Question

MCS 5 Transforming IT at Global Digital Imaging

“We are your images!” proclaimed the various posters showing different types of uses for images—from personal to professional photos, x-rays to ultrasound, brain scans to jaw scans—down the long hallway away from the boardroom. As Ray Henderson strode out to the elevator, the tagline evoked many images in his own head—images of the proud company he had joined as a fresh-faced university grad that had ranked high in the Fortune 1000 and whose products and technologies were used and copied all over the world. It also evoked images of the hideous debacle of the last few years as its executives struggled with the downward spiral of its business as competitors and cheaper digital products undermined its traditional revenue sources. At least I’m getting out while the getting is good, he thought.

In an effort to regroup, both financially and strategically, his company, World Heliographics (WH), had begun to sell off its assets. Unfortunately, Ray’s division, medical film, was among the first to go. As the CEO had just informed him, it had been sold to a successful private equity firm that would hold 100 percent of its assets and take an active role in its future activities. It would now become a separate business, Global Digital Imaging (GDI), and Ray would be expected to deliver significant value for its new owner–investor, VE Investments. “They have an experienced management team and a proven ability to build businesses,” the CEO told him. “If you can give them the returns they want, they will keep you on as President.”

As he stepped onto the elevator, Ray felt both exhilarated and apprehensive about this new opportunity. Mentally, he started an inventory of the new company’s assets. With operations in more than 150 companies, revenues of about $3 billion, and 12,000 staff, it was a substantial company in its own right. But operating independently of a much larger parent company created headaches in a number of areas, requiring the development of separate functions in HR, finance, facilities, and IT.

There was a lot to do in very little time, and soon GDI was a legal entity. On Day 1, Ray called his senior people together. “Our first priority is to run as a company independent from WH as quickly as possible,” he said. “We need to think like a young, agile company and not like a large, entrenched bureaucratic organization. Fortunately, we’ve got the transition team from VE Investments to help us.” And indeed, it was only a few months before complete separation was accomplished, that is, everywhere except IT.

“Why is this so difficult?” Ray grumbled to the temporary CIO, Fred Gamble. “We have a number of problems,” Fred said cautiously, observing the fire in Ray’s eyes. “Because legally, GDI didn’t officially exist until the actual divestiture took place, no contracts could be signed or service level agreements established until then. As a result, GDI has inherited a ‘mini WH’ IT function with all its flaws, so we now have a smorgasbord of technology.” Fred explained that all applications, data, and infrastructure had been purchased and replicated to create a parallel organizational structure just to keep the business running during divestment. “So this means that not only are our systems not integrated, they are not designed for our type of company,” Ray concluded bluntly.

The search for a new CIO began in earnest the next day. “I need an experienced and proven CIO to formulate a vision for a transformed IT function,” he told the search firm he hired to help him. “You understand IT much better than I do so find me someone who is able to undertake a challenging transformation on multiple fronts at once.” The winning candidate was Ben Perry, a career IT executive, who joined GDI one year after it was created. “I knew I had a mandate to transform IT,” recalled Ben later. “And I knew we had to make some big changes, but I underestimated just how big these changes were going to be. There were a number of things we had to fix. We were still tethered to WH through some technology. The plans to disconnect had slipped four or five times and there was now a major lack of confidence about this separation. Our systems were outdated and not designed for a company dealing with healthcare products for medical practitioners. Our costs were too high and unpredictable. We needed to get our costs under control in order to free up funds for new investments. We had 700 core applications and needed 200–300 at the most. We had multiple financial and email systems, no architecture or standards, and exact copies of every type of infrastructure and application that WH had. It was like the Wild West!”

“Ben walked into a mess,” agreed Henderson. “IT was an obstacle to our being able to operate effectively and efficiently. I knew that IT was the key to our future so we needed to both clean up our act and find how to better balance technology and business strategy to move us forward. We needed basic competencies so we could use IT to differentiate our company and get us better information.” He left it up to Ben to oversee the transformation and bring GDI’s business leaders on board. “Ben understood both leadership and technology. That combination is hard to find. That’s why he got the job. He had my support but, if I had to sell these changes myself, I wouldn’t have needed him,” explained Ray.

Ben’s transformation mandate and the reality of GDI’s situation pulled him in two different directions. On the day he arrived, for example, the entire data center crashed. Observing how it was handled made him realize, “Our IT organization is a minefield. We have a lot of tactical staff who spend their time firefighting and trying to deal with the different pieces of the organization, but it isn’t making anything better.” But that was just the beginning of IT’s problem, as he soon discovered. There was no alignment with business on either tactical or strategic goals, and though the entire executive suite complained constantly about IT, there were no processes in place, such as portfolio management and prioritization, that would help educate business leaders about how to make IT investment decisions and confirm the direction they wanted IT to go. There was a considerable lack of role clarity and accountability, and this problem was exacerbated by a matrixed organization structure with dotted lines going everywhere.

Resisting the urge to start fixing immediate problems, Ben spent his first few weeks information gathering and listening to business leaders, trying to understand their pain points. He also implemented a business partner survey, much to the consternation of his own staff. “What is he doing?” they complained to each other. “He’s not doing anything!” Ben resisted this implied criticism. “Our IT strategy and governance were non-existent,” Ben explained to his staff later. “I needed to be sure I understood the business’ issues and their root causes before I did anything else.”

Ben explained: “This is in keeping with what our executives want us to accomplish. Each component links IT activities directly to business concerns. It is important that we hold ourselves accountable to our new mission. But more on this later.”

Next up was the new organizational chart. Ben started with the appointment of Teresa Danton as Director of IT Strategy & Planning, the Project Management Office (PMO) and Governance. As Ben explained, her job was to support the new organizational design by bolstering the existing, ineffective PMO and introducing new governance practices that would eventually result in a comprehensive governance framework. “We need execution discipline to deliver business value through our IT programs and portfolios,” Ben stated. “We need to develop the standards and best practices to do this and acquire the tools and methodologies to streamline project delivery and enhance quality. In addition, Teresa will be responsible for time tracking and billing, project planning and reporting, and financial planning and tracking. She will also measure everything so we can report on our progress to the business. Governance is a critical success factor for our transformation.”

Next, the rest of the IT leadership team was revealed: a Director of Operations, whose goal was to run the key business systems as efficiently as possible by streamlining resources and reducing costs; a Director of Relationship Management, whose job was to move the IT culture from being order-takers to solution-providers and eventually strategic partners; a Director of Enterprise Architecture responsible for developing a technology roadmap and a transition plan to move the organization from its current technology state to its planned future state; a Director of Data Security & Privacy whose job was to organize, safeguard, and ensure the availability of all data assets in a manner that protected the privacy of individuals; and finally a Director of Application Development whose job was to acquire new systems through purchase or development to support the business through automation. Ben kept talent management—critical to IT transformation—for himself. “Spin-offs are dirty work when it comes to people,” Ben told his team. “You’ve already seen that not everyone at the senior management level was able to handle the changes involved and this is true for the rest of our staff as well. Some of our people will need to move to our outsourcers as we realign our contracts, but others simply do not have the right skills.”

For the next hour and a half, Ben dealt with questions and invited his leadership team to discuss their issues and concerns with their new assignments. “I want us all in agreement here,” he told them, “because my next job is convincing the business that we will be able to accomplish this mission.” All heads nodded in unison. Then he dropped the bomb! “And the first way we’re going to do this is to cut the cord with WH!,” he proclaimed, holding up a mouse with a dangling tail.

While the whole IT organization was engaged in the “cutting the cord” project, Ben started communicating his vision of IT’s mission and the new organizational structure to his business partners and to IT staff through a series of town hall meetings. But to really sell the business on the benefits of the IT transformation and obtain their cooperation, Ben needed something more concrete. At the next weekly directors’ meeting, he declared, “It is time to start delivering on our mission. We need to develop a plan of action.” Not only would the plan have to align with the overall mission, but it would have to address issues at three levels: strategic, tactical, and operational. Calling them “buckets,” Ben explained: “Bucket number one is building the basics. We have to stabilize and simplify our systems and operations. Bucket number two is table stakes. That is, we have to make sure we have the right strategic platform that will enable us to do business and match what our competition is doing. Bucket number three is building differentiators and targeting strategic innovation. I know that most of you can’t even begin to think about buckets two and three because you’re so busy dealing with day-to-day problems, but we need to make time to do some work in this area, so we are not just fighting fires.”

Ben concluded the meeting by tasking each of his directors to develop an integrated mission and execution plan for the next three years that would be consistent with the overarching vision for IT. “We need to present both a holistic understanding of the transformation involved and a step-by-step roadmap for how to get there. Each year, each of you should have activities in each of the three buckets I’ve identified,” he said. “Clearly, your first year or two will be heavily weighted in building the basics, but I want to see accomplishment in each bucket every year and, as we move into year three, I would expect most of the basics to be addressed and considerably more strategic innovation to be taking place. Furthermore, I expect every goal you identify to be measurable and linked to our mission. We will develop a scorecard for each of the goals of our mission and report quarterly to the business. You have a month. At that time, we will integrate your individual plans and pull everything together into a comprehensive three-year plan. This will keep us all on the same page. And you will each have clearly defined accountabilities.” He paused, “Any questions?”

Not surprisingly there were no questions. As everyone filed out of the room, Ben signaled to Teresa. “I wanted to talk with you about your role in this planning exercise. As I see it, governance is the critical part. Without effective governance, we have no insurance that the right decisions will be made by the right people in the right time frame in order to deliver the value we want. Before you share anything with the other directors, I’d like to review your governance ideas with you. If you let my assistant know as soon as you have something, we’ll book some time. Got to run.”

Back at her desk, Teresa fought the urge to panic. I can’t believe that Ben is expecting me to be the expert on governance, Teresa thought as she tried to figure out how to begin. Within a few minutes thanks to Google, Teresa learned that: IT governance is a framework of processes and structures that specify who makes decisions about and who is accountable for the IT function and its work.… It is not about what specific decisions are made or how groups are organized and led. Effective IT governance is designed to encourage desirable behavior in the use of IT that is consistent with an organization’s mission, strategy, and culture. (Weill 2004)

This last statement resonated with Teresa. All she had to do was to create a set of processes that would incentivize the right decision makers to make the right decisions! In fact, the often-used example of effective governance involved dividing leftover cake between two children. You let one child cut the cake and the other select a piece. And presto, all by itself the process guarantees an effective outcome.

Further investigation showed that a governance framework was somewhat more complex. It covered three levels: board, enterprise, and business unit. She also found that effective enterprise-level governance should address several elements including architecture, security and privacy, operations, strategic projects, IT capabilities, and data.

Discussion Questions

1. 1. Differentiate between “management” and “governance.”

2. 2. Create a set of governance processes at the enterprise level to ensure that strategic initiatives at GDI are prioritized, developed, implemented, and aligned with the business’ strategic vision.

Answer 1

Governance is the 'what'-an organization's strategic strategy and leadership acted out by the assigned counsel. It is about the organization's preparations and general policy and course and checking that it is periodically reviewed. The Board assists the management in delivering on such business strategies.

Governance is really about:

• Assessing the objective
• Strategy and planning
• Nominating and supervising managers
• Planning procedures
• Providing input, advice, and decision
• Checking the organization's efficiency
• Strategically defining and mitigating risk?

Management is the 'how'-execution of the organization's action plans, and function.

An organization's administration oversees the day-to-day operation of the company. Management also determines a key role in company leadership by assisting employees and/or participants in identifying and executing the strategic strategy. This is a special position for the Board of leadership.

Management is about:

• Designing and executing plan and strategies
• Creating and managing annual operating business strategies
• Nominating managers and personnel to promote governance mechanisms
• Enforcing board decisions
• Evaluating success
• Implementation of strategic and organizational risk control programs and activities

Governance processes at the enterprise level

Developing the operational model of governance requires identifying and reporting the subcomponents and operations at the level of detail needed by the organization to guide the decisions and actions of the citizens. The goal is not to rule, but to describe decisions and actions in ways that are going to be relevant from a governance perspective. The method of reporting the operational model of governance will provide as much meaning as the actual records. When an organization has an unregulated model of governance, recording it can concentrate decision-makers on juggling competing priorities, identifying roles, allocating resources, and formulating solutions — activities that are necessary for executing governance.

The company should determine its existing state in determining its governance operating model, describe its ideal future state, and identify the measures needed to accomplish the latter, i.e. enforce it. The company will consider considering the following issues and goals in this exercise:

Compliance issues:

• Comply with multiple, sometimes conflicting, requirements
• Comply with regional and/or parent-company nation regulations
• Align legal compliance and risk management to meet integrated, globally coordinated needs

Cultural shift:

• Shifting towards one organizational culture around the company
• Settling the conflict between local culture, legislation and business unit needs and laying the groundwork from the top
• Settling the conflict between centralizing risk strategies and decentralizing business decision-making

• Right to Control and Managerial decisions:

• Create responsibility of financial strategies, expenditures, finances, contingency measures, recruiting, performance monitoring, incentives, risk management, and new company and product approvals
• Explain the supervision duties and responsibilities of the board and its connection to management duties and responsibilities
• Determine who is taking up the leadership, one who has veto rights and how conflicts are managed.

Process and program issues:

• Enhance administrative and risk assessment procedures and systems that help national and divisional risk mitigation
• Update procedures and systems that produce data and information needed by local policymakers
• Streamline and harmonize regulations to enhance efficiency and reduce costs

Regulatory relationships:

• Elect an on-site contact person to address queries from local regulators as required or helpful (rather than sending them to head office)
• Establish state-level virtual (or actual) subsidiaries with key officials who are willing to reply to inquiries from regulators about various local business units
• Discuss regulatory criteria with respect to subsidiaries and strategic partners.

Human resources:

• Define work requirements and responsibilities needed in a matrix reporting system, and the skills, experience, and expertise necessary
• Account for the skills, experience, and expertise needed at the board level, especially in the areas of management and risk supervision

When planning leadership and practicing supervision, boards and management teams can do well to take into account the aim of developing an informed culture of risk.