Critical and difficult questions, no doubt. But there's a way sort through it all to answer these and other spending-related questions. The components of a funding strategy appears in Figure 1.
Figure 2 converts it all into a matrix that can be used to determine where you are today and where you need to go. Note that the governance issue is absolutely critical to your funding success. If governance - defined here as what is to be done and who is to do it - is mishandled, then the whole IT products and services acquisition and funding process will collapse.
Figure 2 can help with a current baseline assessment and with the prioritization of funding requirements. This model assumes that the enterprise - central IT - will "own" the communications networks, data centers, overall security, and the hardware and personal productivity software that runs on this infrastructure - but not the business applications that define the lines of business.
You need to know where you spend your IT money and how it gets spent. You need to know what gets spent in-house and what gets spent on external consultants.
Here's a list to get you started:
Broad IT Spending Categories
You also need to know who "owns" each category and where "collaborative" IT funding decision-making occurs, should occur and should not occur, given your organizational structure. While this list is helpful, it's only the start. Table 1 below suggests that you need to know how much spending occurs and who owns what.
Categories $$$ Enterprise Line of Business Responsibility Responsibility APPLICATIONS Apps Software Packages $$ X Apps Development (Integration & Deployment) $$$$ X Apps Support $$$$ X X Apps Architecture Design $$ X X Apps Architecture Services & Support $$ X Modernization & Migration $$ X X INFRASTRUCTURE Messaging Environment $$$ X Network & Communications Architecture Design $$ X Network & Systems Management $$$ X Voice & Data Services & Support $$$ X Infrastructure Engineering Services, Support $$$ X Data Center Hardware $$$$ X Desktop Hardware $$$ X X Laptop Hardware $$$ X X Other Access Devices (PDAs, etc.) $$ X X OVERHEAD Staff (Human Resources, Benefits, etc.) $$ X X Training Services & Support $$ X X General Support (Admin. Assistants, etc.) $$ X XThis table tells us a lot. The data is drawn from an informal sampling of more than 25 large (Fortune 1000) companies who have decentralized IT organizations. First, it tells us where the money goes - relatively speaking. It also illustrates where the primary responsibilities lie in a decentralized organization. The question remains, however, which is best? Another extremely important finding is the number of jointly owned funding activities. Every time two "Xs" appear together, there's a potential problem - which is why governance becomes so important.
Table 1: Organizational IT Funding Practices
Table 1 can also be treated as a test. Try taking it. See what you learn. Do you know the relative costs of your infrastructure, applications and support activities? Do you know unambiguously where the responsibility lines are drawn?
Organizational Governance & Cost Allocation
Governance refers to two funding dimensions: How you fund what you buy and who funds what. There are a number of ways to fund IT products and services in the decentralized organization:
1. Allocation of Costs
This mechanism is best applied to infrastructure investments. In the decentralized organization, the enterprise - along with the lines of business - determine what the infrastructure should look like and the likely costs. The enterprise then builds the infrastructure and allocates the costs across the lines of business.
Unless you want to get assassinated, allocate the costs according to usage - not equally independent of use. The problem with usage allocation, of course, is the necessary specificity about usage you must produce: you must be able to empirically "prove" that line of business "A" is using more than line of business "B" and should therefore pay more of the infrastructure allocation. Don't get cute with usage metrics. Allocate infrastructure costs according to simple ones, like the number of network connections, millions of instructions per second (MIPS) on the mainframe, amount of data storage, etc.
This mechanism is challenging since in order for it to really work the lines of business should be able to look outside for the same services that a central/enterprise IT group might provide. In other words, fee-for-service works best when free market principles prevail!
The obvious problem, of course, is that the enterprise IT group often feels like it's at a competitive disadvantage to outside vendors who can use a variety of tricks to win the business (such as fixed price/fixed schedule, loss-leader tactics, and other "best-and-final" techniques).
At the same time, you might say that if the internal IT group cannot compete with outside vendors then maybe it's time to outsource the services - and you'd have a good point. Many analysts view the fee-for-service model as a mechanism to keep the internal IT groups honest.
This mechanism works when there are activities that fall outside of infrastructure and application costs and when there is value attached to these activities.
For example, an enterprise technology group might perform analyses of technology or industry trends and make them available to the lines of business. A skunk works might be developed that will test new hardware and software and then share the results with the technologists in the business units. Training falls under this umbrella as well. The general administrative support of the enterprise group usually falls into this group as does the salaries of IT management. Finally, research & development is often taxable.
This flip-side of the governance question haunts just about every company on the planet. Basically, the problem looks like this: Organizations want to make the right decisions about IT applications, infrastructure and general support, but are afraid to actually do so. Decentralized business/IT organizations that have weak decision-making governance live in a constant state of fear, uncertainty and doubt. No one ever knows who will actually pay for what, when or how. Strongly governed organizations publish the rules and stick by them.
It's all very, very simple and very, very complicated. As always, leadership separates the organized and efficient from the chaotic and wasteful. So what kind of organization do you live in? Here's a short yes-or-no test:
1. Do you have to look pretty hard to find benchmarking data?
2. Is your organization subjected to religious wars about operating systems, data bases, and other standards issues?
3. Are the religious wars allowed to continue indefinitely?
4. Does everyone have veto power over everyone else, even idiots?
5. Can infrastructure investments be made by the lines of business?
6. Can applications investments be made by the enterprise infrastructure group?
7. Do you spend hours counting MIPS?
8. When a debate breaks out, is it settled by junior people?
9. Do the senior enterprise business managers talk tough, but act like paper tigers?
10. Are allocation and taxation funding mechanisms the object of ridicule in your organization?
OK, you guessed it: more than five "Yes's" makes your organization incompetent and pretty silly; eight or more makes it certifiable.
In Part 2 on Thursday, we'll identify the funding mechanisms and responsibilities that make the most sense in decentralized organizations.