As automation touches more of your organization, security will be far from automatic. Bots’ privileges need close scrutiny, for example.
Why a strategic IT plan is a CIO's best asset
As we embark on a new year, I think it's important to have a strategic, forward-looking plan in place for IT. The role of an institutional IT organization is to identify those systems, services and capabilities that can best be performed centrally and to deliver them robustly at scale.
Faced with ever increasing expectations and what can feel like ever decreasing resources, it can be challenging to pick up your head and look past the crisis du jour. The urgent, by virtue of classical risk management, can squeeze out the important.
We are critical to the long-term success of virtually every aspect of the business, but in the fast-pace of work, many IT organizations confuse an end-of-year report delineating all of their accomplishments as satisfying their obligation for strategic planning. This can be helpful, but it can never replace a strategic plan, which is critical to telling your community where you are going and why.
Focus on the "why"
The first challenge of strategic planning for any IT organization is how to get the domain experts to shift above the tactical level. As convergent thinkers, they are often driven to hone in on the details and to solve problems. This is exactly what we want when they are addressing near term challenges, but we want the exact opposite when we are trying to define a better future that is attainable, and then charting a course there.
Very early in the strategic planning process, we firmly established that the purpose of the activity was not to lay out a laundry list of initiatives. Our primary goal for the plan itself was to produce a marketing document that would explain to the organization and to our community where we were going and why. It is surprisingly easy to get people out of the weeds when we reframe the conversation from what we are going to do to why we are going to do it. This gives everybody the opportunity to organize their thoughts, focus longer term, and coalesce around points of agreement.
Avoid IT jargon
While much of the heavy lifting for our plan was done internally, our community worked directly with us as we explored issues and converged on the most important elements of the plan. We spent a lot of time with various business leaders, gathering information and ensuring that we clearly understood their perspectives. The plan itself was released first in draft form and promulgated widely. We gathered even more feedback and made appropriate adjustments to the details and the presentation. Everybody had an opportunity to weigh in, so by the time I put the plan out there, the community was very receptive to it.
The goal of a strategic IT plan is to be an ongoing guide for how the entire organization will approach technology and innovation. To achieve this, you have to have the attitude and the recognition that a strategic plan is a marketing tool. If you don’t treat it as such, both internally and externally, you’re going to miss the mark. You want it to be visually appealing, and you want it to hit the right level in terms of specificity. It’s not a tech document for the IT community – if it's written that way, you'll lose your audience in jargon. You have to find the balance between detailed descriptions and the big picture. Excellent writing, tight editing and a graphic designer bring all of this together into a document that people actually read.
Use it as a reference point throughout the year
And, it should go without saying, but you have to use it. I reference our plan internally to remind my people not only where we are going, but also remind them of the central role they played in its creation. Externally, it serves as the lens through which we should assess our choices. Historically, the relationship between central IT and distributed IT at the institution had been fraught with animosity and constant friction. To counteract this, one of the key elements woven throughout our plan is the responsibility of central IT to ensure the success of each and every other IT organization on campus. When I have opportunities to interact with other IT professionals in our community, I can approach them and say, “We have a bad reputation. People don’t think we work well together. It effects our ability to establish a position and gain support by those decision makers that we rely on to succeed. It negatively impacts on our ability to get resources. We have to establish our credibility. We all have to work well collectively or we are each going to fail individually.”
This approach gives everyone accountability to work toward shared goals. That's not to say that our work is limited to what's in the plan and we can never work on anything unique throughout the year. As long as we act in accordance with both the principles that we have established and the directions that we defined, the entire community can feel confident that they have real visibility into our enterprise. There should be no disconnect between the way we are executing and the things that were published in that plan. Putting the upfront time into plan creation like this can help you avoid the lengthy back and forth battles and disagreements that will invariably arise if you skip this important step.
A foundation of organizational transparency
When you put the initial work into creating a plan that informs your decisions for the year, the end game is to make sure that your ideas, your perspectives, your challenges, and your goals are all being shared with your community in a way that’s accessible to them. You are effectively marketing the evolution of IT to the business, and improving relationships within your community at the same time. By focusing on the big picture, you can ensure that your goals are accomplished and that it is easier to find the resources needed to tackle unexpected challenges or to pursue unique and innovative opportunities that appear throughout the year.
This has transformed how we share the success of IT to the larger community. Before we would occasionally send out messages when we introduced some new service or feature. Now, I proactively send out carefully crafted communications on a nearly weekly basis. These fall into a number of categories, but the majority of them are all carefully tied back to the strategic plan. The plan defined the destination, and our ongoing messaging chronicles our progress. The weekly cadence is deliberate, because it ensures that the central IT organization has frequent and relevant visibility in the larger community.
An IT strategic plan is invariably an expression of my leadership, and it presents a clear picture of how we will operate. It is the primary foundation of organizational transparency. We do not leave our strategic plan on the shelf, and neither does our community.