All this talk about merging business goals with IT seems to have reared its ugly head. With the best possible intentions and following the ultimate in best practice methodology, insurance CIOs are trying to make the marriage work. Is their time and effort well placed? Are they being successful?Not according to a recent report issued by Aberdeen Group, a Boston-based research firm, which cites the two most powerful "disruptors" to the CIO's mandate for 2005: the need to provide better solutions in a business environment of growing risk and uncertainty, and changes in the technology landscape.
"Business line users are adopting technology and enterprise applications without considering the strategic IT implications of their tactical investments or actions," says the report. "Security is greatly compromised when an enterprise adopts open source technologies or uses instant messaging, insecure wireless devices and networks, or PDAs to exchange or share sensitive company information."
We get the growing risk and uncertainty part. With a single security breach equal to catastrophic business failure, not a day goes by that the carrier's IT department isn't hovering over its internal and external security networks. And it may be hard to keep up with an ever-changing technology landscape, but even those who choose to keep mainframe and legacy systems in place to do what they do best are challenged with having to layer front-end systems that enable faster renewals or seamless claims processing.
Blaming business line users for bypassing the IT department seems reasonable, until you consider another important fact pointed out in the Aberdeen study: Technology and service providers are also reaching past the CIO to engage directly with business line managers, using low-cost or free trials as entry levels to give them what they think they need.
"IT organizations that are not tightly aligned with their business partners ... are frequently blindsided by the impact of technology-driven disruptions, organizational pressure, regulatory mandates, user self-determination, and strategic shifts both within the organization and across the marketplace."
Let me see if I've got this straight: When business line managers and technology vendors work together to bypass IT, the IT department is to blame?
And who's accountable for those systems-the ones the business line users thought they needed and the business line managers decided to purchase-when they fail?
Perhaps this is simply a case of the cart before the horse. Did the business line manager formulate a technology game plan for his own department in a silo? Did he do so because the IT department was unresponsive or too busy to collectively strategize? Was it a case of IT blatantly disregarding business objectives? Was there no IT governance in place to help channel, facilitate or establish a formal approach to assess requirements and establish a proven purchasing policy? Where is upper management when these scenarios take place?
Maybe the focus should not be on putting the onus on one side or the other. Maybe the focus should be on a mandate-developed jointly by the CEO and CIO-that requires both parties to share equally in the strategic planning and assessment that needs to take place before a major technology purchase or implementation.
And maybe I'm naïve, but doesn't it sound like a good idea for those same two parties to share equally in the success or failure of those systems? If forced to make the marriage work, maybe the organization will suffer less failure, waste and heartache. There's no maybe about this: Participation by both sides of the business to establish IT directives from agreed upon business objectives benefits all parties.
