In no other area is it more important to have a sense of what you don’t know
than it is in IT management. The most dangerous advice to CEOs
has come from people who either had no idea what they didn’t know,
or from those who pretended to know what they didn’t.
— F. Warren McFarlan and Richard L. Nolan, Professors, Harvard Business School
In May 2003 a very provocative article was published in the Harvard Business Review. Titled “IT Doesn’t Matter” and authored by Nicholas Carr, this article has led to considerable discussion in management circles around the world. In brief, Carr asserts that IT has become a commodity that does not provide any strategic advantage to any organization nor will it in the future; the best approach is to manage IT’s costs and risks with a frugal hand and pragmatic eye.
These discussions are particularly relevant to the banking industry, where the necessity for ongoing investments in IT has long been grumbled about by some managers. Have we been wasting our money all these years? Is it really all about business processes, with IT as a “facilitator” but not a key player in the forward progress of the industry?
GonzoBankers, let’s set the record straight right up front: This guy got it wrong. IT does matter, but IT alone doesn’t get it done. IT is a tool, an enabler of improved business practices and processes. IT provides the vehicle for fulfillment of a bank’s strategic plan and the operational development required to achieve that plan. But IT must be coupled with superior business processes or it’s a waste of money.
It is true that some of a bank’s IT needs are similar among organizations, but there are numerous examples of banks using similar IT systems coupled with superior business processes to differentiate themselves strategically. Furthermore, the processes used to manage IT itself vary significantly among organizations. Superior IT management processes that are “indifferent” to a bank’s major IT systems include the following:
Management oversight. There must be an IT steering committee with both strategic and tactical components that manages IT resources effectively. In most banks, the board of directors directs the organization. The board receives enough information to strategically direct affairs, but the management team handles the tactical “day-to-day” activities of the organization. In IT, there is a need for “tactical” oversight by the business units coupled with strategic-level oversight by executive management and the board.
Presence of a strategic plan for technology. This plan must both couple the bank’s strategic objectives with its operational or “tactical” objectives. It must ensure that data is managed as a resource that can lead to strategic differentiation (ask Wal-Mart how it views technology—it’s a lot more to that company than a bookkeeping system!).
Corporate standards are necessary for maximum IT efficiency. Without proper standards, support costs escalate. It is hazardous to not have and adhere to well-thought-out standards for equipment, software and connectivity.
End-user empowerment. Virtually every IT project should be co-managed by both an information technology representative and an end-user manager. This reflects the reality that a team effort is almost always required; with the exception of a few infrastructure-related projects, neither IT alone nor end-users alone can really be successful in implementing technology.
There must be effective project management, which tightly couples IT projects to the bank’s immediate strategic objectives. Many banks take on too much at once. The technology oversight group must develop realistic estimates for the amount of effort projects will require and then prioritize them according to business unit needs. Then project management must ensure that those priorities are executed well. Most banks do not have the resources to work on more than a few major projects at one time; discipline in the process of managing projects is mandatory for success.
Risk management. In today’s competitive and regulatory environment, it is absolutely necessary to identify, measure, monitor and control all technology-related risks. To the extent a bank cannot quantify specific risks, management still must establish a disciplined approach to assess the magnitude of potential problems and then take steps to address them.
Effective training. Good training plans include a clear definition of the minimum skills required for each position, to whom training will be provided, when and where the training will be made available, the responsibilities managers bear to ensure that the right personnel are trained appropriately, and the performance measurement criteria used to assess individual and corporate proficiency in the use of systems and software.
Formal performance standards. Service level commitments (SLCs) are formally negotiated agreements that identify expectations, clarify responsibilities and facilitate communication between service providers and their customers. To be effective, SLCs must allow for mutually agreed upon modifications that adopt changing customer needs to differing information technology provider capabilities. To be really effective, SLC performance and the IT manager’s annual bonus are hard-wired together.
Appropriate use of outsourcing. It is not possible, nor even desirable, to in-source everything. Selective use of outsourcing is a recognition that no IT function can be all things to all people.
The IT management processes described above lead to effective, efficient business processes because they ensure that the tail does not wag the dog—that IT is facilitative of progress, adding value in ways that only technology can while preserving business objectives as the primary determinant of IT priorities.
Success requires both good IT and good business processes. The extent to which “IT matters” is a reflection of both systems capabilities and the manner in which those systems are used. To realize maximum success, a bank must integrate its technical and managerial processes through effective management, solid operational processes, appropriate staffing and human resource management, effective training, strong internal communications and effective management reporting. Systems must be customized to unique business objectives and competitive environments; a system that is perfectly satisfactory in one organization may be totally inadequate for another with a different clientele or strategic objectives. An organization with strong, innovative business processes and robust technology has a clear competitive advantage, while the organization with either weak business processes or inappropriate technology for its strategic objectives will not remain competitive for long.
In summary, it’s not the technological infrastructure that provides value but the business processes that are delivered using the technological infrastructure. Name any system (even those whose sales force asserts that “Our users are ‘more efficient’ or ‘more advanced’”) and there are users of that system who are good at delivering value to their clientele and shareholders, and there are other users of that same system who have an ROA and ROE that are nothing short of embarrassing. Those organizations that use IT to develop and deliver business processes which in turn provide compelling value for customers and shareholders will achieve ongoing and long-term business value. The others? They don’t matter.
“IT’s not about the last 50 years,
IT’s about the next 50 years.”
— Howard Smith and Peter Fingar
IT Doesn’t Matter, Business Processes Do