Doing it right
Benchmarking and best practice: the words might not immediately pique one’s interest, but scratch beneath the dry surface and this is possibly one of the most important topics around. After all, we have all witnessed the recent damage to the BP brand, after the disaster at Deepwater Horizon in the Gulf of Mexico. While the jury is still out on who is to blame and to what extent, most agree that BP did not observe best practice.
Suddenly, best practice becomes a matter of life and death, not simply a question of efficiency: 11 employees lost their lives on the oil rig, a further 17 were injured, and the long-term environmental and economic impacts will be catastrophic.
I am not suggesting that IT departments are responsible for people’s lives; however, information is an extremely powerful thing and, in the wrong hands, can do great damage. After all, a company’s database and intellectual property give it its competitive edge; and it is all stored in ones and zeroes. Sometimes this data is extremely sensitive and, as companies consider cloud computing and other new technologies more seriously, new best practices must be formulated and acceptable benchmarks established. So, what are the topics that are of most concern to CIOs at present, and what needs to be done to improve best practices? Over the past year IT Brief has profiled a number of well-known and respected CIOs, and here we return to their comments as a sampling of industry opinion.
Before looking at the details of the IT industry, however, it’s important to consider how New Zealand measures up internationally – a question that was put to the CIOs in their profiles. Overwhelmingly the opinion was that New Zealand is on a par with the rest of the world or even, as Mike Harte of Otago University said, "ahead of the game” in many IT-related areas.
With DIY in our genes, New Zealand IT departments push the boundaries or employ existing technology innovatively. For BNZ’s Peter Yarrington, recently arrived from Australia at the time of interview, the recession has slowed the speed of global innovation, giving New Zealand IT departments the perfect opportunity to innovate locally and derive value from their existing technologies. Saatchi & Saatchi’s Peter Mangin, our regular columnist who was profiled almost a year ago, said: "In many regards New Zealand is ahead of the rest of the world... I have seen some amazing things done locally with aggressive budgets and many in very tight timeframes.”
This innovation and general level of ability is reflected in results released by the IISEIE (The International Institute for Software Economic, Innovation and Entrepreneurship) which puts New Zealand in the ‘maturing’ category of software innovation; (for more information, turn to p28).
So, lil’ ol’ New Zealand is faring pretty well on the world stage, with many a story of Kiwi successes grabbing the headlines, from Weta Workshop to Xero and beyond. Yet still, one of the major challenges for IT departments remains that of overcoming the perception of IT as a cost centre and demonstrating how it can deliver real business value in alignment with the goals of the company.
Adherence to best practices, which increases efficacy of a system, process or project, will help to demonstrate this and to change the minds of the executive team and the wider company.
Despite the differences in the departments they oversee, CIOs seem to be dealing with the same concerns and challenges. Cloud computing, web 2.0, collaboration, social networking and mobility are the areas where best practice and benchmarking next need to be brought to bear. As the workforce becomes more mobile and office equipment resides both in and out of the office, questions of security, data leakage, availability and access arise. Procedures for governing the use of mobile devices, from data sticks to phones and laptops, must be adopted. A fail-safe authentication process for access to critical and sensitive data must be instituted and policies on acceptable use devised. But this has to be done in a way that does not compromise the speed and flexibility of your IT solutions.
Fletcher Building’s Paul Knight said: "Our managers expect to be able to communicate, through a variety of mediums, easily and faultlessly.”
Similarly the Auckland DHB’s Johan Vendrig said that with clinicians working across multiple organisations, they need to access clinical systems from wherever they are. "For this reason, identity management, single authentication and interconnectivity across multiple DHBs and other health organisations are key issues to be solved.”
As mobile devices leave the office, the lines between work and play become blurred. Web 2.0 and social networking technologies begin to infiltrate the workplace, and it’s no longer an acceptable or indeed helpful solution to simply block users’ access. Indeed, they are increasingly being used as a business tool.
In his original profile, Saatchi & Saatchi’s Mangin said the emergence and prevalence of social networking was a "cause for concern” because it could be abused, leading to time-wasting and the leaking of confidential information. He added however, that it had "huge” potential, and in a more recent column he urged organisations to take another look at how you can use social networking applications in a more constructive way (Walking the walk, IT Brief, March 2010, p9).
In fact, the New Zealand Defence Force is actively using social networking in its recruitment drives, which just goes to show the extent of its power. "The vast majority of the Defence Force is recruited from the bottom up and social media allows us to appeal and relate to the youth of today, otherwise we would cut ourselves off from the next generation of recruits,” said Peter Thomas. Even the healthcare industry is beginning to investigate how clinical teams and their patients can use web 2.0 technologies to collaborate on their care plan.
Collaboration throws up more red flags for the security-conscious due to concerns about access, privacy and data leakage. As virtual teams become more common, document sharing, videoconferencing and telepresence are all areas that need to have best practice applied to them. Companies still need to retain a record of meetings in the form of minutes or stored recordings, and just because a document was created and shared through an instant messaging application during a webconference, does not mean that it should not be retained by law.
As information and communication technologies continue to converge, there is real potential to revolutionise how businesses collaborate, both internally and externally. Some kind of best practice standards are required to ensure these technologies are meeting their potential; for example, Fletcher Building’s Knight predominantly uses a combination of policies and good governance practices to ensure appropriate use of such technologies.
With collaboration comes the cloud. It is clearly the way of the future, but once again it raises a number of issues, from security to access, availability, data sovereignty and data integrity.
Beca’s Robin Johansen put it nicely: "Cloud computing is here and is not about to go away. My attention is drawn to the issues of data security, avoiding the creation of data silos and business continuity/disaster recovery for a larger enterprise. The big question is how to embrace this change without, on the one hand, endangering the business while, on the other hand, remaining agile enough so that cloud-based feral computing doesn’t arise out of frustration that IT can’t move quickly enough to meet the needs and aspirations of the business.”
Technology never stops changing and improving. The recent launch of the Apple iPad has CIOs predicting a new wave of innovation regarding computer interfaces and, with each change, best practices must change too. And they must also be adhered to. There is little point in having a standardised and efficacious way of doing things if it is ignored or forgotten.
New Zealand is the perfect test-bed for new ideas and technologies and can be a world leader – just look at the ICT developments pioneered by The Lord of the Rings franchise – but surely we also want to be leaders in the field of best practice, known for doing something innovative and groundbreaking, and for doing it right.