In other words, the "value" of your choices have to be demonstrable and quantifiable.
So, does that mean upgrading technology for the sake of technology is dead? Well, pretty much. Although IT budgets of late have become less restrictive, business leaders are looking for more from IT than just faster servers and more network bandwidth. They are looking for projects that will provide the overall business with some sort of advantage.
"What we have to do is show the vision -- what is the strategy?" said Mark Egan, CIO of security products vendor Symantec. "And then what are some incremental steps towards that? Because I think we would be hard-pressed to show a grand vision and (say) 'Give me a pile of money'. It just isn't going to fly anymore."
But value can be hard to define and quantify. If your company has a set of long-term goals, then you can use these as your roadmap for decision making. You can compare the myriad project requests that come across your desk against the business goals of the company and see where things shake out.
Combined with a traditional cost/benefit analysis where ROI and TCO are factored into your "go/no-go" thinking, then you stand a good chance of coming up with an answer your boss can live with and one you can articulate based on the numbers, said Bill Vass, CIO of Sun Microsystems.
"First of all, you have to drive with metrics so you know where you are and where you are going," he said. "And then, after you have the metrics in place, you have to understand what is the 'value' from a metrics perspective as far as future metrics go; ROI and TCO. And then you have to make a value call, like security is a good value judgment."
But security is also a good example of where defining value can an elusive target. Everyone knows network security is something that all companies should have in place. But how do you place a "value" on security?
If you go just by the numbers, its ROI and TCO, then the cost/benefit analysis will probably come up short.
But, by looking at the big picture, the "value" of IT security initiatives is easy to articulate, said Vass.
"So what's the value of not being a CNN event?" said Vass. "Obviously, you have to sit back as a CIO and say 'Listen I don't want to be on CNN and saying how stupid (we) didn't have an intrusion detection system', right? I don't care how much it costs -- that's a value to the company to put it in place."
The same goes for things such as compliance initiatives. From an ROI and TCO perspective, these efforts are a losing proposition from the start; until you factor in the penalties for non-compliance. Then, all of a sudden, things like your company's stock price are showing up in your cost/benefit analysis (not to mention keeping your job).
Or, put a little more succinctly: "I don't go to jail and neither does my CEO," said Vass. And that's definitely a value call the head of IT probably did not have to make until fairly recently.
To make this value call is fairly straightforward, but other things like business benefit may be a little more elusive, said Dave Simon, CIO of the Sierra Club and a former Anderson Consulting (now Accenture) business consultant.
A Holistic View
Simon is often shocked by conversations with peers whose sole purpose is "keeping the lights on" in their organizations. For Simon, deciding on which projects to go forward with and which ones to kill comes down to figuring out the whether the project will forward the organization's overall goals.
"You really need to think 'What are the business ramifications, the organizational ramifications?' of any project," he said. "How's it going to fit into your overall strategy? If I'm going to do something that's not in sync with our overall strategy, it kills me, but there's got to be a very good reason to do so."
You can't just think about the number of hours it will take to implement a project or its ROI/TCO. You have to take into account the benefit even a failed project (so long as it is just a small failure, that is) may bring to the organization as a whole.
This was the case for Simon in the last election cycle where some folks in Sierra's Washington office went ahead with one part of a larger IT initiative to coordinate the club's grassroots and Washington-based lobbying efforts.
Because the Washington folks were less than successful at their efforts, which were done without input from Simon's office, he found some glaring holes in the way the organization went about managing projects.
From these lessons, IT and the organization as whole have learned how they can improve their efforts in the future. This has value, according to Simon, and was well worth the lost effort trying to do things the old way.
"The beauty is the organization learned, the field offices, the people in the trenches learned, 'Oh, we can't do it this way next time, we really have to do it differently,'" he said. "So now there's this great willingness to cooperate with more coordination, more fully thought-out approaches. So it actually turned out quite well, frankly."
For Ann Sein, a practice leader at Deloitte Consulting, the idea of value is all about working as effectively as possible with your available resources and being able to quantify the results those efforts bring to the company.
"Am I delivering short-term financial performance; freeing up working capital; reducing inventory; delivering increased revenue; improved margin? ... whatever it is," she said. "Am I delivering longer-term financials for the business? And am I delivering this at an acceptable level of risk? So when you look at the 1,000 projects, you've got to start sorting through that list and say what are those projects trying to do?"
And that may be the most important and hardest value judgment of all: What am I trying to do? If you can answer this question, then value already is part of your decision-making process. If not, then it may be time to step back and take a look at how IT relates to the organization as a whole, what role it plays and why.