You Say To-may-to and I Say To-mah-to

Arnott's CIO Sue Sutton saw clearly from the very beginning of the Internet frenzy that the hype and the predictions about the so-called dotcom revolution were mostly "just crap". While it was obvious the Internet would play a valuable role as a new and extremely useful channel, Sutton knew without a shadow of doubt - as if the future had already been written in stone - that the Internet would never be a business model in its own right. A less technically savvy CIO might have been more easily misled, she says - indeed very many clearly were - but the 29 years she had spent in IT since she started as a programmer had equipped her well to assess the technology's true potential.

While debate continues and the sands keep shifting on whether organisations are better served by CIOs who come from the business and fully understand its priorities or ones who have gained the most thorough-possible grounding in technology, Sutton has no doubt those who came from within IT have a couple of major advantages. A better bullshit detector is just the start of it, she says.

On the other side of the debate, Qantas CIO Fiona Balfour, who pits her 25 years in IT against Sutton's 29, but who comes very much from a business background and has no technical qualifications to speak of, knows just how many advantages CIOs with a business background have to bring to the table. With the changing role of the CIO and corporate governance of IT assets more critical to the business, Balfour says business background and business acumen are now essential to fulfilling the CIO role, with technology nous far less so.

Clearly, the ideal CIO would be as familiar with the business and business fundamentals as he or she is with every area of technology. But CIOs have to start somewhere, and most will have to pick up gaps in their skills and knowledge on the job. So CIO set out to find out what advice some really well-rounded CIOs who originally came from a business background have to offer those from more technical streams, and vice versa.

Coming from the technical stream, but with high levels of business knowledge, are Sutton, RACV CIO Charles Burgess, WorkCover Queensland GM IT Lynn Kincade, and BankWest GM IT and CIO Joe Deragon.

From the business stream we have Defence Department CIO Patrick Hannan, CSR CIO Ole Elsaesser and Balfour, all of whom have had time to learn an awful lot about technology.

Page Break

Mixing It Up

Just as every coin has two sides, this is a multidimensional argument and the skills mix that is right for one organisation may be entirely wrong for another.

While recruiters have been focused recently on the desirability of CIOs having strong business nous, and while you would get no real argument from her on this stance, Sutton counters that this may underestimate the value of a CIO who knows technology inside out. For one thing, CIOs with a solid understanding of technology are far less vulnerable to marketing spin that those who are more technically naive, Sutton argues. For another, they are certain to find it easier to understand what technology should be able to do for their business.

Balfour has a very different take on the argument. As the role of the CIO has fundamentally changed over the past decade, and with much stronger governance processes in place across all major organisations, the governance of IT assets has become critically important to the business, she says. An organisation needs a CIO whose spending decisions are driven by business outcomes, not purely technical decisions. A CIO with a business background is much more likely to secure this aim, Balfour argues.

Not that either Sutton or Balfour has stayed within the narrow confines of their backgrounds. Sutton started her career as a programmer before moving into business roles in the decade starting from the mid-1980s, and then was appointed to her first CIO role in 1996. And while Sutton celebrates her technical savvy, she actually believes there is generally more the technically-based CIOs can learn from business-based ones than the other way around.

She would find no argument with Balfour there. Balfour, who started her career on the business analysis side about 25 years ago and built up a reputation for her portfolio management skills and strategic planning ability in the late 1980s, embraces her business training and believes her lack of technical qualifications has never been a barrier. After all, she argues, anyone who has worked for an organisation like Qantas for more than 10 years inevitably becomes far more competent technically.

Nevertheless, things can be tough at the start for those dropped into the CIO role from the business. Over at Defence, Patrick Hannan knows a lot about how hard it can be to convincingly talk technology to technicians when you come from a predominantly business background. When he took up the role of Head Defence Information Systems in early 1999, Hannan had 20 years of public service experience behind him but was technically naive. That made him vulnerable to disinformation he says. Indeed in his early days it was very obvious that on occasions some of those he dealt with were trying to confuse him.

"One of the issues very early on was I realised I had to learn the technical language, even if I didn't understand it. There is a real issue about how, if you're coming from that business background, you only actually get the credibility of some of the people you have to deal with by early understanding the language and adopting their language," he says. To help fill his knowledge gap Hannan started keeping a little book of acronyms, a practice he recommends to all technically naive CIOs. He says throwing an acronym or two into the conversation when you are trying to establish your credibility helps put those who would confuse or deceive you on notice. "After all, this stuff isn't really complex, in fact it's not complex, it's just a different language," he says.

At CSR, if IT staff were initially sceptical of Ole Elsaesser's credentials because he did not have grounding in technology, they were afraid to tell him so, he says. In his opening comments to the group he stressed his strong business acumen, making clear the IT area had no inherent right to provide IT services to the business. Instead, it had to earn that right through proving it could provide a cost-effective, high-quality IT service and by being focused on really providing value to the business. He says in that way the team's focus was immediately shifted towards value and away from technology per se, to the benefit of the organisation as a whole and to his own credibility.

Page Break

"I think often a more technical CIO might focus a bit more on the technology rather than on what's going to add value to the group. Anything that we propose to do is subject to a fairly rigorous cost benefit analysis. It has to have a generally positive return and has to be aligned with business strategies that they themselves will realise a positive return from," he says.

CIOs who come at IT from this angle do not necessarily need to try to become experts in IT, he says - he certainly didn't because he knew he couldn't. They do need to learn enough about IT to be able to understand issues, analyse them and discuss them intelligently. Non-technical CIOs also need to know when people reporting to them are making sense, and to have the confidence to question those people when they are not making sense. CIOs, he says, can make up for the lack of technical knowledge if they are constantly prepared to go back to basic principles, and to ask a few simple questions like: Why are we doing this? What's it going to do for us? What's it going to do for our cost structure? And can we recover it?

To help provide discipline, Elsaesser introduced early on a very transparent cost and billing mechanism, where individual businesses down to location level are provided with a detailed invoice itemising all services they get and the standard charge for those services. He says it is far more important that the businesses understand just what they're getting for the money they spend than that he as CIO thoroughly understand IT.

Like Hannan and Elsaesser, Qantas' Balfour knows what it is like to come into IT from a business background - she has an Arts Degree, a postgraduate qualification in Archival Management and an MBA in Finance and had to learn her IT skills on the job over the past 10 years. She suggests new CIOs who have not had that opportunity should appoint a very strong deputy who can provide a CTO-type perspective. "Indeed many organisations that can't find a CIO with a breadth of skills are appointing a very senior person who can focus on that issue," she says. There are pluses and minuses to such an approach, but if a CIO does not have a "crap detector" the best way to fill that gap might be through a trusted team.

But there is a counter argument. RACV CIO Charles Burgess sees danger in having a CTO on board unless you can clearly define who is accountable for systems versus technology, and who gets the final say in the case of conflict. The business must have ultimate ownership of their systems. "Who's accountable for the whole thing? And if I'm the CEO, do I want to talk to two guys about technology? I think in my experience that that's not a satisfactory way to do it," he says. So in organisations where there are dual roles Burgess argues it is probably best to place the CIO role in the business and CTO in technology. From what he has seen, he would not keep the two together.

Don't try to bluff in areas where you are technically ignorant, he says. It is unlikely to wash. "You've definitely got to acknowledge the business skills you lack and that you build them or get them from somewhere else. You have to find a trusted adviser," Burgess says. "You need to find a company to work with that you trust or an individual you can bring into your business who has those skills." He says many businesses are too small to sustain such a person permanently on staff and it presents a real challenge. Those companies need to outsource such work to an organisation they can work comfortably with and that can understand them at a business level.

In some organisations, depending on their size, Balfour believes consultants can fill the gap. But she warns it can be very tempting for some organisations to become overly dependent on consultants. Qantas uses consultants a lot as independent sounding boards, such as health checks on projects, and for testing the water on certain issues where the airline does not have a particular skill set.

"Consultants definitely have a very important role to play, and a positive and constructive one, but I do worry for companies - but more their shareholders - that become entirely dependent upon third-party organisations for advice and support," she says. "It's not a long-term healthy outcome for an organisation, and it's not a good use of shareholders' money."

The hardest problem for a business person stepping into an IT role is that there are daggers in the closet, and unless you have played that game, you do not know what those daggers are, WorkCover Queensland general manager IT Lynn Kincade says. If you do not know technology, it can be ridiculously easy to pull the wool over your eyes unless you have the gut feeling that comes with long technology experience. (Kincade highlights the myriad problems of a project that is too business-oriented in "The Frog Prince - A Cautionary Tale,) "The other thing is you don't have the respect of the technical guys. They're going to look at you and say: ?'Yeah, right, he's a business chap, he wouldn't have a clue how life is in the real world of IT.' So one really needs a couple or three really, really good technical people that have the respect of their people, but yet are upfront and honest about the truth of the deal," she says.

Page Break

Taking Care of Business

On the other side of the equation, Burgess says many CIOs who have come into the role from IT are used to a very controlled environment where change is managed and processes are clear and well defined. Such CIOs often find "huge gaps" in their knowledge when they are trying to address dynamic busi-ness requirements and goals. Their skills in budgeting, forecasting and business management are also typically much weaker than those of the fellow GMs whom they meet at executive meetings.

1 2 Page 1
Page 1 of 2
Security vs. innovation: IT's trickiest balancing act