The real costs of owning the IT landscape

IT realy hit hard, this time

This might be a good analogy: CTO is a landscape artist. There is this rather lovey named discipline called: Landscape architecture. Thus CTO might be seen as an artist of his organization’s IT landscape. Among other duties, forever pruning and grafting and taking out the IT weed. And that garden grows (weed including), 24 x 7, 365 days per year.

Manage the IT costs, before they manage you

This post might contain some pieces of information that might come handy to more than a few CxO ‘s right now. Especially if the said CxO “share” given the responsibility to “own” the IT landscape in some medium or large organization. Approx 200  seats onward, complexity depending.

In the context of that situation, and perhaps because of this post, I might be called a bit of a pessimist. The one calling himself a realist.

 

 When IT Really hits hard

Therefore, I am talking to you the CTO or CIO. Basically IT is absolutely necessary and IT is not cheap.  My first little advice?

Be sure you know what you own.

Where is the end of your IT kingdom? Now beware. it is not practically possible, these days, not to own “something” tangible that is not IT-related and is the business asset. Everything with a plug is IT “asset” if you ask the board. So yes, you “own” it all. Problems including.

I hope I am making myself clear here.

If in doubt about “someting” on the technological landscape of your organization, consider you own it.

What about these modern, virtual business icons you read about?  Even if your own clever IT management model has provided for completely virtual medium-sized business (aka SMB1 ), that actually works, which is (let’s be honest) unlikely, someone has to own the licensees, take care of IT Services, SLA’s and procedures in place, implement and plan the compliance (which costs money), and so on and on. Yup, you own that too.

The table below is not about the SMB side of the industry. It is about enterprises with underlying big expensive IT. IT is as big as it can get in the context of  “everything IT” that one large corporation will have in place. A typical corporation that (as any other global corporation today) uses a combination of in-house developed and external IT solutions.

Combination of legacy and new. Combination of (usually) older on-premises IT, and brand new, private or hybrid cloud IT.

That is the landscape you own.

Through the life cycle of every modern corporation a lot of these new/old combinations, called “solutions”, have been left around as results of many past socio-techno-political compromises.  Therefore, now you might be inheriting the whole minefield of them.

Expensive “mission-critical solutions” combining old and new. Coexisting in precarious IT balance, that has to be “pruned and grafted” and “watered regularly” just like some orchard which must never stop yielding the IT fruit.  Because, as soon as you ask, “everything” depends on it.

To clarify the economic context  I have developed a little table. Columns are stages in the lifetime of the IT solution. Rows are IT context.  This same table can be applied to a single project or to a whole of the IT landscape you are responsible for.

And each cell in this table means real money. Capital (CAPEX) + Operational Expenditure (OPEX) that activity in each of the cells will inevitably generate in reality.

As an example: “Testing/Infrastructure” cell means new infrastructure has been procured (CAPEX) and now the team made and deployed for that purpose, is going to formally test it (OPEX).

As we said already columns in this table do represent procedural steps of (organization) IT services. From Development to “Recovery Position”. Which is a separate data center where a redundant copy of the primary data center is gathering dust and waiting for the primary to go out of service for whichever reason.

Yes, there are some clever solutions which can avoid this recovery position “dust-gathering”. Dreaded by your CFO. But. Very often the company board has not made up their collective mind yet when and how to implement that fundamental change. So 3 little: “tick, tick, tick”-s. All the three cells in that “Recovery Position” column are added to the costs.

Development Testing UAT Operational
Integrity
Live
Position
Recovery
Position
Applications  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX
Platform  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX
Infrastructure  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX  CAPEX+OPEX

The above table is rather useful. It is at the same time IT landscape structure and the structure of the IT cost possible. Projects are scattered on that table.

Not every cell in the table will be significant for each project, for each and every particular IT-related project activity. Neither every project will have IT requirements that will cover all these columns and rows. But whenever and wherever any of these cells come into existence for a project, be prepared to spot it early, see it clearly and to act preemptively.

Do not just take the global “board room” view on your IT costs. Each of these cells can “explode from zero”, if not managed on time. You probably are not the luckiest CTO/CIO that ever was, thus you “own” the divine right to oversee the full set of 18 of these cells. On the company level. I have just formalized it for you so you can juggle with all the 18 balls in the air.

For the key terminology, you might feel well educated but nevertheless I have prepared that too. For a basic explanation of key terminology please follow the links below.

  • C = CAPEX
  • O = OPEX
  • R = REVEX
    • money that a company spends on activities that are directly related to making sales in a particular period.
    • This might be called “marketing” but every marketing campaign does require some IT resources, these days.

[nextpage title=”Costs across the projects”]

The unwanted news (like the above is not enough) is that this is not all. There is also a myriad of additional Operational Expenditure (OPEX) that are arising from the company-wide requirements imposed by external forces. Your organization must be also handling:

The regulators

Namely

  1. Compliance
  2. Risk
  3. Security

In case you are not aware there is even a new “kid on the block”:  Data Protection Officer, aka DPO.  Sometimes known as Chief Compliance Officer. Whose job is to “help” to firmly keep the organization in the sweet spot intersection of the three above. Choose her/him wisely.

Calculate these three into every project costs and be sure that everyone understands,  what theirs “call for action” is going to cost related to Compliance, Risk and Security.

The Legacy Issue

You have inherited an IT legacy. Legacy is a weed of the IT landscape.

Slight detour. In every medium to a large company, every CTO and/or CIO life is one endless waltz with suppliers. Suppliers of energy, goods, people, and software.  And they all know it, and they are waiting for CTO/CIO to get tired. They are circling and forever waiting for the right moment to insert the latest and greatest “solution” with hidden costs inside.

And they are always close to you (the CxO) so that they know your weak points. They call them very nicely: “pain points”. There is a constant stream of ideas and solutions on how to relieve you of your “pain points”. And the stream of offers.

How to take care of IT legacy, for you. Which is very often in the form of some legacy (read: ancient) IT that you can not just simply “switch off”. On one side you (the CTO/CIO) have company board demanding ever more cost-cutting, because (let’s be honest)  “IT is an overhead”.

And yes they will hardly ever let you even plan a replacement. Replacement of some back end IT  from mid-20-th Century. Unless you come with some “rabbit out of the IT hat”, which if you are clever enough can be some Cloud Computing solution. That is until “board security concerns” stop you, mid-air.

But it is not as bleak as that. There are “legacy system failures” waiting to happen and to be happy about. You know they will happen and you are prepared. You have done the “blame delegation” and now The Board realizes at last, “something has to be done” and all eyes are on you (the CTO/CIO hero). It is your moment to charge.  Hordes of VAR’s are already circling around. They have already smelled the prey: THE BIG ORDER. Who are they exactly?

The VAR’s

Ah. Good old Value Added Resellers aka VAR’s.  Everyone thinks she/he knows how to handle them. You “just” have to be clever enough to choose the lean and hungry VAR’s which will do that 1% less in costs and offer that 1% more in services. And who will also stay in the business long enough. How long? For example, longer than your retiring date would be good enough.

Back to the big order. Even more than big orders, VAR’s do like long contracts.

Some VAR’s will do anything to assure long contracts.

But. Change inside the company IT landscape, to make it more modern and cheaper, inevitably means few legacy contracts will have to end. I knew quite a  few good VAR’s to support me when I need the support most. But on the other side, I have seen situations where VAR’s have been allowed to play internal games in some organizations. That was the extent of the pressure they have bee prepared for when they realized they might lose decades-old legacy contracts in place. Never sleep with both eyes closed when VAR’s are around. Never rest.

[nextpage title=”Where Will it all End?”]

Or rather: When. The fact is that markets today are tough. Especially regulators are becoming much tougher than any competitor ever will be. True, competition has to deal with the same regulators.

To survive this “new reality” the key move that needs to happen is paradigm shift in the board room

Each and every board has to realize that market regulators are driving the IT costs ever higher. Unless they are not properly responded to. No in an ad-hoc manner, after the public security breach. But in a planned manner, with inevitable investment into IT landscape modernization.

And this is where the opportunity lies. Implementing measures required by regulators is an opportunity to modernize the IT and make it much more controllable, predictable and in turn feasible.

IT realy hit hard, this time
IT really hit hard, this time

1SMB is Small to Medium Business. Preferred by me to the term “SME” which is overloaded with “Subject Matter Expert”.