Professional Documents
Culture Documents
Johanning
IT Strategy
Making IT Fit for the Digital Transformation
IT Strategy
Volker Johanning
IT Strategy
Making IT Fit for the Digital Transformation
Volker Johanning
Volker Johanning Management Consulting
Marl am Dümmersee, Germany
© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Fachmedien Wiesbaden
GmbH, part of Springer Nature 2022
This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether
the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse
of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and
transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or
dissimilar methodology now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does
not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective
laws and regulations and therefore free for general use.
The publisher, the authors, and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the
editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors
or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in
published maps and institutional affiliations.
Digitalization and digital transformation are buzzwords that are also fueling the discus-
sion about expanding and maintaining competitiveness at our industrial sites. One might
sometimes wonder to what extent companies can carry out the digital change so that they
are not overwhelmed by the “digitalization wave”.
In the new edition of this now established textbook, the question of the significance of
digital change for an IT strategy and the possible role of IT as a driver for digitalisation
topics will also be taken into account.
In addition, many reviews and feedback from readers have made it clear that an IT
strategy can be very different depending on the industry. An IT strategy always depends
on the company strategy and the core processes of a company. For example, a trading
company focuses on different issues than an industrial company. The process and value
creation for a trading company is based on purchasing and selling with as high margins
as possible; the focus for an IT strategy is more on purchasing and sales portals or web-
shops and platforms. According to the industry service HDE, online retailing had already
overtaken stationary retailing in 2015. In addition, within the framework of digitalisa-
tion, concepts are also being developed that are oriented towards new payment systems
or much more detailed analyses of customer data by business intelligence systems spe-
cifically for trade.
For a manufacturing industrial company, in addition to import and export, the pro-
duction and logistics processes including quality assurance, technical development and
electrical/electronics with networked systems are of great importance. Here, completely
different systems come to the fore from an IT perspective, for example an MES or a
PLM system. Topics such as rough and fine planning, MDE, BDE etc. play a major role
here and on the digitalisation level the topic of Industry 4.0.
And Industry 4.0 is something completely different from Trade 4.0.
A stronger focus on the new edition was thus the logical consequence. That this fell in
favour of the manufacturing industry was due to the fact that it equipped the author with
the corresponding specialist knowledge as his professional “home”. In addition, the book
had already set a focus on this segment in the 1st edition with the example company
“Produktio weltweit GmbH”.
v
vi Preface
When it comes to choosing the right IT organisation, a lot has changed as well.
Keywords such as “agile”, ’DevOps” and “bi-modal” IT organisations outline the con-
tents that have been added in Chap. “IT organisation”. In addition, the chapter goes into
more detail on digitalisation in the section on IT governance, in particular on the role
of IT and the CIO. Because the CIO must clearly differentiate himself from the digi-
tal responsible persons and possible Chief Digital Officers (CDO) and sharpen his role
accordingly with regard to digitalisation topics.
It is also important to understand the “why”: Here are some explanations of why and
for what purpose each of the seven steps makes sense or can make sense. Not every one
of the seven steps has to be taken. Here too, practice has shown that depending on the
starting situation of the company, some steps are very helpful and others are not neces-
sarily necessary.
Last but not least, you will now find tasks to do in each chapter. These were added at
the special request of professors and university teachers. Because in the meantime this
textbook has also developed into a standard reading material in business-related com-
puter science courses at some universities and universities.
The IT world continues to rotate rapidly and will remain dynamic. A topic like artifi-
cial intelligence will not only turn the way we operate IT today upside down, but above
all the whole human race will face the big question of “who is in charge on this planet”.
What these developments will do with the book in front of you remains to be seen and
may be reason enough for another new edition very soon.
In this sense, the question “Does IT matter?” from the first foreword is probably basi-
cally clarified: Yes! And in the future even more, because IT is now not only part of all
our lives, but will influence our lives in the near future more fundamentally than we
might like.
I wish you every success in your strategic work on IT and always a good hand in all
decisions around IT.
vii
viii Contents
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
List of Figures
xi
xii List of Figures
xv
xvi About the Author
In the second edition, the focus on manufacturing companies has been added, which
now also adorns the subtitle of this book. In addition, the topics of digitization and the
distinction between an IT strategy and a digitization strategy have found their way into
the book.
Part I
Introduction and Basic Information on IT Strategy
Introduction to the Topic
Abstract
The first chapter consists of an introduction to the world of IT strategy and clarifies
basic questions: “What is an IT strategy, when and why is it needed, how does sci-
ence and practice see the subject of IT strategy? What is the relationship between cor-
porate and IT strategy? ‘Chapter 1 concludes with the topic’ Strategic Planning and
Management of IT”.
In today’s world, companies are not only partially dependent on IT—they cannot exist
at all without IT and successfully compete. IT has become a fixed component of many
company products through the ongoing digitalization. Only through IT can valuable
analyses be gained for the control of the company. IT ensures the smooth, highly auto-
mated operation of worldwide supply chains, so-called supply chains, and controls the
production lines of industry.
The management is increasingly aware that it cannot do without IT and exerts pres-
sure on it. The IT organization and above all the CIO have to reposition themselves. The
close interlocking with the business and the departments is considered the most impor-
tant support for this. Only if IT exactly understands what is required can it go the way
into the future in small steps with the help of standardization and outsourcing. Exactly
this is to be helped by the IT strategy to be created in the following chapters.
Successful IT projects that perfectly support business processes are reflected in the suc-
cess of the company as well as in the satisfied faces of all participants. But what are the
prerequisites for such successes? How can it be guaranteed that IT correctly recognizes the
needs of the department, in other words: that the IT department exactly understands and
realizes what the company needs in order to generate competitive advantages and to be
able to act successfully on the market? And how do you still keep the costs under control?
These questions take on a new importance in entrepreneurial decision-making when it
becomes clear how important a success factor IT can be on the hotly contested markets
everywhere.
To lead the IT landscape to highest (cost) efficiency through simplification and stand-
ardization is only a first step. Thanks to the professional tools and aids that have arisen in
recent years, this is not too difficult to accomplish: from IT governance to service man-
agement, one benefits from standardization models such as COBIT and ITIL, in project
management from PMI or PMBOK. Hardly any other department can fall back on such
solid working bases and build on them.
If someone is also able to get the IT out of the penalty area of “being too expensive”
and the “incomprehensible but somehow necessary part of the company” even when
individual solutions are required, it can become a key factor for new developments and
future growth.
The aim is to find ways to bring the IT on an equal footing with the specialist depart-
ments. The IT should make its potential as a significant innovation engine of the com-
pany transparent.
Basically, three strategic options can be set for this, as shown in Fig. 1:
Optimization of commodities
Increase efficiency
3 (e.g. IT infrastructure, operation, support/helpdesk,
Reduce costs
procurement/installation of hardware and software)
This book goes one step further: IT should not only support specialist areas processes
optimally—as is usually the case—but also play a decisive role directly at the interface
with the end customer in future. This also means that the IT organization will no longer
only focus on what the specialist area requires for process support (typical ERP solu-
tions for standardizing personnel and finance processes). The IT organization must work
together with the specialist area at the customer’s premises—ideally on site—to identify
and understand what the bottlenecks and problems of the company’s customers are and
how they can be eliminated by tailor-made IT solutions.
In recent years, a lot of money has been invested in optimizing ERP systems. As a
result, most large companies and corporations now have a well-functioning ERP land-
scape. The administrative and management processes based on this are highly automated
and standardized, and may even have been outsourced as part of BPO (Business Process
Outsourcing). The processes optimized in this way—mainly in the areas of finance or
personnel—are, however, the administrative and management processes that are of rel-
atively minor importance to most companies in the market context and that should be
mapped as efficiently and sparingly as possible.
For example, while industrial companies can primarily reduce costs through stand-
ardized administrative processes, the value-added processes are of much greater overall
strategic importance. These value-adding processes are, for example, research and devel-
opment, production processes, the supply chain or sales. On the IT side, applications
include business intelligence, innovative production and logistics systems, but also, for
example, CRM systems. These must be distinguished from the system solutions of the
competition primarily in that they map the company’s strategy and specialization one-
to-one in the IT application. Ideally, they even innovate through a company-specific IT
solution to create a competitive advantage.
Since the specialist departments are often more progressive in these customer-ori-
ented disciplines than IT, catching up is necessary here. Salesforce.com is a good exam-
ple of an innovative and customer-oriented application that is mostly purchased directly
6 Introduction to the Topic
by the specialist departments, here mainly marketing and sales. The IT organization is
often not involved at all in such easily procurable applications from the cloud, and the
infamous “shadow IT” arises. This is just one example of how important it is for IT to
take the step from the technical corner and the easily standardized world of processes
into the really value-adding and market-differentiating world. Because it is precisely here
that IT can give the company an enormous innovation and competitive advantage with
the great technical expertise and comprehensive process knowledge of its employees.
And this is precisely where the approach of this book and the motivation of the author
lie: By closer interlinking of IT with the specialist departments and also by direct con-
tact with the end customers of the company, the value-adding processes in the company
can be optimally supported by innovative IT solutions. If IT then manages, together with
the specialist departments, to provide exactly the right information in the right place for
the right recipient, then IT will become a competitive factor and an important, business-
strategic instrument.
In order to achieve this goal, IT needs a strategy. This is to be explained in detail and
absolutely practice-oriented in seven easy-to-understand steps.
IT Strategy: Definitions
Before the strategic work begins, the term IT strategy should be considered and defined
in more detail: What is an IT strategy and what are its characteristics?
Various quotations from leading market researchers in the IT business illuminate the
term very helpfully. So the IT analyst and market researcher Gartner refines: “IT strat-
egy is about how IT will help the enterprise win. This breaks down into IT guiding the
business strategy, and IT delivering on the business strategy. Although some or all tasks
involved in creating the IT strategy may be separate, and there are normally separate
documents, IT strategy it is an integral part of the business strategy” [20].
Gartner emphasizes the close interlocking of the IT strategy with the corporate strat-
egy in his definition. The IT strategy should be part of the corporate strategy, which
explains exactly how the company should “win” through IT. This definition underlines
Gartner’s conviction that IT is an extremely innovative and competitively relevant factor
for companies.
The second major market researcher in the IT sector, Forrester, goes even further:
“[…] that there should be no IT strategy, just business strategy with a technology com-
ponent […]” [16]. Forrester calls for the IT strategy not to be seen as a detached compo-
nent. In his opinion, there is no explicit IT strategy. There is only a corporate strategy,
which includes a technological—i.e. IT—component.
Here the IT strategy is a part strategy that is very closely interlocked with the cor-
porate strategy, but which includes specific IT components that do not have to be
included in the corporate strategy (for example, the IT governance/organization or the
IT Strategy: Definitions 7
IT infrastructure strategy as elements of the IT strategy, but not the direct corporate
strategy).
However, the reality in companies unfortunately shows that about 92% of them do not
have a fixed strategy in writing [27]. In almost every article or book about IT strategy,
however, the derivation of the IT strategy from the corporate strategy is postulated. Against
the background of the fact that only about 5% of all companies have a documented strat-
egy in writing, the derivation theory cannot be the only measure for developing an IT
strategy. Only the knowledge in the heads of the employees and the management is not
enough. Only strategy and process documents fixed in writing testify that really work has
been done on these topics; because only with the written composition of such documents
do questions arise that our reason does not get asked at all and therefore cannot answer.
If it is not quite clear where the company will be in 5–7 years and what the business
model will look like then, an IT strategy lacks a essential basic. Only with clear speci-
fications from the business can a stable and matching IT system landscape arise and be
operated for so long that it pays off. Because the introduction of ERP systems, for exam-
ple, takes at least 2 years, usually longer. In order to generate these immense introduction
costs again, such a system must run stably for at least five years without major changes.
But if every two or three years a completely different business model comes into play, the
IT strategy can be as promising as it is, it will not pay off and instead of a closer shoul-
der-to-shoulder between business and IT, it will only lead to frustration in management.
The development and implementation of an IT strategy is a learning and development
process, not only for the CIO and the IT organization, but for the entire company. The IT
strategy as part of the corporate strategy is the fertilizer for further growth of a company.
In the end, it is not only about the analysis of the technical feasibility in IT, but above all
about the examination of the economic viability: How can IT products support strategic
decisions positively and open up strategic advantages?
Changes in the IT sector are usually equated with budget cuts, after all, the prevailing
tenor of all corporate leaders is: “IT costs are much too high!” This may be true at first
8 Introduction to the Topic
glance, but should not be an excuse for hasty budget decisions. The question should rather
be: “Which are the right investments in IT that lead to a higher return on investment for
the entire company and which investments in IT are rather to be neglected?”
In order to answer this crucial question about the economic viability of IT, only an IT
strategy helps. Because in the IT strategy these questions are answered exactly:
• How can the actual needs of the company and the departments be linked with the
right IT support?
• How can classical make-or-buy decisions be used to determine which IT services can
be economically provided by third parties and which can be provided internally?
• How can a project portfolio create transparency for all IT projects and show which
projects are economically viable and which are not?
• Last, but not least: How does a modified balanced scorecard ensure that the goals of
IT can be controlled and reported transparently in the form of a cockpit?
Sustainability of an IT Strategy
The IT strategy must be sustainable enough to withstand the constantly changing require-
ments of the departments.
Many CIOs hesitate at this point and hesitate to start the IT strategy project because,
from their point of view, it is already outdated after completion and therefore needs to
be revised. The question of constantly changing requirements should therefore be turned
into a question of IT to the business: “How do I implement new business processes or
innovative IT concepts to solve customer problems with my users?”
In order to establish a sustainable IT strategy, it is of great importance that IT takes
on a new role in the company as a shaping force on an equal footing with the business
or departments. Therefore, the topic of IT governance in the form of roles and responsi-
bilities (see step 5) is also shown as an integral part of the IT strategy in the procedure
described here, as well as the development of an IT strategy cockpit (see step 7) for the
continuous control and adaptation of the IT strategy to the changing company goals.
The strategy development method presented here deliberately sets itself the goal of
not developing a technically mature IT landscape down to the last detail. The questions
to be answered are:
• How should IT look in five to seven years? → Vision, application strategy, IT organi-
zation and governance
• What is needed for this? → Resources in terms of finances, employees, innovations
• How is the way there traversed and controlled? → Roadmap and IT strategy cockpit
Areas of Application, Benefits and Target Group of an IT Strategy 9
• Not everywhere where “IT strategy” is written on it is also IT strategy inside: Often,
those responsible do not understand an IT strategy to mean that, for example, one
focuses on Microsoft or SAP products. Other areas, such as sourcing, the necessary
investments or the necessary IT infrastructure, are completely neglected or ignored.
This is not an IT strategy, but one of many management decisions and only a fraction
of an IT strategy that cannot withstand the demands of sustainable orientation.
• There is no written corporate strategy that the IT strategy can orient itself to. Assump
tions have to be included that are often not detailed by management or validated.
• The implementation does not take place; the IT strategy has arisen as a theoretical
construct and remains in the drawer.
• The IT strategy is “overtaken” by new requirements of the department at an ever-
increasing pace and is no longer implementable after a short time.
• What starts out as an IT strategy project quickly becomes a blueprint, an IT planning
or even just an analysis of the situation. This does not allow for sustainable control and
strategic leadership. Therefore, this approach does not deserve the name IT strategy.
• There are generally different views on the content, structure and purpose of an IT strategy.
In addition to a closer look at the benefits and purpose of an IT strategy, the factors will
also be examined more closely, which are decisive for its success or failure. The result-
ing guidelines for the development of a successful IT strategy work across industries and
companies.
An IT strategy is particularly relevant in these company phases:
Effectiveness Efficiency
Measure of economic
Degree of target achievement
efficiency
(effectiveness)
(cost/benefit ratio)
As shown in Fig. 2, strategic leadership means “doing the right things” (effective-
ness) in contrast to operational leadership, where the postulate is: “Doing things right!”
(efficiency). Good strategic leadership ensures that managers work on the right problem
areas and thus guarantee a long-term, successful positioning of the company.
These strategic leadership principles also apply to leading an IT organization. The
CIO or IT responsible person is obliged within his scope of duties to generate added
value through IT for the entire company and therefore also required in terms of planning
to decide and act with foresight. This can only succeed on the basis of a sustainable IT
strategy, which one orientates oneself to continuously.
Due to the rapidly developing technologies in the IT sector, it is tempting to jump on
new hypes. But it endangers the concentrated work on the basis of an IT strategy because
of the great danger of getting bogged down in new technologies again and again. A long-
term oriented and thus strategic leadership of the IT area is one of the decisive principles
for its successful work in the sense of the company.
In order to counter the danger of operational management based on new technologies
and hypes, a sustainable IT strategy must exist that sets long-term goals, which the IT
management orientates itself to. Strategic leadership in IT means doing the “right things”
and is based on the long-term goals from the IT strategy.
12 Introduction to the Topic
In the context of the introduction to the topic and the basic definition of IT strategy, the
question arises in times of digitalization to what extent the IT strategy is delimited from
a digitalization strategy and what possible similarities there may be.
In the management of companies, especially in manufacturing companies, the topic
of digitalization has been on everyone’s lips since the introduction of the term “Industry
4.0”. The big question is: “Do we need a new strategy for this, so to speak, a kind of dig-
italization strategy? Or is digitalization part of the existing corporate strategy and only an
extension of the business model with digital elements?”
In this context, IT quickly comes into focus. What role does IT play for manufactur-
ing companies in digitalization?
Before a decision can be made in which strategy corner digitalization belongs, a defi-
nition of the term digitalization should take place. In this case specifically for the manu-
facturing industry.
The author’s view is that digitization in manufacturing companies does not only refer
to Industry 4.0, but takes a significant step further.
Industry 4.0 in a wider sense refers to pure process improvements and the raising of
efficiencies in the production or manufacturing process. (see Level 1: “Process optimiza-
tion through digitization“) (Fig. 3). This is done by automating the manufacturing pro-
cesses as well as by further supporting, for example, more mature robot technologies
or optimized machine or operational data and the better analysis of these data resulting
from newer MES systems. This also includes the topic of “predictive maintenance”, i.e.
the automatic prediction of when certain parts in production need to be serviced based
on automated data analysis. From the author’s point of view, this is a great development,
but in a narrower sense not a revolution in the form of a new business model for the cus-
tomer with greater value. Rather, it is more of a continuous improvement process of the
production lines and production.
The real, disruptive function of digitization in manufacturing companies lies on
another level: it lies in the extension or complete renewal of physically manufactured
products by networking with each other, by product-related services and in the long
term also by the use of artificial intelligence for these products. The resulting extended
benefit for the customer fundamentally challenges the business model of manufacturing
companies.
What does this mean for the understanding of digitization with regard to manufactur-
ing companies?
Both are important: Industry 4.0 for increased process efficiency and the establish-
ment of innovations in the form of new, intelligent products including services to
increase customer benefits. However, a real revolution only takes place through the so-
called disruptive innovation, which leads to a complete restructuring or break-up of an
existing business model.
Delimitation of IT Strategy to Digitalization Strategy 13
IT, as they often have interfaces to core systems such as ERP or PLM and thus have to
fit into the existing system landscape and IT architecture. By way of example, an app
and a portal may be mentioned which, for an electrically manufactured and sold battery,
provides additional information, for example the current consumption, the still available
charge, the previous use, necessary repairs, etc. It is important with such product innova-
tions that IT is always involved from the beginning in all decisions in order to avoid that
the additional services such as the app do not fit the current IT system landscape after-
wards and that interfaces are only very difficult or not available at all.
On the third level, with regard to new digital business models, IT is sometimes even
considered one of the essential core processes and the heart of a new business model.
This is because new IT technologies can give rise to new business models. For example,
new services can be offered to existing customers based on complex data analysis that
provides additional value and can be priced accordingly. The role of IT has become inex-
tricably important, because without IT competence this business model is inconceivable.
In the first edition of the book, the principle still applied that the IT strategy must be
derived from the corporate strategy, the so-called “business-driven IT strategy”. In the
now available second edition, this principle has changed due to digitalization. A kind of
reciprocal relationship has arisen: it is still the case that the specialist departments and
the management set the strategy for IT, but through the technical innovations of digi-
talization, IT also drives the specialist departments and management forward. So it goes:
“Business drives IT drives Business”!
It is precisely in this interface that, from the author’s point of view, digitalization
strategy has its place.
It is part of the corporate strategy on the one hand, and part of the IT strategy on the
other. The diagram in Fig. 4 shows this interaction very clearly.
Corporate strategy
Digitization strategy
IT strategy
◾ What are three of the most common reasons why an IT strategy fails?
It should be noted that the IT strategy does not replace the digitalization strategy and
does not integrate it completely. The IT strategy contains core elements that are impor-
tant influencing factors for the digitalization strategy.
(See Fig. 5)
Six Good Reasons for an IT Strategy
Abstract
In this chapter, the current and burning questions of IT organisations that can be
answered with the help of IT strategies are elaborated.
Organizational Challenges
The role of the CIO is changing as a result of the aforementioned changes to IT organi-
zation in the direction of business. In the past, CIOs were mostly technologically ori-
ented, but today managers are needed who understand the business well and are able
to precisely assess where the value lever for IT is in the company. This goes so far that
CIOs take on the role of process responsible on the methodological level. This is then
referred to as a split of the CIO job into three directions:
It is interesting to see how IT responsible see themselves. For this purpose, Gartner has
written a study that is based on the question of what IT responsible consider important in
2013 [16]. Tab. 1 shows these considered important priorities differentiated by business
and technology.
Of course, at the top of the business priorities list is: increase company growth. This
very clearly shows the value that strategic measures have for IT and the new role of the
CIO in the company. In first place on the technology side are not the old commodities
like optimization of the data center, but is quite clearly the outsourcing variant of cloud
computing as well as—following Carr’s predictions from 2003—the “information side”
of IT, namely the topic of “big data”, that is: how do I get the most important key figures
for controlling the company out of all the available data and information.
Important are—also for the enforceability of an IT strategy and the new role—the
hierarchical position of the CIO in the company as well as the integration into the man-
agement board. In order to optimally support the most important changes or innovations
in all business or specialist areas through IT, it is of great importance that the CIO is at
least a regular member of management bodies that meet regularly. In order to be able
to participate in the relevant decision-making processes, the CIO should have access to
all protocols. Of course, it must be taken for granted that, as part of corporate strategic
Organizational Challenges 19
analysis, the support potential of IT is always taken into account and its essential func-
tion for the implementation of the strategy is seen.
The “IT Trend Report 2013” by Capgemini [11] unfortunately shows very clearly
in Fig. 1 that only just under a third of all German CIOs and IT managers are regular
members of management boards. At least around 25% are “sometimes” invited to board
meetings. However, this shows the general problem mentioned above that the CIO or IT
manager is often not even in a position to participate directly in the relevant discussions
and decisions.
On the other hand, the role of the CIO continues to develop: a path is emerging from
the “technical implementer” to the demand and information manager, who is seen as a
partner of the business. This also changes the role of the CIO in the overall context of the
company. Tab. 2 shows, based on Brenner [4], this change in the role of the CIO.
The role of IT in the company changes with regard to cooperation with the specialist
departments as a result of the transformation of the CIO and IT roles described in the last
chapter. IT is getting closer to the business. This is called business-IT alignment.
However, optimal business-IT alignment will only be sustainable if not only IT devel-
ops and drives business partnering, but also new roles or functions are created in the
specialist department itself as a counterpart to IT. In addition to the process responsible/-
owner (process owner), these include, for example, the roles of a process or business
20 Six Good Reasons for an IT Strategy
35.1%
Always
36.5%
24.7%
Sometimes
28.7%
22.1%
Rarely
18.0%
13.0%
Never
12.0%
expert. It is important here that the (organizational) focus is on complete business pro-
cesses (“end to end”) and not on IT-internal criteria and the primary focus on partial pro-
cesses, such as modules or sub-processes, to which many ERP systems (such as SAP)
are still oriented today.
Furthermore, it is important that the IT responsible persons subject themselves to a
merciless Ist analysis with regard to the perception of IT in the overall organization of
Organizational Challenges 21
Dealing with Globalization
Not only large companies, but above all many specialized medium-sized companies have
been internationally successful for years. Locations not only in Europe, but also over-
seas, often in unfamiliar cultures, are now part of the everyday life of the export nation
Germany. This also requires a globally oriented IT organization with the question: “How
should IT be coordinated on site overseas and which IT services are needed there?”
A worldwide consolidation and standardization of applications, infrastructure and
processes must be the goal in order to be able to guarantee coordination at all. But this is
followed by questions: What are the central tasks of IT in the corporate headquarters and
which IT tasks and processes have to be carried out on site? Do we need regional and
local IT organization units and who do they report to? Who coordinates the flow of infor-
mation and communication and checks compliance with standards? All of this calls for a
globally oriented IT governance structure that must be introduced step by step.
22 Six Good Reasons for an IT Strategy
The topics and questions mentioned are all part of the IT strategy and are discussed
in detail in Step 5 with regard to the construction of a sustainable IT organization/IT
governance.
Many IT services are purchased from external suppliers today. IT outsourcing and its
optimal management therefore play a major role in the management of IT. In large com-
panies there are sometimes several hundred suppliers or external service providers. From
procurement to support in the respective departments, the management of the suppliers
has become extremely complex, time-consuming and therefore costly.
Modern technologies and especially the topic of cloud computing are leading to more
and more IT services from third parties. If you want to keep an overview, you need a
medium to long-term strategy – with derived goals for controlling all suppliers. This is
what the sourcing strategy is for, which is part of step 4 of the IT strategy and an impor-
tant, because cost-relevant, topic here.
IT costs often represent one of the larger, if not the largest, cost items in many com-
panies. For IT decision-makers, managing IT costs is therefore one of the most impor-
tant tasks, especially in times of economic difficulty. In addition, IT costs are often the
only lever for management when decisions have to be made with regard to IT. The actual
technology and everything that lies behind it often appears too complex to discuss in
management committees. Therefore, the only thing that usually remains is the control of
IT via the costs and here especially via cost-cutting measures.
But where can IT management start to optimize IT costs so that a smooth business
process and the most efficient support or automation of the most important business pro-
cesses can be achieved? What are the key cost drivers of an IT organization? How can
the IT responsible person explain in a understandable way where which IT investments
make sense and where not?
First of all, it should be noted that the across-the-board reduction of all IT costs by
a certain percentage, which is often applied in times of crisis, is not sensible. This so-
called “lawn mower method” does not achieve the same results in the IT organization
as perhaps in other areas, as the structure of IT costs is very different, as can be seen in
Fig. 2.
The division shows the IT costs in the three blocks PLAN, BUILD and RUN. The
PLAN area is still strongly underrepresented in many companies with only 10%; here
is the IT management with planning, control, architecture, strategy and controlling. The
BUILD area is application development and in the RUN area is the operation of IT (data
What does IT Cost? 23
30%
60% Plan
Build
Run
center, infrastructure, telecommunications). The largest cost block with 60% are still the
operating costs / RUN, which despite the increased demand for cloud computing and
infrastructure as a service (IaaS) have already been very standardized and outsourced to
specialized service providers. A pure “further reduction” of the operating costs does not
appear to be sensible against the background of possible consequences, such as the dete-
rioration of performance or the emergence of security gaps.
The question therefore arises more as to where in the IT organization the cost drivers
are located. In a study [21], Gartner identified the most important cost drivers and esti-
mated possible short- and long-term cost reduction potentials. According to Gartner, the
best levers for reducing IT costs with the least possible risks are the virtualization of the
IT landscape with 10% long-term and approx. 3% short-term cost reduction potential.
Almost 10% savings on a long-term basis are also possible through the consolidation of
IT and the reduction of operating costs. However, the two measures entail greater risks:
first in the form of organizational uncertainties and payback when optimizing operating
costs, and second through the high investment costs when consolidating.
Almost without risks and with approx. 3% savings potential on a short-term and 5%
on a long-term basis, negotiations and improvements in contracts with external service
providers are possible.
In addition, an adjustment and optimization of the project portfolio can be considered
as a measure to reduce IT costs. The IT project portfolio is part of the following IT strat-
egy development and will be explained in detail in Step 6 of the sustainable IT strategy
later and put into practice.
If a well-managed license management already exists, an optimization of the used
software licenses and the resulting cost reduction is an easy to achieve quick win.
These measures are first approaches and possibilities for managing IT costs and can
be first indicators that help to get the IT costs under control. In order to set up a sustain-
able IT cost management and not to have the same cost discussions every year, it should
be the goal of IT management to make the cost structures sustainable and transparent in
the long term and understandable.
24 Six Good Reasons for an IT Strategy
Sustainability in this context means: a steering instrument is needed. For this purpose,
the author would like to recommend the IT strategy cockpit, which is presented in Step
7, to everyone. With this tool, derived from the Balanced Scorecard, it is possible to rec-
ognize early on which decisions will cause which costs.
Furthermore, the transparency mentioned is essential. If costs are discussed, it must
also be clear what consequences possible cost increases or reductions can have. For this
it is important to understand that the specialist departments and business areas of the
company have a direct influence on the IT costs. If service-oriented architectures are not
yet being used, any changes to business processes can lead to enormous IT costs. This
must be made clear to the specialist departments. On the other hand, IT responsible per-
sons must also contribute themselves that the architecture is built flexibly on the basis of
services, so that new or changed processes do not lead to major reconstruction work in
the application landscape immediately.
In addition to the flexibility of the IT application landscape, which will be dealt with
in detail in Strategy Step 3, scalability is also an important criterion for IT cost man-
agement. This is given if the proportion of variable costs in the total budget is as high
as possible and fixed costs are kept as low as possible. This must be given both down-
wards and upwards. Only then can IT costs “breathe” with the economy: If sales rise,
suddenly necessary applications or infrastructure can be set up quickly and easily; in bad
economic times, for example, outsourcing costs can be reduced flexibly by variable con-
tracts with external suppliers.
In general, it can be said that it will always be a challenge for IT responsible per-
sons to justify IT budgets using traditional benchmarking data from outside. To end these
tedious discussions, the IT management must get involved in the process of developing
strategy for the entire company and, as part of a subsequent IT strategy, make it clear
how and with which means the company is supported by IT. Only when this is transpar-
ent and comprehensible to the management of the company will the IT budget discus-
sions really take place constructively. Then IT and management can discuss budgets on
an equal footing, because both sides understand what the money is used for and what it
is “worth” to the company.
When you ask corporate leaders, IT projects in large companies in Germany are often
little or not crowned with success. The University of Oxford comes to a similar result: In
a large-scale study 1500 worldwide projects were examined which aimed to renew the
IT systems. The result is alarming: Every sixth project had exceeded the budget by more
than 200% [38].
In comparison to common risk management models, IT projects went out of control
20 times more often than expected. Inadequate risk calculation, software compatibil-
ity problems, lack of knowledge when implementing new technology were, according
Project Management Skills and Better Time-to-Market 25
to the study, the most common reasons for the additional expenses. The risk of failure
increased proportionally to the scope and the growing complexity of the projects.
The responsible head of this study of the University of Oxford, Professor Bent
Flyvbjerg, says about this: “We were shocked when the data came in and we learned that
large IT projects are 20 times more likely than normal projects to spin out of control. IT
projects are now so big and touch so many aspects of business, government and citizens’
lives that this poses a singular new challenge for top managers” [38].
Why is that so? There are many approaches, methods, tools and essays as well as
books on this topic. However, there is one approach that stands out again and again:
Change Management.
In this context, Change Management means from the perspective of the author that,
due to the high technical complexity and the resulting misunderstandings or ambiguities,
new requirements or scope changes are always necessary. Actually, one should translate
Scope Management from time to time with “Expectation Management”. Because the
problem is that departments have special expectations of the future IT system, but it is
very difficult to make these expectations tangible in prose or by means of means such
as UML, GUI design etc. in endless specifications and duties. In addition, there is the
dynamics of the constantly changing requirements; today one thinks that one solved it
best, tomorrow one is another step further and knows that one has to do many things dif-
ferently. Therefore, “trial and error” is screwed around until the result corresponds to the
ideas to a certain extent. Through this process, a serious project planning and a reliable
project management are also very difficult with even the most professionally standard-
ized project management processes and the best project managers.
Fig. 3 – from a wide-ranging study by the management consultancy C4 Consulting
[9] – very clearly shows where the challenges lie in change management: top manage-
ment must be involved and communication must flow.
This is exactly what IT projects need to be successful: strong engagement and
involvement of top managers and departmental heads – not only in steering committees,
but also in the everyday decision-making of large IT projects as Fig. 3 shows.
Another reason for the failure of change projects is that the department has to play
“blind man’s buff” in order to specify the requirements of the end customer and then
make them understandable to IT again. Here IT has to go to the customer together with
the department and understand the problem and the bottleneck on site. Only then will
innovative IT solutions and clear requirements be achievable.
The problem of the unclear and constantly changing requirements process is also in
contradiction to the demand for a faster “time-to-market” from the departments. If IT
projects are too slow, the product or service is too late on the market, which is at the
expense of competitiveness. Fig. 4 very clearly shows that, alongside the apparently still
current ongoing cost reduction potential, above all efficiency gains in IT are still the top
issue.
In general, the problem of “time-to-market” or efficiency improvement is not only in
IT. Here, the topic of “business-IT alignment” gains importance for closer cooperation
26 Six Good Reasons for an IT Strategy
and a better understanding of technical possibilities on both sides: Not only IT has to
open up to departments, but also departments have to become more technology-savvy,
better understand what is technically possible and how it can be used for the company’s
purpose best.
How can an IT strategy help improve project management skills and time-to-market?
By sustainably promoting the process of close cooperation with the business!
This begins with the joint development of the strategy in 7 steps and forms the future
basis for joint work. When developing the IT strategy, it is decided together with the
department by means of application portfolios and joint roadmaps which support the IT
should provide for the business in the next 5 years. This makes the IT strategy the basis
for joint work in the next 5 years.
The requirements for compliance with legal and regulatory requirements on IT are con-
stantly increasing. For managing directors or boards of stock corporations, high fines
threaten if these requirements are not met. The compliance requirements in IT mainly
include the following topics:
• Information security,
• Availability,
• Data storage and
• Data protection
Compliance and Risk and IT Security Management 27
Fulfillment of the
9.2%
Compllance requirements
© Capgemini 2014
In addition to national rules such as the Telecommunications Act, the Federal Data
Protection Act (BDSG) or the principles for data access and the verifiability of digital
documents (GDPdU), many European and international rules and guidelines are now in
use (by way of example, BASEL II/III or the Sarbanes Oxley Act (SOX) if the company
is listed on the American stock exchange).
How can all of these regulations, rules and guidelines be complied with? Who takes
care of it? And how can a CIO or management ensure that there are no gaps in compli-
ance with all compliance rules?
The internationally recognized framework “Control Objectives for Information and
related Technology” (COBIT) of the “IT Governance Institute” (ITGI) offers profes-
sional assistance here. In addition, it makes sense to also take a closer look at the topic of
IT security in order to ensure the IT compliance processes at the same time.
28 Six Good Reasons for an IT Strategy
The goal should be a strategy for securing all risks that is coordinated with manage-
ment and that guarantees IT security and compliance with all compliance regulations on
a professional basis using COBIT. This must ensure the comprehensive and permanent
compliance with all requirements of the legislature and the company.
Areas affected by IT compliance are, for example:
The core task is the documentation and corresponding adaptation of the IT resources as
well as the analysis and evaluation of the corresponding problem or risk potentials (also:
risk analysis). The resources include hardware, software, IT infrastructure (buildings,
networks), services (e.g. web services) and the roles and rights of the software users. It is
important to note that the implementation of compliance is seen as a continuous process
and not as a short-term and one-time measure.
Using the example of license management, it becomes clear that IT compliance is a
constant companion and therefore the IT compliance processes must be set up according
to COBIT so that they are continuously applied by all persons affected by them. Typical
questions in the field of license management are:
The Federal Office for Information Security (BSI) offers a comprehensive set of instruc-
tions with the Basic Protection Catalogues, many books on this topic are available on the
market and help.
integration, but already in the due diligence. Here, in particular, the internal actual analy-
sis of IT shown in step 1 can be a valuable contribution to the examination and assess-
ment of the integration effort before the purchase or takeover.
In a representation of the consulting firm A.T. Kearney, IT plays a decisive role in an
M&A process not only in the due diligence phase, but throughout the process in four
steps: (based on [1])
As already shown in the definition of the IT strategy and its delimitation to the digitiza-
tion strategy, IT plays a significant role in the digital transformation of manufacturing
companies.
Why is IT only an enabler and not a driver of digitalization? To get back to the defi-
nition question, which is answered by Gartner as follows: “[…] Because digitalization
requires companies to question business models and think about transformation; thus a
highly complex evolutionary step of their own organization […]”. [1]
The Gartner quotation shows very well that digitalization not only brings the already
described process optimization with it, but also business models and completely new
products. The focus on business models and product innovation used to be the responsi-
bility of corporate strategy. However, due to the IT-related technologies of digitalization,
IT and corporate strategy are now growing closer and closer together.
This also means that the role of IT and the CIO must change more and more.
“Business drives IT drives Business” means for IT management to focus more on busi-
ness model issues. However, the author currently sees IT in the production environment
only on the level of optimization and industrialization of IT. The diagram in Fig. 6 shows
this very clearly.
IT is on its way to becoming not only an enabler, but a driver of digitalization for
manufacturing companies. However, this also requires a change in the IT organization,
which cannot be realized overnight. However, the vision and above all the IT strategy
must already show the way.
However, IT is currently very well utilized in the role of enabler for digitalization
in most companies. Enabler in this context means that IT has not only understood the
IT as an Enabler for Digitization and Industry 4.0 … 31
Future
Driver
role of
IT ?
Future
role of
Today's IT ?
Enabler
role of
IT
IT industrialization Digitization
technologies required for process optimization in the sense of Industry 4.0, but can also
make them available to the specialist departments for application. The IT organization is
therefore still a kind of service provider for the specialist departments for the implemen-
tation of Industry 4.0 projects.
The next evolutionary step would then be the transformation from service provider
to driver of digitalization projects in the company. Often this is not clearly delineated,
because in many projects the IT is already driving and in other digitalization topics per-
haps not yet as far as the department. Therefore, both for the IT and for the departments,
a specialization and expert position in the company makes sense. For example, the IT
can be the driver for topics such as predictive maintenance, for a topic such as aug-
mented reality only a service provider. This must be newly determined for each topic and
expertise as well as knowledge of the employees.
However, if it comes to the disruptive part of product innovation or business model
renewal, today’s IT organization is often still in an advisory role in terms of technol-
ogy. A leading role is still rare, but must be taken into account in the IT strategy for the
future.
32 Six Good Reasons for an IT Strategy
◾ Give three reasons why IT strategy is important to you and your business:
1.
2.
3.
• What role does your IT currently play and what role should it play in the future?
Drivers
Enabler
IT industrialization Digitization
Reference
1. Gartner: „Taming the Digital Dragon: The CIO Agenda“, abgerufen am 03.01.2019; https://
www.gartner.com/imagesrv/cio/pdf/cio_agenda_execsum2014.pdf
The Approach Model for Developing
the IT Strategy
Abstract
This chapter is intended to prepare and understand the model for the development
of the IT strategy. It presents the 7 steps with their respective contents. Finally, the
example company is presented with its most important data, which in each step serves
as a practical example to illustrate the building blocks on the way to the IT strategy.
The principles presented for strategic management, IT strategy and current challenges
of IT organizations serve as an introduction to the topic. They form the basis for the
development of an individual IT strategy, which takes place in 7 steps, which in turn are
divided into three core components, as shown in Fig. 1:
Before starting with the actual analysis of IT in step 1, a chapter is put in front of it—so
to speak as step 0. Because the development of an IT strategy requires a framework and
a structure in order to be successfully carried out. This is done with the help of a project
structure, as is known from IT projects.
det
tio
me gy
Loc inatio
nta
ple te
erm
im Stra
atio
IT
n
strategy
n
Draft
strategy
This includes, as a first step, the clear definition of the goal of the IT strategy, i.e.
why the IT strategy is being developed. This is recorded as the project goal, to which the
delimitation of the project is attached, i.e.: Clear definition of what the content (scope) of
the IT strategy is and what it is not (out-of-scope). This is followed by the creation of a
project plan in the form of a Gantt chart or—in a simple way—in the form of a roadmap
or milestone plan. Then, on this basis, the work packages for the development of the IT
strategy are broken down in detail. A first estimate of effort and budget is made and then
an organizational chart is created. Here it is important that it is exactly specified who
is involved in the project in which role. Finally, a stakeholder analysis is carried out in
order to better understand where and with whom in the company support for IT can be
expected and where possible conflicts are dormant.
Now the actual project work starts with a general location determination of the IT in
the form of a status analysis. With the help of a questionnaire, the maturity of the IT
The 7 Steps to the IT Strategy at a Glance 35
processes is ascertained on the basis of the following four areas and visualized in a net-
work diagram:
• IT processes
• IT governance, IT organization and employees
• Technology
• Finances
The results from the questionnaires are transferred to a network diagram, in which it
quickly becomes clear where the first weaknesses are. This makes it possible to derive
first action options in the form of challenges for IT optimization in the first step.
After the internal consideration of IT, the analysis of the company strategy follows in
step 2 in relation to IT. As already learned when defining the IT strategy, an IT strategy
cannot be created on the “green meadow”, but is ideally an integral part of the company
strategy or at least closely linked to it.
First, the classics of corporate strategy such as the Boston Consulting Portfolio and
the Porter competitive analysis are introduced and filled with life using the example
company. Then it’s about the challenges in the departments and the business processes
of the company, which are put under the microscope. With these board means, the chal-
lenges for IT are then derived. This second step is rounded off with a first draft of an IT
vision, which can be formulated on the basis of the identified challenges at this point and
thus forms a kind of framework for the further development of the IT strategy.
Now the actual strategy process begins with the design of the application strategy in step
3. Based on the already known BCG matrix, an actual application portfolio is created.
The life cycle theory is added, with which it can be analyzed more precisely in which
life cycle or stage the current applications are.
On the basis of this application portfolio and the application life cycle, all current
applications are evaluated. From this, action options can be derived for each application
(for example: keep, phase out, modernize, etc.). These action options lead to an applica-
tion roadmap, which—clearly and ordered by time and priority—shows the necessary
projects for the modernization of the application landscape.
36 The Approach Model for Developing the IT Strategy
The result of this step is an application portfolio aligned with the results of the loca-
tion determination (steps 1 and 2), with a roadmap of how the future application land-
scape should look.
In step 4, a sourcing strategy is developed that shows whether IT services are to be oper-
ated or created in-house or by external partners. It starts with basic questions about
sourcing, such as the motives for outsourcing, the opportunities and risks, make-or-buy
scenarios and the crux of the economic calculation.
Then it is about the basic classification, which types of sourcing exist and about the
actual sourcing strategy. Here, a distinction is made between the depth of production
(degree of outsourcing), the number of involved providers (multi- or single-sourcing or
mixed models) and the optimal location of the service (offshore, nearshore, etc.).
A sourcing governance is introduced, which is intended to show how sourcing pro-
jects and existing or ongoing sourcing projects can be optimally staffed with roles and
responsibilities. Step 4 is concluded with a practical excursion, which shows in 5 phases
how an invitation to tender should ideally be set up (including checklist).
First, typical IT organizational structures are presented and the special features in the
form of PLAN-BUILD-RUN models or the increasingly common construct of the
demand/supply model are shown. This demand/supply model is then discussed in detail
and all functions and goals of the demand and supply branches are discussed in detail
and practically presented using the example company.
Then, a part of IT governance is examined more closely. The role of IT in the com-
pany is checked and adapted to the new findings from the location determination in steps
1 and 2. The role of the CIO is clarified and typical committees for IT are presented and
examined. Typical problems such as the conflict between line and project or the question
of process responsibility for IT as well as the question of which tasks the IT is carried
out locally or centrally determine this second part in step 5.
The 7 Steps to the IT Strategy at a Glance 37
The personnel strategy is based on the so-called gap analysis and checks whether
the right employees are in the right positions or what needs to be done to achieve this
optimum.
In step 6, the implementation of the IT strategy begins. The starting point is the creation
of a roadmap that answers the question of which measures and projects arise from the
previous 5 steps for the IT organization in the next 3-5 years. For this purpose, measures
are derived explicitly from each step and then clustered in time in a clear roadmap.
After that, it is about the question of what the implementation of the roadmap costs.
Now it gets exciting, because so far all measures could be shown ideally, but whether all
measures are realistic and affordable is now checked and examined. For this purpose,
the budgets for each measure are roughly calculated. Afterwards it is shown why which
measure makes sense and which saving potential is possible for each measure (quantifi-
able in € or at least argumentatively).
Finally, the portfolio theory is used again when it comes to the evaluation and pri-
oritization of projects. All measures that are still remaining are now put to the test as
projects. Only those that offer a strategic advantage to the company and have a reason-
able probability of implementation will have a chance of survival in the evaluation by top
management.
Step 7 ensures that the IT strategy does not disappear into the drawer, but is constantly
checked, updated and adapted. This is done with the help of an IT strategy cockpit,
which—based on the concept of a flight cockpit—provides all the essential information
for the management and control of IT. The IT strategy cockpit is based on the concept of
the Balanced Scorecard. All measures and projects from Step 6 are repeatedly checked
here using key figures.
It is important to mention that these seven steps do not have to be carried out rig-
idly one after the other. Many companies and IT organizations, for example, have a
detailed application strategy and only want to discuss how they can optimize their
sourcing or how they can best implement an existing IT strategy using the roadmap
technique, portfolio theory or by using the IT strategy cockpit. Then only the rel-
evant steps have to be picked out and processed, because the individual steps are
based on each other, but can also be processed independently.
38 The Approach Model for Developing the IT Strategy
In the context of the introduction to the topic, basic knowledge of the tasks of each step
is created. These can be, for example, explanations of the origin, function and applica-
tion of corporate strategies such as the BCG matrix or Porter’s competitive model in step
2. These theoretical basics are explained in such a way that they form the basis for their
own application in the task part.
The theoretical part is underpinned in all chapters with a practical example, the ficti-
tious company “Produktio weltweit GmbH”, which is presented in more detail below.
Now it’s time to put what you’ve read into practice. The working questions themselves
form the “fillet” of the application of knowledge to your own company. Through struc-
tured questions and fillable matrices, roadmaps or checklists, the respective step is car-
ried out for the IT organization and the company. Fig. 2 shows how such a worksheet
typically looks like.
Conclusion
At the end of each step, there is the opportunity to reflect on the procedure and the
results. This allows the respective thoughts to be recorded and a first conclusion to be
drawn for the IT organization. Perhaps new connections will also be recognized and
new challenges can be mastered better as a result. Because the goal is not only the docu-
mentation of an IT strategy that is then forgotten in a folder or shown to management
once via PowerPoint and then forgotten. The goal is to learn on the way and to gain new
insights into how and where levers are that help to set up the IT optimally.
Introduction to the Example Company 39
What is the project goal? Think about breaking down the goal (specific, measurable,
realistic, accepted and timed).
Clarification and definition of the scope (What is in-scope and out-of-scope?)
Specific
Measurable
Accepted
Terminated
Fig. 2 Example of a worksheet
In order to make the development of the IT strategy as practical as possible and to make
it easier to imitate and recognize situations and derive possible options for action, this
book uses a fictitious example company.
Example Company: Produktio Weltweit GmbH It is a company from the upper mid-
dle class with approx. 800 employees. The company produces very special and modern
vehicle parts that bring information technology into the car. These include, for exam-
ple, so-called “Head-Up Displays” for displaying important information on the wind-
shield or the integration of apps into the car’s multimedia environment. The company
headquarters is in Germany and there are 2 production sites and smaller sales locations
worldwide. The IT organization is centrally organized with approx. 40 employees at the
company headquarters.
40 The Approach Model for Developing the IT Strategy
A detailed development plan for IT was recently approved, which describes in detail
how the application landscape is to develop in the coming years. However, it has been
found that the organization, the governance structures and the current situation with the
suppliers are not optimal. Therefore, they would like to develop a holistic IT strategy that
is based on a neutral current state analysis of the IT organization, the governance and the
sourcing situation. An IT vision is to be created that will bind and inspire all employees
so that the planned development plan can be implemented. In addition, all suppliers and
contracts are to be checked and optimized and—if necessary—put out to tender for cer-
tain areas. Afterwards, a project portfolio is to be set up so that the IT remains control-
lable. A roadmap is to be created for the structured implementation of the development
plan.
It should be noted that all assumptions made below about this fictitious company are
of a fictitious nature, in particular the calculations made in steps 6 and 7 regarding the
IT budget, savings and the key figures for the IT strategy cockpit. All numbers are for
illustration only and are intended to help make the development of the IT strategy more
concrete using a practical example.
Part II
7 Steps to a Sustainable IT Strategy
Preparations: Setting up the
Development of the IT Strategy as a
Project
Abstract
Before starting the IT strategy project, some questions naturally arise: “How do I
develop the IT strategy best: alone or as a team? How long does it take and how much
effort does it mean for me and/or my team? How long will it take me to develop and
implement the IT strategy? Or is this an ongoing development process that constantly
accompanies me?”
Before development of the IT strategy begins, it should be clear to everyone what the
goals are. Chapter 1 has already made it clear that the IT strategy is a sub-area of the cor-
porate strategy and is derived from this. However, in order to first get a general overview
of what the goals of an IT strategy are, the following list will present some basic motives
and starting points that can be examples of a project goal or sub-goal:
When formulating objectives for your IT organization, you should orient yourself to the
“SMART” rule as shown in Tab. 1.
As part of the project profile for the development of the IT strategy, the goals must be
defined to which this project is to lead, that is, which results are expected.
Depending on the size of an overall company and its IT organization, an IT strategy can
be developed in a small team or require a large project organization.
The general principle applies: Never alone!
Because at the latest in step 2, during the joint analysis of the corporate strategy,
the departments and the management board are required for discussions and approvals.
This book places particular emphasis on the close cooperation of IT with the business.
Therefore, a joint development of the IT strategy together with the department heads and
the management board is indispensable.
In this context, the question arises as to how large the scope and scope of the IT strategy
project should be. In other words, whether an IT strategy should be created for the entire
company or whether the company is so large as a group that only certain divisions or
business areas are initially included. For companies operating internationally, the ques-
tion also arises as to whether all foreign subsidiaries or regions are to be included or
whether the IT strategy is to be created initially only for the headquarters.
In general, the concept presented here is designed to lead to an IT strategy develop-
ment that is binding for the entire company. In large companies or groups with many
international locations, it often makes sense to develop not just one, but several IT strate-
gies. In addition to a global IT strategy, there can also be strategies that are developed for
a region or a business area.
It is only important that the global IT strategy sets the direction and that the regional
or business-specific strategies are oriented towards it and that these “corporate” IT
The IT Strategy as a Project 45
strategies are subordinate. Which of the steps towards the global IT strategy presented
below belong and which step is defined regionally or for a business area differently,
depends on the corporate structure and the requirements of the regions or business areas.
If these requirements are very heterogeneous, it can make sense to allow a separate IT
strategy for certain regions or business areas, which is oriented towards the global or
“corporate” IT strategy.
By way of example, it may be mentioned that, as part of the application strategy (step
3), each business area has different requirements. This would mean, for example, that
there is a company-wide ERP strategy, but the applications specific to each business area
follow their own strategy, which, however, follows the global strategy in the sense of eas-
ily adjustable interfaces to global standards.
When it comes to sourcing concepts, it may make sense to drive a common IT strat-
egy if the selected provider is global and thus the same IT services can be obtained
worldwide.
Fig. 1 shows an example for the definition of the scope of a strategy project. The start-
ing situation of the example company Produktio weltweit GmbH has been taken into
account for the scope definition. Thus, it is desired within the IT strategy (In-Scope) that
the topic Cloud is considered with regard to possible areas of application in the com-
pany (step 4). Furthermore, the IT organization and the IT governance structure are to
be checked and adapted (step 5). It should also be checked within the sourcing strategy
whether the outsourcing of the “workplace IT” can be implemented with a positive busi-
ness case. Out-of-Scope and therefore not relevant for the IT strategy is the current ERP
system (SAP), but a new application strategy is to be developed nevertheless, but based
In-scope Out-of-scope
on the current ERP. The foreign sites are also not in scope, which should not be taken
into account at this time.
for the core team for strategy development, i.e. the people who actually play a role in the
project and are given time specifically for the strategy project.
The question of responsibilities and leadership of the IT strategy project is crucial for the
results and success of the strategy implementation. Therefore, this question should be
carefully considered and decided. In practice, four different people are usually involved:
After it has been decided who will assume responsibility for the IT strategy project, it
needs to be clarified who will participate in the project and how tasks and roles will be
assigned.
Fig. 2 shows an exemplary organizational chart for an IT strategy project. The follow-
ing overview, which also provides a detailed description of the functions of the commit-
tees listed in the organizational chart, serves to explain these:
Control Body: Project Steering Committee There should be a control body for all IT
strategy projects. This body is often referred to as the “Project Steering Committee” or
“Steering Committee”.
Tasks of this body are the steering and control of the goals and progress of the IT
strategy project. It also serves as an escalation instance in case of disagreements about
decisions or results in the 7 steps to IT strategy.
Members of this body should be the company management, with the CEO or board
chairman being the most suitable as chairman of the body, who is the superior of the
CIO in the company. If the CIO is himself a member of the executive management/
board of directors, the chairman of the executive management or even a member of the
supervisory board can take over the chairmanship of the body. Furthermore, at least one
head of a department should be involved in larger projects for which IT is an important
Project Management
Project Manager
Head of IT Architecture
IT architecture
Team: Name, …
competitive factor. The project manager is also a member of this body, as he has the task
of reporting neutrally from the project (reporting instance). If the project manager is not
identical with the CIO or IT manager, he is of course also a member of the control body.
The body should meet at regular intervals, for example every two weeks or monthly
for about 2-3 hours, if necessary even longer.
The Project Management The project manager should actually be the IT manager or
CIO himself because of the impacts on the entire IT organization that are valid for the IT
strategy. However, this is often not optimal for political reasons, as it is naturally more
difficult and not recognized to take a neutral position as an IT responsible person com-
pared to other organizations. In such cases, it makes sense to appoint an external pro-
ject manager. In most cases, this is a company consultant specialized in IT strategy. The
advantage of an external solution lies in the moderation of the entire strategy process
by the 7 steps, which is neutral towards IT and the department compared to IT and the
department.
Task of the project manager is in particular the just mentioned moderation by the
strategy process. The project manager is responsible for resource management and the
professional leadership of all project employees. His task is to keep an overview of the
entire strategy process and to bring about a joint solution finding between IT and the
business. Furthermore, he has the task to report the project status to the control commit-
tee and to de-escalate possible conflicts quickly.
Project Employees from the IT Organization The “IT architecture” area or a related
area within IT should participate as a permanent instance in the IT strategy project. This
area can also be called IT controlling, IT strategy, IT governance, or IT organization. It
is important that the persons concerned are familiar with the interface between business
and IT and that they understand and link both the process and the IT side very well. In
demand/supply organizations, the demand side of the respective specialist departments
or business areas should also be part of the project.
Depending on the size of the company, a total of no more than 5 project employees
from the IT organization should be sent (in smaller companies 1-2 people are enough).
The task of this instance in the project is to support the linking of the business and IT
perspectives, which are of particular importance in steps 1-3. In addition, the IT project
employees take over the specialist tasks in connection with the IT architecture or the tar-
get application portfolio. They also support budgeting, sourcing strategy and above all all
technical questions.
Project Employees from the Departments/Business Units of the Company Last but
not least, the departments or business units are of immense importance for the success of
the project. Because only together can a valid and sustainable IT strategy be developed
for the entire company. Depending on the size of the company, up to 5 colleagues from
the departments should be won for the project.
50 Preparations: Setting up the Development of the IT Strategy …
Who all belongs to the departments? The term “departments” is used as a synonym
for all organizational units of a company. This means that all areas and departments are
meant: Administrative areas such as finance/controlling and human resources/HR, stra-
tegic business units, independent subsidiaries for which IT is responsible, areas such
as logistics and production as well as branches and locations abroad. It is a great chal-
lenge on the one hand not to overlook anyone, on the other hand not to “overload” the
IT strategy project. In many departments and often in distant overseas subsidiaries, there
is the notorious “shadow IT”. In particular, by working together on an IT strategy, a lot
of understanding can be gained for future cooperation. In the end, it is up to the supervi-
sory board together with the project manager to decide who should be involved and who
should not.
The tasks of the department start with step 2 with the joint derivation of challenges
for IT from the corporate strategy or from the departmental strategies. It is particularly
important to assess the current application portfolio in step 3 and to create a target appli-
cation portfolio, taking into account today’s problems and future requirements of the
departments. When creating and constantly checking the roadmap as a project portfolio
in step 6 as well as implementing the IT strategy in the form of the strategy cockpit, the
department is always a fixed component of all meetings.
After the project organization is in place, it must be planned in detail which work pack-
ages are to be processed and how they are to be planned in detail. The following 7 steps
to the IT strategy each form 7 work packages. The following example applies to the
structure of a work package (Fig. 3).:
• Head of the work package (name of the work package, responsible person, start and
end date, effort and version)
• Description of the work package
• Delimitation/scope
• Contents or activities of the work package
• Results
• Requirements
• Involved employees
Activities
- Structured interviews UN leadership
- BCG.Portfolio Analysis
- Competitive analysis according to Porter
- Requirement analysis departments
- Process analysis of the essential core processes at headquarters
Result/result types
- Process analysis
- BCG portfolio and competitive analysis
- Requirements overview of the departments
- Challenges for IT
- Decision-making
- Project presentation
Requirements and necessary supplies
- Official release of the project plan with corresponding resource and budget allocation
Involved employees
Project Manager IT Strategy with Team
Heads of department and process experts
Speakers UN Strategy
Before the start of the IT strategy project, the cost and investment planning for the imple-
mentation of the IT strategy cannot yet be carried out, as no or only very rudimentary
information is available on what needs to be changed, adapted or introduced.
52 Preparations: Setting up the Development of the IT Strategy …
Expenditure
Task Description task package Result documents
(PT)
31
The only planning basis for the project before the start is the calculation of any exter-
nal support that may be required. Strategy consultants, workshop moderators or experts
in IT architecture, sourcing or IT governance topics may need to be purchased externally.
For this purpose, offers from consulting firms must be obtained and the then required
effort must be included in the project budget planning.
For example, it can be helpful to outsource the moderation of the workshops and the
project management to create neutrality in decision-making, especially with regard to the
management or the supervisory board. The procedure for describing the tasks including
an estimation of the effort and the results per task package, as shown in Fig. 4, can be
helpful in this regard.
This example in Fig. 4 shows the support of external consultants in steps 1, 2 and 4.
The point 3 (application strategy) is deliberately left out, as a new development plan has
just been approved here. The focus is clearly on supporting the current analysis to cre-
ate clear neutrality as well as on moderating workshops and conducting structured inter-
views with stakeholders such as the management, department heads or IT colleagues. In
total, 31 person days are required for external support.
The IT Strategy as a Project 53
Stakeholders are groups of people with interests that are directly or indirectly affected by
the implementation of a project or initiative. They sometimes have specific expectations,
but can also have concerns or even fears, which can lead them to oppose or support the
project or initiative, and thus have a direct impact on its success.
In order to control the influence of these groups of people in the interests of the pro-
ject, the stakeholder analysis helps to find solutions in a very early stage—even before
there are large conflicts or the failure of projects or initiatives. It therefore serves as a
constant control and risk prevention, which helps the project manager to react faster and
more efficiently to emerging problems.
Fig. 5 shows an example of a stakeholder analysis including the evaluation in a stake-
holder portfolio. This makes it very easy to see who is in favor of the project. The Excel
list also includes columns for the treatment of stakeholders with ToDo’s.
Commitment/
Influence of the Setting the Proposal
No. Name Function/Role Interest in the To Do by whom? Until when?
stakeholders stakeholders Evaluation
project
5 Name 1 Name 5
4 Name 2
Interest in the project
2 Name 3
1 Name 4
0
0 1 2 3 4 5 6
Influence of the stakehoders
• very low: The stakeholder cannot help you at all and has absolutely no influence on
the success of the project
• low: The stakeholder has little to no influence
• medium: The influence is rather low, but if the stakeholder wanted, he could possibly
support.
• large: The stakeholder has influence on the project and can be a great help
• very large influence: A stakeholder who can contribute a lot to the success/failure of
the project (possibly there is even a dependence on the success of the project)
The IT Strategy as a Project 55
• very low: The stakeholder has no interest whatsoever in the success of your project
• low: The stakeholder has little to no interest
• medium: The interest is limited and his contribution to achieving the project goals
will be manageable
• high: The stakeholder has a great interest in the project goals being achieved and will
do a lot to make it happen
• very high influence: A stakeholder who has a very strong interest in the success of the
project and from whom a very strong commitment is expected.
• very positive: The stakeholder has a great interest in the success of the project and
will support it fully
• positive: The stakeholder finds the project/project good and will be more positive.
• neutral: The stakeholder has little or no interest in the project and pursues no specific
goal in relation to the project
• skeptical: The stakeholder had doubts and does not necessarily believe in the success
of the project/project
• very skeptical: A stakeholder who does not believe in the project/project at all or con-
siders it harmful and would like to sabotage it.
Measure: Specific measure for each stakeholder. This can be, for example, the following
measures:
• Control
• Close involvement through information
• Close involvement through conversation
• Please ask the superior for mediation or influence
• No involvement necessary
• Observe and ask every 2 weeks
In addition, it is important to define for each measure who will carry it out and by when,
in order to ensure constant monitoring of the measures by the project manager
No area in the company is more dynamic than information technology. New hypes, new
technologies and thus quickly outdated systems and infrastructure lead to ever shorter
investment or re-procurement cycles in the IT sector. Systems that have been imple-
mented and rolled out with great effort are already outdated from a technology platform
perspective at the start and theoretically one could start all over again. But how can a
medium to long-term orientation be achieved if one does not even know today what new
technologies will be on the market in 5 years?
The answer could be: Actually, it doesn’t matter at all and maybe you can plan
roughly on a 2- or 3-year horizon, but you can’t do that beyond that.
This can be decisively contradicted by proceeding correctly with the planning.
Even if nobody can look into the future and even visualization tools such as the
Gartner Quadrant can only provide a presumed view of things in the coming years:
Strategic leadership means first and foremost having a plan for the coming years, but it
does not mean that everything will happen exactly as planned. On the way there, things
can happen that are unpredictable and that one will then have to deal with.
This is just like planning a vacation: You won’t set off for a vacation destination with-
out first planning how to get there and what you need for the journey and at the destina-
tion for the coming days or weeks.
The same is true for leading the IT department. Goals have been set by corporate
management or departmental managers that need to be implemented; now it is time to
The Economic Efficiency of an IT Strategy 57
plan how to get there and above all what is needed for this—analogous to a vacation trip.
The basis for this is the IT strategy. It shows a concrete plan of how to achieve goals and
what is needed on the way there. The IT strategy cockpit as a kind of navigation system
for the IT organization helps to make necessary adjustments again and again and to see if
one is still on the right track.
This strategy cockpit enables you to check the IT strategy on a recurring basis. The
associated IT strategy reviews give the opportunity to check, adjust and possibly add new
goals that have been set.
In general, it must be noted that the development of an IT strategy is not a one-time
event during which a document is created that contains all the guidelines for the next 5 or
8 years. It is just as clear that today’s decisions and strategy documents may be obsolete
tomorrow. Therefore, the IT strategy development presented here is designed so that the 7
steps can be carried out all at once or individually, depending on the appropriate situation.
The IT strategy with all 7 steps should be valid for about 3-5 years, but should be con-
stantly questioned and checked using the aforementioned strategy cockpit. The following
subdivision can be helpful in this:
In the introduction, the topic of IT costs has already been addressed in the sense that
the prevailing tenor of all corporate leaders is: “IT costs are much too high!” This atti-
tude may appear to be justified at first glance, but a more appropriate question would be:
“Which are the right investments in IT in order to achieve a higher return on investment
for the company as a whole and which investments in IT are rather to be neglected?”
In order to answer the crucial question of the economic efficiency of IT, only an IT
strategy can help. Because in the IT strategy these questions are answered exactly:
• It is shown how the actual needs of the company and the departments receive the right
IT support.
• With the help of classical make-or-buy decisions, it is considered which IT services
can be economically provided by third parties and which internally.
58 Preparations: Setting up the Development of the IT Strategy …
• A project portfolio creates transparency about all IT projects and clearly shows which
projects are economically viable and which are not.
• Last but not least, an adapted balanced scorecard ensures that, with the help of a cock-
pit, the goals of IT can be controlled and reported in a transparent manner.
This chapter deals with the question of “How do I deal with certain expectations with
regard to the IT strategy?” In the stakeholder analysis, many answers have already been
given, but the possible problems on the way to the IT strategy should be summarized
again. This was very well shown by professors Ward and Peppard from Great Britain in
their book “Strategic Planning for Information Systems” [39].
The following are excerpts from these possible problem situations from Ward/Peppard
that can help you to get through the IT strategy process as smoothly as possible:
• Problems with the support of the top management (the involvement of the top man-
agement is crucial)
• Not having the freedom to communicate and implement change processes in the
company
• Ignoring the company’s goals
• Problems with understanding or translating the company’s goals into IT goals
• Problems with the integration of all necessary stakeholders including key users into
the IT strategy process
• Only listen to the “wish list” of the user in the application strategy and not look for
requirements left and right of the way
• Ignoring the actual weaknesses of one’s own IT organization in order to be able to
carry out such an IT strategy process “alone and internally”
• Not to think that only one proposal for an IT strategy is up for decision, but several
alternatives that are presented to the top management
Now all the basics have been created for your own work on the IT strategy. As part of
the preparations, the following worksheets will be developed to set up the “IT strategy”
project.
Participants in this so-called “0. Step” are the IT manager/CIO, his superior for exam-
ination and, if necessary, an external consultant who can help to set up the process cor-
rectly from the outset.
Working Questions for Setting up the IT Strategy Project 59
What is the project goal? Think about breaking down the goal (specific, measurable,
realistic, accepted and scheduled)
Clarification and definition of the scope (What is in-scope and out-of-scope?)
Project Objective:
Target rule Fulfilled?
Specific
Measurable
Accepted
Terminated
60 Preparations: Setting up the Development of the IT Strategy …
In-Scope Out-of-Scope
Working Questions for Setting up the IT Strategy Project 61
What are the essential milestones of the project (possibly analogous to the 7 steps)? (Note: Not all
7 steps have to be necessary processed, but only the necessary ones).
Please enter the timeline below and then the milestones of the IT strategy project.
62 Preparations: Setting up the Development of the IT Strategy …
Activities
Result/result types
Employees involved
Working Questions for Setting up the IT Strategy Project 63
On the basis of the work packages just created in worksheet 3.4, you can now present
the effort as well as the result documents once again in a clear manner (for example as
a decision template for the management)
Work Expenditure
Description Work package Result documents
package (PT)
64 Preparations: Setting up the Development of the IT Strategy …
Who all has to be involved in the project (IT, departments, management, etc.)
Who is responsible for the project?
Appoint participants of the steering committee
Define escalation paths
Project management
IT architecture
Commitment /
Influence of Attitude of the
No. Name Function / Role Interest in the
Stakeholder stakeholder
project
1 = very low 1 = very low 1 = very positive
2 = low 2 = low 2 = positive
3 = medium 3 = medium 3 = neutral
4 = large 4 = large 4 = negative
5 = very large 5 = very large 5 = very sceptical
4
Interest in the project
0
0 1 2 3 4 5 6
Stakeholder input
Step 1: IT Status Quo Analysis
Abstract
If you want to improve something, you have to know the starting point. This is step 1,
an internal analysis of IT processes, organization, technology maturity and financial
situation. The result of the first step shows the current state of all areas of IT in a clear
network diagram and provides first indications of possible areas of action in the devel-
opment of the IT strategy.
IT Processes
As already shown, the development of strategy does not 1:1 align with the requirements
of CMM(I) or other process and maturity models. Instead, IT processes that are useful
for the current analysis and for further optimization are extracted from all models—in
the sense of better IT-business alignment. These are the five IT processes described in the
following list, which are evaluated neutrally in this first step.
• Project management: Within the scope of project management, it is checked how well
projects are carried out in the respective IT organization and to what extent standards
and experience for the professional implementation of IT projects are available.
• Demand Management: Within the scope of demand management, it is about the
aspects of a smooth cooperation between IT and department as well as about how this
is organizationally underpinned and lived. If no explicit demand management is inte-
grated into the IT organization, but for example the IT is functionally divided, then
the questions can still be answered. The interface business/IT always exists, no matter
what it is called.
• Supply Management: Supply management reflects the technical core of the IT organi-
zation. It is analyzed to what extent an IT operation is professionally set up and how
the interfaces between demand/supply and department are structured.
• Service Management: The focus is on the mapping of the most important ITIL pro-
cesses in the area of IT operations. It is checked to what extent the most important
ITIL processes are mature in the IT organization.
• Quality Assurance and Quality Management: This area deals with the quality assur-
ance of IT processes. Are there clear quality definitions as well as methodological
basics for the constant improvement of IT processes? Has a reporting been installed
over several control levels and is there a monitoring of IT processes?
This area includes a review of the IT organization. The focus is on IT governance struc-
tures as well as on IT organization and IT HR facts. For this purpose, the following five
framework areas are examined and evaluated:
Technology
The following five topics are examined and evaluated in the “Technology” area of
investigation:
Finances
• Optimal cost structures: The precise knowledge of the cost structures of the IT organi-
zation is the basis for any new investment and the basis for the decisions of the man-
agement. Therefore, the cost structures of the IT will be examined in more detail here.
70 Step 1: IT Status Quo Analysis
• IT controlling: Reporting, key figures or key performance indicators (KPIs) are the
basis for the transparent control and management of an IT organization. Therefore, it
is important to know where the company stands in this area and where there is poten-
tial for improvement.
• Compliance: The topic of compliance is not only relevant for many IT responsible
persons, but often—for liability reasons—also for the management or the board of
directors. In this area, it is examined whether there are still gaps that need to be closed
or whether the company is already compliant with the valid compliance rules.
An important note at the beginning: It is very important for the further development of
the IT strategy that work is always done in writing. Only if all answers, information or
results have been fixed in writing can they be revised, further developed and integrated
into the IT strategy together.
Involved Step 1
Then the question arises as to who should answer the questions for the current analysis?
In general, this should be answered under the direction of the ideally already named
project manager. In smaller projects, this is the CIO or IT manager himself, in larger
companies and correspondingly larger projects, this can be a neutral third party (spe-
cializing in IT strategy consultant). It is important that the questions be asked as part of
structured interviews and research, and that, after the analysis, a comparison with the
supervisor of the IT manager/CIO from management or with the board of directors must
take place.
The first worksheet shows an example questionnaire, which is explained in more detail
below. For each question, a cross must be placed in one of the three answer fields. The
number of points is always shown in square brackets and corresponds to answer 1 with
[0] points, answer 2 with [5] points and answer 3 with [10] points.
After each questionnaire (worksheet), the number of points achieved is summed up in
the last line and, according to the following legend, a value is assigned to the entire ques-
tionnaire (worksheet):
• 0–10 points = 1
• 11–20 points = 2
• 21–30 points = 3
• 31–40 points = 4
• 41–50 points = 5
This value of 1 to 5 is then transferred to the spider diagram at the end so that there
is a quick overview for each area of how well or badly the IT organization is set up.
This evaluation therefore already shows in step 1 the first areas of action within the IT
strategy.
Examples for Step 1
To illustrate the status quo analysis, we choose the example company Produktio weltweit
GmbH. This company has some problems in the area of sourcing as well as governance/
organization. We will not go through the entire status quo analysis, but show by way of
72 Step 1: IT Status Quo Analysis
example how the questionnaire and its evaluation work and then show the spider diagram
with the complete evaluation.
The status quo analysis starts with the evaluation of the IT processes and the first
questionnaire on project management (here worksheet 2.1). The correct answer is docu-
mented in the respective cell in bold font.
1 How often have IT projects failed (in terms of More than 50% Max. 10% [5] Not at all [10]
budget or schedule overruns) in the past [0]
five years?
2 Is there a dedicated project management No [0] Yes, but not yet Yes, fully
office? Is there continuous training for all established [5]. functional and
employees on project management topics? provides good
support [10].
3 Is there a project plan that can be viewed by No [0] Yes, in part [5] Yeah.
everyone involved in the project, that is Proven [10]
comprehensible and structured according
to standardised rules?
4 Does the monitoring follow clearly regulated No [0] Yes, rules and Yes, rules and
procedures and known and functioning escalation escalation paths
escalation paths? pathways are are clearly
partially defined [10].
functional[5].
5 There is a clear commitment of the top No [0] Yes, in part [5] Yes, very
management to the projects and a proven professional [10]
change and scope management.
Total points 0 20 0
The rating for the “Project Management” point under “IT Processes” therefore did not
turn out to be so good and is “2”, which reflects the governance and organizational prob-
lems indicated in this company.
The next worksheet 2.2 shows by way of example the answer to the “Demand
Management” area under “IT Processes”. Unfortunately, the evaluation only results in a
Working Questions and Implementation Step 1 73
“1”, which is due to the fact that Produktio weltweit GmbH has not yet introduced any
demand management. It works according to the old “Plan-Build-Run” concept and the
software developers talk directly to the departments; therefore, there is indeed contact
with the department, corresponding business know-how and an input channel for require-
ments, which is not standardized, but at least known in the department through long-term
cooperation. However, demand management is not yet set up, which leads to this poor
rating.
1 Develop the Demand Management with Supply No [0] Yes, in part [5] Yes, available
Management solution ? [10]
2 Does the Demand Manager exist as a No [0] Yes, but not yet Yes, established
standalone role? established [5]. role and
accepted in
business [10].
3 Are the interfaces between business and IT No [0] Yes, in part [5] Yes [10]
standardized?
4 Does the demand management team provide No [0] Yes, in part [5] Yes [10]
proactive advice and demonstrate a high level
of business know-how?
5 Do the departments have a clear and well No [0] Yes, in part [5] Yes, very
communicated input channel for professional [10]
requirements?
Total points 0 10 0
It should suffice as an example to only show the first two questionnaires from the “IT
Processes” area here; all other questionnaires are filled out identically. Afterwards, as can
be seen in Worksheet 2.3, the ratings of the individual areas are either transferred to a
table or, for those who prefer graphical representations, also to a network diagram, as in
Worksheet 2.4. The results for the questionnaires IT governance, technology and finance
are assumed for the example company Produktio weltweit GmbH.
74 Step 1: IT Status Quo Analysis
Please transfer now the achieved points per questionnaire into the following table to get a
total overview of the points per survey item
IT processes
Project Management 2
Demand management 1
Supply management 3
Service management 2
Quality Management 4
IT Governance Structures 2
Sourcing strategy 1
Business IT Alignment 3
Employee development 3
Technology
Architecture Management 4
Software development 4
Finance
IT controlling 2
Compliancea 2
Worksheet 4 shows how the result can look in a network diagram by way of example.
Working Questions and Implementation Step 1 75
Project Management
5
Compliance Demand management
3
Optimal cost structures Service management
2
It is very quickly recognizable in the network diagram where the “rabbit in the pepper”
is. All areas of the actual analysis, which have only received a “1” as a rating, must be
looked at very closely and should be newly worked out in detail as part of the next six
steps. The areas rated with a “2” also count as the fields of action which are exemplarily
represented in the following worksheet 2.5 in order to create a better overview.
76 Step 1: IT Status Quo Analysis
Worksheet 4.5 EXAMPLE: Deriving the fields of action from the as-is analysis
This worksheet is used to identify the fields of action from the as-is analysis:
Fields of action are all areas from the questionnaires that scored worse than 2.
have
Service management So far, only in the context of outsourced data center services
from the provider best-practice processes according to ITIL;
urgent need for professionalization in service management.
In particular, the service desk with
Hotline and ticket system must be improved
IT governance structures These are still missing to a large extent (part of the
organisational problem of Produktio weltweit GmbH).
Sourcing strategy Within the Scope of Sourcings, there are problems to identify
with current Providers that need to be viewed within the
Scope of Sourcing-Strategy.
Roles & Responsibilities Roles and responsibilities must be clearly defined and
delineated
Project Management Standards and training courses are still missing here, which
must be established at Produktio weltweit GmbH in order to
successfully carry out projects according to clear standards.
can.
It becomes very clear in this first step of the actual analysis that some fields have to be
looked at more closely and improved at Produktio weltweit GmbH. It is also clear that
the scope definition of the project made in the preparations must be extended by the
eight fields of action shown in worksheet 5.
Working Questions and Implementation Step 1 77
But enough of the example: The questionnaires follow in the form of worksheets for
your very individual actual analysis.
IT Processes Questionnaire
1 How often have IT projects failed (in terms of More than 50% Max. 10% [5] Not at all [10]
budget or schedule overruns) in the past five [0]
years?
2 Is there a dedicated project management No [0] Yes, but not yet Yes, fully
office? Do all employees receive ongoing established [5]. unctional and
training on project management topics? provides good
support [10].
3 Is there a project plan that can be viewed by No [0] Yes, in part [5] Yeah.
everyone involved in the project, that is Proven [10]
comprehensible and structured according
to standardised rules?
4 Does the monitoring follow clearly regulated No [0] Yes, rules and Yes, rules and
procedures and known and functioning escalation pathways escalation paths
escalation paths? are partially are clearly
functional[5]. defined [10].
5 Is there a clear commitment of the top No [0] Yes, in part [5] Yes, very
management to the projects and a proven professional [10]
change and scope management?
Total points
1 Does Demand Management work out solutions No [0] Yes, in part [5] Yes, available
with Supply Management at an early stage? [10]
2 Does the Demand Manager exist as a No [0] Yes, but not yet Yes, established
standalone role? established [5]. role and
accepted in
business [10].
3 Is the interface between the department No [0] Yes, in part [5] Yes [10]
and IT standardized?
4 Does the demand management team provide No [0] Yes, in part [5] Yes [10]
proactive advice and demonstrate a high level
of business know-how?
5 Do the departments have a clear and well No [0] Yes, in part [5] Yes, very
communicated input channel for requirements? professional
[10]
Total points
1 Does the supply management provide No [0] Yes, in part [5] Yes, completely
requested resources flexibly and quickly? established [10]
2 Are IT solutions standardized, modular and No [0] Yes, in part [5] Yes, all IT
sourcable? solutions are
standardized,
modular and
sourced [10].
4 Does Supply Management offer services as No [0] Yes, in part [5] Yes, it is done
services? on the basis of
professional
services [10].
5 Are the transition and interface between No [0] Yes, in part [5] Yes, very
demand and supply organization transparent professional
for all and clearly defined in one document? [10]
Total points
1 Are the service management processes No [0] Yes, some of Yes, completely
according to ITIL standardized? them are the according to ITIL
service standardized
Management or to the own
Processes needs completely
established, ITIL oriented
but not yet [10]
universal
Everywhere [5]
2 Are IT operations based on standardized No [0] Yes, in part [5] Yes, already
Service Design Processes (Availability entirely after
(service availability), Continuity (restoration ITIL
of services in emergency) and Capacity standardized
Management (planning/monitoring of the [10]
essential resources))?
3 Has a professional Service desk with hotline No [0] Yes, in part, but Yes, fully
and ticket installed? there are still established and
Improvement- in business
potential [5] Accepted [10]
4 Do you work on the basis of clearly agreed No [0] Yes, in part [5] Yes, fully
service level agreements with suppliers established and
and internally with customers? in business
Accepted [10]
5 Are standardized service operations processes No [0] Yes, in part [5] Yes, very
(incident, problem, change and release professional on
management) used? the basis of
ITIL [10].
Total points
1 Is there an IT quality and security administrator No [0] Yes, but not a Yes, the role is
in the company? stand-alone role 100% established
or only involved (as an FTE) and
in it to a certain recognized [10].
percentage [5].
3 Is the source code created for essential No [0] Yes, in part [5] Yes, is constantly
applications complete and reviewed so that verified [10]
third parties can make changes and
enhancements?
4 Are IT projects subject to clear quality criteria No [0] Yes, in part [5] Yes [10]
and are these monitored and checked?
5 Are there quality standards for IT performance No [0] Yes, in part [5] Yes, very
and services vis-à-vis the department? professional
and accepted
in the field [10].
Total points
1 Is the IT governance structures for COBIT- No [0] Yes, in part, Yes, COBIT is
framework installed or are clear individual but it's still full
standards in use? not complete implemented
[5] or Yes, there are
clear standards
in the area of IT
governance are
in place [10].
2 Are IT governance processes aligned with No [0] Yes, in part [5] Yes, completely
overall corporate governance? coordinated with
each other [10]
3 Do IT governance processes ensure that the No [0] Yes, in part [5] Yes, very
risks posed by IT in the company are comprehensive
minimized?
[10]
4 Does an IT portfolio management exist and No [0] It is being worked Yes, fully
is it established? on [5] established and
will also
regular
verified [10]
5 Does IT innovation management identify and No [0] Not regularly and Yes, very
evaluate business and technology trends? only on certain professional [10]
occasions [5].
Total points
2 Is the management of external suppliers based No [0] Yes, in part [5] Yes, very
on standardized processes? professional [10]
4 Is there an overview of whether services have No [0] Yes, partly Yes [10]
been purchased in line with benchmarks? (depending on the
supplier or
service) [5].
5 Exit clauses are included in the contracts with No [0] Depending on Yes, for all major
suppliers to allow flexible switching to another supplier and suppliers/vendors
supplier at no extra cost. contract [5] available
[10]
Total points
1 Are there role descriptions for all employees No [0] Yes, in part [5] Yes, available
in your IT organization? and up to
date [10].
3 Are there clear role descriptions for project No [0] Yes, in part [5] Yes, role
organizations? descriptions are
for Projects
compulsory
and present[10]
4 Is the role of the CIO/IT manager in the No [0] Yes, but Yes, clearly
Management and the 2. partly not defined,
management level are clearly defined and are communicates delimited and
Delimitations to other roles from the or in process known on FB
Department defined? or not quite and accepted
clearly defined [10]
and not known
in the department
[5].
5 Is the role of IT clearly defined in the form of No [0] Yes, in part [5] Yes, very
an IT vision or through marketing/newsletters professional [10]
in the company?
Total points
1 Are there regular meetings with agendas No [0] Yes, in part [5] Yes, present
and follow-up on open issues between without
departments and IT? significant
exception [10]
2 Are the soft factors (e.g. mutual trust, No [0] Yes, to some Yes, very well
understanding and respect) present between extent, but not pronounced [10]
IT and department ? yet established
[5].
3 Is there job rotation between departments No [0] Yes, but only Yes, that will
and IT in the company? in very small through IT and
scale [5] Department
intensive
promoted and
used [10]
4 Are common training courses held for No [0] Yes, but relatively Yes, many
departments and IT? rarely and only issues are being
too completely shared
special brought forward
Topics [5] and trained
[10]
5 If the business processes of the No [0] Yes, in part, but Yes, there is a
business department and IT are jointly only very constant
created/modelled and constantly on the irregular Exchange and
kept up to date? and only after a panel for
Solicitation [5] Processes
and/or roles,
that the daily
live [10]
Total points
2 Are advanced training courses No, there's no Yes, there will be Yes, professional
in the technical area offered for such thing as training in the training has
all IT- Employees offered? none specialist area a high importance
Further training offered, but and it it is tried
in the technical not for all or to get all associates
Range [0] only for selected thereon share [10]
Employees[5]
3 Do further trainings also take place No [0] Yes, in part [5] Yes, that's encouraged
on the level of soft skills (for and there are further
example in the area of training in other fields
communication skills)? [10].
4 Are there transparent career No [0] Yes, in part [5] Yes, there is leadership
development stages with training and career
associated leadership training? planning [10].
5 Does appraisal and objective No [0] Yes, but not for Yes, very professional
agreement takes place regularly all employees or and regular
with all the employees? the targets have implementation, and
no direct Testing with
Impact [5] Consequences [10]
Total points
Technology Questionnaire
1 Is the role of the "IT architect" No [0] There is no direct IT architect Yes, the role of the
established in the company? with a clear role description "IT architect" has been
for architecture management, described, filled and
but other roles take on these established [10].
tasks as well [5].
2 Is IT architecture management No [0] Yes, but not yet established Yes, more established
a constantly recurring and [5] Process [10]
established process of the IT
organization?
3 Is an overview of Cloud IT systems No [0] Yes, in part, shadow systems Yes, the shadow
( created without official IT support are known, but there is no systems are largely
or purchased IT-Systems in the clear plan to Replacement known...
department) available and is or only partial [5] and there's a
working in intergration with this replacement plan
Cloud-systems frame of the [10]
IT-Architec
4 Is the replacement of existing No [0] Yes, legacy systems are Yes, legacy systems
legacy systems integrated into known for the most part, are well known, and
the IT architecture planning and but a replacement strategy they are already being
is there a clear plan by when is not yet established or used with a clear
these are detached? only in progress [5] strategy on
of replacement
worked [10]
5 Is the technical and professional No [0] There is an overview of all Yes, all IT systems
"State of health" of all IT systems and also a are regularly
systems are sufficiently known Assessment of the reviewed and it
and is this regularly checked? "state of health," but measures are taken
this is not a regular derived or the
Process involving impacts Development plan
or changes to the adapted in case of
development plan [5]. problems[10]
Total points
1 Is there a detailed IT Security No [0] Yes, in part [5] Yes, available and will
concept in the company and is regularly checked and
the implementation of IT Measures or
Management checked and consequences of this
enforced? derived [10]
2 Is there an IT security officer? No [0] The role is not explicitly Yes, role is described,
so named, but the tasks defined, filled and
are performed by established in the company
Employees [10]
Perceived [5]
3 Are there binding targets for the No [0] There are Yes, they are binding targets
IT security, which is supported by Catalogues of measures defines for IT security, which
the management supported and concepts, but a known to the UN leadership
and regularly reviewed clear definition and and supported by her and
become? Strategy adopted by the be verified [10]
UN leadership supports
does not exist [5]
4 Is there an emergency plan/ No [0] There are documents on An emergency plan as well
disaster recovery process in this and staff who could as the process with
place that is tested regularly? work through an instructions on what to do in
emergency plan, but no case of an emergency is
Tests and clear known. There is a
Binding responsible persons and a
Instructions [5] Emergency is regularly
tested/practiced. [10]
5 Are the processes in the area of No [0] Employees take care of it, Yes, the processes are
Availability Management (ensuring but a clear standardization standardized, documented
and optimizing service availability) with responsibilities and and a responsible person
and the Continuity Management clear instructions does not explicitly takes care of them.
(restoring the most necessary exist [5] [10]
services in the event of a disaster)
standardized?
Total points
Overall ranking
Working Questions and Implementation Step 1 89
1 Are all IT infrastructure end devices No [0] Yes, there are standards, Yes, clear standardization
in the company, such as but they have not been in place with no significant
notebook/desktop, monitor, met everywhere [5]. exception [10].
mouse, keyboard, etc., available?
standardized?
2 Is there monitoring with clear No [0] Monitoring takes place Yes, monitoring is in place
warning and testing mechanisms by staff, but there is no with clearly defined
for the data center so that errors monitoring software or processes to monitor the
can be detected and corrected automated processes for data center and provide
at an early stage? monitoring [5]. early alerts.
[10]
3 Are the servers virtualized No [0] Partly there are virtualized Yes, there is a clear strategy
where possible? servers, but there is no as to when servers will be
strategy [5]. virtualized and this is already
implemented or in progress
with a
Action Plan [10]
4 Are functional backups available No [0] There are data backups, Yes, there is a defined data
for all the servers and is this but they are done backup concept with
safety mechanism constantly manually by employees automated safety
audited and maintained? and not automated [5]. mechanisms that are
checked and tested.
5 Is the load on the servers No [0] Known to a large extent, Yes, the load is always
consistently analysed, are load but no clear strategy to tracked and has warning
peaks known and avoided avoid load peaks [5]. mechanisms on an
as far as possible? automated basis. This
process is tested regularly
and load peaks can mostly
be avoided be [10]
Total points
Overall ranking
90 Step 1: IT Status Quo Analysis
1 Are there master data managers No [0] There are employees in Yes, the role of the master
in the company? IT and/or in the business data manager is regulated
department who take care and clearly defined for all
of this "on the side" [5]. data region. The responsible
persons have a committee
for exchange and have clear
role descriptions of their
tasks.
2 Are there uniform rules for data No [0] In part [5] Yes, the regulation and
management? handling of data is defined
and documented
[10]
3 Are there clear rules and master No [0] Only in part [5] Yes, the regulations are
data processes per IT application defined, documented and
that determine which employee established per application
can access which data and when? [10].
...on?
4 Are there key figures and No [0] Only very irregularly and Yes, key figures and
checking rules that are used to not according to clear, checking rules are available,
check the data quality in the recurring rules [5]. documented and regularly
systems at recurring intervals? applied to check data quality.
From this
Measures derived. [10]
Overall ranking
Working Questions and Implementation Step 1 91
1 Questionnaire Technology - No [0] Yes, in part [5] Yes, are available and
Software Development established [10]
2 Are detailed requirement and No [0] Yes, but not yet Yes, specifications are
functional specifications used consistently everywhere obligatory according to
in all IT software projects as and not at the desired clear standards and are
the basis for the maturity [5]. subject to testing and
Programming requested? acceptance.
[10]
3 Are the development environment No [0] Partially yes (depends Yes, there are clear
and software technologies used on applications or regulations and standards
up to date? staff) [5]. [10].
Booth?
4 If the source code has been No [0] Not for all applications, Yes, for all applications the
deposited with a third party but partly yes [5]. source code is available in
so that in the event of an case of emergency [10].
emergency or insolvency of
the supplier, a Further
development is possible?
5 Is the documentation of the No [0] Only partly (depending on Yes, clear rules and
software also included in the Application) [5] standards for source
source code so that third parties code documentation and
can continue to work on it? review and measures [10]
Total points
Overall ranking
92 Step 1: IT Status Quo Analysis
1 Is the cost management of IT No [0] Yes, but is still partly a Yes, clear standards in cost
subject to clear rules according work in progress or accounting are in place [10].
to cost centres, types of cost immature [5].
and carriers?
2 If budgeting uses a No [0] Yes, but not yet 100% Yes, clear regulations that
breakdown that differentiates mature [5]. present clear delineations
IT areas transparently (e.g. of costs and allow for
according to projects, operations, comparisons [10].
Personnel, licenses, etc.)?
3 Are regular TCO analyses No [0] Yes, but not for all Yes, TCO analyses are
carried out and are the Areas [5] mandatory and subject to
benchmark-appropriate price clear regulations [10].
and /Cost structures of the IT
Resources known?
4 WHave the cost drivers in No [0] Cost drivers are known to Yes, cost drivers are also
IT been identified, are they management, but a cost known in the UN
regularly reviewed and if reduction program is not management and a
necessary: are cost reduction professionally established professional cost
programs implemented? [5]. management with constant
urden die Kostentreiber in der view on possible
Savings established [10]
5 Do regular cost optimizations No [0] Only when one comes Yes, there are regular cost
take place in IT? across it and in the case optimization rounds and
of new acquisitions is clear guidance on business
attention paid to the price; cases [10].
but there is no systematic
optimisation procedure
[5]
Total points
Overall ranking
Working Questions and Implementation Step 1 93
1 Can the company management be No [0] Yes, but not ad hoc and Yes, a management report
provided with information on the the metrics are not agreed can be prepared at any
key IT figures at any time? with UN management [5]. time on the basis of known
and agreed key figures.
are generated [10]
2 Have specific IT key figures and No [0] Metrics exist, but not Yes, there are systematic
KPIs been defined for all IT consistently for all and recurring audits of key
systems, IT operations and IT services, nor are they performance indicators for
projects, and are these defined systematic [5] essential IT services [10].
recurrently and systematically?
checked?
3 Is there a monitoring and reporting No [0] Monitoring is carried out Yes, there is a monitoring
system - for example based on once a year during system / a BSC, with which
an IT balanced scorecard? budgeting [5]. the costs and key figures
are regularly audited [10].
4 Will deal with profitability No [0] Yes, but not for all projects Yes, there are clear rules
calculations in IT, especially for or schemes and if so, not for business case creation,
new IT projects/IT projects according to clear rules which are reviewed by
worked? [5]. management and
is released. [10]
5 If the process costs of the IT No [0] Yes, but only for selected Yes, all IT processes with
processes are known and can be areas and not costs are known and
these are actively controlled? systematically[5] are controlled [10]
Total points
Overall ranking
94 Step 1: IT Status Quo Analysis
2 Has a license management been No [0] Licenses are managed, Yes, there is a license
established? but there is no complete management tool with an
overview with audit audit function and overviews
function [5]. of who has which licenses
and how much they cost.
these are [10]
3 Is GDPdU-compliant archiving No [0] For the essential areas Yes, for all areas exactly
of all necessary documents yes, but not across the according to GDPdU
guaranteed? board professional [5] regulations [10].
4 Can it be ensured that all software No [0] For the essential core Yes, this is demonstrable
products used in the company systems yes for all applications [10].
were also legally acquired?
5 Does the company have a data No [0] Yes, but outdated or in Yes, up to date and
protection policy in place to progress [5]. approved by management
ensure that all data is [10].
be protected?
Total points
Overall ranking
Working Questions and Implementation Step 1 95
Please transfer the points achieved per questionnaire to the following worksheet 2.24 in
order to obtain an overview of the points per subject of investigation.
Please transfer now the achieved points per questionnaire into the following table to get a
total overview of the points per survey item
IT processes
Project Management 2
Demand Management 1
Supply Management 3
Service Management 2
Quality Management 4
IT Governance Structures 2
Sourcing strategy 1
Business-IT Alignment 3
Employee development 3
Technology
Architecture Management 4
Software development 4
Finance
IT controlling 2
Compliance 2
96 Step 1: IT Status Quo Analysis
For better overview, the results can be transferred to the pre-formatted network diagram
in the following worksheet 25.
Please transfer the points from the questionnaires into the network diagram
Project Management
Compliance 5 Demand Management
Once the results of the status quo analysis of IT are available, the areas of action can be
relatively easily derived from the identified weaknesses and refined in steps 2 and 3:
This worksheet is used to identify the action fields from the Ist-analysis:
Action fields are all areas from the questionnaires that scored worse than 2.
Conclusion Step 1
Before a strategy can be developed, it must be known what the starting point and the
basis is from which it starts. By answering the questionnaire in the four categories, many
insights have certainly already ripened, which may have been dormant, but are usually
only brought to light through intensive dealing with questions. Therefore, the completion
of the first step was also characterized by a first derivation of areas of action. These give a
quick first impression of what the priorities in the development of the IT strategy can be.
The three most important personal thoughts, insights, key words for the status quo
analysis of IT:
Step 2: Analysis of the Corporate
Strategy and Derivation of Challenges
for IT
Abstract
After an overview of the current maturity of the IT organization and IT processes has
been created in the first step, the derivation of concrete action plans for IT from the
corporate strategy and departmental bottlenecks follows.
First, the corporate strategy is examined in more detail. As a result, possible inno-
vation potentials for IT are identified together with corporate management. This
results in the formulation of an IT vision that roughly defines the action plans for IT,
i.e. the direction of travel for IT is roughly outlined.
In this second step, things are getting a little more concrete by examining the bot-
tlenecks and problems of the departments together with the department heads with a
view to optimizing them through IT systems.
“You just have to derive the IT strategy from the corporate strategy,” many consultants
say. But it’s not that simple. The following diagram in Fig. 1 is intended to show what a
procedure for deriving the IT strategy might look like. This is done very simply and only
provides a schematic representation of the dependencies of the various planning levels.
Fig. 1 shows quite clearly that any planning basis is based on the corporate strategy,
from which the business processes are then formed. IT is a kind of support in the form
of automated processes by IT applications. These applications find their echo in the IT
strategy and are supported by the sourcing and budget strategy. This clarifies how the
applications are financed and who operates them. At the lowest level are the planning
tools for implementing the IT strategy: The IT roadmap and the IT strategy cockpit for
controlling and adjusting the IT strategy over time.
As already described in the introduction, the IT strategy is a sub-strategy of the corpo-
rate strategy. It should therefore not be developed separately from the corporate strategy.
u The IT strategy does not derive from the existing departmental processes, but from
the corporate strategy. This is a big difference, because the departmental processes
can change from one day to the next due to internal restructuring, external pres-
sures such as legal changes or new products/services for customers. Part of them
may not fit the corporate strategy at all. The corporate strategy, on the other hand,
is based on solving specific bottlenecks, problems or needs of a target group (the
customers) and has a much longer time horizon than internal processes as a busi-
ness model. It is therefore a much more solid basis for a sustainable IT strategy
that should also be valid tomorrow.
It is only important that a corporate strategy exists which is still valid in 5 years. Because only
then can the IT investments be worth it in an optimally coordinated IT system landscape.
The connection between corporate strategy and IT strategy shows once again very
clearly the way the IT has to go: From the rather technically shaped delivery unit to a
modern organization which, together with the specialist departments, directly analyzes
the bottlenecks and problems of the customers and offers IT innovations to solve cus-
tomer problems. It is of enormous importance that the IT organization “goes out”—not
only to the specialist department, but together with the specialist department to the cus-
tomer on site, in order to better understand problems and bottlenecks. Only then will a
sustainable IT strategy be possible and implementable.
So how do you proceed now to derive the challenges for the IT organization from the
corporate strategy? Especially if there is not even a detailed written corporate strategy?
In step 2, the already familiar “Produktio weltweit GmbH” will again serve as an
example to illustrate the individual chapters.
Internal and External Influencing Factors 101
Before the analysis of the corporate strategy begins in order to derive the possible chal-
lenges for IT, the starting situation of the company should be described. This then forms
a kind of basis on which the considerations for the IT strategy are based.
The starting situation includes the description of the current situation of the company.
The answers to the following questions can be exemplary for the current status quo:
Answering these questions can give a first impression of where the company is currently
located and how it is currently standing in the market.
The starting situation for Produktio weltweit GmbH is shown in Fig. 2 as an example.
As already stated at the beginning of the book, there are few companies that have a
mature and written corporate strategy. Strategy has been a buzzword for years that is eas-
ily taken for granted—also for decisions and procedures that do not yet characterize a
clear strategy. Often these are only general target directions: “We want to become market
leaders!” or “We want to provide our customers with the best service!”
Therefore, first an excursion is made to the topic of corporate strategy, which will pro-
vide an important basis for the development of the IT strategy.
On the procurement side, the sharp rise in raw material prices and the
associated weaker margins are having a negative impact.
A big challenge are the very different processes in the foreign plants
(esp. finance/HR, production/logistics)
strategy were based on the principle of future planning. Planning and future are things
that we do not know and cannot anticipate. Therefore, a strategy that is based on these
unknown variables is always a look into the crystal ball and thus not sufficient for the
guidelines of a company. This was confirmed at the latest by the well-known strategy
guru Henry M. Mintzberg in the 1980s.
If we cannot look into the future, how should strategies for the future arise?
Henry Mintzberg: “Our conclusion is that strategy proceeds on two legs—one delib-
erate and the other emergent” [32]. Emergent in this context means that the behavior and
decisions of executives lead to strategies that were never fixed in writing and that a strat-
egy develops from the daily decision complexes of a company on its own. This also fits
his statement that strategy “[…] is a pattern in a stream of decisions […]” [32].
The other leg mentioned by Mintzberg—the deliberate leg of the strategy—corre-
sponds to planning, that is, setting goals. Derived from this, one could regard strategy
according to Mintzberg as the setting of goals plus the daily decisions.
Other strategy experts take another factor into account when it comes to developing a
strategy: the so-called external factors. These are the environmental conditions of a com-
pany, such as competition, legal framework conditions, suppliers, customers or target
group.
Over time, various methods and models have arisen from these factors, with the help
of which a company strategy can be developed. These methods are briefly introduced
Internal and External Influencing Factors 103
below with their essential content, as they represent an important basis for recognizing
possible challenges for IT.
Product
5
Product 2
Market growth
Product
Product 4
1
must be derived as described above. The so-called standard strategies per matrix field
serve as support for this, as shown in Fig. 4 (based on Schawel/Billing [34]).
It becomes clear that the BCG matrix can very quickly create transparency with
regard to the market situation of one’s own products or SBUs. With the help of the stand-
ard strategies, a strategy can also be derived in a simple way (namely expanding, main-
taining, harvesting or divesting a product or SBU).
This simplicity has weaknesses such as the limitation to only two decision criteria
(market share and growth), the non-consideration of competitors and the limitation to
only four fields, which can lead to inaccuracies in market definition.
Nonetheless, the BCG matrix is still a popular tool to quickly and easily get a strate-
gic snapshot. Therefore, it is particularly well suited for the purpose of developing an IT
strategy. It quickly shows which products or SGEs will develop in the future due to the
standard strategies. This makes it possible to better decide where IT investments should
flow in the future and which IT services will be needed to optimally support the stars
(stars).
Fig. 5 shows by way of example, based on our fictitious company Produktio weltweit
GmbH, how the BCG matrix is set up. It is very easy to see that the now established
“MP3 interface” for car radios or multimedia units in the car is very well accepted on
the market and is therefore represented as a “cash cow”. The “Head-Up Display” is still
a relatively new invention, but it is no longer a “question mark”, but has developed into
Internal and External Influencing Factors 105
Auto-
integration
Head
Market growth
Up
Display
MP3
Car radio
Interface
"OldStyle"
a “star” with the best prospects of becoming a “cash cow”. The size of the circle always
shows the turnover per product. The “car radio OldStyle” is a typical candidate for
divestment as a typical “poor dog” that has come of age and is replaced by more innova-
tive and modern products. The “app integration”, on the other hand, is a relatively new
invention and must still be seen as a “question mark” with good prospects of becoming a
“star”.
What do we deduce from the positions of the products in the BCG matrix for the IT
strategy?
It is clearly recognizable for the “car radio OldStyle” that it does not have a great
future anymore and that means for IT that in the production facility no investments in
IT automation or optimization have to be made anymore. Good IT personnel should not
be used for such products and there should be a planning of what an exit of the prod-
uct would mean for IT (reduction of computer capacities in the data center, abolition of
applications that are specifically required for this product, personnel reduction or shifting
into other areas, etc.).
The “app integration” on the other hand can become a real hit in the future and that
is why it is important for the IT organization to provide any support for the departments.
Especially because of the bad situation in the production facilities abroad described in
the starting situation, from an IT point of view, an investment in automation and opti-
mization of the foreign plants should be made here. Only then can it be ensured that the
pace can be kept up with the competitors in the further spread of the “app integration”.
An analysis should be made of which employees are needed for such products in IT,
whether they are already available internally, can be developed or have to be newly hired.
The same applies to the “stars” and “cash cows”, the “head-up display” and the “MP3
interface”. Especially for the head-up display, similar considerations apply as for the app
integration. IT should provide any support for the departments. It helps to carry out a
planning together with the departments concerned and to think together about how IT
can help to support the innovative products even better. For example, by pre- or post-pro-
cesses such as automated supply chains or better sales applications. It is also important
to strengthen the production-related control systems that simplify, automate, make safer
and faster the production process.
The BCG matrix provides, as can be seen in this example, a lot of information for
IT. In addition, the BCG matrix is also the basis and source of inspiration for develop-
ing the application strategy in step 3 with its portfolio technique. Because with the help
of the strategic statements of the BCG matrix, not only the product or SGE strategy of a
company can be developed, but also the current and future application landscape can be
examined and underpinned with strategies for the future. This makes it possible to deter-
mine which applications are cash cows, stars or poor dogs. Therefore, understanding the
BCG matrix is doubly important:
1. Differentiation
The differentiation strategy is based on the consideration of the overall market. The
differentiation from competitors is achieved by differentiation in the form of a spe-
cial product or a unique service with which the company differentiates itself from the
competition (differentiated). This can be in the product itself as well as in the market-
ing mix and the slogan (example BMW: “Joy of Driving”) or in the very special sales,
as with Tupperware or Vorwerk, for example.
2. Cost Leadership
Cost leadership also considers the overall market. The differentiation from the com-
petition does not take place here through the product offered on the market or the spe-
cial service, but lies in the internal optimization of all processes and structures. This
makes it possible to keep the costs so low that the market prices can also withstand
the competition and thus a positioning in the market is possible.
Total market
Submarket
Niche strategy
Strategic advantage
Applied to our example company Produktio weltweit GmbH, it becomes clear that a
strategy is being pursued for a part of the automotive market and a specialization is being
placed on multimedia products or infotainment. Not for cost reasons, but as a differentia-
tion factor. Therefore, one can speak of a niche strategy at Produktio weltweit GmbH. IT
therefore has to map this very special position in the market. Since these are very innova-
tive products, in-house development or strong customization of standard products will
probably have to be resorted to in many areas. This requires very good IT personnel and
a lot of know-how, which must be available to a large extent in-house. Outsourcing to an
external provider is only difficult, as an external provider cannot offer this high degree of
specialization at cost-covering prices.
After an initial overview of the company strategy has been provided with the BCG
matrix and the Porter competitive analysis, the area of business processes will now be
examined in more detail.
Since a process analysis—depending on the size and complexity of the company—
can be very time-consuming and mostly also an extremely theory-laden undertaking, a
pragmatic approach is taken here. Through special question techniques, only the most
burning “process problems” are filtered out. In order to achieve a further simplification
and to recognize first strategic options for action more quickly, the processes are repre-
sented as in Fig. 7 during the analysis, differentiated according to
• value-added processes,
• standardizable processes as well as,
• Commodity Services.
1 2 3
the same everywhere in the company. Financial and HR processes can be outsourced to
external providers relatively easily as part of “business process outsourcing”.
• What are the Top3 core processes of the company (value-added processes)?
• How are these supported by IT today and where is there potential for improvement?
• What are the value-added business processes (Pillar 1) and is there potential for inno-
vation through improved IT systems?
• Are there processes in the administrative areas (finance, personnel) that can be stand-
ardized (Pillar 2)?
Internal and External Influencing Factors 111
• Are there external laws or conditions that require changes to certain processes and IT
systems?
• Which processes have to be operated locally and why can this not be done centrally?
• Which knowledge and skills are essential in the value-added processes and which
knowledge in the standardized processes?
• In which value-added processes are innovations to be expected in the future and
where not?
• Which information is particularly important in which processes and in what quality?
• To what extent are the Commodity Services already standardized on the basis of ITIL
Service Management processes? Where are the weak points?
The Fig. 8 shows very clearly on the basis of the three pillars where the challenges lie
in the example of the Produktio weltweit GmbH. The challenges already found in the
context of the competitive strategy and BCG matrix analysis are also listed, which also
reflect on the business process level.
Insourcing : Building
Outsourcing makes sense Outsourcing makes sense
internal competencies
Strong specialization of products requires a lot of know-how in the IT sector for the
development or customization of specific production and complex logistics processes. In
addition, an attempt should be made to unify the currently very heterogeneous business
process landscape in foreign locations. These unified processes can then be standardized
to the same extent as possible with the same IT system as a kind of blue-print. On pillar
2 of the standardized processes, the accounting and personnel processes should be uni-
fied and mapped in an ERP system. Here, outsourcing is partly possible. In the area of
commodities (pillar 3), the general direction is always to buy as much as possible from
third parties. But in this case, it is necessary to carefully consider which commodities
should remain in-house due to the high specialization and delivery capability, as out-
sourcing could be too expensive due to the special requirements.
Requirements from the departments are also of great relevance for deriving challenges
for IT. The aim here is to obtain as comprehensive a picture as possible of the current
bottlenecks and problems from the departments.
This includes structured interviews with department heads in order to better analyze
where the “shoe is currently pressing”. The following questions can help here:
• What do users urgently need in terms of end devices or IT technology in their daily
work with customers?
• Where is a quick collaboration and exchange of information crucial for success?
• Which security requirements must be considered?
• Where is particular attention to be paid to quality?
Based on our example of Produktio weltweit GmbH, the following requirements from
the departments could be:
• In general, all departments mention the topic of “better response times and more qual-
ified answers from the Service Desk/Hotline for PC problems” (this could be a hint at
sourcing problems and the need for in-sourcing of these services or a renegotiation of
service levels with the provider)
• The finance department is pressing for a quick implementation of SEPA
• Finance and HR would like to see a more efficient electronic archiving of contracts
and documents in the areas of HR and accounting
• Regional managers and plant managers would like better support for IT problems at
overseas locations and a better “line” to IT at headquarters
• The production department would like a closer link between production systems
and the ERP system, as there are no automatic interfaces today, but much has to be
entered twice in both systems
Deriving Challenges for IT 113
• Quality management would like an application with which they can see clearly when
which errors occurred and how. Today this is only possible with complex scripts and
cannot be carried out by everyone
• Management would like a better overview of production downtime as well as better
tools in general to have “at a glance” coverage calculations and business cases
The just-determined influencing factors such as the UN strategy, business processes and
requirements from the specialist departments must now be used to derive challenges for IT.
In general, this is the essential point in step 2, in which the findings from the previous steps
must be subsumed and summarized in order to derive first action options for IT from them.
For our example company, Produktio weltweit GmbH, the summarized results are
shown in Fig. 9.
Sharp rise in raw Stronger support through Standardization and "Better response times
material prices in-house development unification of processes and more qualified
Poor margins and/or more customizing in the foreign locations answers from the
Working methods and for innovative products Customizing or in-house service desk/hotline
processes in ("Stars" and " Question development for for PC problems."
Foreign locations Marks") particularly innovative Rapid introduction of
very different Possibly insourcing of products SEPA
SEPA introduction commodities to achieve Standardization of Electronic archive.
necessary better product support accounting processes IT problems at the
IT costs too high incl. introduction of SEPA foreign locations
Not enough good Archiving of Documents Closer integration of the
Employees in the in the area of personnel, production systems with
foreign locations finances and creation the ERP system
of workflows Quality Management
Application
Better overview of
downtimes and generally
Management Cockpit
The IT Vision
But what are the advantages of an IT vision and why should this be created before
the final development of the IT strategy? Table 3 provides an initial overview of the ben-
efits of an IT vision, in which the four functions of IT visions are presented based on
Tiemeyer [36].”
In American management, creating a vision is called “visioning” and has its origins
in Gestalt psychology (organizational psychology by Maslow). The idea of visioning is
based on the fact that change processes in companies—especially in IT organizations—
cause fear in employees. This fear can only be reduced from this theory by means of a
positive image of the future (positive futuring).
The development of an IT strategy is always associated with major changes, even to
the point of job loss for the respective employee. The leadership of such large upheaval
processes, from which many employees are affected, can be positively controlled by a
vision. A vision gives the affected employees support and shows them how the future can
look and how they can find themselves there again.
However, it must be ensured that the tension between the vision (“Who we want to
be”) and reality (“Who we are currently”) is not too great. This can not only demotivate
employees, but can also turn into its opposite and do more damage than it helps the IT
organization to move forward.
Therefore, the following 4 maxims must be observed when formulating the IT vision:
IT Vision
We are partners at eye level for our specialist areas at home and abroad.
We take advantage of the high speed of innovation in IT
for continuous internal further training and are thus the drive and motor
for a sustainable future of Productio worldwide GmbH!
• “IT creates value through close and constructive cooperation with the departments”
• “Satisfied customers in the departments through constant innovation in IT”
First of all, the following principle applies: Listening is the starting point for a successful
derivation of action sequences from the corporate strategy.
This is how the procedure for developing action sequences looks:
1. Collect information about the company strategy, mission and goals of the overall
company.
2. Prepare workshop with management or executive management.
Involved Step 2
• CIO/IT manager
• Executive management
• First management level IT
• Department/business unit manager
• If necessary, external moderator
Working Questions and Implementation Step 2 117
What is the current situation of the company? Are there any problems at the moment?
What are the major challenges that the company faces?
Does the Managemnt have a direction and is there a clear goal before the eyes, an agenda or a
stratgey paper ?
What is currently going rather well, what rather badly? How does the management see the current situation?
How is the current market situation assessed? Who are the biggest competitors that are currently costing
market share?
How is the situation of the customers or the target group to be assessed?
Are there any current legal conditions or other environmental conditions that are disruptive or difficult to
are manageable?
Is the company currently in a special situation of upheaval? (For example, after a change at the top
management or after major acquisitions or in economically difficult times)?
Are the employees currently rather satisfied or are there serious problems that lead to a large
fluctuation?
118 Step 2: Analysis of the Corporate Strategy and Derivation …
Where is your company currently in the framework of Porter's competitive analysis and
what does that mean?
Please tick the dimension and argue what this means for your company.
Total market
Submarket
Niche strategy
What are the top 3 core processes of the company? How are these supported by IT (potential
for improvement)?
What are the value-adding business processes (pillar 1) and is there innovation potential there?
Are there processes that can be standardized (pillar 2)? Are there external laws or framework
conditions that require changes to certain processes and IT systems?
Which processes have to be operated locally on site and why can't this be done centrally?
Which know-how and which skills are very important for the value-adding processes and which
knowledge for the standardizable processes?
In which value-adding processes can innovations be expected in the future and where rather not?
Which information is particularly important in which processes and in which quality?
What are users urgently missing today in terms of end devices or IT technology in daily
use at the customer?
Where is fast collaboration and information sharing critical to success?
Which safety requirements have to be considered?
Where is it particularly important to pay close attention to quality?
What are the three most important things you want from IT?
The IT Vision:
Mission Statement:
Conclusion Step 2
After a detailed analysis and recording of the internal IT took place in the first step, the
perspective was now extended to the entire company. This is extremely important for the
development of an IT strategy, because the IT strategy should not be a theoretical treatise
far from corporate reality. It is important to directly involve the IT strategy in the corporate
strategy with a focus on all aspects of the company, i.e. the products, services, competitors
as well as the peculiarities of the market or the industry in which it is active. With the help
of portfolio techniques and structured interviews, it was worked out what the important
future questions are and how the IT can support them there in the form of derived action
lines. The round conclusion of this second step was the IT vision, which is supposed to
carry the IT organization as a strong pillar through the upcoming steps of the IT strategy.
124 Step 2: Analysis of the Corporate Strategy and Derivation …
Abstract
After the derivation of the still coarse action strands for IT from the corporate strategy
and the business processes carried out in step 2, the application strategy is now cre-
ated. For this purpose, the already known portfolio and life cycle theories are used
as aids. Together with the management and the specialist departments, analyses and
evaluations of the current application landscape are carried out, which are then con-
densed into a target application portfolio.
The aim of this third step is to show which services and services the IT has to offer
in order to optimally support the corporate and departmental goals. The creation of
the application roadmap serves this purpose at the end of this chapter.
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden GmbH, 125
part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3_7
126 Step 3: The IT Applications Strategy
In many large companies and corporations, one sometimes comes across more than
5,000 or even 10,000 applications or services 1, but even small or medium-sized com-
panies can sometimes operate several hundred applications for a variety of purposes. To
examine this large number of applications in the strategy process before us and to cata-
log approximately 2–3 pages of details per application would exceed the scope and miss
the goal of a sustainable IT strategy.
Therefore, the focus is on the large and mission-critical applications. However, it can
make sense and is in some cases even legally required to catalog all applications and
applications. This refers to SOX and/or the German-relevant KonTraG (Law on Control
and Transparency in the Corporate Sector) as well as GoBS (Principles for Proper
Computerized Accounting Systems). Detailed information is available in specialized
books.
What are the essential motives for creating and jointly evaluating an application port-
folio with the departments?
• Filtering out so-called “shadow applications” (these are applications that were created
in the departments without involving IT and that are only partially known to IT; often
these are small Access or Excel applications or self-developed web solutions that are
very helpful for the department but were often not documented and can no longer
be requested from the developer. The maintainability of such applications cannot be
guaranteed
• Make isolated solutions transparent: Many applications are in use in the company as
a result of the purchase of companies or company parts, which are “stand-alone”, i.e.
without interface to other core systems, and therefore represent isolated solutions
• The same data and functions are used in different applications (duplicate or multiple
use of data/functions)
• Filter out applications that are based on very different technical standards
• Reveal interface problems and make too complex solutions for connecting all systems
transparent and show architecturally sensible alternatives
• Identification of legacy applications (these are applications that are very outdated)
• Establish transparency with regard to dependencies on applications by certain people
or important IT suppliers.
1
Only applications portfolios will be mentioned below, but if companies work with services
instead of applications, the two terms service and application can be treated the same in this
context.
Creating the Application Portfolio 127
Another big strategic asset of creating and evaluating an application portfolio lies in the
significant reduction of maintenance costs. Because according to a survey by Forrester,
maintaining existing applications consumes 80% of the IT budget in many companies [16].
The goal is therefore to standardize the application portfolio taking into account the
highest possible scalability and flexibility. How and by whom these applications are
operated, for example in the form of SaaS (Software as a Service), is worked out in step
4 as part of the sourcing strategy. In this step it is decided which applications
The creation of the IT application strategy used here is based on the design of the applica-
tion portfolio according to the Boston Consulting Group Matrix (BCG-Matrix) already
presented. The applications are then divided into four fields on the basis of a 2 x 2 matrix.
The basic derivation of standard strategies for applications is very well described by
Ward and Peppard [39] and Hofmann/Schmidt [25]. Fig. 1 shows the representation of
the application portfolio based on Hofmann/Schmidt.
Following Fig. 1, Ward and Peppard as well as Hofmann and Schmidt can develop the
following standard strategies [39] and [24]:
who, due to economies of scale, can operate these support applications more cheaply
(Ward/Peppard speak of disinvest/rationalize). Self-operation is usually only eco-
nomically viable if largely standard software is used without major expansions or
customization.
The described standardization strategies will prove to be helpful when creating the tar-
get application portfolio. For the purposes envisaged here, an application portfolio based
on Ward/Peppard is used, which is shown in Fig. 2. The horizontal axis of the appli-
cation portfolio shows the importance of the application for the company. The vertical
axis shows the maturity of the application from the perspective of the entire company.
The size of the circle reflects the number of users and the color the level of maintenance
costs. The legend in Fig. 2 shows the divisions of the size and color of each circle.
This results in the following questions that are relevant in the context of an analysis of
the application landscape using a portfolio:
App 3
Maturity of the application
App 1
Old technology
App 4 App 2
• Which sick applications do I have? Which ones consume too many resources?
• Risk management: Which applications are unsafe? Which applications lead to compli-
ance violations?
• Which are the most important applications for the department or the whole company?
• Which are the applications that are considered critical—for example, in terms of out-
dated technology, insufficient support for requirements, too high maintenance costs?
• Which applications are already in a stage that urgently requires a replacement or a
successor arrangement?
When creating the application portfolio, many readers may now ask themselves the ques-
tion: “What should I do if there is basically only one large application?” For example,
almost all processes are supported by an ERP system and all other applications are tools
in the sense of IT infrastructure, such as mail programs or antivirus software.
Since the central application is mapped in most companies by an ERP (= Enterprise
Ressource Planning), the essential features of ERP systems should be briefly presented:
A key feature of ERP systems is modularity. This can help when creating the applica-
tion portfolio if the ERP software is considered in modules. SAP is an example here.
The SAP modules FI/CO map standard processes in most companies that are not directly
value-adding or competitive. These would then appear on the left side of the portfolio.
Whereas, for example, the SAP WM or JIT/JIS module can play a significant role in
value creation in a manufacturing environment. This is usually seen in that these mod-
ules are not used as standard by SAP, but are equipped with many individual program-
ming (called SAP ABAPs). Exactly these individual adaptations are value-adding and
therefore to be mapped on the right side of the portfolio.
Even if the IT landscape is characterized by a very large “master system”, it is still
important to track down the other applications and evaluate them once. To do this, it can
help to take a closer look at the interfaces of the ERP system:
Creating the Application Portfolio 131
If there are no direct answers to these questions, it is advisable to take a closer look at
the license management: Not the Microsoft Office applications as such are interesting
here, but above all database licenses or self-developed software, for example based on
MS Access or MS Excel.
The easiest way to proceed is to sit down with the department and work through the
company’s essential business processes or organizational units and check using Table 1
whether the following applications are available or how the underlying processes work
today (e.g. manually or via a self-written application or via Excel).
The Table 1 serves at the same time as an example, because in column 3 (actually
used applications) the applications actually used by the Produktio weltweit GmbH are
listed.
If the applications are assembled as shown in Table 1, they can be entered in the
application portfolio described above. For the example company, this is shown in Fig. 3.
In this application portfolio, it is very easy to see which applications are value-creating
and which support processes are mapped, which are well standardized. On the Y-axis you
can see whether it is new or old technology. What can be derived from this for the exam-
ple company, the Produktio weltweit GmbH, at the current time:
• SAP as a central ERP system was not only depicted as a single application in the
portfolio, but—as already described—in its module components. This makes sense
because it is immediately apparent that some modules are very standardized because
they automate general support processes (here SAP HR and SAP FI/CO). In contrast,
SAP WM is very important for the supply chain and the supply of production and is
therefore shown as a value-adding process further to the right. SAP FI/CO is therefore
currently still a “question mark” and according to the norm strategy, investments still
have to be made here. And indeed there is a kind of “investment backlog“: The finan-
cial processes are not yet fully standardized and have not yet been rolled out in all
foreign locations, as was already determined in step 2 of the initial situation.
• Siemens’ MES is a bit older, but it supports a value-adding process and is therefore
shown in the lower, right quadrant as a so-called cash cow. There is a great depend-
ence on the applications for the company here, but it should be looked at exactly how
to deal with the MES in the future in the following consideration of the application
life cycle.
132 Step 3: The IT Applications Strategy
Table 1 (Continued)
Organiza Possible applications Actually currently used applications (here
tional unit by way of example for “Produktio weltweit
GmbH”)
Production • Production control systems • A MES (Manufacturing Execution System)
• Production master data from Siemens is used as a production control
• Applications for production system [→ currently no interface to SAP, only
order management manual data transactions possible; interface
• anonymous stock production but planned]
• customer-specific production • Production evaluations are done using Excel
Logistics • Sales and production rough • The logistics chain is mapped by SAP WM and
planning partly by SD (for shipping and transport)
• Program planning
• Material requirements
planning
• Order processing planning
• Order implementation
planning
Material • Physical inventory (inventory • SAP MM is used here
management scenarios) or special topics,
such as batch management
• Serial number management
• Handling Unit
• Stock processing
• Storage structure
• Inbound/outbound processes
Purchasing • Request/offer processing • SAP is used partly for purchasing, but still
• Order processing very rudimentary, because most of it is still in
• Price control an old MS Access application
• Invoice verification
• Supplier management
General • Middleware systems • SAP PI and DWH solution (esp. for interface
administra- • Data warehouses/BI systems between SAP and MES and as data cube for
tion/other IT evaluation and connection of production and
systems financial data)
• The two MS Access applications can be found in the lower, left quadrant. This is
mainly due to the age of the technology (old MS Access from 2003 and no update
available, as the developers were interns at the time and are no longer with the com-
pany). However, it is good to see that the applications do not support value-adding
processes, otherwise it would have to be considered relatively quickly how they could
be replaced. But the management of customer data for the anyway expired “OldStyle”
radio is no longer so relevant for the company and the Access application for purchas-
ing has to be taken over by SAP.
134 Step 3: The IT Applications Strategy
SAP Sales
FI/CO force
Maturity of the application
SAP
SAP SAP WM
HR MM
MES
Siemens
Old technology
MS
MS Access
Access Purchasing
OldStyle
• Salesforce as a sales and CRM application is a new technology and has value-adding
character for the company, so it is located in the upper, right quadrant as a star again.
There is currently no need for action here.
After all essential applications for mapping the application portfolio have been identi-
fied, it is important to recognize in which maturity level an application is. This maturity
level is very clearly represented by means of the so-called application life cycle, based
on the well-known product life cycle.
The following Fig. 4 is based on Heinrich [22] and serves as a basis for the represen-
tation of a typical application life cycle.
This model of the application life cycle uses six phases and, in contrast to many other
models, also considers the development phase as well as the abolition or succession
planning. These six phases according to Heinrich [22] are:
1. Development: In the development phase, the steps of idea generation and software
development are carried out. The highest costs occur during the life cycle of the
development.
The Application Life Cycle 135
System usage
System costs
System benefits
2. System introduction: If introduced step by step, usage will grow. The usage intensity
is also determined by the occurrence and elimination of errors during installation tests
and at the beginning of productive operation.
3. Growth: In this phase, all tests are completed, all errors that occurred during the
introduction are eliminated and all functions can be used productively. The usage
increases through additional users, unless it is a basic application with a limited num-
ber of users.
4. Saturation/maturity: In this phase, usage reaches its peak. Previous users cannot dis-
cover any further usage possibilities and no further users are added. The decline may
be due to the fact that the system is no longer up to date, competes with others or the
supported tasks decrease in quantity and importance.
5. Decline: The decline that started in the saturation/maturity phase continues.
6. Abolition: Here the decision must be made as to when a system is replaced by a new
one. Beyond the time of use, the system to be phased out can still cause conversion
costs or residual license costs.
In general, such a model must be taken into account that it is not always ideally, but is
influenced by various external factors. Nevertheless, this model allows, based on a clear
representation, the most accurate classification of an application in its respective matu-
rity level.
It should be noted that, especially between very technically oriented applications,
such as an application for controlling a production plant, the life cycle is longer than for
136 Step 3: The IT Applications Strategy
commercial applications. For example, typical ERP systems are subject to new require-
ments of legal or internal company nature more often and are therefore shorter-lived than
technical applications from their life cycle.
The application life cycle theory provides important information for the development
of the IT strategy about the maturity level of applications and is a useful supplement to
the portfolio view. If both models are applied to your applications, you can very pre-
cisely find out which applications will need which maturity level in the future and thus
require an exchange.
Based on our example company, Produktio weltweit GmbH, further useful informa-
tion arises for dealing with the application landscape (the classification of the applica-
tions is shown by way of example in Fig. 5):
• There are two very essential applications in the development phase: The new archiv-
ing solution, which will help automate the manual process of filing and ensure (devel-
opment phase does not mean that the software itself is being developed, but can—as
in this case—mean that the software is being written and purchased. Customizing to
company-specifics would then typically be characterized as a development phase).
System usage
System costs
System benefits
Also to be found here is the interface between SAP and MES, which will finally con-
nect production with ERP. As the graphic shows, development is always initially asso-
ciated with high costs/investments and does not yet provide any benefit.
• In the introductory phase, the SAP MM module for the administration of purchasing
processes is located. The SAP MM is already available, but is only used rudimenta-
rily and the essential part is still available in the old Access solution, which is now
replaced by SAP MM. Therefore, this is referred to as an introduction, since the MM
module still has to take over the entire process of the old Access and can only then be
used properly.
• SAP FI, CO and HR are the support processes recognized in the portfolio that can be
standardized very well. This is also urgently needed because the foreign locations are
not yet integrated to a large extent and some evaluations are still being made manu-
ally via Excel. Therefore, these SAP modules are placed in the growth phase, which is
actually a intermediate step between introduction and growth.
• The SAP WM module is a typical application in the mature stage, which already very
well maps all processes of the supply chain, but now absolutely needs the interface to
the MES in order to be able to play out all its advantages.
• The MES had already been classified as an older technology in the portfolio and now
in the life cycle it is exciting to see where it really stands. The application will have
no further support for further development at the end of the year. Therefore, the appli-
cation has been classified in the “decline” phase with a tendency towards the “aboli-
tion” phase. It must be clarified urgently how to proceed with the application and how
a replacement or modernization could look like.
• In the “abolition” phase, the Access solution for the OldStyle car radio can be seen,
which must be abolished urgently. As soon as the product is taken off the market, it
must be considered how the historical data is transferred to other applications so that
data is still available for warranty issues.
Software Maintenance
Traditionally, the majority of the effort of the software life cycle flows into maintenance. The
maintenance effort to be included is also constantly increasing. If one still expected in the 1970s
that the maintenance effort would account for 35 to 60% of the total effort of the software life
cycle, this increased by the end of the 1990s to 80 to 90%.
Whether and with how much effort software has to be maintained depends strongly on the fol-
lowing factors:
For software critical to the company, maintenance usually makes a significant contribution to
investment security. On the other hand, it is also a significant cost factor. Therefore, maintenance
138 Step 3: The IT Applications Strategy
agreements are mandatory for software critical to the company. Depending on the agreed service
level (see Service Level Agreement), the annual costs are usually in the order of 10 to a maximum
of 20% of the investment sum of the software.
If the necessary attention is already paid to appropriate maintainability when designing the sys-
tem, unnecessarily high costs for software maintenance can be avoided. With high maintenance
costs, maintenance is usually carried out by a fixedly organized group of employees (maintenance
organization) in an orderly maintenance process.
After it is clear which applications are available, how they stand in the application port-
folio and in which life cycles they are, it must be decided how the application landscape
should look in 5 years in the context of the IT strategy.
The following action options are available for the applications from the application
portfolio:
In order to be able to use these action options, all applications are first evaluated accord-
ing to certain criteria. The evaluation criteria are shown in Table 2.
The Table 3 now brings the total overview in the form of the decision for each appli-
cation to expression and shows very clearly which application from which reason must
be either retained, phased out or modernized. We orient ourselves thereby again at our
example enterprise, the Produktio weltweit GmbH. The evaluation of the individual cri-
teria takes place thereby according to school grades (from 1 to 6).
The application life cycle planning is now used to plan the changes, additions or new
acquisitions of applications on a timeline. The goal of this roadmap is to early plan all
the required resources (especially capital, personnel and know-how).
The following Fig. 6 shows, based on the measures identified in the previous chapters,
the application roadmap for our example company Produktio weltweit GmbH.
In order to realize and work on the application roadmap, IT projects are set up which
can be tracked in step 6 as part of an IT project portfolio.
Working Questions and Implementation Step 3 139
Preparations for Step 3
Salesforce 2 2 3 No 2 Retain
MS Access 4 3 4 No 3 Discontinue Discontinue because legacy application and
“OldStyle” developed by shadow IT; currently no one
has expertise for further development or
adaptation; must be integrated into ERP
MS Access 4 2 4 No 3 Discontinue Shadow application for which no expertise
“Supplier for further development or adaptation is
Data” available; the data are important master
data for the ERP and must be maintained
there
Archiving Retain (or No direct assessment possible at this time
solution Introduce) because it is currently under development
or introduction
141
142 Step 3: The IT Applications Strategy
Interface
SAP/MES
New
document management system
(DMS) incl. archiving
The first worksheet can be worked out more clearly in table form. The following hints
are important:
• Structured interviews should be conducted with all department heads and process
experts to evaluate all applications in the company;
• All business processes documented in Visio or by means of an EPC should be
reviewed in detail with regard to possible applications that are not yet known
• Existing specifications should be checked to see for which application purposes appli-
cations have been created
• Legacy systems or legacy systems must be checked to see which processes are served
there?
• It must be checked in the departments where Excel or Access solutions exist or own
IT systems (shadow IT?) Have arisen?
Working Questions and Implementation Step 3 143
All applications currently in use should be listed here for each department.
Old technology
Please enter your applications in the blue coloured boxes according to their life cycle
System usage
System costs
System benefits
The first worksheet is again represented as a table (see worksheet 4.5 below) in order to
be able to evaluate the applications in a structured manner and to derive the right action
options. The evaluation is carried out according to school grades. The legend of the
action options is described again below:
146 Step 3: The IT Applications Strategy
Worksheet 6.4 Evaluation of the applications and derivation of options for action
All applications currently in use should be listed here for each department.
To Do's
Acceptance by users
Short-term process
Maintenance costs
Process mapping
Maturity of the
foreseeable?
Maturity level
technology
changes
Application Action option
Standardization of
financial accounting
processes
Yes
EXAMPLE (SAP FI) 3 4 4 3 Modernize
(SEPA) Introduction SEPA
Integration of the
International locations
148 Step 3: The IT Applications Strategy
Please enter the milestones and project plans for the processing of the applications
resulting from the fields of action here
Conclusion Step 3
The application strategy is, so to speak, the heart of an IT strategy. In addition to the cre-
ation of the target application portfolio shown here, with the planning of the introduction
or change of applications on the timeline (application roadmap), a key milestone for the
planning and input for the future orientation of IT in the company is done. But it should
not be hidden that many important, technical decisions have to be made with regard to
IT architecture and detailing with regard to an IT development plan. This depth is impor-
tant, but would exceed the scope of the book and address a different target group, namely
IT architects, software responsible persons and IT design experts. However, before the
application roadmap is adopted, the examination of the aforementioned experts must
have taken place.
Conclusion Step 3 149
Abstract
After the roadmap for the new application landscape has been created, it must now
be decided who operates these applications and the IT infrastructure required for this.
The answer is given with the development of a sourcing strategy. It is a central part of
the IT strategy, but also of the IT organization, as it is decided here which resources
are needed internally and which are outsourced externally.
Trust is the key word for successful outsourcing of IT services to an external supplier. Prof. Dr.
Walter Brenner (University of St. Gallen)
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden GmbH, 151
part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3_8
152 Step 4: The Sourcing Strategy
These arguments for the outsourcing of IT services represent the positive effects of out-
sourcing and are quite solid arguments for management that speak in favour of the buy
variant. However, in order to objectively illuminate the topic of sourcing, the “make”
variant must also be seen. Arguments for keeping IT services in-house or for retrieving
previously outsourced IT services (so-called in-sourcing) can be as follows:
• Keep know-how internally, as these are essential core processes of the company that
need to be protected
• Regain lost know-how
• less time required for coordination with providers or suppliers
• not as great a dependence on providers
• Reduction of quality problems or defects
To facilitate the make-or-buy decision-making process, the matrix shown in Fig. 1 can be
used. It provides a good overview of when to outsource or when to provide the IT service
in-house.
The strength of the company is represented on the Y-axis, and the differentiation in
competition is represented on the X-axis. Differentiation in competition means how
much the respective IT service offers a competitive advantage or not. An example is the
distinction between commodity, standardized, and value-added processes shown in step
4. Commodities such as the data center or other hardware/IT infrastructure are more
likely to be found in the two left quadrants, whereas, for example, the MES of Produktio
weltweit GmbH would be more to the right, as it offers a great competitive advantage.
Typical “Buy”, that is, outsourcing candidates are therefore commodities in which the
company itself does not have great strengths. “Make” candidates, that is, IT services that
should definitely be operated in-house, are value-added applications. Their strengths are
either already in the house or will definitely be built there, as they are essential and/or
value-added core processes. Everything in between are the quadrants in the upper left
and lower right, where it can be decided on a case-by-case basis whether these should be
outsourced or operated in-house.
Basic Questions on Sourcing 153
low high
Differentiation in competition
What are the opportunities and risks of outsourcing? In order to make this transparent, a
so-called SWOT analysis is used. The term SWOT is made up of the initial letters S-W-
O-T. These stand for:
• S = Strength = Strengths
• W = Weaknesses = Weaknesses
• O = Opportunities = Opportunities
• T = Threats = Dangers or risks
The SWOT analysis in Fig. 2 shows very clearly and generically the advantages and
disadvantages as well as the opportunities and risks of IT outsourcing projects. The
advantages and disadvantages have already been explained in the introductory chapter
“Motives for a sourcing strategy”. Opportunities mainly arise in the area of cost reduc-
tion, faster time-to-market (and thus possibly more flexibility) and improved quality of
service delivery (fewer failures, more reliable operation). These are all desirable opportu-
nities that can actually be realized depending on the performance of the provider and the
154 Step 4: The Sourcing Strategy
Strengths Weaknesses
• Reduction of the vertical range of manufacture • Possible loss of control and competence
• Improved access to know-how, competencies, • Large amount of time required for coordination
processes and methods that are not available with providers or suppliers
in-house • Quality problems and defects can occur that
• Improving the quality of IT services are more difficult to control than if they
• Enable flexible adaptation to the actual demand were internal.
for IT services
• Concentration on core competencies
• Access to know-how of the provider
• Cost reduction and variabilization of fixed • Dependence on the provider can be very
costs large
• Flexible business processes are • Problems with back-integration or
enabled insourcing
• Speed / Time-to-Market improved • Risk of business secrets being passed on
• Improved IT security Third get
• Internal loss of know-how
price. In addition, there is always the question of the economic feasibility or the business
case for make or buy, which will be discussed in the next chapter.
Risks are mainly seen in the area of knowledge loss. Therefore, the service to be out-
sourced must under no circumstances be a core competence of the company, because the
know-how must absolutely stay in-house. Also for the further, essential reason that stands
out among the risks: There is the danger of losing trade secrets or process knowledge that
should not be passed on to outsiders. The other risks are related to the provider: too strong
a dependence on a provider who could then gain too much market power. The problem
then arises at the latest when the former outsourced IT area has to be operated in-house or
transferred to another provider. This is—depending on the outsourced IT area—very deli-
cate and can be accompanied by system downtime and possibly longer system downtime,
costing a lot of money or even endangering the existence of smaller companies.
• Reduction of costs
• Higher quality, as the service provider or provider is a specialist in his field
The Type of Sourcing: Which IT Services can be Outsourced? 155
• Higher transparency and predictability of costs through clear definition of service lev-
els and transparent pricing models of the provider
• Faster and easier scaling of the required capacities, which can be added or removed at
the provider if necessary.
Attention: Unfortunately, reality often shows that these advantages, which are very well
comprehensible in theory, can often not be implemented in practice. Especially the topic
of economic efficiency is for the management the decisive factor for the question of
make or buy when it comes to the decision for or against outsourcing.
Therefore, it is very important to make a TCO consideration (TCO = Total Cost of
Ownership) as a basis for the calculation of the economic efficiency. This has the advan-
tage that really all direct and indirect costs flow into the consideration and not only the
previous wage costs are compared with the resulting outsourcing costs. A typical cost
structure of an IT outsourcing project is shown in Table 1 according to Gadatsch [18].
Identifying indirect costs usually presents the biggest challenge. In this context, indi-
rect costs are primarily factors that are difficult to measure, such as the quality of the
provider, the number and frequency of errors, or compliance with so-called service levels.
This also includes the indirect cost reductions shown in the last line of Table 1, such as
fewer disruptions, faster commissioning or restart times. However, if these factors occur
more often in the form of problems or do not result in cost reductions in the form of faster
restart times, this can cause enormous costs that are very difficult to quantify, let alone
estimate, before an outsourcing deal. Assumptions can be made, but no one can look into
the future and know how outsourcing will develop. This depends on many uncertainties,
as Fig. 3 shows by way of example for IT outsourcing over a certain period of time.
Therefore, although a cost-benefit analysis is a “must” in order not to blindly run
into ruin, it is usually not a definitive insurance. It is therefore difficult to make a defini-
tive statement in favour or against outsourcing on the basis of cost-effectiveness, as this
depends on too many and partly unknown parameters.
After the advantages and disadvantages of make-or-buy options have been presented, the
question arises as to which IT services or services are suitable for outsourcing. Before
decisions are made, a description and definition with advantages and disadvantages of all
outsourcing forms is first carried out with regard to the service. In practice, four different
types of outsourcing are usually differentiated, which are described in detail below:
• IT Infrastructure Outsourcing
• Application Outsourcing
• Business Process Outsourcing
• Cloud Computing
156 Step 4: The Sourcing Strategy
IT Infrastructure Outsourcing
The IT infrastructure forms the basis for all IT-based services and functions of a com-
pany. When using the term IT infrastructure, most people first think of the workplace
computer, printer, networks and other IT devices such as monitor, scanner or mouse and
keyboard. Depending on the definition, IT infrastructure can be more than just pure hard-
ware. In practice, all components subsumed under the term IT infrastructure are repre-
sented in Table 2.
Table 2 clearly shows that, in addition to pure hardware, highly standardized software
such as office software, system-related software such as operating systems or databases
also belong to the IT infrastructure. Nevertheless, all IT infrastructure components men-
tioned here are so-called “commodities”.
The Type of Sourcing: Which IT Services can be Outsourced? 157
Increased customer
demands
Additional costs
Capacity margin
of the customer
plan capacity
Reduced customer
Provided
Additional costs
demands
In analogy to the “Three Pillars of IT” (see Fig. 7 (The Three Pillars of IT) in the con-
text of the application strategy), companies should focus on the value-creating processes
and systems (Pillar 1) in order to make the IT competitive and not primarily on the com-
modities (Pillar 3), which can often be operated economically by third parties in the con-
text of make-or-buy decisions.
158 Step 4: The Sourcing Strategy
Application Outsourcing
In application management outsourcing, the ownership of the software lies with the
company applying it, i.e. the licenses belong to the client. The provider as contractor is
responsible for the operation and maintenance of the software.
In the context of application service providing (ASP), the provider also assumes
ownership of the software in the form of licenses and license management. This current
method of application outsourcing is based on a rental model per user and is obtained
from the cloud, which is why it is mainly referred to as “software-as-a-service” (SaaS)
today. The responsibility of the ASP or SaaS provider includes complete software man-
agement: from purchase to license management, to maintenance, care and operation, as
well as implementation or customizing and update/administration of the software. This
model of application outsourcing has become possible through the now widely available
The Type of Sourcing: Which IT Services can be Outsourced? 159
high Internet bandwidth. Users access the software directly from anywhere via a secure
Internet connection.
Therefore, when using SaaS, one speaks of cloud computing. However, cloud com-
puting can be more than SaaS, which is why its own chapter is dedicated to this new
form of outsourcing (see section Cloud Computing).
Cloud Computing
In addition to the aforementioned sourcing models, new possibilities for the use of IT
services have arisen within the framework of cloud computing. These are referred to as
services that can be “ordered on demand”. To answer the question of a simple definition
of cloud computing, the following quote by Lewis Cunningham [15] helps:
Cloud Computing is using the Internet to access someone else’s software running on some-
one else’s hardware in someone else’s data center.
There are three different sourcing models in cloud computing, which are presented in
Table 3.
In general, it can be said that cloud computing partly replaces the old sourcing models.
It should be mentioned that when choosing a cloud solution, three alternatives are available:
• Public Cloud: The responsibility and complete management of the cloud are assumed
by the provider. This maximizes scalability and—depending on the provider—the
pay-per-use option. You only pay for services actually used
• Private Cloud: In this model, the IT organization retains control of its own cloud.
This model has the advantage of often questioned security when outsourcing sensitive
data, for example in the ERP area.
• Managed Private Cloud: This variant of cloud computing combines the advantages of
private and public clouds. It works so that you get a dedicated and autonomous infra-
structure tailored to your needs from a provider in a public cloud. On the one hand,
the scalability and, on the other hand, the security advantages can be used on the basis
of secure Internet connections, for example via VPN or Direct Ethernet Links.
160 Step 4: The Sourcing Strategy
In contrast to classical outsourcing, it is very important to know that when using cloud
computing, one must orient oneself to the standardized specifications of the cloud pro-
vider in most cases. This means: In contrast to a classical outsourcing provider, who
adapts the outsourced systems to the respective business processes and conditions within
the scope of a customizing, one must adhere to the standards of the cloud provider when
using cloud computing. When using cloud solutions, internal processes and business pro-
cesses must therefore be changed to some extent as required by the cloud solution or the
cloud offer must be individually adapted if possible.
An advantage of cloud computing over traditional outsourcing is seen in the profit-
ability, which often only occurs after 4–5 years in traditional outsourcing solutions. And
during this time, there are often cost increases of not infrequently up to 10%. With cloud
computing, the connection between the company and the provider is not as close as with
traditional outsourcing. It can therefore have a shorter term with the advantages of the
faster and more flexible switch to another provider, which may be cheaper. In addition,
once the interface to the cloud provider is standardized with you, the risk of vendor lock-
in is not as strong as with traditional outsourcing, where you are relatively committed to
a partner and a switch to another provider is associated with a lot of effort and costs.
In addition to the general definition of the manufacturing depth for the IT organization,
three different aspects must be differentiated when deciding on outsourcing:
With regard to the degree of outsourcing, there are different sourcing options, which are
defined in Table 4 and illustrated with the respective advantages and disadvantages.
The Fig. 4 shows the illustrated sourcing options in a portfolio, in which the Y-axis
shows the maturity of the organization or your company as an aid to assess.
The question at stake here is how many providers one wants to work with. The back-
ground to this question lies in the problem of so-called vendor lock-in. This means that,
due to the usually medium- to long-term commitment to an outsourcing partner, depend-
ence on this can arise. With classic outsourcing, it is not so easy to change the provider,
Selective
out-tasking Joint
High
venture
Selective
outsourcing
Full
outsourcing
Inhouse
because a new transition phase to another provider or the backfall principle in the sense
of insourcing can become very expensive and time-consuming.
Therefore, the question arises as to whether it makes sense not to rely on just one pro-
vider, but on several. In general, three different models can be distinguished, which are
shown and defined in Table 5.
outsourcing. There is generally a distinction between three different possibilities for the
location of the service provision of the outsourcing provider:
• Onshore
• Nearshore or
• Offshore
Onshore outsourcing provides the service within its own country. This is usually quite
uncomplicated and does not involve any legal problems. However, it often has the disad-
vantage that wage costs are relatively similar and therefore the cost effect of an outsourc-
ing will not be very significant.
Under the nearshore concept, outsourcing services for German companies are often
provided today in Eastern European countries. This model tries to minimize the large
cultural and linguistic deficits while still achieving a good cost savings due to lower
wages. Legal issues are often not as complex as when operating in distant countries due
to the membership in the European Union.
In offshoring—the original concept of outsourcing—outsourcing services are pro-
vided in countries that promise a significant wage cost advantage. It all started with
the outsourcing of very simple tasks such as help desk or data entry. But for years now,
this industry-specific offshore share has been extended to all known outsourcing types.
Typical offshore countries such as India or Indonesia have proven that providers can
offer standardized IT processes that, according to common maturity measurements—
for example according to CMMI—have better maturity levels than some German large
companies. A overview of possible offshore countries is shown in Fig. 5 according to
Gadatsch [18].
The question now arises as to how near- or offshoreing is best organized? The follow-
ing two operator models have established themselves in the field of off- and nearshoring:
• Bridgehead model: In addition to its foreign presence, the offshore provider has a
legal and cultural seat in Germany, the so-called bridgehead. This may be the case
The service is provided abroad, but communication and demand management are
located in Germany. It is easier to coordinate because the client does not have to over-
come cultural and time differences.
• Workbench model: In this model, the client has experts at the foreign location of the
offshore provider to lead the contract or the outsourcing project. The legal responsibility
lies with the offshore provider and forms the extended workbench of the client abroad.
Phillip-
Criteria India China Russia Canada Ireland
pines
Tax advantages
Availability of relevant
expertise
Infrastructure
Training system
Cost advantages
Service quality
Cultural fit
Time difference
English skills
describes the necessary institutions and committees with their decision-making powers
before and after a sourcing decision.
Fig. 6 shows an example of the hierarchy and involvement of the aforementioned people
in the sourcing decision (Fig. 7).
Sourcing Strategies at a Glance 165
Steering Committee or
Sourcing Steering Committee
Project management
Project Manager
Provider Department
(IT service provider) CIO Organization (IT service purchaser)
Process owner
Product Manager Sourcing manager
Service provider 2
Product Manager
Fig. 7 Sourcing governance
166 Step 4: The Sourcing Strategy
Depending on the size and qualification of the company, the project manager should
be the CIO or IT manager himself for large sourcing decisions. For smaller and medium-
sized projects, this can be an IT employee who is determined by the CIO/IT manager
and who knows and overviews the subject area of the outsourced IT services well and
in addition brings the necessary and not to be underestimated project management skills
and experience in sourcing.
In addition to the purchasing responsible, the management and the superior of the
specialist department are the essential instances in the decision-making process.
The sourcing committee should meet at regular intervals and present all steps on the
way to the decision transparently to the committee for information and decision-making.
The sourcing manager takes over the management of the daily service business. This
means that on the one hand he is the contact person for the provider, but also for the
internal customers, the departments. He takes over the following tasks:
In order to be able to apply the sourcing basics presented, the example company
Produktio weltweit GmbH is used again.
Example: The Sourcing Strategy for the Produktio … 167
The starting point is the analysis of the existing sourcing contracts with external
providers, as they are shown in Fig. 8 as a fictitious example. The following details are
queried:
• Type of outsourcing: Here there are the three options shown above
– IT Application Outsourcing
– IT Infrastructure Outsourcing and
– BPO (Business Process Outsourcing)
• Scope of services: here it is defined which IT service is meant (for example Salesforce
in IT Application Outsourcing or the data center in IT Infrastructure Outsourcing)
• Type of sourcing (see Table 4)
– Full Outsourcing
– Selective Outsourcing
– Out-Tasking
– Shared Service Center
– Joint Venture
• Current provider: Here the current provider or providers to whom the IT service has
been outsourced are listed
• Costs: The roughly estimated costs per year for outsourcing this IT service
Evalua-
Type of Sourcing Current Costs Current advantages tion
Power range
outsourcing type provider (per annum) and disadvantages (school
grade)
IT Application Full
CRM: Salesforce.com Salesforce.com 25,000.00 € 2
Outsourcing outsourcing
very good support
and good
ERP: SAP maintenance, documentation,
IT Application support and external Selective approx. but it remains
SAP, Accenture difficult to build up 2
Outsourcing programming or outsourcing 900,000 €
customizing the necessary
know-how
internally
• Current advantages and disadvantages: Here the current advantages and disadvantages
of outsourcing are shown
• Evaluation in the form of a school grade in order to quickly and clearly see where
there are problems
Figure 8 shows very clearly where there are still problems with the Produktio weltweit
GmbH and what has already been outsourced very well.
• The Salesforce CRM software is a typical application outsourcing from the cloud.
Salesforce was the pioneer of cloud software and therefore has a lot of experience and
a very flexible business model, from which the customer can choose the functionality
that is right for him; scalability is very important here, which means that the software
grows with the company, but can also shrink. With Salesforce, our example company
currently has no problems.
• ERP outsourcing refers to two things:
– On the one hand, the outsourcing of the operation of the SAP system to a data
center of IT-Ops GmbH (see line below)
– And on the other hand, the outsourcing of development or customizing services,
which are carried out by the external service provider XYZ Customizing GmbH.
The introduction of SAP resulted in very high costs last year and there were some
problems. These are mainly visible in the interface between the department and
IT, because the processes from the departments, especially finance/controlling and
purchasing, could not be mapped directly by SAP. However, the department found
it very difficult to standardize the highly individual processes and to integrate
them into the SAP system. So a lot of individual solutions have arisen, which are
already difficult to maintain and above all the know-how is only available at XYZ
Customizing GmbH and not in the internal IT. Whenever a question or an error or
problem arises, XYZ Customizing GmbH must always be commissioned immedi-
ately. Already now enormous costs arise, which were not planned and recognizable
at the beginning of the outsourcing.
• Outsourcing the data center to IT-Ops GmbH is based on a very intensive tender from
2011; intensive in terms of time and cost. In the end, a very complex contract work was
created and it was hoped that IT-Ops GmbH would be found to be the best partner due to
its market presence and the best know-how in the market as a quasi-pioneer. Currently it
looks as if the Production world GmbH feels like a third-class partner and has commit-
ted itself to standard processes of IT-Ops GmbH, which are very hard for Production in
the current phase of the many adjustments in SAP. For example, maintenance windows
or simple change requests for new installations must be announced at least six weeks
in advance and it is still not certain that they will then be approved. You are facing a
bureaucratic monster that you as a small customer of IT-Ops GmbH cannot oppose.
Then there were even failures that one would never have expected from the provider.
Escalations are not taken seriously and the IT manager of Production is quite desperate
Example: The Sourcing Strategy for the Produktio … 169
because his specialist colleagues are very dissatisfied and give the internal IT the blame
for the constant delays in new installations, the inflexibility and the failures. The ques-
tion here is only how to get out of the contract and what the alternative could be.
• With the Business Process Outsourcing (BPO) of the salary pressure to the company
Salary-Print one is very satisfied with the services. The human resources department
has not yet found any problems and the outsourcing contract is to be renewed and
extended on the basis of a new price structure and a better interface for the transfer of
the salary data as well as a new and improved confidentiality agreement
For the Production world GmbH there are therefore both good and bad outsourcing con-
tracts and it makes sense to take a closer look at the bad ones. The SWOT analysis serves
this purpose, as it was already shown in Fig. 2. There a very generic SWOT analysis was
given, which now has to be broken down per IT service. Only then can the strengths and
weaknesses as well as the opportunities and risks of a possible in- or outsourcing per IT
service be analyzed in detail and provided as a decision-making basis for the management.
Figure 9 shows the SWOT analysis specifically filled out for SAP outsourcing of
Produktio weltweit GmbH at the current time. It is immediately apparent that, of the
hoped-for advantages and opportunities, unfortunately mainly disadvantages and risks
have arisen. Above all, the loss of know-how in internal IT and the resulting loss of
Strengths Weaknesses
• Concentration on the core business • Severe loss of know-how regarding
process and SAP knowledge
• Loss of competence within the company,
because only Accenture knows how to
correct errors.
• The costs are hardly calculable
• Flexible deployment of personnel, which • The internal IT has no more control over
cannot currently be guaranteed by the the ERP/SAP and is only "Pass-through"
internal IT system of orders to the the provider
• Loss of competence within the company
leads to the internal IT loses important
personnel
• Re-integration of the know-how into the
internal IT associated with a lot of effort
and additional costs as well as new
personnel
Opportunities Threats
• The chances side as well as the weaknesses show that the problem lies in the know-
how, i.e. IT personnel. More know-how must be built up internally, possibly with
newly hired experts or recruitment from the current provider.
• The risk of reintegration, i.e. the immediate cancellation of the contract with the pro-
vider and the takeover by a new provider or an outsourcing with the complete with-
drawal into the internal IT organization, is very difficult. First of all, due to the probably
difficult contractual situation, on the other hand, mainly due to the know-how, which
would have to be transferred step by step either to another provider or to the internal IT.
• A good compromise could be to identify the processes that are important and value-
adding worldwide for production and that are supported by SAP. The know-how must
absolutely be transferred from the provider to the internal IT for these processes. This
would be SAP WM and possibly MM in this case, especially since the integration of
the access functionality is pending. Then it should be considered which processes or
developments are very important for the company. This is definitely the integration of
the foreign sites. This should also be done mainly internally in the sense of leadership
and project management by internal personnel.
• A final point that is not directly related to the provider, but became very transparent
through outsourcing, is the responsibility of the department for the processes. There
is still no clear process responsibility in the company today. These must be clearly
defined by new roles. But more on that in step 5.
The second outsourcing contract that causes problems worldwide at Produktio is the out-
sourcing of the data center. An updated SWOT analysis has also been carried out here,
which is shown in Fig. 10. The already mentioned risks and weaknesses are quickly rec-
ognizable here, which this time do not primarily lie in the loss of know-how, but rather
in the dependence on the provider with its inflexible standard processes as well as the
recurring new costs through change requests and the resulting deteriorating relationship
with the provider. Produktio worldwide feels helpless because their requirements are not
taken seriously and are only accepted against hardly payable additional costs. On the
side of chances and strengths stand the security and the fact that Produktio worldwide
does not have to take care of the commodities anymore. This makes sense from a corpo-
rate point of view, but how do you get a grip on the mentioned problems:
• It can be derived from the SWOT analysis that a reintegration into the internal IT is
not possible and not desired from a corporate point of view.
• Therefore, only a switch to another provider or the solution of the mentioned prob-
lems with the current provider remains.
Excursus: Tender for an IT Sourcing Project in 5 Phases 171
Strengths Weaknesses
• Concentration on core business for • Speed and time-to-market have deteriorated
internal IT possible (we had deteriorated (on the contrary, one
• Best of breed solutions offered by IBM had hoped for improvements here)
• Costs not under control due to continous
change requests/ all only via
Standardprocess
• Failures and poor communication
• Loss of know-how due to fluctuation and
new operational areas for former
RZ employees
Opportunities Threats
• A solution could therefore look like this: a new tender is made, which focuses on the
weaknesses and risks found in the SWOT analysis, and as part of this, the current pro-
vider is given a new chance on the basis of other conditions. Or a new provider actu-
ally comes into play, but does not bring all the above-mentioned weaknesses and risks
in the current form.
Both negative examples have shown that the tender itself and the awareness of the essen-
tial success factors can be quite essential for the later success or failure of an outsourc-
ing. Therefore, a typical tendering process is presented in the following chapter, which
integrates these success factors.
In addition to the pure conception of a suitable sourcing strategy, this chapter deals as
an excursus with the concrete tendering of a sourcing project. Five phases are used to
show how you can successfully find the right provider and plan the operational phase and
transfer your IT services to this provider.
172 Step 4: The Sourcing Strategy
The great majority of sourcing projects are outsourcing projects. Therefore, the follow-
ing five steps do not start from an insourcing, but consider an outsourcing project. The
individual steps can be viewed in more detail and elaborated in more detail, but due to
the excursus character only the essential “must-haves” of a call for tenders should be pre-
sented. It therefore resembles a checklist more than a detailed chapter on the subject of
tendering.
Most outsourcing projects are underestimated in their complexity. As a result, the set goals
such as cost reduction or process improvement can often not be achieved. Therefore, it is
necessary to apply some basic project management methods to the outsourcing project.
This includes in the first place the project planning on the basis of the five points pre-
sented below until the transfer of the operation to the provider. It is also important to put
together a project team including activities and responsibilities.
Figure 11 shows the project planning based on five phases:
Step 5: The
transition phase
Depending on the size of the outsourcing project, the aforementioned periods can be
larger or smaller.
In addition to creating the project plan, the following basic project contents must be
created in this first phase:
Based on the sourcing types and models presented in Chapter “The Sourcing Type:
Which IT Services Can Be Outsourced?”, They must now be selected and defined for the
respective purpose. This means:
Once it is clear what and how to outsource, the objectives of the outsourcing must be
defined. This should be followed by the creation of a business case or a cost-benefit anal-
ysis, which ideally reflects three scenarios (best, medium, worst case).
The tendering phase begins with the collection of information about potential providers
and the detailing of requirements down to a short-list of potential providers.
The starting point is the creation of the following documents:
• A precise definition of who is to perform which services (for example, in the case of
infrastructure outsourcing, a precise definition of the areas of responsibility is to be
made according to ITIL)
174 Step 4: The Sourcing Strategy
After the first offers have emerged from the Request for Quote (RfQ) phase, the phase of
evaluating the offers and the so-called scoring of the providers now follows. It is impor-
tant not only to consider the quantifiable facts—such as the costs—but to make a holistic
assessment.
The following catalogue of criteria gives an overview of the “must-haves” when com-
paring the offers and the performance of the providers:
• Cost aspects
– Duration of the outsourcing contract depends on the costs of the transition and the
investment needs of the provider
– Total Contract Value = Total cost of service operation over the total term of the
sourcing contract Transition/Transition phase
• Transition phase
– Duration of the service transition
– Risks during the transition to the new provider
– Project management skills for controlling and leading the transition
Scoring can and should be expanded on an individual basis and correspondingly detailed.
The above representation shows only the generic and most important general criteria.
In addition to the pure scoring, the following guiding questions for selecting the right
provider can also be helpful:
1. How much experience does the provider have in the form of similar references? Can
the mentioned references confirm the provider’s performance?
2. Does the provider have any relevant certifications such as ISO/IEC 27001 or SAS 70
for cloud solutions?
3. How well can one agree on responsibilities for cooperation before signing the con-
tract? Are the interfaces between IT and the provider clearly defined and are the
boundaries clear in terms of the company? Does the provider use standardized
Service Management processes according to ITIL?
4. To what extent can the provider’s services be checked? Is “on-site access” guaranteed?
5. How great is the need for adaptation, i.e. do processes and internal procedures have
to be adapted strongly to those of the provider or does the provider adapt to the cir-
cumstances in the company?
6. Are you sure that the agreement of common Service Level Agreements (SLAs) is
okay or do you feel pressured here?
7. Does the provider meet all criteria in terms of security?
8. Can the new provider comply with all legally prescribed regulations?
9. How are the topics of Disaster Recovery and backup mechanisms assessed? Is this
sufficient for your company in an emergency?
10. How good is the provider’s personnel’s training and communication skills? Are the
provider’s reachabilities detailed and is there a “emergency number”?
mainly includes obligations to inform and keep secrets, termination criteria and services
to be provided before the contract is concluded. The aim of the LoI is to make detailed
information available to the provider until the contract is concluded, which would not be
possible without confidentiality agreements and concrete mutual declarations of under-
standing. During the LoI phase, all open points can be clarified, which then lead to a pos-
sible termination of the talks or result in a concrete contract design and -signing.
The actual outsourcing contract must be created in this phase. Typical contents of an
outsourcing contract (based on [25]) are:
Contractual basis
Performance security
• Quality assurance
• Warranty and liability
• Liquidated damages
• Indemnification clauses
Contract performance
• Project management
• Organizational committees
• Changes in scope and schedule
• Special termination rights
• Termination/cancellation (It is recommended that an exit clause be included in the
contract that addresses the transition to another provider. This should also clarify what
exit costs are allowed to be incurred.)
178 Step 4: The Sourcing Strategy
The tips and “lessons learned” provided by Ward/Peppard are very helpful. They show
what should definitely be avoided when negotiating with a provider: (adapted from [39])
After everything has been clarified contractually with the new provider, the transition of
the outsourced IT service to the new provider, the so-called transition phase, follows.
What needs to be considered?
• Concrete planning of the transition phase in the form of a Gantt chart in MS Project
• A fall-back concept must be taken into account
• Consideration of legal regulations and specific safety conditions
• Carry out and document the actual situation together with the provider (if not already
done before the call for tenders).
In addition to the operational work in the transition phase, there is a phenomenon of psy-
chological nature that occurs again and again: The “letting go” of the employees from
their often long-cared-for and possibly self-developed applications or IT infrastructures
is often very difficult. Therefore, in this phase, many apparently simple task assignments
are blocked or even boycotted. The transition phase is therefore a great challenge for
the management, including the project manager. Because in essence it is a large change
Work Questions and Implementation Step 4 179
project. In addition to the “letting go” of your “IT babies”, there are often great fears in
relation to the new role or the possible loss of employment through outsourcing among
employees. Here it is up to the project manager or manager to take precautions. It must
be clearly defined before the transition phase how the future work roles will be distrib-
uted. For this purpose, the following structured approach is recommended, which is best
carried out in accompaniment or with the support of the personnel department or exter-
nal experts:
It is particularly important to consider not only the possibly affected IT employees, but
above all the departments. Whether they outsource an application or the data center. There
are always employees from the departments affected and the usual training of the new
application is by no means sufficient. Because by outsourcing almost always also change
the roles and responsibilities of employees of IT but often also much stronger the roles
of employees from the department. Even if the application remains the same and is only
operated by an external provider, the communication channels and the coordination pro-
cesses change. The general cooperation must follow other guidelines than if it were to run
internally with IT.
This change character of outsourcing has a significant value in terms of the success
of outsourcing, not only during the tendering and transition phase, but above all in the
ongoing operation.
Preparations for Step 4
In order to develop the sourcing strategy, a current situation assessment is carried out
in the first step. This can be used to derive where there is still room for improvement in
current sourcing projects. Subsequently, it can be considered for all IT services whether
180 Step 4: The Sourcing Strategy
sourcing makes sense or not. This is reflected in the sourcing strategy and rounds off the
picture of make or buy for your company.
For the development of the working questions in step 4, you can start alone or with
your management team. Possibly the following people can be helpful:
IT architecture management
In the first step, a brief overview of which IT services are already outsourced, to whom
and with what success is recorded in a clear matrix. For this purpose, the worksheet 1,
which is already known from the example of the Produktio weltweit GmbH, is used. An
example is given in the first line, which should help you when filling in the matrix.
Work Questions and Implementation Step 4 181
◾ Please list all sourcing projects that are currently running or are in the process of being
tendered, or projects that have been outsourced to providers, according to the example given.
After a first overview including a rough evaluation has been carried out, a closer look
must be taken at the problem cases (evaluation worse than 2 or 3). Here there are now
various options for carrying out a detailed analysis of the problems in order to then be
able to derive how to deal with the problem.
182 Step 4: The Sourcing Strategy
• 1) How is the current cost situation to be assessed: Are the costs within the framework
estimated before sourcing; if not, why not? Are the costs tracked and checked con-
tinuously, are there clear specifications or ceilings agreed with the provider?
• 2) How is the personnel situation to be assessed: Is the internal IT personnel suffi-
ciently qualified to lead the provider and are all necessary processes coordinated with
the provider and working smoothly? Is the provider’s personnel sufficiently well
trained and are jointly coordinated processes used for the work? Are committees set
up in which all issues are coordinated according to clear rules? Are there problems,
annoyance, difficulties among the participants? What is the reason for this and how
can it be remedied?
• 3) How is the service quality to be assessed? Are the SLAs checked, adhered to and
how is the provider’s reporting on the service levels? What happens in the event of
deviations from the SLAs? Are there clear regulations for this or can this always be
amicably clarified with the provider? Were there any breaches of contract? How was
this dealt with and were there good solutions for both parties?
Work Questions and Implementation Step 4 183
Please describe now per sourcing project the current maturity level regarding costs
(column 2), the personnel situation (column 3) as well as the service quality (column 4).
Another way to examine the problems of current sourcing projects in more detail is to
use the SWOT analysis. This was already used in the example case (see Fig. 9 for the
outsourcing of SAP and the data center. Workbook 3 gives you the opportunity to use the
SWOT matrix for each current sourcing problem.
184 Step 4: The Sourcing Strategy
For each sourcing problem case, please use a SWOT analysis in which you enter the
current strengths/weaknesses as well as opportunities and threats.
Strengths Weaknesses
Opportunities Threats
After the sourcing problem cases have been examined in more detail, the question now
arises as to how to proceed. Often, by taking up the actual problems, it has become
quickly apparent what needs to be done to stop the problems. But sometimes the prob-
lem seems to be so deep-seated that it needs to be considered whether to review the deci-
sion for the provider and to force a new tender with another provider or to bring the
previously outsourced IT service back in-house by insourcing it into the internal IT. If
this should be the case, the excursion to implement an IT sourcing project in 5 phases
can serve as a guide. You will then come through the tendering phases to a new provider.
After the as-is recording has been carried out, the sourcing strategy can be created. The
worksheet 4 serves as a basic worksheet for describing which IT services (see column 2)
are to be outsourced or brought back with the corresponding parameters in columns 3-5
Work Questions and Implementation Step 4 185
Please now create a sourcing strategy in which all current and especially all planned
sourcing projects are listed (see the example in column 1)
Application
outsourcing
186 Step 4: The Sourcing Strategy
Sourcing-Governance
To complete step 4, the already familiar organizational chart can be used to determine
the project participants within the framework of sourcing governance for outsourcing
projects (see worksheet 5).
In addition, it can be considered how existing sourcing projects are to be set up within
the framework of sourcing governance? Are the current participants the right ones, are
the reporting and reporting paths reasonable, are additional persons needed or possibly
no longer needed.
Please use this organizational chart template for each sourcing project and enter the
project participants in the corresponding fields.
Steering Committee or
Sourcing Steering Committee
Project management
Please use the organizational structure below and enter the names necessary for your
IT organization or adapt the structure to your circumstances.
Provider Faculty
(IT service provider) CIO Organization
(IT service purchaser)
Process Responsible
Product Manager Sourcing manager
…….…........
Service provider 2
……….
Product Manager
….
Conclusion Step 4
The sourcing strategy and working with IT service providers, often called providers, is
an essential success factor in today’s IT organization. Because the manufacturing depth
of IT organizations is often relatively high and thus the dependence on third parties. A
very important finding should be that the “cultural fit” of the (potential) provider is just
as decisive for success as the other factors (costs, service quality, performance, etc.).
Offering IT services to the company or departments is always a balancing act between
standardization and individually matching processes. This must be clarified in-house and
only when it fits, can the performance be provided by a provider.
Through cloud technology, outsourcing is becoming easier and one could almost say:
Many users do not even notice that certain IT services or data are not operated in-house,
but are located somewhere else. This is a blessing and a curse at the same time. On the
one hand, the cloud technology creates great opportunities for using data anywhere and
188 Step 4: The Sourcing Strategy
anytime, on the other hand there are great security risks that currently still cause uncer-
tainty, but will be controllable in the near future (must).
Your three most important thoughts, insights, keywords:
Step 5: IT Organization and IT
Governance
Abstract
After the determination made in step 4, which resources will be outsourced to third
parties or supported internally on the basis of a make-or-buy decision, this fifth step
involves a possible adaptation of the IT organization and the IT governance structure.
In other words, what you need to optimally support the internally retained IT services.
Considerations are made regarding roles and responsibilities, interfaces, departments
and within IT, between demand and supply, and suppliers.
• Due to the high rate of innovation in the IT industry, there is a constant need for
capital in the IT organization, in addition knowledge has to be constantly renewed or
purchased
• The IT organizational forms are in a, in short cycles and waves understood, change
(from the strict separation of demand and supply to an integrated IT and back away
from it; Centralization versus decentralization)
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden GmbH, 189
part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3_9
190 Step 5: IT organization and IT governance
The goal of this fifth step is therefore to consider how the new IT strategy can also help
the IT organization grow.
The IT organization has a wide range in companies due to the different roles described:
from an almost completely outsourced IT to an external provider, via the model of a
100% subsidiary to an internal IT department that takes over 100% of its tasks itself.
First of all, the following three questions arise when designing IT organizations:
• Who is responsible for IT in the company and who makes the decisions regarding IT
in the management? This is followed by the question of decentralised or centralised
management.
• Who decides on IT resources?
• How is IT financed or budgeted? The options are cost, break-even, profit or invest-
ment center.
• Which committees are needed (especially in terms of business-IT alignment and close
involvement of specialist departments in IT decisions)?
In general, four organizational forms for internal IT are prevalent in practice, which are
also relevant as a starting point for the design of the IT organization:
IT as a IT as a field
department
within a division
UN-Leadership UN-Leadership
IT
UN-Leadership UN-Leadership
Controlling
Finance Purchase Production Central
IT
Decentralised Decentralised Decentralised
IT Finance IT Purchase IT Production
In order to describe the four typical organizational forms in more detail, to exam-
ine the management structure and at the same time the advantages and disadvantages,
Table 1 is used.
The Table 1 shows very clearly that all mentioned organizational forms have not only
advantages, but also significant disadvantages. Therefore, for IT in the past, often very
specific organizational forms have arisen next to the ones presented here, which are to be
presented and examined in more detail below.
Overall, it must be said that the field of IT organizational design has not been con-
sidered in detail in the literature and in scientific papers so far. However, the business
organizational forms as they are lived in practice today repeatedly reach their limits
when applied to IT organizations. Whether it is due to the complexity of IT, the clearly
required service orientation or communication problems between technicians and “oth-
ers” is left to be seen. Nevertheless, it seems important here to also look at other options
that have established themselves in practice.
After the model was established at the end of the last millennium, it became increasingly
popular in the following years and can still be found in IT organizations today in some
cases. It has evolved over time and has been absorbed into other organizational forms,
for example in the so-called “Source-Make-Deliver” concept by Brenner/Zarnekow [5],
which was developed at the University of St. Gallen in 2003. This concept has already
located the IT much more within the framework of a market mechanism and is therefore
a successful further development.
For further considerations on an optimal organizational form, the Plan-Build-Run
concept offers an important basis, but as with the approach by Brenner/Zarnekow, the
demand for more service mentality, more market mechanism, which was taken up in the
Shared Service concepts, came first.
193
(continued)
194 Step 5: IT organization and IT governance
Table 1 (continued)
Organizational Description Advantages Disadvantages
form
IT organiza- This form of organization Closer to the prob- Very complex due to
tion as a matrix combines the central and lems or wishes of high coordination
(central and decentralized function of the areas and there-
decentralized) IT in companies. There is a fore better regarded
central IT organization that (good business-IT
is directly subordinate to the alignment possible).
executive management and Promoting close Decisions are often made
sets the framework guidelines cooperation with the only slowly or half-
as well as the decentralized departments. heartedly, as central and
IT units that are assigned to decentralized institutions
the areas. These are mostly often contradict each
autonomous and only sub- other.
ordinate to the framework
guidelines and standards of Often associated with
the central IT, but can decide high costs, if central
individually for their area and institution does not set
function clear standards
• Greater transparency regarding IT costs: For the first time, prices had to be estab-
lished for IT services
• Because of the market mechanism arising from this, IT should become more aware of
supply and demand for IT services, rather than just reacting to requests from special-
ist departments
• Entrepreneurial action should occur in IT management, rather than just administrative
work as before
• A stronger customer focus and, as a result, better service quality
• The greatest possible standardization of IT services
195
Shared service concepts can still be found today. They had a very large influence on the
further development of IT in the direction of a service mentality, transparency, and cus-
tomer focus, which today has been absorbed into the demand/supply concept. This con-
cept is to serve as the basis for this book with the current state of 2014, to which the
working questions will also be oriented. However, before the demand/supply concept is
examined in more detail, the current IT organisation of the example company is to be
examined. It very vividly shows the path from the typical IT organisation, which was
found in the 2000s to be more than 90%, to the demand/supply concept.
• classical
• agile
• bi-modal
Often, the transition to an agile way of working not only changes processes and work-
flows in IT, but also in the business units to some extent, but it increases speed, which
benefits both parties.
For Produktio weltweit GmbH, the transition to a demand/supply concept will already
represent a major change in the way of working. As described later, the demand manag-
ers will take over production/logistics tasks in the Industry 4.0 environment and already
try out agile methods there, so that a bi-modal IT organization can be spoken of. This
“trying out” and constant improvement is a good way to a really agile IT organization
that in the future may even bring the development and operations areas closer together in
the DevOps concept.
In our example company, the IT organization is anchored as an independent area in
the organizational chart, i.e. the reporting line goes directly to the company management.
In the example, it is the commercial manager as managing director of the company.
• IT Operations
• IT Applications
• IT Office
The IT Operations department is responsible for the support and maintenance of the safe
and always available IT operation and the entire IT infrastructure of the company. For
this purpose, three groups or teams were formed in the “IT Operations” department:
UN-Leadership
Production &
Finance IT Purchasing
Logistic
Corporate
Systems
• IT security and TK: Here specialists for the IT security and the telecommunications of
the entire company are active.
• IT workplace and network: In this group, experts are responsible for ensuring the IT
infrastructure. This includes all IT workplace devices including the operating system
and office software as well as the entire network (WAN/LAN/WLAN).
The second department is responsible for all IT applications. This includes the applica-
tions shown in the application strategy, such as SAP, portals, the CRM system, etc. Since
these are different applications that provide a very large range of functions and cannot
be operated by one group as a whole complex system landscape, three groups have been
structured with the following specialist activities that are oriented towards the processes
and tasks of the specialist departments:
• SAP FI/CO: Here the experts for finance and controlling are responsible for the SAP
FI/CO modules.
• SAP Logistics and Production: Here the specialists are responsible for the
IT-technical mapping of the logistics and production processes for the implementation
of the requirements from these areas, mainly in the SAP modules SD, MM, WM and
the MES system.
• SAP Basis and ABAP: Here specialists are responsible for the general support of the
SAP system including user concepts, master data, technical support and support as
well as ABAP programming for very special requirements that are not part of the SAP
standard.
• Corporate Systems: This group deals with all applications that have not been men-
tioned so far and thus represents a kind of “catch-all” for all non-SAP applications.
These currently include mainly the web tools, portals and the CRM systems as well as
the new and innovative products that cannot be IT-technically supported on the basis
of SAP.
The third department is called “IT Office” and is responsible for projects and all admin-
istrative matters of the entire IT organization.
• The first group “Project Management” represents a kind of pool of project managers
and assistants who are responsible for and accompany the introduction of applications
at national and international locations.
• The second group “IT Controlling and Administration” consists of IT controllers and
commercial assistants who take care of the internal cost accounting of IT, but also
business cases and economic calculations for IT projects, sourcing or other projects.
Overall, the IT of the Production world-wide GmbH corresponds to the typical con-
figuration of IT organizations of medium-sized companies. Advantages are the clear
198 Step 5: IT organization and IT governance
structure and leadership as an organizational unit within the company. But what can be
disadvantages or problems?
• How is the proximity to the customer or department? This is given by the direct orien-
tation of the systems to the departments in the applications.
• How is the transparency of IT in management and departments? Transparency is
probably only partially given in the form of IT controlling, which, however, as an
area, is only reported to the UN management; whether and to what extent the depart-
ments really have insight into IT budget, project details, etc., is questionable.
• This leads to the question of the involvement of the departments: Who decides on
projects, system introductions, how are requirements transmitted to IT? Here it gets
more difficult, because the requirements management is probably decentralized in
the groups of the application department and thus not transparent or secured by com-
mittees. Is there a committee that decides how to deal with requirements? How and
by whom are requirements administered? This is all reserved for the departmental or
group leaders of the application departments and the project group at the Production
world-wide today. The department has little influence here.
It is precisely this last point that has led to much frustration among the departmental
responsible of the Production world-wide GmbH, which has been accumulating in the
management of the UN in recent years. Therefore, as part of the new IT strategy, it was
decided to change the IT organization in such a way that the departments have more
influence and transparency with regard to requirements and project management. This
has led to the concept of demand/supply, which is presented in detail in the following
chapter.
Therefore, one speaks of the so-called demand/supply organization (short for Demand/
Supply Organization), as exemplarily shown in Fig. 3 according to Gadatsch [18].
With the demand/supply organization model, IT can grow out of the technical role
and move much closer to the demand branch (formerly PLAN and/or department) and
the management in order to identify and satisfy requirements early and proactively in the
form of demand. Top management is also actively involved and sets the strategy on the
199
Tasks: • Internal IT
• IT strategy departments
• IT controlling • IT as a subsidiary
• IT company
Requirements • Outsourcing
Department management Provider
1 • IT
Service provider
management
Department
…
Department
n
Demand
Regulations
Demand
Independent IT service
providers (without
framework agreement)
basis of which IT can map the procurement and demand structures in the company as a
kind of market. The performance branch (formerly BUILD and RUN) is the former tech-
nical core of IT, which provides IT services as supply according to the demand from the
demand.
This means concretely for the design of the IT organization that the following areas or
departments are mainly contained in the demand branch:
The supply branch can be operated both internally and externally, but also as a kind of
hybrid form between internal and external shares. Supply includes the provision of IT
services in the form of applications and its basis by infrastructure/operation. The follow-
ing areas or departments are typical in the supply branch:
200 Step 5: IT organization and IT governance
The key question is now: Who runs the Demand branch and who runs the Supply branch
or are both centrally managed? What happens to the “cross-sectional tasks” such as strat-
egy, project management or architecture: do they belong to Demand or Supply? Here are
three different models possible, which are also shown in Fig. 4 as a blueprint:
• Decentralized Demand-IT: Has a CIO office for the Demand branch and a CTO office
for the Supply branch (Note: CIO stands for Chief Information Officer and CTO
stands for Chief Technology Officer.)
• Centralized Demand-IT: just like in the decentralized Demand-IT, only the require-
ments and process management is directly with the Demand managers and not in the
CIO office
• Demand/Supply in a CIO office: both branches have a common CIO office
Decentralized Demand IT
IT Management / CIO Office CTO Office
• IT strategy, IT architecture
• IT Provider Management
• IT controlling and administration
• Service Management Processes
• IT Project Management
support
analysis
• System integration
• Process management (possibly also
• Operation & Infrastructure
specialist department)
Centralized Demand IT
IT Management / CIO -Office CTO Office
• IT strategy, IT architecture
• IT Provider Management
• IT controlling and administration
• Service Management Processes
• IT Project Management
support
analysis
• System integration
• Process management (possibly also
• Operation & Infrastructure
specialist department)
Demand/Supply in a Management-Office
IT Management / CIO Office
• IT strategy, IT architecture, IT controlling and administration
• IT Project Management
• IT security and quality management
• IT Provider Management
• Service Management Processes
In general, the following departments or areas are located in the CIO office of the
Demand branch:
In the Supply branch of the CTO office, the following departments or areas are located,
which provide services across the Supply:
• IT provider management
• Service management processes (definition and standards for the competence centers
of the supply branch)
If there is only one CIO office for demand and supply, the above-mentioned areas are
jointly managed in this CIO office.
The areas “IT security” and “IT quality and test management” are also often found as
cross-sectional functions in the supply branch. However, many companies have also inte-
grated these into their own competence center in the supply branch or, at least in the case
of “IT security”, into the CIO office due to their importance for the company.
With this division into demand and supply, IT establishes itself as a two-part organi-
zation that is much more closely integrated into the business and the specialist depart-
ment through the demand part and can thus shape, control and moderate it in a more
proactive way. The supply part is the real “factory” in which IT services are developed,
adapted (customized), operated and maintained. This can be done by internal or exter-
nal partners or a combination of both, depending on clearly defined interfaces between
demand and supply.
• Employee motivation through clearer task and role definitions and better delimitation
from the tasks of the specialist departments.
• Business area-integrated
• Decentralized-coordinated
• Enterprise-wide centralized
Business
division
Demand IT
Supply IT
demand branch. Then the CIO is the superior in terms of content and the business unit
manager is the superior in terms of discipline of the demand manager or DIO.
In the third variant, the “Central Demand-IT”, there is a central demand unit for all
business units. One speaks of a so-called centralization of the demand-IT according to
the principle of activity, since identical activities, such as requirements management or
supplier management, are carried out centrally for all business units. In the case of the
supply-IT, one speaks of the object principle instead of the principle of activity, since
here one is centralized according to an object (for example, according to competence
centers for ERP, CRM, etc.). With the company-wide centralized demand-IT, the ques-
tion of leadership also arises? This is taken over by a group CIO or possibly even a CPO
(Chief Process Officer) in this case, if the demand-IT is very closely oriented towards the
business.
Of these three functions, the two process roles are to be located in the specialist depart-
ment as an expert and owner, and the application or system owner is to be found in IT in
the demand branch as demand manager. Table 2 is used to define the roles concretely and
to demarcate them from each other.
These roles are very strongly business-oriented and show the new self-image of IT in
the demand branch: towards more entrepreneurial roles that think and act entrepreneuri-
ally, that know and understand both sides (department and IT) customer-oriented.
The Supply-IT
After it has been discussed in detail how the demand-IT is to be set up organization-
ally, this should now also be done for the supply-IT. The supply-IT is more technology-
oriented and is therefore usually led by a CTO (Chief Technology Officer), sometimes
also called Supply-CIO. A key feature of the supply-IT is the necessary orientation to
clear service management standards. Not the pure technology administration and support
is the guideline, but the “IT factory” of the supply, which serves the demand from the
demand in a market-oriented manner, which is organized according to clear rules.
204 Step 5: IT organization and IT governance
Table 2 Task definition and demarcation between application owner, process owner and process
expert
Application Owner Process Owner Process Expert
• Technical responsibility for • Functional responsibility for • Functional expertise of the
the application the application processes belonging to this
• Development planning and • Decision on the implementa- application
conceptual architecture tion of requirements in the • Create specification (formu-
decisions application lation of requirements and
• Create specification • Release of applications after necessary changes)
• Project manager for new new installations • Functional tests of applica-
installations or upgrades tions during new installations
and control of HW and SW • First point of contact on
supplier (project planning, the specialist side for the
implementation, escalation) application for functional,
• First point of contact for functional questions (2nd
the application for technical level support for users and
questions (2nd level support How-to-questions)
for technical problems)
• Responsible for the applica-
tion budget including clari-
fication of licenses, SW and
HW costs
ITIL stands for “IT Infrastructure Library” and was originally developed in the 1980s
by British authorities as a kind of collection of “best practices” for planning, monitoring
and controlling IT services. ITIL is particularly suitable for IT service providers, but by
now it has become an indispensable standard in almost all companies and is continu-
ously developed and updated by users, manufacturers and consultants.
When we talk about service-oriented IT or supply today, it is actually always about the
best practices from the ITIL toolkit. We are talking here about IT services that—starting
with the internal performance in the supply up to the customer interface in the demand
and in the department—have to be looked after throughout the service life cycle on the
basis of ITIL in the supply branch.
The ITIL-based IT Service Management has become such a powerful, but also impor-
tant instrument that there are numerous books as well as instructions and documentation
on the Internet. Therefore, ITIL and the design of the supply with best practices are not
explicitly discussed. This would also exceed the scope of developing an IT strategy.
It is only important in this context that the supply branch provides market-oriented
services to the demand branch, which are carried out on the basis of clear service level
agreements (SLAs). Only in this way can the performance be carried out and controlled
according to precisely defined rules in functionality, costs and quality.
205
• In practical terms, ITIL is currently only used in the more operational service support
and partly in service delivery. This means that for the development of the IT strat-
egy, ITIL does not represent a complete process or organizational model for the entire
internal IT, but only a collection of best practices for selected areas of the IT organi-
zation, such as service support. Areas such as application management, infrastructure
management and the entire business perspective are not or only very inadequately
represented in ITIL.
• ITIL focuses on describing “what” should be done to implement service-oriented
management processes; the “how” of implementation is only inadequately considered
in the original ITIL, although there are now many providers of implementation-ori-
ented process models that build on ITIL.
• ITIL is a generic model and does not contain any industry- or company-specific infor-
mation. This means that the adaptation of the best practice collection to the respective
company always has to be done individually and that the best practices should not
be taken over 1:1. There is also no differentiation of the application between small,
medium-sized and large companies, although this would certainly be very helpful.
Because not every medium-sized company needs the complete best practice collec-
tion, but could often work better and more efficiently with “trimmed” ITIL modules.
Demand Manager
FI/CO/HCM
Personnel /
CC WM/SD and MES
Administration
Demand Manager
Logistics / Production Logistics/Production CC QM/SD
Purchasing /
CC Operations
Quality Management Demand Manager
Purchasing / QM /
Sales
CC Infrastructure /
Sales
Security
For the Demand-IT there is a CIO as a management function, which reflects the cross-
sectional functions of the Demand-IT in his staff: IT strategy, IT architecture, IT con-
trolling and project management. For the Supply-IT, the CTO is responsible for service
management (specification of ITIL processes and standards for application develop-
ment and maintenance) and provider management. The Demand-IT is a purely internal
IT organization, whereas the Supply-IT has outsourced parts of the CC for application
maintenance in the SAP area and the data center.
Example 2: Centralized Demand-IT
The difference between the decentralized Demand-IT just introduced and the central-
ized Demand-IT shown in Fig. 7 is now interesting. The departments and the Supply-IT
are set up just like in the decentralized Demand-IT. In the Demand, however, there are no
direct Demand managers responsible for the departments, but there is a central Demand
area that is responsible for all departments and leads all CC of the Supply-IT. The central
tasks of the central Demand-IT are, like the individual Demand managers per depart-
ment, the requirements management as well as the cost-benefit analysis and the process
management, which in this example is carried out by the Demand-IT for Produktio welt-
weit GmbH. In many companies, process expertise is explicitly located in the depart-
ment, with the roles of process expert and process owner already presented. At Produktio
weltweit GmbH, the CIO is also CPO (Chief Process Officer), i.e. he is the first point of
207
Demand management
Personnel /
CC WM/SD and MES
Administration
• Requirements management
(Change and request
management)
Logistics / Production • Process Management
CC QM/SD
• Cost-benefit analyses and
profitability analyses
Purchasing /
CC Operations
Quality Management
CC Infrastructure /
Sales
Security
contact for all business processes of the company and is responsible for the optimization
and standardization of all processes in the company. In summary:
The third example of the shared Demand/Supply branch with a CIO office is shown in
Fig. 8.
In the third variant, only the CIO has a leadership function. In his staff, he takes over
the cross-sectional functions of the CIO and CTO offices. The Demand-IT is set up
just like in the decentralized variant, i.e. direct interface of a Demand Manager to the
respective department. The Supply-IT Competence Centers are also controlled 1:1 by a
Demand Manager.
208 Step 5: IT organization and IT governance
Demand-IT Supply-IT
Demand Manager
FI/CO/HCM
Personnel /
CC WM/SD and MES
Administration
Demand Manager
Logistics / Production Logistics/Production CC QM/SD
Purchasing /
CC Operations
Quality Management Demand Manager
Purchasing / QM /
Sales
CC Infrastructure /
Sales
Security
IT governance has the task of providing leadership and organizational structures as well
as processes that optimally support the company’s IT strategy. As a sub-area of corporate
governance, the design of IT governance lies with the company’s management and not
primarily with the IT responsible persons. A key task of IT governance is therefore to
define the role of IT in the company and to clarify the decision-making powers of the IT
responsible persons.
IT governance also has other functions that move in the area of compliance, for
example:
• Ensuring the security of all IT systems in terms of integrity, availability and confiden-
tiality as well as reliability (compliance with external requirements)
• Creating transparency—for example through strategic and economic evaluation of
projects—as a contribution to cost reduction in the IT sector
• The revision-proof structuring of the IT organization as well as the processes and pro-
jects according to general standards (e.g. ITIL, COBIT)
• Compliance with legal requirements
209
In the context of the fifth step, it is important that IT governance defines the role of IT in
the company and the IT roles (CIO and all IT management roles) in a clear way and thus
creates a framework that also takes compliance issues into account. This also includes
the definition of how IT should work in the form of committees that create and pre-
serve standards. The question of the involvement of top management and departments
in IT questions also belongs in this context, especially since this book wants to promote
exactly this topic of business-IT alignment.
As already shown in the questions about the current problems of IT organizations at the
beginning of the book, IT in companies is subject to a great deal of change. No other
organizational unit has changed so much in recent years due to the ever-faster technology
life cycle. Always new technology hypes ensure that companies work even more effi-
ciently, processes are automated even more and information can be evaluated even better.
Of course, some technologies have now matured to the point where they can actually be
considered commodities according to Carr.
IT in companies is indeed often just where these commodities become manageable
in the sense of constantly and reliably available IT, similar to electricity or telephone.
This is the most basic role of IT in companies: ensuring IT operations, called business
continuity.
If that is achieved—and by now all IT organizations should have arrived there—then
it becomes exciting what role IT should play in the company in addition. There are very
pliable frameworks according to which the different types of IT organization are typified.
In this book, two of them will be introduced in more detail in order to determine the role
of IT in the company.
The first model for the classification of IT in the company comes from two profes-
sors from the USA, Ritu Agarwal and Vallabh Sambamurthy. In their article “Organizing
the IT Function” [1], they have typified three types of IT function, which are shown in
Table3 are shown. In addition to a description in column 2, which function the IT takes
over in the respective role in the company, the role of the CIO and his seat in the com-
pany management is also discussed (column 3). Finally, column 4 contains the consid-
eration in which company context this role can work best.
Another model of role typing of IT in companies is from Kienbaum in cooperation
with BITKOM in the study “IT organization 2016: Factor Human!” [22] emerged. There
are five different types of IT roles presented there, as they can be seen in Fig. 9.
The five roles of Kienbaum show very clearly the way the IT has to go in its develop-
ment phase: From the pure service provider, which ensures business continuity, to the
technology or even business innovator, which drives technical innovation and brings the
company forward. Most IT organizations (according to Kienbaum about 2/3) are still in
the role of the service provider today and take on the role of transformer of business
210 Step 5: IT organization and IT governance
Role of IT
Business Innovator
49% Drivers of technologically supported business innovations
Technology Innovator
Business focus
Business partner
74% Transformer of business requirements into IT solutions
Service provider
88% Responsibility for the smooth running of IT
IT focus
requirements into IT solutions. However, just slightly more than half of the CIOs sur-
veyed in the Kienbaum study already take on the role of initiator of standardization and
optimization of business processes. And almost half of the respondents have already
made a name for themselves as a technology and business innovator, who actively brings
fresh innovation into the company.
The Kienbaum study shows very impressively that IT does not only play one role in
the company, but in almost all cases many different roles in everyday life. Nevertheless,
one role always crystallizes out as decisive and these order models provide a transparent
framework to look at where the IT is currently located and where it wants to go. There
is always a difference between the actual role and the desired role and it is this gap that
needs to be closed.
In addition, there are always different perspectives on the role. For example, while
the management sees the role of IT as a service provider, the CIO sees himself as a busi-
ness innovator. Then the difference in role understanding is great and trouble is pre-pro-
grammed. Therefore, it is very important for success—not only for that of the CIO, but
for the entire IT organization—to align perspectives and discuss the right positioning of
IT with the management. The development of the IT strategy is an ideal starting point
to discuss the role of IT in detail and to define a common way to its desired role in 3–5
years.
212 Step 5: IT organization and IT governance
What role does IT play in our example company? Based on the just-cited study by
Kienbaum, the focus would be on the service provider role with relatively little share in
the areas of business and technology innovator. This is because IT is still very tradition-
ally managed as a department in the finance sector on the basis of cost or budget guide-
lines and is mainly shaped by the finance sector. With the switch to the demand/supply
structure, however, the role will change gradually. Through the demand branch and the
demand managers, a closer relationship will be built up with the specialist departments
and they will be able to hold the IT more accountable. This creates a desired and positive
tension that slowly brings the IT into the driver’s seat. It is also important in this context
that the management of Produktio weltweit GmbH together with the IT managers con-
sider what role the IT should play in 3–5 years and what needs to be done on the way
there.
It is also essential to consider to whom the IT will report in the new Demand/
Supply construct in the future, or where the IT organization will be integrated into the
company. So far, it has been the divisional manager of finance who has been respon-
sible and responsible for IT as a department. In the Demand/Supply organization, IT
can now become an area on an equal footing with the finance department and other spe-
cialist departments, or a staff unit. The staff unit would facilitate the pursuit of strategic
approaches, but also entail a greater distance from the specialist departments. However,
this is precisely what is to be prevented, which is why IT could be integrated as its own
department. The advantage of its own department would be that it acted on an equal foot-
ing with the other specialist departments, which would be very contrary to the Demand/
Supply concept. That is why the Production world wide GmbH chooses exactly this
approach of the IT organization as a department in the form of a Demand/Supply organi-
zation for the production.
The question remains as to whom the IT reports to the management. In the manage-
ment there is a managing director as a speaker with a more strategic orientation than
the CEO and an operational managing director who is responsible for the technology as
the COO. The commercial manager of the Production world wide GmbH is not in the
management, but also structured as an area to which IT has reported so far. This is no
longer possible now that IT has become an area itself. Due to the fact that IT is to move
closer to the specialist departments through the demand and because the company wants
to bring many technical innovations to the market, it makes sense that the direct contact
person of the managing directors Technology/COO is.
Once it has been clarified who, as Direct Report, leads IT and thus the CIO from the
management (here the GF Technology/COO), the question arises as to who is respon-
sible for digitization. IT must first take the step towards a Demand/Supply organiza-
tion. But it should already be clear on this way which responsibilities for digitization are
taken over. According to the perspective presented in Chapter 1, a distinction is made
213
between Industry 4.0 as process optimization and product or business model innovation.
As already established, it also makes sense for the Production world wide GmbH to posi-
tion IT as a driver for process optimization in the sense of Industry 4.0. The topics of
product and business model innovation are the responsibility of Marketing/Sales at the
Production world wide GmbH.
For IT in the new Demand/Supply model, this means that the Demand Managers for
Logistics/Production will also assume Digitalization tasks in the direction of Industry
4.0. This responsibility initially refers to the role of a close sparring partner with the pro-
cess experts of Production/Logistics in terms of process optimizations for Industry 4.0
applications and in the next step to concrete projects such as the introduction of predic-
tive Maintenance or the linking of production lines by new MES functionality. In this
way, the Demand Managers Production/Logistics can very well develop into the drivers
of Industry 4.0 approaches and promote the topic of digitalization at Produktio weltweit
GmbH.
After the role of IT in the company has been discussed and examined in more detail, the
reporting line in the form of the superior of the CIO has also been illuminated, the ques-
tion arises as to the role and task of the CIO in the company.
First of all, it should be mentioned that in the following the role of the CIO is used
synonymously with the also common terms in the market of the IT manager, the CTO
(Chief Technology Officer) or the EDV manager. As we have seen in the context of
the development of Demand/Supply structures, there is a difference between CIO and
CTO, since the CIO leads the Demand branch and the CTO leads the Supply branch
as “IT Factory”. This differentiation is important for the Demand/Supply structure, but
here we are talking about the person who reports directly to the management and that
is usually the CIO or the IT manager. It should also be mentioned that, in the context
of the Demand/Supply structure, the CTO reports to the CIO and the CIO in turn to the
management.
What are the main tasks of a CIO? Analogous to the cross-sectional functions as they
are described in the Demand/Supply construct, these are mainly the following areas:
In addition to this list of main tasks of a CIO, three roles can be distinguished, which are
accurately represented on Wikipedia and introduced in Table 4.
The approach presented in Wikipedia very nicely shows the transformation of the
role of the CIO from technician (“Run the Business”) to IT manager on an equal footing
with the management, who not only masters the technology, but also knows the busi-
ness and can therefore use IT even more efficiently as an innovation engine (“Change the
Business”) or even for the purpose of actual value enhancement as a strategic consultant
(“Engineer the Business”).
As already described, the CIO is on a direct path from the “technical implementer” to
the demand and information manager, who is seen as a partner of the business. This also
changes the role of the CIO in the overall context of the company. The Table 5 shows,
based on Brenner [4], this change in the role of the CIO very clearly once again.
The role of Chief Digital Officer (CDO) has emerged in many companies as a result
of digitalization. This role is responsible for steering all digitalization activities of a
company.
In particular, the question of interface to the CDO or task allocation arises for the
CIO.
For Produktio weltweit GmbH, the topic of Industry 4.0 would be ideal in this con-
text. This makes a lot of sense, especially since the CIO reports directly to the COO or
Managing Director of Technology and thus fits in perfectly with Industry 4.0. The Head
of Marketing/Sales is responsible for product and business model innovation. Here, the
CIO can position himself as a service provider for the technologies to be used and thus
further strengthen the IT position in Produktio weltweit GmbH.
Committees in IT
In most cases it is so that the process sovereignty lies with the department, since the pro-
cesses are the actual production factor of the departments. It is important here to differ-
entiate the companies according to the industry. With manufacturing companies from the
automotive or chemical environment, the processes in the departments are so extremely
important that they would never be outsourced to IT. Whereas in very IT-related indus-
tries, such as telecommunications or IT providers, the processes are sensibly accom-
modated in the corporate IT. Process sovereignty in IT or department could also be
imagined in the financial services industry, since the processes are now so automated that
they are best controlled by IT itself.
It is important in this context to delimit the responsibility between demand and
department. What exactly does process sovereignty mean for IT or department? What
does the department still decide for itself and which competences does IT have? This is a
large area that must be defined very precisely and individually.
In large corporations and companies that operate their own IT departments in branch
offices, the question inevitably arises: “Which IT tasks are centrally managed by the cor-
porate or group IT and which IT tasks can or should be decided and carried out locally?”
How is the differentiation between local and sovereign IT tasks of the headquarters
made in a demand/supply context? First, it seems to make sense from a business point
of view to centralize the operation and application development, the so-called “factory”
in the supply, in order to achieve economies of scale. The demand branch is typically
Table 6 Committee structures in IT
Committee Description/Frequency Goal Members
Architecture Committee Committee that sets and constantly Creating a uniform standard archi- • CIO
reviews architecture guidelines and tecture with economies of scale for • CTO and possibly CC Manager
standards the entire enterprise in Supply
1 per month • IT Architects
• Demand Manager (as needed)
• Department Heads (as needed)
Project Committee(s) Committee for controlling, leading Project status reports in order to • Project Manager
and escalation of projects take early measures and decisions • Department Responsible
The status of projects (time, budget, for the smooth implementation • Demand Manager
quality) is reported by the project • Supply Experts (as needed)
manager and measures are taken • CIO/CTO (as needed and size of
for the smooth implementation of the project)
projects
Demand Management Board A body for receiving, evaluating Transparency with respect to the • Demand Manager
and prioritizing requirements or current requirements or change • Business area responsible per-
change requests in the demand requests as well as, above all, sons (process experts and process
branch of IT evaluation and prioritization in a owner)
The frequency is strongly depend- body in which IT and the business • CIO
ent on the amount of new require- area decide together • IT architecture
ments or changes and the maturity
of IT; a cycle of 2 or 4 weeks
makes sense, in times of large roll-
outs also every week
(continued)
217
Table 6 (continued)
218
not only structured according to the departments in the headquarters, but there are also
demand managers in the branch offices or local factories in and outside of Europe.
Therefore, there must be a clear definition of minimum standards that must be adhered to
globally and that serve as guidelines for all demand managers.
It is important that the cross-sectional tasks of the CIO and CTO office remain in the
corporate IT. This means that there can only be such tasks once in the entire company
and that no decisions can be made in branch offices or global factories. The following is
a list of the cross-sectional functions and departments of a corporate IT in the CIO and/
or CTO office:
Line versus Project
IT organizations are always project organizations as well. Since in most cases the project
organization leads a life in the shadow of the actual IT organization with the disciplinary
responsibilities, there is often a struggle for competence due to unclear responsibilities.
The differentiation between professional and disciplinary responsibility is only one
issue. Another issue in this context is the “loan” of employees from the disciplinary
line organization to a temporary project organization. Here, it very often leads not only
to problems between project manager and disciplinary superior, but also the project
employees suffer from unresolved conflicts on other levels.
This sketched everyday problem corresponds to the most common so-called line-cen-
tered IT organization. In contrast to this, there is the project-centered IT organization,
which is opposed to the line-centered organization in Fig. 10.
The line-centered IT organization is characterized by a clearly structured, often func-
tional organization form. Due to this imprint, the line responsible have more power
than the project manager and see their daily business as priority over the temporarily
created projects. Projects are mostly organized across lines, but the coordination of pro-
jects across line boundaries is always very difficult for the project manager due to the
rule of the line. A pronounced project culture cannot develop under these circumstances,
since every employee rather orients himself to his line organization in order to be able
to make a career in the long run. The topic of personnel development and qualification
is also more strongly shaped by the line in such cases. Not so much attention is paid to
temporary project knowledge, but rather to the own specialization of the line organiza-
tion. The responsibility for the projects lies with the line responsible, who commission
220 Step 5: IT organization and IT governance
Line-centric Project-centered
IT organization IT organization
Project Line
Line Provision Project
ne tasks are resource of
Have Li er Projects oned and s Orientat
ov commissi by the line Qualificat for projects io
overarch n towards
Priority sks ed personne ion and
ta
project isional Project manag ment is through ing goals
manage developml Project
iv
Cross-d missing Project ate to line Vs. portfolio
o l is su b o rdin a view to ent with Project management
contr pronounced ment projects future w
Slightly lture manage Strongly ork has priority
cu
Project tion and Project cupronounced
a nt Cross-p lture
Qualific el developme lopment ro
n Resourc ject
Person ew to line deve e
a vi (matrix) Management
with
and monitor the projects. The project manager is therefore always subordinate to a line
responsible.
The project-centered IT organization is characterized by the fact that the line with
the daily business is not in the foreground, but the advancement of IT projects. For this
purpose, cross-departmental coordination is given in the form of project management
offices that are directly affiliated with the CIO. Here, the prioritization, evaluation and
commissioning of IT projects takes place with the support of project portfolios (see Step
6: Project Portfolio Management in detail). Business-IT alignment is in the center of
such organizational forms and is forced by projects with the departments. The line organ-
izations provide the personnel for the projects and coordinate and ensure the balance
between line tasks (daily business) and project tasks. Qualification and personnel devel-
opment is strongly oriented towards large project plans and is derived from the needs
and requirements of the department. In large projects, it is important that the project or
program manager is independent of line decisions, so they are often directly subordinate
to the CIO in a kind of project pool.
Necessary Decisions
The highest priority in personnel decisions lies in the correct placement of IT manage-
ment positions. This is important because IT management has the multiplier function
for the implementation of the IT strategy. IT managers must fit the IT strategy in the
sense that they represent it in front of subordinate employees and, through the IT strategy
cockpit to be created in Step 7, constantly work on keeping the strategic goals in focus
and implementing them. The function of the decision-maker for the selection and devel-
opment of IT employees is also subject to the leadership. They have the task of find-
ing, promoting and, if necessary, making decisions against IT employees who fit the IT
strategy.
The second most important decision is therefore in the just mentioned group of IT
employees in key positions for the implementation of the IT strategy. If, for example,
a result of the IT strategy is the outsourcing of IT infrastructure and IT operations from
step 4, then the tasks of the employees who have been working in this area so far will
change considerably. In many cases, these IT employees are even “transferred” to the
provider in the outsourcing contract. They now need other skills: For example, experi-
enced IT managers who can control the new provider, design the processes and inter-
faces to the provider transparently and optimally, or who are predestined by a more
commercially oriented background for the control and monitoring of SLAs, key figures
and billing prices.
The study “IT Organization 2016: Factor Human!” by Kienbaum in cooperation with the
BITKOM as background information on the personnel structure in German IT organizations
How personnel structures could look in an optimal way is shown by a study by Kienbaum in coop-
eration with the BITKOM called “IT Organization 2016: Factor Human!” [22] According to this
study, many companies have to rebuild their IT personnel structures considerably in order to be
prepared for future challenges. Currently, an IT organization is still dominated by application
developers and IT operations specialists (approx. 18%), according to Heinevetter, who initiated
this study as Kienbaum’s responsible person. IT governance is only 10%, while IT demand func-
tions are only 13%. However, these last two functions are essential for the control of the IT organi-
zation in the future.
“The importance of the classical IT supply functions decreases in the course of the industriali-
zation of the application landscape and the targeted use of standard solutions. Instead, employees
in the steering and coordinating functions such as IT governance and IT demand management are
required with pronounced business competence, because they are IT professionals who understand
how IT can best support the entire company,” says Thomas Heinevetter, Director at Kienbaum
Management Consultants and Head of the Study. [2]
Only 40% of study participants from IT departments of medium size and only six percent of
the surveyed employees in large IT organizations, according to the study authors, are satisfied with
their own competence in the field of IT governance. In the case of IT demand management, a sat-
isfied third in small and medium-sized companies is only 13% in larger organizations. “The gap
between the required and the actual skills of employees becomes more critical because governance
and demand are the areas that will need to build up staff in the future. This creates the question
for companies of how they can close the skills and competence gap as quickly as possible,” says
Heinevetter. [2]
222 Step 5: IT organization and IT governance
Of the surveyed CIOs, 79% see the greatest need for competence building in the area of
change and transformation management. Through the integration of IT and business pro-
cess management, 77% of study participants would like to contribute to the optimization
and standardization of business processes.
The bottleneck or gap analysis serves to assess and optimally fill IT personnel in the IT
organization and is based on three phases, which are carried out in the following. They
are provided with a fictitious example to make the phases more transparent.
As can be seen in Fig. 11, only a few positions in the Production World Corporation
are rated here as an example. As can be seen in the Kienbaum study, the positions that
are important for the future orientation of IT are also highly rated in our example: This
includes, for example, the demand manager or the CIO; However, the expert storage for
the data center has been rated as “less important” because the data center has been out-
sourced to a provider at the Production World Corporation and these activities will no
longer be needed in the future because the provider takes over. This also shows that in
Site Rating
MA4
high
MA2
Employee performance
MA6 MA1
MA5
MA3
low
low high
Potential of the employee
this first phase it is not about the person behind the position that is being rated, but only
about the position.
For example, Fig. 12 shows how MA1 and MA2 are classified as performers, while MA5
is on the verge of a good or bad rating because his performance seems to be very vola-
tile. In such cases, it is often helpful not to make such a portfolio analysis alone, but to
involve other managers.
224 Step 5: IT organization and IT governance
Employees Rating
In the next step, the employees still anonymously classified in the portfolio analysis
are clearly displayed in a table with full name and their ranking or rating (see Fig. 13).
Note: The full name can already be used in the portfolio analysis. In this example this
was not done in order to have an evaluation which serves data protection and can also be
used for a first discussion with other executives or the works council. With regard to the
assignment, the full name is added in brackets to the previous MA designation.
Fit-
Rating
Site Employees Rating place /Gap Measure
employees
Analyse
Head of
Franz ② - Good
Project ② - important None
Mustermann employee
Management
MA
transferred
Juliane ① - very ③ - Weak to less
Supply Manager
Sample important employee important
Woman job/ resign
MA
Expert Sys12
Marianne ③ - less ① - Top hock
(legacy system
Senior Expert important Performer on better
to be replaced)
terms
• Fit/Gap Analysis (here the evaluation takes place to what extent the rating of the posi-
tion fits the rating of the employee; There are three possibilities:
– Arrow up: Rating position fits exactly to rating employee
– Arrow to the right: either rating position or rating employee does not fit;
– Arrow down: Rating position and rating employee do not fit)
• Measure (this column serves the direct derivation of measures from the fit/gap analy-
sis. Possible measures can be:
– MA promote (if rating position is lower than rating employee)
– MA move to less important position, possibly terminate (if rating employee is very
bad)
– MA move from better position (if rating employee is good, but rating of position
does not fit his skills)
– No measure necessary (if rating position and rating employee fit)
226 Step 5: IT organization and IT governance
Preparations for Step 5
It should be checked in the following whether your IT organization should remain set up
in this way or, for example, be transferred to the presented demand/supply construct. In
addition, the question of the role of IT in the company and the role of the CIO is in the
focus: Where should it go and which governance instruments and structures do you need
for this?
In the first step, in Worksheet 1, it is considered which organizational form is best for
your company and which departments, groups or teams you definitely need to implement
the application strategy and sourcing strategy from steps 3 and 4.
Does one of the four organizational forms presented fit your company (see Fig. 6.1)?
Does the demand/supply concept make more sense for you or do you want to build IT
according to PLAN/BUILD/RUN?
Please create a sketch of the demand/supply structure for your IT organization and check
whether it makes sense to fit it into the company.
How would you classify the current role of IT in the company based on the role model
shown by Kienbaum below?
Where would you see the role of IT in 5 years?
What will it take for you to actually achieve the innovator role model shown below
in 5 years?
Role of IT
Business innovator
49% Drivers of technology-based business innovations
Technology innovator
49%
Business focus
Business partner
74% Transformer of business requirements into IT solutions
Service provider
88% Responsibility for the smooth delivery of IT
IT focus
229
This is about the clarification of the CIO's role, which directly follows the role of IT in the
company that has just been worked out. The basis for this is the three roles of the CIO
described in the book, which are shown below as a table ("Run, Change or Engineer
the Business").
What will it take for you to actually achieve this CIO role model in 5 years?
For example, regular participation in board meetings, involvement in strategic issues, etc.
Committees in IT
Please list all jobs in your IT organisation and rate them in the column
"Ranking" according to the following legend: 1: very important | 2: important | 3: less important
Site Rating
Please do not rate the jobs now, but all persons or employees of your IT organization
(regardless of their job) in the portfolio below.
low
The following is an overview for deriving the rating just made in the portfolio. For this
purpose, all employees are now subjected to a rating according to the following legend: 1:
Top performer | 2: Good employee/potential performer | 3: Weak employee (for this, see the number
in the portfolio)
Employees Rating
Example: Hans Mustermann (MA2) Good employee (note: portfolio top left)
234 Step 5: IT organization and IT governance
The complete overview with derivations: Now all jobs are shown with the employees currently on them.
The rating of the job as well as the rating of the employee is taken over from the previous worksheets
and then an evaluation is made in the column "Fit/Gap Analysis": Arrow up: rating job exactly fits rating
employee | Arrow to the right: either rating job or rating employee does not fit | Arrow down: Rating job and rating
employee do not fit.
Afterwards, measures are derived according to the following scheme: Promote employee (if rating of job is
lower than rating of employee) | Transfer employee to less important job / possibly terminate (if rating of employee is
very bad) | Transfer employee to better job (if rating of employee is good, but the rating of the job does not match his
skills) | No measure necessary (if rating of job and rating of employee match)
Fit/Gap
Site Employees Rating place Rating employees Measure
Analysis
Hans - Good MA
Ex: CIO - very important
Mustermann employee develop
Conclusion Step 5
The structure and design of the IT organization can be referred to as the personnel core
of IT. It is immensely important how IT is internally and externally facing customers,
i.e. departments and third parties, in particular suppliers or providers. With the Demand/
Supply concept, a modern organizational model has been detailed which can help to
establish business-IT alignment professionally and sustainably. This step 5 could have
gone “deeper” into the topic of IT processes in terms of ITIL, COBIT, project manage-
ment processes, etc. However, this would have exceeded the scope and there is already
enough good literature on these topics so that the reader can be encouraged to continue
235
reading if they feel that something is missing here. For the actual development of the
IT strategy, this approach is sufficient, but during the implementation of the IT strategy,
many questions will arise as to how to solve this or that issue. This can’t all fit into one
book and therefore references to further reading are given here.
It is important for the IT strategy to clarify the question of the role of IT and the CIO
in the company, because these questions are key factors for the successful management
of IT. If the role of IT or the CIO is not clear or everyone in the company understands it
differently, then it will not only be difficult, but almost impossible for the IT responsible
to successfully lead IT and all associated projects.
Your comments and questions on step 5:
Step 6: Implementation—The IT
Roadmap, Determination of the IT
Budget and the IT Project Portfolio
Abstract
In this sixth step, the implementation of the IT strategy begins. After the application
strategy has been defined and it has been decided which IT services will be provided
internally or externally by providers, the IT organization has been reviewed, put on
new legs and the corresponding governance structures have been set up. Now the
implementation of the IT strategy takes place in three stages:
1. Creating a roadmap that, based on the time horizon of approx. 2–3 years, shows
which projects in IT have to be carried out in the long term in order to implement
the IT strategy.
2. Determining the necessary budget and approval.
3. In addition, the creation or adaptation of an IT project portfolio is necessary in
order to be able to check at any time during the implementation whether all pro-
jects are economically sensible and meet the goals of the IT strategy.
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden GmbH, 237
part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3_10
238 Step 6: Implementation—The IT Roadmap, Determination …
Introduce IT controlling
For the sake of clarity and simplicity, we choose here the timeline, as exemplarily shown
in Fig. 1.
The creation of the IT roadmap combines two advantages:
• On the one hand, based on the results of the previous 5 steps, the collected knowledge
is reflected and mapped out clearly in the form of measure packages on a timeline.
• On the other hand, after completion, the IT roadmap provides a very good control
instance, because one can always look at it and check what is due when and whether
it is already done or not.
In the creation of the IT roadmap, two sections are now carried out, which are presented
in detail below.
roadmap creation, that is, it is being determined in which areas improvements will take
place within the implementation of the IT strategy.
Again using the example of Produktio weltweit GmbH, the following fields require
an increase in the current state (see Table 1). These fields are mainly required in the area
of IT processes (project management, demand and service management), IT governance
(governance structures, sourcing strategy, roles and responsibilities) and finance with
regard to compliance and better IT controlling structures.
Figure 2 shows this target state by way of example (the target state is shown in dark
and the current actual state of the maturity of IT in light):
The reason why a 3 is considered sufficient as a maturity level in some fields while
others are supposed to have a 4 is due to the assessment of importance in the company.
In the case of the example company, it is precisely in the area of IT organization and
Table 1 TARGET-maturity of IT fields
Subject of investigation Points current state analysis Points target state analysis
IT processes
Project management 2 4
Demand Management 1 4
Supply Management 3 3
Service Management 2 3
Quality Management 4 4
IT Governance, IT Organization and
Employees
IT Governance Structures 2 3
Sourcing Strategy 1 4
Roles and Responsibilities 2 4
Business-IT Alignment 3 3
Employee Development 3 3
Technology
Architecture Management 4 4
IT security and business continuity 3 3
management
IT infrastructure and operations 3 3
Master data management 3 3
Software development 4 4
Finance
Optimal cost structures 3 3
IT controlling 2 3
Compliance 2 3
240 Step 6: Implementation—The IT Roadmap, Determination …
Project Management
Compliance Demand Management
Master Data
IT Governance Structures
Management
processes that there is still a lot to do. Since many applications are outdated and need
to be modernized or newly introduced, and there are many problems with the providers
in outsourcing, a very good maturity level must be achieved in these areas in particular.
Therefore, the topics of project management, demand management, sourcing strategy, as
well as roles and responsibilities are the fields in which the most work needs to be done
(partly from maturity level 1 to 4).
What are the right measures to achieve the maturity in the target? This is of course
an individual measure that depends on the company, the organization and the starting
situation. Therefore, only the example company is considered here. For Produktio welt-
weit GmbH, the measures, as shown in Table 2, are derived from the mentioned prob-
lem areas. It is important to realize here that there are often measures that came to light
in steps 3–5 anyway. Now, when creating the IT roadmap, it is important to make sure
that measures do not occur twice or multiple times, but are immediately subsumed in a
measure.
But take a closer look at the challenges identified in step 2 in Table 3 and think about
which measures can be derived from the identified challenges.
The following measures from step 2 have to be taken over into the roadmap:
Table 3 Step 2 measures
Challenges that were Measures that were derived from them
addressed in Step 2
Overseas locations: better The “better integration of overseas locations” sounds at first like an
integration, harmonization organizational issue that will be resolved by the introduction of the
of processes and systems, demand/supply structure in step 5; specifically, it is about ensur-
better service ing that overseas locations have a demand manager who explicitly
takes over the requirements of the overseas location and ensures
that, on the one hand, what the overseas location needs in terms of
IT services is understood, brought in to the demand/CIO office and
thus also flows into the standards in the supply with the aim that the
overseas location receives standard IT services that are adapted to
their specific requirements
The “harmonization of processes and systems” in overseas loca-
tions follows this theme of standards that need to be created by the
demand manager taking into account the specific requirements of
the overseas location
The topic of “better service in overseas locations” goes in the same
direction; behind it is the implicit accusation that currently only
standards are delivered without taking into account the specific
needs and requirements of overseas locations. That is why there is
currently a large proportion of “shadow IT” in overseas locations
because their requirements have not been “picked up”
This point can therefore be solved by the introduction of a demand
manager per overseas location
More and better qualified This is about the better qualification of IT staff with regard to IT
staff inhouse needed, pos- support for the very modern products of Produktio weltweit GmbH;
sibly also in-sourcing of this is about the development of apps or the in-house development
certain IT services of portal technologies that require new programming languages that
are not currently covered by the current staff
The topics of “innovation strategy” and “personnel strategy” play a
big role here. This means that, as part of the needs or gap analysis
(see Sect. 6.3.2), the positions that need to be filled must be defined
in order to fill them through external procurement or the recruit-
ment of qualified staff
More individual IT solu- This must be clarified in detail in Step 3 of the application portfolio
tions needed for innovative
products
Standardization/automation These are all hints at necessary software introductions, which must
in finance, personnel, con- be described in detail in Sect. 4.3. Therefore, only the hint here
trolling (SEPA, electronic that in the following package of measures 3 it is ensured that these
archiving, management standardization and automation projects are not forgotten
cockpit)
(continued)
244 Step 6: Implementation—The IT Roadmap, Determination …
Table 3 (continued)
Challenges that were Measures that were derived from them
addressed in Step 2
Check and make IT costs There is great pressure from the new boss who wants to reduce IT
transparent to prevent costs; it is therefore necessary that IT costs are made transparent in
savings a first step in order to understand at all for what the money is spent
and to identify possible cost drivers. The introduction of a cost and
performance accounting for IT as well as IT controlling would be
helpful. In addition, within the framework of the introduction of
demand/suppy in the demand branch, IT controlling is established
with business cases and economic calculations per project. This
should definitely be included in the roadmap as a measure
• One solution could look like this: a new tender is issued which focuses on the weak-
nesses and risks identified in the SWOT analysis. In this context, the current provider
could be given a new chance on the basis of different conditions. But it could also be
that a new provider actually comes into play who does not bring any of the above-
mentioned weaknesses and risks.
– new tender with focus on the problems identified in the SWOT analysis
• For each foreign location there is a demand manager (step 2 as well as step 4), who
explicitly deals with the concerns and requirements of the foreign locations and
brings them into the headquarters. In this way he ensures that the foreign locations are
supplied with standard IT, which is adapted to specific needs in individual cases.
• The responsibility for process management needs to be clarified (whether this is to be
integrated into the demand IT or into the department).
• A detailed needs analysis, as shown in step 5, is necessary for the production of world
GmbH in order to be able to exactly determine how the IT positions are to be repre-
sented in the demand and supply branches, where there is still a need which has to be
covered by new hires or consultants/providers and where positions and people have to
be exchanged or replaced (from step 1 and step 2).
• Roles and responsibilities need to be clarified, defined and delimited from each other
within the framework of the demand/supply introduction.
Creating an IT Roadmap 245
Now all of the measures just mentioned need to be clustered, summarized, duplicates
recognized and removed, and then brought into a roadmap. It is important that after-
wards, a responsible party is named for each measure and a specific completion date is
set for the measure.
The measures are graphically represented in Fig. 3 and also show the timeline in this
context. For better clarity, the measures have been combined into packages or clusters
and color-coded; so all applicative measures are light gray and all organizational meas-
ures are dark gray. This also makes the dependencies within the applicative or organi-
zational measures, as well as between them, more clear. For example, it is very clear
that the measures regarding SAP, which also require organizational measures such as
the SAP support tender, are placed in front. The introduction of the document manage-
ment system also has a dependency on IT compliance issues, regarding the storage of
Introduce IT controlling
Personnel strategy:
Detailed needs and Redefine roles & responsibilities
gap analysis
Introduction Demand/Supply
documents (not just pure IT compliance here, but compliance in general within the com-
pany, which are closely related). Within the organizational measures regarding the intro-
duction of Demand/Supply, it is also clear that there are some temporal dependencies.
For example, the personnel strategy must be carried out first, before roles and respon-
sibilities can be considered. The personnel development also only makes sense once
the strategy and roles and responsibilities are clearly defined. The introduction of the
Demand/Supply structure is a parallel process, which is fertilized by all of the measures
mentioned.
For the sake of clarity, the measures are summarized once more here, without taking
the temporal component into account:
The most important core element for implementing the IT strategy lies in determining and,
above all, authorizing the necessary investments through management.
Determining the Necessary IT Budget 247
In order to get the investments necessary for implementing the IT strategy approved, the
following lists are required:
1. IT investment overview (determining the costs for the necessary IT projects from the
IT roadmap)
2. IT cost development for the next five years (possibly based on scenarios)
3. Savings potentials through the projects from the IT strategy
IT Investment Overview
For each measure just now determined from the IT roadmap, a cost calculation must now
be carried out with a subsequent cost estimate per measure or IT project, as shown in
Table 4 for the example company Produktio weltweit GmbH. Please note that all costs
mentioned here are fictitious numbers that do not have to correspond to reality.
This results in a total of approximately 3.18 million € for the implementation of
the IT strategy of Produktio weltweit GmbH (as I said: these are fictitious, exemplary
figures). Not all projects take place in one year, but extend over several years, as the
roadmap just created shows. This budget now has to be released by the company man-
agement and of course this raises many questions.
The decisive question is why the measure or project should be carried out, that is to say:
The only project mentioned above that initially saves money is the outsourcing of SAP
support. In the first year, savings of around €300,000 and €400,000 from the second year
onwards can be achieved compared to the current situation. Now the exciting question
is where further savings can be found in terms of the IT strategy with regard to greater
standardization, more efficient processes and better cooperation with the department, due
to the IT strategy.
Table 5 shows the considerations regarding potential savings per project/measure and
attempts to quantify these savings potentials if possible. However, it should be noted that
some projects do not generate direct savings, but create efficiencies or synergies that are
difficult to quantify. In such cases, the top management must decide to what extent such
efficiencies or synergies are worth their investment, i.e. the budget required for this. It is
248 Step 6: Implementation—The IT Roadmap, Determination …
(continued)
Determining the Necessary IT Budget 249
Table 4 (continued)
Measures from the roadmap Cost calculation Cost estimate
Introduce IT controlling, Hiring of 2 new employees (Head of 50 T€ + 64 T€ =
including cost and performance IT controlling with experience and an 114 T€
accounting for IT and create employee for cost and performance
transparency for IT costs accounting) Recruiting and hiring of 2
new employees approx. 50,000 €
Creating the structures for IT controlling
and creating transparency in IT costs (2
consultants with a total of 80 days x 900 €
= 64,000 €)
Achieve IT compliance with the 2 consultants with a total of 60 days x 72 T€
help of external experts 1200 € = 72,000 €
Personnel developments • 5 IT project managers + 5 demand 120T € + 216T
• Training for IT project managers for project manager training € + 142.5T € =
managers (approx. 12,000 € per participant) = 478.5T €
• Define, introduce and com- 120,000 €
municate project management To define, standardize and introduce pro-
standards ject management standards, 2 consultants
• Introduce ITIL best practice with a total of 180 days will be purchased
standards at € 1200 = € 216,000
Introduction of ITIL best practice stand-
ards: This will be started together with
the new provider of the data center, which
charges € 950 for 150 days = € 142,500
New tender for the data center For the 5 phases of the tender (see 120T € + 300T €
with a focus on the problems Sect. 5.5), 2 consultants with a total of = 420T €
identified in the SWOT analysis 100 days will be engaged at € 1200 =
120T €
The transformation and transition costs
are calculated at around 300T €
Outsource the know-how for Currently, on average, 3 consultants of Potential savings
the value-adding processes to the SAP provider work 12 person days see left column
the internal IT organization per month at 1,100 € = 3 x 12 x 1100
within the framework of SAP = 39,600 € per month. This means that
outsourcing. this amount of just under 40 T€ could be
saved, but the know-how must first be
built up internally. Training is necessary
for this, which will cost 3000 € × 5 =
15,000 € for 5 employees.
Savings in the first year = 20 T€ × 6 +
30 T€ × 6q = 300 T€ minus training =
285 T€
In the second year = 40 T€ × 12 = 480
T€
(continued)
250 Step 6: Implementation—The IT Roadmap, Determination …
Table 4 (continued)
Measures from the roadmap Cost calculation Cost estimate
SAP Extensions Part 1: The project duration is 8 months (includ- 480,000 €
Introduction of FI/CO ing training and induction of internal MA)
3 consultants are needed at 1000 € per
day; 8 x 20 x 3 x 1000 = 480,000 €
SAP Extensions Part 2: The project duration is 9 months for 2 432,000 €
Introduction of SAP in foreign foreign locations (including training and
locations induction of the affected MA)
2 consultants are needed (the rest is done
internally) at €1200 per day 9 × 20 × 2 ×
1200 = €432,000
SAP Extensions Part 3: SEPA introduction is done internally and €32,000
Introduction to SEPA accompanied by a consultant on a part-
time basis: Project duration: 4 months; 10
days per month on the basis of €800 per
day (training and induction included)
4 × 10 × 1 × 800 = €32,000
Introduction of a document First, a tender must be carried out here Not currently
management system (DMS) to select the right software and the possible
including archiving processes affected by the automation by
the DMS must be defined (in-house and
possibly with the support of consultants).
Therefore, no specific budget planning is
currently possible
Tender for new MES Currently, only the tender costs can be €36,000
(Manufacturing Execution calculated here; the main tasks are car-
System) and introduction to ried out internally with the support of
solve the problems with innova- an expert who supports for 3 months at
tion speed and support for new approx. 10 man-days per month for €1200
production products identified per day: 3 × 10 × 1 × 1200 = €36,000
in step 2
Establish SAP/MES interface Project costs and duration not estimable as
MES must first be tendered and selected
(see above)
Roll-Out SAP and MES at all Project costs and duration not estimable,
overseas locations as MES must first be put out to tender and
selected (see above).
Costs for creation of IT strat- Project duration: 4 months 108,000 €
egy (external moderator and
15 days per month at 1800 € per day
consultant)
4 × 15 × 1 × 1800 = 108,000 €
Table 5 Potential savings per project/measure
Project/measure Costs (in €) Potential for savings or benefits/synergies/efficiency Savings quantified Generates enough added
effects value and meets the com-
pany’s return on investment
target
Introduction to the 835 • Business-IT alignment: IT services can be derived clearly Difficult to achieve at YES
demand/supply and understandably from the business requirements. A the current time
structure business case can be calculated for IT services
• Separation of IT demand and IT supply: By separating
demand and supply, the conflict of interest between the
best possible individual IT solution and cost-reducing
standardization can be solved
Determining the Necessary IT Budget
(continued)
Table 5 (continued)
252
Project/measure Costs (in €) Potential for savings or benefits/synergies/efficiency Savings quantified Generates enough added
effects value and meets the com-
pany’s return on investment
target
Introduce IT con- 114 • Create transparency with regard to IT costs and in par- Cost reductions dif- YES
trolling, including ticular project and service management costs ficult to predict today
cost and perfor- • This makes potentials visible that cannot be recognized
mance accounting today
for IT and create • This makes cost reductions possible or synergies are
transparency for IT recognized
costs
Establish IT 72 • Ensure that possible follow-up costs can be excluded Ensure that follow-up YES
compliance with • How much is information security, data protection and costs can be excluded
the help of external constant availability of data worth to a company?
experts
Personnel 478.5 • Efficiency improvements in internal IT and in coopera- Efficiency topic YES
development tion with the departments
• Training for IT • Faster time-to-market for many IT services possible
project managers • IT services can be provided in-house and do not have to
• Define, introduce be purchased from external consultants
and communicate
project manage-
ment standards
• Introduce ITIL
best practice
standards
(continued)
Step 6: Implementation—The IT Roadmap, Determination …
Table 5 (continued)
Project/measure Costs (in €) Potential for savings or benefits/synergies/efficiency Savings quantified Generates enough added
effects value and meets the com-
pany’s return on investment
target
New tender for the 420 • Actual savings potential given by new tender; the amount 250 T€ YES
data center with is difficult to calculate and depends on the redefinition of
a focus on the the service level and the catalogue of services; with the
problems identi- same catalogue of services and the same service levels,
fied in the SWOT but better performance of the provider, costs for change
analysis requests can be saved; assumption here: 20% savings =
Determining the Necessary IT Budget
As part of the Savings Calculation see Table 11: Savings in the first year = 20 T€ 285 T€ in the first year YES
SAP outsourcing, potential x 6 + 30 T€ x 6 = 300 T€ minus training = 285 T€
the know-how for see left
the value-adding column In the second year = 40 T€ x 12 = 480 T€ 480 T€ from the sec-
processes is to be ond year
outsourced again,
that is, returned
to the internal
IT organization.
Furthermore, a
demand manager
is to be established
for each foreign
location
SAP extensions 480 • The current bookkeeping is outsourced to an accountant; 250 T€ per year YES
part 1: Introduction the costs amount to approx. 250,000 € per year. These
of FI/CO costs can be saved
(continued)
253
Table 5 (continued)
254
Project/measure Costs (in €) Potential for savings or benefits/synergies/efficiency Savings quantified Generates enough added
effects value and meets the com-
pany’s return on investment
target
SAP Extensions 433 • Accounting is done by local employees using Excel 240 T€ savings per YES
Part 2: • Production and logistics processes are not yet year
Introduction of IT-controlled to a large extent; here, personnel savings
SAP in Overseas are possible (approx. 5 FTE at 2 overseas locations =
Locations 10 FTE); i.e. 10 FTE x 2000 € per month = approx.
€240,000 savings per year
SAP Extensions 32 • The Europe-wide standardized bank code and account Efficiency topic YES
Part 3: Introduction number (SEPA) are a legal requirement and must be
of SEPA introduced
Introduction of a Not pos- • Many advantages can be created by a DMS, which are Efficiency topic YES
document man- sible at the listed below:
agement system moment • Faster access to information
(DMS) including • Acceleration of business processes
archiving • More transparency in all file operations
• Improved quality of process handling
• No distribution copies necessary anymore
• Improved document security, less document loss
• Cost reduction with increasing business volume
(scalability)
• Less space required
• Compliance with statutory regulations and agreed com-
pliance requirements
(continued)
Step 6: Implementation—The IT Roadmap, Determination …
Table 5 (continued)
Project/measure Costs (in €) Potential for savings or benefits/synergies/efficiency Savings quantified Generates enough added
effects value and meets the com-
pany’s return on investment
target
Tendering 36 • The new MES will mainly increase the innovation speed Efficiency topic YES
new MES (increase in productivity) in production and can better
(Manufacturing support the new products of the production worldwide.
Execution System) Other advantages are:
and introduction • Shortening of cycle times,
(step 2) • Better traceability of products and components,
• Achieving a higher degree of punctuality,
Determining the Necessary IT Budget
(continued)
255
256 Step 6: Implementation—The IT Roadmap, Determination …
important that column 3 shows the actual benefits, synergies or efficiency gains that will
be achieved through this measure. Because this is the decision-making basis for the top
management to release the measure or project.
The decisive question for top management is ultimately: “Which are the right invest-
ments in IT in order to achieve a higher return on investment for the company as a whole
and which investments in IT are rather to be neglected?” For this purpose, column 5 has
been deliberately inserted in order to get a clear “YES” or “NO” for each measure (title
of the column: “[The measure] generates sufficient added value and corresponds to the
return on investment goal of the company”).
The column for the savings potentials in Table 5 shows very clearly that it is very dif-
ficult to deal with quantified numbers. There are two ways to deal with this problem:
• Either one completely omits savings calculations and decides on the basis of the
potentials per measure or
• Target savings values are set before the project starts. Then the target can be taken up
in the form of target values per project and there is a clear target line for the imple-
mentation of the IT strategy.
In general, projects can now be set up according to the top management decision in the
last column of Table 5. How to proceed with these projects during their implementation
and execution can best be decided on the basis of the IT project portfolio presented in the
following.
The IT project portfolio includes all current and planned IT projects of a company or
division or business unit. It serves the purpose of analysis, control and management on
the basis of monetary and/or strategic considerations.
Project portfolios have developed into one of the most important control instruments
of IT management, as the following figures very clearly demonstrate (according to [36]):
• 15–20% of the IT projects in the portfolio can be abandoned because they do not con-
tribute measurably to corporate success.
• Another 25% of IT projects do not have to be carried out in full, but also fulfill their
tasks in reduced form.
• Approximately 30% of IT projects do not support the departments and are pure IT
projects whose efficiency for the company is often only insufficiently quantifiable.
• Between 40–50% of all e-business initiatives do not support business goals and do not
lead to measurable added value.
The IT Project Portfolio 257
Definitions and Delimitations
Before starting with the creation or adaptation of the project portfolio, a delimitation
should be made to related topics that are often subject to confusion. These are the project
and program management topics described below:
• Project management is the smallest unit and describes the leadership and management
of a project. The project manager is responsible.
• For larger projects, sub-projects occasionally arise, which deal with specific topics or
content. These are led by sub-project managers who report to the project manager.
• Program management is defined as the management of more than one project; in this
case, projects are bundled into a program as the highest unit from a thematic or con-
tent perspective and managed authoritatively by a program manager.
• Project portfolio management is defined as a management instrument that considers
all projects and programs at the same time from the perspective of strategic prioriti-
zation. It is a permanent task in contrast to the project or program, which is always
limited in time. Project portfolio management provides a project-wide overview for
the analysis, control and management of all projects and programs. Here you are in
the bird’s-eye view and can quickly and easily evaluate, prioritize and make decisions
on all projects and programs from a strategic perspective. This also makes synergies
between the projects quickly recognizable. The question is: “Which are the <right>
projects for our company at this time?” In the context of project portfolio manage-
ment, strategic and financial evaluation aspects such as ROI or alignment with the UN
strategy are the key reference points. Therefore, project portfolio management is an
ideal tool for CIOs and IT leaders to strategically lead the IT organization.
Figure 4 shows the described boundary between program and project portfolio manage-
ment schematically and clearly:
Another boundary to the multiproject management appears to be necessary. Because
this has great similarities to the project portfolio management and is often confused.
The difference lies in the perspective: The project portfolio management has a view of
the projects from the bird’s eye view and checks synergies and the strategically correct
orientation of the projects, whereas the multiproject management is characterized by a
strong operational character, that is, it acts more on the content level of the individual
projects. Multiproject management describes more the operational action of the leader-
ship and management of a large number of projects, whereas the project portfolio man-
agement has more of a strategic character in the sense of the examination, assessment
and monitoring of projects.
258 Step 6: Implementation—The IT Roadmap, Determination …
Project portfolio
Project Project
Program
Project Project
Partial Partial
project project
Project
Project Project
Fig. 4 Boundary project—program—portfolio
It thus shows the overriding objective of project portfolio management: The optimization
of the objectives of the individual projects from a holistic perspective in order to achieve
the greatest possible qualitative and quantitative synergy effects.
With the help of a professional project portfolio management, it is possible to very
quickly identify where IT budget has been used optimally for the purpose of the com-
pany and where not. This results in action and decision-making processes that are often
not transparent. In addition, it is quickly apparent when IT projects are no longer stra-
tegically meaningful. In such cases, an IT responsible person should not continue to
“throw good money after bad”, but rather end the respective IT project immediately and
simply have the resulting “ruin” demolished.
In this context, three essential tasks of project portfolio management are distinguished
(based on [18]):
Evaluation phase
Progress control
The goal of the IT organization through portfolio management is to create capacity for
innovation topics that allow IT to be creative and thus increase the value of the company.
This can only happen if, through analysis and proper prioritization based on a project
portfolio, the large maintenance and operational projects are thoroughly examined and
260 Step 6: Implementation—The IT Roadmap, Determination …
put to the test. Are there other maintenance options? Where can money be saved? Which
projects create no value or benefit in relation to the costs?
The range of tasks for portfolio management is very large. So in many IT organizations,
portfolio work already begins with collecting and introducing project ideas, goes through
the portfolio creation and monitoring process, and ends with the post-calculation of com-
pleted projects. This variety of tasks would map the portfolio process holistically. Often,
many of the tasks mentioned are not counted as part of the portfolio process and are
more part of project management. Here, however, we will turn to the holistic portfolio
process, as shown in Fig. 5.
The holistic portfolio process consists of four main processes, each with four sub-
processes. Before a detailed description of the portfolio process, it makes sense to think
about the life cycle of projects as a kind of excursion.
1 2 3 Project Evaluation: 4
Prioritization of
Collect project ideas Differentiation of the • Effort, costs/benefits
Projects
submit project Projects: Target / Must / • Profitability
• Define criteria
Can projects • Suitable for the IT
• Perform prioritization
Strategist?
1 2 3 4
Plan and coordinate Assessment of projects Communication of the
Creation of the portfolio
resources Making decisions Portfolio decisions
1 2 3 4
Checking of budget, Decisions and
resources and time Making portfolio
Monitor projects Communicate and
create report decisions
coordinate measures
1 2 3 4
Project to department "Lessonslearned"
Official project Measuring deviations
handed over: Communication of the
completion and successes
Acceptance & Release project acceptance
Recording and
Project Acceptance and Completed
evaluation Approved project
applied for completion project
(portfolio
of the project
creation)
Ongoing
project
Project
not started
Cancelled
project
Interrupted
project
Deferred
project
• Project name
• Project number (if available)
• Department or department responsible for the project
• Cost center (internal assumption of project costs)
• Project goal
• Project focus: In-Scope and Out-of-Scope
• Possible project start
• Approximate project duration
• Project risks
All projects that are officially applied for must then be evaluated and prioritized by a
committee responsible for the portfolio process and thus filtered in some form according
to certain criteria.
It is important to differentiate between the evaluation of projects and the prioritization
of projects. The evaluation of projects serves the purpose of whether a project is carried
out or not. The prioritization of a project serves to develop an execution sequence and
thus only applies to the projects that did not fall through the filter in the evaluation as a
must-project.
The criteria for evaluating projects are individually defined and relate to monetary
factors, risk factors, economic or cost-benefit factors. The criteria for prioritization are
often more difficult to capture and in many companies this evaluation is subject to the
subjective decisions of the committee leaders. In the next phase 2, the project portfolio is
created or brought up to date for the first time and three possible perspectives for assess-
ing the prioritization of projects are presented.
As an example for the Produktio weltweit GmbH, some IT projects from the just-
created roadmap are checked here and included in a project portfolio (see the following
chapter for Fig. 7 ff.). The following projects of the Produktio weltweit GmbH are exam-
ined in more detail:
P2
DMS
high
P 1.1
SAP
Abroad
P 1.2
SAP
FI/CO
low
P 1.3
SEPA
low high
Contribution to supporting the corporate strategy (value enhancement)
• SAP/MES interface
• Introduction of a document management system (DMS)
• Introduction of IT compliance
• The economic viability of the project in the form of an ROI (Return on Investment)
• The risk of the project (usually a more subjective than a mathematically derivable
size)
In order to prioritize the projects according to the three criteria just described, there are
different views of the portfolio:
The axis values used for the IT portfolio are located on the ordinate of the “Return
on Investment (ROI)” as a quantitative value of the respective project or qualitatively
264 Step 6: Implementation—The IT Roadmap, Determination …
expressed if the ROI is difficult to determine: The benefit of the project for the company.
On the abscissa, the used values can vary to obtain different statements about the pro-
jects. Possible statements could be:
• P1: P1 is the project “SAP Extensions Part 1: FI/CO, Overseas Locations, SEPA”,
which was divided into three sub-projects (P1.1–P1.3) in order to be able to assess
their contribution to strategy or their risk.
– P1.1: The SAP introduction for the overseas locations is depicted in the sub-project
P1.1
– P1.2: The sub-project P1.2 includes the SAP introduction FI/CO
– P1.3: Sub-project P1.3 stands for the introduction of SEPA
• P2: A project for the introduction of a document management system (DMS)
It is in Fig. 7 It is clearly visible that all 4 projects in the portfolio have occupied a differ-
ent place. Thus, the sub-project P1.1 for the introduction of SAP at the foreign locations
is classified as a “cost-reducing and value-increasing project” in the upper right quad-
rant. In contrast to P2 (DMS introduction), which is also represented in this quadrant,
the benefit for the company or the RoI is not as high as with the DMS introduction. This
classification can be based on clear calculations, but when introducing portfolio manage-
ment, this can also be based on subjective opinions of the committees, which of course
must be argumentatively recorded. In this case, it is so that the portfolio committee has
decided that the DMS introduction has a greater benefit than the SAP introduction at the
foreign locations. This is because all documents are currently stored manually in folders
and the bookings are available in SAP, but still have to be physically stored. This can be
automated and thus workstations can be saved and a much more efficient structure for
finding and finding documents can be made possible. The sub-project P1.3 (introduction
of SAP FI/CO) goes hand in hand with the two sub-projects P1.1 and P1.2 and is also
still sorted in the upper right quadrant. However, the value increase and the cost sav-
ings are not quite as high as with thezusammenhängenden Teilprojekten, da die aktuel-
len Aufwände nicht direkt durch die Einführung von SAP FI/CO verringert werden
und damit kein direkter RoI sofort erkennbar sein wird. Allerdings muss aufgrund
The IT Project Portfolio 265
der Abhängigkeit der drei Teilprojekte gesagt werden, dass sie sich gegenseitig unter-
stützen und daher nicht weit auseinander im Portfolio klassifiziert werden. Das Projekt
P2 (Einführung SEPA) ist im unteren, rechten Quadranten einsortiert worden, da es dem
Unternehmen strategisch keinen Vorteil bietet, da die bisherige Abrechnung genauso gut
funktioniert hat und auf der Kosten- oder Return-Seite ebenfalls keinen Nutzen bringt,
sondern nur Geld kostet. Es ist als gesetzliche Anforderung zwar durchzuführen, bringt
aber im Grunde nur Mehraufwand, der keinen strategischen Nutzen liefert. Projekte,
die in diesem Quadranten landen, sollten nach nochmaliger Prüfung möglichst schnell
beendet werden, da sie keinen Nutzen liefern und nur Kosten verursachen. In solchen
Fällen ist ein Portfolio sehr hilfreich, da es sehr schnell visuell aufzeigt, welche Projekte
wirklichen Nutzen liefern und welche Projekte schnell beendet werden können, da sie
nur Kosten produzieren, aber keinen Nutzen liefern.
P2
DMS
high
P 1.2
SAP
Abroad
P 1.2
SAP
FI/CO
low
P 1.3
SEPA
It becomes visually very clear in this portfolio that all projects indeed involve a risk
that is greater than 30%. Therefore, a detailed risk and quality management must be
introduced for all projects in order to keep the risks under control. However, only one
project with a risk of failure of more than 50% is to be found in the portfolio: the intro-
duction of SAP in the overseas locations. It is important in the classification and evalu-
ation which type of risk lies at the basis of the project. Here it is not so much the actual
technical implementation of SAP in the overseas locations, but the training and subse-
quent use of SAP. The problem is the low qualification in the overseas locations in the
departments that then have to work with SAP. The best SAP installation is of no use if
the operation and the functions are not used correctly. Therefore, a close and direct coop-
eration is recommended here with the relevant departments at headquarters and in the
overseas locations, so that the project can be successful.
• Checking the projects against the usual project triangle factors of time, cost and
quality
• Checking and classifying the projects according to the three portfolio levels presented
in phase 2
– Contribution to supporting the corporate strategy
– Realization risk
– Probability of realization
• Making decisions about reclassifying or continuing or stopping projects in the project
portfolio (see the decision matrix in Fig. 9 based on Gadatsch [18]).
After the decisions have been made, they must be communicated to all those affected,
including all those involved in the department who were not part of the decision-making
process.
0 - 5 years
review Execute
Set project
risks project
Break-even (in years)
Check the
> 5 years
economic
Set project Set project
viability
of the project
• Measure deviations and successes: After the official completion, outstanding devia-
tions must still be recorded.
• Lessons learned: In addition, a kind of “lessons learned” is always very helpful, in
which helpful findings and measures for further projects can be derived openly by all
project participants.
Organizational Involvement
The responsibility for the project portfolio management process should be directly
assigned to the CIO or IT manager and function as a staff unit. Only by the direct con-
nection to the CIO can the efficiency be ensured and political trench warfare can be pro-
actively excluded.
In addition to the direct CIO responsibility, the close involvement of the depart-
ments is crucial for success. This is done by a committee or committee that must meet
regularly.
268 Step 6: Implementation—The IT Roadmap, Determination …
It is important that the decisions from the portfolio committee are communicated and
transparent. Every employee must know which projects were prioritized for what reason.
This is the daily work and motivation basis in the project business of an IT organization.
Preparations for Step 6
It is important for working on the tasks in Step 6 that you review all previous results
again to derive all measures. In addition, budgeting is very important, which preferably
comes with argumentation chains and, if possible, also with savings potentials. The IT
portfolio should then be developed in a new working group, together with the depart-
ment, and all projects should be jointly evaluated therein.
In the first step, the measures from the respective steps 1–5 are derived to create the
roadmap.
It starts with step 1, for which an actual-desired comparison of the maturity levels
of all processes is carried out (based on the results from step 1). In worksheet 1, you
can now use all objects of investigation from step 1 in which a delta between actual and
desired is gaping.
Working Questions and Implementation Step 6 269
◾ Please enter the ACTUAL maturity level and the TARGET maturity level in the network
diagram below (see step 1). All processes in which a delta of at least 1 or 2
klafft, müssen mit Maßnahmen in der Tabelle im Buch versehen werden.
Project Management
Compliance 5 Demand Management
In order to derive measures for the areas in which there is still a difference between
actual and desired, the following worksheet 2 is used. There you enter the areas with the
too large deltas between actual and desired in columns 1 and 2 again and then you have
to decide which measures are to be derived from them.
270 Step 6: Implementation—The IT Roadmap, Determination …
◾ Please enter in column 1 all areas from step 1 that have a too large delta to the
TARGET, in column 2 the ACTUAL and TARGET maturity level and in column 3
the measures that are necessary to achieve the TARGET.
ACTUAL → TARGET
Object of investigation Maturity Measure(s)
In the next worksheet 3, the measures from step 2 are derived from the challenges for IT:
Working Questions and Implementation Step 6 271
◾ Please enter in the table below in column 1 the challenges that were identified in
step 2 and the measures that are derived from them in column 3
EXAMPLE: Review IT costs and make them Great pressure has arisen from the new supervisor
more transparent to avoid savings who wants to reduce IT costs; it is therefore
necessary that, as a first step, IT costs are made
transparent in order to understand at all what the
money is spent on and to identify possible cost
drivers. It would be helpful to introduce cost and
performance accounting for IT as well as IT
controlling. In addition, as part of the introduction of
Demand/Suppy, IT controlling will be established in
the Demand segment with business cases and
Profitability calculations per project. This should
definitely be included in the roadmap as a measure.
The following measures are generated for the next steps. First for step 3, the application
strategy. Here the application roadmap can be used as a basis (see Worksheet 9.4) and no
worksheet is required for this. For step 4, the sourcing strategy, the measures should be
prepared in the form of a table, as you will find in Worksheet 4:
272 Step 6: Implementation—The IT Roadmap, Determination …
◾ Please enter in the table below in column 1 the challenges identified in step 4
(Sourcing) and the actions derived from them in column 2.
Many of the measures already mentioned are of an organizational nature and therefore
fit into step 5 (IT organization/IT governance). Therefore, all measures that fit into step 5
should be listed here again:
Working Questions and Implementation Step 6 273
◾ Please enter in the table below in column 1 the identified issues and problems from
step 5 (e.g. revise organization or redefine IT role) and then the measures in column 3
(e.g. project "New role of IT").
All measures now determined must be summarized and clustered again according to
organizational and technical measures, which is done in the work package 6.
274 Step 6: Implementation—The IT Roadmap, Determination …
◾ Please enter in the table below in column 1 all organizational measures found
so far (e.g. "Define new role of IT" or "Introduce Demand/Supply") and next to
it the technical measures (all from the application roadmap and other technical
measures)
As a last step, these measures must be brought into a time context, which is done with
the help of the roadmap. For this purpose, the following worksheet 7 is used, in which
all measures are brought into a chronological order. In addition, the measures are sum-
marized here into bundles that are thematically and temporally matching and colored
according to organizational and technical measures.
Working Questions and Implementation Step 6 275
After the IT roadmap has been created and it is therefore clear what should be done ide-
ally, the evaluation of all measures is carried out on a monetary basis. Because only if it
is clear what the measures cost, can management release them and make a budget avail-
able for this. The following table serves to monetarily evaluate all measures.
276 Step 6: Implementation—The IT Roadmap, Determination …
◾ Please transfer all measures from the roadmap into the table below in column
1 and then make a cost calculation per measure in column 2. Column 3 shows the
calculated total amount.
In the following worksheet 9, the savings can be determined or at least the potential for
savings can be argumentatively mentioned and it can be estimated whether the measures
are sufficient for the company’s goals of return and value added.
Working Questions and Implementation Step 6 277
◾ The following table serves to check which savings potential which measure
offers and whether this measure corresponds to the company's return target.
Columns 1 and 2 can be taken from worksheet 9.8. Column 3 describes the savings
potential by way of argument. Column 4 quantifies these (if possible) and
column 5 states whether this measure corresponds to the company's return target.
At least all technical measures are derived from IT projects, but also the organizational
measures should be set up as a project and then checked in a portfolio. The following
two work packages serve this purpose, in which all measures are mapped as projects in
a portfolio and thus a decision can be made which project offers which strategic value as
well as ROI, which projects involve greater risks and which projects should be carried
out in any case at the end, because the strategic value, the ROI is very high and the risk is
very low and which projects should be postponed or canceled better at first.
◾ Please place the identified measures or projects in the portfolio below and
note the conspicuous placements of projects and the resulting consequences.
high
low
low high
Contribution to supporting the corporate strategy (value enhancement)
Conclusion Step 6 279
Worksheet 9.11
◾ Please place the projects you have just placed in the risk-oriented portfolio below
and consider which projects are now so high risk that it may not make sense to
complete them.
high
low
Conclusion Step 6
The creation of the roadmap summarizes all the statements and measures taken in a
clear manner. It thus becomes clear what all is included in the implementation of the IT
strategy and which task packages need to be bundled. The temporal relationships and
dependencies between the measures and projects become transparent and show the com-
plexity which can be somewhat alleviated through the graphical representation in the
roadmap. The important step that follows is budgeting and preparing for the presentation
to top management for the release of the 3–5 year plan. If this is accomplished, a steering
instrument can be used in the form of the project portfolio to monitor the projects under
different strategic aspects and lead them to success.
280 Step 6: Implementation—The IT Roadmap, Determination …
Abstract
In addition to the measures determined from the first five steps and the incorpora-
tion into an IT roadmap as well as the evaluation of IT projects in the portfolio, an IT
strategy cockpit is now designed on the basis of a Balanced Scorecard, with which the
control of the measures from the roadmap always succeeds.
The IT Strategy Cockpit is modeled after the cockpit of an airplane, in which all essen-
tial details for controlling the airplane are visually displayed and adjustable at a glance.
Such a cockpit is not only needed by the pilot, but also by the IT responsible person
for controlling the IT organization. The results of the Capgemini CIO study, which are
shown in Fig. 1, however, show that there is still a large gap between what should be
measured and controlled and what is actually measured. For example, according to com-
pany management, the customer satisfaction of IT should definitely be measured (almost
70%), but only just under 40% of IT organizations in companies do this.
The following will use the IT Strategy Cockpit to show that it is not difficult to
develop a measuring instrument that is based on the measures from the IT strategy deter-
mined in the previous step. This way, all these measures can be constantly checked and
adjusted.
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden GmbH, 281
part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3_11
282 Step 7: Monitoring and Control of the IT Strategy …
76.5%
Contribution of IT in reducing the processing time
44.6%
61.4%
Contribution of IT in reduction of production cost
40.4%
20.9%
52.3%
IT's share of revenue growth*
15.6%
41.9%
IT's share of profit growth*
13.0%
33.3%
Share of IT in gaining market share* Target
11.4% Actual
The Balanced Scorecard (BSC) was developed in the early 1990s by R. S. Kaplan and D.
P. Norton as a new instrument for (general) controlling.
Until then, available performance measurement (performance assessment at the cor-
porate level) indicators were insufficient because they only considered financial variables
and thus led management to misbehavior. The BSC, on the other hand, is a strategic-
operational key figure system for balanced corporate governance.
The idea behind it is the following: The company strategy is linked to operational
planning through cause-effect chains. This is made clear in Fig. 2, which shows by way
of example which effects the causes can have in the different perspectives.
Basics of the IT Strategy Cockpit 283
Learning &
Processes Customers Finance
Growth
Customer
Competence satisfaction
Information Customer
supply loyalty
The following three main goals can be achieved by using the BSC:
1. Finances
2. Internal Processes
3. Learning and Development
4. Market and Customers
Goals, key figures, target values and measures are defined for all four perspectives. A
schematic structure is shown in Fig. 3.
Finance
Targets Key figures Specifications Measures Targets Key figures Specifications Measures
“If you can’t measure it, you can’t manage it”. This key statement from the
Balanced Scorecard concept of Kaplan/Norton is still as relevant today as it
was in the 1980s and is the basis for an IT strategy cockpit to be created now.
The structure of the IT strategy cockpit is carried out using the example of
Produktio weltweit GmbH.
In this first phase of developing the cockpit, the goals of the IT strategy that have been
elaborated so far are broken down into the four perspectives and linked together. It is
important that the relationships between all perspectives are clear and unambiguous,
because all perspectives influence each other and one perspective cannot be considered
independently of another. The BSC is therefore one of the few tools in management that
takes a holistic view and does not consider financial key figures or processes in isolation.
1 2 3 4
This makes it possible to quickly see which key figures from one perspective have an
effect on key figures from another.
For example, process efficiency in a certain area, such as project management, can be
directly correlated with success in complying with IT project budgets (financial perspec-
tive) or employee satisfaction in projects (employee perspective) as well as success of
the IT product as a result of the project in the specialist area (customer perspective).
The key figures defined here must be known and anchored not only in the IT
organisation, but throughout the company and by all employees.
1. Finances
– IT costs per employee,
– IT project costs and benefits,
– Profitability growth after IT project implementation (e.g. after introduction of an
ERP system),
– TCO (Total Cost of Ownership) per IT workplace/per employee
2. Internal processes
– Number of complaints, complaints, escalations to top management,
– Number of interventions by managers in operational IT processes,
– Number of process innovations from the ranks of their own employees,
– Process speed from input to output
3. Learning and development
– Number of improvement suggestions/number of publications,
– Number of activity-related side activities (lectureships at universities, speakers at
external or internal training courses, membership of research working groups)
– Number of participants in further education courses, company parties or company
meetings,
– Overtime quota,
– Compliance with deadline processing.
4. Market and customer
– Processing time for enquiries, change requests, requirements, complaints/incidents
or problems, troubleshooting etc.
– Share of deliveries on time,
– Number of SLA violations
In order not to get tangled up and to keep an overview, only take the real
“must-haves” of all strategic goals or measures as a key figure in your IT strat-
egy cockpit. There should be a maximum of 10–15 key figures in total.
The Structure of the IT Strategy Cockpit in 4 Phases 287
In the specific case of Produktio weltweit GmbH, the key figures are shown in Table 1
per perspective. A third column has been inserted, which provides a description of which
strategic measure the respective key figures are derived from.
Table 1 The key figures of the IT strategy cockpit at the example of Produktio weltweit GmbH
Perspective Indicator(s) Description (From which strategic measure is the
indicator derived?)
Finances • Project costs • Professionalization of project management
• Detailed SLA report per (closing the delta from the actual analysis step
sourcing project (here costs 1)
per month, number of change • Professionalization and transparent tracking of
requests/incidents) providers in the area of sourcing (step 4)
• IT costs per employee on • Reduce IT costs (requirement from the board of
TCO basis directors from the challenges for IT in step 2)
Internal • Establishment of IT • Establishment of IT compliance as found in the
processes compliance actual analysis in step 1
• Establishment of demand/ • Establishment of D/S structure as specified in
supply structure step 5
• Establishment of IT • Establishment of IT controlling, service man-
controlling agement and project management (see deltas in
• Establishment of service step 1)
management processes Note: The KPIs of the internal processes are
• Establishment of project quantified with respect to time (in time), quality
management processes (school grades) and costs (in budget)
Learning and • Project management training • Improvement of results from step 1 in project
Development courses management and service management (here
• Service management training you can also see the link between the perspec-
courses tives of project and service management: In the
• Sick leave “internal processes” perspective, the structure is
• Overtime quotas tracked and the necessary training is carried out
in the “learning and development” perspective)
• Sick leave and overtime quotas are derived from
steps 2 and 5 due to the current poor morale of
the staff
Market and • Number of SLA violations • The first key figures result from the sourcing
Customer • Number of complaints from problems with the suppliers identified in step 4
the department • The complaints and customer satisfaction are
very important for the D/S structure and give
many hints on what to pay attention to when
setting up and structuring the project
• In addition, the project portfolio should be
checked monthly together with the department
288 Step 7: Monitoring and Control of the IT Strategy …
This stage is the operationalization of the IT strategy cockpit. This allows you to see at
any time where you stand and serves as a kind of early warning system. For this purpose,
corridors must be defined in which the key figures defined in phase 1 may move. If you
deviate from this, the traffic light goes to yellow or even red. “Green” means that the
figure is in the ideal range, “yellow” means a deviation that is still tolerable and serves
as a warning (for example, 3% deviation), but “red” means that immediate action must
be taken. This means that you define an exact target value and the deviation corridor for
“yellow” and “red” for each key figure. It is helpful to calculate current actual values and
to consider how the corridors should look; for this purpose, a two- to four-week test or
trial phase can be helpful when defining actual values and corridors for the first time, so
that realistic values can be defined.
Table 2 shows the key figures of Produktio weltweit GmbH defined in the previous
chapter and, on the one hand, defines the calculation of the actual value and the target
corridor for each key figure.
It is important that you name a responsible person for each key figure. If nobody feels
responsible, the best key figures are of no use and the early warning system cannot work.
Table 3 lists all responsible persons per key figure at Produktio weltweit GmbH as an
example.
This stage is the concrete work process in which the key figures are checked on a regular
basis and—if necessary in case of deviations—corrections are made. These corrections
are basically the strategic challenges in the form of changes in direction, new decisions
or organizational interventions on the way to the goal.
how high project expenditure will be per reporting frequency and then provide
these with deviation corridors)
After 2 weeks: €25,000 (green = max. + 3%, yellow = > 3% and < 8%, red = >
8%)
After 4 weeks: €70,000 (same deviation corridor)
After 6 weeks: €80,000 etc.
(continued)
289
Table 2 (continued)
290
Perspective Key figure Calculation and actual value as an Target corridor and target values
example
Finances SLA report The outsourcing project for the Monthly costs:
data center is used as an example Green = < = 47,000 €/month
here
• Monthly costs correspond to
Yellow = > 47,000 € – < 50,000 €/month
actual monthly costs (actual value Red = > 50,000 €/month
= 47,000 €/month) Number of incidents:
• Number of incidents (actual value Green = < = 18 incidents/month
= 18 incidents/month)
The actual values must be deliv- Yellow = < 18 and < 22 incidents/month
ered by the providers on time Red = > 22 incidents/month
after the end of the month
Finances IT costs per First, a definition and delimita- The target size in terms of IT costs per employee of the board of directors is
employee tion must be made as to which IT 8000 € per employee
services will be included in these The target corridors are set here:
key figures. This can, for exam- Green = < = 8000 € IT costs per employee
ple, only be the workplace costs
(laptop/desktop, monitor, keyboard, Yellow = > 8000 € and < 8300 €
mouse) + network costs + printer Red = > 8300 €
costs or the total IT costs. Since
reducing IT costs is important for
the board of directors of Productio,
the total costs are taken here. The
calculation then looks as follows:
Total IT costs/number of
employees
Example actual value:
3,500,000 €/400 = 8750 €
Step 7: Monitoring and Control of the IT Strategy …
(continued)
Table 2 (continued)
Perspective Key figure Calculation and actual value as an Target corridor and target values
example
Internal Establishing Determining actual values for on Target corridors:
processes IT time, on budget, on quality
compliance On time = completion by 09/2015 On time and on budget
On budget = 72,000 € Green = max. + 2% deviation
On quality = at least grade 2 Yellow = > 2% and < 5% deviation
Red = > 5% deviation
On quality:
Green = < = 2
Yellow = 3
Red = > 3
The Structure of the IT Strategy Cockpit in 4 Phases
Internal Construction Same scheme as in construction of Target corridors just as in construction of IT compliance
processes of demand/ IT compliance
supply Actual values:
structure In time = 12/2016
In budget = 835 T€
In quality = 2
Internal Construction Scheme as above Target corridors just as in construction of IT compliance
processes of IT Actual values:
controlling In time = 09/2015
In budget = 114 T€
In quality = 2
(continued)
291
Table 2 (continued)
292
Perspective Key figure Calculation and actual value as an Target corridor and target values
example
Internal Construction Scheme as above Target corridors just as in construction of IT compliance
processes of service In time = 09/2015
management
processes In budget = 114 T€
In quality = 2
Internal Establishing Schema as above Target corridors as with establishing IT compliance
processes project In time = 09/2015
management
processes In budget = 114 T€
In quality = 2
Learning Training Number of employees who have Target corridors with target values:
and courses completed the project management Green = 10 employees by end of 2014
development in project training at level C
management Actual value = 2 employees in Yellow = 8 employees by mid-2015
mid-2014 Red = 8 employees by end of 2015
Learning Training Number of employees who have Target corridors with target values:
and courses completed the service management Green = 6 employees by end of 2014
development in service training as practitioners
management Actual value = 1 employee in Yellow = 5 employees by mid-2015
mid-2014 Red = 3 employees by end of 2015
(continued)
Step 7: Monitoring and Control of the IT Strategy …
Table 2 (continued)
Perspective Key figure Calculation and actual value as an Target corridor and target values
example
Learning Sickness rate Calculation of how high the rate of Green = < = 5%
and sickness reports per week is
development Example: 40 employees, of which Yellow = > 5% and < 8%
2 employees reported sick for 3 Red = > 8%
days and 4 employees reported sick
for 1 day in the past week
= 40 employees * 5 days = 200
(2 * 3) + (4 * 1) = 10
5% sickness rate
Learning Overtime Calculation = number of overtime Green = < = 12,5%
and rates hours/ number of total work hours
development * 100
The Structure of the IT Strategy Cockpit in 4 Phases
Actual value = 200/1600 * 100 = Yellow = > 12,5% and < 20%
12,5% Red = > 20%
Market and Number Reported by the provider and Green = 0 SLA violations
customer of SLA tracked internally by IT controlling
violations Actual value = 2 Yellow = < = 2 SLA violations
Red = > 2 SLA violations
Market and Number of Tracked by IT controlling Green = < 3 complaints
customer complaints Actual value = 6 Yellow = 3 to < 5 complaints
from the
department Red = > 5 complaints
293
294 Step 7: Monitoring and Control of the IT Strategy …
The simplest and quickest way to set up an IT strategy cockpit is to use a spreadsheet
program, for example MS Excel. No significant investments are required and you can
ask your IT controller or—if not available—a controller to set up a list of key figures in
the form of a balanced scorecard. The disadvantage is that in most cases there can only
be one person who maintains this list, as otherwise it is not immediately clear who has
made which changes. A visualization of the balanced scorecard and the cause-and-effect
principles in the form of a causal network is hardly possible in Excel. Therefore, this
implementation option is certainly good for a quick start, but not recommended in the
long term.
There are now web-based solutions for displaying balanced scorecard systems that can
be relatively easily adapted or extended to an IT strategy cockpit. These are so-called
isolated solutions, as they are usually stand-alone, i.e. without interfaces to other systems
in which the figures may already be available. In most cases, certain key figures can also
be visualized in so-called dashboards, which provide a good overview for management
and the executive board and can therefore promote greater acceptance and use.
The strategy cockpit serves to monitor and track the implementation of the IT strategy.
In addition to purely quantitative monitoring, this chapter will also take a closer look at
the qualitative management of the implementation of the IT strategy with the possible
pitfalls on the way.
The development and implementation of an IT strategy is always associated with ups and
downs. As in many other IT projects, the process often resembles the typical course of
the change or change curve as shown in Fig. 5 (Note: The change curve can be found in
many variations in the literature).
Often, the IT strategy project begins with a kind of “shock” among the partici-
pants. They ask themselves why an IT strategy is needed and what this could have to
do with themselves. Are there any layoffs or salary cuts? The next logical step is then
296 Step 7: Monitoring and Control of the IT Strategy …
Denial Commitment
Employee performance
Recognize
Shock
Check out
"Valley of Tears"
Resistance Adaptation
Time
the “denial”. The participants do not want to admit their “involvement” in this project
and often tend to overestimate their abilities. Often in this phase, the employees simply
continue as if nothing had happened and think: “This is just another typical project. I’d
better stay out of it!” This phase is characterized by excuses, denial of facts and mere
minimization.
But the IT strategy project continues and the denial and minimization become more
and more difficult. First, this can lead to anger, frustration or despair among the par-
ticipants. But this resistance is not sustainable forever and the realization comes that the
impending change must be accepted if one wants to stay in the company and not com-
pletely lose one’s career opportunities. This resistance phase is very important for the
managers and initiators of the IT strategy project, because here it is about the later suc-
cess or failure of the IT strategy. It must be conveyed that an IT strategy is essential, that
there is no turning back and that the advantages and added value must be made clear.
After it was recognized in the so-called “valley of tears” that further resistance is
futile, the third phase follows: the adaptation to the impending change or the change.
However, the participants realize that they are still on unknown terrain. A lot changes
through the IT strategy: IT services that were previously provided and maintained inter-
nally are outsourced to external service providers, there are changes and adaptations to
the organization. New roles and responsibilities, new committees and everyone tries to
find their way again. This means great effort under uncertainty for all participants.
Implementation of the Strategy 297
The more the new structures establish themselves and the old patterns of behav-
ior slowly disappear, the more the realization arises that one can feel quite comfortable
in the new environment. Routines arise in the new everyday life and the change or the
change has arrived with each participant. This is the phase in which there is a clear com-
mitment to the new structures, procedures and roles and responsibilities for the first time.
Self-confidence and satisfaction increase again and some will ask why this was not done
earlier. Then the change is done and the new IT strategy is established.
Involving Stakeholders
Not only the IT staff is important for the implementation of the IT strategy, but such
a project usually affects the entire company. In the course of the stakeholder analysis
already carried out in the preparation (see step 1), all important persons who are closely
associated with the project of the IT strategy were worked out. It was also analyzed how
to deal with the respective persons so that they do not hinder, but support the project.
These tasks are now: How can those stakeholders who—for whatever reason—do not
fully support the project be brought to the point that they at least do not disturb the pro-
ject if they are not positive towards it?
Furthermore, it should be analyzed why some stakeholders do not fully support the
project. Were they not involved closely enough in the preparation or in one of the steps
or were they forgotten? Do they not want to make decisions and if so, why not?
adjustments, outsourcing of services to external providers and the creation of new roles
and committees are challenges that not everyone can deal with well. Here, self-reflec-
tion is important, the courage to show transparency and the already mentioned respectful
treatment of all participants.
Preparations for Step 7
Procedure model:
• Go through the results of the IT strategy together with all the IT organization’s man-
agement as well as the management from the relevant departments (see measures and
projects in Step 6).
• Identify the key elements and statements of the IT strategy.
• Summarize these concisely in the form of a keyword or a goal (in order to derive the
indicators for the IT strategy cockpit from them in the following worksheets).
First, as in the example shown above in phase 1, it is about identifying the right key
figures for each perspective. You will find the corresponding table for filling in your key
figures in the following worksheet 8.1, which can be derived from the measures for your
IT strategy.
300 Step 7: Monitoring and Control of the IT Strategy …
◾ For each perspective, please develop your metrics that relate to the outcomes
and measures of the IT strategy you just developed and briefly describe
those metrics in column 3
Finance
Internal processes
Learning &
Development
Market &
Customer
After the key figures have been defined and set, phase 2 follows with the definition of the
target corridors for each key figure. The worksheet 8.2 serves this purpose, in which you
transfer the key figures just set and then calculate the actual values in the third column
and set the maximum deviations for the traffic light in the fourth column (please use one
key figure per line for better overview):
Working Questions Step 7 301
◾ Please take over the just defined ratios from worksheet 10.1 incl. The perspective
(column 1 and 2) and then define the actual calculation for this ratio in column 3. Then
you still have to define the target corridor in traffic light form with the fixed predefined values
Finance Finance=
Yellow=
Red=
After the target corridors have been set, only the responsible persons (entry in column
3) and the specification of the frequency with which these key figures have to be made
available by the responsible persons are still missing (column 4):
302 Step 7: Monitoring and Control of the IT Strategy …
◾ Now it is a matter of determining the responsibilities for each indicator, which you should
enter in column 3. Column 4 is used to determine the frequency with which the actual
values are to be presented to the management by the respective person responsible
for each indicator. must be
◾ Please carry out a stakeholder analysis again (use worksheet 1.7 from the preparation
chapter) and consider whether the assessment at the time was correct, how the
respective stakeholder actually behaved and what still needs to be done now in order to
involve all stakeholders as part of the implementation.
◾ Communication preparation
Commitment /
Influence of the Attitude of the
No. Name Function / Role interest in the
stakeholder stakeholder
project
1 = very low 1 = very low 1 = very positive
2 = low 2 = low 2 = positive
3 = medium 3 = medium 3 = neutral
4 = large 4 = large 4 = negative
5 = very large 5 = very large 5 = very sceptical
5
Communication:
• Which communication tools can you use to best reach which
stakeholders?
•
•
•
Abstract
What stays behind? What were the key points on the way to the IT strategy? Which
measures could already be implemented and which ones are difficult and why?
Answering these questions is the final chord of this book in the form of a summary
and outlook.
Carr’s opening thesis in the preface was “IT doesn’t matter!” This statement was
rephrased throughout the book in the sense of “What is IT really important for the
respective company and how must IT be organized so that it creates added value for the
company?”
The pure technology, such as the data center, the infrastructure and the telephony have
actually become commodities, as Carr predicted back in the mid-2000s. The key ques-
tions ten years later are in the information that is produced by the technology (can): Big
Data is not just a hype, but essential parameter for IT!
It is always about the information being optimally prepared for the company and
being available to every target group and every department on a permanent basis. The
user is not interested in how and through which these information reach him, because this
is now commodity business and must be provided by IT without noise and as a matter
of course (this is mainly served by the sourcing strategy in step 4). However, the discus-
sion of which information must be made available to whom and when must be carried
out intensively together with the departments in the company. This serves the optimized
governance and organizational models as shown in step 5 and above all the joint discus-
sion with the information and process responsible persons with regard to the application
strategy in step 3. For the efficient control and management of the whole IT orchestra, the
tools such as roadmap, portfolio and IT strategy cockpit were designed in steps 6 and 7.
© The Author(s), under exclusive license to Springer Fachmedien Wiesbaden GmbH, 305
part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3_12
306 Conclusion and Outlook
The seven steps may not all be of equal urgency in their current situation, but cer-
tainly some topics have given the necessary impetus to think more carefully about the
current situation and to get things moving. The author deliberately refrained from known
standards, best practices and standardized IT processes. This has been described in detail
in other books. Here, the tools are in the foreground, which you can also discuss with the
top management and the executive board. And when presenting them, every inclined cor-
porate leader should find himself again. Because almost all used tools have their origin in
business administration and not in computer science.
Because when developing an IT strategy, it is indeed about IT and its technical mani-
festation, but the decisions are so decisive for the company that they must be made and
decided not in the form of technical details, but consciously in management language.
This should pave the way for closer integration of IT with the specialist departments and
the business and thus enable more effective cooperation.
It is important that IT adapts, transforms and becomes a service provider within its
own company with the aim: out of the technical corner, out of the budget discussion,
towards more togetherness with the same language and on an equal footing!
The topic of digitalization has also and in particular shaped IT. Answers are needed
as to how far IT is responsible for digitalization and, if so, for which topics in particu-
lar. The delimitation between the digital responsible persons or a CDO must be clearly
regulated and the role of IT and the CIO in this context must be clearly formulated for
everyone in the company.
The IT strategy is deliberately not a digitalization strategy. However, it has to provide
content for this in the form of new technology standards, scouting for new technologies
and process optimization in the sense of Industry 4.0.
I wish you every success with all strategic decisions around IT and a good sense of
delimiting the digitalization topics for IT.
References
1. Agarwal R., Sambamurthy V.: „Principles and Models for organizing the IT-Function“, MIS
Quarterly Executive, Vol. 1, No. 1, March 2002
2. AutomotiveIT: „Paradigmenwechsel im Personalmanagement“,http://www.automotiveit.eu/
paradigmenwechsel-im-personalmanagement/news/id-0038968, abgerufen am 28.05.2014
3. A.T. Kearney: „Winning with an IT M&A Playbook“, PDF-Dokument, abgerufen am
19.06.2013
4. Brenner W, Witte C, Erfolgsrezepte für CIOs, 1. Auflage, Hanser, 2007
5. Brenner Walter, Pilgram Uwe, Zarnekow Rüdiger: Integriertes Informationsmanagement,
1. Auflager, Springer, 2005
6. Brenner, Walter: Interview mit Volker Johanning zum Buch „IT-Strategie in 7 Schritten“,
24.05.2013
7. Brenner, Walter, Wulf Jochen, Winkler Till: „Organisationsgestaltung der Demand-IT“,http://
warhol.wiwi.hu-berlin.de/aigaion2/index.php/attachments/single/58, abgerufen am
14.04.2014
8. Broadbent M, Kitzis E: The New CIO Leader, Harvard Business School Press, 2004
9. C4 Consulting und Zeitschrift „IT-business“:http://www.it-business.de/index.cfm?pid=2419&
pk=69155&p=1, aufgerufen am 10.06.2014
10. Carr, Nicholas, „IT Doesn’t Matter”, in: Harvard Business Review. May 2003. pp. 5–12.
Abgerufen im Internet unterhttp://www.roughtype.com/?p=644(abgerufen am 28.02.2014)
11. Capgemini: „IT-Trends 2013“,http://www.de.capgemini.com/resource-file-access/resource/
pdf/capgemini-studie_it-trends_2013.pdf, abgerufen am 28.05.2014
12. Capgemini: „IT-Trends 2014“,http://www.de.capgemini.com/resource-file-access/resource/
pdf/capgemini-it-trends-studie-2014.pdf, abgerufen am 28.05.2014
13. Capgemini: „Application Landscape Report 2014“,http://www.de.capgemini.com/resource-
file-access/resource/pdf/capgemini_application_landscape_report_2014.pdf, abgerufen am
04.07.2014
14. Computerwoche:http://www.computerwoche.de/a/applikationen-werden-zur-last,1232020,
abgerufen am 04.07.2014
15. Cunningham, L:http://www.linkedin.com/in/lewiscunningham, abgerufen am 22.04.2013
16. Fenwick, Neigel, in Forrester Blog: „It’s time to kill your IT-strategy“,http://blogs.forrester.
com/nigel_fenwick/12-03-09-its_time_to_kill_your_it_strategy, 09.03.2012 (abgerufen am
06.02.2013)
17. Friedrich K, Malik F, Seiwert L: Das große 1 × 1 der Erfolgsstrategie, 18. Auflage, Gabal,
2012
© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer 307
Fachmedien Wiesbaden GmbH, part of Springer Nature 2022
V. Johanning, IT Strategy, https://doi.org/10.1007/978-3-658-38772-3
308 References
18. Gadatsch, A.:IT-Controlling, Praxiswissen für IT-Controller und Chief Information Officer,
1. Auflage, Springer Verlag, 2012
19. Gartner Executive Program, Januar 2013
20. Gartner Website:http://www.gartner.com/it-glossary/it-strategy/abgerufen am 06.02.2013
21. Gartner Website:http://www.gartner.com/newsroom/id/2575515abgerufen am 22.03.2014
22. Heinevetter, Thomas:„IT-Organisation 2016: Faktor Mensch!“, eine Studie von Kienbaum
unter Kooperation von BITKOM,http://www.partnering.org/fileadmin/Event/BPC/2012/
Vortr%C3%A4ge/Studie%20IT%20Organisation%202016%20-%20Faktor%20Mensch_
Thomas%20Heinevetter_Kienbaum.pdf, abgerufen am 28.05.2014
23. Heinrich, L.J.:Informationsmanagement: Planung, Überwachung und Steuerung der
Informationsinfrastruktur. 7. Auflage. München, Wien, Oldenbourg, 2002.
24. Hodel M, Berger A, Risi P:Outsourcing realisieren, 2. Auflage, Vieweg, 2006
25. Hofmann J, Schmidt W:Masterkurs IT-Management, 2. Auflage, Springer, 2010
26. Holtschke B, Heier H, Hummel T:Quo vadis CIO?, 1. Auflage, Springer, 2009
27. Huber, A:Strategische Planung in deutschen Unternehmen. Empirische Untersuchung von 100
Unternehmen, Berlin, 2006
28. Keller W: IT-Unternehmensarchitektur, 2. Auflage, dpunkt-Verlag, 2011
29. Heinrich, L.J.: Informationsmanagement: Planung, Überwachung und Steuerung der
Informationsinfrastruktur. 7. Auflage. München, Wien: Oldenbourg, 2002
30. Malik, Fredmund:Führen Leisten Leben, 6. Auflage, Campus Verlag, 2006
31. McKinsey Quarterly, Januar 2011:„Understanding the strategic value of IT in M&A“,http://
www.mckinsey.com/insights/corporate_finance/understanding_the_strategic_value_of_it_
in_m_and_38a, abgerufen am 19.06.2013
32. Mintzberg, Henry: Strategy Safari: Der Wegweiser durch den Dschungel des strategischen
Managements, FinanzBuch Verlag, 2012
33. Rüter A., Schröder J., Göldner A., Niebuhr J.:IT-Governance in der Praxis, 2. Auflage,
Springer Verlag, 2010
34. Schawel, Christian/Billing, Fabian:„Top-100 Management-Tools“, 4. Auflage, Springer
35. Seidl, J:Multiprojektmanagement, 1. Auflage, Springer Verlag, 2011
36. Süß, G.M.:Methoden und Techniken im Projektmanagement, WEKA 2004
37. Tiemeyer E.:Handbuch IT-Management, 1. Auflage, Hanser, 2009
38. University of Oxford:One in six IT projects ends up ‚out of control‘,http://www.ox.ac.uk/
media/news_stories/2011/110822_1.html, abgerufen am 06.02.2013
39. Wagner et al.Wie erfolgreiche Veränderungskommunikation wirklich funktioniert?!,
1. Auflage, ProBusiness, 2010
40. Ward J, Peppard J:Strategic Planning for Information Systems, 3. Auflage, Wiley, 2002
41. Weissman, Arnold:Die großen Strategien für den Mittelstand, 1. Auflage, Campus Verlag,
2010
42. Welch, Jack:Was zählt, Ullstein. 2003
43. Witte C:Interview mit dem CIO der Deutschen Bahn, Herrn Kruse: „Ohne Architektur-
Management geht nichts“, Computerwoche Ausgabe 11/2013 vom 11.03.2013, Seite 34/35