WHO NEEDS A CIO?
• What do you do anyway ?
–Connect the dots between Business and
–Processes for IT best practice
–Capacity and Capability
–Identify opportunities and threats from
–Bridge between Executives and IT
• What am I missing ?
–SAAS, PAAS and the new world order
• How Raffa Can Assist You
Can your business
Do you know what
your IT team is
doing ? or can do ?
Are you compliant
with the law ? With
best practice ?
How can you
What’s the right
Who can assess
Is there a different
way to do this ?
Who Needs a CIO? Page 2
3. MIS MANAGER VS CIO
When is a CIO the
May not need a CIO
all the time, but role is
•During major change
•When IT is no longer
meeting the enterprise
•New Initiatives / New
Who needs a CIO Page 3
CIO Manager / Supervisor
Primary focus is Business opportunities and drivers Primary focus is maintenance / IT Operations
External and Enterprise focus – How IT is
Business area inward focused on IT
Proactive, Opportunity seeking to improve Responsive to demands, reactive
Strategy and execution focused – What to perform Process and Procedure focused – How to perform
Critical during times of change or in larger
Works in a smaller or stable environment
Generates and drives strategic plans Requires Strategic leadership from outside, may
generate tactical plans
4. ITS NOT AS SIMPLE AS IT SEEMS
SOMETIMES YOU NEED EXPERT KNOWLEDGE
Does your business
have a web address
or business email ?
Your web address
Backup and Disaster
Do you have legal
What does the group
do all day
Hosted services are
Who Needs a CIO page 4
Do you own the web
No its Rented – the ‘DNS’ record links that
name with specific “Addresses”
Is your data secure? Do you have it
Are copies off site (fire) ? Have you ever
tried to restore data ?
How long could you be down without
Do you know your
PII, HIPPA,PCIDSS – who has access and how
Not just digital data. Voicemail, paper records.
Birthday including year ? Address and phone ?
Do you know what
they are doing ?
Do you know what
they can do ?
Never want to say
‘No’. Set up to fail
Keeping the lights on (Housekeeping)
Growth (Volume / Size, Projects, Features)
Capacity and Capability
What are you
getting for your
Software is not
really a good asset
Maintenance and housekeeping
Low added value
5. WHAT’S YOUR TECH INVENTORY ?
End user computers
Data (and software)
All the connected
How important is
technology to your
Will it stay the
What are your
• Hardware ?
• Software ?
• End of Life ?
• End of Use ?
Who Needs a CIO Page 5
water ~ 5 year
Keys to the
6. WHAT’S YOUR SKILLS INVENTORY ?
How many people / what
• Helpdesk : Internal or External
• Supporting Functions:
Supervision, Project Management,
What resources do
I have ?
What are their
What do I need ?
Is there a gap ?
valuable to my
Where are my
biggest risks ?
Who Needs a CIO ? Page 6
•Can be a commodity
•Out of hours support ?
•Key System architects
•Hard to replace
•‘On demand’ ?
•Should not have ‘1’
7. CAPACITY AND CAPABILITY
•How does my Inventory translate into Capability
• What you HAVE today is a constraint – created by past decisions
• Resources are focused around status quo and stability (reliability,
repeatability, Routine, Maintenance)
–Not the best environment for change – but do you need to change ?
–If the Inventory doesn’t match the Enterprise you can change the
What you have
and what you
need may not be
IT tends to over
and capability to
Result is delivery
people are harder
to change than
Page 7Who needs a CIO?
8. WHAT DOES A CIO (OR IT) DO ANYWAY ?
–What Processes you have in place
• WHAT does IT do, HOW is it done
–Are you getting what you need ?
– Are you really getting good value ?
• Main Elements: People, Services, Software,
• What Information you are processing and
–Compliance – HIPPA, PCIDSS, PII
–Accuracy / Quality and standards
–Completeness / Controls
Technology uses its
own (arcane and full
In a smaller
enterprise the CIO
role is not a full time
changing the role
The world is
changing and your
enterprise needs to
keep up. It’s a
Tech is everywhere.
There are complex
rules that can hurt
Page 8Who needs a CIO?
• Looks at what you HAVE / ARE DOING / CAN DO with technology in your
Enterprise, Compared to what you SHOULD HAVE / SHOULD be doing – and
acts to close the gaps.
9. WHAT CAN YOU DO FOR ME ?
Where does IT fit in the enterprise
What does IT contribute
Where can best value be achieved
Where are the key opportunities for improvement
Help manage IT better
• Key Performance Indicators
Yes, but how can I
do these things ?
We have no
and / or I still don’t
get these answers
Change is not
hard to achieve
delivering value (In
IT or indeed
Who Needs a CIO Page 9
Help in bridging the cultural and language barrier
Simple tools to manage Technology resources and projects
10. SIMPLE TOOLS AND PROCESSES
Cyclical tool to
Over time see
or bi weekly
Can have meeting
notes on reverse
or second page
Presentation Title / Page 10
Broad Focus Areas
■ What’s Important in the function at the
■ Where are we spending time money
■ What’s New this cycle
■ What did we achieve in the last cycle
■ What did we find out
Targets for this cycle / week
■ What are we going to get done
■ Who is doing it
■ What’s the status of ongoing efforts
Open items / Roadblocks
■ Open Decisions
■ Things I am waiting for others (who)
■ Carried forward open issues
THE 4-BLOCK REPORT : DATE / PRESENTED BY
11. SIMPLE TOOLS AND PROCESSES
ROUTINE KPI’S / METRICS
Who needs a CIO Page 11
MONTHLY IT METRICS DATE / PRESENTED BY
Budget Operating budget with narrative. Performance to
Plan / Last year
Reliability Uptime %, failure rates, downtime stats. Trended
over time (Network Phones, Backups, Servers)
Helpdesk Tickets handled, average time to close,
Outstanding unresolved by importance (critical)
Capacity Utilization: Storage, Compute, Network
Inventory Bought, Broken, Repaired, Retired, Lost/Stolen
(phones and aircards if owned as well)
Staff Gaps, new, exits, promo’s, Training, Skills
Services SAAS provider performance by provider
Planned and Deployed changes. Outcome
12. SIMPLE TOOLS AND PROCESSES
CAPITAL / PROJECT REPORTING
is about how well
change is being
Do you know
what projects IT
are executing on
What are your
How are you gate
Who needs a CIO Page 12
USUALLY MONTHLY EXCEL 1 LINE PER PROJECT.
Name Name and code for project (if coded)
Description Business name / meaningful to all
Purpose Why do this project (type, benefit, priority, risk)
Budget Project Lifetime (original) budget to actual.
Performance to plan. Estimate to complete,
Changes to scope – Approved, waiting, declined
Dates Approved, planned start, Planned end, Projected
Status Green (on plan / target), Yellow (at Risk), Red (off
target –Time, Budget, scope, outcome)
13. SIMPLE TOOLS AND PROCESSES
reporting is about
execution of a
But can change
on activity level
Who needs a CIO Page 13
CYCLES WITH ACTIVITY. USUALLY 1 SHEET
Name Name, description, objectives
Team Who, roles, responsibilities
Budget Budget details, vendors
scope / dates
Changes to scope – Approved, waiting,
Milestones Key dates within project
Status Green (on plan / target), Yellow (at Risk), Red
(off target –Time, Budget, scope, outcome)
Current activity Good / Bad, delivered / Missed, Roadblocks /
Issues, Next Planned Activity, Projected
outcomes, Milestone reporting
All sheets = ‘Book of Knowledge’ a standard PMO tool
14. SIMPLE TOOLS AND PROCESSES
COMPLEX PROJECT REPORTING
Where a project
is high risk, or a
large project, with
Copies from MS
Use Excel data
Bars for complete
Who needs a CIO Page 14
PROJECT STEERING / STAKEHOLDER MEETINGS
Project Component being reported
E.g. Cleaned up Vendor Master file, Chart of
accounts sign off
Dates Planned start, Due, projected
Completion Percentage Complete
Actions Responsibilities and actions due / performed
15. SIMPLE TOOLS AND PROCESSES
IT STRATEGY / DELIVERABLES
Annual or longer
view of multiple
Present IT and
projects to a
Who needs a CIO Page 15
Time scale /
New Location opens
Office 2013 deployment
IP Video Deployment
Intranet / SharePoint
Simple depiction of major initiatives that can be easily
shared and digested.
High level summary – Low level details can be built as
16. THE WORLD TURNS – NEW TERMS
–A different way of providing services and managing technology
–Enabled by “virtualization”
–Compute capability can be separated from computer hardware
–Less hardware, more efficient. Shared data and resources.
–Programs designed to be delivered via the internet (E.g. Turbotax online)
SOFTWARE AS A SERVICE (SAAS)
–Rental agreement rather than purchase
–Usually priced on usage over time or volume
PLATFORM AS A SERVICE (PAAS)
–The ability to buy or rent computing capacity, rather than acquire or build it.
–Someone else is responsible for ‘Plumbing’
–A (new) technology to handle analysis of very high data volumes very fast
–As near as possible to real time results (Amazon, Google suggestions)
–Marketing term for a specific product / business problem
New ways of
New Language to
16Who needs a CIO Page
17. WHAT IS THE ‘CLOUD’
The ‘Cloud’ a Simple definition
–Computers / Programs (What computers do for us) are managed and
provided as a ‘Service’ rather than components. This service is
generally made accessible to users via internet connections
• Big, Expensive, Did one thing, Inflexible, Local
–Client / Server
• Smaller unit cost, Networked, Distributed, Generally focus on 1 function
–Virtualization - Separation of ‘Logical’ and ‘Physical’
• Shared Hardware, Dynamic load and capacity.
–Inside your network= “Private cloud”
–Provided externally = “Public Cloud”
•What is the computer (Mainframe, Server etc)
• Less important than
• What it can do
• How it is Accessed
Ill defined term’
Multiple uses with
Most significant is
‘Public Cloud’ and
All computers as
17Who needs a CIO Page
18. WHAT DOES IT MEAN FOR IT
• Mainstream technology
• Efficient (cost, support, reliability, resilience)
–Outsource/Cloud is often better than on premise
• All inclusive models (24/7, Risk Mitigation)
• Remove single point failures / dependencies
• Security is as good or better than in house
• Scalable at short notice
• Changes what IT does
Is IT Infrastructure good ‘Value’ for you ?
Is it a Core Competence ?
What’s your Risk ?
What should your energy be directed towards ?
Should we be
virtualized or in the
Absolutely to both –
Self host generally if
very high data
many his resolution
images for example)
or high level of
18Who needs a CIO Page
19. WHAT DOES IT MEAN FOR IT
Are we BIG enough
to have enough
skills to support
Using SAAS we
can avoid having to
hire skill set
Should IT functions
be a primary
competence of our
Can also consider
19Who needs a CIO Page
Product SAAS Status Impact Results
Email Common High Reliability, resilience, Frees resource for
Payroll Common High Compliance, Security, Risk
SharePoint Rare (but growing) High Resilience, Accessibility
Website Common High Security, Reliability, Capacity
ERP / Accounting Becoming common High Reliability, Accessibility, Key skills
Helpdesk (system) Common Med Reliability, Accessibility - Stays up even if
you are down !
Telephony Becoming common Med Depends on installed base and
HR Systems Common High Security
CRM systems Common Med Reliability, accessibility
POS Common is small orgs High Risk, compliance. Can be more efficient
in house but higher risk
Growing High In house skill is expensive. Key man
dependencies. Critical infrastructure
20. CLOSING VIEWPOINT
Things change – Entropy vs Development
•We make decisions with what information we can gather and digest
•As new choices (and mandates) become available
• Need to re-evaluate options
• Context of past decisions and current status
• Some ‘trigger points’ – Obsolescence, Contracts, Strategy, Staff turnover,
•Not all new options are right – Change vs Stability
• Lots of marketing hype. Don’t get sold on shiny toys
• Biggest benefits are not always cost
• Will it help achieve the goals of the enterprise - how
How do you stay informed ?
•People like us. Field experts, Benchmarks, Peer review, Sector
experience, Passion in our fields.
Where am I
compared to best
Where am I
compared to my
For my type and
size of enterprise
What keeps me
awake at night
Am I happy with
what IT is doing
for me now
Who Needs a CIO Page 20
21. EVERYDAY ISSUES / GLOBAL BEST
Stop keeping credit card numbers (everywhere):
• End to end encryption for POS
• Tokenization for Web
Don’t host your web site from your office
• Resource and access sharing is a bad idea. They will conflict.
Only collect personal data you NEED and keep it safe. Have a clean up
• Most executives who lose sensitive data lose their jobs. Minimize the
data and take care of it.
Check your backups work and are safe
• Perform test restores, Keep offsite copies (secure). Understand how
you would recover from a failure.
SAAS and Cloud / Hosting is not a silver bullet
• New flexible solutions – New issues. Wont solve every problem but
are a game changer
thoughts to take
Who Needs a CIO Page 21
22. THANK YOU!
Who needs a CIO? Page 25