Blog Post

The CIO as the (IT) supply chain manager

In the recent past, the CIO and staff earned their name as technologists. They built IT infrastructure by hand from the ground-up. Unique server, storage and networking piece-parts were purchased, integrated and optimized to support specific applications. IT recruited and developed staff who performed the technical back-flips that made each system work. This approach (and mentality) largely continues today, even into implementing basic server virtualization.

The nature of application-specific infrastructure (read: hard-wired, inelastic and over-provisioned) meant IT’s other unsaid role was to limit consumption of services. They were too busy maintaining the fragile infrastructure to deliver many other value-added services. Adding capacity or new systems was almost viewed as an expensive distraction.

But the environment is changing — more services are available in a consumerized fashion, creating “shadow IT”; BYOD demands from users are increasing; IaaS, PaaS and SaaS clouds are simplifying outsourcing of certain categories of services; end-users expect simpler, faster access to the resources they demand.
The resulting shift for the CIO and his IT staff will be a logical response to these trends, pressured to leverage increasing amount of public, even consumer-style services. Thus IT and its organization will gradually shift in the following domains:

  • Functional roles: Shift from building most services from the ground-up, to sourcing services from IaaS/PaaS/SaaS providers. The partial exception being building private clouds.
  • Skill sets: Shift from technologists and functional specialists, to evaluators of services from external vendor sources. More roles will tend to focus on service provider assessment and relations.
  • Consumption model: Shift from limiting and regulating service consumption, to encouraging consumption and accelerating new service adoption to become more competitive. This is consistent with the trend of consumerized IT and BYOD.
  • Operational function: Shift from custom engineering of internal services, to integrating the supply chain of both internal and external services. When looking at the cost, performance, governance and risk profiles of composite services, IT’s model will need to extend outward to an ever-larger ecosystem of external providers.

In essence, the CIO’s focus will tend to move “up the stack.” To better serve the enterprise, she’ll be relied-upon to manage and integrate services provided to the business.

Integrating providers and the cloud operating model

The cloud operating model – née, paradigm – has it that lower-level infrastructure mechanisms for compute, network and storage will be more automated and highly elastic. That leaves more of IT’s time, money and attention for the actual innovation and operation of the services themselves. Regardless of whether those services are internally or externally generated.

Logic has it that over time, most of IT’s operational attention will therefore turn to:

  • Sourcing selection & optimization for each outsourced service. Everything from contract negotiation to vendor performance management.
  • Development and innovation of service components for services that remain internally generated.
  • Integration and delivery of end-user-ready services to the line-of-business users. Include here the ability to rapidly add a new vendor service to the portfolio, and make it available through one or more portals for end-user consumption.

Next, consider how the shift in operational roles plays-out: As more of IT’s focus turns to sourcing services from outside providers and/or deploying services on internal clouds, core infrastructure engineering functions will tend to decline. Simultaneously, functions that will increase are those which serve to integrate each of the individually-sourced services.

Whether sourced internally or externally, each service still requires integration with:

  • Identity and access management for each provider;
  • Data compliance, legal and regulatory audit access across each provider;
  • Security compliance systems;
  • Provisioning, including capacity forecasting;
  • Performance (e.g. SLA) monitoring;
  • Cost and budget tracking (i.e. for billing, showback and/or chargeback);
  • Disaster recovery and redundant service sources where needed.

In the past, many of these functions were hand-integrated across the few external services used, and custom-engineered into each internally created stack. But time is changing the model. With more services provided by outside clouds, the need for a more efficient integration function will escalate. Integration will need to be standardized and replicable, scalable and responsive to the business’ needs.

And therein we see how the CIO/IT’s roles will need to morph. More time, technology and managerial attention will need to focus on standardizing the workflow to (and between) cloud-based services. Even expect to see a resurgence of the concept of the “service bus to assist in this effort.

The end game for the CIO: IT supply chain master

As more sophisticated and essential cloud services are made available from external providers, the role of the CIO will shift from building technology to integrating services. Thus managing and orchestrating the IT supply chain will be the new operational job for his staff. And with that, the IT organization will have to slowly adapt and refocus on service specification, vendor evaluation, service integration, contract/SLA management, and vendor/service management.

The CIO can begin setting the groundwork for this eventuality today. Take a second look at the buy vs. build option. Create streamlined processes to improve integration of external services. Offer commercially available external services within internal service catalogs. And change IT’s mindset from having to be the source of engineering all services, to one of securely brokering services.

These changes will help the CIO develop an IT function that is more responsive to the needs of business, competitive with external alternatives, and encourages consumption of IT services. The traditional trade-off of buy-vs.-build is shifting toward “buy.” But to do so, integrating services will become the critical defining role for the CIO.

Ken Oestreich is a marketing veteran helping develop new categories in the Enterprise IT, Data Center, and cloud computing spaces. He has held product and corporate marketing roles with Sun, Cassatt, Egenera, and EMC. Find him on twitter as @fountnhead.

Puzzle image courtesy of Flickr user Adam_T4.
Desk photo courtesy of Shutterstock user Sergej Khakimullin.

5 Responses to “The CIO as the (IT) supply chain manager”

  1. Ken Oestreich

    Agree with your observations, particularly about the increased need for vendor management tools/processes.

    But I wonder whether the notion of what vendor “services” are will change. In the “old” model, services needed to be defined (because they were custom or semi-custom) and then monitored for SLAs etc. The concept of vendor management was very hands-on. In the “new” model, I wonder whether there will be more standardized services available from a larger variety of vendors. In many ways “cloud” implies less customization (esp. from the PaaS and SaaS perspectives) and this new landscape means more plug-and-play services available. Almost akin to the consumerization of IT services. In this “new” world, the old perspective of vendor management doesn’t apply as much. Thoughts?

  2. Cloud_Zone

    The idea that the CIO role will change is well established and Ken has summed up nicely how the changes might well take effect. One of the problems I foresee is the shortage of skills related to vendor management within existing IT departments and whether those skills will be sufficiently developed to make the outsourcing future work. Large contracts, whether they are awarded by public or private bodies, are notorious for not delivering all that was promised at the tender stage. I have seen procurement departments and public sector commissioners with many years experience make a mess of things so can IT departments really cope with this new role? I rather fear that many won’t and the information and systems governance issues which may result could be disastrous for some. A good example might be finance (as outlined here ). While the IT department might have the ability to talk to vendors about the specs and performance will there be the skills to contain costs to a sustainable level?

  3. Steve Schofield

    What about if new cloud services are Integrators by definition? If the problem companies face is created by the bottom up adoption of different tools and services, then surely some bright spark will solve the integration issues as well – would make a nifty business.

    Does that mean we don’t actually need CIO’s anymore, and they can prepare by learning new skills or being the pioneers who solve the impending industry wide issue rather than organisation-specific challenges?

    • Ken Oestreich

      Steve –

      Great points. Regarding the need for CIOs, I believe they’ll always be needed. But the role + job skills may be very different in a decade. Rather than being goaled as technologists, they’ll be judged on how well they serve the technology needs of the business. And that will primarily be based on how well they partner with the business units to help them solve their needs (by sourcing and integrating external services).

      Regarding external services that are integrators – that’s an interesting perspective I’d not considered. I suppose that if you consider the overall strategic direction of companies such as SAP and SalesForce, it definitely looks like they’re gunning to provide entire suites of outsourced services to businesses. Would a CIO still be needed in that case? Maybe not, or at least not for small/medium co’s with relatively standard IT needs.