“In preparing for battle I have always found that plans are useless but planning is indispensable”
Dwight D. Eisenhower
Technology is everywhere in business and society and is a significant investment or expenditure for most organizations, so planning what technology you need and how you will use it is an important part of good business management and a key to success in our digital world.
This blog is not just about traditional Information Technology that automates accounting processes like invoicing, payment and payroll. IT planning to understand these needs and put the right systems in place was, and still is, a smart thing to do to stay competitive and manage costs and risks. Today, most organizations also make use of Operational Technology (‘OT’) and Internet of Things (‘IoT’).
What’s Operational Technology and Internet of Things?
This blog article is about IT, OT and IoT planning, or simply, ‘Technology Planning’ and related risks.
Operational Technology means different things to different people. In simple terms, it automates physical machinery rather than financial data processing. Examples include: shop-floor automation of parts assembly; remote control of drones and vehicles; and having the lights go off in your office automatically as part of being ‘green’. IoT is really just OT that is somehow connected to the internet, and these operational systems are now connected to traditional IT systems. This stuff can be pretty cool for business and personally as consumers, but the downside can be more serious than IT fails like incorrect reports or a privacy breach, because of the physical nature of these systems. Cyberspace is connected to the real world! Hackers demonstrated how easy it was to take over a car years ago.
If business planning helps get the results you want – increased revenue, reduced costs, avoid problems, then technology planning should follow the same thinking including understanding what external and internal technology changes have occurred for better or worse, what you have now and how well it serves its purpose (which is to support and enable the business), and ultimately how to adapt or react.
Three parts to Technology Planning
- Define IT, OT and IoT Strategies. This starts with linking business strategy and goals to the technology you have and how much you spend on technology to support the business, and what is available and used by your competitors or even in other business sectors with similar customer or process opportunities or challenges.
- Then define information and technology automation requirements needed to grow and run the business including controls and security needs to address risks.
- From your understanding of the ‘landscape’ and your needs, define your technology architecture – what technology you will use, and how all the hardware, software, communications, and data need to come together to work properly.
Three reasons to do technology planning
- Strategy doesn’t happen by chance. And failing to adapt or keep up can leave you behind – your products or services no longer relevant or just too costly. Failing to keep up with competitors, supply chain, customer expectations, and regulatory obligations could cause problems like losing customers to more attractive competitors or ‘disruptors’ and having higher costs. Without a business-driven Technology Plan, decisions on operations, new systems, and cyber security can be arbitrary, costly, and not deliver. You may end up reacting to someone else’s agenda. This is not a good path. With a plan, you are in the driver’s seat and have a point of view and context for technology decisions.
- You can increase the certainty of selecting the right technology strategy for your organisation, and achieving important technology dependent business objectives, protecting your information and technology assets, and creating trusted digital relationships with stakeholders.
- Having a plan can also help with adjusting quickly and carefully for surprises like the Covid pandemic and the resulting ‘work-from-home’ changes, or an unplanned acquisition or other great business opportunity.
Three main steps
The first thing to do is to understand what technology you have now and how well it serves the business in terms of growth, cost, speed, and risk. This starts with a mapping exercise to identify and understand the relationships between business objectives and processes and the technology you have. You might be surprised with how much your organisation is really spending not just in the classic IT department but in ‘shadow IT’ and end-user devices. The objective is to understand how well your current technology works in supporting business processes and business management versus your spend. They key is to identify where technology is not serving the business well. Where are the strengths, and more importantly the weak spots?
Next, look around and learn from others. What are your competitors and leaders in your industry doing with technology? What successes and failures occurred? This will help you understand the ‘art of the possible’ and whether you are ready to make great leaps forward or maybe just chisel away at improvements, or a bit of both. There is no right answer here, but the phrase ‘bleeding edge’ is meaningful. You don’t have to be first, but you also don’t want to be last. And ignoring trends for too long can be fatal – remember Blockbuster?
Finally, plan to improve how you use existing systems or adopt new technology and define a mid-to-long term direction based on business priorities and constraints. This includes managing opex and capex budgets, and balancing current technology operations, changes, and projects consciously. Part of this includes dealing with old technology over time before costs escalate or it just fails. With the information you have gathered, choices can be made on what stays the way it is, what gets fixed up, what needs replacement, and how these decisions will get acted on. For example, do you need to support multiple laptop and other endpoint systems and devices? How will you deal with ‘BYOD’ (Bring Your Own Device)? Do you need to look for ‘best of breed’ systems and pull them all together yourself, or can you make use of integrated application, infrastructure and cybersecurity products or services to meet business objectives? Should we ‘go to the cloud’ partially or totally, now or later? Most importantly, figure out what people and skills you need to execute your plan.
In Summary
Technology Governance ensures that technology plans and objectives that support business strategy and goals are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritisation and decision making; and monitoring performance, compliance and progress against agreed direction and objectives. Setting a business-driven direction for your use of technology and making plans to act on that direction is the first important step.
Failure to plan is planning to fail. So do enough (business and) technology planning that makes sense for your organisation. Keeping it short and sweet is fine.
For more details, or to learn how our Risk Advisory Team can help you and your organization with Technology Governance, please reach out to one of our Welch Risk Advisory team members.