Archive for the Strategies Category

Perhaps you constantly have an IT crisis on your hands or perhaps you have many questions and realized that you have shortcomings within your IT organization. Either way, a systematic and organized examination of your organization’s information technology systems and operations needs to be conducted to start the process. For many larger organizations, this may be attempted in-house, but a fresh perspective is extremely valuable. This is where the services of an IT consultant become very helpful.

The initial step is to arrange a meeting with an IT consultant who can help identify potential problem areas. This is most commonly called a “discovery meeting” for obvious reasons. For my clients, these meetings are informally structured so that issues and concerns will easily surface. General questions are asked, and if problems are identified, then follow-up questions become more specific and directed at relevant areas. Conducting on-site tours of the functional areas and data centers may also reveal other areas of concern. These meetings often require just a couple of hours and can yield a substantial amount of information and insight.

During constrained economic times and robust economic cycles alike, organizations often have difficulty spending time and money on IT development and maintenance. I see very few organizations that have a dedicated budget allocated to information technology itself. Instead, they throw money toward IT only when urgencies or emergencies occur. By then, the costs of fixing a problem as opposed to preventing it in the first place have escalated significantly. Choosing to assess and audit your IT department operations is without question a step in the right direction financially and strategically for the organization.

Finding a qualified IT consultant (especially one who fits well with your organization) is important and often difficult. Qualifications and certifications are far from standardized within the industry. In addition, this individual will have access to some of your organization’s most valuable information. This person should not only be someone with whom you can easily interact but also someone whom you can completely trust. There are many factors in selecting an IT consultant, but in general, word-of-mouth referrals are often the most reliable.

For more information, see my book www.ITSurvivalGuideBook.com

Identifying short term and long term needs, current vulnerabilities and helping develop a strategic plan may require help. Especially true if internal resources are concentrating on running the business and putting out fires. Having the important decision makers present at the meeting is also very helpful as you get a unified direction and it helps increase the productivity of the meeting. Of course the biggest challenge is the allocation of financial resources and a lot of IT departments find that to be quite the brick wall they run into. Having key decision makers present helps greatly as they gain understanding explained to them in a non-technical sense. One important document that can help put things into perspective is creating a disaster recovery plan (DRP).

The disaster recovery plan is probably the most important as it helps address short term crisis’ that are acute and potentially catastrophic to an organization. Things like response time, disaster detection, and resource allocation are just a few of the hot topics that need to be addressed as part of the disaster recovery plan, frequently referred to as the DRP. Unfortunately most organizations do not have such a plan. The DRP helps identify unknown weaknesses in the IT system and also strongly helps documenting what’s currently in place.

For example I had a client with over 12,000 people on their payroll. These workers were all out in the field. This was at a time when it was difficult to hire people. It was of critical importance to never miss a pay run. If they missed one, people were sure to walk. Those were the type of workers they had in their employment. We ensured that part of their disaster recovery plan was hosted at an alternate geographic site, somewhere away from their main location. Their entire accounting system, such that they could do a full pay run, was replicated offsite including physically having a printer with some cheques. In the event that something happened, it can be difficult to gain access to your own financial resources. Having all that in place is something that you need to think about right down to who do you call, which manufacturers can you call, what equipment do you have, what models were they, and what are their serial numbers, are they on warranty, where do you call for that, are there 24/7 phone numbers…

This really brings forth a lot of questions that you might not have asked or that you might have taken for granted. They are brought to surface and decide whether or not you even want to deal with it. We call that risk analysis or risk management; you’re deciding whether or not a particular concern or product or software or service or some data within the organization, what is the amount of risk within that topic, what is the amount of risk associated with losing it, and how much time can you be without it, and what you are willing to spend to address the issue. A few years ago, a person could be without their email for days or a week, it was no big deal. Now I have many clients where they cannot live without it! If they’re without email for a day it’s almost a disaster in itself. All the communication is done that way and there are actual costs attributed to it. Some organizations can attribute actual dollars lost due to missing a piece of equipment or someone’s time. Loss of productivity with your own staff where you actually have to shift what they’re doing away from billable work into non billable work because something internal has to take priority (such as reconstructing valuable data) can be costly.

For more information, see my book www.ITSurvivalGuideBook.com
Having a DRP document in place, even to raise questions that have never been considered, can be very valuable.

As a business owner or executive there is a lot of value in bringing in someone for an outside opinion. The analogy would be other professions that are more mature for example law, medicine, and accounting. It is expected that you go out to a chartered account and get your books reviewed, or you go to a professional engineer to review and stamp a drawing of a bridge, or you go to a doctor and the doctor refers you to a specialist. It’s the same thing with information technology. I feel that the IT field is very immature, it’s very new; it’s growing at an exponential rate and a lot of the best practices that other professions have, or that you should go out and get an expert opinion. It is not necessarily someone who is your uncle’s neighbor whose son that is really good in computers. I’m talking about someone professional who does this as a living.

Knowing where to begin can be very overwhelming but you can keep it simple by bringing in a consultant in what I call a discovery meeting. This should be a short two hour meeting with no agenda where some basic areas covered. It is a question and answer period where the consultant asks questions to paint the picture of what the organizations IT systems look like. Not everything will have an immediate answer. Certain areas may be focused more heavily based on the answer. The meetings are very organic. They usually help bring to surface unexpected areas of concern. The entire meeting might be sidetracked into a certain topic, but that’s okay, it’s just the first meeting.

As a result of that meeting, you’re going to get some homework. I find that frequently in those discovery meetings it’s very helpful to actually sketch out how the IT systems are related, what components are in play, and what your understandings are. It helps bring forth a lot of issues to surface as many organizations don’t have proper documentation. Organizations are literally flying by the seat of their pants and they’re in firefighting mode. The documentation they have is several years old.

The discovery meeting will bring to surface a number of hot topics. Some might be immediate short term issues and others which are longer term. The discovery meeting also helps establish a new relationship between the organization and the consultant to see if there is a fit. When it comes to IT systems, you really need to trust the consultant as you are divulging a lot of critical information about the way your organization is run. Many times it involves more access, user names, passwords and knowledge than the owner or president of the company. You really want to have a solid relationship in place with the consultant. These meetings helps determine if either want to move forward and in what capacity.

The other benefit from starting with an initial discovery meeting is due to most organizations not wanting to make a big investment. They don’t have budget for this. They’re worried this is going to cost a lot of money. You don’t want someone coming to change everything. Having a two hour meeting is a very minor consultation fee that many organizations use discretionary funds in order to initially pay. Then you can get a sense of feeling whether or not you want to move forward.

For more information, see my book www.ITSurvivalGuideBook.com

Most people are now involved in one or more of the social networking sites that are available online such as Facebook, LinkedIn, MySpace, and Twitter to name a few.

The focus behind social networking is building an online community that shares some common interest. They are mostly web-based and provide a variety of ways to interact such as through your web browser, instant messaging and by email. This isn’t necessarily accessed through your computer, a lot of is now through mobile devices such as iPhones and Blackberries.

Social networking is excellent at reviving old contacts, helping advertise you and your business, and maintaining contacts. It can also be seen as time theft. I would go so far as saying many people even have an addiction that needs to be addressed. There are also risks that need to be considered such as data leakage, identity theft, and virus infections.

Policies should be added regarding your corporations position on social networks as employees may assume that it is authorized without a corporate policy governing acceptable use of the technologies. There are also ways to block access to certain sites through your Internet connection.

One should be careful to ensure these technologies are appropriate for your organization and that the risks do not outweigh the benefits.