Robert Handler, an analyst at Gartner, will never forget one of his earliest consulting jobs. "I was asked to gather enough data on a CIO to fire him," he recalls. Handler dutifully began researching the CIO's current and past activities but could find no obvious missteps. In fact, the man in question was the best CIO he'd ever met.
Eventually, he returned to the CFO who had given him the assignment to ask why the CIO was to be fired. The CFO answered, "'He's spending a lot of money, and everything seems to be working just fine,'" Handler recalls. "And I thought, 'I don't ever want to be a CIO!'"
Handler had encountered one of the paradoxes of the IT world: Technological achievements often result in things not happening -- bad things, like outages, lost data or network breaches. "On a good day in IT, nobody knows you're there," says Joe McLaughlin, vice president of AAA Western and Central New York, a Buffalo-based not-for-profit that provides emergency roadside assistance and other services to its 880,000 members.
Worse, top executives may know that you and your staff are there, but they think you're updating your Facebook profiles while waiting for requests for help. Like the CFO who Handler encountered, they may assume that if they don't see new technology being deployed or major problems being repaired, there's nothing much going on. But in reality, a good IT person will, for example, "be constantly looking at resources to find out about zero-day attacks and other threats," says Mike Vitale, CTO at TalkPoint, a New York-based webcasting provider that facilitates about 20,000 webcast events per year. "If there is a threat, the provider will put out a patch quickly. But then I have to find out, if I install the patch, will it stop part of the website from working? People don't know about the blocking and tackling that goes on every day."
"There's this misconception that you stand up your servers and then they run in perpetual motion from that point forward with no care and feeding involved," adds Chris Brady, CIO at NextGear Capital, an inventory finance provider for used-car dealers whose 75 branches serve 9,000 dealerships.
There's this misconception that you stand up your servers and then they run in perpetual motion from that point forward with no care and feeding involved. Chris Brady, CIO, NextGear Capital
That misconception is easy to understand. Corporate executives may think enterprise IT systems are like home computers: You set them up and they keep running with little or no intervention as long as security updates and patches are set to automatically download. It's hard to argue with the logic that servers costing $50,000 or more should have at least the same capabilities as the $1,000 Macs or PCs sitting on their desks at home.
The same goes for the functions they're accustomed to using easily in the cloud, such as email across many different devices. "A lot of IT teams for the past 10 years have been supporting Microsoft products," Vitale says. "Then -- boom! -- overnight this executive has an iPad and wants it to work on the network. People are getting rid of BlackBerries and want to use Android or iOS devices. It sounds easy to them, but it's not. They just expect it to work, and if it doesn't, there's a good deal of anger."
Indeed, IT often goes unappreciated unless and until something fails to work as expected. "I've seen a lot of companies where business units can overrule IT," Vitale says. That philosophy holds, he says, unless an important tech function fails. "Then they're waiting for the IT team to swoop in and save the day. It's the most thankless job in the world right up until something goes wrong."
But while it may be tempting to deliberately break something or allow it to fail so as to gain the recognition that comes with fixing a business-impacting problem, deliberately doing your job badly will not be beneficial to your department, your employer or your career. And there are better ways to get IT's value across to top executives, even when things are running smoothly.
Let them know what you're doing
"There is this conception that if I'm concentrating on BYOD, all the old stuff like server patching and firewall configuration can take a back seat. But those things need to be taken care of as much as the new shiny projects do," says Joel Dolisy, CTO (and top IT executive) at SolarWinds, an Austin-based network management company with annual revenue of $269 million. The solution, he says, is to provide regular updates on what IT has accomplished. For example, he says, "I have a meeting with my CEO today to talk about the latest things we've achieved in Web development, and that people are not twiddling their thumbs all week waiting for problems to happen."
"Executives are sensitive to money and to the total head count devoted to the IT department. Providing that information on a regular basis is primordial, because otherwise people think the money is going into a black hole," Dolisy says.
That's not a good situation. "There's a clear danger that if IT is not communicating well with the rest of the executive team and providing transparency into day-to-day operations, a lot of mundane tasks will be trivialized," Dolisy says. "At that point, it's difficult to deal with. The only thing that comes from the rest of the executive team is pressure to downsize the budget and downsize the number of heads, and only work on the new shiny projects. That's a recipe for disaster."
And Vitale wonders, "How many jobs have been outsourced just because the IT team did a poor job of explaining what they do on a daily basis?"
Keep it short and sweet
While many CIOs agree that it's essential to let upper management know about IT's activities and accomplishments, they warn that the task must be handled carefully because of the many competing demands on top executives' attention, and the danger that they won't fully listen to a presentation about technology operations, much less read a report about it.
For McLaughlin, the solution is to give the CEO a written report -- but a brief one. "It's very simple and executive-level, and it's one page," he says. "Basically, the question is: Are we winning or losing? If we're winning, maybe the executive can move on to something else. System availability was 99.89%. Do we care about the 0.11%? Maybe not."
The brief life of a PMO
What's the average life span of a project management office or leadership role? In many companies, it's two years, according to Robert Handler, an analyst at Gartner, which does regular surveys of PMOs.
"We noticed a pattern," he says. "A project blows up, and someone in the company says, 'It can't happen again -- how about a PMO?' So the PMO is up and running, and for the first year everything is great." Eventually, Handler says, the PMO manager gets bored and starts adding other functions such as IT governance, asking project owners to report on a regular basis, which merely has the effect of annoying them. No more projects blow up, but many are slightly late and/or over budget as is common throughout the IT world. "So the PMO gets blamed and then disbanded," Handler says.
That might be the wrong move, though, because the PMO was serving a real function. Statistically, he says, about 1 project in 6 will go horribly wrong -- hugely over deadline or over budget or both, or is not completed or adopted. If that didn't happen while the project management office or oversight person was in place, it's because the PMO was doing an effective job.
"Somebody has to do that work," says Joel Dolisy, CTO at SolarWinds. "Someone has to work with stakeholders and define their requirements." Unfortunately, he says, "People treat the PMO like it's a black box and they want magic from it. Because they don't want any of their own business processes to be affected."
So how do you keep a PMO alive past that dreaded two-year mark? Begin by limiting its activities to what's needed to keep projects on track. "We have a director of project management rather than a whole office," says Joe McLaughlin, vice president of IT at AAA Western and Central New York. "A PMO is generally full of bureaucracy and needless Microsoft Project reports."
McLaughlin reduced the complexity at AAA's PMO, and vastly simplified the requirement document to one that's written in plain English and is easily understood. Once it's filled out, he says, "We don't ask them to review requirements. Instead, the director of project management sends back a one-page scoping document that basically says, 'This is what we think you want to do -- is that correct?'"
In general, he adds, "we try to be a lot more user-friendly. We've eliminated most of the weekly reporting meetings, and try to only focus on meetings that actually produce work. You read these articles that say, 'You have to do this, this and this.' Well, you don't. You have to do what works."
- Minda Zetlin
Brady tries to casually mention to the CEO whenever her team completes a substantial project. Let's say they've just updated the company's mail servers to the latest version of Microsoft Exchange. "No one's going to see anything other than that the mail server has changed," she says. "But that's a pretty big project for the infrastructure team. So if you take your high-level project plan and explain why you're doing it and the effort involved, they'll see that there's a substantial project your team is doing."
Use the right measurements
If you want top executives to value IT's efforts, it's important to communicate those efforts in terms business executives care about. That means learning which metrics those executives are watching.
"For our CFO, an important metric is EBITDA," says Kevin Broadway, CIO of MetroPCS, a wireless carrier acquired by T-Mobile in 2012 for $1.5 billion. (EBITDA, an acronym for earnings before interest, taxes, depreciation and amortization, is a metric commonly used by companies with large debt obligations or expensive assets that depreciate over time. It measures how profitable their operations are, irrespective of financing and tax issues.) "IT contributes to EBITDA one way or another," Broadway says. "As we invest over time and our expenditures change, we make it worse when we're spending money. So if we twist the metric to invest more in IT, in theory you should see a positive effect on EBITDA over time."
How does this differ from return on investment, or ROI, a much more commonly used measure in IT departments everywhere? It doesn't, or not very much. In both cases, the key challenge for IT and finance is to go back and measure the economic effects of a project after it's completed and has been in place for a while. Broadway adds one extra step by figuring out how those effects accrue to MetroPCS's general profitability. "The one-to-one relationship isn't necessarily there," he concedes. "But it's another way to look at IT's contribution at a macro level."
In fact, Chris Curran, principal and chief technologist at PwC, says that you should alert the CEO to IT's accomplishments only when there's a specific benefit the CEO would value. "It will seem interesting to the business only if you can, say, demonstrate that integration after a merger saved 20% of operating expenses," he says.
When bad things don't happen
Explaining business value to CFOs and CEOs gets more challenging when that value is the reduced or eliminated risk of a business-impacting technology failure. But it's important to make the effort. "The onus is on the CIO to translate those risks you've identified and make a compelling case as to what the risk is to the business," Dolisy says. "What is the impact to the rest of the organization if these things are not taken care of?"
Dolisy notes that as a CTO who also functions as CIO, he's in a good position to understand the direct financial impact on SolarWinds if an IT system fails. "I have a rough estimate of the costs in terms of downloads and conversions if some of those systems are down," he says. "That's the only successful strategy -- to really understand what the value of the technology working is to the business so you can translate those technical risks and express them in the business's language."
Whatever the benefit you're trying to convey, Vitale advises seeking professional help in getting your message across. "You can leverage your existing assets internally," he says. "The corporate communications group within an organization is very powerful, and I would encourage IT leaders to be very familiar with the people in it," he says. "They usually handle internal as well as external communications, and they're only a step away from the C-level executives."
To take full advantage of this communication channel, Vitale recommends submitting regular "pseudo news releases" to the corporate communications department telling them about IT's activities. "Any mature organization has a number of ways to distribute this information internally, including intranet sites and even email blasts," he says. "If your company uses social intranet software such as Jive, Salesforce Company Communities, Podio, etc., it's a no-brainer that you should stay active on these sites."
What if your company doesn't have an intranet or internal social network? "Sounds like a great project for IT," he says.
Meeting higher expectations