No Overall Control – a Future State of ICT

With all the continual talk about how ICT connects more with the Business and how the Business needs to understand ICT more, I have started to think about where all of this will inevitably lead us, plus you hear people say “if we could only solve this problem we would start to get more from our investments in IT”

I’ve had some great conversations with my colleague Martin Howitt about this topic and i want to share some of our thinking here.

Lets start with some of the key drivers impacting and changing Corporate ICT in organisations and in particular the Public Sector:

  • The increasing pressure on budgets and the predicted heavy cost savings and budget reductions
  • The growing influence of knowledge workers and generation XY, the increasing influence of consumerisation, social media and web 2.0 tools
  • The impact of the Cloud and the “stuff” as a service approach
  • Higher levels of IT competence and awareness of technology in general
  • Lower barriers to development tools, eg WordPress, Yahoo Pipes, Drupal, Joomla etc
  • Mobile devices and smartphones have increased information and data exchange and is driving location based, real time requirements for knowledge.

From an organisational perspective however the above creates new risks to be managed and mitigated, new security approaches that meet security standards and frameworks that enable lower cost delivery and information assurance.

This however does not reflect the current state of most corporate ICT functions across the public sector – understandably so – there are huge pressures to simply maintain services and “keep the lights on” around ICT costs.

But this just continues and encourages the separation of skills, so that ICT manages and decides ICT investment and the Business states the requirements and writes the strategies to provide direction.

To really address the gap between people in ICT and people who work in the Business (people outside of ICT) you actually need to start moving the competencies that IT Professionals have into the Business. There has already been a lot of work on mapping and identifying skills and competencies in this area. SFIA (Skills for the Information Age) on its website states:

The Skills Framework for the Information Age (SFIA) provides a common reference model for the identification of the skills needed to develop effective Information Systems (IS) making use of Information Communications Technologies (ICT). It is a simple and logical two-dimensional framework consisting of areas of work on one axis and levels of responsibility on the other.

Via Skills for the Information Age SFIA

The SFIA framework defines 7 levels of skills: follow, assist, apply, enable, ensure/advise, initiate/influence, set strategy/inspire.

So if a whole load of ICT competencies actually sit outside the ICT department, what effect does that have on both the external departments and the internal ICT department?

The aim is to enable better exploitation of the technology now available to us in order to cut the costs of doing business, do business better, and all that good stuff.

The new Business User

  • understands their business (as now)
  • understands the IT they are currently using
  • is on the lookout for better ways of working
  • understands the value of what they are doing
  • understands how ICT helps increase that value

In terms of the SFIA framework this means skills up to and including level 3 (or maybe 4) of the SFIA framework with large elements of infrastructure and delivery either provided by business users themselves, outsourced to the cloud or provided by an in-house delivery section (this is what the old IT department looks like).

JP Rangaswami has posted on the Facebookisation of the Enterprise which sets out the core functions that a ICT Department would need to provide  an element of management /governance around.

  • Simple self-service signup – Access
  • Set of directories, and ways of adding to them, searching them, extracting from them.
  • Tools to classify the elements of the directory.
  • Communications tools.
  • Tools for scheduling events.
  • Provide a News Feed. And ways of managing the firehose
  • A developer platform with the appropriate controls and service wrap around it.
  • Via Confused of Calcutta – 3 Posts on Facebookisation of the Enterprise

So the new Business User needs a re-factored IT department to allow the business to generate value from this core solutions architecture. This Department:

  • Researches new trends and provides analysis of strengths, weaknesess, opportunities and threats to the whole business including IT
  • Provides analysis of performance across the business and where ICT Investments add value and deliver business outcomes
  • Provides consultancy ensuring that the exploitation of IT Investments are realised across the whole business
  • provides Portfolio Management of IT and all internal investments
  • Models the organisation – Ensuring the architecture of the enterprise is fit for purpose – Business Architecture, Information Architecture, Technology Architecture, Security Architecture, Solutions Architecture etc
  • Ensures standards for procurement and support – e.g security architecture for / cost benefit analysis
  • Provides or signposts relevant resources for learning and development around new technologies and solutions
  • Provides assurance that projects meet and contribute to corporate strategy and business plans

In local government, this can be a tall order. To some extent we rely on external bodies (such as SOCITM) to provide a level of analysis to underpin the work and we have to re-use existing models like the ESD toolkit to aid in the modelling. We get some security standards from bodies like CESG (via brokers such as Government Connect) but there is no overarching CIO body for local government in the same way that, for example, John Suffolk acts for central government departments. The Government ICT strategy should, in our view, be setting all this out to enable adoption of new cost-saving delivery models like the G-cloud – which should in term be providing the sort of infrastructure that forms our common solutions architecture.

However without any real central leadership for local government, we will only ever approach this challenge in isolation and miss the opportunity for fundamental and radical cost savings.

Emergent Governance and Enterprise “Business” Architecture

As an Enterprise Architect, you would think that the current financial situation would probably provide the most appropriate climate for Enterprise Architecture – and you would be right. However in the current UK Public Sector context we need to ensure even more than ever that we can consistently demonstrate not just to our managers, but our managers, managers, that we are offering and delivering value across the whole Organisation and across the Enterprise (in local government terms this can include our partners).

The challenge that we face is two fold:

1) Our constant communication and stakeholder engagement challenge – we have plans to communicate and methods for engagement, but we also need to build trust around our deliverables and that is not always in our control, as we don’t provide project/programme management. We do however provide assurance, but we are still developing this alongside the wider governance framework.  It is also not always that easy to simply say that just because we want to encourage and develop re-usable IT components and provide a more agile IT infrastructure and development model that business stakeholders will see you delivering value. These aspects take time and require an Enterprise Architecture programme to be delivered from start to finish. It doesn’t happen overnight, well not in the Public Sector. What the business generally wants is results and not just results but results NOW. They often see more value in project management, although some still think that is a luxury within projects.

The following is an extract from Rik Laurens from CapGemini who outlines this in a much better way that i do.

Projects are managed by projects managers. And good project managers do what they are paid for: reach a predefined target, within time and within budget. It’s good that we have them. And they should stay. But today we are not only interested in a bunch of stove-piped project deliverables anymore. We want re-use of IT assets across projects and we are more than ever interested in project deliverables that are interoperable across the enterprise and beyond and play a role in a broader context. Yes, we still love our project managers that focus on a particular scope and protect that particular scope. But in this era of cloud computing, interoperability, re-use and agility we also need a strong, corporate body that safeguards that the projects are not only doing what is good for the projects themselves but also (or more importantly) do what is good for the enterprise as a whole.

via nterprise Architecture: The Only Way Forward | Capping IT Off | Capgemini

2) We are not always seen as “Enterprise” Architects, mostly we are seen as IT Architects of one kind or the other (we are based within Corporate IT) and that is a boundary that most of the organisation is comfortable with.  This is a big challenge as my role within the team along with a colleague is to develop for the first time an “Enterprise Business Architecture” (EBA).

The EBA challenge is in my opinion a similar one but one which in order to build trust and build some momentum requires a different approach. It is important to acknowledge that we have an agreed Enterprise Architecture programme and have Governance around this but it needs developing and adapting to ensure that it meets the needs of the other architectural effort we are doing. (Information, Technology, Solutions and Business) This is where i believe to help gain some traction and some buy in around “IT people” getting involved in Business issues, we need to find a back door in.

I have thought about this for some time and i’m not sure whether or not it is the right thing to do, but i guess the right thing can only be measured by the type of organisation you work within.

I believe that Governance is the key to unlocking the potential of Enterprise Business Architecture in my organisation and that if we as a team can define, model and deliver a framework of governance that actually supports the over programme. It is worth noting that our Enterprise Architecture team is only 2 years old, so i consider all of what we have done a remarkable success all things considered, but we always want to do more.

The key to governance in my opinion is ensuring that we understand what form of governance we wish to support alongside the type of participation model the culture currently allows. I have posted my thoughts on a Governance Ladder on my personal blog. However in this context we need to ensure that our governance framework is Agile and allows for “Emergent Governance”:

The notion of  emergence, where intelligence is manifested from a collection of minds, is a core concept in chaos theory and the underlying principle in James Surowiecki’s  The Wisdom of Crowds. Scientists have long noted that, on average, the assessments of a crowd are more likely to be correct than the proclamations of an individual expert. From Elisabeth Noelle Neuman’s work on predicting election outcomes ( The Spiral of Silence), to the  central limit theorem that underlies statistical sampling methodology, the emergence of intelligence from large groups has been well established.

The exciting opportunities for governance presented by social networking and collaboration technologies are palpable. The election of a president who understands this potential portents a new golden age for democracy. Perhaps

via Emergent Governance: Who Needs Bees When the Grassroots Swarm the White House

The interesting aspect and similarity i see here is that we have recently undergone some dramatic changes at the top of the organisation. A new Political Administration and a number of our Corporate Management Board retired, this presents opportunities that must be explored and pursued. So with the challenge set out, we now embark on the journey.

ERP and EA

Some councils have chosen to implement ERP systems such as SAP or Oracle e-Business suite to consolidate a number of their core systems.  It is argued that, by installing a “vanilla” out of the box ERP system and by forcing changes to business processes to align with the ERP system, big savings can be made in the business processes themselves as they become more streamlined: and that consolidating systems such as finance, HR, payroll, procurement, project management, CRM and supply chain management can yield efficiencies through more integrated working and improve management information.

As an EA, however, I think I have to look at this the other way around: assuming the business wants process standardisation, better integration, and better management information, what’s the architecture that will deliver that?

I don’t know for sure, but wouldn’t integration be better delivered by an SOA implementation? Shouldn’t we implement BPM to improve and standardise our processes? Don’t we want data warehousing and BI tools to give management information?

And culturally, if we are going to implement an IT system to force through structural and process changes that we want to see, isn’t that the kind of thinking that got us into a mess in the first place?

I don’t know for sure and it is almost certain that the best practices inherent in some out of the box ERP systems will improve and streamline operations and save money. But when a business makes an investment decision on an ERP type of scale, what’s the opportunity cost?

Interested to know what others think about this, especially those working in a council that has implemented such a system.

Nick Malik on requirements

MS blogger Nick Malik has written an extremely comprehensive post about what can go wrong when setting up software requirements. I think many of the issues he raises are applicable to architectural processes as well.

http://tinyurl.com/cxhk4n


ICT needs to change

I’m Pete, another member of our recently formed Enterprise Architect team. I’ve been fortunate enough to attend the November Gartner Symposium in Cannes for the last 10, possibly 11 years. Every year, I say “this will be my last symposium”. This has been my last symposium!

This entry breaks the pattern of previous blogs on this site  … breaking form seems to be my role in life. I find these Gartner events incredibly stimulating and thought provoking: I anticipate them for months beforehand and I make use of them to inform my strategic thinking for the next 12 months … and co-incidentally bore my colleagues to death with my perpetual mantras. This year has been no exception: for the last 6 months alongside the development of our Enterprise Architecture Programme and Future State Architecture, we’ve been attempting to jump start innovation in the organisation. We’ve looked variously at: cutting email and exponential growth in unmanaged document storage and copies; easing the change to mobile and flexible working by providing unified communication tools; working more closely with trusted partners by sharing devices and networks and  providing a simple secure email and data exchange service with small providers and individuals; allowing knowledge workers to  use of personal devices for work …..

At each turn, Operational ICT  groups in most organisations defend by moving rapidly to Command & Control mode, arming ICT policemen to protect the business from itself. We are no different … and I’ve played my part in it! My biggest learning experience and revelation at the 2008 Symposium has been the crystallisation of these ideas in presentations by Steve Prentice, Monica Basso, Ken McGee, David Furlonger and John Mahoney: for me, they’re all recognising  & promoting the same future state:

  • Consumerisation of ICT makes users unwilling to accept policing by ICT & blocking of the innovation which will add value to their business
  • Digital Natives dominate by 2018 and they won’t accept corporate ICT and its limitations & controlling approach

ICT needs to change:

  • ICT’s new role is to advise the business how new technologies can be adopted securely, and to educate about the business risks – its a business decision to determine whether those risks are then acceptable or not
  • Future ICT will focus on core strengths and core systems; knowledge workers and Digital Natives will provide their own productivity tools
  • A substantial proportion of Users, whether Digital natives and / or Knowledge will provision, support and use their own ICT productivity ICT tools and devices without central ICT – ICT’s role is to make this feasible while keeping the core secure

Gartner have made the Keynote sessions available on their website: you can view the webcast at:

http://www.gartner.com/it/sym/2008/esc20/keynotes.jsp. I particularly recommend the sections by Steve Prenctice and Andy Kyte.

No-one believes that these events are hard work – I’ll admit its an extremely attractive venue, Paris is only 5 hours away by TGV [why can’t the UK get its act together?] and there is a little time to enjoy!

cannes