CIOs at Risk: Four Areas to Watch
David Nichols is CIO Services Leader, Geoff Vickrey is Enabling Technologies Leader, and Bob Sydow is Area Center of Excellence Leader for Ernst & Young LLP
Virtualization and cloud computing, social media, mobile and other disruptive technologies are converging to create something like the perfect storm for CIOs. The velocity of change-the pace at which technology is evolving-is so fast that uncharted risks make navigating today's IT environment more challenging than ever.
As the CIO's role evolves from providing tactical support for the business to becoming a strategic partner, the need to align IT's priorities to those of the business is of paramount importance. You also need to provide sage counsel, turning information into insights when the business is seeking to implement new technology solutions to achieve competitive advantage. The need to be fast to market might encourage organizations to procure and implement new technologies without understanding the full range of risks those new technologies present, and as CIO you must be ready with answers and solutions.
What's the issue?
The velocity of change in technology has forced many IT functions to adopt a new approach to sourcing and managing technology vendors and service providers as part of an overall IT infrastructure strategy. The current landscape of disruptive technologies presents numerous opportunities for IT functions to provide a more cost-effective, flexible and scalable infrastructure that better meets evolving business needs. This change is largely driven by advances in broadband, which now allows mobile devices to take full advantage of the cloud technologies that have been developing over the last decade. These advances are providing improved business functionality for organizations that have previously operated with a smaller internal IT footprint. But this change comes at a cost, creating a new set of risks that CIOs must effectively manage to be successful.
The rapid introduction of disruptive technology is fundamentally changing how organizations go to market with products and services, interact with their customers, innovate and achieve competitive advantage. It is also creating a host of new risks that CIOs need to address.
How does it affect you?
In the past, IT functions had to create elaborate frameworks to deliver services that were primarily administered in-house. Infrastructure was developed and purchased under a peak-usage scenario, and any outsourcing involved long-term contracts with large vendors and often involved the transfer of physical infrastructure and resources. Going forward, infrastructure will be purchased on a pay-as-you-go or consumption-based model. Organizations are contracting with smaller, more nimble vendors with new contractual terms that are reviewed more frequently. Yet even as the physical IT footprint shrinks, the business expects CIOs to improve service delivery.
The other change that CIOs will have to contend with is a loss of control in the selection of technology platforms. Those decisions are increasingly being driven by consumers. IT's only option will be to react and respond.
This new hybrid infrastructure model creates a number of inherent risks for CIOs, including:
Strategic and financial risks. The number of vendors is growing, but the required size is shrinking, which can raise questions about their long-term viability. There could also be business-continuity risks if these smaller providers fail to meet service-level agreements. For instance, what plans need to be in place if a vendor's data center goes down? What losses could result?
Geographic risks. Geopolitical risks, from natural disasters and political unrest to persistent terrorism threats−particularly in emerging outsourcing markets−present significant risks of disruption to outsourced IT services.
Capacity risks. Smaller vendors might be able to offer greater flexibility, but their size could end up working against them-and you. Ultimately, they may not have enough capacity to support a growing customer base.
Control risks. An increase in outsourcing results in less control over your data. This presents the potential for data breaches and other security exposures.