How the Elite Innovate
There was a simple, powerful and persuasive answer: foundational controls. That is, strict rules that clearly governed how change would be defined, monitored and thus led. Top-tier performers weren't change embracers or innovation huggers. They identified and enforced "process commandments" that constrained wasteful behaviours while reinforcing productive discipline. The researchers had picked a unit of analysis illuminating the core process values of their surveyed firms.
Inspired by MIT's research on lean manufacturing, the IT Process Institute surveys zeroed in on the controls, not the metrics, the elite used to define and assure process discipline. Two controls towered over all others in impact and importance: Do you monitor systems for unauthorized changes? And are there defined consequences for intentional unauthorized changes? No ambiguity or nuance here. The key discriminator between the best and the rest was that elite performers rigorously monitored and punished unauthorized changes. They had situational awareness of change.
The moment I saw this, a myriad of unresolved IT observations crystallized into clarity. What kills us is not our failures of planning, analysis, design, testing and deployment. It's not the work we're supposed to do that undermines our productivity; it's our black market economies of unauthorized changes - no matter how well intentioned or essential. We misunderstand the true enterprise costs of change.
Enterprises reluctant to punish unauthorized change agents guarantee dysfunctional cultures of lax discipline and process subversion. What makes this insight managerially excruciating is the simple truth that, in so many IT organizations, unauthorized fixes are sometimes the best and most important. We've made it OK to scramble top coders to make swarms of not-quite-legit last-minute fixes. Think about that. Then ask: When was the last time your shop audited the impact of unauthorized changes? Take the next step: When was the last time your organization disciplined or dismissed the perpetrator of unauthorized changes?
The survey identified a variety of high-impact controls - call them lean controls - that gave IT leaders greater leverage over their process investments. But the dominant finding was that unauthorized changes were a root cause of underperformance. IT shops that refused to take that shortcut had the best chance to be elite.
A conversation with Gene Kim, one of the lead researchers, revealed that the elite performers didn't treat these controls as behavioural constraints but as platforms for innovation. Controls aren't straightjackets; they can be trampolines. By honouring controls, their developers had greater flexibility in process management because disciplined design and test proved more agile, robust and maintainable than unauthorized change. Their high-performance culture was a high-controls culture. Best practice was synonymous with best controls. Is that true for your firm? How would you know?
The good news, says Kim, is that these controls are straightforward and easy to understand. What's more, elite performers had IT budgets roughly three times larger than median performers. Kim believes that "high performers have continually earned ever increasing budgets because they deliver ever increasing value to the business. The budgets of medium and low performers shrink or are only grudgingly increased by sceptical and suspicious CFOs who see IT managers failing to deliver projects and keep IT services running consistently."
The more I talk with CIOs, the less confident I am that IT appreciates the role of controls in empowering leadership rather than imposing micromanagement. The IT Process Institute's results should provoke some rethinking about basic systems change management assumptions. The great systems software sage Fred Brooks was right: There are no silver bullets. But some ammo delivers far greater bang for the buck than others.
Michael Schrage is co-director of the MIT Media Lab's eMarkets Initiative. He can be reached at email@example.com
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.