Decentralizing the Sloth -- Organize Technology and IT to Increase Tempo
Decentralize Your Way to Digital Greatness
The Digital Leader Newsletter — Strategies and Techniques for Change Agents, Strategists, and Innovators
Most large mistakes in organizational design come from putting the individual ambitions of the people at the top of the organization ahead of the communication paths for the people at the bottom of the organization. — Ben Horowitz, co-founder of Andreessen Horowitz
Raise your hand if your ambitions to launch or improve key technology-related features and digital capabilities are typically significantly slowed down or scaled back because you have to go through the enterprise IT annual prioritization process (or similar rationalization process). I’ve been impacted by this multiple times. Regrettably, I’ve also been in roles where I’ve been the one putting the brakes on.
Being a CIO is an impossible job. On one hand, your job is to create predictable and secure capabilities, applications, and environments for today’s business. On the other hand, the demands to change, experiment, ship products faster and faster are growing louder and louder. You can’t win.
Are we getting faster and more productive as an enterprise in responding to market needs, innovation, and digital capabilities, or are we actually just living with the technology operating model that got us here? Is the IT sloth being tamed and given new gears, or just maintaining the same speed?
IT Organization and Operating Model Considerations
How should IT be organized in your company? There is no one correct or simple answer, but defaulting to “centralization” will not meet the needs of most organizations today or for tomorrow.
The command-and-control mindset, which includes the common belief that “my CIO is going to manage my technology operations and deliver digital transformation” is yesterday’s management model and mindset. As your products and services become more digital, a balanced understanding of what functions and decisions should be owned by the CIO (aka centralized IT) versus what should be built at the edges of the business with distributed teams and technology capabilities needs to be reconsidered.
Since organizations first implemented computers over sixty years ago, we’ve been assuming the need for a separate organizational unit dedicated to the management of digital technology.But in challenge to that assumption, MIT CISR research suggests that most current organizing models to leverage technology are in fact holding companies back from achieving their digital ambitions. — Joe Peppard, MIT Center for Information Systems Research
There are a few “first principles” to help figure this out in your organization.
The first principle is accountability. If line-of-business (LOB) owners have a significant technology-fueled business and innovation agenda, we should want to empower them with more control and influence in the technology function. In addition, technology teams that are closer to the business results tend to collaborate better and be more accountable to the business and business results.
The second principle is about agility. How do we increase customer-centricity and the ability to quickly iterate and make progress? Teams that are closer to the business and closer to the customer are typically more agile and have better insights into solving real business and customer needs.
The third principle is security. How do we organize and architect to best assess security risks, architect and operate to minimize the risks, and prepare to recover when cyber security issues happen? A holistic and expert view tends to be best both because of the expertise needed, being independent is helpful, and it is a system dynamic-related situation — not a set of isolated topics.
WHAT REMAINS CENTRAL
Before we shotgun the IT department to the furthest reaches of your organization, let’s touch on aspects of IT that likely remain centralized: systems, standards, and security.
First, certain systems and technology teams—especially those with high legal and investor obligations, operating infrastructure for all technology teams (like cloud infrastructure), and “order-to-cash” systems—should often remain centralized. One could argue that these systems could be decentralized to the finance and controllership organization, but they are often best left in central IT.
Typical applications and capabilities to consider centralizing in your IT organization include financial systems; systems owned by key support organizations such as finance, HR, and legal; systems with highly sensitive customer data (personally identifiable information, or PII); key infrastructure such as the data center, cloud, database, and messaging systems; employee and vendor enablement; integrated deployment environments; office productivity applications and desktop and/or device support; and perimeter and cyber threat detection technology. The operations central IT might continue to provide include operations to all the systems above, a program management office for large programs, and key vendor management operations including cloud infrastructure.
Second, it’s important to point out that the shift to decentralized technology capability does not mean that everybody does things in different ways. In fact, standards become even more important in a decentralized model. If we can create standards and principles under which every team deploys and operates, this will greatly enhance the speed, interoperability, reusability, and quality our teams produce. As a result, the shift to decentralized IT means that the mission of central IT will grow in its ability to lead by influence through standards.
What types of standards are needed? Standards for system design; metrics and SLAs, APIs, and interoperability; technical documentation; tool and programming language; security; program management including risk and program governance; quality, testing and release management; and support and operations, availability, and performance.
Not only does central IT need to define these standards, but they also need to evangelize these standards to their customers (the other technology teams); review and sign off on both designs and implementations using these standards (they are an enforcement organization), and keep a scorecard of adoption (what’s in compliance and what is not in compliance). Holding others accountable through a “trust but verify” approach is vital. All functions and leaders need to invite IT to partner and drive these standards.
The third element is cyber security. There are three primary reasons to keep security as a centralized function. The first is expertise — it is difficult to maintain focus and expertise in a decentralized manner. The second is independence — critical thinking and uncompromised evaluation and recommendations best happen from a function not reporting to the LOBs. The third is understanding the systems dynamics nature of security. These are not isolated risks or recommendations but are tied together. A big part of the security function goes back to standards and incorporates “secure by design” approaches (instead of “secure by inspection”). These practices need to be defined and managed by the central function and then incorporated in the agile teams throughout the lifecycle of digital products and services.
All three of these centralized functions require significant partnership and influence with the teams which might get embedded in the business. Even with the teams and functions in the central IT function can increase the tempo by creating small teams with long-term ownership of specific services and functions — more of a “product management” mindset versus a “project” mindset.
TO THE EDGE
If our “first principles” push us to create (1) an organization with more accountability for customer and business outcomes, and (2)agility and the ability to sense and react to market needs faster, we need to speed up the sloth.
Amazon at its core is two platforms - the physical logistics platform and the ecommerce platform. Sitting on top of those, there is radical decentralization: Amazon is hundreds of small, decentralized, atomized teams sitting on top of standardised common internal systems. — Benedict Evans
I often hear people say “Amazon’s information technology team must be huge.” On the contrary, Amazon’s centralized IT team is actually quite small, but the technology capability is pervasive, huge, and with scarce skill sets where more is always needed. So if the technical skills are not in a centralized IT team, what should be decentralized?
Technology that is part of products or core services can be distributed to these product and business teams. Marketing, sales, and supply chain systems are great candidates to be integrated into their respective business organizations and treated like platforms for the organization. These organizations need to have greater ownership over integrating technology and data into their processes and capabilities. As more and more of our products and core functions require digital capability, over time this distributed function becomes larger and larger.
“When companies feel they have a problem with IT, the route they typically follow is to restructure IT, replace the CIO with someone with new ideas, maybe appoint digital tsars, or perhaps even look to a third party to run IT for them. But that’s a bit like rearranging the deck chairs on the Titanic. The challenge is not to design a more digitally-savvy IT unit; the question is how to organize the entire firm for success with technology. That’s fundamentally different.” — Joe Peppard1
Even if technology teams and systems still report into a centralized IT organization, many of the same outcomes can be achieved if these teams operate as if they are part of the functional teams by colocating them with the business and breaking down physical and communication barriers. Every function needs to become better at incorporating technology to serve customers better, to enable new business capabilities, and to adjust to the market and your vision. Find ways to break down the barriers between the business owners and the technology skills those business owners need to serve customers, grow their business, and innovate faster.
Your Homework — Continued Reading
To get more perspectives on this important topic here is recommended reading:
The MIT Center for Information Systems Research outlines the assumptions and rationale for a new type of IT operating model called the pervasive model. “The Pervasive model maintains that the “IT unit” is not a separate distinct organizational unit, but rather that it is embodied in a set of intra- and inter-organizational networks of connections providing access to distributed knowledge.” Read “The Metamorphosis of the IT Unit” article HERE
Benedict Evans in his article “The Amazon Machine — Amazon is a machine to make a machine, and the machine it makes is more Amazon”. Read it HERE
Finally, “organization” is not the only lever to evaluate in creating effective technology capabilities. How we architect and leverage cloud capabilities are important too. Read last week’s “Architecture as a Strategy” newsletter
About The Digital Leader Newsletter
This is a newsletter for change agents, strategists, and innovators. The Digital Leader Newsletter is a weekly coaching session with a focus on customer-centricity, innovation, and strategy. We deliver practical theory, examples, tools, and techniques to help you build better strategies, better plans, better solutions — but most of all to think and communicate better. You’ll be able to follow up with questions and advice.
Please share with others! Thanks
https://mitsloan.mit.edu/ideas-made-to-matter/overdue-a-new-organizing-model-it