRM. And anyway, I don’t
own this issue!”
“You’re probably right, but I’m not sure how to go about this,” said Degas. “Let
me think about it and get back to you.”
Discussion Questions
1. Explain how it is possible for someone at Minitrex to call a customer and not know
(a) that this is a customer and (b) that this is the third time this week that they had
been called.
2. Outline the steps that Bettman must take in order to implement CRM at Minitrex. In
your plan be sure to include people, processes, and technology.

Mini Case
Customer Service at Datatronics5
Matt Rubenzahl winced as the all-too-familiar, soothing machine voice crooned in his
ear: “All our operators are busy. Your call is important to us. Please stay on the line as
our calls are being answered in priority sequence.…” He glanced at his watch. Only
fifteen minutes left of his lunch break before the big meeting, and he had to resolve this
problem with the bank. “Why do they call this the ‘Customer Help line’?” he grumbled.
“It seems like it’s there to help them, not us!”
As the Muzak droned on in the background, punctuated briefly by a hopeful click
and then the machine voice again, Matt’s mind wandered to the upcoming meeting.
As the development manager of E-Z RP, an end-to-end, fully integrated CRM/ERP/
service management suite for small- and medium-size enterprises (SMEs), he’d had his
dream job. Leading a small team of developers and working actively with both the sales
and service group, E-Z RP had made quite a name for itself, carving out a profitable
business in the SME niche that the bigger players hadn’t (until now) wanted to touch.
E-Z RP was everything they weren’t—user friendly, integrated, flexible, and intuitive.
A service-based product, E-Z RP modules were accessed over the Web and hosted at the
E-Z RP data center. Online training and friendly service completed the package, making
E-Z RP one of the fastest growing service-based products on the market.
That was the good news, but it was also the bad news because E-Z RP’s success
had attracted the corporate vultures, and the company had been taken over a few
weeks ago by Datatronics. Of course, the party line had been “business as usual,” but
today they were going to find out what the takeover would really mean for the people
who worked there. Matt worried about his little development team. The seven of them
had been together for a while now, and they liked and respected each other’s skills.
More important, they knew their product and understood how it helped their custom-
ers, thanks to Bill Blatherwick, their CEO. Bill had taken over E-Z RP as a start-up from
its innovative founder, Todd Wylie, and had grown it into the successful enterprise it
was today. It had been Bill who had made sure that Matt and his team went out on sales
calls, sat in with the customer service reps (CSRs), and got to know the needs of the
businesses firsthand.
Matt’s reverie was interrupted by a cheery voice, “This is Tanya. How may I help
you today?” Matt glanced at his watch—ten minutes of waiting for him, zero for the
bank. Quickly he explained that the electronic transfer of funds from his checking
account into his money market account had gone the other way, and now he had twice
as much money in his checking account. He had the confirmation number right here in
front of him. How could this happen? “Oh, I can explain that, sir,” chirped Tanya. “You
see, when you transfer funds, the request gets printed out here at the bank and then
rekeyed into the money market system the next day. One of the keyers must have made
5 Smith, H. A., and J. D. McKeen. “Customer Service at Datatronics.” #1-L08-1-001, Queen’s School of Business,
September 2008. Reproduced by permission of Queen’s University, School of Business, Kingston, Ontario.

Customer Service at Datatronics 247
a mistake. I can correct that.” Matt rolled his eyes—some “electronic” banking—just a
slick-looking front end and the same transaction-based system in the back office.
“I know this isn’t your fault,” he said. “But the bank should know the problems
this is causing. Can you please file a report about this?”
“They don’t really listen to us, but you could write a letter. I could give you our
ombudsperson’s address,” said Tanya.
“Thanks, but I don’t have time,” Matt said, with more courtesy than he felt, and
hung up, grabbing his jacket and tightening his tie as he dashed off to the main confer-
ence room.
It was standing-room only as everyone in the company crowded in to see the
broadcast message of Brent Hinchcliffe, CEO and chief vulture of Datatronics. The com-
pany was noted for growing through acquisitions, and Hinchcliffe had a reputation as
having a good eye for value but leaving the rest of his staff to sort out the messy details
of the actual integration. As the booming voice welcomed them all to the “Datatronics
family—the best technology for companies in the world,” Matt tuned out Hinchcliffe’s
platitudes. He’d been through these things before. That was how he’d ended up at E-Z
RP: His former company had been taken over, and six weeks later he’d been out of a
job. The last few years here had been great, though, and he didn’t relish the thought
of having to change again. He was in management now, and jobs were tougher to find
and his family was settled here. Matt sighed as Jennifer Merkley, the head Datatronics
honcho in the room, clicked off the video and connected her PowerPoint presentation.
Merkley started by making an effort to be highly complementary about the E-Z RP
organization and to assure everyone that they had a place on the “Datatronics team.”
It soon became clear, however, that E-Z RP was going to exist as a product only. Behind
the scenes, there was going to be a whole new organizational structure. As Matt had
expected, Blatherwick was moving on “to other opportunities,” while Matt’s group
and the customer service group were going to be integrated with the other teams,
leaving only sales as a separate unit. One box in the org chart was labeled “E-Z RP
Development,” and several others were marked with the other Datatronics products,
including Data-Pro, Bus-I, Web-Spider, and Delphi-Plus. The latter was Datatronics’s
main offering, an ERP for larger businesses, and it was an inflexible piece of software
that reflected the company’s Teutonic roots. For Delphi-Plus users it was “My way or
the highway,” and E-Z RP had been picking off some of its lower-end and more frus-
trated customers for the last few years. Was this payback time? Was Datatronics going
to bury them? Matt had seen this before: bigger competitors gobbling up smaller but
better products and pulling the plug on them.
The little boxes on the PowerPoint slides weren’t populated, of course, so Matt
headed back to his office still not knowing where he stood, pleased at least that E-Z RP
had a place on the map. It would be a huge change for customers, however. Now they’d
be calling in to a major call center designed to deal with all Datatronics’s products. The
level of service and support customers had come to expect was bound to deteriorate.
Matt spent some time chatting with his developers, encouraging them in the notion
that the change would be for the better, although he could tell that some weren’t con-
vinced and would likely be polishing up their resumes and making the rounds—if they
hadn’t already done so. His staff had been carefully selected, not only for their skills but
also for their interest in business and their ability to interact with both businesspeople
and customers. Many of them had started in the E-Z RP Customer Service Center as

248 Section III • IT-Enabled Innovation
new grads and had been promoted, first into maintenance and then development. They
wouldn’t relish being turned into back-room coders.
Back at his desk, Matt tried to interest himself in the latest project reports, until a
small ping announced the arrival of an e-mail. It was a summons from Jennifer Merkley
to meet with her at 5:00 that afternoon. “This is it,” thought Matt. “I’m out, and they’re
going to do it after office hours.” He spent the next hour tidying up his desk, getting
rid of the junk and organizing it so it could be easily packed into a couple of boxes. He
pulled out a slim file of letters—copies of glowing customer reviews that Bill had for-
warded to him. After allowing himself a small moment of pleasure, he pitched it into
the recycle bin, then thought better of it. Maybe these would be useful in a future port-
folio of his accomplishments.
At 4:55 he headed off to Merkley’s office and cooled his heels in the empty recep-
tion area for a good fifteen minutes. “Typical,” he thought. “This company can’t even
fire you on time.” Just then Merkley’s door opened and out she came, accompanied by
a neatly dressed, gray-haired man. “Matt, I’d like you to meet Victor Wang,” she said as
the two shook hands. “You two will be working together closely in the future.”
“Oh,” said Matt lamely, mentally switching gears. “Nice to meet you.”
Merkley swept him into her office and motioned to him to sit down. “You’re prob-
ably wondering about Victor,” she began, and Matt nodded. “He’s going to take over
your E-Z RP team, starting tomorrow. We’ve decided to fully integrate the Datatronics
and E-Z RP staff, which means mixing up the teams. Some of your staff will move to
other products and vice versa.”
“Oh,” said Matt, again not knowing how to respond.
“You’re also probably wondering what this will mean for your job,” continued
Merkley. Matt nodded again.
“Well, we want you to know that your work with the E-Z RP team has not gone
unnoticed here at Datatronics.”
“Thanks,” spluttered Matt.
“We believe you have been instrumental in pulling together a highly customer-
focused team that delivers.” Matt sat up a little straighter, hope beginning to grow
that this was not going to be the disastrous meeting for which he had steeled himself.
“That’s why we want you to take over our new combined Customer Service Center.”
“WHAT the . . . .” An expletive almost escaped from his lips until he changed it to
“Heck, what do I know about running a customer service center?”
Merkley almost smiled but then gave him a steely stare and said in a tone that
brooked no opposition, “Look, Matt, you’re a good development manager, and we
know that, but we have a lot of them at Datatronics. What we don’t have is someone
who understands business and is customer focused. We need you in this role. You’ll
have a much larger staff and budget and a chance to prove yourself to senior manage-
ment. I know it’s a change, but if you’re truly interested in being a manager, you will
have to be flexible and go where we need you.”
Matt gulped and gave her the only answer possible under the circumstances: “All
right, I’ll give it a shot.” He was rewarded with a brisk handshake and a pile of manila
“I was hoping you’d say that,” she said. “So I took the liberty of asking the out-
going manager, Vish Singh, to pull together his plans for the group. He’s heading off to
India to start up our new Bangalore office.” Reeling with too much information, Matt

Customer Service at Datatronics 249
took the folders, thanked Merkley, and headed back to his office to consider this rather
unexpected and not entirely welcome redirection of his career path.
Over the next few days and nights, Matt immersed himself in a whole new world.
He watched harried CSRs take a continuous stream of calls. As soon as one ended,
another would pop up. The E-Z RP service staff had been unceremoniously moved into
the Datatronics call center, given a crash course in the company’s other products, and
cut loose. According to Vish’s notes, cost seemed to be the driving force behind every-
thing that was done. Customer service appeared to be under constant pressure to cut
costs, and its budget had been routinely slashed by 10 percent a year over the past
five years, despite the company’s acquisition of several new products during this time.
Everything ran by metrics—number of calls, call turnaround, cost per call, and so on.
And the only new technology the center had acquired recently was a high-end, voice-
activated IVR system, named Pamela. Its voice and features had been endlessly lam-
pooned in the press, most notably when Datatronics had announced cutbacks and some
wit had written to the paper hoping that Pamela was on the hit list. Although nothing
had been said about outsourcing this function, Matt had his suspicions that when the
new Bangalore office was up and running, he’d have some stiff competition from Vish
to keep customer service in North America.
And the HR problems! The turnover was fierce. Unlike customer service at E-Z
RP, there were few ways out and up the ladder at Datatronics. The company seemed to
hire staff, work them hard, and then expect them to quit. Training was basic. Most staff
learned on the job. Customers dealing with trainees on the line often ended up frus-
trated and confused. Sometimes the customer service reps seemed to be the last ones to
know about new releases of products or new features. “We sure don’t present a consis-
tent face to our customers,” Matt complained to his supervisory staff after receiving yet
another complaint that different CSRs had provided contradictory advice. Second-level
support was minimal because it cost more to provide.
Online data about products were available, but the search features were not strong
and information about each product was presented in the format of the company that
had originally developed it. Thus, the E-Z RP information looked different from the
Web-Spider information and from the Delphi-Plus information, making it harder to flip
from one call to the next. Even more frustrating for the CSRs was the fact that they had
few mechanisms for feeding back common problems to the development teams. There
was an online form for customer complaints but no means for the CSRs themselves to
make suggestions and recommendations. On the surface, it seemed to Matt that the
company didn’t really care about customer service and was simply providing the mini-
mum it could.
Matt raised this issue with his new boss, the CIO of Datatronics, in their first
meeting after he’d been on the job about three weeks. “It seems to me that we see cus-
tomer service as more of a cost center than as a means to learn more about our products
and our customers’ needs,” he said. “Are we just giving lip service to the term customer
service? Do our executives know how bad our service is?”
Joel McGivern had given him a quick, penetrating look as if he were wondering
about Matt’s motivation for the comment. “We care,” said Joel drily, “about as much as
it takes to keep our customers from switching to the other product. Our job is to find
the right balance between saving money and saving our customers. If that seems harsh,
it’s the way of the world right now. We’re in business to make a buck, not provide

250 Section III • IT-Enabled Innovation
red-carpet service. It’s dog-eat-dog out there, and our competitors are all looking for
ways to beat our prices. Our efforts have to be focused on new products and new fea-
tures, not on necessary evils like customer service.”
“I suppose,” said Matt dubiously. “But if we could delight our customers with our
ability to assist them, if we could get to know their needs better so we could design a
better product that wouldn’t need as much support, and if we could use our center to
develop business skills in our staff that we could use in the business, wouldn’t that be
worth something? And who says that customers don’t want good service and might not
be prepared to pay for it?”
“Absolutely no one wants to pay additional service fees,” growled Joel. “We’ve
tried that, and it doesn’t work. Don’t go there.”
“Okay,” said Matt. “But I worry that we’re losing customers with this level of ser-
vice. We certainly benefited from your attitude at E-Z RP, and I think our service was
one of the reasons why you acquired us in the first place and why you wanted me in
this job.”
Joel looked thoughtful. “I’m not saying that there’s no room for improvement,” he
said. “And if you make a good case for it, I might even be able to get you a little more
money—on a project basis, not to increase our base operating costs. If you want to give
it a go, give me your top ideas next week—with costs and time lines, mind you—and if
I like them, I’m willing to take them to the steering committee for extra funding. In the
meantime, however, I’d also like to know what you could do to improve things without
any extra money.” He paused and then smiled. “I hate those so-called ‘customer help’
lines as much as you do.”
Discussion Questions
1. Outline the specific information that Matt should collect to build a case for improv-
ing customer service at Datatronics.
2. Describe your top ideas for Matt to present to Joel next week.
3. How would Matt get Joel to support his ideas?

S e c t i o n i V
IT Portfolio Development
and Management
Chapter 17 Application Portfolio Management
Chapter 18 Managing IT Demand
Chapter 19 Creating and Evolving a Technology Roadmap
Chapter 20 Enhancing Development Productivity
Chapter 21 Information Delivery: IT’s Evolving Role
Mini Cases
■ Project Management at MM
■ Working Smarter at Continental Furniture International
■ Managing Technology at Genex Fuels

C h a p t e r
17 Application Portfolio Management1
According to many industry assessments, the typical IT organization spends as much as 80 percent of its human and capital resources maintaining an ever-growing inventory of applications and supporting infrastructure
(Serena 2007). Although no one argues with the importance of maintaining
applications (after all, they do run the business), everyone is concerned with
rebalancing the IT budget allocation to increase the discretionary spend by decreas-
ing the maintenance spend, ensuring that the set of applications is well aligned
with business needs, and positioning the organization technologically to respond
to future initiatives. Collectively, this activity has come to be known as “application
portfolio management” (APM).
Formally, APM is the ongoing management process of categorization, assessment,
and rationalization of the IT application portfolio. It allows organizations to identify
which applications to maintain, invest in, replace, or retire, and it can have signifi-
cant impact on the selection of new business applications and the projects required to
deliver them. The overall goal of APM is to enable organizations to determine the best
approach for IT to meet business demands from both a tactical and strategic perspective
through the use of capital and operating funds allocated to building and maintaining
applications. APM typically includes an analysis of operating and capital expenses by
application, demand analysis (i.e., assessing business demand at the application level to
determine its strategic and tactical business drivers), and application portfolio analysis
(i.e., the current versus the desired state of the application portfolio in terms of both
technology and business value).
Although APM is not a new idea, it may be one whose time has come. There are
many espoused benefits of APM, including reduction of the cost and complexity of the
applications portfolio, reduction or elimination of redundant functionality, optimization
1 This chapter is based on the authors’ previously published article, McKeen, J. D., and H. A. Smith.
“Application Portfolio Management.” Communications of the Association for Information Systems 26, no. 9
(March 2010): 157–70. Reproduced by permission of the Association for Information Systems.

Chapter 17 • Application Portfolio Management 253
of IT assets across different applications and functions, greater alignment with the busi-
ness, better business decisions regarding technology, and an effective means of commu-
nicating the contribution of IT to the overall organization.
This chapter begins by examining the current status of IT applications in
organizations. It then examines the notions of a portfolio perspective as it applies to
applications (in contrast to a portfolio of financial assets) and outlines the specific ben-
efits of such a perspective. Implementing a successful APM initiative requires three
key capabilities—strategy and governance, inventory management, and reporting and
rationalization—which are described in detail. The chapter concludes with some key
lessons learned by organizations having invested in APM.
The ApplicATions QuAgmire
Born of autonomous business-unit-level decision making and mergers and
acquisitions, many IT organizations manage multiple ERP applications, knowl-
edge management systems, and BI and reporting tools. All are maintained and
periodically upgraded, leading to costly duplication and unnecessary complexity
in IT operations. Left unchecked, the demands on the IT organization to simply
maintain its existing inventory of applications threatens to consume the capacity
to deliver new projects. (Serena 2007)
The proliferation of application systems within organizations is legendary. Built
over time to serve an ever-changing set of business requirements, such systems span
generations of technologies (e.g., hardware, software, systems, and methodologies),
many of which are now obsolete and unsupported by the vendor community, are host
to countless “workarounds,” remain poorly documented, depend on the knowledge
of a rapidly retiring workforce, and yet continue to support the key operations of the
organization. Some (if not many) of these application systems have never been revisited
to ascertain their ongoing contribution to the business. Based on decisions made by
separate business units, many applications duplicate the functionality of others and are
clearly redundant, and others have become unnecessary but have managed to escape
detection. Accounts of organizations continuing to pay licensing fees for decommis-
sioned software and supporting 27 different payroll systems all attest to the level of
disarray that typically exists in large organizations. The full impact of such a quagmire
becomes apparent either when virtually the entire IT budget is consumed by mainte-
nance and/or when an organization attempts to integrate its suite of applications with
those of an acquiring firm—whichever comes first.
Cause and effect are straightforward. The number of applications grows due
to the practice of continually adding new applications without eliminating old ones.
As it grows, the number of interfaces increases exponentially as does the number of
complex and often proprietary enterprise application integration (EAI) solutions to
“bridge” these disparate systems. The combined effect is to increase the frequency of
(and costs of supporting) redundant systems, data, and capabilities across the orga-
nization. As their number and complexity grow, so does the workload and, without
expanding IT budgets and headcounts commensurably, so does the portion of the IT

254 Section IV • IT Portfolio Development and Management
budget devoted to maintenance and operations. From a management perspective,
organizations are left with shrinking discretionary funds for new IT development and
find themselves unable to assess the capability or measure the adequacy and value of
current application support structures, track dependencies of business processes on
applications, determine where money is being spent, and map IT investments to busi-
ness objectives. Thus, in many organizations, the suite of IT applications has become
But while the cause and effect are identifiable, remedies are not easily obtained.
The first obstacle is resources:
The practice of continually adding to the IT burden while holding IT budgets and
head counts relatively flat is obviously problematic. Yet that’s exactly what many
companies have done since the early 2000s. And this practice is one of the reasons
why many CIOs feel that they simply don’t have enough resources to meet inter-
nal demand for IT. (Gomolski 2004)
A second barrier is that few business managers want to give up any application
once it’s installed. In their minds, the agony of change is clearly not worth the rewards.
“Some applications are so old that nobody remembers who ordered them” (Gomolski
2004, 29).
The third impediment, and perhaps the most severe, is the fact that IT often lacks
the political clout to make business managers engage in an exercise to rationalize appli-
cations across the enterprise in order to decommission some applications.
The BenefiTs of A porTfolio perspecTive
A part of the application dilemma is the lack of a portfolio perspective. Historically,
organizations have opted to evaluate applications exclusively on their own merits—a
practice that can easily promulgate unique systems across any business unit that can
justify the expense. One manager claimed that this practice results in “a stream of one-
off decisions . . . where each decision is innocent enough but, sooner or later, you are in a
mess . . . sort of like walking off a cliff using baby steps.”
In contrast, adopting a “portfolio” perspective means evaluating new and existing
applications collectively on an ongoing basis to determine which applications provide
value to the business in order to support decisions to replace, retire, or further invest
in applications across the enterprise. The portfolio approach is universal in finance and
provides a point of comparison. Boivie (2003) presents the following analogy:
Just imagine you bought stock a decade ago for a lot of money, a good invest-
ment at the time, but then you did not review its value over the intervening
years. Merely sitting on the stock may have been the right thing to do. Then
again, you may have missed opportunities to invest more profitably elsewhere
if the company was not doing well, or to invest more in the stock if it was prof-
itable. Obviously this is not a wise way to handle your investment, but it’s
exactly what many companies are doing when it comes to investments in their
IT applications!

Chapter 17 • Application Portfolio Management 255
Kramer (2006) concurs that application portfolio management is similar to the
approach used by portfolio managers at money management firms where “invest-
ment officers continually seek to optimize their portfolios by assessing holdings
and selling off assets that no longer are performing.” It is suggested that “the same
approach can be used by technology executives, especially when evaluating the
applications in their portfolios and deciding which ones to continue funding, which
to pull back on, and which to sunset or kill.” One firm highlighted the similarities
between investment portfolio management and applications portfolio manage-
ment (see Table 17.1) in order to advocate for adopting a portfolio approach for IT
The focus group suggested that the requirement for all new investments
(i.e., IT applications) to be evaluated relative to all existing (i.e., past) investments
within the portfolio is arguably the critical benefit provided by adopting a portfolio
perspective. The group urged caution, however, due to the differences between a
portfolio of financial assets (e.g., stocks and bonds) and one of IT applications. With
the former, we assume a degree of independence among assets that rarely exists with
applications. According to one writer (Anonymous 2008), “while financial plan-
ners can sell an underperforming stock, CIOs will likely find it far more difficult to
dispose of an unwieldy application.” Applications are rarely stand-alone; business
Table 17.1 Managing IT applications as a Financial Portfolio
Investment Portfolio Management application Portfolio Management
Professional management but the
client owns the portfolio.
Professional management but the business owns
the portfolio.
Personal financial portfolio balanced
across investments in
• equities
• fixed income
• cash
Application portfolio balanced across
investments in
• new applications
• currency (maintenance, enhancements,
• retiring/decommissioning
Client directs investment where
needed (e.g., 50% equities, 40%
fixed, 10% cash).
Business directs investments where needed
(e.g., 40% new applications, 30% currency, 30%
Client provides direction on diversity
across investments (e.g., investment
in one fund would exclude/augment
investment in other funds).
Business provides direction on diversity of
investment (e.g., investment in one business
capability might exclude/augment investment
in another).
Client receives quarterly updates on
its portfolio health and an annual
Business receives quarterly updates on application
portfolio health and an annual report.
New investments are evaluated on
their impact on the overall portfolio
as well as on their own merits.
New applications are evaluated on their impact
on the overall portfolio as well as on their own

256 Section IV • IT Portfolio Development and Management
functionality is often delivered by an integrated web of applications that cannot be
separated piecemeal. As a result, diversification strategies can be difficult where IT
assets are highly interdependent and deliver returns only collectively (Kasargod and
Bondugula 2005).
A portfolio perspective forces the linkage between the set of existing applications
(i.e., the applications portfolio) and the set of potential applications (i.e., the project port-
folio). The linkage is bidirectional—that is, potential applications must be evaluated
against existing applications and vice versa. Caruso (2007) differentiates these as follows:
• Application portfolio. The focus of the application portfolio is on the spending for
established applications, trying to balance expense against value. These applications
may be assessed for their contribution to corporate profitability and also on nonfinan-
cial criteria such as stability, usability, and technical obsolescence.
• Project portfolio. Management of the project portfolio focuses on future spending,
attempting to balance IT cost-reduction efforts and investments to develop new
capabilities with technology and application upgrades.
The focus group suggested that organizations have focused most of their attention
on new projects which has, in part, resulted in the applications quagmire previously
described. The focus of this chapter is on application portfolio management. It argues
that the effectiveness of the project portfolio can be enhanced substantially by managing
the application portfolio much more judiciously. This linkage is made explicit later in
the chapter.
The benefits to be realized by adopting an applications portfolio perspective are
significant. The focus group was polled to solicit the benefits that their organizations
had identified. These benefits were then grouped into the three categories, as suggested
by Caruso (2007) and are presented in Table 17.2.
The list of benefits is impressive. To put them into perspective, a number of com-
ments are in order. First, if the benefits to be realized are this substantial, why haven’t
organizations moved more aggressively to enact APM practices? The short answer is
that APM has been difficult to fund and, once funded, represents an enormous man-
agement challenge. Second, the majority of these are “anticipated” benefits as they
have yet to be reaped by focus group firms. Third, APM requires the development of a
number of related activities (described in the latter sections of this chapter). Although
benefits are realized during individual activities, the most significant benefits are not
realized until most, if not all, of these capabilities have been completed. Finally, APM
involves a different way of approaching IT investments—a collective view of all IT
applications across the enterprise—which has cultural and political ramifications for
organizations. The good news is that organizations that are well advanced in APM
have realized significant benefits. We highlight one such firm in Table 17.3.
mAking Apm hAppen
Application portfolio management presents a significant management challenge and
success requires the commitment of considerable organizational resources. The focus
group suggested that APM involves the development of three interrelated capabilities.
The first capability is the articulation of a strategy including goals, deliverables, and

Chapter 17 • Application Portfolio Management 257
Table 17.2 a list of aPM benefits
1. Visibility into where money is being spent, which ultimately provides the baseline to
measure value creation
a. Increasing the ease of determining which legacy applications are to be retired.
b. Simplifying the technical environment and lowering operating costs.
c. Reducing the number of applications and optimizing spending on application
d. Increasing the predictability of measuring service delivery for project selection.
e. An enterprise view of all applications allowing for ease of reporting (e.g., How many
applications use Sybase? How many systems support sales reporting?)
f. A common view of enterprise technology assets improving reuse and sharing across
the enterprise.
g. Clarity over maintenance and support spending.
h. Ability to manage and track business controls and regulatory compliance of all
2. Prioritization of applications across multiple dimensions, including value to the business,
urgency, and financial return
a. Funding the right application effort by providing quick access to validated information
in support of business cases for investment.
b. Providing better project solutions by identifying available capabilities for reuse.
c. Providing criteria to drive application rationalization and monitor impacts.
d. Providing an “end state” view for all applications, which helps direct roadmaps and
enables progress reporting.
e. Expediting prioritization discussions and executive decision making.
f. Driving IT refurbishment initiatives.
3. A mechanism to ensure that applications map directly to business objectives
a. Aligning business and IT efforts with business processes by providing (1) clarity of the
application landscape, leading to synergies across different business units, and the pur-
suit of a global systems architecture; and (2) insight into gaps or redundancies in the
current portfolio, thereby enhancing the ability to manage risk effectively and efficiently.
b. Enabling productive discussion with senior management regarding IT’s contribution to
business value.
c. Identifying the strategic and high business value applications, thereby allowing the
redirection of some of the funding previously used for nonstrategic applications.
d. Enabling easy and effectively analysis of impacts to applications from changing
business conditions.
e. Improving the focus and direction of investments.
f. Developing a vehicle to drive the technical portfolio to the “right” mix, based on strategy,
architecture, TCO, and internal skill sets.
g. Prioritizing efforts and focus for IT delivery—ensuring the right skills are in place to
support business requirements.
a set of governance procedures to guide the management of the application portfolio.
Next is the creation of an applications inventory to monitor key attributes of existing
applications. The third capability involves building an analysis and reporting capability
in order to rationalize the applications portfolio according to the strategy established.

258 Section IV • IT Portfolio Development and Management
These capabilities (depicted in Figure 17.1), although distinct, are closely interrelated
and work synergistically.2 To deliver value with APM, organizations must establish all
three capabilities. Experience suggests that organizations typically start by inventory-
ing applications and work from the middle out to refine their APM strategy (and how
it is governed) as well as to establish efforts to rationalize their applications portfolio.
As such, APM represents a process of continual refinement. Fortunately, experience also
suggests that there are real benefits to be reaped from the successful development of
each capability. These capabilities are described in detail next.
capability 1: strategy and governance
There are many different reasons to adopt application portfolio management. At
one firm, the complexity of the IT application portfolio had increased to the point of
becoming unmanageable. The firm viewed APM as the means to gain some measure
of control over a burgeoning collection of disjointed IT applications. Another firm had
set an architectural direction and established an IT roadmap and viewed APM as a way
Table 17.3 an aPM Case Study
• Reverse the rising tide of application maintenance costs.
• Fund strategic development efforts from reduced support and maintenance costs.
• Align IT with business goals.
• Assess current portfolio of applications.
• Establish targets, savings strategies, and supporting plans.
• Data currency and accuracy.
• Identify redundant or obsolete applications and set end-of-year targets for retiring
a committed percentage of the total.
• Classify applications by their strategic value and shift maintenance support focus
to highly strategic applications.
• Rank applications with a quality score; applications failing to meet a baseline are selected
for preventive maintenance, code simplification, and maintainability.
• Migrate an increasing share of maintenance work to lower-case geographies.
• Cut applications by 70%.
• Establish rigorous priorities—SLAs now vary based on objective business criteria.
• Reengineered applications—defects down 58% and maintenance costs down 20%.
• Relocated work—significant maintenance is now performed in countries with costs
60–70% lower than previously.
2 The focus group did not see APM as a “stage” model where organizations advance through a prescribed set
of stages. Instead they identified three highly interrelated “capabilities” that organizations need to establish
in order to advance their application portfolio management.

Chapter 17 • Application Portfolio Management 259
to “put some teeth” into the enforcement of these policies. At a third firm, the man-
ager of a strategic business unit was frustrated over escalating annual IT costs and the
“pile of applications” that seemed to have “little connection to actual business services.”
A simple poll of the focus group, however, suggested that APM tended to be an IT-led
initiative as opposed to a business initiative—a fact that has implications for launching
and funding APM.
To get an APM initiative underway, it is necessary to build a business case. How this
is done depends on the firm’s strategy. According to one manager, “[I]f APM is positioned
as inventory management, you’ll never get the business to pay for it.” In his organization,
APM was promoted as a cost-reduction initiative focused on the elimination of unused
(or underused) applications, unnecessary software licenses, duplicated data, and redun-
dant applications. The business case included an aggressive schedule of declining IT
costs to the business. In another organization, the APM initiative is supported internally
by the IT organization and driven largely by the enterprise architecture group. In fact,
the business is unaware of its APM program. In a third organization, APM was couched
within the overall strategy of transforming the business. The argument was that APM
could “reduce ongoing support costs for existing applications in order to re-direct that
IT spend into business transformation.” The business case included metrics and a quar-
terly reporting structure to ensure that savings targets were obtained. The conclusion
reached by the focus group was that each organization is unique and, given the wide
variety of potential APM benefits, the best strategy is to attach APM to a broader enter-
prise goal. They felt that if APM is attempted solely within the IT organization without
business backing, it is less likely to produce the full range of benefits.
The strategy selected to launch APM has direct ramifications for the information
collected about each application (i.e., the second capability—inventory management)
as well as what information is reported and tracked by senior management (i.e., the
third capability—reporting and rationalization). In the next section of this chapter, we
present a comprehensive set of information that could be collected for IT applications
within the portfolio. Organizations, depending on their APM strategy, may focus on a
subset of this information and develop a reporting and rationalization capability built
on this information.
APM strategy and governance are linked; if strategy is the destination, then
governance is the map. According to one manager, governance is “a set of policies,
Strategy and
Reporting and
figure 17.1 Key APM Capabilities

260 Section IV • IT Portfolio Development and Management
procedures, and rules that guide decisions and define decision rights in an organization.”
Application portfolio governance answers three questions:
1. What decisions need to be made? This addresses the types and/or categories of
decisions often referred to as decision domains. It also links the decisions with the
processes that are needed to manage the application portfolio.
2. Who should make these decisions? This addresses the roles and accountabili-
ties for decision makers (e.g., who provides input, who approves and has final
authority). This links the decisions to be made (the “what”) with the decision
makers (the “who”).
3. How are these decisions made? This addresses the structures and processes for
decision making (e.g., the architecture review board). This links the decisions to be
made (the “what”) with the people/roles (the “who”) involved in decision making
with the timelines and mechanisms for making those decisions (the “how”).
On an ongoing basis, organizations introduce new applications and (infrequently)
retire old applications. The key difference with APM is that these applications are managed
holistically across the enterprise on a much more formalized and less piecemeal basis. The
goal is to discover synergies as well as duplication, alternative (and less costly) methods
for providing business services, and rebalancing (or rationalizing) the portfolio of applica-
tions with regard to age, capability, and/or technical health. This represents a significant
organizational change that impacts governance procedures directly. According to one IT
manager, “no longer can business units acquire an IT application that duplicates existing
functionality without scrutiny by the APM police.” With the adoption of APM governance
procedures, such actions become visible at high levels within the organization.
How new governance procedures are actually implemented varies by organiza-
tion. However, the focus group suggested that effective APM governance must be both
freestanding (in order to have visibility and impact) as well as closely integrated within
the framework of existing governance mechanisms (in order to effect the status quo).
As an example, the IT project selection committee must consider the impact of prospec-
tive IT projects on the existing portfolio of enterprise applications if the organization
is to achieve its APM rationalization goals regarding architecture and/or functionality.
That is, the APM governance processes must leverage existing organizational gover-
nance processes, including architectural reviews, exception process handling, IT delivery
processes, strategic planning and annual budgeting, and technology reinvestment and
renewal. One manager shared his enterprise IT governance framework to demonstrate
where and how APM was situated within other established processes (see Figure 17.2).
Effective governance starts with ownership, which entails responsibilities and
accountabilities. At a tactical level, each IT application should have an owner. This indi-
vidual is held responsible for the ultimate disposition of the application—that is, when it
is enhanced, refurbished, or decommissioned. The sense of the focus group was that the
application owner should be a business manager—except for internal IT applications.
Each application should have a business owner, and it is common to also appoint a cus-
todian whose key duty is to keep the information current. Given the technical nature of
the application information (see Appendix A), the custodian is typically an IT employee,
perhaps an account manager or someone within the enterprise architecture group.
With stewardship (i.e., owner and custodian) assigned for major applications, the
next level of governance is the portfolio level. A management committee comprised

Chapter 17 • Application Portfolio Management 261
of application owners, senior enterprise architects, and IT planners/strategists should
meet regularly, perhaps quarterly, to make decisions regarding the disposition of
applications within the overall portfolio. This committee would report to the senior exec-
utive on portfolio activities, performance toward goal achievement, and establishment
of linkages to fiscal planning and strategy. In very large organizations, an additional
committee of portfolio owners might also be required.
Effective governance is critical for overcoming a number of problems common
during the initial phases of APM. Some of the challenges experienced by the focus
group included the following:
• Application owners are accountable to execute the process, but no one has defined
who (or what body) is accountable for the process itself or what governance practices
should be applied to make it happen.
• Managing applications requires additional maturity for defining a roadmap for the
portfolio. Without this, some applications are well planned while the overall portfo-
lio is not.
• The classification criteria for applications are in flux and lack an executive process
for validating the ratings.
• Application assessments are not taken seriously by executive owners (“Everything
is critical”), which erodes the credibility of the process and the overall value of the
exercise of managing applications as a portfolio.
• Business managers lack awareness and accountability.
• There is difficulty from the “supply” side—for example, there is reluctance to take
ownership of the data to ensure its integrity, quality, and timeliness.
• Demand-side aggression pushes for more and more application attributes.
Enterprise Business Objectives
Enterprise Strategy
IT Plan (policies, principles, road map)
Critical Success Factors
KPIs and Balanced Scorecard
IT Investment
Application Transformation
Project Proposals
Approved New
figure 17.2 Positioning APM within an Enterprise IT Governance Framework

262 Section IV • IT Portfolio Development and Management
The focus group felt that each of these problems requires effective governance
procedures. But like all organizational initiatives, changes to existing routines and
methods take time to mature.
capability 2: inventory management
Before building an inventory of applications, organizations first need to know what
applications they are going to inventory. One firm started by defining an applica-
tion as a computer program or set of computer instructions that allows end users to
accomplish one of more specific business tasks and is able to operate independently
of other applications. An application can also be a distinct data store used by multiple
other applications. Examples include commercial off-the-shelf packages, applications
written in Excel that perform specific business functions, custom-developed computer
software programs, a data warehouse and/or the reporting applications accessing it,
and/or modules, services, or components, either purchased or custom built to perform
a specific business function. This definition excludes system software or platform
software (e.g., operating systems, device drivers, or diagnostic tools), programming
software, and user-written macros and scripts.
What is most important is that organizations identify which specific applications
will be included in the portfolio to be actively managed. One firm excluded all applica-
tions not explicitly managed by IT (e.g., Excel spreadsheets developed by managers for
analytical purposes), another focused only on “major” applications according to size,
and a third firm only included “business-critical” applications. This decision has direct
implications for the size of the APM effort. The organization that limited its portfolio
to business-critical applications reduced the portfolio to 180 applications from 1,200—a
significant reduction in the amount of effort required. The organization’s decision to
limit (and therefore focus) its application portfolio depends on the strategy outlined in
the first step.
With inclusion criteria established, organizations must then identify what specific
information about applications will need to be captured. A list of possible information
items gathered from the members of the focus group is presented in Appendix A. These
items are categorized according to the following five headings:
• General application information is the information used to explicitly and clearly
identify an application, distinct from all other applications, and provide a basic under-
standing of its functionality.
• Application categorization is the information providing criteria used to group
applications for comparison and portfolio management purposes (e.g., business
capability provided, life cycle status).
• Technical condition provides the overall rating of the technical quality of the appli-
cation, including various elements of risk (e.g., development language, operating
system, architecture).
• Business value provides an overall rating of the value of the application to the busi-
ness (e.g., business criticality, user base, effectiveness).
• Support cost captures the order of magnitude of the overall cost of an application
after deployment. It includes maintenance and support costs (including upgrades)
but not the initial purchase, development, or deployment costs.

Chapter 17 • Application Portfolio Management 263
The focus group could not overstate the importance and criticality of selecting the
information to be maintained as part of the application inventory as this information
dictates the types of analyses that can be performed after the fact (as outlined in the next
section). Once selected, the task of capturing application information and keeping it current
is a monumental effort. Without clear ownership of the information and assigned respon-
sibilities for a custodial function, attempts at application portfolio management typically
falter. One of the key motivations for establishing a strict information regime is the delivery
of demonstrable benefits from the exercise. These are discussed in the next section.
capability 3: reporting and rationalization
With an application inventory established, a set of standard parameter-driven reports can
be produced to monitor the status of all existing applications so management can read-
ily ascertain the health of any specific application or the overall health of the port folio
of applications. One firm has a collection of standard reports that analyze the number of
applications and their costs, how business capabilities are supported and where duplica-
tion exists, breakdowns of annual application costs, application life-cycle patterns, and
reuse options for future projects. One widely adopted report compares applications on
the basis of business value, technical condition, and cost (see Figure 17.3). As depicted,
this chart helps organizations rationalize their IT application portfolio by tracking appli-
cations over time as they become less important to the business and/or lose technical
currency. One organization found that eliminating those applications in the bottom left
of the quadrant—which provide limited business benefit, often at a significant cost—can
be a “combination of quick hits and longer-term initiatives.” Even managers reluctant
to retire a business application can be convinced with evidence of the full-support costs.
Once the application inventory is assembled, the number of ways to “slice and
dice” the information is unlimited and the value obtained is commensurate. One
Business Value
Size represents cost
Retire Replace
figure 17.3 Application Portfolio Highlighting Business Value, Technical Condition, and Cost

264 Section IV • IT Portfolio Development and Management
manager claimed that for the first time her organization is able to answer questions
such as “How many applications use Sybase?” and “How many systems support sales
reporting”? The provision of ad hoc reporting capability is a quick way to discover the
number of current licenses with a specific vendor and/or to assess the costs of providing
specific business services. Ultimately, organizations need to know their true costs of
doing business in order to explore options for providing different customer services.
The information produced by analyzing the IT application portfolio takes organizations
a huge step closer to this level of understanding and optimization.
The information needs supported by an application inventory vary by stake-
holder. The IT organization wants to map business functionality against applications;
the risk, audit, and security teams are most interested in regulatory compliance and
a risk management perspective; and business teams are interested in understanding
the costs and business value of the applications they use. Even within IT, different
groups (e.g.,  solutions delivery, information security, production support, executive
management, business continuity, regulatory compliance, infrastructure, architecture,
and planning) have information needs that are unique from the application portfolio.
For this reason, most firms mandate a single application portfolio capable of support-
ing many different views at different levels as well as a composite view of the entire
portfolio. One manager explained this by claiming that although different views of the
portfolio satisfy individual groups within her organization, the “consolidated view
ultimately demonstrates the effectiveness of monitoring and tracking business perfor-
mance of the assets across the entire IT application portfolio.”
key lessons leArned
The following represent some of the lessons learned based on the collective experience
of the members of the focus group:
• Balance demand and supply. Managers tend to push for the inclusion of more
and different application attributes as well as more reports of infinite variety
(the  “demand” side) while balking at assuming ownership of this data in order to
ensure its integrity, quality, and timeliness (the “supply” side). When launching an
APM initiative, clear governance procedures should be established to govern regular
enhancements and releases for APM reporting.
• Look for quick wins. Gaining awareness and acceptance of an APM initiative can
be an uphill struggle. This effort is aided greatly by capturing a number of “quick
wins” early on. For example, organizations should look carefully at the possibility
of decommissioning applications as a ready source of immediate and visible wins
that impact the bottom line directly. Reuse provides midterm wins, and rationaliza-
tion provides longer-term wins.
• Capture data at key life stages. It is a mistake to wait to capture data when
applications are already in production. Data should be captured at multiple
stages—when the application is first approved, when in testing, when promoted
to production, during significant modifications, and when retired. As soon as data
are captured and made available, the organization can benefit. For example, know-
ing the attributes of applications under development can be valuable for planning/
budgeting purposes and ultimately enables better project solutions.

Chapter 17 • Application Portfolio Management 265
• Tie APM to TCO initiatives together. If a total cost of ownership (TCO) initiative
is underway, ensure that the APM is closely tied to the TCO initiative. Much of the
information captured as part of the APM initiative will support the TCO initiative—
and vice versa. Knowing this relationship in advance will ensure that the data are
captured to facilitate both purposes. The long-term savings can be significant.
• Provide an application “end-state” view. It is important to provide current infor-
mation about applications, but it is equally important to provide an end-state view
indicating the application’s future trajectory. This facilitates a planned and orderly
evolution toward retirement for applications as well as key information for busi-
ness planning (e.g., roadmaps, gap reporting, and progress reporting).
• Communicate APM benefits. Gaining awareness and acceptance of an APM
initiative is a constant struggle. Organizations must seek opportunities to commu-
nicate why this initiative is underway, what results have been realized, and what
the next stages to be accomplished are. Effective communication is even more
important in situations where the APM initiative is being driven internally by the
IT organization.
This chapter provides guidance to those
investigating APM and/or planning to
launch an APM initiative. Application portfo-
lio management promises significant benefits
to adopting organizations. Obtaining those
benefits, however, requires the development
of three mutually reinforcing capabilities.
The first capability is the development an
APM strategy buttressed with governance
procedures, the second is the creation of
an application inventory, and the third is a
reporting capability built to align the appli-
cation portfolio with the established strategy.
Each of these capabilities provides stand-
alone benefits, but together they enable an
organization to optimize its IT application
assets, reduce the cost and complexity of
its portfolio, reduce or eliminate redundant
functionality, facilitate better business deci-
sions regarding technology, and effectively
communicate the  contribution of IT to the
overall organization.
Anonymous. “Maximizing IT Investment.” Wall
Street & Technology, April 2008.
Boivie, C. A. “Taking Stock of Your Portfolio: Do
You Have a Good Idea of the Value of Your IT
Applications, Both Old and New?” CIO Canada
11, no. 10 (October 2003).
Caruso, D. “Application Portfolio Management: A
Necessity for Future IT.” Manufacturing Business
Technology 25, no. 10 (October 2007): 48.
Gomolski, B. “Cleaning House.” Computerworld
38, no. 51 (December 2004).
Kasargod, D., and Bondugula, K. “Application
Portfolio Management.” Infosys (April 2005):
1–8. Originally published in
Kramer, L. “CIO Challenge: Application Portfolio
Management.” Wall Street & Technology, May 2006.
Serena Software Inc. “Application Portfolio
Management (APM): Solving the Challenges of
APM with Serena® Mariner®,” 2007. www.serena.
datasheet-apm-mariner (accessed March 12,

266 Section IV • IT Portfolio Development and Management
Appendix A
Application Information
A) General application information is the information used to explicitly and clearly
identify an application, distinct from all other applications, and provide a basic
understanding of its functionality.
• Name—the name that uniquely identifies the application
• Short name—an abbreviation or acronym that is likely a unique identifier of the
application and is used for reporting when there is not room to use the applica-
tion’s full name
• Description—a more extensive description of the application typically focusing
on its functional scope
• Portfolio owner—the title of the portfolio owner of the application and the
name of the person currently filling that role (The portfolio owner is typically
filled by someone at VP level or higher.)
• Stakeholders—key people (by name and title) that could have been identified
as a portfolio owner if multiple portfolio owners were allowed
• Application owner—the title of the portfolio owner’s delegate (if there is one)
and the name of the person currently filling that role (The application owner is
typically someone reporting to the portfolio owner and empowered to make
decisions relating to the ongoing use and evolution of the application. The
application owner role is typically filled by someone below the VP level.)
• Business consultant—the name of the IT–business liaison (This person is part
of the IT organization but is responsible for the relationship with the business
• Internally versus externally developed—states whether the application was
developed internally (by any business or IT organization) or whether it was
purchased from an external vendor
• Vendor—the name of the vendor that owns the application (For internally devel-
oped applications, this should be the business unit or IT unit that is responsible
for maintaining the application, i.e., provides the resources and funding.)
• Product name—the name of the product (Only required when a product has an
explicit name that is not the vendor name.)
• Version number—the complete version number of the application that is in
• Current version—the most current version number in full release by the vendor
• Implementation date—the year and month that the solution went into
• Last major upgrade—the year and month that the last major upgrade went into
production (Major upgrades typically require a project approach, explicit fund-
ing, training, and planning to avoid downtime, etc. This field is blank if there
has not been a major upgrade after the implementation date.)

Chapter 17 • Application Portfolio Management 267
• Last minor upgrade—the year and month that the last minor upgrade went
into production (Minor upgrades are typically upgrades that can be performed
during regularly scheduled maintenance windows and can be performed as
part of routine application maintenance. This field is blank if there has not
been a minor upgrade after the last major upgrade, e.g., point releases, security
• Next scheduled review—the year and month that the application profile should
next be reviewed (By default, this should be one year from the current review,
but will be updated as assessment schedules are developed.)
B) Application categorization is the information providing a variety of criteria/data
used to group applications for comparison and portfolio management purposes.
• Application scope—identifies the breadth of use of the application across the
organization (e.g., enterprise, multidivisional, divisional, multidepartmental,
departmental, individual users)
• Life-cycle status—identifies the life-cycle stage that the application is in
(e.g., emerging, standard, contained, retirement target, retired)
• SBUs used by—a choice of one or more business divisions that use the
• SBUs used for—a choice of one or more business divisions that the application
is used on behalf of
• Application capability—broad categories of capability that applications pro-
vide (e.g., supply chain management [SCM] planning, SCM execution, SCM
• Application subcapabilities—subcapabilities of functionality that applications
provide (A single application will often provide functionality covering multiple
• Support organization—identifies the organizational support for the application
(e.g., IT organization, third party, business unit)
• Recoverability—the requirement to be able to recover the application in the
event of a disaster and the ability to perform that recovery
• Application type—a genera l categorization of the application’s use of data
(e.g., analytical/reporting, transactional, collaborative, hybrid)
• Application profile—a general categorization of the application’s functional
profile (e.g., suite, best of breed, in-house.)
C) Technical condition provides the overall rating of the technical quality of the
application, including various elements of risk.
• Development language—the programming languages that the application is
developed with (The language element should address programming code
running on the server, client, database, middleware, etc.)
• Operation system(s)—the operating systems required for all layers of the appli-
cation where there are application-specific requirements (This can be applied
to the server, database, middleware, client, etc. This evaluation categorization
does not address the Web browser in a Web-based application.)
• Hardware platforms—the hardware platforms required for all layers of the
application where there are application-specific requirements (This can be
applied to the server, database, middleware, client, etc.)

268 Section IV • IT Portfolio Development and Management
• Database/data model—the database platform and database model (i.e., data
architecture) that the application is tied to (or built on)
• Integration—the integration tools and model used to integrate the applications
with other applications (The “model” aspect of this criterion is closely related
to the overall architecture of the systems but specifically looks at the frame-
work/approach used for integration.)
• Architecture—the application architecture, technology patterns, and so on that
define “how” different elements of technology were put together to create the
application, for example, NET, J2EE, J2SE, OO, Client/Server, Web-based, and
thin-client. (This criterion also addresses the extensibility of the application—
the ability of the applications to be modified to meet future/changing functional
• Security—the capability of the application to (1) limit access to data and func-
tionality to specific users and/or groups and (2) provide audit information
related to functions performed (or attempted to be performed) on the data
viewed (or attempted to be viewed) by specific users (This metric addresses the
application’s native capabilities, the specific implementation/modification of
those capabilities, and the security requirements of the organization.)
• Vendor viability—the likelihood that the vendor will remain strong in the
relevant application market and industry vertical
• Vendor support—the ability and commitment of the vendor to provide support
for the applications. (This includes the ability and commitment to provide new
releases and patches to the application.)
• Key abilities—(1) availability of the application relative to user requirements
identified in service level agreements (SLA), (2) scalability of the applica-
tion to meet current and future user and transaction volumes, and (3) perfor-
mance of the application in starting, retrieving information, and performing
• User interface—the overall usability/intuitiveness of the application’s interface
(This is often reflected by training requirements, support requirements, online
documentation, etc.)
d) Business value provides an overall rating of the value of the application to the
• Competitive advantage—the extent to which the application enables a capabil-
ity that (1) increases revenue, (2) lowers cost, or (3) differentiates the company
in the marketplace
• Business criticality—the extent to which the application materially affects the
company’s ability to conduct core business processes (i.e., sell, deliver, close
financial books) (This includes the ability to meet regulatory requirements.)
• User base—the number and variety of users that use the application (This
measure is adjusted to reflect the difference between causal/occasional users
and power users, as well as internal versus external users. This measure also
includes transaction volumes that the application performs to account for
essential applications with few users but large transaction volumes that the
business is dependent on.)

Chapter 17 • Application Portfolio Management 269
• Current effectiveness—ability of the application to meet current business
requirements within the scope of the functionality it was intended to provide
• Future effectiveness—ability of the application to meet future business require-
ments within the scope of the functionality it was intended to provide and
logical/reasonable extensions of that functionality.
e) Support cost captures the order of magnitude of the overall cost of an application
after deployment. It includes maintenance and support costs (including upgrades)
but not the initial purchase, development, or deployment costs.
• Elements included—license maintenance, other licensing fees, vendor/external
support, internal support, and hardware
• Elements not included—PCs, network, telephony, or other shared services; end-
user costs, such as time lost to support calls, downtime, and so on. (Typically
these data are not readily available at the level of granularity required.)

C h a p t e r
18 Managing IT Demand1
The need for demand management is well established in business. Gentle (2007) explains, “In order to manage planning, production, and delivery, any prop-erly run business has to be able to balance orders for its products and services
(i.e.,  demand) with its ability to produce them in terms of resource and scheduling
constraints (i.e., supply). Otherwise it might produce too little of what is required, too
much of what is not required, or deliver late, or have problems with product quality or
customer satisfaction.” Based on this, one might assume that IT organizations, being in
the business of fulfilling organizational demand for their services, would have devel-
oped mature practices for managing IT demand. Nothing could be further from the
truth. In fact, IT demand management has only recently been ranked as one of the top
four priorities by IT leaders (Potter 2010).
This lack of attention is explained by the fact that IT managers have been
preoccupied with the supply side; that is, delivering products and services faster, better,
and cheaper. Concentrating on the supply side makes perfect sense for two reasons: first,
it allows IT organizations to concentrate on the things that they can actually control; and
second, most IT organizations interpret any role in manipulating IT demand as a political
minefield to be conscientiously avoided. As a result, demand management practices have
been underutilized. A study by the Hackett Group as reported by Betts (2009) concurs:
IT has traditionally been more focused on how to meet ever-growing demand
than on implementing processes to curb that demand and ensure that the high-
est value work gets done. As a result, demand management techniques are less
mature than other cost control techniques.
What best explains the current interest is that IT demand management offers the
means for IT organizations to work more effectively with their business partners. In fact,
1 This chapter is based on the authors’ previously published article, McKeen, J. D., H. A. Smith and P. Gonzalez,
“Managing IT Demand.” Journal of Information Technology Management XXIII, no. 2 (2012): 17–28. Reproduced
by permission of the Association of Management.

Chapter 18 • Managing IT Demand 271
some see demand management as the next frontier in IT cost efficiency (newScale 2010).
They argue that focusing exclusively on the supply side of the equation without visibil-
ity into demand leaves IT organizations unable to perform effective capacity planning.
The reality is that better demand management enables better supply management. In
order to make good capacity plans, IT must understand the future needs of the business.
According to newScale (2010),
Demand management not only helps IT organizations to shape demand, it also
helps them plan for demand and respond to changes in demand to meet business
needs while controlling their IT budgets. This increased visibility into demand can
help ensure more accurate and business-driven capacity planning.
So, after years of squeezing incremental costs out of the supply side of IT only
to see those gains disappear into the vortex of mushrooming demands, perhaps it is
time to turn attention to the demand side and tackle some key questions such as “How
critical is the need for demand management?” If there is interest/pressure for demand
management, where is this pressure coming from? What are the key drivers behind the
demand for IT services? How does demand management impact the existing business–
IT relationship? What are the key steps toward managing IT demand?
This chapter first examines the root causes of demand for IT services, the econom-
ics of demand management, and the importance of this issue. It then reviews a set of
standard tools recommended for managing demand and concludes with identifying
five key enablers vital for effective demand management.
Understanding it demand
In order to better understand demand management, the focus group first discussed
the root causes of IT demand. One manager suggested that IT demand is driven by
two forces in her organization: “IT initiatives that deliver new capability to the busi-
ness in support of the broader corporate strategy, and IT initiatives that are required
from within to sustain IT’s ability to deliver future work or new capabilities.” She
explained, “Although these drivers mostly represent market and investor pressures,
IT is also driving change with its own renewal goals after years of underfunding.”
Another organization identified “historical autonomy, proliferation, lack of structured
architecture and weak standards” as the key drivers of much of her organization’s cur-
rent demand for IT services. This particular organization was deluged with duplicate
and, in some cases, redundant applications that collectively produced a “black hole”
for IT resources.
Clearly IT demand needs to be considered from a development as well as an
operational point of view. From an operational perspective, organizations need to
“run” the business and this translates into baseline demand for IT. Organizations also
need to “maintain” their IT assets and this too represents significant demand for IT
resources. From a development perspective, IT is called upon to deliver new capabil-
ity to enable the business to remain competitive in the marketplace. So, whether it is
a “keep the lights on” or a “new channel to market” initiative, both place demands
on (and compete for) available IT resources. One organization simply classifies IT
demand as discretionary (i.e., strategic), maintenance (i.e., keep the lights on), and

272 Section IV • IT Portfolio Development and Management
regulatory, which his organization light-heartedly refers to as “I want,” “I need,” and
“I must,” respectively.
IT demand management is best understood within an organizational context.
First, the need to automate business processes and operations is unrelenting and,
once automated, automated processes must be supported on an ongoing basis.
Hence, the workload grows proportionally with the demand and increases year over
year. Second, at any point in time, the level of IT capacity is relatively fixed, which
limits IT’s ability to satisfy demand (i.e., the supply side). Third, one way to increase
capacity (again the supply side) is to offload certain tasks to third party suppliers
(e.g., outsourcing network management). Most organizations exercise this option
regularly in order to satisfy increased and increasing demand. Finally, the only way
for organizations to “get ahead” of this dilemma is by proactively managing the
demand for IT services. Ultimately this will do a better job of satisfying business
needs for IT.
According to a Gartner survey (Potter 2010), 84 percent of IT organizations simply
do not have the resources to meet enterprise expectations. This leaves only two possible
responses. IT organizations can either “do more with less,” which focuses on supply
side activities (e.g., virtualization, data center consolidation, benchmarking, contract
renegotiation) or they can “do less with less,” which focuses on demand side activities
(e.g., demand management, IT performance management, IT portfolio management,
running IT like a business).2 The first approach (i.e., doing more with less) is the quest
for increased productivity and the reality is that IT organizations continually pursue
enhanced productivity to remove costs from the business.
The second approach (i.e., doing less with less) differs dramatically from the
pursuit of productivity and thus introduces a different set of challenges for IT organiza-
tions. Implicit within a strategy of “doing less with less” is the notion that perhaps not
all of the requests for IT services are vital and that, by rationalizing these demands for
IT services, the organization might benefit. So, where the goal of productivity is “doing
things right” (i.e., internal efficiency), the goal of demand management is “doing the
right things” (i.e., business effectiveness).
This helps to explain why IT organizations have preferred to address the sup-
ply side of the demand–supply gap. Certainly, it is much easier for IT organizations
to exercise control over the supply side and, in fact, it is their prerogative to do so.
But is IT in a position to shape the demand for IT services? According to Potter
(2010), this “conjures up uncomfortable feelings among many IT leaders regarding
the political process involved with chargeback and the behaviors created by approv-
ing or disapproving emotionally charged IT projects.” So, perhaps the reason for the
failure to address the demand side of the equation is a reluctance to say “no” to the
business. The question is, after years of effort to support the business and to be seen
as being accommodating, how does an IT organization tackle demand management
whose goal is to question and ultimately rationalize the demand for IT services? As
Cramm (2004) asks, “What right does IT have to tell the business what they can and
cannot have?
2 Gartner (Potter 2010) actually suggests four possible options. In addition to “doing more with less” and
“doing less with less,” IT organizations can “do more with more” and/or “do less with more.” These two
latter strategies, however, are only available within expanding economies or growing markets, respectively.

Chapter 18 • Managing IT Demand 273
the economics of demand management
The field of economics has used the concept of demand management for years. In its most
elemental form, demand management is the “art or science of controlling economic demand
to avoid a recession” (Wikipedia 2014a). The notion of demand management has also been
focused to control consumer demand for environmentally sensitive goods. The economic
notions of demand management that are most applicable for IT organizations, however,
are those that apply to the “management of the distribution of, and access to, goods and
services on the basis of needs” (Wikipedia 2014a). Here the tools are policies that allocate
existing resources according to a hierarchy of neediness and the underlying idea is for “the
government to use tools like interest rates, taxation, and public expenditure to change key
economic decisions like consumption, investment, the balance of trade, and public sector
borrowing resulting in an ‘evening out’ of the business cycle” (Wikipedia 2014a).
This latter view suggests how to approach demand management. Instead of asking
IT organizations to act as “traffic cops” and/or imposing sanctions on capital spending to
artificially curtail demand, the economics approach is to create a system of policies and pro-
cedures coupled with adequate governance to ensure that the allocation of scarce IT services
goes to the highest-value opportunities (Cramm 2004). The goal is to capture and prioritize
demand, assign resources based on business objectives, and engage in projects that deliver
business benefits. But, as is frequently the case, what appears simple conceptually in reality
presents a formidable set of challenges. To address these challenges, the focus group dis-
cussed three commonly used tools for demand management and identified what they con-
sidered to be five key organizational enablers for the effective management of IT demand.
three tools for demand management
Most articles (e.g., Betts 2009) advocate the use of tools for managing the organizational
demand for IT resources, including project portfolio management, service catalogs, and
chargeback. These are described briefly with an accompanying explanation of how they
work to shape demand.
• Project portfolio management (PPM)—These are processes designed to rationalize
and prioritize IT investment decisions based on objective criteria. PPM allows an
organization to understand and quantify business needs and the investments needed
to deliver software to achieve those benefits (Hotle et al. 2010). With effective PPM,
demands for IT resources are vetted in accordance with governance procedures that
result in a justified list of IT investments that satisfy the needs of business leaders.
IT demand is limited and shaped to the extent that only those projects that succeed
in passing through the PPM process are funded. According to Cramm (2004), PPM
results in a “multi-year forecast of IT spending that constrains overall demand and
results in increased project scrutiny.”
• Service catalog—Here, discrete IT service offerings are associated with a price
per unit. As an example, hardware services might include costs for a standard
desktop/laptop/tablet configuration and a standard smart phone configuration;
application services might include costs for developing a business case, design-
ing a solution, building a solution, and/or implementing a solution. According
to Young (2011), a service catalog is a “service order- and demand-channeling
mechanism intended to make it easier for end consumers to request and buy

274 Section IV • IT Portfolio Development and Management
things from IT.” Knowing what is available and what it costs allows business
managers to make informed demands for IT services and, to the degree that these
services are standardized, shapes this demand appropriately. According to one
manager, this clarification of IT services affects demand by “allowing managers to
order from a menu rather than saying I’m hungry.”
• Chargeback—This is a financial management technique that charges consumers
according to the volume of IT services consumed (i.e., operations) or work done on
their behalf (i.e., new development). Thus, IT demand is controlled through direct
price-based allocation to business consumers as motivation to act rationally and to
discourage unnecessary demands. This approach to demand management results in
a set of IT investments that are justifiable and affordable by business managers.
The adoption of these strategies appears to be widespread. As a case in point, the
organizations in the focus group have long deployed chargeback and PPM and most
are in the process of building service catalogs. The benefits of these three strategies,
according to newScale (2010), accrue independently and collectively:
Best practices for demand management start with defining standardized services,
exposing those services to customers via an IT service catalog, controlling and
shaping demand through guided self-service, and providing cost transparency
through showback or chargeback. The results: great adoption of cost-effective
service options, consumption choices that result in lower IT costs, and effective
planning to meet business needs and minimize over-capacity.
While acknowledging the usefulness of these three tools, the focus group char-
acterized them as “necessary but insufficient.” They argued that the benefits derived
from these tools are often more IT-related than business-related. Focusing on lowering
IT costs through self-guided service and minimizing overcapacity makes sense from an
IT-perspective but neither of these guarantees that IT investments are focused on the
“highest value” opportunities—the ultimate goal of demand management. In order to
manage IT demand effectively, these tools must be accompanied by mechanisms that
the group referred to as organizational enablers.
Key organizational enablers for effective
demand management
Members argued that IT demand management is not a single process that an organiza-
tion can identify. That is, in response to the question “How do you manage demand?,” no
organization could say “We use this process.” Instead, the group suggested that demand
management is a developed organizational capability that results from five key organizational
enablers: strategic initiative management, application portfolio management, enterprise
architecture, business-IT partnership, and governance and transparency. These key fac-
tors work synergistically with the tools previously described to enable effective demand
management (see Figure 18.1). Having a successful application portfolio management
(APM) initiative, for example, does not guarantee effective IT demand management but
the absence of APM would definitely jeopardize the efficacy of demand management.
Each of these key organizational enablers is described next.

Chapter 18 • Managing IT Demand 275
strategic initiative management
Strategic initiative management is the organizational mechanism for prioritizing and
funding IT investments at the enterprise level. Although the focus is primarily on large
discretionary/strategic investments, as the name implies, this process also adjudicates
large infrastructure projects. One organization established a strategic project office
(SPO) with a mandate to provide “governance and direction over enterprise-wide
project approvals and planning to ensure these investments are aligned with the orga-
nization’s core strategies.” With a membership consisting of the head of each line of
business plus the head of technology, the SPO meets monthly to review all projects
that exceed $1 million, that are unplanned,3 or whose incremental annual operating
expenses exceed $500M. The SPO, not only approves these projects, but also directly
governs them through their life cycle.
The effective management of strategic initiatives is a crucial step for overall
demand management. Without this capability, organizations are left with no structure
for prioritizing IT funding opportunities at the enterprise level that leaves them unable
to align their IT investments with corporate strategy. According to one manager, the
absence of a strategic initiative management initiative is a “siloed approach which
results in ad-hoc decisions, increased cost and complexity, and redundancy of applica-
tions all of which increase the overall demand for IT services.” The cost of the legacy
environment this creates further restricts the investment in new IT capabilities and
innovation. The absence of an effective strategic initiative management capability is a
double-edged sword: it drives up the demand for IT resources while reducing the abil-
ity to conduct capacity planning to take advantage of a rationalized demand.
DM Tools
[PPM, service catalogs and chargeback]
figUre 18.1 Tools and Key Enablers of Demand Management
3 According to Gentle (2007), unplanned demand “corresponds to the huge amount of unpredictable work
that IT does which is not contained in well-defined project structures. These include things like change
requests, feature requests and bug fixes which arise from changing business and regulatory environments,
changes in strategy, company reorganizations, mergers and acquisitions, and insufficiently tested systems.”

276 Section IV • IT Portfolio Development and Management
application Portfolio management
Unlike PPM that deals with future projects, APM focuses on existing applications,
trying to balance expense against value (Caruso 2007). These applications may be
assessed for their contribution to corporate profitability, and also on nonfinancial
criteria such as stability, usability, and technical obsolescence. McKeen and Smith (2010)
provide strategies for effectively implementing an APM initiative. The existing port-
folio of applications (sometimes referred to as the asset portfolio) must be continually
maintained in order to support the organization effectively. This need for continual
maintenance creates demand for IT resources. Allowed to grow in response to the needs
of separate lines of business, a legacy environment soon becomes highly complex, dif-
ficult to change, and expensive to maintain.
In one organization, it was not until they had instituted an APM initiative that
they discovered that they had significant overlap and duplication across applications
(e.g.,  70 management information systems, 51 order management applications, and 27
regulatory reporting systems). The costs of maintaining this environment were driven
up substantially and needlessly. Furthermore, their ability to deliver new applications
was jeopardized due to the inherent complexities within the application portfolio itself.
With an effective APM initiative now in place, this same organization has reduced
its technology-related operating costs and realized significant business value through
reduced staff and maintenance requirements, reduced cycle times for process execution,
a thorough rationalization of their application portfolio with a 40 to 50 percent reduc-
tion in size, and realized technology cost improvements through application retire-
ment. Furthermore, the organization was able to re-orient their technology cost profile
to value creating activities and away from maintenance. Most significantly, resultant
savings were applied to new initiatives without increasing the overall IT budget. This
example demonstrates how APM can be effective at reducing overall demand as well
as reshaping it.
enterprise architecture
According to Wikipedia (2014b), enterprise architects (EA) “work with stake-
holders, both leadership and subject matter experts, to build a holistic view of the
organization’s strategy, processes, information, and information technology assets.
The enterprise architect links the business mission, strategy, and processes of an orga-
nization to its IT strategy, and documents this using multiple architectural models or
views that show how the current and future needs of an organization will be met in
an efficient, sustainable, agile, and adaptable manner. Enterprise architects operate
across organizational and computing silos to drive common approaches and expose
information assets and processes across the enterprise. Their goal is to deliver an
architecture that supports the most efficient and secure IT environment meeting a
company’s business needs.”
In this role, an EA is strategically placed to bridge the two worlds of business
and technology. According to McKeen and Smith (2008), EAs are “able to take a view
across business change programs, assessing their combined business and technical risk,
overlap/dependencies and business impact on the staff and customers of an organiza-
tion.” Over the years, the role of enterprise architecture has become even more business
focused and this has drawn EAs into increasingly senior management discussions. The

Chapter 18 • Managing IT Demand 277
organizational advantages of this are immediate. It has enabled EAs to influence the
demand for IT resources by vetting strategic choices in light of what is possible from a
business and technical solution perspective. According to one manager, this allows his
enterprise architecture group to “get ahead of the business which helps them to manage
IT demand proactively.”
The ability of EAs to shape demand depends on two leverage points. The first
is the establishment of a “future state architecture blueprint” (see McKeen and Smith
2006) that identifies the current architecture, the future architecture, and outlines a
current-to-future transition plan. Combined with effective governance and transpar-
ency, this mechanism is highly effective at shaping IT demand by ensuring that every-
thing aligns with the architectural plan. At one organization, it was their adoption of
a common enterprise architecture that tightly integrated business and technology that
enabled “informed enterprise-wide transformation planning to drive effective develop-
ment across all business units.”
The second key leverage point provided by enterprise architecture is the ability
to promote enhanced business capability from a top-down perspective. Rather than
depending solely on “bottom-up” demand from the lines of business, the enterprise
architecture team at one organization was able to identify and champion enhanced
business capabilities because of their ability to link the organization’s technical
architecture to business strategy. Deploying these two leverage points allows the IT
organization to shape demand by aligning new initiatives with the architectural plan
and by highlighting enhanced capabilities enabled by the same architectural plan.
business–it Partnership
Managing IT demand runs counter to the well-ingrained role of IT—to be an order
taker—to do whatever the business needs and whatever is sent its way (Morhmann
et al. 2007). For years, the accepted wisdom has been that if the business wants it and
is willing to pay for it, then it is not the role of the IT organization to question these
decisions. The members of the focus group debated this issue. It was evident that no
organization represented within the focus group subscribed faithfully to the “order-
taker” role for IT; everyone felt that their IT organization needed to be more proactive
in order to be most effective within their organizational service role. However, lively
disagreement with regard to the degree of IT “proactiveness” emerged.
On one side of the issue, a manager adamantly stated, “IT should definitely take a
leadership position in managing demand . . . and that IT was well positioned to identify,
analyze and recommend potential applications of IT to the business.” At her organiza-
tion, the IT executive team had built strong relationships with their business partners
over time especially at the highest levels of the organization. Their CIO was a valued
member of the executive committee, was requested to present to the board at every
meeting for ten minutes (previously the CIO had presented once a year), and carried
substantial influence in terms of the future application of IT in discussions about how
best to leverage the business.
At another organization, the relationship between IT and the business was not
nearly as well established and lacked the requisite foundation of mutual trust (Smith
and McKeen 2010). According to this manager, their IT organization was “struggling
with the business to close knowledge gaps in terms of what the business was asking

278 Section IV • IT Portfolio Development and Management
for and what IT was able to deliver.” Some newly formed committees were in the
“process of aligning IT with the business to enable prioritization of work across the
different business units.” A lack of business strategy and/or a clear understanding of
business requirements had led to a vacuum that IT was attempting to fill. Demand
management was described as the oscillation between “technology push” and
“business pull,” which produced a lot of business resentment. The lack of a mutual
trusting relationship clearly hampered the effectiveness of their demand management
A third organization suggested that value was driven at many levels within the
enterprise requiring alignment between IT and the business leadership on objectives,
investments, and outcome. Her organization had articulated three levels of partnership
required to effectively shape demand.
• The first level is as a utility partner focusing on table stakes; that is, keeping operations
running as effectively as possible. The goal is competitive cost alignment and contain-
ment, where IT partners with the business to reduce the operating costs through such
means as labor arbitrage and competitive sourcing.
• The second level is as a technology partner. The goal here is continuous improve-
ment such as accelerated time to market through new or enhanced processes.
• The third level is a business partner. This type of partnership is focused on business
results through such mechanisms as improved market share, revenue growth,
profit improvement, and cycle time reduction.
The group agreed that demand for IT resources does originate at different levels
within the organization and therefore IT organizations must be effective at each
of these different levels. In addition to senior IT executives, other key relation-
ship players are business analysts, account/relationship managers, and business
One organization mapped out a set of generic attributes for an effective
IT–business partnership capable of shaping demand for IT resources. According to this
manager, effective demand management requires the following:
• Relationship management—Where collaboration and partnership are key to identify-
ing business capabilities and requirements. Continuous communication is essential. In
fact, some have argued that relationship management has to transform into the role of
demand management (Cameron 2006).
• Leadership—A technology manager’s leadership style has significant implications
for the success of the partnership; for example, is he or she driven by collaboration?
Is the business a key partner or kept at arm’s length?
• Clear business requirements—Without clear business requirements, the technol-
ogy group will struggle. Even under the best of cases, high-level requirements may
drastically change when digging into the details of business needs.
• Marketing skills—With the ever-changing technology landscape, marketing tech-
nology capabilities becomes critical. Thus, instead of talking about technology, the
conversation should be about business capability.
These partnership traits would take on different degrees of importance depending on
whether the relationship called for a business partner, technology partner, or a utility

Chapter 18 • Managing IT Demand 279
governance and transparency
It is customary for organizations to have a process for vetting IT project proposals
(i.e., a business case4). Furthermore, the business is normally expected to pay for new
development as well as a pro rata share of the technology costs to run the business
(i.e., chargeback). Together these two forms of governance shape the demand for IT
resources. They do this by encouraging and/or sanctioning investment behavior on the
part of the business. For example, we would expect that business managers would be
reluctant to request and pay for anything nonessential. Nevertheless, organizations find
themselves having to manage IT demand. As a result, are we to conclude that these
governance mechanisms are inadequate? The focus group made two arguments: First,
they suggested that IT demand will always exceed supply due to the myriad poten-
tial applications of information technology in the workplace; and second, they felt that
existing governance structures were indeed lacking. We explore the latter of these two
issues next.
Business managers continuously seek to leverage their business with technology
whether that happens by streamlining processes, offering self-serve options, implement-
ing enhanced information/reporting systems, or implementing dynamic pricing systems.
Provided they have the money, their only challenge is to win approval for the requisite
IT resources. IT managers are equally motivated to provide such systems as are desired
by the business. Specifically, delivering systems on time and within budget rewards IT
managers. In sum, both parties are highly motivated to deliver new capabilities to the
business. The resulting effect, according to members of the focus group, is encouragement
to overstate the short-term benefits of delivering the desired capability and to understate
the long-term costs of maintaining it. Without a countervailing governance structure to
reinforce different behavior, IT demand expands to overwhelm supply.5
Recognizing the need for a remedial governance mechanism, two separate
organizations adopted similar approaches. Both mandated the adoption of a standard
business case template combined with compulsory training for all business managers
in business case development. Both organizations also mandated that the finance
organization must sign off on the acceptability of benefits proposed in all business
cases. The third and arguably most important process change was to track the delivery
of project benefits following implementation in order to hold business managers
accountable for realizing anticipated benefits. The combination of these three initiatives
produced significant behavioral changes.
• Training business managers in the process of preparing business cases had the imme-
diate effect of raising the overall quality of submitted business cases and sharpened
the focus on benefits identification.
• Assigned accountability for realizing benefits countered the tendency to overstate
benefits and understate costs.
4 Typical business cases require a business sponsor, risk analysis, architectural plan, business requirements,
detailed design, project management plan, vendor RFP (if applicable), work schedule, and project manager.
5 From an economics point of view, a potential countervailing strategy would be a pricing mechanism. That is,
demand could be curbed by increased pricing of IT services. Although this might dampen demand in the short
run, according to the focus group, such a strategy would introduce so many new and different impediments to
the adoption of IT that it would be difficult to predict what long-term effects it might have on IT demand.

280 Section IV • IT Portfolio Development and Management
All in, these governance procedures reduced overall demand for IT resources
but more importantly, focused limited IT resources on the “right” systems. Both
firms expressed confidence that these were effective strategies for managing IT
Transparency goes hand-in-hand with governance. A well-articulated process that
is understood by everyone and adhered to by all managers is the goal. Information
needs to be understood, consistently interpreted, and applied correctly for there to be
any hope of effective decision making. A byzantine chargeback allocation algorithm,
for example, provides little guidance in terms of appropriate action and usually fails
to produce its intended behavioral effect. In like fashion, allowing “unplanned” or
“off-plan” activity to enter the service queue undermines even the best demand
management initiatives. One manager claimed that unplanned demand is like “getting
bitten to death by ducks”—no single bite will kill you but one thousand bites later and
you are dead! As mentioned earlier, the solution adopted by one organization was to
shuttle off all unplanned activity to their strategic project office in order to make it
visible and force it to compete with other demands for IT resources thereby ensuring an
open and transparent process.
McKeen and Smith (2010) argue that effective application portfolio management
can impact demand management due to the increased transparency provided by accu-
rate information. In fact, providing information can on occasion make governance
unnecessary. A vivid example of this was provided by one organization. Having made
a significant investment in an application portfolio initiative to track IT expenditures,
senior IT executives were able to present the following information to their senior busi-
ness partners:
• The annual investment in systems designated as surplus6 by the business.
• All investments to enhance these surplus systems.
• Annual investment in systems misaligned with overall strategy. For example, it
was discovered that only 20 percent of their IT investment was directly focused on
“improving the customer experience” and “driving revenue” despite the fact that
these two areas were designated as the enterprise’s top priorities.
• Investment in systems at odds with future state architecture.
Highlighting these expenditures resulted in almost immediate managerial
action—something that had been lacking previously. Redundant systems were retired
and investments in surplus systems were stopped. Of particular note is that these
significant savings were obtained without the introduction of any additional gov-
ernance mechanism. According to the focus group member, what called business
executives to action was seeing these numbers on the charts denoting unnecessary
expenditures. She claimed that business executives simply “did not want to have their
stuff in the red boxes.”
6 This organization identifies all applications as “buy,” “hold,” or “sell.” Surplus systems are those marked
as “sell.”

Chapter 18 • Managing IT Demand 281
While attention on supply side issues will con-
tinue (i.e., to ensure that the IT organization is
run as efficiently as possible), future manage-
ment activity must increasingly focus on the
demand side to ensure that IT investments are
made as effectively as possible. IT demand
management, however, is not a single pro-
cess but rather a “developed organizational
capability.” This capability requires basic
tools (e.g., service catalog, chargeback, and
project port folio management) working
in concert with five key organizational
enablers (strategic initiative management,
application portfolio management, enter-
prise architecture, business–IT relationship,
and governance and transparency). Together
these mechanisms enable organizations to
allocate capital and human resources to the
highest-value IT opportunities. Of equal if
not greater benefit is that active demand
management enables IT organizations to
forge more effective working partnerships
with the business. Instead of being relegated
to the role of order-taker, IT organizations
can now engage in proactive discussions
with their business partners to establish a
future agenda for IT. And because the supply
side works in unison with the demand side,
this enables enhanced capacity planning
of benefit to both. For the first time, many
IT organizations will be able to get a step
ahead of the business and build capability to
enable new strategic business initiatives with
shortened time to market. This has been a
prized but elusive goal of IT. In organizations
where IT is recognized for its strategic impor-
tance and/or IT processes have reached a
high level of maturity, managing IT demand
has likely begun; for others, the time to man-
age IT demand has arrived.
Betts, M., “Business Demand for IT is Outstripping
the Budget,” Computerworld Blogs, May 2009,
Cameron, B., “From Relationship to Demand
Management: IT’s Relationship Managers
Will Be Focus for Aligning Business and IT.”
Forrester Research, October 2006.
Caruso, D., “Application Portfolio Management: A
Necessity for Future IT.” Manufacturing Business
Technology 25, no. 10 (October 2007): 48.
Cramm, S., “Managing IT Demand 101.” CIO, arti-
cle 32222 (April 2004),
Gentle, M., IT Success: Towards a New Model for
Information Technology, Hoboken, NJ, USA:
John Wiley & Sons, October, 2007.
Hackett Group Inc., “New Hackett Research
Quantifies Growing IT Services Gap; Demand
to Increase by 17% through 2010 as Budgets
Remain Flat.” Research Alerts #05122009,
May  2009,
Hotle, M., J., Duggan, and J., Woods, “Drive
Application Overhaul Efforts with a Portfolio
Approach.” Gartner Research Inc., ID Number:
G00205640, July 2010.
McKeen, J. D., and H. A. Smith, “Creating
and Evolving a Technology Roadmap,”
Communication of the Association of Information
Systems 20, no. 21 (September 2006): 451–63.
McKeen, J. D., and H. A., Smith, “The Emerging
Role of the Enterprise Business Architect.”
Communications of the Association for Information
Systems 22, no. 14 (February 2008): 261–74.
McKeen, J. D., and H. A., Smith, “Application
Portfolio Management.” Communications of
the Association for Information Systems 26, no. 9
(March 2010):157–70.

282 Section IV • IT Portfolio Development and Management
Morhmann, G., Schlusberg, C., and Kropf, R.,
“Demand Management in Healthcare IT:
Controlling IT Demand to Meet Constrained IT
Resource Supply.” Journal of Healthcare Information
Management 21, no. 3 (Fall 2007): 56–63.
demand_management, April 2010.
Potter, K., “IT Cost Optimization Round 2: Strategic
Shifts and Doing Less with Less.” Gartner Research
Inc., ID Number: G00205937, August 2010.
Smith, H. A., and J. D., McKeen, “Building a
Strong Relationship with the Business.”
Communications of the Association of Information
Systems 26, no. 19 (April 2010): 429–40.
Wikipedia, definition of demand management,
agement, June 2014a.
Wikipedia, definition of enterprise architect,
architect, June 2014b.
Young, C., “ITSM Fundamentals: How to Construct
an IT Service Catalog.” Gartner Research Inc.,
ID Number: G00210792, March 2011.

C h a p t e r
19 Creating and Evolving a Technology Roadmap1
If you don’t know where you are going, any road will get you there.
Lewis Carroll (1865)
The preceding quote applies rather well to technology roadmaps. In the past, companies have followed a number of different technology paths that have not always led to the “promised land” despite conscientious effort. There are
many reasons for this. First, the target evolves, which means that development of a
technology roadmap should be an ongoing process. To continue the analogy, we are
forever “traveling” but never “arriving.” Second, technology has many different
masters. Vendors, trade associations, standards-setting boards, alliance and/or trade
partners, mergers and acquisitions, growth and expansion, strategic directional change,
new technological development, and economic shifts (e.g., price performance, adoption
patterns, and obsolescence) are all continuously influencing where companies want
to go with technology. Third, unexpected roadblocks occur (e.g., the company that
produces the application platform that runs your business declares bankruptcy). If
building and evolving a technology roadmap were easy, it would always be done well.
Why do we need a technology roadmap? IT managers believe that without the
guidance of a roadmap, their companies run the risk of making suboptimal decisions—
technology choices that make sense today but position the company poorly for the
future. There is also a strong sense that the exercise of developing a technology roadmap
is valuable even if the actual roadmap that is developed is subject to change. Another
adage that applies is, “Plans are nothing; planning is everything.” It is through the artic-
ulation of a technology roadmap that you learn what you did well, where you failed,
and how to improve the process. Finally, a technology roadmap limits the range of
technology options and reduces the decision-making effort compared to facing one-off
1 This chapter is based on the authors’ previously published article, McKeen, J. D., and H. A. Smith, “Creating
and Evolving a Technology Roadmap.” Communication of the Association for Information Systems 20, no. 21
(September 2006): 451–63. Reproduced by permission of the Association for Information Systems.

284 Section IV • IT Portfolio Development and Management
decisions repeatedly over time. Because a roadmap has cast the evolution of technology
on a defined path, it means that an organization can simply accept this decision and not
revisit it continuously. Thus, a technology roadmap reduces the organization’s cogni-
tive workload.
This chapter begins with a general discussion of technology roadmaps and
presents a