Tag Archives: budget

IT Strategy: Launching the Right Projects at the Right Time

A recent article on Bank Systems and Technology highlights a very difficult and often misunderstood need and method of aligning technology projects to core business requirements.  The author is a thought leader in the space and provides great information to consider.  There are specific enhancements I would make to their approach.
A common mistake in the technology world is to engineer for engineering’s sake.  This is followed based on the idea that if we add more features and increase the throughput, surely the business will be enamored by the results and grateful for the effort undertaken (whether we are buying a product or having developed it internally).  This is fundamentally the problem with the discrepancies that result.  Technology does not need to simply extend itself, but should be evolving to meet the new challenges – i.e., the same appliance configured and deployed in the same manner may not be appropriate.
Considering this discrepancy in thought, I would suggest an alternate set of project prioritization checklist for business and technologists:

  1. Technologists and Lines of Business owners should collaborate on the near term challenges of the business -> i.e., identify the problems holding back the business
  2. Based on this business problem list, identify the possible solutions – considering existing technology and alternate deployments
  3. Identify the low hanging fruit – i.e., sort the technology solutions by cost/effort with that of the business problems, and tackle the quickest returns first.
  4. Projects should show returns in weeks, not months
  5. Projects should be accountable to the Line of Business Owner, and it should be reflected in their P&L
  6. Repeat steps 3 – 6, and every couple of months restart at the beginning – especially as the business environment and operating environments change (As the business changes, so must the technology contributing to operations).


Thank you to Deb Smallwood and Karen Furtado of SMA for contributing the article that inspired my own process.

Best regards,

James DeLuccia IV

Devolution, Forrester, Synergies, and reducing TOC

Devolution was pitched yesterday by Forrester Researcher Andrew Jaquith – on a Webcast entitled “Effective Data Security: No Forklift Required”. I quite enjoyed the presentation and thought the concepts were timely and consistent with what have been needed in the market. In fact, I spoke on this last year at the RSA Conference 2008 and dedicate a portion of my book IT Compliance and Controls on this concept. However, my focus was on synergies across business controls and operation targets and less upon the DLP type challenges Forrester was addressing. The Forrester Research provided good details into the expected shifts in budget, but not the shift in how IT functions and security safeguard requirements shall evolve in these situations.

There is tremendous value to be gained from current technology deployments, and tremendous waste occurs when organizations do not communicate. While that is not a very insightful statement one should consider – Organizations that require their technology to met 99.9xx% uptime and undergo several audits on privacy / pci / sox / IFRS / FISMA / HIPAA that do not align these underlying technology components are wasting money and time. Specifically, according to my research and field experience these institutions tend to be more INsecure despite the heavy focus on meeting audit deadlines and customer SLA. To save on budget, regardless of the state of economy, find synergies and move forward with better security and less service problems. A key litmus test – does your staff have to respond more then once for an audit – if so, this is a symptom of wasted effort and untapped budget flexibility.

During the Forrester call there were several great questions posed. If you are able to attend future Research calls I would advise posting questions to ensure maximum value.

Thoughts and Comments?

James DeLuccia IV

**Speaking at RSA 2009 on the Payment Card Industry, April 22nd 2009**