From 2010-2012, Mexico’s Public Administration Ministry deployed a project aimed at measuring IT management performance and the value delivered to business in more than 100 federal institutions that together spent about US $4 billion on their IT programs. The project — “Modelo de Medición del Valor y Madurez de TIC (MMVM),” translated as “IT Value and Maturity Measurement Model” — remains, to this date, the country’s most ambitious effort of its type.
The MMVM project, a collaboration between Cutter Fellow Bob Benson and myself, was developed on the premise that traditional IT evaluation methods, which focus mainly on technical aspects such as technology performance, availability levels, and monetary cost-benefit relationships, are unable to deliver insights into the business value delivered by IT investments. Given this premise, we determined that it was necessary to build a new model — discussed in this Executive Update — that could go beyond the usual constraints, while at the same time allowing us to better understand the following aspects of each organization:
- Maturity and performance level of IT management
- Value contributed by IT to the achievement of the organization’s mission
- Costs structures, including those for:
- Service portfolios
- Total cost of ownership (TCO) of services and systems
- Transaction costs for main client-facing IT services
After three years of execution, methodological evolution, and analysis, the data obtained from the MMVM project, which contained more than 500 different variables per organization, showed that the best-performing organizations in 2012 were those we call “IT Masters” (see Figure 1). IT Masters are organizations with the following characteristics:
- They focus on IT management and are a mature procedural organization (i.e., a well-organized IT management team focused on best practices implementation).
- They have well-defined IT leadership that is trusted by the organization.
In our research, the first aspect, focus and order, indicated that components relating to good performance were found in organizations where a consistent effort was made to follow and maintain a good practices management model. The second aspect — the more interesting one from our point of view — concerned the CIO’s soft skills,1 namely skills that are not technical such as the ability to engender trust and to exercise true leadership. These two key aspects appeared to make IT investments and technical capabilities flourish into tangible value for any kind of organization. (In our sample, these were as diverse as a state-run oil monopoly or the armed forces.)
Based on the above, we built the chart shown in Figure 1, where all reviewed organizations for 2012 were classified according to two axes: (1) IT performance and management maturity and (2) IT value delivered to the business side of the organization. We then subdivided the chart into in four quadrants:
- Quadrant 1: IT Victims. These are the organizations in which both IT performance and management maturity and IT value delivered to the organization are low. This means that the services provided by the IT department are unstable, intermittent, of low quality, and do not respond to the organization’s needs. Management doesn’t have confidence in the IT department or in its abilities to respond to business needs. The organization is perceived as a hostage in the hands of the IT organization, and the IT organization perceives itself as powerless in those circumstances. This is a situation whereby the state of things within the IT organization needs to be thoroughly reviewed.
- Quadrant 2: IT Heroes. These are the organizations in which IT performance and management maturity is low, but IT value delivered to the organization is perceived as high. The IT organization sees itself as weak in its ability to meet business demands, due to factors such as lack of resources, training, equipment, and methodologies, but somehow it manages to satisfy the immediate needs of the organization, even though stability and cost of services, along with long-term planning, end up compromised. These kinds of organizations are permanently exposed to high systemic risk, which will likely end in a catastrophic technological failure in the medium or long term. Moreover, the IT department lacks the ability to support the growth and evolution of the organization in the long term.
- Quadrant 3: IT Tyrants. In this quadrant are those organizations where, despite having high levels of maturity in terms of IT management practices (e.g., the use of international best practices and state-of-the-art tools), the IT organization is disconnected in regard to the demands of the organization’s mission. Here, the IT department is looking for the organization to adapt to technology instead of adapting technology use to the organization’s mission. Despite high levels of IT investment — something that frequently exists in these types of organizations — there is no clear linkage between IT investment and value delivered to the organization.
- Quadrant 4: IT Masters. From the point of view of the MMVM methodology, Quadrant 4 represents the ideal state for an organization that uses IT as a tool to multiply productivity and organizational capabilities. This is the quadrant where every organization that depends heavily on technology to achieve its mission should make an effort to achieve. This is the place where technology is managed with a high level of maturity, and the organization gets the tools and services that it needs to accomplish its mission in a consistent and predictable way. The administrative and operational efficiencies that the IT Masters generate are sufficient by themselves to justify these organizations’ positions in this quadrant, but their positions also indicate that their IT departments play a significant role in achieving the organizations’ ultimate aims.
Within the various findings generated by the MMVM, an interesting correlation shows that for organizations in which the IT value delivered to the internal client (an organization’s worker) is low, the value delivered to an external client (the organization’s client) will also be low. This supports the idea that there’s a direct connection between these organizations’ internal management quality and the value these organizations generate in the markets where they operate. Another interesting finding from the MMVM that reinforces our conclusion about the relationship between the soft skills of IT management and the creation of value is that the cost analysis reveals that the level of spending on IT by each organization does not correlate with success. In Figure 1, the organizations with the highest IT costs in the sample (marked in red) are dispersed all over the chart. This means that higher IT costs do not directly correlate to greater management maturity or to greater value delivered to the organization.
Soft Management for IT
The results obtained by the MMVM project affected the perspective of the participants, especially about IT management methods because the results basically changed what used to be an intuition into a certainty — namely, that the soft capabilities of management are more important than originally thought. Even though this intuition has been present for a long time, as evidenced by literature on organizational development, before the MMVM there was no hard data showing that the development and success of such technical areas as the IT organization depend as much on soft management skills as they do on hardcore technical capabilities.
The dilemma is that IT management methods are built over technical aspects because they’re developed by engineers for engineers. This makes it more difficult to introduce soft management components to a crew used to traditional methods for the professional management of IT. This scenario continues today, even though experiences over the last decade have shown that there’s a high level of divergence between what organizations want from IT and what the IT areas actually do. At the same time, IT professionals, especially CIOs, are among the less trusted executives in the C-suite. Moreover, high levels of failure on IT projects persist. According to a study reported in Harvard Business Review, out of a very large sample that included 1,471 IT change initiatives, the average overrun was 27%, with one out of six projects being a “black swan” with 200% cost overrun and an average time overrun of 70%. These statistics provide support for the perceived frustration with IT from executive management. According to the MMVM results, the majority of executives believe that IT is an important element for business goals and mission accomplishment, but at the same time, they are tired of seeing that most of the IT initiatives they authorize do not deliver the planned objectives.
Fortunately, people like Benson, Pieter M. Ribbers, and Cutter Fellow Ron Blitstein have started to pave the way on this subject. Their recent book Trust & Partnership: Strategic IT Management for Turbulent Times is part of the new body of knowledge that’s needed to improve what nowadays is a technology management model that’s overdeveloped in terms of technical components and underdeveloped in terms of human components, which in turn prevents many organizations from obtaining the majority of the benefits that technology can provide. This is a situation that paradoxically allows the multiplication of risks and losses associated with today’s improvised use of technology, given that low trust in the professional IT organization means that IT sourcing becomes more and more the amateurish endeavor of business units that try to bypass traditional IT sourcing practices. Additionally, it’s necessary to approach the relationship between trust and context as one of the most important factors to deal with when we think about an intervention that attempts to improve one of the three objectives analyzed in the MMVM (highlighted earlier):
- Maturity in technology management
- Value delivered by technology to the organization’s mission
- Full IT costs discovery, disclosure, and management
A high percentage of management methodologies are poor in terms of analyzing the context in which they can be used, frequently because there is an implicit assumption that they can be deployed without a careful review of the context in which they’re applied. This is why it’s important to pause and reconsider the work of Clayton M. Christensen and his colleagues, who have concluded that the use of each management tool should be evaluated in accordance with two variables (see Figure 2):
- The level of consensus in terms of what people want
- The level of consensus in terms of cause-and-effect relationships
The main point of Christensen et al. is that the use of each tool depends on the context in which the organization operates. Organizations where “the consensus about the casualty of things” is low and “the consensus about what people want” is also low, fall under the “Power Tools” quadrant in Figure 2. The possibilities of achieving success with a tool such as process standardization is also low because this tool falls under the “Management Tools” quadrant, which depends on high levels of consensus on the relationships of cause and effect. This forces us to think that before using a management tool to produce change, we need a deeper understanding, such as understanding the trust levels that exist among the organization’s collaborators. As emphasized earlier, the MMVM shows that the organizations that have the best management maturity and that generate the most value through IT possess two success factors:
- Management focus and order
- A clearly defined IT leadership that’s trusted by the organization
This corresponds to the quadrant “Culture Tools” in the model by Christensen et al. Benson and I agree that the existence of those two success factors depends on the CIO’s soft skills that allow him or her to build an understanding among actors and “partnerships” in order to achieve common objectives and to build “trust” relationships that become the scaffolding over which technical success can be built — both of which connect with the argument presented in Trust & Partnership.
In a nutshell, we have built a case where evidence shows that successful (i.e., high-maturity/high-value) IT organizations prosper with a strong culture, high cause-and-effect consensus, and a “what people need” environment, that in turn is better enabled by soft management skills — mainly the ability to engender trust. However, current IT management best practices seem oblivious to this side of IT management success. We must start paving the way on this subject.
Types of Trust
There are several types of trust that IT departments, and especially CIOs, must build. They must sustain and manage trust with the same care and dedication as they do with other technical aspects of their work, such as computing power, bandwidth, information security, and storage capabilities of data centers.
Trust is often given spontaneously when two people start a relationship, but after that starting point, the growth or loss of trust depends completely on people’s actions and their successful or failed interactions. Consequently, developing a high degree of trust over the long term is a process that can’t be left to chance or fortune. For our purposes, trust can be broken down into five categories:
- Technical trust. This is the organization’s trust in the technical capabilities of the IT team, and it depends on explicit technical issues such as the ones encompassed by the term “operational excellence.”2 In a technologically sophisticated organization, technical trust can be lost by simple things such as the intermittence of basic IT services (e.g., email or Internet access).
- Trust among technicians. The IT world is complex. Frequently, there’s more than one way to achieve the same result. In an environment that changes daily, trust among technicians about peer capabilities is fundamental. This trust depends on teams not being uneven in terms of capabilities and technical knowledge. Technical teams easily enter into conflict when there’s no professional respect among peers and when roles are unclear.
- Business trust. This type of trust exists between top management and technical executives and relates to a consensus about what the organization wants to do and trusting that technical executives have the capability to provide the effective leadership that leads to the delivery of established organizational objectives. We might call this “C-suite trust” — an area where many CIOs currently face vital challenges.
- Organizational trust. This type of trust is established between the business areas and technical areas and allows those who are members of the business areas to involve the technical teams in new business initiatives. Nowadays, it’s the point where we find the most resistance toward involving technical areas in new value-generating initiatives. In the last couple of years, it’s become common practice for business areas to override or outmaneuver the internal IT organization, in search of external and trustworthy technological partners. This trend has been exacerbated thanks to the availability of ready-to-wear cloud computing solutions and outsourcing offerings. It is the primary source of trust erosion between the IT department and the business-facing units.
- Market trust. This is the trust that exists between the technical solutions offered by an organization and its clients. In a bank, for example, it’s the experience that the use of the bank’s technology produces on the clients. This trust depends on the capacity of the technicians to understand clients’ needs and to build solutions that improve clients’ interactions with the organization. This type of trust generates revenue for companies, such as Amazon, which have a very developed market trust fueled by technology, and is a source of a constant risk of loss for those enterprises that don’t have it.
Despite IT areas having a mainly technical function, to attain success — as shown in the MMVM project — it must be acknowledged that success is highly dependent on nontechnical competences such as building and managing trust. So far, the technical body of knowledge and IT management methodologies have not been developed to foster this competence, but this obstacle can be overcome. Continuing to study and discuss these topics in mainstream organizational management allows us to think about practical solutions within our reach.
What to Do?
There’s no silver bullet that can solve all CIO and IT department trust issues. Current challenges indicate that now is a good time for CIOs to open their horizons to new management disciplines, grow their soft leadership capabilities, and start working on the transformation of their workgroups and themselves to focus on the five types of trust that the organization needs from IT — so it can extract value from technology implementation and innovation practices.
A straightforward example of the type of analysis that can be implemented in the present day is a feasibility analysis of implementing an IT management methodology such as ITIL or COBIT in a multinational organization based on trust levels within each country. The average trust scenario in different countries is shown in Figure 3 (based on the 2010-2014 “World Values Survey”).
Figure 3 shows the positive response that people from a representative sample from each country gave to the statement, “Most people can be trusted.” This query serves as an indicator of the social capital of each country. Hypothetically, for a multinational organization in which the above-mentioned project would be the simultaneous implementation of a process model in Norway, the US, and Mexico — and in which said project requires a high level of consensus among participants — the data about trust levels within each country tells us that it’s highly likely that the implementation of the same process model will yield different results in each nation.
It’s very likely that in Norway any discussions about process flows are easy because 67.4% of Norwegians think that they can trust people, whereas in Mexico discussions are probably very difficult and complex, resulting in a greater number of requests to incorporate control and verification points into the processes, given the lower social capital and the higher mistrust that’s registered on average in this country (only 12.4% of Mexicans believe that you can trust other people). Likewise, consider that a method developed successfully in Australia — a country with relatively high levels of social trust (51.8%) — that attempts to be used in a context of low trust, such as Peru (8.5%), will likely face challenges unforeseen by the person who designed said method in Australia. These two scenarios are just modest examples of what this kind of approach can achieve, even though this perspective is not currently practiced because it is far removed from the professional training and comfort zone of IT personnel. Yet, we still ask on a daily basis for the Norwegian project manager to successfully implement the German model in Bolivia, without giving him better tools to achieve these goals.
It’s not difficult to see that it’s better to know the trust context of an organization before starting any change initiative, mainly because the contextual needs that a project demands (e.g., a high level of trust) compared to the real cultural traits of the organization (e.g., an existing low level of trust among collaborators) is the best way to identify implementation challenges. That knowledge then allows for creative solutions that can move initial unwanted conditions toward desired ones.
Finally, if all the information provided in this Update is not enough for you to expand the methodological horizons of IT professionals into the soft management unknown and to focus on trust-building as a core aspect of IT management, consider that traditional IT management mixed with soft management skills can generate the following:
- A reduction in implementation costs
- Increased possibility of project success
- Better value delivery to clients and organization members
- A drop in CIO rotation rate
Over the past few years, the professional prestige of IT departments has declined while the use of IT keeps growing. Soon, practically all smartphones and smart TVs worldwide will connect to the Internet, and while billions of these devices and the systems that power them will go online and increase the demand for IT, my professional practice and the data from the MMVM project indicate that the influence of CIOs and IT teams is decreasing, while the frustration of organizations and clients with the IT organization is increasing. The high failure rate of IT projects persists, while obsolete systems and cybersecurity risks are on the rise. That’s why it’s indispensable to start moving IT management in a different direction — the professional and deliberate management of trust, along with continuous growth in the soft management capabilities of IT professionals that have become the new core competences of the technical professional.
1 The “soft skills” term was generally used to describe the components of the Emotional Intelligence Quotient proposed in 1995 by Daniel Goleman in his book Emotional Intelligence and has since been used by various authors to describe nontechnical abilities that relate to social and emotional skills.
2 Operational excellence in an IT environment is the accomplishment of high availability and performance levels for systems and infrastructure where risks are known and controlled. This in turn results in high levels of service for the users, which leads to sustained and predictable performance levels of all available resources.