Common sense dictates that we invest in those technologies that will bring us the greatest return on investment. However, investing in IT is not only about seeking to maximize profitability or superior mission execution, but also about mitigating risk.
MIT Sloan Management Review, Spring 2009, discusses the need to balance between two types of investment risks.
The first, and obvious one is financial risk—“the failure to achieve satisfactory returns from an investment;” those organizations that load up on too much financial risk, can actually put themselves in danger of not being able to stay financially solvent i.e. too many poor investments and the company can be sunk!
The second risk is competitive risk—“the failure to retain a satisfactory competitive position for lack of investment.” Organizations that are too conservative and don’t invest in the future put themselves at risk of falling behind the competition, and may be even out of the race altogether.
So how do we balance these two risks?
On one hand, we need to make critical new IT investments to stay competitive and become more effective and efficient over time, but on the other hand, we need to manage our money prudently to stay on solid financial footing.
Managing financial risk is a short-term view—similar to looking at the daily stock market prices or quarterly financial returns; if we can’t meet our financial obligations today or tomorrow, game over. While managing competitive risk is a long term perspective on investing—we need to remain agile amidst our marketplace competitors and outmaneuver them over time picking up additional customers and market share and building brand and satisfaction.
In information technology management, we must manage both the short-term financial risk and the long-term competitive risks.
What tools are in the CIO’s arsenal to manage these risks effectively?
Enterprise architecture planning is a strategic function that takes a primarily top-down view and assesses organizational requirements (including competitive needs) and drives IT investments plans to meet those needs. In this way, EA manages competitive risk.
IT governance or capital planning and investment control is a bottom-up view that helps us manage shorter-term financial risks by providing a structure and process for vetting IT investments and prioritizing those. Sound IT governance helps us limit financial risk.
So we attack the risks from both ends—from the top and from the bottom.
While we cannot entirely eliminate the risks of failed IT investments or of missing opportunities to knock the competition off its feet, we can manage these by architecting our enterprise for long-term success and by appropriately scrutinizing the selection, control and evaluation of our investments so that we safeguard our financial resources.
So the CIO can err by going too far in either direction:
So a balance needs to be maintained.
“More specifically, a balance should be maintained between errors of omission and commission.” Fail to invest and modernize the organization’s technology and you commit the error of omission. Invest overly aggressively and you commit the error of commission. “A balance must be struck between the error of pursuing too many unprofitable investment opportunities as opposed to the error of passing up too many potentially profitable ones.”