Page 1


October 07 | Rs.50 THE CTO FORUM

A 9.9 Media Publication

Technology for Growth and Governance


HOW CIOs IN INDIA are enabling global businesess with their efforts, strategies and vision. p12 volume 05 | Issue 04






the cto forum


Changing the Rules of Engagement


n my opening contact with all you friends, I want to keep my views simple, straight and direct. And this is about changing the rules of engagement. Some of the friends in CIO fraternity have known The CTO Forum for over a decade. A lot others got on to this notable journey at various stages of its lifecycle, and the family continues to grow even today. But somewhere in this geniality, the continuity of engagement and efficiency of communication has taken a back seat. Although we have many direct channels to connect, the bonding seems to be far from existent. It concerns me. But at the same time, it doesn’t dissuade me from pledging a fresh attempt to create this connect. Strongly hit by the economic slowdown, some of our core competitors have decided to drop the frequency at which they reached you in the past. Many of them have become marginal players, and may soon go out of your radar. We not only continue to reach you at the same frequency, fortnight after fortnight, but also will resurrect in a new avatar shortly. I would like to create a two-way street on which we meet, talk, discuss, and brainstorm often. These dialogues should result into practical knowledge, which should help the peers in the industry. If many of us can do it on social networking sites like Twitter, n

LinkedIn, and Face Book, why can’t we do it here! Like Benjamin Franklin once said: “People will accept your ideas much more readily if you tell them.” This age is of sharing ideas and learning from others who share it. Keeping them close to you might endanger the idea itself. In my quest to redefine these rules of engagement, I have no inhibition in asking for your unequivocal support. It will just make things work better...

Rahul Neel Mani

07 october 2009 | the cto forum |


i believe

parvinder singh

Playing for change parvinder singh, corporate vp, head


- it services, max new york life insurance

ransformation is the ‘buzzword’ that a CIO should be thinking all the time, while on the job. Information Technology (IT) is a defining force affecting all aspects of society well into the 21st century - changing every institution, every business, and every individual in many ways. Technology has changed dramatically in the past few years. We shall anticipate even more rapid changes in the future - transformations that impact the way organisations work today. Lately I have been thinking what transformational role I should be playing to bring noticeable changes into the IT service. The changes that can help the organisation grow further. And I firmly believe that we have to work on three most important levers as listed below: a)Cost saving b)Business productivity c)Efficiency In my own way and within my current role, I checked


| the cto forum | 07 october 2009

internally and started working on identifying the projects which will deliver the above three aspects. Max New York Life has diligently picked up areas like exploring open source software platforms, server consolidation and SSL VPN, which will not only bring efficiency in the systems, but also deliver tremendous cost advantages. All of the projects which we had picked up in late 2007 and early 2008 are paying rich dividends, and are really helping us meet the above mentioned three objectives. To elaborate a little bit, in the open source software space, we have picked up open office as the platform for all our low-end users. With dedicated support available round the clock, we have saved huge amount of costs in terms of software licenses. So far we have deployed more the 4,000 open office versions on the business machines. The beauty of it is that business has accepted this change very amicably. Another initiative which helped us achieve the objectives was mail server consolidation. Earlier we had a distributed mail architecture, which required one mail server at each branch, and also required dedicated technical resource to manage it at branch level. However, we took a call to go for one single server for email requirements for the entire company, which has helped us in saving huge amount of money with respect to servers and licenses, besides reducing the resource requirement to manage server operations. Microsoft Active Directory consolidation was yet another initiative, where we have consolidated all branchlevel servers on to one single server at the Head Office, which resulted in efficiency of IT service. FMS (Facility Management Service) IT operation was another key bucket to look at as we are supporting our business with outsourced IT support model. There was enough scope of improvement in that area. It was an area which directly or indirectly impacted our end customers. We worked with our FMS partner to ensure that things get into shape and finally result in improving the efficiency by reducing the TAT (Turn Around Time) by proactive actions. Result of this initiative was a great C-SAT score. I am a strong believer that if all IT initiatives can be categorised into above three categories, even top management and business heads will come out in open to support the CIO. I have miles to go before I sleep. There are still so many areas which keep me awake at nights. One of those areas is ‘production support’ during the month end exercise. Generally, we get business volumes spike in last two or three days of the month and supporting that sometimes is bit challenging.n



07.10.2009 cover story


How CIos In IndIa are enabling global businesses with their efforts, strategies and vision global ambitions tend to fuel protectionist sentiment towards one ’ s own technology and people , but a divergent view on it and cultural differences could spell trouble for companies .

i believe

Playing for change 4

parvinder singh corporate vp , head - it services , max new york life insurance

q &a

Virtual reality 10

v c gopalratnam vice president (it) and chief innovation officer , cisco , india

view point

Who is driving your car? 40


c . n . ram co - founder & director rural shores business services

| the cto forum | 07 october 2009

next horizons

An open memo to the CEO On why there is a need for an annual report on technology ............................................................................. 20

best of breed

Is the real McCoy still in hiding? It still remains to be seen if a successful CIO is a business strategist in charge of IT or an IT practitioner who understands the nuances of business .......................................................22

tech for governance

Emperor's new clothes RoI on information security is a concept accepted by the majority despite the evidence of their eyes................................................ 32 cover design : p c anoop

regulars Editorial ........................................................................03 Sounding Board ...........................................................07 Enterprise Round-Up ....................................................08


your comments

Volume 5Issue 04 07 october 2009 Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Kanak Ghosh Publishing Director: Anuradha Das Mathur editorial

Editor: Rahul Neel Mani Assistant Editor: Ashwani Mishra Consulting Editor: Shubhendu Parth Copy Editor and Sr. Correspondent: Maneka Tanwani Sr . Correspondent: Charu Khera, Jatinder Singh design

Creative Head: Kabir Malkani Art Director: Rohit A Chandwaskar Chief Designer: Abraham K John Illustrators: Shrikrishna Patkar, Chaitanya Surpur Photographer: Jiten Gandhi advisory Panel

Ajay Kumar Dhir, CIO, Jindal Stainless Anil Garg, CIO, Dabur David Briskman, CIO, Ranbaxy Mani Mulki, VP-IS, Godrej Industries Manish Gupta, Executive Director and CIO, India Foods & Beverages, PepsiCo Raghu Raman, CEO, MSSG S R Mallela, Former CTO, AFL Santrupt Misra, Director, Aditya Birla Group Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay Vijay Mehra, Group CIO, Essar Group

Keep up the good work

sounding board

Dear Editor, The editorial content covered in the issues of the magazine are very relevant and link to crucial issues that IT personnel face in their everyday routine. Keeep up the good work and best of luck for the future.

Regards, K B Singh Head IT, BSES Rajdhani Power Ltd

Security is the key Dear Editor, I never miss reading The CTO Forum magazine. The best part of the magazine is the Information Security section. In my opinion, it is the most critical and challenging part for a CIO and management today. I get very good insights about the happenings in this area by reading various articles on the topic. Regards, Sandeep Kothari

advertisers’ index Avaya . . . . . . . . . . . . . . . . . . . . . IFC, 1 IBM . . . . . . . . . . . Reverse Gate fold SAS . . . . . . . . . . . . . . . . . . . . . . . . . . 5 HP . . . . . . . . . . . . . . . . . . . . . . . . . . BC SIFY . . . . . . . . . . . . . . . . . . . . . . . IBC

Head-IT (AGM) The Bombay Store

sales & marketing

Production & logistics

Sr . GM . Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh office address Nine Dot Nine Interactive Pvt Ltd., KPT House, Plot 41/13, Sector 30, Vashi Navi Mumbai - 400 703 Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd. C/O KPT House, Plot 41/13, Sector 30, Vashi. (Near Sanpada Railway Station), Navi Mumbai 400703

Editor: Rahul Neel Mani C/O KPT House, Plot 41/13, Sector 30, Vashi, (Near Sanpada Railway Station), Navi Mumbai 400703 Printed at Silverpoint Press Pvt. Ltd, D-107, TTC Industrial Area Shrivane Post, Nerul, Navi Mumbai 400706 n

your feedback

VP Sales & Marketing: Naveen Chand Singh National Manager-Events and Special Projects: Mahantesh Godi (09880436623) Product Manager – Rachit Kinger Asst . Brand Manager: Arpita Ganguli Co-ordinator-MIS & Scheduling: Aatish Mohite Bangalore & Chennai: Sanjay Bhan (09341829285) Delhi: Pranav Saran (09312685289) Kolkata: Jayanta Bhattacharya (09331829284) Mumbai: Arvind Ambo (09819904050)

07 october 2009 | cto forum |


enterprise round-up

technology and business

cisco to purchase tandberg for $3 billion


o further strengthen its position in the $34-billion market for remote business collaboration tools, Cisco Systems plans to buy Tandberg, a Norwegian videoconferencing company for $3 billion. The acquisition is the largest since the US network equipment maker’s $3.2 billion cash purchase of online collaboration company WebEx in 2007 , and is set to round out its portfolio of video, messaging and other collaboration tools. Tandberg reported revenue of $809 million in 2008. It had a 40 percent share of the global videoconferencing market in the second quarter this year, according to Wainhouse Research. Cisco said it expects the deal to close in the first half of calendar year 2010.

top 25pc bPo providers to vanish in 2012: Gartner


ne-quarter of the top business process outsourcing (BPO) operatives will not exist as separate entities by 2012, according to Gartner. Gartner said that market exit, acquisitions, and the ascent of new vendors will rearrange the BPO provider landscape in the coming years, and enterprises should look for warning signs when evaluating BPO vendors to mitigate risk. “As providers are exposed to the economic crisis, loss-making contracts, and an inability to adapt to standardised delivery models, many will struggle to survive in their current form,” said Robert H Brown, Research Vice President, Gartner. “Some will be acquired and some will exit the market completely to be replaced by dynamic new players delivering BPO as automated, utility services.” A number of factors have left many BPO providers perilously vulnerable to acquisition, to disruption by innovative competitors or to going out of business, Gartner says. Chief amongst these factors are the number of unprofitable contracts that many BPO suppliers have signed in order to remain competitive, and a failure to grow their business, whether through a lack of financing or from operational inadequacies. n

L&t Infotech and Infineon sign SAP contract


nfineon Technologies, one of the leading German semiconductor manufacturers signed a multi-year, multi-million dollar contract with Larsen & Toubro Infotech (L&T Infotech). “Our sourcing strategy combines internal and external staffing as well as on-site and off-shore provision of services for the best fit of Infineon. This engagement with L&T Infotech provides a cornerstone of our sourcing strategy and another important step on our path to constantly optimise our TCO (Total Cost of Ownership),” said Michael Schmelmer, Chief Information Officer, Infineon Technologies. L&T Infotech will operate, maintain and develop SAP solutions within Infineon’s enterprise landscape and provide these services out of Germany, Singapore and India. “We will help Infineon optimise their operations to achieve their business objectives of meeting the three central needs of the modern society – energy efficiency, communications and security,” said Sudip Banerjee, Chief Executive Officer, L&T Infotech. n


| the cto forum | 07 october 2009

tcS bags AP SWAN Project


ata Consultancy Services (TCS) bagged India’s largest state-wide area network (SWAN) project from the government of Andhra Pradesh. This project is for five years and has its base on a build, own, operate and transfer (BOOT) model. The proposed SWAN project would empower the Andhra government to operate numerous e-governance projects and citizen services. TCS has mentioned that the project will be launched within a year and it will be doing the maintenance for a period of five years. The project envisages connecting state headquarters with 1,088 subdivisions and 23 district headquarters. The project, once customised, will provide the state government to use video-conferencing facility across the government offices. They will also be able to use VoIP for communication and conferencing.” n

Aircel signs tower sharing agreement with bSNL


ircel, a part of Maxis Communications Berhad, Malaysia and India’s fifth largest GSM mobile service provider became the first operator to sign a passive infrastructure sharing agreement with Bharat Sanchar Nigam Limited (BSNL). Aircel , which currently has approximately 32,000 base stations, will now have access to approximately 45,000 BSNL towers across all its circles. It has a subscriber base of over 24 million. A significant portion of BSNL’s sites are electrified. Sharing these towers that cover 96 percent of all districts across the country will help Aircel expand its footprint and gain time to market. “Aircel will now have access to strategically located sites across BSNL’s 21 circles (excluding Mumbai & Delhi). Leveraging BSNL’s passive infrastructure will help Aircel meet its aggressive network roll out plans in addition to reducing operational cost,” said Gurdeep Singh, COO, Aircel. n


technology and business


racle India has launched the Oracle Database Security and Compliance Solution. The solution will help banks in India to address risks in the area of data security, as identified by the Department of Banking Supervision (DBS), Reserve Bank of India (RBI). The Oracle Database Security and Compliance Solution aims to enable banks to meet the compliance guidelines in a timely manner, with less administrative and IT integration expenditure. It will also help banks reduce the number of exceptions for non-compliance, a common occurrence during IT audit processes. Oracle said private, public and most of the nationalised banks (including co-operative banks) can deploy this solution to help them implement preventive, detective and corrective controls in database management. In addition, the solution will monitor activities of the users and provide a strong preventive mechanism to deter unauthorised access. The solution enforces security at the database level, checking all users and bank applications that access the database. These include a wide range of systems such as core banking, corporate banking, credit cards, loan management, call centre technology, treasury management, asset management, systems and servers, network and storage.n

Ncr to set up 3,800 Atms for SbI


eading technology player NCR Corporation headquartered in Duluth, Georgia (US) has secured order to set up 3,800 ATMs for State Bank of India (SBI). The company had also been awarded a seven-year services contract from the bank, according to a press release. SBI has more than 15,000 ATMs deployed across the county, out of which NCR has set up 10,000, making it the bank with highest ATM penetration in India. Under the agreement, NCR will undertake ATM deployment, site implementation services, second line maintenance and managed services for the government lender, the release said. The order also includes ATMs equipped with Digital Video Surveillance Systems to counter frauds.n

Ibm Lotus adds social networking features


BM announced an expanded set of social software tools and capabilities for enterprise collaboration that brings popular features like micro-blogging from the home into the business environment. Leading companies such as NEC Electronics (Europe) and Sogeti are among the early adopters of IBM’s collaboration platform, Lotus Connections 2.5. “With Lotus Connections, we have merged document sharing and social networking capabilities to create a comprehensive collaboration platform for businesses,” said Karthik Padmanabhan, Country Manager, Lotus, Software Group, IBM India/South Asia. The 2.5 version of Lotus Connections, which was first introduced in 2007, also adds a wiki service and expands mobile capabilities with support for Apple’s iPhone and Nokia S60 devices. The support provides micro-browser access from those devices to Lotus Connections Profiles, Activities and Blog services. n n

edwards chooses Patni to provide global enterprise It support


dwards, a global supplier of integrated solutions for the manufacture of semiconductors, flat panel displays, LEDs and solar cells and a leader in vacuum technology for industrial, scientific, process and R&D applications, selected Patni Computer Systems to become a global IT services partner. As part of the deal, Patni has already completed a finance process migration and is currently working with Edwards to provide ongoing IT & BPO services. Edwards will also work with Patni on IT migration projects and other BPO opportunities. In addition, Patni will deliver skills and knowledge in developing and moving complex processes as Edwards reorganises its business operations globally. According to a press release, Patni would enable Edwards to enhance the effectiveness of its SAP investment particularly in areas such as CRM, BW, APO and BPC; and to manage complex business data. “Many global businesses are attracted to the idea of outsourcing IT services to benefit from the considerable efficiency gains that are possible, and Edwards is no different in that respect. Where we go further is integrating our IT services partner into the business to provide additional value by tapping into Patni’s vast experience and knowledge as a premium IT services provider,” said Anil Patel, IT Director, Edwards. n

07 october 2009 | the cto forum |


enterprise round-up

oracle India launches new security & compliance soln

a question of answers

v c gopalratnam

Virtual reality by 2012 , cisco plans to migrate all its applications on a virtualised platform , an

unprecedented move in the industry . v c gopalratnam , vice president ( it ) and chief

innovation officer , cisco , india speaks to the cto forum on cisco ’ s strategy and the challenges expected in the transformation . excerpts : by ashwani mishra


| the cto forum | 07 october 2009


v c gopalratnam

The challenges for CIOs across the globe in the present economic scenario are similar. While the IT budgets of most companies have been kept flat or pruned, the onus of delivering more capabilities at lower costs still rests with their technology team. At Cisco, IT has been looked more as a strategy for business growth. Therefore, the contribution of IT is more relevant for the business and has benefiting impact across the organisation. We have embarked on four major transformations that include globalisation of business, virtualisation, collaboration and mobility to deliver value for our customers as well as ourselves. As the workforce diversifies and becomes global in nature, IT has to diversify as well. To meet the needs of our diversified workforce, we have built centres of expertise which are cost-effective and efficient. Our assets lie in our hardware, software and people who work with us. We globally wanted to optimise these assets, and that is where virtualisation came into play. Our entire game plan in the datacentre space is hinged on virtualising the entire technology stack at the server level, besides delivering a Service Oriented Architecture (SOA) for all our applications. Collaboration has also been one of our key strengths, and we use our teleservices solutions or WebEx capabilities to serve this purpose. We have deployed a wide range of communication and collaboration solutions that include telepresence (it creates a live, face-to-face meeting over the network empowering employees to interact with their colleagues, across the globe), network enhanced workspace (equipped with Wi-Fi and LAN connections, video conferencing etc.) and virtual office space, which allow employees to work from home. Mobility, on the other hand, addresses the needs of the workforce, by supporting them on every communication device and providing then all platforms across the globe. Can you throw more light on how the company has looked at virtualisation and what have been the benefits?

Our virtualisation story is dependent upon several factors. We have a global datacentre program (GDCP)meant to ensure efficiently run our datacentres, and it operates on three critical levels. The first level addresses the capacity shortage within our datacentres. We realised that given the momentum of our business, our datacentres would get utilised to its maximum capacity. To n

address this demand, we needed capabilities to increase this capacity without betting on hardware solutions. The first phase of our datacentre plan was to deliver this incremental capacity to the business. The second part of our plan deals with resilience. This means that we had to create datacentres that are flexible so that they are available to us and our clients. If one has to virtualise the entire stack, it is important that flexibility is built in the infrastructure. The third aspect is to transform the business processes which reside in the datacentre environment, be it a configuration management service or an order management service. It is necessary to have flexible processes so that applications are faster and ready for web services such as SOA. Today, we have virtualised around 30 to 40 percent of our hardware, and we would migrate all of our applications in a virtualised environment within next 18-24 months. What are the challenges that you face in managing the IT infrastructure?

As mentioned earlier, we are in the process of virtualisation at multiple levels, and this is a difficult task for any organisation. I do not think that any organisation has virtualised its entire technology stack. Another challenge is to know people who occupy our network, their role and identity, the assets they would need and the services they would leverage. So, ensuring security and compliance is high on our agenda. Finally, as the IT industry moves towards services management concepts, the challenge would be to calculate the total cost of a service, especially when some services are delivered from within the company while others from third party providers. In the current economic climate do you see CIOs prioritising customer-centric IT projects and if yes, how could they achieve this?

The expectation from IT is to do more with less. CIOs will clearly have to identify their most critical business projects; flag them off and defer the rest. At Cisco, we have selected some IT strategic imperatives which are closely tied to our business. A significant amount of our investments go towards the implementation of these strategic imperatives. This does not mean that we would not focus on other IT activities. What it means is that a majority of our hardware, software and people resources will be aligned with these key initiatives. For example, portfolio optimisation and management has proved to be a key differentiator for us in our migration towards driving costs down and delivering value and growth. n

07 october 2009 | the cto forum |


a question of answers

Being an information technology (IT) services company, you are under constant pressure to increase productivity and decrease costs. How do you get more bangs for your buck?

cover story

it strategy / framework

How CIos In IndIa are enabling global

businesses with their efforts, strategies and vision global ambitions tend to fuel protectionist sentiment towards one ’ s own technology and people , but a divergent view on it and cultural differences could spell trouble for companies


rahul neel mani

imaging: p c anoop


| the cto forum | 07 october 2009


it strategy / framework n

1.1 Bharti-Airtel:

the culture and model approach Airtel, a group company of Bharti Enterprises, is Asia’s leading integrated telecom services provider with operations in India, Sri Lanka, and Jer sey and Guernsey in the UK. Apart from telecom, the group has business interests in financial services, retail, and agri-business as well. The Group CIO and Director Customer Service Jai Menon feels that CIOs - managing global businesses - need to perfect the art of managing cultures and IT model to taste success. “In cases of diversity of operations - geographical diversity or the diversity of the IT operations - a CIO faces two fundamental challenges: one is culture and second is the IT model itself,” says Menon. The biggest impediment posed by dissimilar cultures comes in shape of Business-IT alignment. It becomes the toughest challenge for a CIO to create ‘one culture’ across the organisation. Second area where culture plays a vital role is the Return on IT (RoIT) or the funding model associated with it. “But as CIOs start creating outcome-oriented business models, the cultural boundaries get blurred and the second part also starts becoming simpler,” says Menon.

basics of managing It globally A global CIO has to envision how much of the IT has to be standardised, how much of it should be centralised, and how much of it should run in a distributed-decentralised way. Airtel, in addition to its large footprint across India, has presence in Sri Lanka, and in Jersey and Guernsey

best Practice reference: Issue: Mobile Number Portability (MNP) The MNP issue is just about to hit India. But this has already being rolled out in Airtel’s Jersey and Guernsey operations. Airtel India has made efforts to adopt this as a best practice from the UK. The systems here are all built and kept ready. “We know the entire process that needs to get done. Except for some tweaks that are needed from Indian regulatory perspective, everything else is ready. We’ll migrate the MNP best practice from our Jersey-Guernsey operations and roll it out here,” says Menon. But this has become possible because of the standard architecture. Whatever is built or wherever it is built, if a company has a standard architecture and platform, the practice can be easily be transported to any location.

07 october 2009 | the cto forum |


cover story


hile the aborted $24-billion Bharti-MTN deal has clearly shown India Inc’s voracious appetite for big-ticket mergers and acquisitions, the vigour with which technology integration happen during such consolidations still remains subdued. It is not less than a reverie to create a common information technology (IT) governance strategy and framework beyond boundaries. It is a nightmare to have a standard set of technologies and applications across geographies in order to create a global enterprise. CIOs, entrusted with the task of enabling a global enterprise, have to not only cover the gaps in technologies and processes, but also take stock of the hundreds or thousands of systems, applications, legacy processes and the diverse cultures across geographies. The last few years has seen enormous cross-border deals such as Tata Steel buying out Corus or strategic ones such as Mahindra & Mahindra getting hold of farm equipment companies in the Europe or Apollo Tyres acquiring tyre major Dunlop. The story reads fine until here. But the real challenge for a CIO begins when he is weighed down with the task of creating a vision for a ‘single enterprise’ – machining incongruent systems, heterogeneous environments and diverse work cultures. That’s where the nerve-wrecking starts, and the CIO is pushed to the wall. A few of them succeed in overcoming these crucial times, a lot of them struggle to overcome, and the rest of just give up the ghost. Successful are those who can walk the fine line between developing an overarching technology strategy for the entire company with standard framework of applications which can be used worldwide and respecting the variances that local business leaders need in order to operate effectively. These are CIOs who are adept at managing IT staffs whose members speak multiple languages, work in every time zone, but still follow their own ethos. All of this may or may not include dotted-line or full responsibility of a CIO but mostly it does. This feature describes three distinct and successful cases wherein the CIOs have not only demonstrated the capabilities of overcoming the challenges faced during establishing a global enterprise, but also created ubiquitous supply-chains and single application frameworks and central commands to make IT look simple yet effective. The story also features a couple of international CIOs who, in their current and past capacities, have gone through the rigours of this task and have demonstrated the ability of successfully leading from the front to enable global enterprises.

cover story

it strategy / framework company Snapshot Total locations in India: 23 States/Circles Market Cap: US$ 34.7 billion Overseas Operations: Sri Lanka, Jersey and Guernsey in the UK and Telecom Seychelles Services Offered: Mobile Services, Telemedia Services, Enterprise Services Carriers, Enterprise Services Corporate, and Passive Infrastructure Services.

“It creates a natural demarcation compelling us to run most customer or business information systems from Sri Lanka. But other IT systems like ERP, HR, supply chain and finance are run centrally from India,” says Menon. In case of Jersey and Guernsey in the UK, it is the other end of spectrum. From a regulatory perspective, Airtel has the ability to bring the customer data to India and all IT systems for the UK operations run out of India. It is a perfect case of standardising IT irrespective of locations. Despite the diversity of cultures, vastness of geography and differences in regulatory frameworks, the IT architecture and applications at Airtel are uniform across the world. “We use Oracle for CRM, FX for billing, and the middleware is entirely built on service oriented architecture (SOA) for all the three countries,” discloses Menon emphasising the importance of standards. A CIO should also think of the outsourced fiscal model. This comes with the selection of partners, business sponsorship of the IT projects and building those partnerships on mutually profitable tenets. “We have applied an outsourced model in all the three locations. Whether it is about the S1 partners or the partners behind the S1 partners, there is a similar standardisation process that we have adopted,” he explains.

creating seamless architecture and best practices

“If we don’t run the operations in a seamless manner, we will have IT trees all over which won’t ever come together as a forest” Dr JaI menon, Group CIo, BhartI EntErprIsEs and dIrECtor CustomEr sErvICE aIrtEl

provinces in the UK. These three geographies pose unique challenges in creating an integrated IT model. In India, Airtel runs a 100 percent local model – everything runs out of India. On the other hand, Sri Lanka regulatory requirements disallow the customer information to be transported out of the country.


| the cto forum | 07 october 2009

The CIO plays a crucial role in creating a seamless IT architecture – especially when dealing with mergers and acquisitions. In the year 2003-04, Airtel saw a lot of organic and inorganic growth. In cases of inorganic growth, the role of the CIO was to quickly get rid of legacy and migrate to the ‘corporate standard platform.’ “We had to roll out several such pieces within India and outside. We have built a Migration Centre of Excellence, which helps bring all disparate platforms on corporate standard platform,” adds Menon. When the CIO is dealing with large global operations and vast geographies, the best practices can emerge from anywhere. A CIO should always allow innovations from anywhere as long as they can be brought on to the corporate standard architecture and can be scaled across the global organisation. If a CIO doesn’t have a common standard underlying IT architecture, it is difficult to not only run a global operation, but also to transplant best practices elsewhere. And that’s why a CIO shall always aim at creating a standard framework very rigidly without tweaking. Within that framework you can imbed a lot of freedom and flexibility, which can used to customise IT according to the local or geography-specific needs,” says Menon.

Global governance – tight controls Airtel has created central governance and architecture teams, which look into multi-country operations of the IT. These teams look into the IT architecture including the entire IT blueprint. “If we don’t run it in a seamless


it strategy / framework

1.2 Apollo Tyres: aiming ‘one enterprise’

Nine manufacturing locations across three continents, 46 sales operations in countries outside India and a state-ofthe-art countrywide supply chain is what Apollo is today. It is approximately Rs. 7,000 crore supply chain - enough to make anyone envious. But as a CIO and head of global supply chain of Apollo, Dheeraj Sinha has enough reasons to burn the midnight oil. All his present efforts and future planning is centred on creating ‘one global enterprise’. In case of Apollo Tyres, the biggest stumbling block is the seamlessness of its supply chain and streamlining of demand generation systems worldwide. This could be true for CIOs who have to manage global manufacturing companies. “It is necessary for every CIO to know how the fulfilment is done and how these massive supply chains run across the world,” says Sinha.

connecting the dots Different geographies have different discreet business logics and principles. Three years back Apollo acquired Dunlop in South Africa. And roughly five months back, it acquired the European tyre manufacturer Vredestein Banden BV (VBBV). Above that, there are approximately n

case Study alignment between apollo and Dunlop Having acquired Dunlop, first thing that came for consideration was the renewal of email licenses. Apollo looked at a solution which could be similar across the geographies and decided to roll out a single email solution across Apollo and Dunlop. There were tremendous cost benefits. The whole email messaging system is now managed centrally and Dunlop doesn’t have to deploy people to manage it. As far as Internet portal and a few other business applications were concerned, Apollo extended them to Dunlop and they are working really well as value additions. The Performance Management System, E-HR applications, Procurement Systems, and automation of processes have been made seamless across Apollo and Dunlop now. But this was all based on the principle of business priorities. “A CIO, taking care of a global enterprise, has to be very careful in prioritising the work. We still continue to work on a native ERP, but it has been decided to move on to SAP and the business owners in Dunlop are convinced over this. It was a three year process during which we decided to change the landscape and make it look like ‘one enterprise’ and we are pretty much there,” comments Sinha.

46 countries in which Apollo has sales presence. “We are facing a lot of challenges, as these geographies work on discreet set of platforms today. But we’re trying to unify them on reporting system and further create a set of common IT principles and logics across the geographies. Currently the company is creating the ‘genetic code’ for how a seamless enterprise can be created,” explains Sinha. So far the company has been able to manage only the basic things, which includes reporting and mails. The complex part such as sales, supply chain, procurement etc. is still being worked upon. “The way Dunlop was doing design, R&D, and developing solutions were different from what we used elsewhere. It would have been a challenge if we were not on a single platform. Therefore, we started with the procurement part, and now we are about to finish the roll out across all geographies. From an organisational perspective, while unifying the IT architecture, it is important for a CIO to look at unifying the business per se,” feels Sinha.

Does one size fit all? Sinha is of the opinion that CIOs, specially in the global manufacturing organisations, shouldn’t get knocked down by ‘one-size-fits-all’ syndrome, while creating a global IT infrastructure. “If we look at the supply chain function in the Europe vis-à-vis India, there is a vast difference. The entire Europe is considered ‘one’ when it comes to supply chain. There are single points of stock holding and distribution across the continent. There is a 24-hour guarantee to supply anywhere. In India, it takes 15 days to deliver

07 october 2009 | the cto forum |


cover story

manner, we will have IT trees all over which won’t ever come together as a forest,” says Menon. The company believes in the principle of a standard framework with a lot of freedom within it. “We have done it several times in India; we have done it in Sri Lanka and then Jersey and Guernsey. All of them were very different regulatory frameworks as far as Airtel is concerned, but it took us very little time to roll out the corporate governance model and make them all look similar,” says Menon. It is all about a standard IT architecture, standard applications, standard software platforms and standard partners. And this is done through a GTO (Group Technology Office) chaired by the Group CIO. Airtel manages IT in a centralised environment with a lot of scope for decentralisation. “We have created a model wherein we have primary data centres and hub data centres. Primary ones have their own disaster recovery (DR) and back-up plans separate from the hub data centres. Typically primary data centres have 1+1 DR plan whereas hub DCs have n+1 DR plan. That is being done for both India as well as overseas operations. As far as communications networks are concerned, we have standardised it on one MPLS topology across all locations. Security framework is being standardised on ISO 27001,” explains Menon. The final mantra, as Menon prescribes to overcome the challenges in managing global enterprises is, standardising architecture and IT model and then impose a common culture across the geographies. And that has worked wonders for Airtel – one of the top 10 mobile service providers in the world.

it strategy / framework

cover story

the central IT office where the plans are vetted. The central office wears more of an advisor’s hat and looks at aspects such as cost of ownership and acquisition and the ability of service and deliverability of the IT systems worldwide. As explained by Menon in case of Airtel, Sinha also feels that culture is the most complex piece to manage while building a global organisation. A standards-based technology, Sinha feels, is easier to manage. But most complications creep in an organisation when we, as CIOs, don’t sensitise ourselves with the diverse cultural environments. “A CIO needs to work on cultural differences and more so when there is a requirement of ‘change management’. The first step is to be aware of the people and their work cultures. “If you know what their expectations are, half the battle is already won,” he emphasises. A CIO should first ready the organisation and then introduce the change. CIOs getting into project implementations without understanding the cultural aspects get blatantly rejected. “The ability to understand culture has to be the hallmark of a Global CIO. Otherwise this possibly becomes the biggest show-stopper,” concludes Sinha.

1.3 Ranbaxy Laboratories: build strong governance model

“A CIO needs to work on cultural differences and more so when there is a requirement of ‘change management’. If you know what their expectations are, half the battle is already won” DheeraJ SInha, CIo and GloBal hEad supply ChaIn, apollo tyrEs

it from one part of the country to another. So, one formula across business is not so simple to apply,” feels Sinha. To overcome these stumbling blocks, Apollo has worked upon ‘lowest common denominators and IT principles.’ This nullifies the different business processes, which exist in different geographies. “As a CIO, I think it is important to prioritise the functions and applications which make business sense to bring the global functions on a single platform,” he says.

meeting cultural expectations From Apollo’s perspective, there has been a great amount of standardisation in the networking, communications and information security practices across geographies. “The IT plans are created keeping in mind how the local entity wants to do business, but they come for inputs at


| the cto forum | 07 october 2009

Ranbaxy Laboratories, which has ground presence in 49 countries and serves customers in over 125 countries, has a strong tilt towards globalisation of IT. The company, which has R&D facilities at 10 locations in India and 2 overseas and has close to 22 manufacturing locations in 9 countries, believes in deriving value from global technologies. David Briskman, who has been the CIO of the company for past three and a half years, insists on striking a balance where glocalisation (global solutions-local approach) is going to be advantageous. “I am a strong advocate of deploying global enterprise solutions centrally. My biggest challenge was in the area of core technology in networking. Many applications require tremendous amount of bandwidth and connectivity. And when you run a global data centre with global solutions, you want people to reach it all the time. It is a classic challenge for any CIO and probably the first stumbling block to overcome,” says Briskman. How does a CIO make it all work together is by creating a seamless global enterprise? It needs strong governance model. “In many cases global organisations are actually federated organisations which need a different approach to handle. I don’t think it is possible to be successful as a global CIO in a non-global organisation,” says Briskman.

from local to global In the past three and a half years, Ranbaxy has gone down the globalisation route for as many of its business applications as possible. The IT organisation has also demonstrated the value associated with globalisation. “Ranbaxy today understands the value of globalised IT, and a centrally discharged 24/7 customer support is avail-


it strategy / framework

cover story

ranbaxy factsheet n Operations

in India, Europe, CIS, Africa, AsiaPacific, North America, Sri Lanka & Middle East

n Ranked

amongst the top 10 global generic pharmaceutical companies in the world

n Presence

in 23 of the top 25 pharmaceutical markets of the world

n Global

footprint in 49 countries

n Manufacturing n Serves

facilities in 9 countries

customers in over 125 countries

able to every location in the world to support these applications,” tells Briskman. From the Oracle Vigilance to ERP to accounting – all the applications at Ranbaxy today run on a global platform. “Disparate applications not only create business losses, but also create hindrances in achieving the one-enterprise goal. As a CIO I strongly defend the case of global solutions over local ones. The best way for a CIO to do advocacy of global solutions is to demonstrate the value through delivery,” he says.

handling mergers & acquisitions When it comes to handle mergers and acquisitions, a CIO is one of the first few people who are asked to throw in their hats. Briskman, who has seen a lot in these three years, says the CIO needs to be strategic and pragmatic. “In 80-85 percent of the cases where Ranbaxy made an acquisition it took us really short time to migrate on to the standard global platforms. In 10-15 percent of cases, it didn’t make any business sense to bring them on to the global platform. As a CIO, you should push for a global solution when it is strategically required and allow for local solutions as a pragmatic person,” says Briskman.

common It governance strategy The common IT governance strategy certainly gives a CIO the power to influence global buying decisions and do a better vendor management across the world. While explaining the benefits of central vendor management, Briskman tells that Ranbaxy sits on SAP Life Sciences’ Executive Council. “This is because of our nature of relationship with SAP and how we deal with them on globally. The global presence of our solution providers has always worked to our advantage. Similarly, while dealing with Microsoft, the global agreement is that of a reasonable size, and thus it really gives us a big cost advantage,” says Briskman. When Ranbaxy buys from SAP or any other vendor who specialises in solutions for the Life Sciences and R&D industry, it buys for the entire globe. “A CIO handling a global company shall always strike deals, which are global and not local. This gives tremendous savings and economies of scale,” says Briskman.

“Disparate applications not only create business losses, but also create hindrances in achieving the one-enterprise goal. The best way to do advocacy of global solutions is to demonstrate the value through delivery” DavID brISkman, CIo, ranBaxy laBoratory

of Airtel and Apollo, Briskman has a slightly different view on how to manage cultures across the geographies. According to him, the CIO has to be a great listener if nothing else. “A global CIO should never underestimate the cultural boundaries and language barriers. Even within your own enterprise the culture of R&D versus the culture of finance or the culture of the front-end operations are pretty difficult to match. For any CIO to be successful, they need to be really good listeners,” concludes Briskman.n

Listen before you act While Briskman was no different than other two CIOs n

07 october 2009 | the cto forum |


cover story

atti riazi

Great CIO has to be a mix of Churchill, Mother Teresa and a kamikaze pilot atti riazi , founder and executive director of cio without borders and former global cio of ogilvy and mather worldwide speaks exclusive to the cto forum on the challenges and insights to manage global businesses Enabling a global enterprise is not a small task by any definition. What are the most critical challenges which a CIO faces in running a global enterprise?

I strongly believe that uniform standards are less critical today than they were in the past, as interoperability is more important in today’s environment. There are good number of systems deployed that have a common standard, but are deployed differently in each country and therefore operate as independent systems and environments. It is essential to have common standards around data and integration as opposed to technologies. It is really difficult to develop a technology infrastructure that supports businesses across continents with diverse cultures and business norms. What should a CIO do?

I believe technology mimics business and if business operates as a cottage industry with local P&Ls and strategy, much of its IT infrastructure is likely to reflect this. I don’t believe that company culture dictates standards, as it is the inability of a company to establish a common business strategy for global and local growth. In such structures, local offices focus on developing systems that do not lend themselves to integration, and therefore do not add value to the organisation globally. It is easier said than done to develop a common IT governance strategy that specifies a standard set of technologies and applications to leverage global buying power. What should be a CIO doing in this case?

Again, I strongly feel that standards need to be around data, content and information and not so much around technologies. It will take some time for all markets to migrate off legacy systems, but a middle-tier that integrates to these applications and can deliver reliable, accurate, and timely information for the organisation is essential. Global buying power is critical, but unfortunately many IT providers do not behave as a global company and do not offer deep discounts. Many, in fact, compete with each other in various markets, making it more difficult for CIOs to put together global deals. In addition, some of the smaller markets generally end up paying


| the cto forum | 07 october 2009

more through a global deal compared to the larger markets. Another area of concern is adopting the best practices discovered in one business area and deploying it globally. What are the challenges a CIO faces in doing so?

Best practices sometimes come from the most unexpected places. I think looking at all innovations from small to midsize markets as well as new mergers and acquisitions can help a CIO find new and innovative ways that can be applied globally. Key to deploying anything globally requires building relationships and gaining consensus across markets. Managing or rather navigating organisational cultures is another big challenge that a CIO faces while handling global IT operations. How to overcome those?

Great CIOs have to be somewhere between Churchill, Mother Teresa and a kamikaze pilot. Managing cultures is one of the many issues they must tackle to be able to deliver transformation through the deployment of technology. I think the basic premise is to be open to ideas, embrace differences and be adaptable. Getting buy-in and support around big ideas requires a good deal of dialogue, debate and buy-in when working globally. I believe the toughest challenge far and away is change management during application deployment. This trumps all other challenges. Another big issue is managing locations spread across continents without over-decentralising IT. How should a CIO manage to get a uniform view of global IT and still keep it within control?

We are seeing a great deal of datacentre consolidation across all markets. Most markets with to inexpensive bandwidth or shutting down data centres, moving their applications to virtual centres and the cloud. This will help to ensure security, reliability and standardisation while reducing the organisation’s carbon footprint and computing costs. Consistent standards around information security are of course critical and essential. And getting buy-in around this issue is certainly easier than around other issues. n


ronald m pitters

in an exclusive interview with the cto forum , ronald m . pitters , egm and group cio of commercial bank group of qatar elaborates how to overcome technology and cultural challenges while building a strong it infrastructure for a global business Enabling a global enterprise is not a small task by any definition. What are the most critical challenges which a CIO faces in running a global enterprise?

The overarching challenges for a CIO are - communication and discipline. The micro-challenge is providing the organisation with a ‘fit-for-purpose’ IT framework that aligns with business needs. A global organisation needs to consistently communicate the criticality of uniform IT framework and how it is defined and executed within the organisational fabric to the business. Discipline is required to keep its uniformity aligned and practiced across the global enterprise. Many global organisations will embed uniform framework across its IT landscape, but fail to maintain a degree of success or business effectiveness due to a lack of discipline. Last, it is critical for an IT organisation to execute a framework that focuses on delivering fit-for-purpose standards and practices and generate global business results. It is really difficult to develop a technology infrastructure that supports businesses across continents with diverse cultures and business norms. What should a CIO do?

It is critical for global infrastructure strategy to align with global business operations model. As we know, some businesses operate global hubs with a focus on centralisation, while others run decentralised supply chains – it is paramount that the CIO establishes an infrastructure architecture that supports the business and future-proofs the operations model. Another area of concern is adopting the best practices discovered in one business area and deploying it throughout the world. What are the challenges a CIO can face in doing so?

A common challenge is that seeding a best practice into other areas of the business often become politicised, making it difficult to embrace a collaborative change. Second, though in theory, best practices can drive localised results, it is important to face the challenges of addressing impact and required optimisation – dynamics of best practices need to be constantly aligned with operating factors n

and business needs. Managing cultures is another big challenge that a CIO faces while handling global IT operations? How to overcome those?

I would say that managing cultures has become much less of an issue. Globalisation, outsourcing and best-shoring have all helped diverse our IT operations. An IT organisation needs to adopt an operations culture, aligned with corporate culture that can provide guidance in delivering strategy and results. The CIO needs to lead with an understanding of the key business directives (global and local) and the IT roadmaps that help deliver business results. Technologically, what are the most compelling challenges that a CIO may confront while handling the issues such as networking, global supply chains and application delivery etc? And how should a CIO handle those?

The challenge is to ensure that service delivery is effectively implemented and continues to deliver against business requirements. Technology and operational change will always need to be embraced and transformed into a sustainable operational model that is a compelling business case and enhances the client experience. In addition, having leadership and organisational skills is critical to handling the run, change and re-invent issues across abroad spectrum of service silos. Another big issue is managing locations spread across continents without over-decentralising IT. How should a CIO manage to get a uniform view of global IT and still keep it within control?

Diversity and the gravity of decentralisation will always be a challenge in managing a global IT operation. In some cases, a decentralised operating model best serves the business. More importantly, it is critical that the business become aligned to partners in understanding the business impact of effective IT controls. The CIO needs to register the overarching strategy and move the IT organisation towards the desired operating model and operating results. n

07 october 2009 | the cto forum |


cover story

Service delivery should be effectively implemented

next horizons

bridging business - it gap

at a glance

imaging: shrikrishna patkar

An open memo to the CEO on why there is a need for an annual report on technology

n driek desmet & tor mesoy


lthough most companies realise that business units and the technology organisation must be much more integrated, many don’t know how to make this happen. Leaders of business units sometimes have only a vague sense of technology’s value, while technology executives often fail to address issues in terms that business people find meaningful. In an imaginary memo to a CEO, a chief technology officer proposes a solution: an annual report for technology, analogous to the annual report for investors and the broader market. This document would supply a candid overview of the company’s ability to create business value from technology, substantiate that analysis with hard metrics, share perspectives on technology use, celebrate achievements, and articulate visions and plans for the future. The memo addressed to the CEO from the CIO with a subject line on annual report for technology would be something on the following lines: At last week’s executive committee meeting, you made the point that our company’s business units and technology organisation need to be much more in tune with each other. In this memo, I’d like to explain how we could take a joint step toward making that happen. No one doubts that our company’s success depends on solid technology support. But everyone also believes that


| the cto forum | 07 october 2009

we can do a lot more to make technology serve the business units—for example, by deepening our insights into what customers need, integrating channels, speeding the delivery of services, and accelerating new-product development. We struggle to realise this potential. The basic problem is a lack of shared understanding. Our business unit leaders have only a vague sense of the value the technology organisation delivers: they just see bits and pieces and don’t seem to grasp the interdependencies. It’s understandable that they get upset when things go wrong, but it’s less understandable that they hesitate to invest time and energy to sponsor solutions. Our technology leaders, for their part, often fail to address issues in ways that businesspeople find meaningful and therefore lack credibility when they try to explain IT’s value to the business. I’ve thought hard about how we could make more progress toward our goals. While I don’t claim to have the entire solution, I do have an idea that may bring us a big step closer. But in order for this solution to be successful, I will need your support and co-sponsorship. The idea is quite simple: you and I would jointly issue an annual report for technology — something analogous to the annual report for investors and the broader market. This document would not only provide a candid overview of


bridging business - it gap D. Plans to use technology in new ways

A. ceo–cto introduction

While our technology capabilities have come a long way, we know that we have only begun to develop the ability to support a streamlined, customer-centric company. This section would quantitatively discuss the improvements (or deterioration) in our enterprise technology capabilities over the past year, highlight technology’s progress in helping the company differentiate itself from competitors, and note where we need to improve. The featured initiatives could include our experimental customer co-creation centre and our trial technology rotation programme, in which technology specialists spend time in groups serving high-value market segments to speed up the development of new offerings.

This opening section, framed as a letter-style executive summary, would introduce the idea behind the annual report for technology and the business rationale for issuing it: namely, to tell key stakeholders about technology’s performance over the past fiscal year, describe technology’s explicit contribution to meeting core business objectives, and explain the implicit value of the technology portfolio, along with our vision for the year ahead.

b. Supporting organisational agility Technology underpins nearly every business process today, yet the connections aren’t always visible on the surface. This second section would provide stakeholders with a sort of anatomical chart of technology—a graphical representation illustrating where and how our company is using technology to support improvements and make us more agile.

c. Aligning technology with business strategy We know how easy it is for the interests of business and technology to diverge unless they are linked correctly, with effective metrics. In this third section, we would use numbers and stories to share our ideas about how technology creates value. The following examples might help put our performancemeasurement programme in context. Example 1: The operational-improvement programme the board approved at the start of the fiscal year incorporated superior responsiveness and superior decision making into the core of the company’s strategic mission. To clarify technology’s role in supporting it, technology partnered with lean-team colleagues across the business units to identify critical success factors and suitable metrics. Example 2: The 2008 annual report set several goals for increasing sales, speeding up time-tomarket, and reducing costs. The following chart illustrates technology’s role in supporting those business goals. Such hard performance metrics are important, but you and I know that stories often put facts in context and can make a message more memorable. Therefore, we might consider including one or two sidebars about customers and employees. n

This section, outlining the strategic reach of our technology programme for the coming year, would focus on the two business principles you emphasised at our annual shareholder meeting: customer centricity and operational simplicity. To remain realistic and on track, we will ground our promises in a performance-measurement framework similar to the one described earlier. The intent, as always, is to establish the connection between our corporate vision and technologyenabled execution.

e. technology capability statement

f. technology capability balance sheet This section would offer a quantitative market valuation of our total technology portfolio, including tangible assets (such as hardware, data centre facilities, and other physical properties), as well as key intangible assets (for instance, patents and signature R&D). The intent is to demonstrate not only the shareholder value embedded in our technology portfolio, but also its return on investment and performance on other core financial metrics. In this way, the company can hold technology’s long-run performance to the same high standards the rest of our business is required to meet. Complementing the numbers, you and I will jointly provide an interpretation of them and share our perspective on how to raise the bar in the coming year. Examples and anecdotes will make the numbers come alive in the minds of the company’s executives. The annual report for technology will help the executive team to see the big technology picture, improve communication and collaboration between the leaders of the business units and the technology organisation, and allow the company to realise much greater value from technology. It will provide a new framework for more effective operations and, ultimately, better growth prospects. I’m eager to start on the report. Let’s discuss the idea soon.n About the authors Driek Desmet ( is a director in McKinsey’s Amsterdam office, and Tor Mesoy ( is a principal in the Oslo office.

07 october 2009 | the cto forum |


next horizons

our ability to extract business value from technology but also substantiate that analysis with hard metrics. We would share perspectives on the challenges of technology, convey our ideas about its role in our company, celebrate achievements, and articulate our plans and visions for the future. To show that we are serious about bridging the gap between technology and the business units and to discourage people from seeing the report as an attempt by IT to plead its own case, it’s important that you and I issue the report jointly. Here’s how we could structure it.

best of breed

thinking beyond

Is the real McCoy still in hiding? it still remains to be seen if a successful cio is a business strategist in charge of it or an it practitioner who understands the nuances of business n chris curran


was recently reminded of a presentation I attended earlier this year in which the new CIO of a Fortune 500 organisation described some of the challenges she saw in her new role. She described her background working her way up in a business unit, finally reaching the general manager position. During this stint, she described many of the challenges she encountered working with IT and how she was now well-


positioned to address many of those issues. All of the great business-oriented discussion from the CIO was overshadowed by her constant reference of an IT organisation as ‘them,’ even after almost two years in the post. I’m sure that her leadership experience in the business convinced the executive suite that she was wellsuited to join them. But, I wonder if it is enough to lead an IT organisation, especially a large and complex one,

cIo with business experience only

cIo with It experience

Strategic Use of IT

Business context, market needs, customers, partners

What’s possible with technology

Business Alignment

Business measurements, objectives, motivations

How to link business needs with technology


Business cycles, prioritisation of business capabilities, budgeting

Dependency management, resources, knowledge of what is realistic, systems architecture


End-user perspective, business tradeoffs, training needs

Program and project management, costschedule-scope tradeoffs,

Operations & Management

End-user perspective

Vendor management, technology components, IT team building


| the cto forum | 07 october 2009


thinking beyond

business or It background? Can a CIO be truly successful in both leading his or her organisation in the use of IT and leading the IT organisation required to make it all happen without any experience working in the IT function itself? Some elements that each type of person would bring to a CIO position include: I would argue that if the CIO participates as a full member of the executive team, then the business perspective is represented by all of the functional and business heads and the CIO brings the unique IT perspective. If an executive team has a CIO with only strong business perspective, it is incomplete.

the cIo skill-set priorities This question is obviously more complex than just looking at a CIO candidate and his/her IT experience. A broader set of skills and experiences should be considered, such as: n Leadership abilities; n Hands-on technology background; n Experience in leading large change programs; n Experience in running successful IT infrastructure operations; n Management experience in a non-IT function; n Ability to apply innovative thinking to solve relevant industry and business issues; and n Ability to understand how projects and operations impact corporate financials. Along with IT project failure rates, the average time a CIO stays with a company is one of the most often quoted metrics in technology business. Recent studies cite that 1 in 4 CIOs are fired for poor performance (, March 11, 2009) and CIOs have an average tenure of 4.4 years (, November 11, 2007). These don’t seem to bode well for the CIO. Why is the tenure so short? And, is this seemingly short tenure really a bad thing? While certainly not scientific, I’ve been trying to find similarities and differences in the CIOs I work with as they enter a new job and navigate the waters of the enterprise. n

By personally observing 30-plus CIOs over the last 10 years or so and adding to this the observations of my Diamond partners, I have developed a perspective that tries to match the core skill set of a CIO with the point in a company’s developmental lifecycle. I believe that these matches (or mismatches) can lend some insight into the reasons that CIOs do or don’t last in their role. There are several views of the types of CIOs (, December 4, 2007) and I have my own version: Strategist – very strong CXO collaborator who brings innovative, often disruptive thinking to an enterprise, visual communicator, conceptual and is frustrated with detailed planning Transformer – comfortable directing large portfolios of projects, both strategic and tactical; great team builder and communicator; develops and understand business cases Value Manager – comfortable optimising IT processes and platforms; very good sense for IT efficiency and effectiveness; effectively understands and applies benchmarks and frameworks such as CMMi and ITIL When a new CIO enters, it is interesting to look at where the enterprise is in its developmental lifecycle. I define the developmental lifecycle as having three simple stages: Evaluation – assessing its business design in light of competitive pressures, cost challenges, or M&A opportunities; Change – planning and implementation of a new business design; and Stabilisation – operating the new business design and measuring its actual versus desired impact. Obviously, there is a strong correlation between the CIO types and enterprise lifecycle stages (funny how that works). So, my proposal is this: A CIO will be most successful when his or her skill “type” matches the developmental stage of the enterprise. Assuming you have a good skill match as a new CIO, the next question is what happens when the enterprise shifts into the next stage. One of three cases exists: The CIO combines good relationships and a strong IT leadership team to handle the different IT leadership needs. The CIO doesn’t have what it takes to manage the trans-

07 october 2009 | the cto forum |


best of breed

without any relevant IT experience. Can you get the right perspective?

best of breed

thinking beyond formation and leaves or asked to leave as the effort stalls. The CIO is “bored” with the changing role and eventually leaves. Before you dismiss the “bored CIO” as a ridiculous scenario because it doesn’t fit you or your colleagues, take my word that they do exist. In fact, they are some of the most effective and creative CIOs out there. Consider one CIO I am working with now who is a strategist. Over the last five years, she has had three CIO positions in different companies. Her style is intense and creative. She sees her role as a disruptor, and she seeks to turn the enterprise on its head to get real transformational value from IT. Along the way, unfortunately, her style can create relationship challenges, and she tends to leave. I would say that in the end, she puts firms on a better path then when she got there. In fact, she is to the point where she considers herself more of a contractor than an employee. This model may not fit you but it does exist. From a career management perspective, it may be eye opening for you to think about what kind of core skill you have—strategist, transformer or value manager. I’m not saying that you don’t have or can’t have some of the other two, but one is likely dominant.

the cIo role: one of influence or control? As part of a recent “IT failures town hall meeting,” I had the chance to interact with a few CIOs and other experts in IT management and leadership and discuss challenges facing the CIO in successfully delivering value. The focus of our discussion was on the CIO’s role in project success or failure. This is a rich topic and went in several different directions, including CIO tenure, how to recover as a CIO after a failure and how a project manager or team member could influence a passive CIO. The angle I’d like to explore a little more is how much of the CIO’s job is to influence desired outcomes versus personally taking control of troubled (or all major) initiatives. Two of the factors at play are: n CIO style, skills and personality n Organisation size and structure

cIo style, skills and personality In the town hall discussion and in my article on “CIO tenure,” I discussed my theory (that’s all it is) as to why some CIOs just don’t fit into their organisations. There can be a major disconnect if the CIO’s instinctive style doesn’t gel with the major work at hand. Using a behavioural assessment like the Kolbe A Index (similar to the Myers Briggs), you can understand situations in which you and your co-workers will be most productive.


| the cto forum | 07 october 2009

When I took this assessment (I’m a 5 3 8 5), it confirmed that I am a multi-tasker and experimenter and don’t need more details beyond the basic facts. A CIO with my characteristics would likely lean more to a broader influence role than one that’s more hands-on.

organisation size and structure Unfortunately, many IT organisations are huge. As a result, the CIOs are separated by several layers from the people and projects doing the real work. In these organisations, is it even possible for the CIO to take an active, hands-on role in leading a critical initiative? Furthermore, are there any expectations in the minds of the CIO’s peers and boss that he or she play such a hands-on role? Based on the organisations with whom I have consulted, it seems like there is a size beyond which the CIO can no longer regularly be hands on. My gut says that this is for companies over the $5 billion to $7 billion revenue mark or so. For these organisations, the CIO must be a master of influence.

how a cIo can influence project success Influence is more of an art than a science, so these practices may seem a bit fluffy. That said, I think there are some practical things that can be done toward achieving them. n Reward Problem Solvers – One mentor of mine would enter the weekly management meeting for a $100 million software overhaul program for a telecom carrier and offer $100 for the best issue. n Increase Transparency – Long and generic status reports make me crazy. Those that highlight the top three management issues and summarise milestones and budgets are better. The data must be current and factual. n Publicise Accountability – Project managers should have the skills and authority to make decisions and the accountability for success and failure. When PMs are accountable and everyone knows it, different and often better behaviours ensue. n Emphasise Right Person for the Right Job – When an organisation takes on a new vendor or a new technology, by definition it has little relevant skills. An influential CIO can emphasise that hiring new staff or a consultant to assist is not just acceptable, but necessary. It goes without saying that the CIO role is one of influence for larger firms and a balance of influence and control for medium and small firms.n The author is Chief Technology Officer, Diamond Management & Technology Consultants


tax analysis

the experience of technology adoption around value added tax shows that the goods and services tax will face more obstacles from the implementation phase alone

n jatinder singh

illustration: chaitanya surpur


ith less than six months to go, the implementation of Goods and Services Tax (GST) is already giving shudders to the CIO community. When the Value Added Tax (VAT) was last implemented, many technology honchos spent rigourous man-hours trying to figure out the new system. This time around they will relive those anxious moments, albeit with newer set of challenges. The challenge in the implementation of VAT was quite daunting, as there was a sea change required in pricing the product and features of ERP system in order to maximise the profit margins or reduce the utilisation losses meted out by the new tax structure. Add to it the complication of different state governments implementing the same scheme at different time frames and at different rates only aggravated the issue further. Come April 2010, the GST will replace multiple state and central levies, and it is expected to consolidate the same into a centre or state GST levy. Being an all inclusive tax, GST will make a substantial impact, both externally and internally. All stakeholders including the staff engaged in marketing, finance, sales, tax and IT will face the challenge. Things are no simple for the IT team either, as they will have to understand every possible aspect of the previous tax regime and retain utmost implementation accuracy in the post-GST era. “It is important for the companies to start off on a broader level by conducting an impact analysis of how introduction of the GST will impact the business level. Ascertaining the preparedness of ERP vendors for carrying changes in the ERP systems is very crucial for any CIO,� suggests Nimish Goel, Manager-tax and regulatory services, PwC.

readiness quotient It is logical, for the IT heads, to analyse whether the existing ERP accounting system are ready to deal with the changes in the tax structure. Also, some of the key strategic areas including the system of invoicing, managing supply chain, input credits, maintaining records, and providing sufficient and accurate information for filing GST returns etc should be well planned before the roll out of the GST. n

07 october 2009 | the cto forum |


best of breed

Preparing for taxing times

best of breed

tax analysis road to GSt: cIo’s to do list n Closely

work with tax consultants to understand post GST effect

n Closely

work with tax consultants to understand post GST effect

n Create

multiple plan of action and systematic verification process for all possible probabilities to derive exact tax benefits

n Set

up a GST roll out team having representatives from key functional departments

n Be

ready to amend and accommodate new GST. As if not done, ERP may stop from getting goods in.

n Stop

issuing invoices with all sales tax, excise, service tax or entry tax with immediate effect after GST implementation

n If

automatic calculations of respective taxes (existing) are done to speed-up the process of invoicing, it needs to be re-organized, should consider the bill / invoice date (i.e.1stApril 2010)

n There

is a possibility of receiving invoices of old dates that means booking them at the earliest dates. Proper authentication, whether it effect loss of credit in any manner and system capability has to be verified.

“Globally over $25 billion gets trapped every year on tax issues, which an optimised supply chain system can save or reduce. The fleet will be more modern and organised and tracked by GPS devices. RFID technology will get foot hold and supply chain visibility will be real-time and not fake,” observes Sanjay Goel, Chairman, GTC Group. On the basis of present information, there can be multiple theories that need simplification. And hence preparing a multiple plan of action under different probabilities certainly adds value for the future action plan. Also, brainstorming among technical and domain experts on the functioning of an emergency notification system can help take precautionary measures in advance. “For every CIO, it does make sense to map the tax structures to the ERP system, and I am sure everyone is doing it. Whatever changes may come, one has to look at the impact it creates. GST is not a very complex deal, however incorrect interpretations may lead to sleepless nights for the IT organization,” elucidates Arun Gupta, Group CIO, K. Raheja Group. More importantly, a CIO needs to discuss with the vendors to understand the role of IT in providing documents and invoices that are relevant within the ambit of GST at the earliest.

caught in ambiguity Nonetheless, even as the CIO might start working out the details of all the steps that needs to be undertaken for the transition, there is still a lot of ambiguity on what exactly would be the provisions of the said act. “General thinking is that processes will be simplified to get the true advantage of a unified tax system. It is still being discussed and debated by the government. Success of ERP implementations will lie in the ability to quickly adapt to the new GST regime as and when it gets announced,” says Thomas Abraham, MD, Sage. In the process of GST implementation, there could be possible hiccups in systems which are connected with taxation. Taxes have major impact on purchases and sales. Most of the big business houses have been operating on huge ERP setups, and they cannot proceed if proper information is not fed in. “There will be many transactions pertaining to previous tax regimes; all those transactions would get affected due to introduction of GST. Order Bookings will be affected, may be due to costing, or ERP and software permissions. Both to and fro deliveries will be affected at large, till clari-

“GST is not a very complex deal, however incorrect interpretations may lead to sleepless nights for the IT organisation” Arun GuptA Group CIo, K raheja Group


| the cto forum | 07 october 2009


tax analysis

best of breed

fication comes and respective amendments happens in the system,” explains Arun Dixit, CEO, Udyog Software. Notably out of 120 countries, where the GST model has been implemented, only Brazil and Canada have dual level GST model, which is now being followed in India. According to Siddharth Mehta, Senior Manager, Indirect Tax, Tax and Regulatory Services KPMG India, existing tax regime in India is very complicated. The dual model will essentially combine both state and central taxes into a single system and considering the quasi-federal structure of our country, it seems to be justifiable in Indian context.

Ironing out the creases At the moment, there are many holes in the GST roll out, and there can be a complete clarity only after the release of final draft guidelines, from the government. GST will simplify the life of software and ERP developers, as they have to handle only one kind of tax. However, it is important to analyse the compliance preparation and short term impact analysis within an organization. During the initial stages, there will be many transactions specially pertaining to tax with old respective rates, which would face the threat of getting affected. And hence an IT manager needs to keep an eagle’s eye on all these developments. Also, to achieve successful transition, introduction of new tax code termed CGST and SGST (central GST and state GST) are required. According to experts, this may be a big structural change, and hence would be required in the ERP to accommodate. It is crucial for an IT manager to amend all open POS (point of sale), to incorporate the new GST rather than VAT or any other criteria. In the absence of auto updater, ERP may stop you from getting goods in. Another important factor to consider is that since all service providers, manufacturers, traders and retailers will have different identification number, which they may require it to change in the course of GST implementation. If market analysts are to be believed, none of the existing ERP or accounting system is ready to deal with such massive changes in system. The CTOs would also have to watch out for supply chain issues, for instance, getting a proper check on supply chain management would be a tough task to deal with. As CST will cease to continue and proposed GST credits may take place during interstate transactions, it needs to be examined whether the stock transfer and sell model would continue to be efficient under the new framework or not. “This is the most complicated part in the entire GST episode, and it’s giving jitters to many IT managers. Definitely, it needs proper segmentation and cross evaluation,” says Rajendra Sawant, CIO, Adventity. Nonetheless, there are a few things that can be followed to ease the subsequent pain. “For starters, having an in-house GST team comprising people from both tax and the IT department would be a practical approach to handle the technology tangle of the roll out,” suggests Sawant. For effective implementation, enterprises would need to n

“An in-house GST team comprising people from both tax and the IT department would be a practical approach to handle the technology tangle of the roll out” rAjendrA SAwAnt CIo, adventIty

invest significant chunk in various warehouse management software, upgrading ERPs and aligning enterprise software systems with the vendors and customers system. Furthermore, sufficient training under the supervision of GST experts is required to evaluate the functionalities of the operations. “If IT department fails to implement requisite changes, their entire business staff will have to take holiday till GST implementation done,” summed up Arun Dixit, CEO, Udyog Software. After all, as the folk saying goes, once bitten, twice shy. Hopefully all those who faced music during the VAT days will have it easier during the GST and that includes our CIO’s.n

07 october 2009 | the cto forum |


best of breed

custom experience

The Six Laws of Customer Experience the fundamental truths that define how organisations treat customers n bruce temkin


ust like the three laws that govern physics, there are a set of fundamental truths about how customer experience operates. And here they are, the six laws of customer experience (CxP): 1) Every interaction creates a personal reaction. 2) People are instinctively self-centred. 3) Customer familiarity breeds alignment. 4) Unengaged employees don’t create engaged customers. 5) Employees do what is measured, incented, and celebrated.


| the cto forum | 07 october 2009

6) You can’t fake it. Jack Welch once said: “deal with the world as it is, not how you’d like it to be.” When it comes to customer experience, these six laws describe how it is. While some isolated situations may not follow these six laws, they accurately describe the dynamics of customer experience for large organisations. Anyone looking to improve customer experience must understand and comply with these underlying realities. And in case you’re wondering, Experience-based differentiation is 100 percent compliant!


custom experience

cxP Law #1: every interaction creates a personal reaction This is the most fundamental customer experience (CxP) law of them all. Simply put, experiences are totally in the eyes of the beholder. The same exact experience can be good for one person and bad for another. As a matter of fact, it can be good for someone at one point in time and then bad for that same person at another point in time. That’s why we often say “experiences designed for everyone satisfy none.” Here are some implications of this law: Experiences need to be designed for individuals. While it may not be possible to individualise every interaction, focusing on narrow segments (like personalities) is critical. Customer segments must be prioritised. Since you need to design for specific types of people, experiences will be optimised for a set of customers. That will require companies to have a very clear picture of their important (and not so important) customers. Customer feedback needs to be the key metric. Internal measurements may provide a sense of how the business operates, but they don’t give a true evaluation of customer experience. That’s why companies need to establish a Voice of the Customer (VoC) program; letting customer input drive priorities, decisions, and investments. Employees need to be empowered. Since every situation can be somewhat d ifferent, the needs of customers can vary across interactions. That’s why front-line employees need to have the latitude to accommodate the needs of key customers. The bottom line: you need to understand your customers, personally.

cxP Law #2: People are instinctively self-centred Everyone has their own frame of reference, which heavily influences what they do and how they do it. Customers, for instance, care intensely about their own needs and desires, but they don’t generally know or care as much about how companies are organised. Employees also have their individual frames of reference; which often include a deeper understanding of the company and its products. If left unchecked, decisions made inside the company will often reflect in the frame of reference of employees, not customers. We sometimes call this problem self-referential design. Here are some implications of this law: n

You know more than your customers; deal with it. You can’t eliminate your biases, but it helps to acknowledge them. Recognise that customers may not understand things like product names, acronyms, and process steps that you regularly discuss at work. So there’s a natural bias for making experiences too complicated for customers. Get in the habit of asking yourself: “Would our target customers fully understand this?” Don’t sell things, help customers buy them. Whenever you’re thinking about a customer experience, always try and frame it from the customer’s point of view. Look at all interactions as an opportunity to help customers to do something. How can you institutionalise this? Infuse the voice of the

customer within your processes. Don’t let the company drive experiences. Just because you have separate organisations running your Website, retail stores, and call centre does not permit you to make customers jump through hoops. Customers don’t need to know (and they certainly don’t care) how you are organised. Here’s a key symptom to look for: Any front-line employee who explains to a customer how your company is organised. The bottom line: make the shift from self-centreness to customer-centredness.

cxP Law #3: customer familiarity breeds alignment Not many people wake up in the morning and say “today, I want to make life miserable for our customers.” Yet every day, lots of employees (from front-liners to senior execs) make decisions that end up frustrating, annoying, or downright upsetting their customers. But it’s often not individual actions that cause the problems. Most times, the issues come down to a lack of cooperation or coordination across people and organisations. Given that most people want their company to better serve customers, a clear view of what customers need, want, and dislike can align decisions and actions. If every-

07 october 2009 | the cto forum |


best of breed

The bottom line: when it comes to the six laws of customer experience, ignorance is not a valid defence.

best of breed

custom experience one shared a vivid view of the target customers and had visibility into customer feedback, then there would be less disagreement about what to do for them. While it may be difficult to agree on overall priorities and strategies, it’s much easier to agree on the best way to treat customers. Here are some implications of this law: Don’t wait for organisational alignment. No organisational structure is perfect; they all have some flaws. And it takes a long time to make major organisational changes. So rather than waiting for a structural change to create alignment, use a clear focus on customer needs as a way to align the decisions and actions of individuals – even if the organisations remain out of alignment. Broadly share customer insight. While we all know that front-line employees affect customer experience, almost everyone in the company also has some impact on how customers are treated. Think of your company as a large production crew making the stars (front-line employees) shine on stage (during customer interactions). Since many of the decisions that impact customers aren’t debated or discussed, they just happen; it helps for as many people as possible to understand customers. Think of this as a silent alignment process. Talk about customer needs, not personal preferences. Disagreements are somewhat natural when people debate things from their own points of view. Instead of discussing what you like or think, re-frame discussions to be about customers. If you find that you don’t really know enough about customers to solve the disagreement, then stop arguing and go get more information about your customers. The bottom line: an external focus is an antidote to internal politics.

cxP Law #4: unengaged employees don’t create engaged customers If you want to improve customer experience, then it might seem obvious that you should focus completely on customers. For most firms, though, that’s not the correct approach. Where should you focus? On employees. While you can make some customers happy through brute force, you cannot sustain great customer experience unless your employees are bought-in to what you’re doing and are aligned with the effort. If employees have low morale, then getting them to “wow” customers will be nearly impossible. This relationship between employee engagement and customer experience was described very clearly in The Service-Profit Chain, which was published in the Harvard Business Review in 1994: “Profit and growth are stimulated primarily by customer loyalty. Loyalty is a direct result of customer satisfaction. Satisfaction is largely influenced by the value of services provided to customers. Value


| the cto forum | 07 october 2009

is created by satisfied, loyal, and productive employees.” Walt Disney also captured this concept very simply: “you can design and create, and build the most wonderful place in the world. But it takes people to make the dream a reality.” Here are some implications of this law: Don’t under-spend on training. You can’t just change some business rules and processes and hope that customers will be treated better. Just about any change to customer experience requires some employees to change what they do and how they do it. So don’t skimp on the training effort. Make it easy to do the right thing. If it’s hard for employees to do something, then they are less likely to do it -- and more likely to get frustrated. That’s why enabling technologies need to be designed for employees to easily accomplish tasks that help customers. Communicate, communicate, and communicate. If you want to have employees feel like they’re a part of something, then you need to tell them what’s going on. So develop a robust communications plan that not only tells employees what the company is doing, but also explains why you’re doing it. And it helps if you sincerely solicit feedback! Find ways to celebrate. If employees do things that help customers, then find a way to celebrate those actions. These celebrations can take many different forms: a handwritten note from the president, acknowledgement in a company newsletter, or an on-the-spot bonus. Look for opportunities to catch people doing the right thing. Measure employee engagement. Firms need to put the same rigour in monitoring employee relationships that they do in monitoring customer relationships. So they need to develop a relationship tracking measure like ‘likelihood to recommend as a place to work’ that is used to gauge progress and to identify corrective measures. The bottom line: customer experience depends on employees’ experience.

cxP Law #5: employees do what is measured, incented, and celebrated Some executives struggle to understand why their company doesn’t deliver better experiences to customers. But it shouldn’t be such a big mystery. It’s all about how you deal with employees, who tend to conform to the environment that they’re in. What are the key elements to the corporate environs? The metrics that are tracked, the activities that are rewarded, and the actions that are celebrated. These three items collectively drive how employees behave and how they ultimately treat customers. Here are some implications of this law: Don’t “expect” people to do the right thing. While employees may want to treat customers well, you can’t just expect them to do it. Why not? Because companies want their employees to do a lot of things. But organisations often hone


custom experience

best of breed

their measurements, incentives, and celebrations to achieve short-term growth and profitability targets. So without any explicit intervention on behalf of customer experience, the environment will push employees to focus on just about anything except customer experience. Clearly define good behaviour. Before you just adjust the environment, it’s important that you describe the type of behaviour that you want from people in every role. Do you want customer service reps to spend whatever time they need to on the phone to solve a problem or do you want them to cut down the average handle time on each call? The measurements, incentives, and celebrations should be adjusted to reinforce those behaviours. Watch out for mixed messages. You can only get consistent behaviours from employees when all three levers (measurements, incentives, and celebrations) are working together. If you celebrate things that are different than what you measure, for instance, then employees aren’t sure which signals to follow. The bottom line: don’t blame employees, fix the environment.

cxP Law #6: You can’t fake it You can fool some people for some time, but most people can eventually tell what’s real and what’s not. This shows up in a couple of areas. First of all, employees can sense if customer experience is not really a top priority with the executive team. The second place this shows up is in marketing efforts. No matter how much money you spend on advertising, you can’t convince customers that you provide better experiences than you do. Here are some implications of this law: Don’t hide behind a fourth priority. While it’s possible to come up with a long list of priorities, there’s no way that many will get a great deal of attention. A good rule of thumb: Anything below your third priority is not a priority at all. So make customer experience one of your top three priorities. Sometimes it’s better not to start. If you’re not committed to customer experience, then don’t start a major initiative; it’s a lot of hard work. And if customer experience isn’t a top priority, then the effort will likely fail. The result: frustrated employees who are increasingly reluctant to re-engage in these types of efforts in the future. Advertise to reinforce, not create positioning. Since customers ultimately know how you treat them, the best you can do with marketing is to reinforce the truth. If you want to change how you are perceived, then start by treating customers better; and then use advertising to reinforce the new way that they’re being treated. The bottom line: if you’re not committed to customer experience, you can only fool yourself. The six laws of customer experience are not meant to constrain behaviours. They are meant to empower highly effective customer experience efforts. By understanding these fundamental truths about how people and organisa- n

tions behave, companies can make smarter decisions about what they do, and how they do it. Going against any of these laws will likely cause poor results. But if you conform to these laws, then you’re better positioned to deliver great experiences to your customers. Here are some thoughts about how to apply the six laws: Treat them as sacred. While it may be possible to find isolated exceptions to all of these laws, they accurately describe the basic behaviour of people and organisations. So don’t spend your time rationalising why they don’t apply to you. Instead, figure out how to capitalise on the laws. Make sure you’re not breaking them. Look at these laws regularly, especially when you are starting a new initiative. And ask yourself: is this effort breaking any of the six laws of customer experience? If the answer is yes, don’t go ahead. Find some other approach that conforms to these laws. Share them with others. The six laws will have the largest impact when they are widely understood across your organisation. So share this document with as many people as possible. The Bottom Line: understand the six laws, for your customers’ sake. n Bruce Temkin is Vice President and Principal Analyst at Forrester Research and focuses on Customer Experience. Temkin’s blog ‘Customer Experience Matters’ can be viewed using the URL ( The content of this article is not related in any way to Forrester Research.

07 october 2009 | the cto forum |


imaging: chaitanya surpur

tech for governance

information security

Emperor’s new clothes r o i on information security is a concept accepted by the majority despite the evidence of their eyes n b . ganapathi subramaniam


any leading security practitioners do not consider information security to be an investment. Leading authors and practitioners like Jay Heiser decry the very concept of return on investment (ROI) in security. ‘Nobody tries to quantify the ROI of air-conditioning. So, why try with security?’ he asks. He further states that ‘security is an overhead, just like automatic fire sprinklers and air-conditioning in the server room. Face it: it is a necessary evil’. Not all practitioners share or subscribe to Jay Heiser’s view. Many formulae have been developed by a number of academicians in the field of information security. Some of these wonderful works are not widely known, so they are not very popular with practitioners. I have not come across a single industry conference where these formulae developed by these academics have been discussed. On the other hand, not many academic conferences give a platform to the practitioners. It would be great if this gap between academia and the practitioners could be bridged. For example, the formula for Game Theory was developed to determine information security investments. Huseyin Cavusoglu, the author of the model, observed the companies that make security investments, and the hackers who try to break in the two different players of the game. From an organisation’s point of view, the payoffs could possibly result into one or more of the following: losses from undetected intrusions; losses from detected intrusions; and cost of monitoring. From a hacker’s point of view, the payoffs include the expected utility derived from the attack and the expected cost payable should the hacker ever be caught. Their respective payoffs and utilities, if any, are taken into account to determine the value of the game or the size of the investment. Assigning numeric values to those payoffs and


| the cto forum | 07 october 2009

the expected utility is the real challenge. One of the fundamental assumptions about any game theory model is that the players are always rational. Can hackers be considered rational players? Are security managers always rational when they make investment decisions? Are there only two players in the scene, or could there be additional players? For example, if a banking site running Microsoft Windows and IIS gets hacked, the losers are the bank and Microsoft. The scenario becomes a three-player game. I am a fan of Huseyin’s interesting and useful model, but I believe that it has a lot of potential for extension and further development. Whether security is an investment or not, it an undeniable fact that poor practitioners face battle every year to justify resources – both money and people. With 9/11 and many other regulations changing the perception of security among senior management, the battle for expenditure justification by the security manager has not just vanished, but they more often tend to use data or information published in the various annual information security surveys as supporting evidence justifying their expenditure. Auditing firms such as PriceWaterhouseCoopers and Ernst & Young and industry bodies such as Computer Security Institute (CSI) publish surveys on an annual basis, dishing out information on average annual loss due to security incidents is so many millins of dollars. These surveys are very popular in the industry, as both the security vendor and the buyer make the best use of the survey information to their advantage. According to Heiser, the creators, respondents and the recipients of the study have hidden agendas and such surveys.n The author is an eminent information security professional in India


shubhendu parth

unified communication players have the potential of changing the way cios address their 3c issues n shubhendu parth


he ability to connect, communicate and collaborate—the 3Cs—is rapidly changing the way enterprises run in Economy 2.0. Further, convergence of businesses, social media tools and next-generation communication services is creating unprecedented opportunities and business models that are frequently changing the rules of the game. The solution, as companies like Cisco, Nortel, Avaya and Microsoft point out, lies in the magic potion called Unified Communications (UC) that not only promises to cut the cost of enterprise communication, but also assures higher employee productivity by driving operational efficiencies through real time collaboration across departments, geographies and devices. However, many of the CIOs and CEOs I have spoken to, especially those in the small and mid-sized companies are wary of the cost implication; suffocating and stifling as they prefer to call, but feel they would be happy to adopt Communications as a Service (CaaS), or in other words UC on SaaS platform. What this means is that CaaS could surely be an alternative—utilising a utility-based pricing model and delivering a value-added service that is clearly differentiated from the pure utility service offered by carriers. According to a Gartner report, there is ample scope for the growth of CaaS as well as its broader counterpart—the UC—in India because of the sheer size of the country’s economy. Imagine the possibility of connecting a team of managers assessing ERP customisation with another group handling GST rollout through personal text and video blog. Better still, if all team members can post their comment, views and reviews. While CaaS makes this possible at the fly, it also frees up vital organisation and individual time for more fruitful interaction and feedback when the team actually meets for a face-to-face update. Unfortunately, as the CaaS market in India still at a nascent stage, there are very few service providers who are actually evaluating the option of bundling UC solutions along with bandwidth to offer value added services. The good news is that Google has unleashed a ‘Wave’ that can, n

in long run, offer unified communications solution through the cloud at a much lower cost. Also, instead of a rolling out a specific product or application, Google has rolled out an open set of application programming interfaces (APIs) that integrates multiple collaboration techniques into logical, flexible and powerful virtual shared conversations or ‘Waves’ that includes email, IMs, blogs, document sharing, wikis, and multimedia content to provide a near seamless communications platform. All these means that companies and developers are free to integrate their applications to fit any individual needs. No wonder then Wave has already attracted attention from enterprise application vendors like and SAP. While SAP Research team has created Gravity, a prototype extension that provides real-time, cloud-based, collaborative business process modelling tool, has developed an extension that employs Wave for initiating automated customer service support. The high tide, however, is British Telecom, whose VOIP arm Ribbit, enables users to make voice calls from their PCs, is planning to launch telephony-based gadgets specifically built for the Google Wave platform. Last but not the least, Google has announced that anyone is free to modify or host their own Wave server set to his or her particular security and privacy specifications. This is a clear deviation from the strategy so far adopted by most of the UC vendors who have been quite clear about their offerings and how they can be accessed—something that does have the potential of changing the way CIOs address their 3C issues. Hopefully in the near future, you would not merely be reading my column in the magazine or on the web, but probably see it live on Wave or a similar application as I key it in word by word, character by character. Why wait for a few days for the print or even for a few minutes for upload. In the new hyper-communicated world, every second counts. Welcome to the new order..n The author is the Executive Director and Founder Editor of and Consulting Editor of CTO Forum

07 october 2009 | the cto forum |



Catch the next wave

no holds barred

sharad sanghi

Security concerns around the cloud are largely perceptions in its most recent foray , netmagic solutions


a managed it services company



launched cloud computing services for the indian enterprises . sharad sanghi , ceo and md , netmagic solutions shares the issues concerning the cloud with the cto forum . here are the excerpts : bycharu khera Netmagic Solutions has introduced cloud computing services in the Indian market, but there are a number of concerns attached to it. What are the key concerns that your clients come back with?

In the managed or hosting services space, cloud is the latest buzzword we get to hear. According to the recent IDC report, spending on IT cloud services will grow almost threefold, reaching $42 billion by 2012. More importantly,


| the cto forum | 07 october 2009

spending on cloud computing will accelerate throughout the forecast period, capturing 25 percent of IT spending growth in 2012 and nearly a third of growth the following year. It is creating new opportunities for suppliers, thereby fitting well in the definition of a technology innovation. I believe that cloud computing has different connotations to different people. We offer Infrastructure as a Service (IaaS) and Platform as a service (PaaS). Enterprises


sharad sanghi

So what is this legal issue in cloud computing all about?

In fact, a lot of things! A key legal challenge facing the service is misuse of the cloud resources. Maintaining control is the key to ensuring legal compliance. From a vendors’ perspective, the licensing models haven’t fully evolved yet, and there are challenges with regards to controls on measuring the usage and legal compliances. Suppose a security breach happens in the cloud, who should be held responsible?

There are two aspects of it. If a breach happens due to the negligence of the cloud service provider, then yes, we own the full responsibility. There can be a breach due to leaks in the client’s internal network, in which case the responsibility is not on us. We clearly define the service-level agreement (SLA) with the user enterprises and adhere to it – even in case of a breach. Moreover, we ensure adherence to industry standards, and thus offer optimum security monitoring to detect any breaches. We also offer security services where we can detect and fix any such incidents. The delivery of cloud services is based on the underlying hardware and software components, which are factually thirdparty components. Netmagic Solutions does not have absolute control over these. While we take all steps to keep the infrastructure secured at all levels and proactively respond to incidents, we don’t compensate the customers for any downtime due to incidents beyond our control and outside of SLA.

Have there been issues around interoperability while using cloud infrastructure?

When we offer our cloud services, interoperability becomes a non-issue, and the users have a seamless experience. However, given that this technology is still evolving, interoperability concerns could be there. Efforts are on to overcome those. Currently, there is little-to-no interoperability between various virtualisation platforms along with the service providers. A recent McKinsey report states that cloud computing is over-hyped and expensive. How do you defend this stand?

This may not be entirely true. Though I do not have the numbers, but through the right adoption of cloud computing, the key challenges of IT departments can be addressed easily. Cloud offers distinct commercial and operational advantages, which make it a technology to reckon with. It offers zero capex (thus favoring startups), and also provides ready-to-use IT infrastructure. Also, a key advantage is reduction in opex. Since it is a managed platform, it helps in saving power costs. Immediate scalability, no long-term contracts, resources provisioned in real-time, various technical and operational advantages and pay-peruse model are some of the other key advantages of cloud infrastructure.

A key legal challenge facing the service (cloud computing) is misuse of the cloud resources

Apparently, cloud computing isn’t cutting much ice with the SMBs?

Contrary to your observation, any company, irrespective of its size, can benefit from cloud computing. This technology solution makes sense for large enterprises, midsized companies, and SMBs. Based on the nature of their operations and size, companies will have different cloud computing requirements. We have successfully engaged customers across various verticals through services that n

are tailored to meet their requirements. Most of these services are vertical agnostic and can be deployed for various applications and platforms. Based on our past experience, there is absolutely no substance in believing that cloud is an expensive proposition. However, we conduct a pre-deployment study so that the user is in the right frame of mind to decide as to what model he wants to adopt for his needs.

The security aspect of cloud computing is still suspect. What are vendors such as Amazon, Microsoft and IBM doing to address these concerns?

While a few cases may be genuine, security concerns around the cloud are largely perceptions. But we believe in taking all security measures possible for the cloud services we offer. For example, we have a comprehensive Network Attack Management service. We are one of the few providers to offer such a service in India. We also do vulnerability assessment for our clients. Moreover, it is our desire to be on any industry forum that will standardise on security or even technology aspects of cloud services. n

07 october 2009 | the cto forum |


no holds barred

using our services have certainly come back with a number of concerns. One of the key concerns is ‘application compatibility’. Most of our customers do a PoC (Proof of Concept) before taking production resources. Also, the hybrid architecture is an issue in cloud computing. Most customers are concerned about integration of the cloud network with their physical networks. Another area of doubt is technology readiness. It has been raised by a few enterprises. They feel that cloud computing is an evolving technology. Also, a lot more clarity is required on the legal front.

collective wisdom

maximising it investments


Facing severe are companies prepared to do


more less? with


chris curran , john sviokla


ompanies that are able to Success of firms with varying levels of strategic It integration align information technology (IT) initiatives with strategy, mobilise efficient resources, and effectively execute major projects are much more likely to outperform their peer group. According to research conducted with 451 senior business and IT executives at large companies, these are the firms with a high “Digital IQ,” an important measure of a company’s ability to gain the maximum value from their IT investments. Source: Diamond Management & Technology Consultants, Digital IQ Study Figure 1 Senior executives can increase the value of their IT investments Why do I need to worry about my digital and improve their organisation’s Digital IQ through three IQ now? tangible steps: n Integrating IT into the strategic planning process; The economic downturn is putting severe pressure on n Developing a strategic roadmap to guide IT budgets, forcing CIOs to do more for less. According implementation; and to our data, CIOs are responding by shifting their mix of n Focusing on the right execution skills. IT spending to strategic projects, and outsourcing more commodity services to lower core costs. At the same time,


High Digital IQ (20% of the firms)


80% outperform their peers

Low Digital IQ (80% of the firms)


50% outperform their peers

| the cto forum | 07 october 2009


maximising it investments

What is digital IQ and how can I improve it?

The Diamond Digital IQ formula is made up of three components: strategic intelligence (the alignment of the IT strategy with the business strategy); mobilisation intelligence (planning and creating the right organisational capabilities for success); and execution intelligence (clear assignment of responsibilities, measurement, and management over the life of the efforts). Source: Diamond Management & Technology Consultants, Digital IQ Study Figure 2 The most important component meeting expectations among top-quartile performers of strategic intelligence is the incorporation of IT into the planning process. Companies that heavily involve the senior IT team up front were roughly four times more likely to be top performers than companies that do not emphasise including IT in the planning process (see Figure 1). Mobilisation intelligence is the capability in which firms’ performance varied the most (see Figure 2). Only 29 percent of respondents said they were consistently successful in mobilizing the right mix of internal and external resources to get the job done. While 58 percent said their firms have a strategic roadmap, four Source: Diamond Management & Technology Consultants, Digital IQ Study Figure 3 out of 10 firms do not have that valuable tool for assigning responsibility Increasing your digital IQ and resources to ensure that strategy is actually executed. Only slightly more than one in three (37 percent) claimed to have a clear roadmap to guide their efforts. The remaining 63 percent of companies are missing an important opportunity, because having a clear roadmap is the single biggest predictor of success at this stage. How much does this additional roadmap planning cost in additional time? Not much. We found that, on average, the most successful firms Source: Diamond Management & Technology Consultants, Digital IQ Study Figure 4 in our sample spent only about 20 percent more time and effort planthey are trying to make sure they continue to invest in the ning—increasing total planning effort from approximately vital multiyear projects that will set their companies up 250 man weeks to 300. The incremental value provided for success coming out of the recession. Our worry is that is significant for large companies, particularly when most firms are not sufficiently focused on increasing their compared with the millions of dollars at stake in a failed capabilities in the key areas that drive a high Digital IQ, and or delayed IT project. are therefore missing opportunities to improve the likeliExecution intelligence—a combination of executive hood of success from their current and future spending. commitment and critical skills—is the biggest single deter- n

07 october 2009 | cto forum |


collective wisdom

effectiveness of the stages of the mobilisation phase

collective wisdom

maximising it investments Sidebar: Assessing Your Organisation’s Digital IQ To test whether your company is prepared to get greater value from its IT assets in a difficult economy, consider these questions about your company’s strategy, mobilisation capabilities, and ability to execute IT programs that actually improve revenue, profitability, and performance. Strategic Intelligence 1. Is our strategy right for the current environment and the inevitable recovery? 2. Are our IT investments aligned with that strategy? 3. Is our strategy well communicated, allowing the entire organisation to pull in the same direction? Mobilization Intelligence 1. Do we have a clear roadmap to guide our IT mobilisation efforts? 2. Do we have executive agreement on the funding and resource requirements necessary to deliver on our strategy? 3. Have we devoted sufficient time to define and identify the right mix of internal and external capabilities? Execution Intelligence 1. Are we satisfied with our track record of delivering complex, multiyear IT projects? 2. Is there a shared business/IT governance structure in place to ensure that major IT investments deliver real value to the organisation? 3. Do our IT project execution skills include strong capabilities in program management, enterprise architecture, and stakeholder communications?

minant in firm performance. Firms that execute well have strong capabilities in program and project management, enterprise architecture, and stakeholder communications, and they maintain an ongoing commitment to reach their goals. They also use a closed-loop management process, by which management follows up on whether or not project teams have delivered on promises they have made. We found that execution capability is mediocre at most firms, with many firms underperforming on important execution skills such as quality assurance and stakeholder communication. Firms that can deliver against these metrics are more likely to be top performers in their industries (see Figure 3).


| the cto forum | 07 october 2009

A programmatic approach to improving your digital IQ Knowing your Digital IQ is important, particularly among companies in financial services, insurance, healthcare, consumer packaged goods, retail, and other industries that are strategically dependent on information and technology. Our first two studies show a clear correlation between a high Digital IQ and the ability to use IT to improve the business’ performance. We believe the first step is to measure how your organization performs on each of the vital dimensions of Strategy, Mobilisation, and Execution. This analysis can give you an idea of the type of value you are potentially leaving on the table, and the unneeded risks that you are injecting into the business. Second, after seeing how you compare against others in your industry, and the best in the world, you can conduct a gap analysis to determine what you need to change, and pinpoint the highest impact areas that will help move your organisation forward. Third, you need to create the right team of IT and business executives to create the roadmap for improvement. Fourth, you need to create a measurement and management program to make sure the designed changes are implemented and that they deliver the expected results. In conclusion, current economic conditions only increase the pressure to ensure that every dollar of IT spending helps move the company forward. We believe that companies with a high Digital IQ are best positioned to fulfill that commitment. For companies that lag on any of the key Digital IQ dimensions—strategic, mobilisation, or execution intelligence—it is not too late, even though it may feel like the clock is ticking faster than usual.

About the Diamond Digital IQ study Diamond’s second annual Digital IQ study reflects responses from 451 senior business and IT executives. The companies represented are of significant size, most with annual revenues greater than $1 billion. The survey covered an array of issues, ranging from attitudes about information technology’s contribution to corporate competitiveness and business/IT alignment to IT management practices. n Chris Curran, Diamond Management & Technology Consultants’ Chief Technology Officer, works with the firm’s clients on many of their most fundamental IT challenges and he also directs Diamond’s own strategic technology investments. Dr. John J. Sviokla, vice chairman of Diamond Management & Technology Consultants, is the firm’s Global Managing Director of Innovation and Research, and he also directs the firm’s Diamond Exchange think tank.


book review

hide time

Zapp - The squirrel who wanted to fly


t is a rare experience to come just means that they are simply going across an Indian writer living in about their work.” India who gives us a top class “How else does one fly then?” parable that can be turned into “If you ever see anyone flying, believe a comic book and even a cartoon me dear, you will know the difference.” f lick. Zapp, the baby squir rel, Aroma Sah, The Statesman ventures out into the big bad jungle to live life on his own terms – much Zapp is a young squirrel, happy-goagainst the elder squirrels’ remonlucky as all squirrels are. Upset over strations. During his adventures he his lowly status in the jungle, he starts befriends Saap the snake and Baaz a journey across the world in a quest the eagle – otherwise its specie’s for freedom and a sane society. Along natural enemies. His encounters the way, as he travels from forest to with the two are thrilling enough. forest, he meets a variety of animals, However, he also makes friends with each giving him a new meaning to a rabbit and a snail. From each of the challenges of life. Zapp is also his friends Zapp learns something symbolic of the quest for individual new and useful. If the snail dwells freedom in the highly-competitive upon high ambition’s futility then contemporary society, where everythe rabbit declares, “Life is not someone is running in a rat race, often publisher: wisdom tree thing you have to endure”; in fact “it sacrificing their own, individual idenprice: rs.125 is basically one’s perception’s affair”. tities in search for so-called success in Zapp has developed a burning desire a materialistic world. for flying and visiting distant lands “Jean Paul Satre had said that by following the sun’s path. Some discourage him while everyone chooses his own world. That thought symbolises others make fun of him, but Baaz inspires him to develop my book. It’s about having your own dreams, but not lookhis own wings – which he eventually does and how!! ing at the world through the same lenses that everybody This is an inspirational book with doses of philosophic else does. It cannot come across as a pressure — peer or gravitas at one level … it is a sheer entertainer. Kinger’s societal pressure or whatever. The book says that you have novella is destined to be a best seller.’ to really accept that madness of doing something you want Randeep Wadehra, The Tribune as your own. If you don’t accept the world as an extension of you, that rancour will stay in you, but if you do, and ‘The book teaches guides and opens up the mind in a peacefully work your way through it, it’s very easy,” says narrative that will keep you hooked. It is light hearted with Kinger. The book, he says, is also about adults who want a vocabulary that is refreshing. We are in a world where to do things they want to do, moving away from the rat societal norms dictate but it isn’t a prerequisite to follow race. “It’s the older people who need inspiration more, kids them. The jungle world with snakes, lemmings, eagles, being kids, will do wild things anyway,” he says. rabbits and squirrels is just like the human world where Utpal Borpujari, Deccan Herald the survival of the fittest is the way to be. However, there About the author: are exceptions and one of them is Zapp. It is a motivational Rachit Kinger has done his education from all corners of book about living your dreams and here is something that India. He also spent three years in merchant navy in hope of the eagle said to the little squirrel; travelling around the world before he decided to call it quits “Birds just have feathers on their wings and feathers can and did his MBA from IIM, Lucknow. Other than writing, he only give them flight but it cannot make them fly. Birds go from is passionate about photography, theater and movies. This is one place to another by flapping their wings because they know his first book, published at the age of 25. no other way. That does not mean that they are flying. That n

07 october 2009 | cto forum |


c n ram


Who Is Driving Your Car? if the journey of an organisation can be compared to a car driven by the top management, then here’s a shakesperean view to the corporate mumbo-jumbo


he interaction between IT and the rest of the organisation is always fascinating. It brings all the navarasas into play – more than any other department in the company! If the journey of an organisation can be compared to a car driven by the CEO, then here’s a look through a Shakespearean prism! The Supporting Cast: CIO, CFO and CBO – a generic title for the other important members of the team – Chief Business Officers ‘All’s Well That Ends Well’ CEO is the driver; the car is likely to be a Toyota Camry (understated elegance, but make no mistake about the


| the cto forum | 07 october 2009

size and power.) CBO is the passenger in front, and the CIO and CFO share the backseat. Everyone’s listening to music. The CEO knows where he’s going, and he steers the car through traffic, making sure he gets to the destination before the other cars do. CBO is the navigator, helping the CEO stay on course. Occasionally, he might coax the CEO into taking the path less trodden. The CIO warns against such diversions because the upkeep of the car may become a problem. He cannot protest that the requirements for which he recommended the car are no longer valid, so performance cannot be guaranteed. He sends a silent thanks to God for giving him the presence of mind to choose a reliable manufacturer like Toyota! The CFO always suspected that the choice of Toyota. It is extravagant, and he curses himself for being swayed by the influence of others favouring the six-cylinder, direct injection brute. He examines the technical specs and laments: “All technical gobbledygook! And why not a diesel engine?” He continues to keep a watch on the dials and to ensure that the car is in top shape. There are no traffic violations due to missed signs, as the CEO is only thinking about his destination. The CIO ensures that the car is in good shape and continues to function regardless of the road conditions, traffic, and all other impediments. He tries hard to resist the temptation to upgrade the car model during the journey. There are other temptations and distractions, as the CEO and CBO, by turns, always find someone they know who has the better car….! The CFO continues to fulminate every time they stop for gas, or they have to change tyres. This is an ideal combination. Mostly the stock market’s favourite! “As You Like It” or “A Midsummer Night’s Dream” version: CIO is the driver (the car is most probably a Jaguar XF – expensive, powerful, state-of-the-art, gas guzzler and nothing subtle about it!). CEO in the passenger seat and the CBO at the back. The CFO is safely stowed in the boot, preferably tied and gagged! The CEO and CBO have their own iPods and are listening to their favourite genre of music. The CIO sets the course on GPS and drives at his own speed. The car – it is just meant to be driven on the highway. “Macbeth”? ….tragedy is CEO and CBO at the back, CFO at the wheel (this is probably a reconditioned Premier Padmini!) and the CIO in the boot (or worse, left behind at the starting point!!). Who is driving your car?. n C. N. Ram is the Co-Founder & Director at Rural Shores Business Services Pvt. Limited


The CTO Forum Magazine  
The CTO Forum Magazine  

Technology for Growth and Governance