If the best-laid plans oft go astray, can we expect any better of plans that try to predict a company\u2019s growth, competitive landscape, work processes and technology requirements three to five years from now? Those are the ambitious goals of IT strategic plans?plans that are frequently threatened with obsolescence by technology changes and economic upheaval before the ink even dries.Many CIOs apparently have responded to those forces of chaos by throwing in the towel on strategic planning: A 2002 Cutter Consortium survey found that 39 percent of respondents had no formal IT strategy at all. But in fact, chaotic times make it more necessary than ever for the CIO to routinely take a strategic view. "Everything\u2019s been stable and good here, but we realized that we\u2019d been putting off a lot of major [IT] decisions. You have to avoid major [problems] by looking ahead," says Malcolm Fields, CIO of Hon Industries, a $1.8 billion office furniture and hearth products manufacturer in Muscatine, Iowa. Fields, Hon\u2019s first CIO, is in the midst of writing his company\u2019s first-ever IT strategic plan. Prior to his appointment, he says, "we just never had anyone far enough out of the trees to see the forest."It\u2019s the looking ahead part that makes planning strategic. All IT strategic-planning primers start with the same instruction: Imagine the desired future state of the company. With that vision, CIOs can then analyze the present state, compare the two to identify gaps, and start to draw a road map for closing those gaps and getting the company to the goal. Project prioritization, risk analysis, and an analysis of the likelihood of changes in the industry and technology are also well-established basics in the strategic-planning process. However, that simple-sounding recipe masks some of the complexities and finer points of the strategic-planning process. What follows is a list of five common errors in the IT strategic-planning process, and tips from CIOs on evading those land mines and creating a plan that works. Don\u2019t Start with the Business Plan (Do Start Before the Business Plan)The first direction typically parceled out for writing an IT strategic plan is to start with the business plan. Here\u2019s a bit of heresy: "Start with the business plan" is misleading advice for two reasons.First, he who waits for the business plan to hit his desk is starting too late. In fact, that CIO may never get started at all?in the aforementioned study by Arlington, Mass.-based Cutter Consortium, almost a third of the respondents had no formally articulated business plan at all. But even at organizations that do formal business-strategy planning, the CIO needs to participate in the creation of that plan rather than waiting for it. CIOs play a crucial role in counseling executive leaders about new business possibilities opened by technology?a classic example being the new business channel opened by the emergence of the Web. If the CIO doesn\u2019t fill the function of advanced technology scout, the competitors\u2019 CIO will, giving the competition a huge advantage. (For more on the CIO\u2019s role as technology scout, see "How to Succeed in Strategic Planning," at www.cio.com\/printlinks.)"Historically, strategic planning for the CIO has meant discerning the business\u2019s strategy and then trying to achieve it. Today I think [the CIO\u2019s role] cannot be reactive," says Darrell Rigby, a director at consultancy Bain & Co. in Boston. "The CIO has the capability to see where the basis for competition will be." That is not to say that CIOs should write their IT strategy independently and then attempt to force the business strategy to match it. Rather, the point is that both the business plan and the IT plan should be written collaboratively by the entire executive team, including the CIO.The second problem with the "start with the business plan" mantra is that even formal business plans are often incomplete for IT purposes. Business strategies are typically written at a very high level. They frequently talk about markets, sales and distribution channels, and growth targets?but rarely address how the company gets its work done. Business processes?that\u2019s a place where IT can drive vital change and add enormous value. That is precisely Fields\u2019 focus in writing Hon Industries\u2019 three-year strategic plan. Hon comprises seven operating companies. Fields wants to know how each of Hon\u2019s business units intends to conduct business. To understand that future state, Fields says, "we work with the operating company presidents and their direct reports. Take a business process like make-to-ship?how are we going to handle production and distribution in three to five years?" That discussion yields ideas and goals that aren\u2019t spelled out in the corporate strategic business plan. (Fields says he uses a formal methodology called Value Stream mapping for capturing current and intended future process definitions.) From there, Fields follows the typical steps of gap analysis and risk analysis. "From all this we derive a plan that says we have to move off of this system or modify that one," he says. In Hon Industries\u2019 case, the IT strategic plan will come in the form of a set of small booklets, one for each of the company\u2019s business units.Don\u2019t Just Listen Up(Do Listen Down as Well)Ignoring the executive board\u2019s wishes in the IT strategic-planning process clearly would be career suicide. CIOs report a variety of methods for making sure those wishes are reflected both in their plans and in the execution. At Nationwide Mutual Insurance in Columbus, Ohio, for example, CIO George McKinnon says every single IT project is sponsored by a senior vice president and business sponsor (and with $30 billion in revenue, Nationwide has "several hundred" IT projects going at one time). While the senior vice presidents don\u2019t micromanage these projects, they are aware of the budget requirements and reasons for each, which keeps the company\u2019s top leadership involved in the IT group\u2019s strategic planning.However, Arnie Rind, CIO of staffing company Adecco\u2019s North American operations (based in Melville, N.Y.), has an important reminder about gathering other input: Don\u2019t forget the little people.That\u2019s not only because they have good ideas?which they frequently do. "I often say that we in corporate say we know what\u2019s going on with the business, but the people in the field really know," says Rind. Line of business employees can offer honest feedback on what\u2019s working, what\u2019s failing and what\u2019s missing, and all that information can feed back to make stronger prioritization decisions in the strategic-planning process. Rind\u2019s plan is to conduct several internal focus groups as he rewrites Adecco NA\u2019s first IT strategic plan. And he plans to do it on a budget. "You can piggyback this?we\u2019ve got a sales meeting coming up, let\u2019s get them advance questionnaires to get their wish lists and carve out some time at the meeting to talk about this," Rind says. An example of end user input that\u2019s already on Rind\u2019s radar: The "associates" (temps) whom Adecco places in work assignments used to get assignments by phone and checks by mail. "Now they need more than that?they need to get on the Net, see their next assignment, see their year-to-date [income] information, when the last check was mailed," says Rind.Just as important as the actual feedback, though, is the message that inclusion sends throughout the company. Business employees get one of two messages from IT: either that IT listens or that it doesn\u2019t. Soliciting input from workers in various functions, and then using it in the planning process, communicates the former, Rind says. "The people running operations, payroll, whatever?we want to include these groups. We\u2019re not going to paint this picture strictly within IT," says Rind.Rind joined Adecco in July 2001. Adecco NA\u2019s Switzerland-based parent (Adecco SA) was formed by the 1996 merger of Adia and Ecco, and Rind says the company\u2019s IT resources until then were consumed almost entirely by the process of knitting the two together and getting proprietary front-office software (called Custom Match) rolled out to 800 offices. "I\u2019d like to take the credit for that, but they had already finished when I got here," he laughs. "So for the new year, I said I would like to put together a strategy plan other than just getting these two companies merged." Don\u2019t Sweat the Details(The Specifics of Execution Do Belong in Another Document)IT strategic plans need to be written with an appropriate level of detail. The right level of detail fulfills two requirements. One is that it should allow enough wiggle room so that the IT group will be able to change implementation details without rewriting the strategic plan. The second is that the plan will be comprehensible to non-IS executives. At Nationwide, the IT strategic plan, or "blueprint," is limited by decree to 100 pages. ("It used to be 50 pages, but then the technical guys went double-sided on me," says CIO McKinnon.) That means there isn\u2019t room to describe the entire data warehousing architecture in detail?and that\u2019s intentional, McKinnon says. Each subsection of the overall plan is broken out into subdocuments that get into the nitty-gritty. These subdocuments are not part of the official strategic plan. "If you get too detailed in a particular area, you\u2019re not going to be able to use the [strategic plan] document" to communicate to the rest of the organization, says McKinnon. Jeff Balagna, senior vice president and CIO at medical device maker Medtronic?a $5.5 billion global company based in Minneapolis?follows a similar approach. "The strategic plan is a high-level document. It has the business imperatives, the problems we\u2019re trying to solve." That plan goes into a "summit" meeting of business unit IT leaders, who break the plan into projects with owners, teams and deadlines.Another common approach is to divide the strategic plan into two sections. One describes applications or solutions for particular business units or functions. The other section pertains to infrastructure requirements, software upgrades and architectural detail. That further shortens and simplifies the reading for business-line folks, who can focus on the solutions section and gloss over the architecture if they so choose.Don\u2019t Let It Collect Dust(Do Make Sure the Plan Gets Executed)The worst strategic plan, of course, is one that sits in an unopened binder on the CIO\u2019s bookshelf.Nationwide has a formal communication process for rolling out its three-year plan. All IT employees are required to read the plan, which is posted on an intranet, and are further required to satisfactorily complete a 10-question quiz about its contents. Many business-side employees read the document in its entirety too, and some go so far as to complete the quiz (although McKinnon notes, "We aren\u2019t quite sure what to do with their scores.")At Nationwide, all IT projects are tied back to the strategic plan, and all projects of more than $250,000 are continually evaluated as they move forward to ensure that they are hitting their designated milestones. That is where the senior vice president executive sponsorship kicks in. Top leaders receive a monthly "stoplight" report with each project assessed as red, yellow or green depending on its progress. The color assigned to each project is the result of independent evaluation by three groups: the business-side group that requested the project, the finance group and the IT function\u2019s project management office. And those progress reports are discussed at a monthly meeting?which lasts only a half hour. "We only talk about the concerns?so if you\u2019re talking, it\u2019s not necessarily a pleasant thing," says McKinnon. With this follow-through, Nationwide makes sure its strategic plan is being turned into action. But Don\u2019t Bronze the Plan Either(Do Create Flexibility Through Scenario Planning and Frequent Review)Plans are necessary, but plans change. Medtronic is in acquisition mode?absorbing as many as 11 companies in four years?and CIO Balagna\u2019s strategic plan covers only one year (tied to the budgeting cycle). Even at that short span, he says, "I tell my people, don\u2019t bronze the plan. Five-year plans? Oh, that my crystal ball would work so well."Bain\u2019s Rigby says that contingency planning and scenario planning are two underappreciated and necessary steps in writing an IT strategy. "Contingency plans, both short term and longer term, have to be worked out in advance with the business heads. You have to say, \u2019Here\u2019s how I would rank-order our expenses, so if the CEO says we have to cut by 30 percent, these are the ones I would drop?what do you think?\u2019" says Rigby. He says the process helps cement business alignment and support, or at least that the CIO can "tease out weaknesses in your budget beforehand" instead of being blindsided in a downturn. "If you don\u2019t prioritize investments, someone else will do it for you," he says.Scenario planning is equally important and seems to be a bit of a lost art after a decade of continuous economic growth, according to Rigby. Scenario planning simply means creating plans for reacting to specific possible future events outside the company. Hon Industries does scenario planning for what it calls "game-changing events," but these possible events are the sort of detail companies are unwilling to discuss, for competitive reasons. However, Rigby notes two common events that nearly every company should plan on. One is competitive mergers and alliances: What happens if you\u2019re the industry\u2019s number one, and number two merges with number three? Rigby notes that the first company in this scenario will want to pay particular attention to its CRM plans; the merger of the smaller competitors frequently gives them the ability to combine their separate customer views and "triangulate" to determine which customers are most profitable, for example. Rigby\u2019s other common scenario planning need is for possible supply chain disruption in the post-9\/11 world. At Medtronic, Balagna relies less on scenario planning and more on his organizational model to create an ability to respond quickly to changes of fortune such as mergers or industry upheaval. Balagna\u2019s organizational model includes a global technology council, made up of the IT leaders from each of Medtronic\u2019s business units around the world. The council meets roughly every two months to review the appropriateness of the company\u2019s ongoing strategy, make adjustments if necessary and also make sure current projects are being executed as planned. Balagna can also call emergency meetings if necessary. Balagna says that plans can\u2019t be changed instantaneously, "but we can reprioritize very quickly with this model," he says. The global makeup of the group also helps keep changes in the right perspective. It\u2019s hard to foresee every contingency in an unstable world. But by avoiding these common mistakes, building a well-balanced plan and using it to guide the IT group\u2019s execution, CIOs will be ready to take on whatever disruptions the future brings.