Documente Academic
Documente Profesional
Documente Cultură
June 8, 2006
EXECUT I V E S U M MA RY
IT’s strategic plan is an essential tool to run IT like a business. The strategic plan for today’s IT is
different from the strategic plans that IT may have developed five years ago. It is purpose-driven and a
complement to IT governance structures and processes. The structure and content are tailored to this
purpose, avoiding the sprawling documents that tried to cover every possible input and aspect of IT
strategy. And today’s plan must be a living plan, with regular review and updating, thereby providing
long-term direction while maintaining relevancy.
TABLE O F CO N T E N TS N OT E S & R E S O U R C E S
2 Yesterday’s IT Strategic Plan Isn’t Needed Forrester interviewed 31 user companies and
Anymore examined the strategy documents of five more,
5 Make Today’s Strategic Plan Context-Based including: DirectTV, FDIC, Northwest Airlines,
And Purpose-Driven Russell Investment Group, Sonoco Products, and
7 Structure IT’s Strategic Plan In Five Sections UnumProvident.
© 2006, Forrester Research, Inc. All rights reserved. Forrester, Forrester Wave, Forrester’s Ultimate Consumer Panel, WholeView 2, Technographics,
and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.
Forrester clients may make one attributed copy or slide of each figure contained herein. Additional reproduction is strictly prohibited. For
additional reproduction rights and usage information, go to www.forrester.com. Information is based on best available resources. Opinions
reflect judgment at the time and are subject to change. To purchase reprints of this document, please email resourcecenter@forrester.com.
2 Best Practices | Creating The Strategic Plan For Today’s IT
TARGET AUDIENCE
Enterprise architecture executive, chief information officer
“Our project review board was reviewing project lists but lacked context. Now our CIO
is excited because we have business interest — he hopes to get more strategic use of IT
resources.” Chief architect, biotechnology firm
· The relationship manager as a defined role. Relationship managers provide a focal point for
communication, planning, and coordination between IT and its business customers.2 Without
this role, IT’s ability to have a dialogue on business plans and needs was constrained by a lack of
business understanding — resulting in a reactive stance to business requests.
“Relationship Managers are charged with developing the business unit IT plan in partnership
with the business, with representing the overall IT plan back to the business, and with
working to ensure synergy between these two levels of plans.” CIO, commercial mortgage
firm
· Enterprise architecture as a planning discipline. The EA group’s function in the past was
almost exclusively focused on technology selection and technology standards policing. While
this benefited technology decision-making, it had little impact on IT planning. EA’s focus is
broadening to include business applications and services, and it is increasingly taking an active
role in defining IT strategies.3
· SOX raising the profile of IT governance. IT may have been mission-critical to the business,
but IT governance — such as defined decision-making processes and documented plans — was
an afterthought. But Sarbanes-Oxley section 404 compliance combined with COBIT has raised
the visibility of IT governance and increased executive management and Board of Directors
involvement in setting IT directions and overseeing IT investments.4
Impact • Rapidly declines after first budget cycle Provides continuous input to IT operating
• Not measured plans, governance, and portfolio
management
“As a result of strategy development, we’re more in sync with the business and they better
understand IT capacity. Business views strategy as one of the streams they do — IT views
strategy as encompassing everything we do.” Chief architect, major commercial bank
“The Board has become very involved in IT plan development. The Board’s focus: ensuring
IT investments are made in the areas the Board sees as essential to the firm’s success.” CIO,
diversified insurance carrier
· Bringing coherence across the IT organization. Managers across the IT organization are
making daily decisions on projects, product purchases, or staff training and development. These
decisions can build on each other — or they can be at cross-purposes, wasting resources and
degrading capability. And too often, IT reacts to the last and loudest request in, making that the
first request to go out.
“IT absolutely has to have a strategy to provide a platform to support business agility. IT
also needs strategy to manage itself.” VP business planning, apparel manufacturer
“We’re trying to implement a more logical process than the squeaky wheel.” Director of IT
strategy, healthcare insurance provider
structures, such as multiple business lines, the costs of undocumented or vague plans become
manifest in lack of coordination and fragmented execution. Similarly, as IT becomes more complex
and the business dependence grows, the cost of not having a plan is also high because:
“Our IT strategy had mirrored the lack of business strategy — we’ve tried to run it as a
collaboration model, not planning model. But as we doubled in size, we realized we need to
do more long range planning to support continued growth.” CIO, airline
· If you don’t know where you’re going, stakeholders don’t either. Without a plan, IT’s
stakeholders can’t know where their needs fit within IT capacity. More importantly, stakeholders
are more likely to see what IT delivers as disconnected actions with no coherence and
no relationship to their priorities, such as investing in new phone systems when business
management places greater importance on supply chain improvements.
· IT must explicitly acknowledge its business surroundings. Technology is interwoven into all
of a firm’s activities, from integrating M&As to regulatory compliance to paying a salesman’s
commission — and so the firm’s growth trajectory, cost and market pressures, and attitudes
toward risk and technology are inescapable backdrops to IT actions. Without acknowledging
these surroundings, IT’s activities can be disconnected from the firm’s plans. For example, when
international growth is a driver, yet IT has no plans to change from a US-orientation.
fine strategic plan is destined to an early fate as shelfware — and ultimately does more damage to
IT’s credibility than if there were no plan at all (see Figure 3). Factors to consider include:
· The business climate and firm’s culture. How is the firm changing? How fast is it growing, and
where is it growing? What is the relative importance of supporting growth versus controlling
cost? How important does business management view technology to the firm’s plans? Does the
firm have a planning culture, or does it eschew long-term planning? This context will drive the
firm’s pull for IT services and its willingness to support an IT strategic plan.
· IT’s capability and maturity. What are the IT organization’s strengths and weaknesses? Are IT
processes for service management, project management, or IT governance working effectively?
How confident is the business in IT’s capability? These factors may indicate strengths that the IT
strategy should leverage or impediments that must be overcome as part of, or a prerequisite to,
strategy success.
· The state of the technical environment. Are desktops up to current standards? Are key
business applications held together with chewing gum and bailing wire? These are factors that
will either drive the purpose of the strategy — or constrain what IT can accomplish.
Table of Contents
Executive Summary 1
Purpose
Plan highlights
Audience
Strategy
IT Assessment 8
IT Strategy 10
Implementation
Plan Implementation 19
Executive Summary
While the executive summary may be approached as an afterthought, it sets the tone for the
audience and should not be treated haphazardly. Key content items:
· Purpose of the plan. A strategic plan can suit a variety of purposes — and the purpose of the
plan should be stated clearly upfront. For example, if IT is seeking to better align its priorities
with business plans, this intent should be clearly indicated in the executive summary.
· Plan highlights. This is the summary of the major business and IT issues the plan is addressing
and the major strategy elements.
· Audience. Describe who your expected audience is — and what sections they will be most
interested in. Business management may be most interested in ensuring its needs are identified
accurately, whereas IT staff will be more interested in the details of the road maps.
· Supporting business strategy. If the plan’s purpose is to support business strategy, then the
goals and requirements would include the business strategy and plans, business drivers, and
expected changes to business processes.
· Improving business value from IT. If the plan’s purpose is to improve the business value of IT,
then the goals and requirements documented in the strategic plan include the business’ value
chain, operating or go-to-market model, and potentially any SWOT analysis the business has
performed
• Business strategy
· Improving IT efficiency. If the plan’s purpose is to improve IT efficiency, then the relevant
business requirements are perceptions and expectations of IT services and corporate-level
constraints on IT budgets or investments, such as limiting IT to a percentage of revenue or cost
per user.
IT Assessment
The IT assessment describes the gap between what’s necessary to meet business goals and
requirements and current IT capabilities. First describe IT in terms of the solution to address the
needs of the business — the “To Be” state. Then assess where IT is today and the gap with where it
needs to be. Why describe the “To Be” state first? Because this puts more energy into clearly defining
the solution, and the current state assessment is focused on the comparison with this solution — not
on everything about IT, or only what some individuals think is interesting (see Figure 7). If your
plan’s purpose is:
Figure 7 IT Assessment
• Other . . .
· Supporting business strategy. The IT assessment for a plan to support business strategy should
describe the IT capabilities to support this strategy and the comparison to current capabilities.
· Improving business value from IT. If the plan’s purpose is increasing the business value of IT,
then the IT assessment should describe the service offerings and processes to provide increased
value, the current offerings and processes, and the gap.
· Improving IT efficiency. If the plan’s purpose is to increase the efficiency of IT, then the
assessment should describe what efficient IT would look like and compare this with current
practices to document the gap.
IT Strategy
The strategy describes the “how” of how IT will close the gap between where it needs to be
and where it is today — the actions that will be taken or the road maps IT is planning to follow.
Depending upon the purpose of IT’s strategic plan, the strategy may be made up of operating
principles and guidelines to ensure decision-making consistency, of road maps for applications and
services or technology investments, or it may consist of IT programs to improve its performance
and business satisfaction (see Figure 8).
· Principles bring strategic guidance to IT decisions. Decisions are being made across IT and
with business — and no strategy can specify the answer to every decision. Principles fill the
gap, both by influencing the tactical decisions below the level of strategy and by providing
guidance that is relevant across a greater timeframe. Many firms make principles the center of
their strategy — dispensing with road maps and replacing them with decision consistency (see
Figure 9).
· Road maps show the time dimension of the strategy. If the strategic plan is specific about
changes to the application portfolio and infrastructure, then road maps will be the best way
to communicate the changes, the results of the changes, and the investments necessary. There
is more than one type of road map that may be needed: an application portfolio road map
showing new applications being brought online and older ones being retired or an investment
road map showing the spend on major changes, linked to what the major changes are providing
(see Figure 10).
· Program plans clarify IT’s own planned improvements. IT’s own transformation may be
the core of the strategic plan. This might include skills development, process improvement,
governance changes, or the creation of an innovation team. IT’s program plan describes these
initiatives, the results to be achieved, the cost, and their interdependencies. The audience
for this program plan is not just IT — business customers will find these changes and the
relationship to their needs very useful.
Figure 8 Strategy
• IT principles
• Road maps
• Application and service
• Technology
• Investment and return
• IT performance improvement plans
• IT governance changes
• New IT programs (e.g. innovation, other)
• Organization changes
Strategy
• Other (sourcing, etc.)
• Alternatives discussion
Implementation
· IT governance changes support road maps. When the strategic plan lays out road maps
for application evolution or technology investments, IT governance must take on the task
of synchronizing business and IT proposed projects against these road maps. If existing
governance processes do not perform this check, such as if they focused on projects’ business
cases, then the governance model must be changed. Describe it in the strategy, so as to link the
change to the road map strategy.
· New IT programs address new goals. Many IT organizations are finding their goals are
changing — for example, in prior years, the goal was cost containment, but now there is greater
pull from the business for help with innovation. Describe the innovation program and link it to
the business goals and requirements that are driving it.
· Alternatives “not taken” add credibility. A strategy entails decisions — and an effective
strategy benefits from IT and business staff understanding why the strategy is the best solution
to business needs. The strategic plan should document the “why” and also gain credibility from
the discussion of “why not.” For example, a strategic direction for selective outsourcing across
multiple vendors should also explain why a wholesale single vendor outsourcing approach is not
being adopted. But don’t clutter the strategy document with this discussion, and keep it in its
own section.
Principle Implications
We will improve integration and reduce • Vendor management will develop strategic
support costs by favoring application solutions relationships with preferred vendors, and
from a small number of preferred vendors. facilitate regular strategy updates from them.
• If a business need cannot be met by current or
planned offerings, then the PMO will determine
whether to utilize unique solutions from
best-of-breed vendors or conduct small, targeted
development efforts.
IT will continuously reduce the cost of services • Selective outsourcing will be used for
that provide no differentiating value to the infrastructure services and noncore business
business. applications.
• IT will track costs and cost drivers on a per-service
basis.
Plan Implementation
Once a plan is complete and signed off, it has to be put into action. This section should describe how
this will happen — who will be responsible for different initiatives, how oversight will be provided,
and how results will be monitored. For example, firms that use a Balanced Scorecard might update
their scorecard measures to specifically reflect elements of their strategic plan (see Figure 11).6
“We want to avoid shelfware. We have initiative owners with specific plans, monthly status
meetings with the CIO, and quarterly review and planning meetings.” VP IT strategy and
architecture, health insurance carrier
· Make participation as broad as you can afford. While there is always a risk of having too many
people involved with the strategic planning process — discussion gets extended and decisions
take longer — the more people who are involved means the more people who have a stake in
the resulting plan. Take particular pains to get participation by key audiences and stakeholders,
such as business management or line IT leadership. Keeping the participation level may not
be easy —so make the planning process as efficient as possible and the follow-through as
convincing as possible.7
Figure 11 Implementation
Strategy
Implementation
“One thing that made past strategic planning effective was business involvement — but
the hard thing is keeping businesses involved. Their view: ‘strategic planning is used to
justify budget’ — but the IT view is that it is not a one-time process.” VP IT strategy and
architecture, health insurance carrier
· Clearly connect the strategic plan to IT governance processes. The strategic plan must
provide direction to IT governance processes, such as project selection and portfolio
management, or business unit level project planning. For example, portfolio management
processes should use an application road map to evaluate the fit of business project proposals —
and potentially offer suggestions on rescoping them to align better with the road map.
· Market the strategy. Broad participation will help develop momentum behind the strategic
plan — but it is not enough. IT and business staff need to know about the strategy and see how
it is being placed into action. Develop a communications program for the strategy rollout and
make sure to answer the question: “What does this mean to me?”8
“It’s good to have all of the plan in one place — business people & IT people can read the
same material. This promotes common understanding.” Chief architect, global logistics
firm
· Keep the strategic plan a living plan. Make review and refresh of the plan a regular activity.
Take advantage of the fact that review and update of a plan takes less effort than the initial
development — and it keeps the plan relevant to business and IT even as they change.
“We annually update strategy, twice a year we update business architecture, and yearly we
update business blueprints. The steering committee approves and they are then used as
input to proposal review to validate scope and solution.” VP IT strategy and planning,
health insurance carrier
“Multiyear plans that are updated are easier than one-year plans that have to be restarted
from scratch.” Chief architect, diversified commercial and consumer bank
R E C O M M E N D AT I O N S
· Define your goal for your strategic plan. Without a clear set of goals for a strategic plan,
the result easily becomes a sprawling document from which audiences will struggle to get
the most salient points. The result can be the perception of irrelevance. Instead, focus your
planning effort on a few goals, such as increasing business alignment, improving demand
management, or transforming the IT operating model.
· Focus your plan approach around this goal. A clear set of goals drives both the inputs to
the plan and the structure and contents of the plan — making the process more efficient
and less time-consuming. Include business SWOT analysis if your goal requires a clear
understanding of business challenges, but leave it out if your goal is to improve IT’s service
delivery performance. Similarly, include IT skills assessment if your goal is to improve the
alignment of IT capacity with business demand, but leave it out if it is not significant to the
goal you are trying to achieve. When you document IT principles, focus on the ones that
directly link to the results you are seeking.
· Track the results. The best-laid plan is of little value unless it produces results — and the
only way to ensure it is producing results, or address reasons why it is not, is to track the
results. If the strategic plan provides input to your project portfolio management process,
define the metrics that show whether your project goals are being achieved. Take a process
improvement perspective: Define the desired results, track them, and if the actuals diverge
from the expected, analyze why and institute corrective actions.
· Institutionalize planning discipline. If the practice is to develop a strategic plan only “every
three years” or “only when needed,” then you will face the dual challenges of “starting from
scratch” each time and developing a plan that stays relevant and action-producing even as
the business and IT landscape changes. A better practice is to institutionalize it as an annual
process with quarterly checkpoints, and use this increased frequency to tune your planning
methodologies as well as make midcourse corrections.
W H AT I T M E A N S
· Solid Utilities: Your plan should describe how you deliver cost-effective services. Solid
utilities must provide the level of service the business needs, at a cost aligned with the
business’ willingness to pay. A strategic plan for this IT type will describe how this service-
level alignment with business needs will occur, addressing items such as cost transparency,
satisfaction level measurement, and operational efficiency.
· Trusted Suppliers: Document steps to improve business “trust.” Use your strategic plan
to set business expectations on priorities and capacity. Make sure there is a link between
your plan and your structures for IT governance and portfolio planning, and connect the
investments in IT technology and skills to improvements in IT delivery performance.
· Partner Player: Focus on the principles used to guide joint decision-making. As a partner
player, you are aligning with the dynamics of business change. Road maps for applications
and infrastructure improvements are important to this relationship only to the extent that
they address how you will increase proficiency at changing at the speed of business. More
important than road maps to this relationship is developing the IT principles that help
business partners and IT collaborate on business planning.
· Plan your archetype evolution. Many IT organizations desire to transition from one type,
such as a utility, to another type, such as being the business’ partner. This isn’t possible unless
the business is ready for a new relationship — but your plan can guide how you will prepare
it for a new relationship: building supplier credibility or increasing collaboration within
solution definition and delivery.
SUPPLEMENTAL MATERIAL
Companies Interviewed For This Document
Aetna Marriott
American Heart Association Media General
Applera Corporation MoneyGram
AutoNation Northern Trust
Blue Cross Blue Shield Association Northwest Airlines
CIBC Norton Healthcare
The Clarks Companies N.A. PSE&G
Comerica Bank Russell Investment Group
DirectTV Schenker AG
E.ON UK ServiceMaster
FDIC Shaw Cablesystems
Highmark Sonoco Products
JetBlue UnumProvident
Kimball International Plus additional firms that declined to be
identified
Laurentian Bank of Canada
ENDNOTES
1
IT portfolio management is a key part of the overall IT governance process and consists of the
consolidation of IT’s plans to support the business in meeting its strategic goals. The portfolio consists of
current investments, current initiatives, and externally mandated initiatives, allowing trade-offs to be made
across these plans. See the September 29, 2004, Best Practices “Defining IT Portfolio Management” and see
the September 30, 2005, Best Practices “Optimizing the IT Portfolio for Maximum Business Value.”
2
Forrester has identified relationship management as a strategic IT function and essential for the
communication between IT and the business on plans, needs, and issues. See the August 13, 2004, Best
Practices “Relationship Managers Extend The CIO’s Power And Awareness.”
3
A September 2005 survey shows a maturing of the enterprise architecture function in those firms that have
established an EA group. These EA groups are reporting to the strategic levels of the IT organization: the
CTO, VP or director of planning and strategy, or the CIO. EA groups have been given broad responsibility
and are engaged with other IT processes and IT projects. The structure of the EA group reflects a greater
involvement with the rest of IT. See the October 27, 2005, Quick Take “The Maturing Of The EA Function.”
4
Boards of directors, executive management, and IT management all have a vested interest in IT governance
— their common goal is to maximize the business value derived from IT investments while managing risk.
The starting point for an IT governance framework should be COBIT, because it is the most comprehensive
IT governance framework available today. COBIT is designed for three constituencies: management, users,
and auditors. See the January 6, 2006, Trends “COBIT Versus Other Frameworks: A Road Map To
Comprehensive IT Governance.”
5
Forrester has identified business factors that are the most significant drivers of IT spending. These include
technology’s role in products and services, business volatility, competitive pressure, and geographic scope.
Forrester has also identified IT factors that have a substantial impact on IT execution, such as IT’s maturity
as a business operation, how IT relates to its business stakeholders, and technology’s link to the firm’s
business strategy. See the June 6, 2005, Best Practices “The Economics Of IT.”
6
David Norton and Robert Kaplan’s Balanced Scorecard methodology has been adapted for IT organizations
as an IT strategic measurement and management system. See the October 15, 2004, Best Practices “The
Balanced Scorecard: An IT Perspective” and see the September 30, 2005, Best Practices “The IT Balanced
Scorecard – Metrics That Count.”
7
Forrester surveyed 922 North American IT and business decision-makers regarding their approach to IT
governance. We asked about the participation of business and IT in establishing the firm’s IT strategy. Fifty-
two percent of respondents indicated that business and IT collaborate equally in setting direction, while
27% stated that corporate IT is the primary contributor to strategy, and 17% said that business units set the
IT strategy. See the September 30, 2005, Trends “Firms Have Less Centralized IT In 2005.”
8
IT must move to a campaign-based approach to communicating IT’s value, creating and communicating
IT’s mission and brand, and guiding the adoption and use of new technologies. See the August 23, 2005,
Best Practices “The Marketing Of IT.”
9
CIOs must understand that there is no one type of IT organization right for all enterprises and all industries.
Instead, there are three clear archetypes for successful IT organizations: Solid Utilities, Trusted Suppliers,
and Partner Players. Understanding which is which helps articulate IT strategy, dictate trade-offs, and help
IT achieve its goal of running more like a business. Top management expectations dictate which type is
right — but overall IT maturity constrains or enables performance within each archetype. See the March 22,
2006, Trends “The Three Archetypes Of IT.”
39515