Our government organisation's IT department is about to be outsourced. We have retained an in-house team to look after IT security issues, manage the relationship, including service levels, and guide IT strategy. How should this type of function work, specifically as regards the IT strategy?
Ensure alignment with the organisation's objectives
I am pleased that the IT strategy has been retained in-house. This will give your team a potentially high-profile role in identifying and prioritising the demand for IT applications. The output from this activity can help inform the security and service level agreement elements of your group.
The starting point for an IT strategy is to ensure alignment with the organisation's objectives. To achieve this I suggest organising workshops involving key stakeholders from the "business community". Together, using business analysis techniques, you can develop a shared understanding of existing business operations, and agree on critical areas that require improvement and how IT can help to deliver the objectives.
Clearly you will need to look at the skills in your group to see if they can achieve this task. Gaining this shared view of the organisation and agreeing a list of IT applications from a corporate perspective are vital if the IT strategy is to be little more than a document which, once produced, sits on a shelf, gathering dust.
Rob Lambert, senior lecturer in IS, Cranfield
How will you measure your own strategic performance?
The trend towards outsourcing the traditional work of IT departments is heralding a quiet revolution in IT strategy and management structures. The new generation of IT strategies is all about being an "intelligent customer" of IT, whether or not the company has its own internal IT provision. These strategies are driven explicitly by maximising ROI and have a management framework to match.
The people I help to define and execute this kind of strategy find that it is very different from orthodox IT strategies, and that in certain respects they need to think quite differently to make it succeed. For example, the IT experts must work as an integral part of the business team, so any actual or perceived divide between them and "the business" needs to disappear completely. Under no circumstances should they be seen as providing a service to everyone else.
The strategy and management framework is concerned mainly with the organisation's investments in, and exploitation of, information and technology, with a secondary focus on the technology you use and where you source it from. So the building blocks of the new IT function are: investment management, IT service management (as the customer, not a provider), IT architecture management (as the user, not the builder) and IT sourcing - all backed up by ongoing analysis of the IT marketplace to pinpoint opportunities and risks.
A very good place to start is to explore how, with a strategy founded on being an intelligent customer of IT, you will measure your organisation's own strategic and operational performance.
Chris Potts, Dominic Barrow
Do not fall into trap of owning technical problems
This type of situation is now common in the public sector marketplace. Outsourcing and privatisation are viewed as a cost-effective solution to long-term IT management issues. However, the need for an understanding of the business and to ensure organisational security has led almost all organisations to retain internal IT staff to manage user requirements and the supplier.
The role of your IT department will become dedicated to service management, controlling strategy and acting as client-side management on behalf of the end-user community. How the IT is delivered will not come under your department's remit, and if the privatisation has been established appropriately in terms of risk transfer, you should have no influence in this area.
Your team's primary concern will be with delivering to the governance arrangements that have been set up by the senior management. It needs to ensure that the privatised function is delivering and meeting the business outcomes that have been agreed at contract.
It is vital you have a clear, measurable and tangible framework, which you can reference to judge the outsourced service. This framework should have been agreed between your organisation and the supplier.
Your IT department has a crucial role in ensuring that the direction and security of your organisation is met through the revised service arrangements and it needs to ensure it does not get sucked into the technology. Do not fall into the trap of owning technical problems that you and your team do not own.
Roger Rawlinson, NCC Group
Key is to understand the business drivers and IT
You have some significant and varied challenges in developing the IT strategy and in managing the supplier(s). It is likely your focus will change from a delivery function to operating as a policy-setting and escalation group between your internal customers and external suppliers.
In creating the IT strategy, the key challenge is to understand the business drivers and required IT capabilities. You will need to develop a portfolio of IT-enabled initiatives in partnership with your senior business colleagues. Their functional managers should work with you to implement the agreed IT solutions. It is unclear from your question how the applications are to be developed and it may represent your biggest challenge if you are expected to provide programme management skills.
Given that the supplier will be providing the IT services, you have clearly identified the need for appropriate IT service level and security agreements. It will be critical to define the criteria for escalation when the service issues are not being resolved by the suppliers. You will also need to find the right balance between security and information access.
In summary, you should ensure you have strong business, relationship and management skills in your group. The level of technology skills will depend on the terms of the contracts with your suppliers.
Sharm Manwani, Henley Management College
You will need to lead and manage ownership
You have made a positive start by clearly identifying the areas of responsibility you and your team will retain. This team will have a pivotal role in the success of this arrangement for the government and I would strongly suggest you develop frameworks for how the new team will work.
Although you and the team have stayed "in situ" there will still be a period of adjustment as well as a need to develop new skills. For example, in the area of security this could include skills to define policies and processes as well as strategy. Similarly, managing SLAs and working with third parties demands a particular mix of skills as well as commercial experience. Recognise that set-up in this situation is different and therefore you may have to revisit team skills and priorities.
In the specific area of strategy, your group should look to take full responsibility for the IT strategy as well as defining the technology needed to deliver it. You should focus on working closely with the organisation and any third parties to gain insight and input but ensure you retain control. More importantly, you will be accountable for the strategy and will therefore need to lead and manage ownership. It will be important to establish the parameters for the working relationship with the supplier. This means understanding what is of value to each organisation and enabling each to derive that value.
Andrew Barstow, partner, Ernst & Young
Computer Weekly has put together a panel of experts whose specialist knowledge you can draw on to solve a problem. E-mail your questions (or your solution to this question) to [email protected]
Cranfield School of Management
Ernst & Young
Henley Management College