buying rIghT

strategies for enterprise IT purchases

Monday, September 25, 2006

IT purchase is no longer as simple as buying PCs, notebooks, and servers. The IT infrastructure itself has become far more complex with lots of elements. Today, besides the cost of equipment, you also pay annual tariffs to a service provider, license renewal fees to software vendors, charges to get standards certification, and much more. In fact, every new IT purchase is a project in itself. You won't just buy security software, but you'll buy a solution to control various aspects of security like identity management, information security, and so on. You wouldn't just buy servers, but you'll probably look for a way to reduce your existing server fleet by going for server consolidation. Likewise, you'll follow a similar pattern for choosing a business application, a VoIP solution, etc. Therefore, IT purchase isn't about buying just equipment. It's about buying a solution to serve the business, not a product or service that serves a particular purpose. So it's only obvious that your IT purchase process must also evolve beyond product buying. You need a robust IT-purchase strategy that factors in all these points and a well-defined process to back it up. For doing this story, we surveyed 17 CIOs from across the country to understand their buying habits. A majority of them had annual IT spends ranging from Rs 1 to 50 Crores. In fact, more than 80% of these respondents said their annual IT spends had gone up over the past two years.

By and large, most of these respondents were quite satisfied with their procurement process, but about 36% of them found their purchase process as average or below average. They cited their lengthy approval process and the confusion over too many purchase options as the reason for the same. They had to go through a series of processes to convince top management for making an IT purchase. Even after that, the process was further delayed due to vendor delivery schedules. We'll discuss vendor management later in this story.

Top management
One good trend we noticed was that by and large, most CIOs said that their management was very open and receptive to new and innovative IT project ideas. Even more interestingly, they didn't find it very difficult to get budget approvals for new IT-related projects. This is contrary to the situation that prevailed two years ago when we did a similar survey to find out what CIOs' concerns were with the top management. At that time, explaining the technology was far more insignificant than doing the cost, TCO and ROI justification. This time, explaining technology and its benefits has become the top concern and ROI justification has become secondary. As many as 60% of our respondents stated this as their key challenge. Possibly, this is because so many new technologies have come up, thus, making it difficult to choose the right one.

So overall, the situation seems to have dramatically improved when it comes to getting the top-management support for fresh IT purchase, provided you can explain the technology and its benefits. Not only that, but the typical time period for new IT projects to get approved was also 3–6 months for more than 65% of our respondents. Another 20% got their approvals in less than a month, and yet another 20% took more than 6–9 months. However, there were some whose new project approvals happened within a month.

Who decides what to buy?
As IT helps an organization in its growth, all IT purchases can't be the responsibility of the IT head or the CIO alone. For instance, if you're planning to procure a CRM solution, it must involve key people in the departments it's going to affect. They need to be involved in the IT purchase decision making process. Around 30% of our respondents had an executive committee comprising of the IT Head, various LoB managers, as well as the top management. This committee decided on all key IT purchases. In the rest, the IT head took all IT purchase decisions. And there was one case where the IT Head only evaluated and gave in the recommendations, while the approval was given by the CFO and the CEO.

Compliance to various standards is increasingly becoming crucial in most organizations as far as the IT infrastructure is concerned. In most advanced
countries, a person is designated to ensure compliance. In India, however, this responsibility still lies with the IT Head/CIO, and there were even respondents (24%) who didn't have a process at all to review all IT procurements for compliance to standards. The remaining either had a Compliance Officer, or the responsibility remained with the company's CEO.

View Point
	You mention that less than 10% of your annual IT budget goes to upgrade, support, and maintenance. The national average is about 30%. How do you manage to keep these costs down? We have created the demand for the system required for that usage. Currently, we're using centralized storage and distributed applications deployment to automate back-office controls and provide speedy business service. Further, we recently came out with a plan to connect many of our locations using this model. Once this plan gets stabilized for monitoring and maintenance, our maintenance costs will go down even further. One of the biggest challenges CIOs say they face is in managing expectations vis-à-vis vendor delivery. How do you minimize this gap? As a process, we interact with those vendors who are sound in support and services at our rural locations. This lets us be very specific with the vendor in terms of executing every assignment as per our requirement. Our alliances with best of breed technology partners ensure proactive on-demand support to meet our growth in rural environmental challenge. It also helps in continuous development of our systems infrastructure and delivery channels so as to achieve superior standards of system service.
Suresh Shanmugam National Head – Information Systems & Technology, Mahindra & Mahindra Financial Services

Today IT managers and CIOs have also become quite careful in their IT investments. More than 70% of our respondents bought new technology only if there was a real requirement for it, irrespective of whether it was new or not. The good thing here is that at least they're not shying away from new technologies. 

The remaining respondents either didn't have a pre-defined policy for it or waited for a technology to first become pervasive. So which IT procurement software should you use? The answer to this was quite surprising. 60% of the respondents didn't even use any software, while the remaining 40% had an in-house solution. This area needs improvement.

Where to spend?
We also asked our respondents about their organization's IT investment plans for the near future. The overall trend looks very positive. On an average, out of the 16 IT areas we presented in our survey, we found that each respondent had plans to invest in 7 of them.

DR topped the charts with over 75% of the responses going in its favor. Investments in information security followed this, with 65% responses. Please note that we're talking about responses and not respondents in this, as each respondent had plans to invest in multiple areas. Workflow automation was the third area of interest for the respondents, having close to 60% responses. Network security and server consolidation followed this with an equal percentage of responses at 47%. The surprises were CRM, SOA and mobility. These are all hot buzzwords today, but their responses remained below 35%. CRM was the lowest at 18%.

Structured cabling and power conditioning were also low in priority, but we presume that all respondents would already have these set up to a certain extent. Those with plans to invest in these areas would probably be looking for an infrastructure upgrade.

Implementation of VoIP and investments in IT management standards like ITIL, along with ERP, business intelligence, and identity management
received nearly equal priority of around 40% responses each. Once again, chances are that most of these organizations would already have an ERP in place, and the rest are still emerging areas. VoIP for instance, has started gaining momentum only recently, though the technology has been around for many years.

Handling vendors
Vendors might be offering lots of good technologies and organizations may have IT budgets to afford them. But, unless there's a correct mapping of technology to the organization's needs, all IT budgets are a waste. It's the vendor's job to be able to understand this requirement correctly and then deliver the right solution.

Unfortunately, there's a huge gap here. What's expected by the CIO is not necessarily what's finally delivered, despite all promises made by the vendor. This was our key finding as far as vendors were concerned. Around 60% of the CIOs we surveyed felt that there was a huge gap between what vendors promised and what was finally delivered to them.

Another whopping 45% felt that vendors don't really understand the actual requirements, and another 30% felt that vendors don't even come prepared when they come to make a sales pitch. Not only that, but they also try to confuse you with lots of fancy jargon, which is often unnecessary.

Vendor delivery schedules continue to remain a problem in the minds of most CIOs. More than 80% of the CIOs we surveyed raised this as a concern area. Most of them were resolving this issue by treating their vendors like partners and putting down penalty clauses in their SLAs. There were some who also used other measures like holding back payments and threatening to go to competition to ensure that their vendors
delivered on time.

Advice on SLAs
Nobody can deny the importance of having a service level agreement or SLA with a vendor. There were a range of concerns raised by our respondents over the issues they faced with this area. One key challenge is to make the SLA quantifiable and trackable. In other words, all conditions in the SLA should not only be measurable, but you should also be able to track their progress. Otherwise, despite having SLAs, you would not be able to do anything about it if a vendor were to dishonor them. SLAs are generally long term agreements, so it's very important to spend sufficient time going through them carefully. Many vendors would have their own, ready made SLAs, in which case it's important to go through them carefully. Don't just go with the default agreements. Go through it and fine-tune it to fit your requirements. You may face resistance from the vendor, but it's something you're paying for, so don't take it lightly at all. Make sure that the exit criteria for the SLA are clearly defined so that at any point of time if there's a breach, it can easily be pointed out to the vendor.

Competition watch
One of the reasons for using IT is to gain a competitive edge, and your competition is also doing the same. Chances are that your competitors would closely monitor your IT usage patterns. We enquired about the same to find that around 50% of our respondents found it important to monitor competition for the technologies they're using. Another 35% didn't find it to be an issue, and the rest didn't have an answer for this. More important than watching competition is doing something about it. More than 50% of our respondents said that the moment they find out that their competition is using a particular technology, they contact multiple vendors and inquire about it in detail. Another 13% tried to make a strong case in front of their management to deploy the same or a better technology. Even more interesting was the fact that 33% of them gave their own ideas, rather than choosing the options we'd put forth in our question. For instance, instead of contacting vendors, some asked vendors to present case studies on competing companies. Others took it up with their LoB managers. There was yet another set of respondents who only went by values, and another league that adopted a completely different technology from the competition.

Upgrades, support & maintenance 
As much as 53% respondents said that 10–30% of their annual IT spend went into upgrades, support and maintenance. Interestingly, around 27% said they spent less than 10%, which is quite commendable. Our last question was where the maximum costs were being incurred. Here, hardware AMCs was the most costly affair, followed by software license costs. Next came WAN Links and Internet bandwidth tariffs. We found that network security management was at both the fourth and fifth rank. The last on the list was storage and DR site management.

View Point
	What according to you are some of the key elements that every IT procurement process must have? 1. Scalability: As CXOs, it's important to provision for growth so as not to repeatedly ask Management/BOD for new approvals. 2. Open Source: To ensure minimal licensing/piracy headaches, so that employees are free from restrictions and distractions. 3. Procure vs Outsource: Question the very need to procure. Thanks to pressures from BPOs and ITES over past 4-5 years, one can outsource all non-core efforts.
Ashok Sharma  CTO, Crane Software

Page(s)   1