Dr Phillip J Windley is a recognized expert in using IT to add value to the
business. In an earlier role, he served as the CIO for the State of Utah,serving
on Governor Mike Leavitt’s cabinet and as a member of his senior staff. In
this capacity, he was responsible for the effective use of all IT resources in
the state and advised the Governor on technology issues. During his tenure, the
Utah State was repeatedly recognized by many national groups for its excellence
in the areas of IT and eGovernment.
Prior to his appointment as CIO, Dr Windley served as vice-president for
product development and operations at Excite@Home, managing a large,
interdisciplinary team of product managers, engineers and technicians,
developing and operating large-scale Internet and e-commerce products. Prior to
joining Excite@Home, Dr Windley served for two years as
CTO of iMALL, an early leader in electronic commerce. He has been a professor of
Computer Science at Brigham Young University (BYU) and the University of Idaho.
At BYU, he founded and directed the Laboratory for Applied Logic.
Dr Windley received his PhD in Computer Science from the University of
California, Davis in 1990.
Business leaders
want business intelligence and business process automation, what we
give them are desktops and networks. That's the gap where CIOs fall
short
Dr
Phillip J Windley,
former CIO, State of Utah, USA
Dr Windley now famously runs a blog on enterprise computing (www.windley.com).
In an interview with Dataquest, he shares some thought-provoking ideas on
managing technology within the enterprise and governments:
If you were to divide the deployment of IT in government/ administration
into phases, at what point is the Govt of Utah currently in? I see four essential phases: Simple web-site; Online government; Integrated
government; Transformed government
Most government IT is operating at level two right now. We’ve moved
well past simple Web sites in most instances, but are stuck on the integration
part. There’s no surprise there—integration in government is hard
because of the fragmented nature of the bureau–cracy. Integrated
government requires end-to-end electronic transactions, automated RFP and
procurement processes, cross-department sharing of information, automated
problem-resolution, and employee and citizen self-service. The fourth step
is what we really ought to be shooting for. In step four, services are
personalized and targeted. They cut across department and program
boundaries. Why is it that I have to go to different offices to get
different services?
What are the current challenge areas in IT deployment? There are several. Everyone is worried about security and many of them
are clueful enough to see that in the 21st century, to have security you’ve
got to have identity management. In the past, we’ve managed security by
building big moats around our organizations and tried to keep the bad guys out
by installing firewalls and hardening servers and routers. There has always
been a friction between these actions and the needs of the business. In the
past, the friction has been small enough that we were able to get away with
telling the business guys to live with it. Now we find that business
increasingly requires that our partners, suppliers, and even our customers have
access to data and services deep within the network. Another area that
gets a lot of attention is integration and interoperability. CIO’s
solved one set of problems in the 90s by installing CRM and ERP systems only to
find that these are the very systems that need to be integrated to support
business process automation. Now, everyone’s back at the drawing board
buying EAI tools or exploring Web services. Personally, I think Web
services are the best hope here, but many organizations are put off by the
continually evolving standards. There are some strategies to overcome
this. First and foremost, jump in and start some pilot projects.
There’s also relatively inexpensive software called Web services
intermediaries, that provides a degree of "standards-proofing."
What best practices do you recommend in the area of
technology management? Wow, I could write a book on that question. I saw part of my job as a
CIO in terms of being a technology filter and injector. At times, I had to
cut off a technology or trend because it wasn’t right for what we were doing,
but more often, I found myself injecting new technologies into the consciousness
of the organization. That’s one reason I started a blog: To let the IT
organization know what new technologies were around that could influence their
jobs. No one has the time to understand every piece of technology that
floats by and so we all rely on human filters to some degree or another to tell
us what’s important and what to pay attention to. The CIO ought to play
an important part in that process.
Windley’s
Technology Decision Priority Matrix
On structuring the IT organization, I have written a white
paper on the Modular IT organization. The paper argues for flexibility in
organizing IT, but says it ought to be done using a pretty simple guiding
principle. There are basically only three core activities that any IT
organization performs: Value innovation, solutions delivery and service
provisioning. Value innovation occurs when an organization uses IT to
change and improve how it conducts its day-to-day business operations.
It requires an ongoing analysis of how IT can be used to strengthen
an agency’s central roles and mission, enhance customer relationships,
and connect with partners. The overall goal of value innovation
is to improve organizational performance by ensuring that IT goals and
activities of the organization are fully aligned with its business goals.
Services are IT utilities or commodities such as network
connectivity, desktop computers, email and other servers, data centers,
and other aspects of IT that support solutions delivery. Services are the
infrastructure that other IT activities are built on. Service provisioning
is the process of deploying and operating needed services at the lowest
possible cost. Since services must be reliable, cost-effective, and
secure, the service provisioning organization must spend a great deal of
time and effort developing and implementing processes and
metrics. The guiding principle: Organize your IT shop to pay attention to
things that couldn’t be outsourced. In most cases this means paying
attention to value innovation first, solutions delivery second and service
provisioning third.
What are the overall trends you see in IT that could have
a bearing on how and which technologies get taken up for deployment within
enterprises? The primary trends I see in IT today all have to do with what I call
connected computing: The use of decentralized resources to achieve IT
goals. This shows itself in mobile computing, in instant messaging, and in
Web services etc.
What is your observation on the amount of strategic say
that a CIO has in running the organization? Or is it that the CIO is relegated
to be the operational head of just another management function? I have always believed that the CIO’s job is to support that business and
that’s a strategic function. Unless you’ve got a seat at the table,
and are meeting business leaders of the organization, you can’t hope to
understand what the business needs. Business leaders want business
intelligence and business process automation, what we give them is desktops and
networks. That's where CIO’s fall short.
What is your response/reaction to Nicholas Carr’s
"IT Doesn’t Matter"? Carr makes some good points in the article, but ultimately misses the
point. For example, Carr makes the point that thinking strategically may be
more fun than the hard work of operational excellence, but the latter is much
more likely to be the cause of problems for a company. He also says that vendor
needs, more than company needs, frequently drive IT purchases.
So, where exactly is the problem? The problem is that he’s only thinking about the problem in one dimension.
There are two dimensions: Expense of the IT project on the vertical axis and the
resulting increase in competitive advantage along the horizontal axis. Take your
projects, get a group of your best managers together and go through an exercise
where you rank each project on these two dimensions and then plot them on the
chart.
The first step of the analysis is easy. Do everything in the
green. You probably don’t want to do anything in the white until you’ve
finished everything in the green. Now, you may be thinking: Never do anything in
the red. These are not likely to improve competitive advantage significantly and
they’re expensive. The second step in the analysis is to classify the projects
in the red quadrant into two types. To understand the distinction, let me give
you an example. If you’re in the hotel business and you classified your
expenses, "clean sheets" would fall into the red zone. Its expensive
to provide your guests with "clean sheets" and all your competitors do
it too, so there’s no competitive advantage. Still you'd be a fool to decide
that you ought to slash the laundry budget and let you guests sleep in dirty
beds.
So ‘clean-sheets’ are ‘must-do but expensive-to-do’
areas. What does it mean in the context of IT? There are a number of "clean sheets" projects in IT: Reliability,
scalability, availability, security, desktops, LANs. You can see why these
things fall in the red zone: They’re expensive and, in theory, anyone can do
them. In practice many don’t. Finding out best practices in these areas isn’t
difficult and skilled people who know how to run these kinds of operations are
available. I think the problem is that these issues are "red-zone"
issues and it is easy to get distracted by fun "strategic" projects
and let "red zone" projects languish because they don’t provide
significant competitive advantage.
That’s short sighted because even though red zone projects
can be done by anyone in theory, they are rarely executed well and many
companies fail for lack of execution even with a strong competitive advantage in
other areas.
So how much do you agree with Carr? I don’t agree with every thing Carr has written in this article, in fact I
think its tone is likely to cause many to miss the entire point. Even so, CIOs
would do well to look at projects and vigorously pursue any that fall in the
green zone, while never losing sight of "clean sheets."
The tough thing about living in the red zone is that it is
not sexy. It is hard to do and no one’s going to come up to you and say ‘Hey,
I noticed the computers didn’t go down again!’ It’s thankless work and it’s
difficult to convince people to spend much on it. The goal is achieve
operational excellence and do it as efficiently (read cheaply) as possible. It
requires different priorities, a different culture and organizational changes.
But "red zone" work is the basis on which everything else is built and
success in other areas is unlikely if this is ignored.
Business leaders
want business intelligence and business process automation, what we
give them are desktops and networks. That's the gap where CIOs fall
short
