buying rIghT

IT purchase is no longer as simple as buying PCs, notebooks, and servers. The
IT infrastructure itself has become far more complex with lots of elements.
Today, besides the cost of equipment, you also pay annual tariffs to a service
provider, license renewal fees to software vendors, charges to get standards
certification, and much more. In fact, every new IT purchase is a project in
itself. You won't just buy security software, but you'll buy a solution to
control various aspects of security like identity management, information
security, and so on. You wouldn't just buy servers, but you'll probably look
for a way to reduce your existing server fleet by going for server
consolidation. Likewise, you'll follow a similar pattern for choosing a
business application, a VoIP solution, etc. Therefore, IT purchase isn't about
buying just equipment. It's about buying a solution to serve the business, not
a product or service that serves a particular purpose. So it's only obvious
that your IT purchase process must also evolve beyond product buying. You need a
robust IT-purchase strategy that factors in all these points and a well-defined
process to back it up. For doing this story, we surveyed 17 CIOs from across the
country to understand their buying habits. A majority of them had annual IT
spends ranging from Rs 1 to 50 Crores. In fact, more than 80% of these
respondents said their annual IT spends had gone up over the past two years.

By and large, most of these respondents were quite satisfied with their
procurement process, but about 36% of them found their purchase process as
average or below average. They cited their lengthy approval process and the
confusion over too many purchase options as the reason for the same. They had to
go through a series of processes to convince top management for making an IT
purchase. Even after that, the process was further delayed due to vendor
delivery schedules. We'll discuss vendor management later in this story.

Top management

One good trend we noticed was that by and large, most CIOs said that their
management was very open and receptive to new and innovative IT project ideas.
Even more interestingly, they didn't find it very difficult to get budget
approvals for new IT-related projects. This is contrary to the situation that
prevailed two years ago when we did a similar survey to find out what CIOs'
concerns were with the top management. At that time, explaining the technology
was far more insignificant than doing the cost, TCO and ROI justification. This
time, explaining technology and its benefits has become the top concern and ROI
justification has become secondary. As many as 60% of our respondents stated
this as their key challenge. Possibly, this is because so many new technologies
have come up, thus, making it difficult to choose the right one.

So overall, the situation seems to have dramatically improved when it comes
to getting the top-management support for fresh IT purchase, provided you can
explain the technology and its benefits. Not only that, but the typical time
period for new IT projects to get approved was also 3—6 months for more than
65% of our respondents. Another 20% got their approvals in less than a month,
and yet another 20% took more than 6—9 months. However, there were some whose
new project approvals happened within a month.

Who decides what to buy?

As IT helps an organization in its growth, all IT purchases can't be the
responsibility of the IT head or the CIO alone. For instance, if you're
planning to procure a CRM solution, it must involve key people in the
departments it's going to affect. They need to be involved in the IT purchase
decision making process. Around 30% of our respondents had an executive
committee comprising of the IT Head, various LoB managers, as well as the top
management. This committee decided on all key IT purchases. In the rest, the IT
head took all IT purchase decisions. And there was one case where the IT Head
only evaluated and gave in the recommendations, while the approval was given by
the CFO and the CEO.

Compliance to various standards is increasingly becoming crucial in most
organizations as far as the IT infrastructure is concerned. In most advanced

countries, a person is designated to ensure compliance. In India, however, this
responsibility still lies with the IT Head/CIO, and there were even respondents
(24%) who didn't have a process at all to review all IT procurements for
compliance to standards. The remaining either had a Compliance Officer, or the
responsibility remained with the company's CEO.

View Point
	You mention that less than 10% of your annual IT budget goes to upgrade, support, and maintenance. The national average is about 30%. How do you manage to keep these costs down? We have created the demand for the system required for that usage. Currently, we're using centralized storage and distributed applications deployment to automate back-office controls and provide speedy business service. Further, we recently came out with a plan to connect many of our locations using this model. Once this plan gets stabilized for monitoring and maintenance, our maintenance costs will go down even further. One of the biggest challenges CIOs say they face is in managing expectations vis-à-vis vendor delivery. How do you minimize this gap? As a process, we interact with those vendors who are sound in support and services at our rural locations. This lets us be very specific with the vendor in terms of executing every assignment as per our requirement. Our alliances with best of breed technology partners ensure proactive on-demand support to meet our growth in rural environmental challenge. It also helps in continuous development of our systems infrastructure and delivery channels so as to achieve superior standards of system service.
Suresh Shanmugam National Head — Information Systems & Technology, Mahindra & Mahindra Financial Services

Today IT managers and CIOs have also become quite careful in their IT
investments. More than 70% of our respondents bought new technology only if
there was a real requirement for it, irrespective of whether it was new or not.
The good thing here is that at least they're not shying away from new
technologies. 

The remaining respondents either didn't have a pre-defined policy for it or
waited for a technology to first become pervasive. So which IT procurement
software should you use? The answer to this was quite surprising. 60% of the
respondents didn't even use any software, while the remaining 40% had an
in-house solution. This area needs improvement.

Where to spend?

We also asked our respondents about their organization's IT investment plans
for the near future. The overall trend looks very positive. On an average, out
of the 16 IT areas we presented in our survey, we found that each respondent had
plans to invest in 7 of them.

DR topped the charts with over 75% of the responses going in its favor.
Investments in information security followed this, with 65% responses. Please
note that we're talking about responses and not respondents in this, as each
respondent had plans to invest in multiple areas. Workflow automation was the
third area of interest for the respondents, having close to 60% responses.
Network security and server consolidation followed this with an equal percentage
of responses at 47%. The surprises were CRM, SOA and mobility. These are all hot
buzzwords today, but their responses remained below 35%. CRM was the lowest at
18%.

Structured cabling and power conditioning were also low in priority, but we
presume that all respondents would already have these set up to a certain
extent. Those with plans to invest in these areas would probably be looking for
an infrastructure upgrade.

Implementation of VoIP and investments in IT management standards like ITIL,
along with ERP, business intelligence, and identity management

received nearly equal priority of around 40% responses each. Once again, chances
are that most of these organizations would already have an ERP in place, and the
rest are still emerging areas. VoIP for instance, has started gaining momentum
only recently, though the technology has been around for many years.

Handling vendors

Vendors might be offering lots of good technologies and organizations may have
IT budgets to afford them. But, unless there's a correct mapping of technology
to the organization's needs, all IT budgets are a waste. It's the vendor's
job to be able to understand this requirement correctly and then deliver the
right solution.

Unfortunately, there's a huge gap here. What's expected by the CIO is not
necessarily what's finally delivered, despite all promises made by the vendor.
This was our key finding as far as vendors were concerned. Around 60% of the
CIOs we surveyed felt that there was a huge gap between what vendors promised
and what was finally delivered to them.

Another whopping 45% felt that vendors don't really understand the actual
requirements, and another 30% felt that vendors don't even come prepared when
they come to make a sales pitch. Not only that, but they also try to confuse you
with lots of fancy jargon, which is often unnecessary.

Vendor delivery schedules continue to remain a problem in the minds of most
CIOs. More than 80% of the CIOs we surveyed raised this as a concern area. Most
of them were resolving this issue by treating their vendors like partners and
putting down penalty clauses in their SLAs. There were some who also used other
measures like holding back payments and threatening to go to competition to
ensure that their vendors

delivered on time.

Advice on SLAs

Nobody can deny the importance of having a service level agreement or SLA with a
vendor. There were a range of concerns raised by our respondents over the issues
they faced with this area. One key challenge is to make the SLA quantifiable and
trackable. In other words, all conditions in the SLA should not only be
measurable, but you should also be able to track their progress. Otherwise,
despite having SLAs, you would not be able to do anything about it if a vendor
were to dishonor them. SLAs are generally long term agreements, so it's very
important to spend sufficient time going through them carefully. Many vendors
would have their own, ready made SLAs, in which case it's important to go
through them carefully. Don't just go with the default agreements. Go through
it and fine-tune it to fit your requirements. You may face resistance from the
vendor, but it's something you're paying for, so don't take it lightly at
all. Make sure that the exit criteria for the SLA are clearly defined so that at
any point of time if there's a breach, it can easily be pointed out to the
vendor.

Competition watch

One of the reasons for using IT is to gain a competitive edge, and your
competition is also doing the same. Chances are that your competitors would
closely monitor your IT usage patterns. We enquired about the same to find that
around 50% of our respondents found it important to monitor competition for the
technologies they're using. Another 35% didn't find it to be an issue, and
the rest didn't have an answer for this. More important than watching
competition is doing something about it. More than 50% of our respondents said
that the moment they find out that their competition is using a particular
technology, they contact multiple vendors and inquire about it in detail.
Another 13% tried to make a strong case in front of their management to deploy
the same or a better technology. Even more interesting was the fact that 33% of
them gave their own ideas, rather than choosing the options we'd put forth in
our question. For instance, instead of contacting vendors, some asked vendors to
present case studies on competing companies. Others took it up with their LoB
managers. There was yet another set of respondents who only went by values, and
another league that adopted a completely different technology from the
competition.

Upgrades, support & maintenance 

As much as 53% respondents said that 10—30% of their annual IT spend went into
upgrades, support and maintenance. Interestingly, around 27% said they spent
less than 10%, which is quite commendable. Our last question was where the
maximum costs were being incurred. Here, hardware AMCs was the most costly
affair, followed by software license costs. Next came WAN Links and Internet
bandwidth tariffs. We found that network security management was at both the
fourth and fifth rank. The last on the list was storage and DR site management.

View Point
	What according to you are some of the key elements that every IT procurement process must have? 1. Scalability: As CXOs, it's important to provision for growth so as not to repeatedly ask Management/BOD for new approvals. 2. Open Source: To ensure minimal licensing/piracy headaches, so that employees are free from restrictions and distractions. 3. Procure vs Outsource: Question the very need to procure. Thanks to pressures from BPOs and ITES over past 4-5 years, one can outsource all non-core efforts.
Ashok Sharma  CTO, Crane Software