ICT Management Workshop for International Organisations
12-13 October 2006
The main themes for this year’s ICT workshop were: Management & Organisation of ICT Services; Collaboration opportunities among IFIs/IOs, and; Delivery of ICT Services. Process and Service Level Improvement Tools, Open Source software and Collaborative software were also discussed.
Session 1.1 Corporate ICT architecture to support Information Management
Architecture: Given the importance of information to most organisations, it is essential that the ICT architecture support all aspects of information management. Building and maintaining such an architecture should be identified as a key ICT governance objective; this will help to prioritise investments in this area. Defining the architecture should be carried out in collaboration with all stakeholders in the organisation. Participants agreed that the CIO has a pivotal role to play in this process, which is only 30% technology, the rest is business or environment related, e.g. Government policies, legal requirements, etc.
IM/KM: Information management is about getting the right information to the right people at the right time. Knowledge Management (KM) must be distinguished from Information Management (IM) and the two may require different architectures. KM is about how information such as that provided by ERP systems can be used by an organisation. The key issue today is how to transform information into knowledge. One participant noted the parallel with the SDMX initiative: technical standards were first developed to define statistical data and metadata structures – this is akin to information management. Using these standards, statisticians are now developing nomenclature and data structure definitions specific to each statistical domain, thus encapsulating knowledge.
Library & Archives: A number of participants noted that ICT services had largely ignored 20 years worth of information management and taxonomy systems expertise available in their own library/archiving services. Some felt that producers of information themselves would need to make more of an effort with metadata to enable downstream IM and KM systems to function.
Security/Legal Issues: Security and legal issues must also be considered when giving access to certain types of information, and responsibilities of ICT Services and business management need to be carefully defined to avoid problems. One participant described an experience where business management requested information to be made available and then retreated behind the ICT Service when this raised problems. Others described situations where overly protective attitudes and/or simple inertia meant that important and useful information was not available to those who most need it.
Human Factor/User Requirements: Participants underlined the importance of the human factor in bringing IM projects to a successful completion. During the requirements gathering phase, it is imperative that analysts be able to communicate in non-technical terms with users; in fact ICT Services sometimes misconstrue users’ requirements and then blame them when things go wrong. People’s willingness and capacity to change are also critical success factors.
Information Storage: Clients are demanding ever-increasing amounts of easily-accessible storage space. The implications of this are considerable: although costs per gigabyte are decreasing, indirect costs related to locating/retrieving information and total costs for data centre storage management activities are increasing. Storage provision & management are not just technology issues – a more global management strategy is required. Current storage/ backup procedures, based on a model developed in the 1980s, are inadequate to cope with growing volumes of new, rich media file types (statistical model outputs, audio/video, etc.) and operating teams are spending too much time backing up, locating and restoring information. Some participants are addressing the issue in terms of data retention, noting that most data older than one month is in fact obsolete; others are turning towards collaboration tools such as Sharepoint and/or implementing document management systems, or adopting new infrastructure solutions such as SANs and disk-based snapshot backup technologies. Some participants are outsourcing their backup/archiving tasks. There were mixed views on the usefulness of imposing quotas: some felt that quota management was labour intensive and hard to sustain. Other approaches mentioned included designating PCs for personal storage, and implementing different policies for different users, since needs vary considerably.
Content Management: Participants discussed use of portals to manage access to corporate information and services. Pressure to adopt this sort of convivial, personalisable interface is mounting from users who complain that they can’t find information on their organisation’s intranet. The concept of role-based portals is gaining ground. But portals only work when everyone plays the portal game - information owners must be willing to share and be part of the aggregate view. One participant successfully redeveloped their Extranet using an Enterprise content management product (Vignette) and was now leveraging this development to revitalise the corporate intranet. In his experience there were very disparate views about how this should be done and this confirmed that others are experiencing problems harmonising their intra and extranets: overcoming resistance from users appears to be one of the biggest hurdles. The problem of connecting legacy systems into portals was also raised. The Association for Information and Image Management website (www.aiim.org), devoted exclusively to Enterprise Content Management, was mentioned as a good starting point for those interested in the governance aspects (online courses are available).
New technologies: One participant remarked that 10-15 years ago, it was the ICT Service that introduced new technologies, today it is often the individual user who is leading the charge and driving innovation in the workplace. Users are demanding new technologies - blogs, wikis, Skype, etc. - without necessarily reflecting on the value and risks these technologies will have for the organisation as a whole. Participants cited the rapidly changing nature of new technologies and the lack of a corporate approach to change management as two stumbling blocks to adoption. Nevertheless, it was felt the ICT Services will have to become more agile and proactive in their approach in order to survive.
As technologies and needs have evolved over the years, some organizations have changed ERP platforms several times. All organizations present reported having deployed ERPs for the management of their banking, financial and personnel operations. Many however were experiencing high ongoing costs due to customization.
Despite concerns expressed about the ROI of ERP systems, it is clear there is no going back to old working methods. Participants reported a number of different implementation issues: (i) cultural: staff have to mature and accept changes; (ii) governance: choosing an appropriate governance model is very important; and (iii) customisation: this is necessary to adapt the package to the specific needs of each organization, but results in higher implementation and ongoing costs than most anticipate. Customisation also makes it difficult, time consuming and expensive to change vendors. To decrease these costs, three solutions were put forward: outsourcing; building up and renewing internal expertise; and negotiating vigorously with vendors on costs. On a more positive note, participants agreed that ERPs are undeniably useful for organizing and streamlining processes, and can help organizations to mature. Also, modules can often be implemented and subsequently extended to other processes. Once engaged with one ERP however, there is little flexibility for change. Since outlays are so high, very powerful arguments are required to motivate change downstream. One participant noted that having two ERPs in-house facilitated on-going negotiations with vendors. Participants reported that it was difficult to determine ROI at this stage, due mainly to limited information on realized benefits.
Session 1.3 – Meeting organisation needs for increased mobility
Three types of mobile users were discussed: mobile personnel (travellers, people on mission), teleworkers, and “nano workers” (i.e. offshore insourcing). Mobile personnel require rapid and easy 3G communications. Senior managers in particular are rapidly moving beyond the limits of Blackberry/Windows mobile devices and are demanding more than just email. They have crossed an “ease of use” threshold and now expect to be able to open their laptop and work, without having to be concerned about setting up connections. Remote workers do not require lightning fast speeds; one participant reported that one third of his staff were teleworkers and that their work time had increased as a result: staff often worked when sick, after hours, weekends, etc. Obviously, “nano” teams require excellent communications. Concerning technologies, there has been a paradigm shift with VoIP and Skype now being mainstream technologies. Real-time identity management is also revolutionising collaboration expectations
Security is of course critical and some participants did not consider a login and password sufficient – a token and pin are necessary. Participants agreed that it was essential to have senior management buy-in in order to develop an effective mobility strategy; organisations should also have an HR policy on security in place. Mobility models can lead to cost savings: teleworkers can free up expensive office space; “nano workers” can be recruited without relocation costs and with salaries paid at the national levels. Participants agreed that mobile services should no longer be considered a luxury and have now become mission critical.
Session: 2.1: Collaboration between IFIs/IOs – benefits and challenges
As an example of successful collaboration between institutions, OECD shared its experience on developing together with UNSD a new application for joint management of annual trade statistics. Each organization hosts a copy of the application, which is used to process, disseminate and exchange data they have collected using a common set of rules and software components. Factors of success include: (i) good timing, since both organizations were looking for new software at the same time; (ii) a strong will to join forces in developing a single application; (iii) the need to harmonize definitions and production processes, formalised in a memorandum of understanding; (iv) occasional exchanges of IT staff whenever required, and; (v) the need to reduce development costs, these being split between the two organizations. The success of the collaboration has opened up perspectives for similar projects with other organizations.
The second example was a joint initiative amongst International Organizations (IOs) to encourage their common EPR vendor to provide better licence and customization terms and conditions. As Chairman of the so-called CABIO Group, Mr. Maccari (OECD) reported on the group’s efforts to make Oracle aware of the particular needs of IOs and the long-term opportunities or providing better terms for them. Collectively IOs can be seen as a multi-organisation of over 100,000 staff, with an aggregated operating budget in excess of 20 billion dollars, operating in almost every country in the world; the revenue opportunity for Oracle was in excess of 10M$. Discussions so far have not yielded any concrete results. From the vendor’s point of view, IOs customize more than average and are thus less profitable in the short term. One possible avenue was to encourage vendors to provide better terms as a way to contribute to their non-profit humanitarian objectives.
Session 2.2 Promoting staff rotation between organizations
Both staff and organizations can benefit from rotating staff internally, between international organizations, or between the public and private sector. The staff concerned can gain knowledge, experience and new career opportunities. Organisations in turn benefit from these better qualified staff (as long as they stay on board!) For the experience to be a success, all parties need to be motivated and bureaucracy should be kept to a minimum. Rotations should ideally be for 2-3 years. Abusing the mechanism to get rid of poor performers or problem staff should be avoided at all costs.
Mechanisms such as a purpose-built portal for sharing information on interested staff and possible vacancies were discussed, but it was felt that this was over-ambitious at this stage. The OECD pointed out that this information could be posted on the OECD portal, created in 2005 following the last ICT workshop
Session 3.1: ICT Governance: context, frameworks and methodologies
Participants shared their experience and difficulties in implementing COBIT, Six-Sigma, Balanced Scorecard, and other governance tools. It was generally agreed that over and above the choice of tools, effective governance required a high degree of credibility between IT and the business, as well as transparency and properly defined goals and objectives. Implementation of these tools takes time and resources but once deployed, savings can be made. The tools are useful for clarifying overall vision, establishing process control, identifying and fixing particular problems, and revealing strengths and weaknesses. A case where managers with strong leadership skills were especially trained on Six-Sigma to bolster their project-leadership skills was cited as an example.
Discussion focused on the trade-offs that ICT Services must make when deciding whether to implement such frameworks, in particular: what share of resources should be devoted to core ICT governance; how to accommodate rapid technology turnover; how to evaluate the relative importance of benefits of ICT for an organisation vis-à-vis other investments. Organisation size also matters – a particular framework may bring substantial savings to large organisations but lead to little or no benefit for smaller organisations.
Session 3.2: ICT Audits
In the current business climate of corporate and accounting scandals, there is increased emphasis on internal processes and controls. Since ICT underpins many key aspects of business today (financial, operations, logistics, etc.) ICT infrastructure, security and methodologies are under greater scrutiny than ever before. Examples abound where audits can be beneficial: pointing out weaknesses/process failures previously overlooked; helping with risk assessment; making senior managers and users aware of their responsibilities. Auditors can be seen as strategic partners and audits can provide an opportunity to bring value to the organisation.
However, the negative aspects are also multiple: each audit authority has its own audit programme, entailing multiple demands, and a resulting significant drain on ICT resources diverted from other tasks. Participants emphasised auditors’ lack of ICT expertise and unclear recommendations as major shortcomings. Several suggestions were put forward as to how best manage interaction with auditors: (i) prepare well in advance: ask to know the scope/priorities of the audit - establish high and low risk areas yourself and steer attention towards the high risks; (ii) be open and transparent from the beginning, and; (iii) invite auditors to participate at the early stage of major projects. There were mixed opinions as to whether arguing with auditors was advisable!
One participant observed that implementing internal controls had improved the audit process and made it more coordinated. Another recommended the value of carrying out a self assessment using COBIT to reduce the frequency of audits. Others recommended that auditors could benefit from COBIT implementation within their own association.
A few participants proposed to draft a paper on this issue, which at the same time as recognising the importance of ICT auditing would propose a number of recommendations and best practices ensure that the exercise to be of maximum benefit to an organisation.
Session 3.3 - ICT Outsourcing
The pace of adoption of global strategic sourcing in the ICT industry is rapidly increasing. Benefits include cost savings, faster delivery, quality and consistency, capacity to adapt to ICT demand changes. However, there are costs and risks associated: operational complexity, security and intellectual property risks, potential legal challenges. Several organisations reported implementing offshore operations, mainly to
Management sponsorship is key to successful development, delivery and deployment of offshoring projects. Both client and vendor should be clear about strategic objectives and service level agreements. A working model should be defined to ensure that teams work in a collaborative, flexible environment. Good communication is vital. Participants emphasised the importance of mitigation and exit strategies and the advantages of having more than one vendor. There is a vendor-lock in risk, but organisations should be aware that in any case they will be locked in for 5 years or more, making it essential to select a very reputable company from the outset. Measures should be put in place to mitigate the risk of key people leaving and have good back-up staff at the ready. Some participants doubted whether offshoring was cheaper, due largely to the very high turnover rates commonly experienced by offshore companies. Outsourcing/offshoring is also a sensitive issue. It was agreed that outsourcing/offshoring did not necessarily result in staff reductions, but could be useful to augment capacity and possibly reduce overall costs.
Session 3.4 – Round table discussion
Process and Service Level Improvement Tools: As user needs become more sophisticated and diversified, service delivery models need to be reviewed and improved to bring increased value to end users. ICT Services must be able to measure their effectiveness. One approach suggested was to undertake a market segmentation analysis based on groups of users. Dedicated client managers should then be assigned to these groups. Participants also agreed on the importance of managing and monitoring separately service levels for infrastructure, applications systems and service delivery. The bulk of ICT spending goes into infrastructure and transactional systems since it is easier to define business cases for these. Much less is spent on informational applications, collaborative systems and services, even though businesses can be transformed by investments in these areas.
Open Source: Some participants reported using OS software, mainly for back office systems; few were using them for mainstream, desktop applications. Participants involved in collaborative efforts with NGO’s had noted increased use of OS within these organisations however.
Collaborative Software: Participants generally agreed that email was no longer an effective collaborative tool. Email is a reminder and action tool rather than an information carrier: corporate information should be imbedded in systems – emails should only link to the information. Introduction of collaborative software on the other hand has revealed new levels of creativity and innovation amongst users themselves. Some participants felt that collaborative software could place a heavy demand on ICT resources. A contrary example was given which had proved to be of low cost in terms of management, implementation and administration, whilst remaining very responsive to user needs. Concerns were raised about the security and legal aspects of introducing new collaborative tools into the corporate workplace or extranets. In conclusion, participants agreed that ICT Services would need to engage with user groups on an ongoing basis to ensure these new tools are introduced in a manageable way.
Guido Maccari closed the workshop, thanking the participants for the frank and stimulating discussion, adding that sharing experiences of failures as well as success was always very enlightening. He suggested that the next workshop be held in