Opinion: The Goldilocks strategy
- 27 December, 2012 12:00
A documented IT strategy is the most valuable resource you can develop; it’s the shop window that displays the value your IT organisation delivers. Yet, it’s also a trouble spot for many CIOs who either end up lumbered with a white elephant or decide to ditch the IT strategy document altogether.
When it comes to IT strategy, CIOs are pulled towards two extremes: CIOs are urged by strategy specialists and consulting firms to treat the IT strategy like a major systems documentation project. The value of the strategy is assumed to be proportional to its weight, leading to a strategy that takes months to develop and sucks up significant energy and resources that could be well used elsewhere. The result is a hefty and indigestible document.
If you’re lucky, a few people will feel compelled to read the executive summary. Then it will go onto a shelf until it’s been completely forgotten. The standard alternative is to avoid documenting the IT strategy altogether. This saves a lot of work developing a strategy that probably nobody will read, and it’s certainly easier to keep it up-to-date. Unfortunately, it represents a significant lost opportunity in engaging with the business and taking credit for the good work you’ve done.
No strategy or strategy-as-a-tome? Either way, you’ve missed the best opportunity you have to sell your vision and your achievements. Fortunately, there is a middle way. The ‘Goldilocks’ approach isn’t a compromise between the too-soft and too-hard options. It’s an improved way of developing and communicating the IT strategy that is just right for placing you in a leadership position, gaining the loyalty of your staff, and turning your customers into your best supporters.
Here’s how to create that ‘just right’ IT strategy:
Step 1 – forget the detail
Instead of diving into detail, start by describing your vision of how you’d like things to be in the future. As IT workers, we’re trained to focus on problems and to do error checking. This type of thinking normally serves us well and ensures that we develop systems that are reliable and effective. However, for strategic planning, this type of thinking is fatal. It leads to strategies that focus on problems and lack imagination or innovation.
Instead, we need to do what Edward de Bono refers to as ‘yellow hat’ thinking. What’s the long-term vision for your business? What and who do you aspire to be in the future? What’s your vision for being the best IT organisation you can be in the future? Then, based on that vision, you can describe what your IT environment will look like in three to five years’ time.
Throughout this whole process, ensure that you put yourself ‘in the shoes’ of your business stakeholders , and stay there. Everything you describe should make sense to a business stakeholder who has just a basic understanding of IT. If it doesn’t, then drive the strategy back to fundamentals by asking, “What does this deliver in business terms?” If there is no direct business value, it shouldn’t be in the IT strategy (a better place might be a technology plan or enterprise architecture).
Step 2 – show, don't tell
Once you have a high level future vision of your business and the IT organisation, you can then start to create the strategy by moving from where you are today to where you want to be in the future. This is where the second difference in this approach comes in.
Avoid describing your strategy in words. Instead, use models such as graphics, pictures, icons, infographics, graphs or even mind-maps. Creating a simple picture of your strategy forces you to strip away the hyperbole and focus on the core ideas. It will actually engage a different part of your brain and keep you and your team out of the detail and in a creative frame of mind.
The resulting models will be dramatically more effective than words for describing your strategy for several reasons:
- Developing those visual models actually requires deeper thinking than writing lots of words. To create an effective graphic means you have to crystallise and focus your thinking and clarify in your own mind the essential elements of that strategy. Clients often report that this approach provides new insights and ‘ah-ha’ moments.
- Those models then serve as an excellent vehicle for communicating the strategy to others, including both your IT team as well as non-technical, business stakeholders.
Step 3 – say it all on a page
Once you’ve described your IT strategy using a set of models, put these together to create a strategy-on-a-page that describes the most important aspects of your IT strategy. This can be printed and handed out to everyone from the CEO (who can refer to it and say to clients, This is what IT does for me”) down to technical IT staff (who can say, “This is what I’m working towards”). With your strategy-on-a-page poster published, you can then focus on detailing and rolling out your strategy, knowing that you have your business stakeholders and IT team already aligned to your vision.
Dr Gerald Khoury is the managing director of GK Strategic, working in the areas of IT innovation and strategy. He consults to the private and public sectors throughout Asia-Pacific.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Advanced Malware Exposed
This handbook shines a light on the dark corners of advanced malware, both to educate as well as to spark renewed efforts against these stealthy and persistent threats. By understanding the tools being used by criminals, we can better defend our nations, our critical infrastructures and our citizens. This ebook will provide readers with a new understanding of the rapidly developing cyber threat landscape and practical insights into how they can protect their data and computing infrastructures. Download now.
Detecting APT Activity with Network Traffic Analysis
Today’s successful targeted attacks use a combination of social engineering, malware, and backdoor activities. This research paper will discuss how advanced detection techniques can be used to identify malware command-and control (C&C) communications related to these attacks, illustrating how even the most high-profile and successful attacks of the past few years could have been discovered.
Real-Time Protection Against Malware Infection
Malware is at such high levels (more than 60 million unique samples per year) that protecting an endpoint with traditional antivirus software, has become futile. More than 100,000 new types of malware are now released every day, and antivirus vendors are racing to add new protection features to try to keep their protection levels up. Read more.