What is the future of the Traditional IT Org?
Cloud Computing has fundamentally changed the underlying economic model on which most centralised “Group IT” departments were built.
Centralised IT departments were created primarily to achieve economies of scale from the capital-intensive purchasing and management of IT infrastructure in large, shared data-centres. Now, that role has been taken over by the hyper-scale cloud providers (Amazon AWS, Microsoft Azure and Google GCP), and “on-demand” infrastructure is available to any department or Line Of Business (LOB) that has a credit card or purchase order number with which to procure it.
In many organisations this move away from power of the centralised IT Department has been underway for some time – it’s called it “Shadow IT”. LOBs or business functions like Marketing were tired of waiting for applications or infrastructure and either:
– Built their own (using 3rd party development companies combined with managed service providers (MSPs) to run the application once it went live)
– or leveraged the explosion of SaaS solutions to meet their needs.
– All of this outside of the control of the CIO, paid for from a different budget, with often variable levels of quality and security.
For many organisations this represents a governance and compliance nightmare, whilst for others a “don’t ask, don’t tell” policy of tacit compliance to “Shadow IT” has operated as long as the business unit was hitting its financial targets. They didn’t want to “kill the goose that laid the golden egg”, particularly for rapidly growing ‘Digital’ divisions, by enforcing what was seen as the cumbersome and overly bureaucratic processes of the ‘legacy’ IT department.
For many organisations the fear that the traditional IT function would strangle the innovation nurtured by “Shadow IT” is, sadly, well founded. For example, many organisations have tried to blindly apply the processes, governance and security controls that they use on-premise to dynamic cloud environments and ended up with a “data centre in the cloud” that is expensive, slow and not fulfilling the promise of fast, cheap utility computing. What they should have done is examine their control objectives and created a new set of cloud-native controls to meet the needs of the new cloud model.
For other organisations the conflict was more political – any IT capability outside of central IT was seen as a threat to the power and influence of the IT organisations and needed to be stopped, fast. This is the “organisational immune response”, and just like the immune responses inside your body, it seeks to envelop and ultimately destroy the foreign body (regardless in this case if the “Shadow IT” was delivering real value to the organisation).
Savvy CIOs, often in partnership with new CDOs, who understand that a change in the economic model (ie. cloud) needs a change in organisational design have sought to embrace the line-of-business led IT model, and to bring “Shadow IT” into the mainstream.
They are re-imagining the role of the central IT function whilst devolving IT responsibility out to the LOBs (i.e. disintermediation) where the iterative feedback cycle between business need and IT supply can be faster and more effective. They are doing this by using Cloud and DevOps as the transformative technologies that enable this devolution whilst still ensuring high standards of cyber-security, governance, cost control etc.
There are normally 5 steps to this process:
– Make costs visible via “show back” – show each LOB exactly what their share of the global IT bill would be. For some organisations with great cost accounting in place this would be a real number based on what that division consumes but in reality some of this apportionment of costs normally has to be done of a “best guess” basis based on some bitterly contested but ultimately agreed upon formula that uses proxy measures like headcount, revenue, profit to divide up costs.
– Make costs painful via “charge back” – start directly charging costs back to the LOBs, so that it appears on their P&L and Balance Sheet. Make them feel the pain and create an incentive to change aka the “burning platform” of these costs.
– Hand them responsibility for the costs – devolve control over as much of the IT estate as possible directly into the control of the LOBs, and enable them to control their own destiny going forward.
– Provide enablement services to help them improve – a key role of central IT in this transformation is to provide enablement services. We regularly see cloud enablement teams, devops enablement teams etc being spun up to help organisations adopt Agile, Continuous Delivery, DevOps, Cloud etc. Note these are sometimes called “Centres of Excellence” (CoE) but we prefer the less elitist and more approachable “enablement team” terminology. Often these teams will provide a library of shared templates for devops tools like Terraform, Ansible, Puppet etc to gives the newly empowered devolved teams a high-quality foundation upon which to build. Think of these as Enterprise-wide open source projects that everyone can contribute to continuously improve these foundations
Provide a set of core platform services “as-a-service” – central IT may still provide a set of core “platform-as-a-service” solutions to the LOB’s. For example a shared CI/CD platform or a container orchestration platform such as Kubernetes. In many cases these will be built in partnership with the chosen cloud vendor e.g. https://azure.microsoft.com/en-gb/services/kubernetes-service/ Azure AKS
https://aws.amazon.com/eks/ AWS EKS provide PaaS Kubernetes platforms that cloud form part of these shared platforms.
The key here, however, is that these MUST be offered as true “internal PaaS” services – where the LOBs are free to consume as much or as little as they want, on-demand, via a metered usage model. This is not your old-school “send in a ticket and wait 8 weeks for IT to respond” model! Governance and cyber-risk controls should also form part of these shared PaaS platforms, ideally embedded as “policy as code” like azure governance policy overview.
So to answer the question posed at the start – “What is the future of central “Group IT” Departments?” – the future is smaller, leaner, automated platform-building, best practice sharing, enabling and empowering team whose job is to disintermediate themselves from IT delivery wherever possible to enable line-of-business aligned product teams to flourish and rapidly meet the needs of their customers and stakeholders.